Zoek:
Zoek.exe v5.0.0.1 Updated 27-09-2015
Tool run by Jakub on ne 26.02.2017 at 13:30:47,52.
Microsoft Windows 10 Home 10.0.14393 x86
Running in: Normal Mode No Internet Access Detected
Launched: C:\Users\Jakub\Downloads\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
26.2.2017 13:32:12 Zoek.exe System Restore Point Created Successfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
127.0.0.1 localhost
==== Empty Folders Check ======================
C:\Program Files\AGEIA Technologies deleted successfully
C:\Program Files\DSPRobotics deleted successfully
C:\Program Files\Common Files\Blizzard Entertainment deleted successfully
C:\PROGRA~2\Avira deleted successfully
C:\PROGRA~2\BlueStacksSetup deleted successfully
C:\PROGRA~2\Comms deleted successfully
C:\PROGRA~2\SoftwareDistribution deleted successfully
C:\Users\Administrator\AppData\Local deleted successfully
C:\Users\DefaultAppPool\AppData\LocalLow deleted successfully
C:\Users\Guest\AppData\Local deleted successfully
C:\Users\HomeGroupUser$\AppData\Local deleted successfully
C:\Users\kuvwqppwaikg\AppData\Local deleted successfully
C:\Users\Public\AppData\Local deleted successfully
C:\Users\Jakub\AppData\Local\CrashDumps deleted successfully
C:\Users\Jakub\AppData\Local\EmieSiteList deleted successfully
C:\Users\Jakub\AppData\Local\EmieUserList deleted successfully
C:\Users\Jakub\AppData\Local\NetworkTiles deleted successfully
C:\Users\Jakub\AppData\Local\Skype deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Maps deleted successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\NetworkTiles deleted successfully
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\xwMkUhdM.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
Added to C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\xwMkUhdM.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Deleting Files \ Folders ======================
C:\Program Files\AGEIA Technologies not found
C:\Program Files\DSPRobotics not found
C:\Program Files\Steam deleted
C:\Users\Jakub\AppData\Roaming\.technic deleted
C:\Program Files\Age of Empires II HD The Forgotten deleted
C:\Program Files\Age Of Empires 2 & The Conquerors Expansion - Full Game deleted
C:\PROGRA~2\Package Cache deleted
C:\Users\Jakub\AppData\Local\{3248F0A6-6813-11D6-A77B-00B0D0150050} deleted
C:\Users\Jakub\AppData\Local\{A51078CA-7A85-4433-8D2D-35FB5D9A9609} deleted
C:\Users\Jakub\AppData\Local\{DF34A0B1-AE3D-4CF2-9687-8A9477373E5E} deleted
C:\WINDOWS\system32\GroupPolicy\Machine deleted
C:\WINDOWS\system32\GroupPolicy\User deleted
"C:\Windows\Installer\277ece.msi" deleted
==== Firefox Start and Search pages ======================
ProfilePath: C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\xwMkUhdM.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Firefox Extensions ======================
==== Firefox Plugins ======================
Profilepath: C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\xwMkUhdM.default
04AF8BC83A89D9B71F7E0BCAF9FDD768 - C:\Program Files\Adobe\Reader 8.0\Reader\browser\nppdf32.dll - Adobe Acrobat
52CE0DBFD9738AE528CF525A0367EBEB - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin
ED928B3A674DDF04C2EC809AF1D16EA6 - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll - NVIDIA 3D VISION
E296CEF3023B027AD936227711BB8ACC - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll - NVIDIA 3D Vision
FFF2362F6B4A46D4BC1D147E79A7547B - C:\ProgramData\NexonEU\NGM\npNxGameeu.dll - Nexon Game Controller
3B00376AE69AC2E815425E54DEBFF750 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Photo Gallery
CDDAE185ACE26369B2DC18D494BAF018 - c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll - Silverlight Plug-In
7850B31195A7E1E7152C6A6AE8E7F85A - C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll - Java(TM) Platform SE 8 U91
B79FD6F0CF022F9410C48A3FB230637A - C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 8.0.910.15
09BC537F9D0D2611FF4969DE453581C2 - c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrlui.dll - Microsoft® Silverlight
==== Chromium Look ======================
Google Chrome Version: 46.0.2490.86
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
flliilndjeohchalpbbcdekjklbdgfkk - No path found[]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[03.03.2014 09:53]
Skype - Jakub\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Chrome Media Router - Jakub\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm
==== Chromium Fix ======================
C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\https_c.betrad.com_0.localstorage deleted successfully
C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.msn.com/?pc=SK2M&ocid=SK2MDHP&osmkt=en-ww"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] not found
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.msn.com/?pc=SK2M&ocid=SK2MDHP&osmkt=en-ww"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
==== Reset Google Chrome ======================
C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Profile 1\Preferences was reset successfully
C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Profile 1\Secure Preferences was reset successfully
C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data was reset successfully
C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data-journal was reset successfully
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9C8928403D4AB094F99FBA20A329833F deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Age Of Empires 2 & The Conquerors Expansion - Full Game deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\9C8928403D4AB094F99FBA20A329833F deleted successfully
==== Empty IE Cache ======================
C:\Users\Jakub\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Jakub\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Jakub\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Jakub\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Profile 1\Cache emptied successfully
==== Empty All Flash Cache ======================
No Flash Cache Found
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=8806 folders=952 3242168627 bytes)
==== Empty Temp Folders ======================
C:\WINDOWS\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\WINDOWS\Temp successfully emptied
C:\Users\Jakub\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on ne 26.02.2017 at 14:33:39,22 ======================
Prosím o kontrolu logu
Re: Prosím o kontrolu logu
Zemana AntiMalware:
Zemana AntiMalware 2.72.2.101 (instalační verze)
-------------------------------------------------------
Scan Result : Dokončeno
Scan Date : 2017.2.26
Operating System : Windows 10 32-bit
Processor : 2X AMD Athlon(tm) II X2 240 Processor
BIOS Mode : Legacy
CUID : 123E26C872B07A7D8F89AB
Scan Type : Skenování systému
Duration : 39m 23s
Scanned Objects : 221665
Detected Objects : 11
Excluded Objects : 0
Read Level : SCSI
Auto Upload : Vypnuto
Detect All Extensions : Vypnuto
Scan Documents : Vypnuto
Domain Info : WORKGROUP,0,2
Detected Objects
-------------------------------------------------------
Trojan:Win32/Poweliks
Status : Skenováno
Object : %systemroot%\system32\tasks\{e94e52bb-a05b-4afe-bf17-c281ada79c89}|c:\program files\internet explorer\iexplore.exe
MD5 : -
Publisher : -
Size : -
Version : -
Detection : Fileless Malware
Cleaning Action : Vymazat
Related Objects :
Naplánovaná úloha - C:\WINDOWS\System32\Tasks\{E94E52BB-A05B-4AFE-BF17-C281ADA79C89}
{05ef766e-77c6-4bca-8dd7-42a694a7b502}
Status : Skenováno
Object : NE->c:\windows\system32\tasks\{05ef766e-77c6-4bca-8dd7-42a694a7b502}
MD5 : -
Publisher : -
Size : -
Version : -
Detection : Adware:Win32/CHR.TASKSCHD.GEN.A!Neng
Cleaning Action : Karanténa
Related Objects :
(null) - (null)
{255f4d84-01b3-47f7-b113-50176d699a5f}
Status : Skenováno
Object : NE->c:\windows\system32\tasks\{255f4d84-01b3-47f7-b113-50176d699a5f}
MD5 : -
Publisher : -
Size : -
Version : -
Detection : Adware:Win32/CHR.TASKSCHD.GEN.A!Neng
Cleaning Action : Karanténa
Related Objects :
(null) - (null)
{3d7b948f-b370-47b5-af83-b1a3cba4817e}
Status : Skenováno
Object : NE->c:\windows\system32\tasks\{3d7b948f-b370-47b5-af83-b1a3cba4817e}
MD5 : -
Publisher : -
Size : -
Version : -
Detection : Adware:Win32/CHR.TASKSCHD.GEN.A!Neng
Cleaning Action : Karanténa
Related Objects :
(null) - (null)
{4dd6d639-cc98-4e42-ac56-aa36b84e59b6}
Status : Skenováno
Object : NE->c:\windows\system32\tasks\{4dd6d639-cc98-4e42-ac56-aa36b84e59b6}
MD5 : -
Publisher : -
Size : -
Version : -
Detection : Adware:Win32/CHR.TASKSCHD.GEN.A!Neng
Cleaning Action : Karanténa
Related Objects :
(null) - (null)
{6e24917b-adf8-4f2a-a75d-422397ea5df7}
Status : Skenováno
Object : NE->c:\windows\system32\tasks\{6e24917b-adf8-4f2a-a75d-422397ea5df7}
MD5 : -
Publisher : -
Size : -
Version : -
Detection : Adware:Win32/CHR.TASKSCHD.GEN.A!Neng
Cleaning Action : Karanténa
Related Objects :
(null) - (null)
{7b29c8a2-3f7a-4611-8dfb-77d62ee6dc5b}
Status : Skenováno
Object : NE->c:\windows\system32\tasks\{7b29c8a2-3f7a-4611-8dfb-77d62ee6dc5b}
MD5 : -
Publisher : -
Size : -
Version : -
Detection : Adware:Win32/CHR.TASKSCHD.GEN.A!Neng
Cleaning Action : Karanténa
Related Objects :
(null) - (null)
{8d4aa04d-9519-40cf-b4b0-48b5b573f0c9}
Status : Skenováno
Object : NE->c:\windows\system32\tasks\{8d4aa04d-9519-40cf-b4b0-48b5b573f0c9}
MD5 : -
Publisher : -
Size : -
Version : -
Detection : Adware:Win32/CHR.TASKSCHD.GEN.A!Neng
Cleaning Action : Karanténa
Related Objects :
(null) - (null)
{a6235a17-ec21-4a4d-9c17-7de386fc72b0}
Status : Skenováno
Object : NE->c:\windows\system32\tasks\{a6235a17-ec21-4a4d-9c17-7de386fc72b0}
MD5 : -
Publisher : -
Size : -
Version : -
Detection : Adware:Win32/CHR.TASKSCHD.GEN.A!Neng
Cleaning Action : Karanténa
Related Objects :
(null) - (null)
{c46e5936-604c-4ab1-a79d-38c6a1cd8709}
Status : Skenováno
Object : NE->c:\windows\system32\tasks\{c46e5936-604c-4ab1-a79d-38c6a1cd8709}
MD5 : -
Publisher : -
Size : -
Version : -
Detection : Adware:Win32/CHR.TASKSCHD.GEN.A!Neng
Cleaning Action : Karanténa
Related Objects :
(null) - (null)
{fc1da9c3-a138-44ba-b18e-0f29ddbc1a6d}
Status : Skenováno
Object : NE->c:\windows\system32\tasks\{fc1da9c3-a138-44ba-b18e-0f29ddbc1a6d}
MD5 : -
Publisher : -
Size : -
Version : -
Detection : Adware:Win32/CHR.TASKSCHD.GEN.A!Neng
Cleaning Action : Karanténa
Related Objects :
(null) - (null)
Cleaning Result
-------------------------------------------------------
Cleaned : 11
Reported as safe : 0
Failed : 0
Zemana AntiMalware 2.72.2.101 (Installed)
-------------------------------------------------------
Scan Result : Terminated
Scan Date : 2017.2.26
Operating System : Windows 10 32-bit
Processor : 2X AMD Athlon(tm) II X2 240 Processor
BIOS Mode : Legacy
CUID : 123E26C872B07A7D8F89AB
Scan Type : System Scan
Duration : 0m 28s
Scanned Objects : 1869
Detected Objects : 0
Excluded Objects : 0
Read Level : SCSI
Auto Upload : Disabled
Detect All Extensions : Disabled
Scan Documents : Disabled
Domain Info : WORKGROUP,0,2
Detected Objects
-------------------------------------------------------
No threats detected
Zemana AntiMalware 2.72.2.101 (instalační verze)
-------------------------------------------------------
Scan Result : Dokončeno
Scan Date : 2017.2.26
Operating System : Windows 10 32-bit
Processor : 2X AMD Athlon(tm) II X2 240 Processor
BIOS Mode : Legacy
CUID : 123E26C872B07A7D8F89AB
Scan Type : Skenování systému
Duration : 39m 23s
Scanned Objects : 221665
Detected Objects : 11
Excluded Objects : 0
Read Level : SCSI
Auto Upload : Vypnuto
Detect All Extensions : Vypnuto
Scan Documents : Vypnuto
Domain Info : WORKGROUP,0,2
Detected Objects
-------------------------------------------------------
Trojan:Win32/Poweliks
Status : Skenováno
Object : %systemroot%\system32\tasks\{e94e52bb-a05b-4afe-bf17-c281ada79c89}|c:\program files\internet explorer\iexplore.exe
MD5 : -
Publisher : -
Size : -
Version : -
Detection : Fileless Malware
Cleaning Action : Vymazat
Related Objects :
Naplánovaná úloha - C:\WINDOWS\System32\Tasks\{E94E52BB-A05B-4AFE-BF17-C281ADA79C89}
{05ef766e-77c6-4bca-8dd7-42a694a7b502}
Status : Skenováno
Object : NE->c:\windows\system32\tasks\{05ef766e-77c6-4bca-8dd7-42a694a7b502}
MD5 : -
Publisher : -
Size : -
Version : -
Detection : Adware:Win32/CHR.TASKSCHD.GEN.A!Neng
Cleaning Action : Karanténa
Related Objects :
(null) - (null)
{255f4d84-01b3-47f7-b113-50176d699a5f}
Status : Skenováno
Object : NE->c:\windows\system32\tasks\{255f4d84-01b3-47f7-b113-50176d699a5f}
MD5 : -
Publisher : -
Size : -
Version : -
Detection : Adware:Win32/CHR.TASKSCHD.GEN.A!Neng
Cleaning Action : Karanténa
Related Objects :
(null) - (null)
{3d7b948f-b370-47b5-af83-b1a3cba4817e}
Status : Skenováno
Object : NE->c:\windows\system32\tasks\{3d7b948f-b370-47b5-af83-b1a3cba4817e}
MD5 : -
Publisher : -
Size : -
Version : -
Detection : Adware:Win32/CHR.TASKSCHD.GEN.A!Neng
Cleaning Action : Karanténa
Related Objects :
(null) - (null)
{4dd6d639-cc98-4e42-ac56-aa36b84e59b6}
Status : Skenováno
Object : NE->c:\windows\system32\tasks\{4dd6d639-cc98-4e42-ac56-aa36b84e59b6}
MD5 : -
Publisher : -
Size : -
Version : -
Detection : Adware:Win32/CHR.TASKSCHD.GEN.A!Neng
Cleaning Action : Karanténa
Related Objects :
(null) - (null)
{6e24917b-adf8-4f2a-a75d-422397ea5df7}
Status : Skenováno
Object : NE->c:\windows\system32\tasks\{6e24917b-adf8-4f2a-a75d-422397ea5df7}
MD5 : -
Publisher : -
Size : -
Version : -
Detection : Adware:Win32/CHR.TASKSCHD.GEN.A!Neng
Cleaning Action : Karanténa
Related Objects :
(null) - (null)
{7b29c8a2-3f7a-4611-8dfb-77d62ee6dc5b}
Status : Skenováno
Object : NE->c:\windows\system32\tasks\{7b29c8a2-3f7a-4611-8dfb-77d62ee6dc5b}
MD5 : -
Publisher : -
Size : -
Version : -
Detection : Adware:Win32/CHR.TASKSCHD.GEN.A!Neng
Cleaning Action : Karanténa
Related Objects :
(null) - (null)
{8d4aa04d-9519-40cf-b4b0-48b5b573f0c9}
Status : Skenováno
Object : NE->c:\windows\system32\tasks\{8d4aa04d-9519-40cf-b4b0-48b5b573f0c9}
MD5 : -
Publisher : -
Size : -
Version : -
Detection : Adware:Win32/CHR.TASKSCHD.GEN.A!Neng
Cleaning Action : Karanténa
Related Objects :
(null) - (null)
{a6235a17-ec21-4a4d-9c17-7de386fc72b0}
Status : Skenováno
Object : NE->c:\windows\system32\tasks\{a6235a17-ec21-4a4d-9c17-7de386fc72b0}
MD5 : -
Publisher : -
Size : -
Version : -
Detection : Adware:Win32/CHR.TASKSCHD.GEN.A!Neng
Cleaning Action : Karanténa
Related Objects :
(null) - (null)
{c46e5936-604c-4ab1-a79d-38c6a1cd8709}
Status : Skenováno
Object : NE->c:\windows\system32\tasks\{c46e5936-604c-4ab1-a79d-38c6a1cd8709}
MD5 : -
Publisher : -
Size : -
Version : -
Detection : Adware:Win32/CHR.TASKSCHD.GEN.A!Neng
Cleaning Action : Karanténa
Related Objects :
(null) - (null)
{fc1da9c3-a138-44ba-b18e-0f29ddbc1a6d}
Status : Skenováno
Object : NE->c:\windows\system32\tasks\{fc1da9c3-a138-44ba-b18e-0f29ddbc1a6d}
MD5 : -
Publisher : -
Size : -
Version : -
Detection : Adware:Win32/CHR.TASKSCHD.GEN.A!Neng
Cleaning Action : Karanténa
Related Objects :
(null) - (null)
Cleaning Result
-------------------------------------------------------
Cleaned : 11
Reported as safe : 0
Failed : 0
Zemana AntiMalware 2.72.2.101 (Installed)
-------------------------------------------------------
Scan Result : Terminated
Scan Date : 2017.2.26
Operating System : Windows 10 32-bit
Processor : 2X AMD Athlon(tm) II X2 240 Processor
BIOS Mode : Legacy
CUID : 123E26C872B07A7D8F89AB
Scan Type : System Scan
Duration : 0m 28s
Scanned Objects : 1869
Detected Objects : 0
Excluded Objects : 0
Read Level : SCSI
Auto Upload : Disabled
Detect All Extensions : Disabled
Scan Documents : Disabled
Domain Info : WORKGROUP,0,2
Detected Objects
-------------------------------------------------------
No threats detected
Re: Prosím o kontrolu logu
CrystalDisk:
----------------------------------------------------------------------------
CrystalDiskInfo 7.0.5 (C) 2008-2016 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows 10 [10.0 Build 14393] (x86)
Date : 2017/02/26 16:44:28
-- Controller Map ----------------------------------------------------------
- ATA Channel 0 (0) [ATA]
- ATA Channel 1 (1) [ATA]
+ ATA Channel 0 (0) [ATA]
- WDC WD6400AAKS-22A7B2 ATA Device
- ATA Channel 1 (1) [ATA]
+ PCI Standardní dvoukanálový řadič IDE [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
+ PCI Standardní dvoukanálový řadič IDE [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
- Řadič prostorů úložišť [SCSI]
-- Disk List ---------------------------------------------------------------
(1) WDC WD6400AAKS-22A7B2 : 640,1 GB [0/2/0, pd1] - wd
----------------------------------------------------------------------------
(1) WDC WD6400AAKS-22A7B2
----------------------------------------------------------------------------
Model : WDC WD6400AAKS-22A7B2
Firmware : 01.03B01
Serial Number : WD-WCASY9266474
Disk Size : 640,1 GB (8,4/137,4/640,1/640,1)
Buffer Size : 16384 KB
Queue Depth : 32
# of Sectors : 1250263728
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : ---- | SATA/300
Power On Hours : 20430 hod.
Power On Count : 4175 krát
Temperature : 45 C (113 F)
Health Status : Dobrý
Features : S.M.A.R.T., AAM, 48bit LBA, NCQ
APM Level : ----
AAM Level : 80FEh [OFF]
Drive Letter : C:
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 162 159 _21 000000001302 Čas na roztočení ploten
04 _96 _96 __0 000000001060 Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 100 253 __0 000000000000 Počet chybných hledání
09 _73 _73 __0 000000004FCE Hodin v činnosti
0A 100 100 __0 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _96 _96 __0 00000000104F Počet cyklů zapnutí zařízení
C0 200 200 __0 00000000026C Počet vypnutí disku
C1 199 199 __0 00000000105E Počet cyklů načítání/vymazání
C2 102 _97 __0 00000000002D Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 200 200 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 200 200 __0 000000000000 Počet chyb při zápisu sektorů
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 5743 4153 5939 3236 3634 3734
020: 0000 8000 0032 3031 2E30 3342 3031 5744 4320 5744
030: 3634 3030 4141 4B53 2D32 3241 3742 3220 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 0706 0000 0044 0040
080: 01FE 0000 746B 7F61 4123 7469 BC41 4123 407F 003B
090: 003B 0000 FFFE 0000 80FE 0000 0000 0000 0000 0000
100: 82B0 4A85 0000 0000 0000 0000 0000 0000 5001 4EE1
110: ACE1 22B8 0000 0000 0000 0000 0000 0000 0000 4010
120: 4010 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 169D 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 3037 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 100E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 A7A5
-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 C8 C8 00 00 00 00 00 00 00 03 27
010: 00 A2 9F 02 13 00 00 00 00 00 04 32 00 60 60 60
020: 10 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 2E 00 64 FD 00 00 00 00 00 00 00 09 32
040: 00 49 49 CE 4F 00 00 00 00 00 0A 32 00 64 64 00
050: 00 00 00 00 00 00 0B 32 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 60 60 4F 10 00 00 00 00 00 C0 32
070: 00 C8 C8 6C 02 00 00 00 00 00 C1 32 00 C7 C7 5E
080: 10 00 00 00 00 00 C2 22 00 66 61 2D 00 00 00 00
090: 00 00 C4 32 00 C8 C8 00 00 00 00 00 00 00 C5 32
0A0: 00 C8 C8 00 00 00 00 00 00 00 C6 30 00 C8 C8 00
0B0: 00 00 00 00 00 00 C7 32 00 C8 C8 00 00 00 00 00
0C0: 00 00 C8 08 00 C8 C8 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 84 00 3C 2D 01 7B
170: 03 00 01 00 02 88 05 00 00 00 00 00 00 00 00 00
180: 00 00 01 04 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 68
-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 C8 C8 00 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 00 64 64 64 64 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 00 00 00 00 00
050: 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 C0 00
070: 00 00 00 00 00 00 00 00 00 00 C1 00 00 00 00 00
080: 00 00 00 00 00 00 C2 00 00 00 00 00 00 00 00 00
090: 00 00 C4 00 00 00 00 00 00 00 00 00 00 00 C5 00
0A0: 00 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00
0B0: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
0C0: 00 00 C8 00 C8 C8 C8 C8 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ED
----------------------------------------------------------------------------
CrystalDiskInfo 7.0.5 (C) 2008-2016 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows 10 [10.0 Build 14393] (x86)
Date : 2017/02/26 16:44:28
-- Controller Map ----------------------------------------------------------
- ATA Channel 0 (0) [ATA]
- ATA Channel 1 (1) [ATA]
+ ATA Channel 0 (0) [ATA]
- WDC WD6400AAKS-22A7B2 ATA Device
- ATA Channel 1 (1) [ATA]
+ PCI Standardní dvoukanálový řadič IDE [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
+ PCI Standardní dvoukanálový řadič IDE [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
- Řadič prostorů úložišť [SCSI]
-- Disk List ---------------------------------------------------------------
(1) WDC WD6400AAKS-22A7B2 : 640,1 GB [0/2/0, pd1] - wd
----------------------------------------------------------------------------
(1) WDC WD6400AAKS-22A7B2
----------------------------------------------------------------------------
Model : WDC WD6400AAKS-22A7B2
Firmware : 01.03B01
Serial Number : WD-WCASY9266474
Disk Size : 640,1 GB (8,4/137,4/640,1/640,1)
Buffer Size : 16384 KB
Queue Depth : 32
# of Sectors : 1250263728
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : ---- | SATA/300
Power On Hours : 20430 hod.
Power On Count : 4175 krát
Temperature : 45 C (113 F)
Health Status : Dobrý
Features : S.M.A.R.T., AAM, 48bit LBA, NCQ
APM Level : ----
AAM Level : 80FEh [OFF]
Drive Letter : C:
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 162 159 _21 000000001302 Čas na roztočení ploten
04 _96 _96 __0 000000001060 Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 100 253 __0 000000000000 Počet chybných hledání
09 _73 _73 __0 000000004FCE Hodin v činnosti
0A 100 100 __0 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _96 _96 __0 00000000104F Počet cyklů zapnutí zařízení
C0 200 200 __0 00000000026C Počet vypnutí disku
C1 199 199 __0 00000000105E Počet cyklů načítání/vymazání
C2 102 _97 __0 00000000002D Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 200 200 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 200 200 __0 000000000000 Počet chyb při zápisu sektorů
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 5743 4153 5939 3236 3634 3734
020: 0000 8000 0032 3031 2E30 3342 3031 5744 4320 5744
030: 3634 3030 4141 4B53 2D32 3241 3742 3220 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 0706 0000 0044 0040
080: 01FE 0000 746B 7F61 4123 7469 BC41 4123 407F 003B
090: 003B 0000 FFFE 0000 80FE 0000 0000 0000 0000 0000
100: 82B0 4A85 0000 0000 0000 0000 0000 0000 5001 4EE1
110: ACE1 22B8 0000 0000 0000 0000 0000 0000 0000 4010
120: 4010 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 169D 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 3037 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 100E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 A7A5
-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 C8 C8 00 00 00 00 00 00 00 03 27
010: 00 A2 9F 02 13 00 00 00 00 00 04 32 00 60 60 60
020: 10 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 2E 00 64 FD 00 00 00 00 00 00 00 09 32
040: 00 49 49 CE 4F 00 00 00 00 00 0A 32 00 64 64 00
050: 00 00 00 00 00 00 0B 32 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 60 60 4F 10 00 00 00 00 00 C0 32
070: 00 C8 C8 6C 02 00 00 00 00 00 C1 32 00 C7 C7 5E
080: 10 00 00 00 00 00 C2 22 00 66 61 2D 00 00 00 00
090: 00 00 C4 32 00 C8 C8 00 00 00 00 00 00 00 C5 32
0A0: 00 C8 C8 00 00 00 00 00 00 00 C6 30 00 C8 C8 00
0B0: 00 00 00 00 00 00 C7 32 00 C8 C8 00 00 00 00 00
0C0: 00 00 C8 08 00 C8 C8 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 84 00 3C 2D 01 7B
170: 03 00 01 00 02 88 05 00 00 00 00 00 00 00 00 00
180: 00 00 01 04 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 68
-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 C8 C8 00 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 00 64 64 64 64 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 00 00 00 00 00
050: 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 C0 00
070: 00 00 00 00 00 00 00 00 00 00 C1 00 00 00 00 00
080: 00 00 00 00 00 00 C2 00 00 00 00 00 00 00 00 00
090: 00 00 C4 00 00 00 00 00 00 00 00 00 00 00 C5 00
0A0: 00 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00
0B0: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
0C0: 00 00 C8 00 C8 C8 C8 C8 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ED
Re: Prosím o kontrolu logu
HiJackThis:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:36:38, on 26.2.2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0000)
Boot mode: Normal
Running processes:
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\system32\taskhostw.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Windows Defender\MSASCuiL.exe
C:\Users\Jakub\AppData\Local\Microsoft\BingSvc\BingSvc.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\WINDOWS\system32\taskhostw.exe
C:\Windows\System32\smartscreen.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\SYSTEM32\notepad.exe
C:\WINDOWS\SYSTEM32\notepad.exe
C:\WINDOWS\system32\backgroundTaskHost.exe
C:\Program Files\CrystalDiskInfo\DiskInfo32.exe
C:\Users\Jakub\Downloads\Oprava PC\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NvBackend] "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [Malwarebytes TrayApp] C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe
O4 - HKLM\..\Run: [WindowsDefender] "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
O4 - HKLM\..\Run: [ZAM] "C:\Program Files\Zemana AntiMalware\ZAM.exe" /minimized
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [BingSvc] C:\Users\Jakub\AppData\Local\Microsoft\BingSvc\BingSvc.exe
O4 - HKCU\..\Run: [Voobly] "C:\Program Files\Voobly\voobly.exe" --startup
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: Avira Browser Safety - {d8f67242-b229-4065-95fa-391b077ed6ca} - mscoree.dll (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: @C:\Program Files\Google\Chrome Remote Desktop\56.0.2924.51\remoting_core.dll,-101 (chromoting) - Google Inc. - C:\Program Files\Google\Chrome Remote Desktop\56.0.2924.51\remoting_host.exe
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate1cac9dd563a9e30) (gupdate1cac9dd563a9e30) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvvsvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) - Protection Technology (StarForce) - C:\Windows\system32\sfrem01.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files\Tunngle\TnglCtrl.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: @oem32.inf,%ViaKaraokeSrv.SvcDesc%;VIA Karaoke digital mixer Service (VIAKaraokeService) - VIA Technologies, Inc. - C:\WINDOWS\system32\viakaraokesrv.exe
O23 - Service: ZAM Controller Service (ZAMSvc) - Copyright 2017. - C:\Program Files\Zemana AntiMalware\ZAM.exe
--
End of file - 9455 bytes
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:36:38, on 26.2.2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0000)
Boot mode: Normal
Running processes:
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\system32\taskhostw.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Windows Defender\MSASCuiL.exe
C:\Users\Jakub\AppData\Local\Microsoft\BingSvc\BingSvc.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\WINDOWS\system32\taskhostw.exe
C:\Windows\System32\smartscreen.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\SYSTEM32\notepad.exe
C:\WINDOWS\SYSTEM32\notepad.exe
C:\WINDOWS\system32\backgroundTaskHost.exe
C:\Program Files\CrystalDiskInfo\DiskInfo32.exe
C:\Users\Jakub\Downloads\Oprava PC\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NvBackend] "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [Malwarebytes TrayApp] C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe
O4 - HKLM\..\Run: [WindowsDefender] "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
O4 - HKLM\..\Run: [ZAM] "C:\Program Files\Zemana AntiMalware\ZAM.exe" /minimized
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [BingSvc] C:\Users\Jakub\AppData\Local\Microsoft\BingSvc\BingSvc.exe
O4 - HKCU\..\Run: [Voobly] "C:\Program Files\Voobly\voobly.exe" --startup
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: Avira Browser Safety - {d8f67242-b229-4065-95fa-391b077ed6ca} - mscoree.dll (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: @C:\Program Files\Google\Chrome Remote Desktop\56.0.2924.51\remoting_core.dll,-101 (chromoting) - Google Inc. - C:\Program Files\Google\Chrome Remote Desktop\56.0.2924.51\remoting_host.exe
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate1cac9dd563a9e30) (gupdate1cac9dd563a9e30) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvvsvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) - Protection Technology (StarForce) - C:\Windows\system32\sfrem01.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files\Tunngle\TnglCtrl.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: @oem32.inf,%ViaKaraokeSrv.SvcDesc%;VIA Karaoke digital mixer Service (VIAKaraokeService) - VIA Technologies, Inc. - C:\WINDOWS\system32\viakaraokesrv.exe
O23 - Service: ZAM Controller Service (ZAMSvc) - Copyright 2017. - C:\Program Files\Zemana AntiMalware\ZAM.exe
--
End of file - 9455 bytes
Re: Prosím o kontrolu logu
Paměť a procesor jsou stále celkem přetížené, nejvíc mi zabírá ,,Antimalware Service Executable,, ovšem když dám ukončit úlohu tak mi to napíše přístup byl odepřen.
- jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43113
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu
000000001302 Čas na roztočení ploten
ještě jednou CDI.
+
Stáhni si Memtest:
Políčko , ve kterém je napsáno:
All unused RAM -ponech , jak je.
-dej Start , nech nejméně 2h běžet , pokud bude po 2h stále 0 errors , jsou v pořádku.
V případě vyšších kapacit RAM je třeba Memtest spustit několikrát , pro 2GB ( jednotlivá největší kapacita RAM) 2x , pro 4GB 3x , pro 8Gb 4x ap.
Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.
ještě jednou CDI.
+
Stáhni si Memtest:
Políčko , ve kterém je napsáno:
All unused RAM -ponech , jak je.
-dej Start , nech nejméně 2h běžet , pokud bude po 2h stále 0 errors , jsou v pořádku.
V případě vyšších kapacit RAM je třeba Memtest spustit několikrát , pro 2GB ( jednotlivá největší kapacita RAM) 2x , pro 4GB 3x , pro 8Gb 4x ap.
Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosím o kontrolu logu
CDI:
----------------------------------------------------------------------------
CrystalDiskInfo 7.0.5 (C) 2008-2016 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows 10 [10.0 Build 14393] (x86)
Date : 2017/02/26 18:42:27
-- Controller Map ----------------------------------------------------------
- ATA Channel 0 (0) [ATA]
- ATA Channel 1 (1) [ATA]
+ ATA Channel 0 (0) [ATA]
- WDC WD6400AAKS-22A7B2 ATA Device
- ATA Channel 1 (1) [ATA]
+ PCI Standardní dvoukanálový řadič IDE [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
+ PCI Standardní dvoukanálový řadič IDE [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
- Řadič prostorů úložišť [SCSI]
-- Disk List ---------------------------------------------------------------
(1) WDC WD6400AAKS-22A7B2 : 640,1 GB [0/2/0, pd1] - wd
----------------------------------------------------------------------------
(1) WDC WD6400AAKS-22A7B2
----------------------------------------------------------------------------
Model : WDC WD6400AAKS-22A7B2
Firmware : 01.03B01
Serial Number : WD-WCASY9266474
Disk Size : 640,1 GB (8,4/137,4/640,1/640,1)
Buffer Size : 16384 KB
Queue Depth : 32
# of Sectors : 1250263728
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : ---- | SATA/300
Power On Hours : 20432 hod.
Power On Count : 4175 krát
Temperature : 44 C (111 F)
Health Status : Dobrý
Features : S.M.A.R.T., AAM, 48bit LBA, NCQ
APM Level : ----
AAM Level : 80FEh [OFF]
Drive Letter : C:
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 162 159 _21 000000001302 Čas na roztočení ploten
04 _96 _96 __0 000000001060 Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 100 253 __0 000000000000 Počet chybných hledání
09 _73 _73 __0 000000004FD0 Hodin v činnosti
0A 100 100 __0 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _96 _96 __0 00000000104F Počet cyklů zapnutí zařízení
C0 200 200 __0 00000000026C Počet vypnutí disku
C1 199 199 __0 00000000105E Počet cyklů načítání/vymazání
C2 103 _97 __0 00000000002C Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 200 200 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 200 200 __0 000000000000 Počet chyb při zápisu sektorů
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 5743 4153 5939 3236 3634 3734
020: 0000 8000 0032 3031 2E30 3342 3031 5744 4320 5744
030: 3634 3030 4141 4B53 2D32 3241 3742 3220 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 0706 0000 0044 0040
080: 01FE 0000 746B 7F61 4123 7469 BC41 4123 407F 003B
090: 003B 0000 FFFE 0000 80FE 0000 0000 0000 0000 0000
100: 82B0 4A85 0000 0000 0000 0000 0000 0000 5001 4EE1
110: ACE1 22B8 0000 0000 0000 0000 0000 0000 0000 4010
120: 4010 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 169D 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 3037 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 100E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 A7A5
-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 C8 C8 00 00 00 00 00 00 00 03 27
010: 00 A2 9F 02 13 00 00 00 00 00 04 32 00 60 60 60
020: 10 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 2E 00 64 FD 00 00 00 00 00 00 00 09 32
040: 00 49 49 D0 4F 00 00 00 00 00 0A 32 00 64 64 00
050: 00 00 00 00 00 00 0B 32 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 60 60 4F 10 00 00 00 00 00 C0 32
070: 00 C8 C8 6C 02 00 00 00 00 00 C1 32 00 C7 C7 5E
080: 10 00 00 00 00 00 C2 22 00 67 61 2C 00 00 00 00
090: 00 00 C4 32 00 C8 C8 00 00 00 00 00 00 00 C5 32
0A0: 00 C8 C8 00 00 00 00 00 00 00 C6 30 00 C8 C8 00
0B0: 00 00 00 00 00 00 C7 32 00 C8 C8 00 00 00 00 00
0C0: 00 00 C8 08 00 C8 C8 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 84 00 3C 2D 01 7B
170: 03 00 01 00 02 88 05 00 00 00 00 00 00 00 00 00
180: 00 00 01 04 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 66
-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 C8 C8 00 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 00 64 64 64 64 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 00 00 00 00 00
050: 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 C0 00
070: 00 00 00 00 00 00 00 00 00 00 C1 00 00 00 00 00
080: 00 00 00 00 00 00 C2 00 00 00 00 00 00 00 00 00
090: 00 00 C4 00 00 00 00 00 00 00 00 00 00 00 C5 00
0A0: 00 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00
0B0: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
0C0: 00 00 C8 00 C8 C8 C8 C8 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ED
----------------------------------------------------------------------------
CrystalDiskInfo 7.0.5 (C) 2008-2016 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows 10 [10.0 Build 14393] (x86)
Date : 2017/02/26 18:42:27
-- Controller Map ----------------------------------------------------------
- ATA Channel 0 (0) [ATA]
- ATA Channel 1 (1) [ATA]
+ ATA Channel 0 (0) [ATA]
- WDC WD6400AAKS-22A7B2 ATA Device
- ATA Channel 1 (1) [ATA]
+ PCI Standardní dvoukanálový řadič IDE [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
+ PCI Standardní dvoukanálový řadič IDE [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
- Řadič prostorů úložišť [SCSI]
-- Disk List ---------------------------------------------------------------
(1) WDC WD6400AAKS-22A7B2 : 640,1 GB [0/2/0, pd1] - wd
----------------------------------------------------------------------------
(1) WDC WD6400AAKS-22A7B2
----------------------------------------------------------------------------
Model : WDC WD6400AAKS-22A7B2
Firmware : 01.03B01
Serial Number : WD-WCASY9266474
Disk Size : 640,1 GB (8,4/137,4/640,1/640,1)
Buffer Size : 16384 KB
Queue Depth : 32
# of Sectors : 1250263728
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : ---- | SATA/300
Power On Hours : 20432 hod.
Power On Count : 4175 krát
Temperature : 44 C (111 F)
Health Status : Dobrý
Features : S.M.A.R.T., AAM, 48bit LBA, NCQ
APM Level : ----
AAM Level : 80FEh [OFF]
Drive Letter : C:
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 162 159 _21 000000001302 Čas na roztočení ploten
04 _96 _96 __0 000000001060 Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 100 253 __0 000000000000 Počet chybných hledání
09 _73 _73 __0 000000004FD0 Hodin v činnosti
0A 100 100 __0 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _96 _96 __0 00000000104F Počet cyklů zapnutí zařízení
C0 200 200 __0 00000000026C Počet vypnutí disku
C1 199 199 __0 00000000105E Počet cyklů načítání/vymazání
C2 103 _97 __0 00000000002C Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 200 200 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 200 200 __0 000000000000 Počet chyb při zápisu sektorů
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 5743 4153 5939 3236 3634 3734
020: 0000 8000 0032 3031 2E30 3342 3031 5744 4320 5744
030: 3634 3030 4141 4B53 2D32 3241 3742 3220 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 0706 0000 0044 0040
080: 01FE 0000 746B 7F61 4123 7469 BC41 4123 407F 003B
090: 003B 0000 FFFE 0000 80FE 0000 0000 0000 0000 0000
100: 82B0 4A85 0000 0000 0000 0000 0000 0000 5001 4EE1
110: ACE1 22B8 0000 0000 0000 0000 0000 0000 0000 4010
120: 4010 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 169D 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 3037 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 100E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 A7A5
-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 C8 C8 00 00 00 00 00 00 00 03 27
010: 00 A2 9F 02 13 00 00 00 00 00 04 32 00 60 60 60
020: 10 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 2E 00 64 FD 00 00 00 00 00 00 00 09 32
040: 00 49 49 D0 4F 00 00 00 00 00 0A 32 00 64 64 00
050: 00 00 00 00 00 00 0B 32 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 60 60 4F 10 00 00 00 00 00 C0 32
070: 00 C8 C8 6C 02 00 00 00 00 00 C1 32 00 C7 C7 5E
080: 10 00 00 00 00 00 C2 22 00 67 61 2C 00 00 00 00
090: 00 00 C4 32 00 C8 C8 00 00 00 00 00 00 00 C5 32
0A0: 00 C8 C8 00 00 00 00 00 00 00 C6 30 00 C8 C8 00
0B0: 00 00 00 00 00 00 C7 32 00 C8 C8 00 00 00 00 00
0C0: 00 00 C8 08 00 C8 C8 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 84 00 3C 2D 01 7B
170: 03 00 01 00 02 88 05 00 00 00 00 00 00 00 00 00
180: 00 00 01 04 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 66
-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 C8 C8 00 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 00 64 64 64 64 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 00 00 00 00 00
050: 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 C0 00
070: 00 00 00 00 00 00 00 00 00 00 C1 00 00 00 00 00
080: 00 00 00 00 00 00 C2 00 00 00 00 00 00 00 00 00
090: 00 00 C4 00 00 00 00 00 00 00 00 00 00 00 C5 00
0A0: 00 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00
0B0: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
0C0: 00 00 C8 00 C8 C8 C8 C8 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ED
Re: Prosím o kontrolu logu
FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 25-02-2017
Ran by Jakub (administrator) on JAKUB-PC (26-02-2017 18:31:14)
Running from C:\Users\Jakub\Downloads\Desktop
Loaded Profiles: Jakub (Available Profiles: Jakub)
Platform: Microsoft Windows 10 Home Version 1607 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
(Teruten) C:\Windows\System32\FsUsbExService.Exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Ulead Systems, Inc.) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Copyright 2017.) C:\Program Files\Zemana AntiMalware\ZAM.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(© 2015 Microsoft Corporation) C:\Users\Jakub\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [HDAudDeck] => C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe [1486848 2009-08-28] (VIA)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2011-09-27] (Apple Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [SwitchBoard] => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS5ServiceManager] => C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [383424 2012-02-05] (Autodesk, Inc.)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2585744 2016-01-29] (NVIDIA Corporation)
HKLM\...\Run: [LogMeIn GUI] => C:\Program Files\LogMeIn\x86\LogMeInSystray.exe [63048 2015-06-15] (LogMeIn, Inc.)
HKLM\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [5565960 2016-11-11] (LogMeIn Inc.)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [483840 2016-07-16] (Microsoft Corporation)
HKLM\...\Run: [ZAM] => C:\Program Files\Zemana AntiMalware\ZAM.exe [14416624 2017-02-02] (Copyright 2017.)
HKU\S-1-5-21-2460206527-1493759754-90791392-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2460206527-1493759754-90791392-1000\...\Run: [BingSvc] => C:\Users\Jakub\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-12] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-2460206527-1493759754-90791392-1000\...\Run: [Voobly] => C:\Program Files\Voobly\voobly.exe [159744 2016-04-03] (Voobly)
HKU\S-1-5-21-2460206527-1493759754-90791392-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [7416536 2017-02-08] (Piriform Ltd)
HKU\S-1-5-21-2460206527-1493759754-90791392-1000\...\Policies\Explorer: []
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Jakub\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileSyncShell.dll [2016-09-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Jakub\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileSyncShell.dll [2016-09-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Jakub\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileSyncShell.dll [2016-09-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2015-02-06] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [Správa překryvné ikony digitálních podpisů AutoCADu ] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2015-02-06] (Autodesk, Inc.)
Startup: C:\Users\Jakub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk [2016-04-07]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\..\Interfaces\{0ccc13c1-fd50-48b8-bdc6-8042ddc467bc}: [DhcpNameServer] 7.254.254.254
Tcpip\..\Interfaces\{3325e624-3a70-41e6-8fd6-9b5edc45d376}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{74b70064-3414-49ba-b68c-92788b8bbbb8}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{8db9411a-25d6-4ea6-b22b-1913f0554876}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{fdd04cc3-ae0f-4cdb-96bd-c490418bd7b2}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2460206527-1493759754-90791392-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-2460206527-1493759754-90791392-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\S-1-5-21-2460206527-1493759754-90791392-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SK2M&ocid=SK2MDHP&osmkt=en-ww
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-2460206527-1493759754-90791392-1000 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2460206527-1493759754-90791392-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-06-22] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-06-22] (Oracle Corporation)
DPF: {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinsta ... s-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2013-11-20] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2017-01-01] (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\xwMkUhdM.default [2017-02-26]
FF NewTab: Mozilla\Firefox\Profiles\xwMkUhdM.default -> about:newtab
FF Homepage: Mozilla\Firefox\Profiles\xwMkUhdM.default -> about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-20] ()
FF Plugin: @gamersfirst.com/LiveLauncher -> C:\Program Files\GamersFirst\LIVE!\nplivelauncher.dll [No File]
FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-06-22] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-06-22] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameeu.dll [2012-04-14] (Nexon)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-11-14] (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-11-14] (NVIDIA Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Profile 1 [2017-02-26]
CHR Extension: (Prezentace Google) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-02-26]
CHR Extension: (Dokumenty Google) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2017-02-26]
CHR Extension: (Disk Google) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-02-26]
CHR Extension: (YouTube) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-02-26]
CHR Extension: (Tabulky Google) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-02-26]
CHR Extension: (Avira Browser Safety) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-02-26]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-02-26]
CHR Extension: (Skype) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-02-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-02-26]
CHR Extension: (Gmail) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-02-26]
CHR Extension: (Chrome Media Router) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-26]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-03-03]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 chromoting; C:\Program Files\Google\Chrome Remote Desktop\56.0.2924.51\remoting_host.exe [72024 2017-01-03] (Google Inc.)
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1044816 2014-03-11] (Flexera Software, Inc.)
R2 FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [217088 2009-12-22] (Teruten) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [915600 2016-01-29] (NVIDIA Corporation)
S2 gupdate1cac9dd563a9e30; C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-09-17] (Google Inc.)
S2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1962504 2016-11-11] (LogMeIn Inc.)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [405424 2016-11-11] (LogMeIn, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [3303888 2017-01-20] (Malwarebytes)
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1706128 2016-01-29] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19775632 2016-01-29] (NVIDIA Corporation)
S3 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [620544 2008-11-11] (Nokia.) [File not signed]
S2 sfrem01; C:\Windows\system32\sfrem01.exe [353912 2006-05-10] (Protection Technology (StarForce))
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 TunngleService; C:\Program Files\Tunngle\TnglCtrl.exe [838128 2016-12-15] (Tunngle.net GmbH)
R2 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2005-01-31] (Ulead Systems, Inc.) [File not signed]
R2 VIAKaraokeService; C:\WINDOWS\system32\viakaraokesrv.exe [36504 2015-06-22] (VIA Technologies, Inc.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [271496 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [84928 2016-07-16] (Microsoft Corporation)
R2 ZAMSvc; C:\Program Files\Zemana AntiMalware\ZAM.exe [14416624 2017-02-02] (Copyright 2017.)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 AsIO; C:\WINDOWS\System32\drivers\AsIO.sys [12400 2007-12-17] ()
R3 athur; C:\WINDOWS\System32\drivers\athur.sys [1501696 2010-03-09] (Atheros Communications, Inc.)
R2 atksgt; C:\WINDOWS\System32\DRIVERS\atksgt.sys [83872 2012-11-22] ()
R1 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [243128 2015-02-24] (Disc Soft Ltd)
S3 ENTECH; C:\Windows\system32\DRIVERS\ENTECH.sys [21664 2004-10-25] (EnTech Taiwan) [File not signed]
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae.sys [59976 2017-01-20] ()
R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36640 2009-12-22] () [File not signed]
R3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [38512 2015-08-03] (LogMeIn Inc.)
R2 lirsgt; C:\WINDOWS\System32\DRIVERS\lirsgt.sys [25888 2012-11-22] ()
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [152512 2017-02-26] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [94656 2017-02-26] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [39360 2017-02-26] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [219584 2017-02-26] (Malwarebytes)
R1 MpKslfbe77a60; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2CD434F9-58FB-4E05-8148-4AF5360D8BA8}\MpKslfbe77a60.sys [39168 2017-02-26] (Microsoft Corporation)
R3 MTsensor; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [6504 2009-05-13] ()
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [62976 2016-07-16] ()
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [18576 2016-01-29] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad32v.sys [32912 2016-01-29] (NVIDIA Corporation)
R0 sfhlp02; C:\WINDOWS\System32\drivers\sfhlp02.sys [6656 2006-05-10] (Protection Technology (StarForce)) [File not signed]
R3 tap0901t; C:\WINDOWS\System32\drivers\tap0901t.sys [44216 2016-04-26] (Tunngle.net GmbH)
R3 VIAHdAudAddService; C:\WINDOWS\system32\drivers\viahduaa.sys [575184 2015-06-22] (VIA Technologies, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [37912 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [244576 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [100192 2016-07-16] (Microsoft Corporation)
R1 ZAM; C:\WINDOWS\System32\drivers\zam32.sys [181496 2017-02-26] (Zemana Ltd.)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard32.sys [181496 2017-02-26] (Zemana Ltd.)
U3 idsvc; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-02-26 18:31 - 2017-02-26 18:31 - 00000000 ____D C:\FRST
2017-02-26 17:49 - 2017-02-26 17:49 - 00000000 ____D C:\Users\Jakub\AppData\Local\CrashDumps
2017-02-26 17:37 - 2017-02-26 17:37 - 00015600 _____ C:\Users\Jakub\Downloads\MemTest.zip
2017-02-26 15:39 - 2017-02-26 18:31 - 00056591 _____ C:\WINDOWS\ZAM.krnl.trace
2017-02-26 15:39 - 2017-02-26 18:31 - 00024760 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2017-02-26 15:39 - 2017-02-26 15:39 - 00181496 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zamguard32.sys
2017-02-26 15:39 - 2017-02-26 15:39 - 00181496 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zam32.sys
2017-02-26 15:39 - 2017-02-26 15:39 - 00001957 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2017-02-26 15:39 - 2017-02-26 15:39 - 00000000 ____D C:\Users\Jakub\AppData\Local\Zemana
2017-02-26 15:39 - 2017-02-26 15:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2017-02-26 15:39 - 2017-02-26 15:39 - 00000000 ____D C:\Program Files\Zemana AntiMalware
2017-02-26 13:55 - 2017-02-26 13:30 - 00024064 _____ C:\WINDOWS\zoek-delete.exe
2017-02-26 13:30 - 2017-02-26 13:53 - 00000000 ____D C:\zoek_backup
2017-02-25 15:22 - 2017-02-25 15:22 - 00000000 ____D C:\ProgramData\Sophos
2017-02-25 15:21 - 2017-02-25 15:21 - 00002763 _____ C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
2017-02-25 15:21 - 2017-02-25 15:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2017-02-25 15:21 - 2017-02-25 15:21 - 00000000 ____D C:\Program Files\Sophos
2017-02-25 14:13 - 2017-02-25 14:18 - 00000000 ____D C:\Users\TEMP
2017-02-25 14:01 - 2017-02-25 14:01 - 00000000 ____D C:\Users\Jakub\AppData\Local\Autodesk
2017-02-24 22:36 - 2017-02-25 13:21 - 00000000 ____D C:\AdwCleaner
2017-02-24 22:35 - 2017-02-26 17:45 - 00152512 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-02-24 22:34 - 2017-02-26 17:44 - 00219584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-02-24 22:34 - 2017-02-26 17:44 - 00094656 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-02-24 22:34 - 2017-02-26 17:44 - 00073672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-02-24 22:34 - 2017-02-26 17:44 - 00039360 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-02-24 22:34 - 2017-02-24 22:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-02-24 22:34 - 2017-02-24 22:34 - 00000000 ____D C:\Program Files\Malwarebytes
2017-02-24 22:34 - 2017-01-20 07:47 - 00059976 _____ C:\WINDOWS\system32\Drivers\mbae.sys
2017-02-24 22:30 - 2017-02-24 22:30 - 00000000 ____D C:\Users\Jakub\AppData\Local\Adobe
2017-02-24 22:25 - 2017-02-26 16:36 - 00000000 ____D C:\Users\Jakub\Downloads\Oprava PC
2017-02-24 20:27 - 2017-02-24 20:27 - 00000000 ____D C:\Program Files\Common Files\Skype
2017-02-24 19:42 - 2017-02-24 19:41 - 00921280 _____ (Microsoft Corporation) C:\WINDOWS\ucrtbase.dll
2017-02-24 19:37 - 2017-02-24 19:37 - 00001034 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-02-24 19:37 - 2017-02-24 19:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-02-24 19:37 - 2017-02-24 19:37 - 00000000 ____D C:\Program Files\CCleaner
2017-02-24 19:37 - 2017-02-24 19:37 - 00000000 ____D C:\Program Files\AVAST Software
2017-02-19 17:17 - 2017-02-19 17:18 - 00000000 ____D C:\ProgramData\Tunngle
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-02-26 17:54 - 2016-09-12 15:20 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-02-26 17:44 - 2016-09-12 15:28 - 00000000 ____D C:\Users\Jakub
2017-02-26 17:43 - 2016-09-12 15:53 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-02-26 17:43 - 2016-09-12 15:22 - 00000000 ____D C:\ProgramData\NVIDIA
2017-02-26 17:36 - 2013-05-12 10:15 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\vlc
2017-02-26 16:34 - 2015-08-06 21:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2017-02-26 16:34 - 2015-08-06 21:53 - 00000000 ____D C:\Program Files\CrystalDiskInfo
2017-02-26 15:31 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-02-26 13:59 - 2016-07-16 03:22 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-02-26 13:52 - 2009-07-14 03:37 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2017-02-26 12:09 - 2014-10-30 18:57 - 00024688 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2017-02-25 23:48 - 2014-05-17 18:30 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\TS3Client
2017-02-25 14:41 - 2016-07-16 09:29 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-25 14:13 - 2015-09-03 17:37 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-02-25 13:29 - 2015-08-05 19:10 - 00001054 _____ C:\Users\Jakub\Desktop\JRT.txt
2017-02-24 22:34 - 2014-04-20 22:00 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-02-24 21:08 - 2016-09-12 15:25 - 03273728 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-02-24 21:08 - 2016-07-16 18:01 - 01336780 _____ C:\WINDOWS\system32\perfh005.dat
2017-02-24 21:08 - 2016-07-16 18:01 - 00367914 _____ C:\WINDOWS\system32\perfc005.dat
2017-02-24 21:05 - 2014-06-03 18:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2017-02-24 21:05 - 2014-06-03 18:48 - 00000000 ____D C:\Program Files\Common Files\Autodesk Shared
2017-02-24 21:05 - 2014-03-11 22:00 - 00000000 ____D C:\Program Files\Autodesk
2017-02-24 21:05 - 2014-03-11 21:54 - 00000000 ____D C:\ProgramData\Autodesk
2017-02-24 21:04 - 2016-07-16 03:22 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-02-24 21:04 - 2012-01-01 09:42 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2017-02-24 20:48 - 2014-04-22 20:18 - 00000000 ____D C:\Games
2017-02-24 20:47 - 2011-06-15 13:32 - 00000000 ____D C:\EULA SHIT
2017-02-24 20:42 - 2015-05-22 20:45 - 00000000 ____D C:\GOG Games
2017-02-24 20:40 - 2012-01-01 09:42 - 00000000 ____D C:\Program Files\Common Files\InstallShield
2017-02-24 20:36 - 2016-09-07 19:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2017-02-24 20:36 - 2016-07-16 09:28 - 00000000 ____D C:\WINDOWS\INF
2017-02-24 20:34 - 2016-06-26 21:10 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2017-02-24 20:27 - 2010-03-22 17:23 - 00000000 ___RD C:\Program Files\Skype
2017-02-24 20:27 - 2010-03-22 17:23 - 00000000 ____D C:\ProgramData\Skype
2017-02-24 20:04 - 2014-03-11 21:54 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\Autodesk
2017-02-24 20:00 - 2016-07-23 18:08 - 00000000 ____D C:\Users\Jakub\AppData\Local\LogMeIn Hamachi
2017-02-24 20:00 - 2012-09-17 21:28 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\DAEMON Tools Lite
2017-02-24 20:00 - 2011-05-27 10:47 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\uTorrent
2017-02-24 19:58 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-02-24 19:48 - 2016-04-23 18:47 - 00000000 ____D C:\Users\Jakub\Downloads\Dont Starve Together
2017-02-24 19:48 - 2015-12-06 15:38 - 00000000 ____D C:\Users\Jakub\Downloads\aoe2conq
2017-02-24 19:45 - 2014-03-10 00:02 - 00000000 ____D C:\temp
2017-02-24 19:37 - 2014-02-20 21:20 - 00000000 ____D C:\ProgramData\AVAST Software
2017-02-24 19:29 - 2013-10-24 00:00 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-02-24 19:25 - 2009-10-15 09:25 - 135086848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-02-24 19:24 - 2016-07-16 09:19 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-23 20:39 - 2015-09-03 17:36 - 00000000 ____D C:\Users\Jakub\AppData\Local\Packages
2017-02-21 21:11 - 2016-01-30 23:42 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\.minecraft
2017-02-20 17:24 - 2015-08-11 22:56 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-02-20 01:56 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-02-19 19:07 - 2014-06-09 19:03 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\Tunngle
2017-02-19 17:18 - 2016-04-27 15:12 - 00000000 ____D C:\Program Files\Tunngle
2017-02-19 17:17 - 2016-04-27 15:12 - 00001018 _____ C:\Users\Public\Desktop\Tunngle.lnk
2017-02-19 17:17 - 2016-04-27 15:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tunngle
2017-02-19 16:46 - 2011-02-17 17:06 - 00000000 ____D C:\Users\Jakub\Documents\My Games
2017-02-15 22:04 - 2015-05-02 17:44 - 00001749 _____ C:\Users\Public\Desktop\League of Legends.lnk
2017-02-07 01:50 - 2010-03-22 18:22 - 00002218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-06 20:48 - 2016-07-16 09:31 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2017-02-06 20:48 - 2016-07-16 09:31 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2017-01-31 15:54 - 2010-03-22 17:32 - 00000000 ____D C:\Program Files\Google
==================== Files in the root of some directories =======
2014-05-24 20:03 - 2014-05-24 20:03 - 0000037 ___SH () C:\Users\Jakub\AppData\Local\70149b02515b3bb20dd492.47983420
2010-09-21 16:26 - 2011-10-26 09:06 - 0015360 ____H () C:\Users\Jakub\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-06-30 02:33 - 2015-06-30 02:33 - 0000218 _____ () C:\Users\Jakub\AppData\Local\recently-used.xbel
2011-05-13 15:52 - 2014-10-18 17:50 - 0007597 ____H () C:\Users\Jakub\AppData\Local\Resmon.ResmonCfg
2014-03-11 22:06 - 2014-03-11 22:06 - 0000147 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-02-24 19:23
==================== End of FRST.txt ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 25-02-2017
Ran by Jakub (administrator) on JAKUB-PC (26-02-2017 18:31:14)
Running from C:\Users\Jakub\Downloads\Desktop
Loaded Profiles: Jakub (Available Profiles: Jakub)
Platform: Microsoft Windows 10 Home Version 1607 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
(Teruten) C:\Windows\System32\FsUsbExService.Exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Ulead Systems, Inc.) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Copyright 2017.) C:\Program Files\Zemana AntiMalware\ZAM.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(© 2015 Microsoft Corporation) C:\Users\Jakub\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [HDAudDeck] => C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe [1486848 2009-08-28] (VIA)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2011-09-27] (Apple Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [SwitchBoard] => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS5ServiceManager] => C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [383424 2012-02-05] (Autodesk, Inc.)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2585744 2016-01-29] (NVIDIA Corporation)
HKLM\...\Run: [LogMeIn GUI] => C:\Program Files\LogMeIn\x86\LogMeInSystray.exe [63048 2015-06-15] (LogMeIn, Inc.)
HKLM\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [5565960 2016-11-11] (LogMeIn Inc.)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [483840 2016-07-16] (Microsoft Corporation)
HKLM\...\Run: [ZAM] => C:\Program Files\Zemana AntiMalware\ZAM.exe [14416624 2017-02-02] (Copyright 2017.)
HKU\S-1-5-21-2460206527-1493759754-90791392-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2460206527-1493759754-90791392-1000\...\Run: [BingSvc] => C:\Users\Jakub\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-12] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-2460206527-1493759754-90791392-1000\...\Run: [Voobly] => C:\Program Files\Voobly\voobly.exe [159744 2016-04-03] (Voobly)
HKU\S-1-5-21-2460206527-1493759754-90791392-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [7416536 2017-02-08] (Piriform Ltd)
HKU\S-1-5-21-2460206527-1493759754-90791392-1000\...\Policies\Explorer: []
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Jakub\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileSyncShell.dll [2016-09-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Jakub\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileSyncShell.dll [2016-09-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Jakub\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileSyncShell.dll [2016-09-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2015-02-06] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [Správa překryvné ikony digitálních podpisů AutoCADu ] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2015-02-06] (Autodesk, Inc.)
Startup: C:\Users\Jakub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk [2016-04-07]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\..\Interfaces\{0ccc13c1-fd50-48b8-bdc6-8042ddc467bc}: [DhcpNameServer] 7.254.254.254
Tcpip\..\Interfaces\{3325e624-3a70-41e6-8fd6-9b5edc45d376}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{74b70064-3414-49ba-b68c-92788b8bbbb8}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{8db9411a-25d6-4ea6-b22b-1913f0554876}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{fdd04cc3-ae0f-4cdb-96bd-c490418bd7b2}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2460206527-1493759754-90791392-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-2460206527-1493759754-90791392-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\S-1-5-21-2460206527-1493759754-90791392-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SK2M&ocid=SK2MDHP&osmkt=en-ww
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-2460206527-1493759754-90791392-1000 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2460206527-1493759754-90791392-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-06-22] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-06-22] (Oracle Corporation)
DPF: {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinsta ... s-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2013-11-20] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2017-01-01] (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\xwMkUhdM.default [2017-02-26]
FF NewTab: Mozilla\Firefox\Profiles\xwMkUhdM.default -> about:newtab
FF Homepage: Mozilla\Firefox\Profiles\xwMkUhdM.default -> about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-20] ()
FF Plugin: @gamersfirst.com/LiveLauncher -> C:\Program Files\GamersFirst\LIVE!\nplivelauncher.dll [No File]
FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-06-22] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-06-22] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameeu.dll [2012-04-14] (Nexon)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-11-14] (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-11-14] (NVIDIA Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Profile 1 [2017-02-26]
CHR Extension: (Prezentace Google) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-02-26]
CHR Extension: (Dokumenty Google) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2017-02-26]
CHR Extension: (Disk Google) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-02-26]
CHR Extension: (YouTube) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-02-26]
CHR Extension: (Tabulky Google) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-02-26]
CHR Extension: (Avira Browser Safety) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-02-26]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-02-26]
CHR Extension: (Skype) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-02-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-02-26]
CHR Extension: (Gmail) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-02-26]
CHR Extension: (Chrome Media Router) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-26]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-03-03]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 chromoting; C:\Program Files\Google\Chrome Remote Desktop\56.0.2924.51\remoting_host.exe [72024 2017-01-03] (Google Inc.)
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1044816 2014-03-11] (Flexera Software, Inc.)
R2 FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [217088 2009-12-22] (Teruten) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [915600 2016-01-29] (NVIDIA Corporation)
S2 gupdate1cac9dd563a9e30; C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-09-17] (Google Inc.)
S2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1962504 2016-11-11] (LogMeIn Inc.)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [405424 2016-11-11] (LogMeIn, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [3303888 2017-01-20] (Malwarebytes)
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1706128 2016-01-29] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19775632 2016-01-29] (NVIDIA Corporation)
S3 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [620544 2008-11-11] (Nokia.) [File not signed]
S2 sfrem01; C:\Windows\system32\sfrem01.exe [353912 2006-05-10] (Protection Technology (StarForce))
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 TunngleService; C:\Program Files\Tunngle\TnglCtrl.exe [838128 2016-12-15] (Tunngle.net GmbH)
R2 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2005-01-31] (Ulead Systems, Inc.) [File not signed]
R2 VIAKaraokeService; C:\WINDOWS\system32\viakaraokesrv.exe [36504 2015-06-22] (VIA Technologies, Inc.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [271496 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [84928 2016-07-16] (Microsoft Corporation)
R2 ZAMSvc; C:\Program Files\Zemana AntiMalware\ZAM.exe [14416624 2017-02-02] (Copyright 2017.)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 AsIO; C:\WINDOWS\System32\drivers\AsIO.sys [12400 2007-12-17] ()
R3 athur; C:\WINDOWS\System32\drivers\athur.sys [1501696 2010-03-09] (Atheros Communications, Inc.)
R2 atksgt; C:\WINDOWS\System32\DRIVERS\atksgt.sys [83872 2012-11-22] ()
R1 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [243128 2015-02-24] (Disc Soft Ltd)
S3 ENTECH; C:\Windows\system32\DRIVERS\ENTECH.sys [21664 2004-10-25] (EnTech Taiwan) [File not signed]
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae.sys [59976 2017-01-20] ()
R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36640 2009-12-22] () [File not signed]
R3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [38512 2015-08-03] (LogMeIn Inc.)
R2 lirsgt; C:\WINDOWS\System32\DRIVERS\lirsgt.sys [25888 2012-11-22] ()
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [152512 2017-02-26] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [94656 2017-02-26] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [39360 2017-02-26] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [219584 2017-02-26] (Malwarebytes)
R1 MpKslfbe77a60; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2CD434F9-58FB-4E05-8148-4AF5360D8BA8}\MpKslfbe77a60.sys [39168 2017-02-26] (Microsoft Corporation)
R3 MTsensor; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [6504 2009-05-13] ()
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [62976 2016-07-16] ()
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [18576 2016-01-29] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad32v.sys [32912 2016-01-29] (NVIDIA Corporation)
R0 sfhlp02; C:\WINDOWS\System32\drivers\sfhlp02.sys [6656 2006-05-10] (Protection Technology (StarForce)) [File not signed]
R3 tap0901t; C:\WINDOWS\System32\drivers\tap0901t.sys [44216 2016-04-26] (Tunngle.net GmbH)
R3 VIAHdAudAddService; C:\WINDOWS\system32\drivers\viahduaa.sys [575184 2015-06-22] (VIA Technologies, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [37912 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [244576 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [100192 2016-07-16] (Microsoft Corporation)
R1 ZAM; C:\WINDOWS\System32\drivers\zam32.sys [181496 2017-02-26] (Zemana Ltd.)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard32.sys [181496 2017-02-26] (Zemana Ltd.)
U3 idsvc; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-02-26 18:31 - 2017-02-26 18:31 - 00000000 ____D C:\FRST
2017-02-26 17:49 - 2017-02-26 17:49 - 00000000 ____D C:\Users\Jakub\AppData\Local\CrashDumps
2017-02-26 17:37 - 2017-02-26 17:37 - 00015600 _____ C:\Users\Jakub\Downloads\MemTest.zip
2017-02-26 15:39 - 2017-02-26 18:31 - 00056591 _____ C:\WINDOWS\ZAM.krnl.trace
2017-02-26 15:39 - 2017-02-26 18:31 - 00024760 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2017-02-26 15:39 - 2017-02-26 15:39 - 00181496 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zamguard32.sys
2017-02-26 15:39 - 2017-02-26 15:39 - 00181496 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zam32.sys
2017-02-26 15:39 - 2017-02-26 15:39 - 00001957 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2017-02-26 15:39 - 2017-02-26 15:39 - 00000000 ____D C:\Users\Jakub\AppData\Local\Zemana
2017-02-26 15:39 - 2017-02-26 15:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2017-02-26 15:39 - 2017-02-26 15:39 - 00000000 ____D C:\Program Files\Zemana AntiMalware
2017-02-26 13:55 - 2017-02-26 13:30 - 00024064 _____ C:\WINDOWS\zoek-delete.exe
2017-02-26 13:30 - 2017-02-26 13:53 - 00000000 ____D C:\zoek_backup
2017-02-25 15:22 - 2017-02-25 15:22 - 00000000 ____D C:\ProgramData\Sophos
2017-02-25 15:21 - 2017-02-25 15:21 - 00002763 _____ C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
2017-02-25 15:21 - 2017-02-25 15:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2017-02-25 15:21 - 2017-02-25 15:21 - 00000000 ____D C:\Program Files\Sophos
2017-02-25 14:13 - 2017-02-25 14:18 - 00000000 ____D C:\Users\TEMP
2017-02-25 14:01 - 2017-02-25 14:01 - 00000000 ____D C:\Users\Jakub\AppData\Local\Autodesk
2017-02-24 22:36 - 2017-02-25 13:21 - 00000000 ____D C:\AdwCleaner
2017-02-24 22:35 - 2017-02-26 17:45 - 00152512 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-02-24 22:34 - 2017-02-26 17:44 - 00219584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-02-24 22:34 - 2017-02-26 17:44 - 00094656 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-02-24 22:34 - 2017-02-26 17:44 - 00073672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-02-24 22:34 - 2017-02-26 17:44 - 00039360 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-02-24 22:34 - 2017-02-24 22:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-02-24 22:34 - 2017-02-24 22:34 - 00000000 ____D C:\Program Files\Malwarebytes
2017-02-24 22:34 - 2017-01-20 07:47 - 00059976 _____ C:\WINDOWS\system32\Drivers\mbae.sys
2017-02-24 22:30 - 2017-02-24 22:30 - 00000000 ____D C:\Users\Jakub\AppData\Local\Adobe
2017-02-24 22:25 - 2017-02-26 16:36 - 00000000 ____D C:\Users\Jakub\Downloads\Oprava PC
2017-02-24 20:27 - 2017-02-24 20:27 - 00000000 ____D C:\Program Files\Common Files\Skype
2017-02-24 19:42 - 2017-02-24 19:41 - 00921280 _____ (Microsoft Corporation) C:\WINDOWS\ucrtbase.dll
2017-02-24 19:37 - 2017-02-24 19:37 - 00001034 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-02-24 19:37 - 2017-02-24 19:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-02-24 19:37 - 2017-02-24 19:37 - 00000000 ____D C:\Program Files\CCleaner
2017-02-24 19:37 - 2017-02-24 19:37 - 00000000 ____D C:\Program Files\AVAST Software
2017-02-19 17:17 - 2017-02-19 17:18 - 00000000 ____D C:\ProgramData\Tunngle
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-02-26 17:54 - 2016-09-12 15:20 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-02-26 17:44 - 2016-09-12 15:28 - 00000000 ____D C:\Users\Jakub
2017-02-26 17:43 - 2016-09-12 15:53 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-02-26 17:43 - 2016-09-12 15:22 - 00000000 ____D C:\ProgramData\NVIDIA
2017-02-26 17:36 - 2013-05-12 10:15 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\vlc
2017-02-26 16:34 - 2015-08-06 21:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2017-02-26 16:34 - 2015-08-06 21:53 - 00000000 ____D C:\Program Files\CrystalDiskInfo
2017-02-26 15:31 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-02-26 13:59 - 2016-07-16 03:22 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-02-26 13:52 - 2009-07-14 03:37 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2017-02-26 12:09 - 2014-10-30 18:57 - 00024688 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2017-02-25 23:48 - 2014-05-17 18:30 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\TS3Client
2017-02-25 14:41 - 2016-07-16 09:29 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-25 14:13 - 2015-09-03 17:37 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-02-25 13:29 - 2015-08-05 19:10 - 00001054 _____ C:\Users\Jakub\Desktop\JRT.txt
2017-02-24 22:34 - 2014-04-20 22:00 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-02-24 21:08 - 2016-09-12 15:25 - 03273728 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-02-24 21:08 - 2016-07-16 18:01 - 01336780 _____ C:\WINDOWS\system32\perfh005.dat
2017-02-24 21:08 - 2016-07-16 18:01 - 00367914 _____ C:\WINDOWS\system32\perfc005.dat
2017-02-24 21:05 - 2014-06-03 18:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2017-02-24 21:05 - 2014-06-03 18:48 - 00000000 ____D C:\Program Files\Common Files\Autodesk Shared
2017-02-24 21:05 - 2014-03-11 22:00 - 00000000 ____D C:\Program Files\Autodesk
2017-02-24 21:05 - 2014-03-11 21:54 - 00000000 ____D C:\ProgramData\Autodesk
2017-02-24 21:04 - 2016-07-16 03:22 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-02-24 21:04 - 2012-01-01 09:42 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2017-02-24 20:48 - 2014-04-22 20:18 - 00000000 ____D C:\Games
2017-02-24 20:47 - 2011-06-15 13:32 - 00000000 ____D C:\EULA SHIT
2017-02-24 20:42 - 2015-05-22 20:45 - 00000000 ____D C:\GOG Games
2017-02-24 20:40 - 2012-01-01 09:42 - 00000000 ____D C:\Program Files\Common Files\InstallShield
2017-02-24 20:36 - 2016-09-07 19:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2017-02-24 20:36 - 2016-07-16 09:28 - 00000000 ____D C:\WINDOWS\INF
2017-02-24 20:34 - 2016-06-26 21:10 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2017-02-24 20:27 - 2010-03-22 17:23 - 00000000 ___RD C:\Program Files\Skype
2017-02-24 20:27 - 2010-03-22 17:23 - 00000000 ____D C:\ProgramData\Skype
2017-02-24 20:04 - 2014-03-11 21:54 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\Autodesk
2017-02-24 20:00 - 2016-07-23 18:08 - 00000000 ____D C:\Users\Jakub\AppData\Local\LogMeIn Hamachi
2017-02-24 20:00 - 2012-09-17 21:28 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\DAEMON Tools Lite
2017-02-24 20:00 - 2011-05-27 10:47 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\uTorrent
2017-02-24 19:58 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-02-24 19:48 - 2016-04-23 18:47 - 00000000 ____D C:\Users\Jakub\Downloads\Dont Starve Together
2017-02-24 19:48 - 2015-12-06 15:38 - 00000000 ____D C:\Users\Jakub\Downloads\aoe2conq
2017-02-24 19:45 - 2014-03-10 00:02 - 00000000 ____D C:\temp
2017-02-24 19:37 - 2014-02-20 21:20 - 00000000 ____D C:\ProgramData\AVAST Software
2017-02-24 19:29 - 2013-10-24 00:00 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-02-24 19:25 - 2009-10-15 09:25 - 135086848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-02-24 19:24 - 2016-07-16 09:19 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-23 20:39 - 2015-09-03 17:36 - 00000000 ____D C:\Users\Jakub\AppData\Local\Packages
2017-02-21 21:11 - 2016-01-30 23:42 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\.minecraft
2017-02-20 17:24 - 2015-08-11 22:56 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-02-20 01:56 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-02-19 19:07 - 2014-06-09 19:03 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\Tunngle
2017-02-19 17:18 - 2016-04-27 15:12 - 00000000 ____D C:\Program Files\Tunngle
2017-02-19 17:17 - 2016-04-27 15:12 - 00001018 _____ C:\Users\Public\Desktop\Tunngle.lnk
2017-02-19 17:17 - 2016-04-27 15:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tunngle
2017-02-19 16:46 - 2011-02-17 17:06 - 00000000 ____D C:\Users\Jakub\Documents\My Games
2017-02-15 22:04 - 2015-05-02 17:44 - 00001749 _____ C:\Users\Public\Desktop\League of Legends.lnk
2017-02-07 01:50 - 2010-03-22 18:22 - 00002218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-06 20:48 - 2016-07-16 09:31 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2017-02-06 20:48 - 2016-07-16 09:31 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2017-01-31 15:54 - 2010-03-22 17:32 - 00000000 ____D C:\Program Files\Google
==================== Files in the root of some directories =======
2014-05-24 20:03 - 2014-05-24 20:03 - 0000037 ___SH () C:\Users\Jakub\AppData\Local\70149b02515b3bb20dd492.47983420
2010-09-21 16:26 - 2011-10-26 09:06 - 0015360 ____H () C:\Users\Jakub\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-06-30 02:33 - 2015-06-30 02:33 - 0000218 _____ () C:\Users\Jakub\AppData\Local\recently-used.xbel
2011-05-13 15:52 - 2014-10-18 17:50 - 0007597 ____H () C:\Users\Jakub\AppData\Local\Resmon.ResmonCfg
2014-03-11 22:06 - 2014-03-11 22:06 - 0000147 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-02-24 19:23
==================== End of FRST.txt ============================
Re: Prosím o kontrolu logu
Addition:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 25-02-2017
Ran by Jakub (26-02-2017 18:32:50)
Running from C:\Users\Jakub\Downloads\Desktop
Microsoft Windows 10 Home Version 1607 (X86) (2016-09-12 15:07:58)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2460206527-1493759754-90791392-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2460206527-1493759754-90791392-503 - Limited - Disabled)
Guest (S-1-5-21-2460206527-1493759754-90791392-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2460206527-1493759754-90791392-1002 - Limited - Enabled)
Jakub (S-1-5-21-2460206527-1493759754-90791392-1000 - Administrator - Enabled) => C:\Users\Jakub
kuvwqppwaikg (S-1-5-21-2460206527-1493759754-90791392-1005 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-2460206527-1493759754-90791392-1000\...\uTorrent) (Version: 3.4.5.41712 - BitTorrent Inc.)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 2.7.1.19610 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Reader 8 - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-A81200000003}) (Version: 8.1.2 - Adobe Systems Incorporated)
Aktualizace NVIDIA 17.12.8 (Version: 17.12.8 - NVIDIA Corporation) Hidden
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Apple Application Support (HKLM\...\{A83279FD-CA4B-4206-9535-90974DE76654}) (Version: 2.1.5 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
aTube Catcher (HKLM\...\aTube Catcher) (Version: 3.8.5187 - DsNET Corp)
Audiosurf (HKLM\...\{6D316D67-DA52-4659-9C98-F479963534D6}) (Version: 1.00.0000 - BestGameEver)
AutoCAD 2009 - český (HKLM\...\AutoCAD 2009 - český) (Version: 17.2.56.0 - Autodesk)
AutoCAD 2009 - český (Version: 17.2.56.0 - Autodesk) Hidden
Autodesk Inventor Fusion 2013 (HKLM\...\Autodesk Inventor Fusion 2013) (Version: 2.0.0.206 - Autodesk, Inc.)
Autodesk Inventor Fusion 2013 (Version: 2.0.0.206 - Autodesk, Inc.) Hidden
Autodesk Inventor Fusion plug-in for AutoCAD 2013 (HKLM\...\Modul plug-in aplikace Autodesk Inventor Fusion pro aplikaci AutoCAD 2013) (Version: 0.2.0.230 - Autodesk)
Autodesk Material Library 2013 (HKLM\...\{117EBEEB-5DB0-43C8-9FD6-DD583DB152DD}) (Version: 3.0.13 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2013 (HKLM\...\{606E12B9-641F-4644-A22A-FF38AE980AFD}) (Version: 3.0.13 - Autodesk)
Autodesk Sync (HKLM\...\{EE5F74BC-5CD5-4EF2-86BA-81E6CF46A18F}) (Version: 3.5.24.0 - Autodesk, Inc.)
Avira Browser Safety (HKLM\...\{9E10EA90-5E97-43B7-A246-FC7B4F5E9493}) (Version: 1.4.5.509 - Avira Operations GmbH & Co KG)
Balíček ovladače systému Windows - ASUS Tek. Corporation (ATP) Mouse (09/25/2015 7.0.0.9) (HKLM\...\6C3F8C7AFD19C7A76AF857BA7CD35E4CFAA9F3F0) (Version: 09/25/2015 7.0.0.9 - ASUS Tek. Corporation)
Belkin F6D4050 Enhanced Wireless USB Adapter (HKLM\...\InstallShield_{B97A0C89-29C0-4682-902C-364109A9857C}) (Version: 2.0.0.05 - Belkin)
Belkin F6D4050 Enhanced Wireless USB Adapter (Version: 2.0.0.05 - Belkin) Hidden
Bing Bar Platform (Version: 6.3.2322.0 - Microsoft Corporation) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.27 - Piriform)
CrystalDiskInfo 7.0.5 (HKLM\...\CrystalDiskInfo_is1) (Version: 7.0.5 - Crystal Dew World)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform)
DirectX for Managed Code Update (Summer 2004) (Version: 9.02.2904 - Microsoft) Hidden
DWG TrueConvert™ (HKLM\...\{5783F2D7-0221-0405-0000-0060B0CE6BBA}) (Version: 17.0 - Autodesk)
FARO LS 1.1.406.58 (HKLM\...\{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}) (Version: 4.6.58.2 - FARO Scanner Production)
FormatFactory 3.2.1.0 (HKLM\...\FormatFactory) (Version: 3.2.1.0 - Free Time)
Fotogalerie (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
GameRanger (HKU\S-1-5-21-2460206527-1493759754-90791392-1000\...\GameRanger) (Version: - GameRanger Technologies)
Google Chrome (HKLM\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (Version: 1.3.32.7 - Google Inc.) Hidden
Chrome Remote Desktop Host (HKLM\...\{0F4FB60A-EBD8-445B-8117-128E8351647E}) (Version: 56.0.2924.51 - Google Inc.)
IL Shared Libraries (HKLM\...\IL Shared Libraries) (Version: - Image-Line)
inSSIDer Office (HKLM\...\{8C127DE3-EC36-4BA3-A6EE-6DC4A9B6C526}) (Version: 3.1.1.6 - MetaGeek, LLC)
Java 8 Update 91 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.15 - Oracle Corporation)
Jazykový balíček Autodesk Inventor Fusion plug-in pro aplikaci AutoCAD 2013 (Version: 0.2.0.230 - Autodesk) Hidden
Junk Mail filter update (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
League of Legends (HKLM\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (Version: 3.0.1 - Riot Games) Hidden
LogMeIn (HKLM\...\{921037F5-CCA7-4FC5-83AF-42CC0AF14316}) (Version: 4.1.6524 - LogMeIn, Inc.)
LogMeIn Hamachi (HKLM\...\LogMeIn Hamachi) (Version: 2.2.0.541 - LogMeIn, Inc.)
LogMeIn Hamachi (Version: 2.2.0.541 - LogMeIn, Inc.) Hidden
Malwarebytes verze 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Excel Viewer (HKLM\...\{95120000-003F-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (Czech) (HKLM\...\{95120000-00AF-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM\...\{90850409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Search Enhancement Pack (HKLM\...\{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}) (Version: 3.0.133.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minecraft (HKLM\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Minecraft1.7.2 (HKLM\...\Minecraft1.7.2) (Version: - )
Modul plug-in aplikace Autodesk Inventor Fusion pro aplikaci AutoCAD 2013 (Version: 0.2.0.230 - Autodesk) Hidden
Movie Maker (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML4 Parser (HKLM\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
Nexon Game Manager (HKLM\...\{289AC7E0-0AEE-4a7b-913C-709D9803D23E}) (Version: - )
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5909 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.5 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 342.01 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 342.01 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
osu! (HKLM\...\{682d34e1-f1cb-41bd-ba8d-a00225b0b47e}) (Version: latest - ppy Pty Ltd)
osu! (HKLM\...\{C3592426-531E-4110-911D-BFECE2CE284C}) (Version: 0.0.0.0 - peppy)
Ovládací panel NVIDIA 342.01 (Version: 342.01 - NVIDIA Corporation) Hidden
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1BF}) (Version: 3.60.0 - dotPDN LLC)
PC Connectivity Solution (HKLM\...\{34610DE0-3C13-42CA-8E32-01FFA38AB6E8}) (Version: 8.47.7.0 - Nokia)
PDF Settings CS5 (Version: 10.0 - Adobe Systems Incorporated) Hidden
Platform (Version: 1.34 - VIA Technologies, Inc.) Hidden
Podélný profil vodní toky 4 (HKLM\...\pp_vtk_4) (Version: - )
Seznam Software (HKU\S-1-5-21-2460206527-1493759754-90791392-1000\...\SeznamInstall) (Version: - Seznam.cz)
SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.1.15383.6004 - Microsoft Corporation)
Skype™ 7.32 (HKLM\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.32.104 - Skype Technologies S.A.)
Sony Ericsson PC Companion 2.02.002 (HKLM\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.02.002 - Sony Ericsson)
Sophos Virus Removal Tool (HKLM\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.5.6 - Sophos Limited)
System Requirements Lab Detection (HKLM\...\{B67A7719-8F0E-4D92-BF9C-D9FBFFF060A2}) (Version: 2.2.1.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Tunngle (HKLM\...\Tunngle_is1) (Version: 5.8.8 - Tunngle.net GmbH)
Ulead VideoStudio 10 (HKLM\...\{E188D820-1218-4E28-8BCA-91134C3664C2}) (Version: 10.0 - Ulead Systems)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VBA (2627.01) (Version: 6.03.00.9402 - Microsoft Corporation) Hidden
Vegas Pro 9.0 (HKLM\...\{6E5AB107-172B-4F17-8ABB-357C59EF1B08}) (Version: 9.0.704 - Sony)
VIA Platforma Ovladače zařízení (HKLM\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{068B46A0-8858-4CEB-80BC-A4AE787A05FC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Phone app for desktop (HKLM\...\{CE9BDD0F-BAF3-474D-B6D8-15B84BDAB229}) (Version: 1.1.2726.0 - Microsoft Corporation)
WinRAR 5.20 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
Zemana AntiMalware (HKLM\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.72.101 - Zemana Ltd.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{00BB2763-6A77-11D0-A535-00C04FD7D062}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{00EEBF57-477D-4084-9921-7AB3C2C9459D}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{03C036F1-A186-11D0-824A-00AA005B4383}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{06EEE834-461C-42C2-8DCF-1502B527B1F9}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{08244EE6-92F0-47F2-9FC9-929BAA2E7235}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{0AF10CEC-2ECD-4B92-9581-34F6AE0637F3}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{0B91A74B-AD7C-4A9D-B563-29EEF9167172}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{0C15D503-D017-47CE-9016-7B3F978721CC}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{0E5AAE11-A475-4C5B-AB00-C66DE400274E}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{104846AB-42B1-4E38-A80D-136F78C3F258}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{14074E0B-7216-4862-96E6-53CADA442A56}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{1685D4AB-A51B-4AF1-A4E5-CEE87002431D}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{18907F3B-9AFB-4F87-B764-F9A4E16A21B8}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{1C0F439D-7C29-4BDE-8952-4EEB6A49E048}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{1C1800C1-3258-44C2-BE80-3DEADB6C5E39}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{275C23E2-3747-11D0-9FEA-00AA003F8646}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{28B7AA99-C0F9-4C47-995E-8A8D729603A1}\localserver32 -> C:\Program Files\AutoCAD 2009\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{2F1F7574-ECCA-4361-B4DE-C411BF7EEE23}\localserver32 -> C:\Program Files\AutoCAD 2009\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{30276B4F-F25C-457C-A4B7-08574F8EA528}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{35786D3C-B075-49B9-88DD-029876E11C01}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{3D154A2D-D911-437E-A30C-5F56A9B7081D}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{4955DD33-B159-11D0-8FCF-00AA006BCC59}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{50D5107A-D278-4871-8989-F4CEAAF59CFC}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{50EF4544-AC9F-4A8E-B21B-8A26180DB13F}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{53BD6B4E-3780-4693-AFC3-7161C2F3EE9C}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{603D3800-BD81-11D0-A3A5-00C04FD706EC}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{640167B4-59B0-47A6-B335-A6B3C0695AEA}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{6746C347-576B-4F73-9012-CDFEEA251BC4}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2013\acad.exe => No File
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{6AB55F46-2523-4701-A912-B226F46252BA}\localserver32 -> C:\Program Files\AutoCAD 2009\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{6E682784-1ECA-4CF2-988D-96B6E89E9A4D}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{71F96385-DDD6-48D3-A0C1-AE06E8B055FB}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{72C24DD5-D70A-438B-8A42-98424B88AFB8}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{76BE8257-C4C0-4D37-90C0-A23372254D27}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{7AABBB95-79BE-4C0F-8024-EB6AF271231C}\localserver32 -> C:\Program Files\AutoCAD 2009\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{7EFC002A-071F-4CE7-B265-F4B4263D2FD2}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{807C1E6C-1D00-453F-B920-B61BB7CDD997}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{807E5A10-4856-4F9A-8E3C-A1F7E75648B3}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{82C588E7-E54B-408C-9F8C-6AF9ADF6F1E9}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{8856F961-340A-11D0-A96B-00C04FD705A2}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{9113A02D-00A3-46B9-BC5F-9C04DADDD5D7}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{934D4698-6A59-48F8-9F29-9FB30670320E}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{942BC614-676C-464E-B384-D3202AAA02DA}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{989D1DC0-B162-11D1-B6EC-D27DDCF9A923}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{9AC9FBE1-E0A2-4AD6-B4EE-E212013EA917}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{9CFC2DF3-6BA3-46EF-A836-E519E81F0EC4}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{A4A1A128-768F-41E0-BF75-E4FDDD701CBA}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{AF02484C-A0A9-4669-9051-058AB12B9195}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{B056521A-9B10-425E-B616-1FCD828DB3B1}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{B155BDF8-02F0-451E-9A26-AE317CFD7779}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{B2952B16-0E07-4E5A-B993-58C52CB94CAE}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{B54F3743-5B07-11CF-A4B0-00AA004A55E8}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{B8967F85-58AE-4F46-9FB2-5D7904798F4B}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{BD0DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2013\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{C90250F3-4D7D-4991-9B69-A5C5BC1C2AE6}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{CD773740-B187-4974-A1D5-E0FF91372277}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{d0a0ed0a-55ac-4469-a197-1d08ce99cfb9}\localserver32 -> C:\Users\Jakub\AppData\Local\Temp\{4f5e3a76-f453-4882-ab42-7224f3310de7}\IDriver.NonElevated.exe => (the data entry has 7 more characters).
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{D58960BA-2EF3-4910-9E34-C911B1710180}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{D9B3211D-E57F-4426-AAEF-30A806ADD397}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{DB6EFB73-5153-43B7-8078-C6FFC4C0238C}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{DFFACDC5-679F-4156-8947-C5C76BC0B67F}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\AutoCAD 2009\acadficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{E7E4BC40-E76A-11CE-A9BB-00AA004AE837}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{EDB5F444-CB8D-445A-A523-EC5AB6EA33C7}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{FE841493-835C-4FA3-B6CC-B4B2D4719848}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{FF393560-C2A7-11CF-BFF4-444553540000}\InprocServer32 -> no filepath
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {058C9AD5-9691-4030-88A9-1999DEB0C6E6} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {0600760F-C80B-4AE9-B1C9-B0893748291C} - System32\Tasks\{6190B3D4-6085-4202-AAF9-9E0A830DEEDB} => C:\Program Files\Gothic II\system\Gothic2.exe
Task: {0B8844C3-63EF-4586-B3FA-81A871384BC3} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => %SystemRoot%\ehome\ehPrivJob.exe
Task: {0F5C7D2E-FECC-4C02-8D11-FBA0D352BC61} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-20] (Adobe Systems Incorporated)
Task: {14305816-E616-4051-8CE6-D5F2271A707D} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {15E02BCA-9734-4006-A46A-65E1B7C02FAE} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {165998FE-2123-47CC-A6E6-63C89D8A173C} - System32\Tasks\{E8694150-11C4-4DA1-9ED0-4FF4834D3340} => C:\Program Files\Gameforge4D\4Story\4Story.exe
Task: {17B66156-4B04-4071-B438-490501BC0322} - \{C46E5936-604C-4AB1-A79D-38C6A1CD8709} -> No File <==== ATTENTION
Task: {18E8A296-BB71-46D0-BB8F-B7B9A82FB3C2} - System32\Tasks\{0C3442F4-C9B3-4701-997E-009629367FE6} => pcalua.exe -a C:\Users\Jakub\Desktop\battlefield2demo.exe -d C:\Users\Jakub\Desktop
Task: {1D99D803-D69A-4E91-918E-B1C05B7FB866} - \{255F4D84-01B3-47F7-B113-50176D699A5F} -> No File <==== ATTENTION
Task: {1F03AB63-51FE-49B8-B6E1-7B546102B57C} - System32\Tasks\{861CD5A4-36EC-4ED8-A862-D1CABF9774CC} => C:\Users\Jakub\Downloads\battlefield2demo.exe
Task: {220F1AFB-8BE8-40FE-BEC1-07D5FD4B5E65} - System32\Tasks\{084AF887-CD56-4D53-9FBE-B58B78CBA282} => C:\Users\Jakub\Downloads\battlefield2demo.exe
Task: {22781649-29C7-4FCD-BE52-E7F9E6A46A7D} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => %SystemRoot%\ehome\mcupdate.exe
Task: {236145C3-8186-4D31-BB22-2DCB4BCDC3ED} - System32\Tasks\{AE40213A-63FB-49BE-AEB7-55ABE860606A} => pcalua.exe -a D:\ARCANIA\setup.exe -d D:\ARCANIA
Task: {2384A400-1C3E-415C-BFEB-8479B1F18D8B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {25B086CE-7D27-4006-8336-AF499B361945} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => %SystemRoot%\ehome\ehrec.exe
Task: {2821AB5D-9244-49F1-9F00-E114C63066BA} - System32\Tasks\Avira Browser Safety Updater Task => C:\Program Files\Avira\Browser Safety\AviraBrowserSafetyUpdater.exe [2015-03-11] (Avira Operations GmbH & Co. KG)
Task: {288AB656-DC59-41F2-BC68-058C269B1F3A} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => %SystemRoot%\ehome\mcupdate.exe
Task: {2A84CF30-6F34-4761-9C78-CD140529373C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-02-08] (Piriform Ltd)
Task: {2AE3756C-A31D-4A87-A65D-066904779F80} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => %SystemRoot%\ehome\ehPrivJob.exe
Task: {3170B6E4-8488-4E77-BD0F-B009AB41A57E} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => %windir%\ehome\MCUpdate.exe
Task: {322BF951-9B9F-4760-BF90-2118BEFC03ED} - System32\Tasks\{7B9BD579-F235-40EA-9BCA-AFD3787C5079} => C:\Program Files\Codemasters\Worms 4 Totalni narez\launcher.exe
Task: {32BF6004-A9F7-41FF-BF13-75A339C143FD} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => %SystemRoot%\ehome\ehPrivJob.exe
Task: {3469BFEB-C55D-4546-92A2-2F12DFEA1AC6} - \{05EF766E-77C6-4BCA-8DD7-42A694A7B502} -> No File <==== ATTENTION
Task: {3582AA67-61C6-4B7D-BF01-7B6624F53391} - System32\Tasks\{640FCA85-31AB-4EF2-B73C-2D41F0CAA2E7} => C:\Program Files\Codemasters\Worms 4 Totalni narez\launcher.exe
Task: {3BEE59A4-C225-4396-93B2-00A86EEC3191} - System32\Tasks\{38FC791C-0920-4B3C-AC29-7AAD333DE373} => C:\Program Files\Codemasters\Worms 4 Totalni narez\launcher.exe
Task: {3D02A8CC-09B9-4879-B2C5-7DBC2C1765AE} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => %SystemRoot%\ehome\ehPrivJob.exe
Task: {3E6083B4-B80F-465E-89D7-8E2EE58E49E7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-17] (Google Inc.)
Task: {408529E0-8B38-464E-9143-76B6498E3631} - System32\Tasks\{94216756-B60A-48A8-82E7-F0960CC0272D} => C:\Users\Jakub\Downloads\battlefield2demo.exe
Task: {47D448D5-5C86-46BA-9BA9-22824A0C7BE5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {4CAE4515-8B7B-4623-BC43-813B3EB5FDF8} - \{4DD6D639-CC98-4E42-AC56-AA36B84E59B6} -> No File <==== ATTENTION
Task: {4EDF5568-A009-44A4-8180-0B689D6998AB} - System32\Tasks\{31F64227-E8EB-4AE5-895D-AC5CD02F292F} => C:\Program Files\Codemasters\Worms 4 Totalni narez\launcher.exe
Task: {515E559C-8EB9-4AC5-9305-8775FE15996A} - System32\Tasks\{A870B781-2FE2-437D-86B4-8995CB9B2D9C} => pcalua.exe -a "C:\Users\Jakub\Desktop\Ak Elâ Mod 0.1 Beta.exe" -d C:\Users\Jakub\Desktop
Task: {53DCA901-DF27-4D79-8A4F-58855AD16A80} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => %SystemRoot%\ehome\ehPrivJob.exe
Task: {553B8BAC-48BB-4DF2-BF66-556C63E5AECF} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {57C22BCF-5C32-40F6-8B30-78AA5F89628D} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => %SystemRoot%\ehome\ehPrivJob.exe
Task: {58A9F219-ECE1-4894-90A4-7636CC597A83} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {5E7AC3C8-EB20-4097-AF12-9755B374612C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {5F5D7C4B-3D5E-44FC-B8C7-59CBD10C2196} - System32\Tasks\{FBE0BBC3-BEFC-4B43-9DC7-35D1BBD6F90F} => C:\Program Files\Skype\Phone\Skype.exe [2017-02-08] (Skype Technologies S.A.)
Task: {63654BFC-D130-4937-84F0-906C35088FE3} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => %SystemRoot%\ehome\ehPrivJob.exe
Task: {689A1F72-A672-4814-B7CE-57ED1A78D2F2} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => %SystemRoot%\ehome\ehPrivJob.exe
Task: {68F34176-CED9-4C01-8E0D-C5B8FB86C0B9} - System32\Tasks\{231E83E6-AE0A-42B2-A98E-BC68C75FF36C} => C:\Program Files\THQ\Titan Quest\Titan Quest.exe
Task: {6E983407-9DCA-4F57-B829-5D4BAB70D2F7} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => %SystemRoot%\ehome\ehrec.exe
Task: {701E91A0-8D78-4F79-A5E9-03458E8833DC} - System32\Tasks\{BB5A419A-A926-47C4-AC46-F9B89CE24309} => C:\Program Files\Gameforge4D\4Story\4Story.exe
Task: {766265A2-976A-4B33-B87F-719C88938995} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {7DFE6A54-30FB-4B14-ACAF-9AF6E3EE8994} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe
Task: {7E7B86BE-7FF2-48F9-8E62-D725CF8C6485} - System32\Tasks\{620DF12F-46F3-41AA-8C78-72A638B917AC} => pcalua.exe -a D:\score.exe -d D:\
Task: {7F26A3F1-5FFE-4C5A-AE50-F8F8AE8DE034} - System32\Tasks\{781B0311-4727-4C05-9777-441AF3261A8C} => pcalua.exe -a "C:\Users\Jakub\AppData\Local\Temp\Temp2_BF2Demo.zip\Battlefield 2 Demo.exe" <==== ATTENTION
Task: {7FED7A7D-D275-4EC3-A742-699C8DDA7E75} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {833F0D6B-D871-48F5-B236-7A374DDBB6A9} - System32\Tasks\{1CA07491-5284-4E93-9DCC-913845C00CAE} => pcalua.exe -a "C:\Program Files\Alwil Software\Avast4\aswRunDll.exe" -c "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
Task: {89133E86-CE31-4575-AA9A-AC319D2CD603} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe
Task: {8AD79378-AD13-4C2C-9D03-4C1888DE62A7} - System32\Tasks\{A8D8077E-6C8B-4B72-9ADF-32BD034EF108} => pcalua.exe -a "C:\Users\Jakub\AppData\Local\Temp\Temp1_BF2Demo.zip\Battlefield 2 Demo.exe" <==== ATTENTION
Task: {8DAFF394-64AB-49F0-8F7E-847265508BC0} - System32\Tasks\{11CC0A3D-C7CF-4D4C-AD7C-3BD92DD27B61} => C:\Program Files\Codemasters\Worms 4 Totalni narez\launcher.exe
Task: {9119BC90-3CD1-40BA-AF68-8BE7DB4BCFAF} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-02-24] (Microsoft Corporation)
Task: {96662C2A-8150-4267-B5BD-B83B9C79C50D} - \{3D7B948F-B370-47B5-AF83-B1A3CBA4817E} -> No File <==== ATTENTION
Task: {96E6CE43-187A-4A89-9758-2BA0501FB489} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {A02C4B05-D277-4A56-BC7B-6B91E862BE3D} - System32\Tasks\{EE240858-34C8-4068-9A7D-C0D7A8812F41} => C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
Task: {A6C60ACA-732F-4B64-84A0-290B4989480F} - System32\Tasks\{A7A84784-B8DE-48B4-B1E7-7E8E2E145664} => C:\Users\Jakub\Downloads\battlefield2demo.exe
Task: {A800DC5A-0DA4-4262-B9DD-9C70BBA6F4A9} - System32\Tasks\GoogleUpdateTaskMachineUA1cf48cd20c95a20 => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-17] (Google Inc.)
Task: {A901E003-EADD-4D6E-9231-D570C7C1FE3C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {AABA5F74-F267-4B6E-92A8-3AF35C82568A} - System32\Tasks\{4B1DE031-FE81-43B7-9FBE-C58585F710FC} => pcalua.exe -a C:\Users\Jakub\Downloads\battlefield2demo.exe -d C:\Users\Jakub\Downloads
Task: {AB8B5B77-F3E7-4E0E-AEBF-382C2A14DBF1} - \{6E24917B-ADF8-4F2A-A75D-422397EA5DF7} -> No File <==== ATTENTION
Task: {AC0E3BAD-E946-4239-A12B-81A7C40DCA00} - System32\Tasks\{AD079EEC-6C28-431F-AF41-BEF344F35889} => C:\Program Files\Audiosurf\Audiosurf.exe
Task: {AC5FD1DC-D2DD-4F1C-A43A-4A711822BFD7} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {AD8883C8-02FF-4ED3-B804-4A5224EC6B71} - System32\Tasks\{6EF5867F-8787-470D-9B84-C346DACE8832} => C:\Program Files\Bethesda Softworks\Oblivion\OblivionLauncher.exe
Task: {AE0D9FC2-8BFD-48F7-B18E-879E8053126B} - \{FC1DA9C3-A138-44BA-B18E-0F29DDBC1A6D} -> No File <==== ATTENTION
Task: {B4F21B9C-E494-491A-8352-D45EE00FCA7C} - System32\Tasks\{546C4CFA-2932-4B17-99E7-75451400687B} => pcalua.exe -a F:\setup.exe -d F:\
Task: {B7BCECE4-86C9-42F1-9FA3-F466001E972E} - System32\Tasks\{41F9976B-0882-4ECD-92FA-18CAAC435FC3} => pcalua.exe -a C:\Users\Jakub\Desktop\InstallWoW.exe -d C:\Users\Jakub\Desktop
Task: {B87C658E-550D-43FC-801D-F32AF97DE1DF} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {BB7C28A6-EE2A-4EEF-87EA-ACB9840615BE} - System32\Tasks\{C4D29B72-0CA2-445A-A701-74125B26B084} => C:\Program Files\Codemasters\Worms 4 Totalni narez\launcher.exe
Task: {BDE44979-AEAC-4B94-83BB-07848EA1286D} - System32\Tasks\{6F8832F0-B012-4DAD-849B-50E330BCB3F3} => C:\Program Files\Bethesda Softworks\Oblivion\OblivionLauncher.exe
Task: {C198640D-762A-4CDB-9B06-73D8666C28F6} - System32\Tasks\{DEB1DAA2-49C2-4CD8-8681-AF776A9A34F6} => C:\Program Files\Gothic II\system\Gothic2.exe
Task: {C2562FB3-A03E-465D-8A8D-CB5BFC00E06D} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {C410164E-05BB-4F34-AA09-C40720E7F4CA} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {C5CDC22F-A3AB-49F2-9563-85C02EB2923C} - \{8D4AA04D-9519-40CF-B4B0-48B5B573F0C9} -> No File <==== ATTENTION
Task: {C7A6ED76-7963-4850-8A38-C7C3C463BF06} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => %SystemRoot%\ehome\ehPrivJob.exe
Task: {C8762E7B-C3A3-4325-8715-6C2BB017CB3E} - System32\Tasks\{BC82801B-AA2D-413F-BF3F-60B2351DD286} => C:\Program Files\THQ\Titan Quest\Titan Quest.exe
Task: {C8CBEA15-6386-4F25-B0A8-010648EE1FA1} - System32\Tasks\{67AB9B31-9DE0-4C54-9EA8-8AB8A587F2B3} => pcalua.exe -a D:\score.exe -d D:\
Task: {CAAAB354-415A-481A-BD17-2F87F0C44E77} - System32\Tasks\{95536B2A-9316-4F78-9733-5F5046032007} => pcalua.exe -a "C:\Users\Jakub\Desktop\Left 4 Dead\Left 4 Dead CZ\patch + cestina\Left 4 Dead.exe" -d "C:\Users\Jakub\Desktop\Left 4 Dead\Left 4 Dead CZ\patch + cestina"
Task: {CECCF328-2F66-43E5-965D-B4A7D1AC00C6} - System32\Tasks\{F5BB01D6-F25C-4912-953A-6427229EF386} => C:\Users\Jakub\Downloads\battlefield2demo.exe
Task: {D051B95A-D078-4E32-9DBE-31058B59AF44} - System32\Tasks\{72AB90DC-8A99-4202-BEF0-0515513F1524} => C:\Users\Jakub\Downloads\battlefield2demo.exe
Task: {D32AD087-099A-495F-8A49-90F1240FBC16} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {D3B64E95-3D98-4CC3-BA9F-EB3C65F968EB} - System32\Tasks\{761232D8-2543-40E1-BD9A-4021E5DCF7F1} => C:\Program Files\Gameforge4D\4Story\4Story.exe
Task: {D4F47096-D1D4-4261-B56A-03D738B4AA6C} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => %SystemRoot%\ehome\ehPrivJob.exe
Task: {D5D08984-83CB-40CB-9A23-6A9196D7F6D9} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {D9F05914-16AB-471C-905F-8BE8834236F0} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => %SystemRoot%\ehome\ehPrivJob.exe
Task: {E0E0ADEB-AA09-489B-A07C-EDBD419C4F4B} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => %SystemRoot%\ehome\ehPrivJob.exe
Task: {E12B7B7E-6CAB-49AA-9595-A230E08CE32B} - \{7B29C8A2-3F7A-4611-8DFB-77D62EE6DC5B} -> No File <==== ATTENTION
Task: {E1C6E2ED-C613-43E7-80AE-DA935115E754} - System32\Tasks\{EAF30263-413B-4DA2-8576-2B34FBF6E8F2} => pcalua.exe -a D:\samandmax\Setup.exe -d D:\samandmax
Task: {E5DF5D6C-2B5B-438A-8B9E-3A1D75D2E86C} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => %SystemRoot%\ehome\mcupdate.exe
Task: {EB411D69-F15C-48A1-B760-92396ABD0B8F} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => %SystemRoot%\ehome\ehPrivJob.exe
Task: {EB5B097D-7567-45DC-9698-C195B6B46E22} - System32\Tasks\{F6FCE509-EDCE-46D3-A3F7-DC368A17606C} => pcalua.exe -a "C:\Users\Jakub\Downloads\WindowsPhone (1).exe" -d C:\Users\Jakub\Downloads
Task: {ED430CCE-27DF-43A2-8EC4-3919ADC59803} - \{E94E52BB-A05B-4AFE-BF17-C281ADA79C89} -> No File <==== ATTENTION
Task: {F441C46D-7A28-49AF-BACC-247CC7E8982B} - \{A6235A17-EC21-4A4D-9C17-7DE386FC72B0} -> No File <==== ATTENTION
Task: {F5BFC3C4-7EB9-41E7-8E15-B7CC547D83EA} - System32\Tasks\{7593A9CC-052E-4109-B7C5-F7558108EAC9} => C:\Program Files\Codemasters\Worms 4 Totalni narez\launcher.exe
Task: {F5CC62ED-94CE-495F-BC71-AA6F73EA9B63} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {FADF9029-1F8B-4A33-BD10-2A773CD4D8AB} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {FEBE778C-53F5-4CF9-BDE8-A1A471037471} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\Jakub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Terraria\Dedicated Server.lnk -> C:\Program Files\Terraria\start-server.bat ()
ShortcutWithArgument: C:\Users\Jakub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Vzdálená plocha Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1" --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
ShortcutWithArgument: C:\Users\Jakub\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
==================== Loaded Modules (Whitelisted) ==============
2016-07-16 09:25 - 2016-07-16 09:25 - 00190976 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-14 18:48 - 2016-12-09 11:11 - 02048496 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-12 15:22 - 2016-11-14 12:00 - 00123448 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2017-02-24 22:34 - 2017-01-20 07:47 - 01732896 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-02-24 22:34 - 2017-01-20 07:47 - 02097616 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\arwlib.dll
2017-02-24 22:34 - 2017-01-20 07:47 - 01719760 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2016-12-14 18:48 - 2016-12-09 11:11 - 02048496 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-09-12 16:14 - 2016-09-12 16:14 - 00679624 _____ () C:\Users\Jakub\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll
2016-07-16 09:25 - 2016-07-16 09:25 - 00108032 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-11 14:19 - 2016-12-21 05:42 - 00321536 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-11 14:19 - 2016-12-21 05:25 - 06726656 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-11 14:19 - 2016-12-21 05:21 - 01150464 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-09-15 20:07 - 2016-08-06 04:21 - 00526848 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-11 14:19 - 2016-12-21 05:22 - 01724928 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-11 14:19 - 2016-12-21 05:24 - 03158016 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-02-07 01:50 - 2017-02-01 10:01 - 01870168 _____ () C:\Program Files\Google\Chrome\Application\56.0.2924.87\libglesv2.dll
2017-02-07 01:50 - 2017-02-01 10:01 - 00085848 _____ () C:\Program Files\Google\Chrome\Application\56.0.2924.87\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKU\S-1-5-21-2460206527-1493759754-90791392-1000\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"
HKU\S-1-5-21-2460206527-1493759754-90791392-1000\Software\Classes\.bat: batfile => <===== ATTENTION
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\S-1-5-21-2460206527-1493759754-90791392-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2460206527-1493759754-90791392-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-2460206527-1493759754-90791392-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-2460206527-1493759754-90791392-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-2460206527-1493759754-90791392-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-2460206527-1493759754-90791392-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-2460206527-1493759754-90791392-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-2460206527-1493759754-90791392-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-2460206527-1493759754-90791392-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-2460206527-1493759754-90791392-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-2460206527-1493759754-90791392-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-2460206527-1493759754-90791392-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-2460206527-1493759754-90791392-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-2460206527-1493759754-90791392-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-2460206527-1493759754-90791392-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2460206527-1493759754-90791392-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-2460206527-1493759754-90791392-1000\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-2460206527-1493759754-90791392-1000\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-2460206527-1493759754-90791392-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-2460206527-1493759754-90791392-1000\...\100sexlinks.com -> 100sexlinks.com
There are 4788 more sites.
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:04 - 2017-02-26 13:32 - 00000753 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2460206527-1493759754-90791392-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Jakub\AppData\Local\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
HKLM\...\StartupApproved\Run: => "Autodesk Sync"
HKLM\...\StartupApproved\Run: => "LogMeIn Hamachi Ui"
HKU\S-1-5-21-2460206527-1493759754-90791392-1000\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-2460206527-1493759754-90791392-1000\...\StartupApproved\Run: => "Steam"
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 25-02-2017
Ran by Jakub (26-02-2017 18:32:50)
Running from C:\Users\Jakub\Downloads\Desktop
Microsoft Windows 10 Home Version 1607 (X86) (2016-09-12 15:07:58)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2460206527-1493759754-90791392-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2460206527-1493759754-90791392-503 - Limited - Disabled)
Guest (S-1-5-21-2460206527-1493759754-90791392-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2460206527-1493759754-90791392-1002 - Limited - Enabled)
Jakub (S-1-5-21-2460206527-1493759754-90791392-1000 - Administrator - Enabled) => C:\Users\Jakub
kuvwqppwaikg (S-1-5-21-2460206527-1493759754-90791392-1005 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-2460206527-1493759754-90791392-1000\...\uTorrent) (Version: 3.4.5.41712 - BitTorrent Inc.)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 2.7.1.19610 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Reader 8 - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-A81200000003}) (Version: 8.1.2 - Adobe Systems Incorporated)
Aktualizace NVIDIA 17.12.8 (Version: 17.12.8 - NVIDIA Corporation) Hidden
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Apple Application Support (HKLM\...\{A83279FD-CA4B-4206-9535-90974DE76654}) (Version: 2.1.5 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
aTube Catcher (HKLM\...\aTube Catcher) (Version: 3.8.5187 - DsNET Corp)
Audiosurf (HKLM\...\{6D316D67-DA52-4659-9C98-F479963534D6}) (Version: 1.00.0000 - BestGameEver)
AutoCAD 2009 - český (HKLM\...\AutoCAD 2009 - český) (Version: 17.2.56.0 - Autodesk)
AutoCAD 2009 - český (Version: 17.2.56.0 - Autodesk) Hidden
Autodesk Inventor Fusion 2013 (HKLM\...\Autodesk Inventor Fusion 2013) (Version: 2.0.0.206 - Autodesk, Inc.)
Autodesk Inventor Fusion 2013 (Version: 2.0.0.206 - Autodesk, Inc.) Hidden
Autodesk Inventor Fusion plug-in for AutoCAD 2013 (HKLM\...\Modul plug-in aplikace Autodesk Inventor Fusion pro aplikaci AutoCAD 2013) (Version: 0.2.0.230 - Autodesk)
Autodesk Material Library 2013 (HKLM\...\{117EBEEB-5DB0-43C8-9FD6-DD583DB152DD}) (Version: 3.0.13 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2013 (HKLM\...\{606E12B9-641F-4644-A22A-FF38AE980AFD}) (Version: 3.0.13 - Autodesk)
Autodesk Sync (HKLM\...\{EE5F74BC-5CD5-4EF2-86BA-81E6CF46A18F}) (Version: 3.5.24.0 - Autodesk, Inc.)
Avira Browser Safety (HKLM\...\{9E10EA90-5E97-43B7-A246-FC7B4F5E9493}) (Version: 1.4.5.509 - Avira Operations GmbH & Co KG)
Balíček ovladače systému Windows - ASUS Tek. Corporation (ATP) Mouse (09/25/2015 7.0.0.9) (HKLM\...\6C3F8C7AFD19C7A76AF857BA7CD35E4CFAA9F3F0) (Version: 09/25/2015 7.0.0.9 - ASUS Tek. Corporation)
Belkin F6D4050 Enhanced Wireless USB Adapter (HKLM\...\InstallShield_{B97A0C89-29C0-4682-902C-364109A9857C}) (Version: 2.0.0.05 - Belkin)
Belkin F6D4050 Enhanced Wireless USB Adapter (Version: 2.0.0.05 - Belkin) Hidden
Bing Bar Platform (Version: 6.3.2322.0 - Microsoft Corporation) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.27 - Piriform)
CrystalDiskInfo 7.0.5 (HKLM\...\CrystalDiskInfo_is1) (Version: 7.0.5 - Crystal Dew World)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform)
DirectX for Managed Code Update (Summer 2004) (Version: 9.02.2904 - Microsoft) Hidden
DWG TrueConvert™ (HKLM\...\{5783F2D7-0221-0405-0000-0060B0CE6BBA}) (Version: 17.0 - Autodesk)
FARO LS 1.1.406.58 (HKLM\...\{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}) (Version: 4.6.58.2 - FARO Scanner Production)
FormatFactory 3.2.1.0 (HKLM\...\FormatFactory) (Version: 3.2.1.0 - Free Time)
Fotogalerie (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
GameRanger (HKU\S-1-5-21-2460206527-1493759754-90791392-1000\...\GameRanger) (Version: - GameRanger Technologies)
Google Chrome (HKLM\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (Version: 1.3.32.7 - Google Inc.) Hidden
Chrome Remote Desktop Host (HKLM\...\{0F4FB60A-EBD8-445B-8117-128E8351647E}) (Version: 56.0.2924.51 - Google Inc.)
IL Shared Libraries (HKLM\...\IL Shared Libraries) (Version: - Image-Line)
inSSIDer Office (HKLM\...\{8C127DE3-EC36-4BA3-A6EE-6DC4A9B6C526}) (Version: 3.1.1.6 - MetaGeek, LLC)
Java 8 Update 91 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.15 - Oracle Corporation)
Jazykový balíček Autodesk Inventor Fusion plug-in pro aplikaci AutoCAD 2013 (Version: 0.2.0.230 - Autodesk) Hidden
Junk Mail filter update (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
League of Legends (HKLM\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (Version: 3.0.1 - Riot Games) Hidden
LogMeIn (HKLM\...\{921037F5-CCA7-4FC5-83AF-42CC0AF14316}) (Version: 4.1.6524 - LogMeIn, Inc.)
LogMeIn Hamachi (HKLM\...\LogMeIn Hamachi) (Version: 2.2.0.541 - LogMeIn, Inc.)
LogMeIn Hamachi (Version: 2.2.0.541 - LogMeIn, Inc.) Hidden
Malwarebytes verze 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Excel Viewer (HKLM\...\{95120000-003F-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (Czech) (HKLM\...\{95120000-00AF-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM\...\{90850409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Search Enhancement Pack (HKLM\...\{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}) (Version: 3.0.133.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minecraft (HKLM\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Minecraft1.7.2 (HKLM\...\Minecraft1.7.2) (Version: - )
Modul plug-in aplikace Autodesk Inventor Fusion pro aplikaci AutoCAD 2013 (Version: 0.2.0.230 - Autodesk) Hidden
Movie Maker (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML4 Parser (HKLM\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
Nexon Game Manager (HKLM\...\{289AC7E0-0AEE-4a7b-913C-709D9803D23E}) (Version: - )
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5909 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.5 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 342.01 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 342.01 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
osu! (HKLM\...\{682d34e1-f1cb-41bd-ba8d-a00225b0b47e}) (Version: latest - ppy Pty Ltd)
osu! (HKLM\...\{C3592426-531E-4110-911D-BFECE2CE284C}) (Version: 0.0.0.0 - peppy)
Ovládací panel NVIDIA 342.01 (Version: 342.01 - NVIDIA Corporation) Hidden
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1BF}) (Version: 3.60.0 - dotPDN LLC)
PC Connectivity Solution (HKLM\...\{34610DE0-3C13-42CA-8E32-01FFA38AB6E8}) (Version: 8.47.7.0 - Nokia)
PDF Settings CS5 (Version: 10.0 - Adobe Systems Incorporated) Hidden
Platform (Version: 1.34 - VIA Technologies, Inc.) Hidden
Podélný profil vodní toky 4 (HKLM\...\pp_vtk_4) (Version: - )
Seznam Software (HKU\S-1-5-21-2460206527-1493759754-90791392-1000\...\SeznamInstall) (Version: - Seznam.cz)
SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.1.15383.6004 - Microsoft Corporation)
Skype™ 7.32 (HKLM\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.32.104 - Skype Technologies S.A.)
Sony Ericsson PC Companion 2.02.002 (HKLM\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.02.002 - Sony Ericsson)
Sophos Virus Removal Tool (HKLM\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.5.6 - Sophos Limited)
System Requirements Lab Detection (HKLM\...\{B67A7719-8F0E-4D92-BF9C-D9FBFFF060A2}) (Version: 2.2.1.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Tunngle (HKLM\...\Tunngle_is1) (Version: 5.8.8 - Tunngle.net GmbH)
Ulead VideoStudio 10 (HKLM\...\{E188D820-1218-4E28-8BCA-91134C3664C2}) (Version: 10.0 - Ulead Systems)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VBA (2627.01) (Version: 6.03.00.9402 - Microsoft Corporation) Hidden
Vegas Pro 9.0 (HKLM\...\{6E5AB107-172B-4F17-8ABB-357C59EF1B08}) (Version: 9.0.704 - Sony)
VIA Platforma Ovladače zařízení (HKLM\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{068B46A0-8858-4CEB-80BC-A4AE787A05FC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Phone app for desktop (HKLM\...\{CE9BDD0F-BAF3-474D-B6D8-15B84BDAB229}) (Version: 1.1.2726.0 - Microsoft Corporation)
WinRAR 5.20 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
Zemana AntiMalware (HKLM\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.72.101 - Zemana Ltd.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{00BB2763-6A77-11D0-A535-00C04FD7D062}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{00EEBF57-477D-4084-9921-7AB3C2C9459D}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{03C036F1-A186-11D0-824A-00AA005B4383}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{06EEE834-461C-42C2-8DCF-1502B527B1F9}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{08244EE6-92F0-47F2-9FC9-929BAA2E7235}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{0AF10CEC-2ECD-4B92-9581-34F6AE0637F3}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{0B91A74B-AD7C-4A9D-B563-29EEF9167172}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{0C15D503-D017-47CE-9016-7B3F978721CC}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{0E5AAE11-A475-4C5B-AB00-C66DE400274E}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{104846AB-42B1-4E38-A80D-136F78C3F258}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{14074E0B-7216-4862-96E6-53CADA442A56}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{1685D4AB-A51B-4AF1-A4E5-CEE87002431D}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{18907F3B-9AFB-4F87-B764-F9A4E16A21B8}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{1C0F439D-7C29-4BDE-8952-4EEB6A49E048}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{1C1800C1-3258-44C2-BE80-3DEADB6C5E39}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{25336920-03F9-11CF-8FD0-00AA00686F13}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{275C23E2-3747-11D0-9FEA-00AA003F8646}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{28B7AA99-C0F9-4C47-995E-8A8D729603A1}\localserver32 -> C:\Program Files\AutoCAD 2009\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{2F1F7574-ECCA-4361-B4DE-C411BF7EEE23}\localserver32 -> C:\Program Files\AutoCAD 2009\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{30276B4F-F25C-457C-A4B7-08574F8EA528}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{35786D3C-B075-49B9-88DD-029876E11C01}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{3D154A2D-D911-437E-A30C-5F56A9B7081D}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{4955DD33-B159-11D0-8FCF-00AA006BCC59}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{50D5107A-D278-4871-8989-F4CEAAF59CFC}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{50EF4544-AC9F-4A8E-B21B-8A26180DB13F}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{53BD6B4E-3780-4693-AFC3-7161C2F3EE9C}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{603D3800-BD81-11D0-A3A5-00C04FD706EC}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{640167B4-59B0-47A6-B335-A6B3C0695AEA}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{6746C347-576B-4F73-9012-CDFEEA251BC4}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2013\acad.exe => No File
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{6AB55F46-2523-4701-A912-B226F46252BA}\localserver32 -> C:\Program Files\AutoCAD 2009\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{6E682784-1ECA-4CF2-988D-96B6E89E9A4D}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{71F96385-DDD6-48D3-A0C1-AE06E8B055FB}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{72C24DD5-D70A-438B-8A42-98424B88AFB8}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{76BE8257-C4C0-4D37-90C0-A23372254D27}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{7AABBB95-79BE-4C0F-8024-EB6AF271231C}\localserver32 -> C:\Program Files\AutoCAD 2009\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{7EFC002A-071F-4CE7-B265-F4B4263D2FD2}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{807C1E6C-1D00-453F-B920-B61BB7CDD997}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{807E5A10-4856-4F9A-8E3C-A1F7E75648B3}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{82C588E7-E54B-408C-9F8C-6AF9ADF6F1E9}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{8856F961-340A-11D0-A96B-00C04FD705A2}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{9113A02D-00A3-46B9-BC5F-9C04DADDD5D7}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{934D4698-6A59-48F8-9F29-9FB30670320E}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{942BC614-676C-464E-B384-D3202AAA02DA}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{989D1DC0-B162-11D1-B6EC-D27DDCF9A923}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{9AC9FBE1-E0A2-4AD6-B4EE-E212013EA917}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{9CFC2DF3-6BA3-46EF-A836-E519E81F0EC4}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{A4A1A128-768F-41E0-BF75-E4FDDD701CBA}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{AF02484C-A0A9-4669-9051-058AB12B9195}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{B056521A-9B10-425E-B616-1FCD828DB3B1}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{B155BDF8-02F0-451E-9A26-AE317CFD7779}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{B2952B16-0E07-4E5A-B993-58C52CB94CAE}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{B54F3743-5B07-11CF-A4B0-00AA004A55E8}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{B8967F85-58AE-4F46-9FB2-5D7904798F4B}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{BD0DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2013\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{C90250F3-4D7D-4991-9B69-A5C5BC1C2AE6}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{CD773740-B187-4974-A1D5-E0FF91372277}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{d0a0ed0a-55ac-4469-a197-1d08ce99cfb9}\localserver32 -> C:\Users\Jakub\AppData\Local\Temp\{4f5e3a76-f453-4882-ab42-7224f3310de7}\IDriver.NonElevated.exe => (the data entry has 7 more characters).
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{D58960BA-2EF3-4910-9E34-C911B1710180}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{D9B3211D-E57F-4426-AAEF-30A806ADD397}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{DB6EFB73-5153-43B7-8078-C6FFC4C0238C}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{DFFACDC5-679F-4156-8947-C5C76BC0B67F}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\AutoCAD 2009\acadficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{E7E4BC40-E76A-11CE-A9BB-00AA004AE837}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{EDB5F444-CB8D-445A-A523-EC5AB6EA33C7}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{FE841493-835C-4FA3-B6CC-B4B2D4719848}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2460206527-1493759754-90791392-1000_Classes\CLSID\{FF393560-C2A7-11CF-BFF4-444553540000}\InprocServer32 -> no filepath
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {058C9AD5-9691-4030-88A9-1999DEB0C6E6} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {0600760F-C80B-4AE9-B1C9-B0893748291C} - System32\Tasks\{6190B3D4-6085-4202-AAF9-9E0A830DEEDB} => C:\Program Files\Gothic II\system\Gothic2.exe
Task: {0B8844C3-63EF-4586-B3FA-81A871384BC3} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => %SystemRoot%\ehome\ehPrivJob.exe
Task: {0F5C7D2E-FECC-4C02-8D11-FBA0D352BC61} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-20] (Adobe Systems Incorporated)
Task: {14305816-E616-4051-8CE6-D5F2271A707D} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {15E02BCA-9734-4006-A46A-65E1B7C02FAE} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {165998FE-2123-47CC-A6E6-63C89D8A173C} - System32\Tasks\{E8694150-11C4-4DA1-9ED0-4FF4834D3340} => C:\Program Files\Gameforge4D\4Story\4Story.exe
Task: {17B66156-4B04-4071-B438-490501BC0322} - \{C46E5936-604C-4AB1-A79D-38C6A1CD8709} -> No File <==== ATTENTION
Task: {18E8A296-BB71-46D0-BB8F-B7B9A82FB3C2} - System32\Tasks\{0C3442F4-C9B3-4701-997E-009629367FE6} => pcalua.exe -a C:\Users\Jakub\Desktop\battlefield2demo.exe -d C:\Users\Jakub\Desktop
Task: {1D99D803-D69A-4E91-918E-B1C05B7FB866} - \{255F4D84-01B3-47F7-B113-50176D699A5F} -> No File <==== ATTENTION
Task: {1F03AB63-51FE-49B8-B6E1-7B546102B57C} - System32\Tasks\{861CD5A4-36EC-4ED8-A862-D1CABF9774CC} => C:\Users\Jakub\Downloads\battlefield2demo.exe
Task: {220F1AFB-8BE8-40FE-BEC1-07D5FD4B5E65} - System32\Tasks\{084AF887-CD56-4D53-9FBE-B58B78CBA282} => C:\Users\Jakub\Downloads\battlefield2demo.exe
Task: {22781649-29C7-4FCD-BE52-E7F9E6A46A7D} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => %SystemRoot%\ehome\mcupdate.exe
Task: {236145C3-8186-4D31-BB22-2DCB4BCDC3ED} - System32\Tasks\{AE40213A-63FB-49BE-AEB7-55ABE860606A} => pcalua.exe -a D:\ARCANIA\setup.exe -d D:\ARCANIA
Task: {2384A400-1C3E-415C-BFEB-8479B1F18D8B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {25B086CE-7D27-4006-8336-AF499B361945} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => %SystemRoot%\ehome\ehrec.exe
Task: {2821AB5D-9244-49F1-9F00-E114C63066BA} - System32\Tasks\Avira Browser Safety Updater Task => C:\Program Files\Avira\Browser Safety\AviraBrowserSafetyUpdater.exe [2015-03-11] (Avira Operations GmbH & Co. KG)
Task: {288AB656-DC59-41F2-BC68-058C269B1F3A} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => %SystemRoot%\ehome\mcupdate.exe
Task: {2A84CF30-6F34-4761-9C78-CD140529373C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-02-08] (Piriform Ltd)
Task: {2AE3756C-A31D-4A87-A65D-066904779F80} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => %SystemRoot%\ehome\ehPrivJob.exe
Task: {3170B6E4-8488-4E77-BD0F-B009AB41A57E} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => %windir%\ehome\MCUpdate.exe
Task: {322BF951-9B9F-4760-BF90-2118BEFC03ED} - System32\Tasks\{7B9BD579-F235-40EA-9BCA-AFD3787C5079} => C:\Program Files\Codemasters\Worms 4 Totalni narez\launcher.exe
Task: {32BF6004-A9F7-41FF-BF13-75A339C143FD} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => %SystemRoot%\ehome\ehPrivJob.exe
Task: {3469BFEB-C55D-4546-92A2-2F12DFEA1AC6} - \{05EF766E-77C6-4BCA-8DD7-42A694A7B502} -> No File <==== ATTENTION
Task: {3582AA67-61C6-4B7D-BF01-7B6624F53391} - System32\Tasks\{640FCA85-31AB-4EF2-B73C-2D41F0CAA2E7} => C:\Program Files\Codemasters\Worms 4 Totalni narez\launcher.exe
Task: {3BEE59A4-C225-4396-93B2-00A86EEC3191} - System32\Tasks\{38FC791C-0920-4B3C-AC29-7AAD333DE373} => C:\Program Files\Codemasters\Worms 4 Totalni narez\launcher.exe
Task: {3D02A8CC-09B9-4879-B2C5-7DBC2C1765AE} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => %SystemRoot%\ehome\ehPrivJob.exe
Task: {3E6083B4-B80F-465E-89D7-8E2EE58E49E7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-17] (Google Inc.)
Task: {408529E0-8B38-464E-9143-76B6498E3631} - System32\Tasks\{94216756-B60A-48A8-82E7-F0960CC0272D} => C:\Users\Jakub\Downloads\battlefield2demo.exe
Task: {47D448D5-5C86-46BA-9BA9-22824A0C7BE5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {4CAE4515-8B7B-4623-BC43-813B3EB5FDF8} - \{4DD6D639-CC98-4E42-AC56-AA36B84E59B6} -> No File <==== ATTENTION
Task: {4EDF5568-A009-44A4-8180-0B689D6998AB} - System32\Tasks\{31F64227-E8EB-4AE5-895D-AC5CD02F292F} => C:\Program Files\Codemasters\Worms 4 Totalni narez\launcher.exe
Task: {515E559C-8EB9-4AC5-9305-8775FE15996A} - System32\Tasks\{A870B781-2FE2-437D-86B4-8995CB9B2D9C} => pcalua.exe -a "C:\Users\Jakub\Desktop\Ak Elâ Mod 0.1 Beta.exe" -d C:\Users\Jakub\Desktop
Task: {53DCA901-DF27-4D79-8A4F-58855AD16A80} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => %SystemRoot%\ehome\ehPrivJob.exe
Task: {553B8BAC-48BB-4DF2-BF66-556C63E5AECF} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {57C22BCF-5C32-40F6-8B30-78AA5F89628D} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => %SystemRoot%\ehome\ehPrivJob.exe
Task: {58A9F219-ECE1-4894-90A4-7636CC597A83} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {5E7AC3C8-EB20-4097-AF12-9755B374612C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {5F5D7C4B-3D5E-44FC-B8C7-59CBD10C2196} - System32\Tasks\{FBE0BBC3-BEFC-4B43-9DC7-35D1BBD6F90F} => C:\Program Files\Skype\Phone\Skype.exe [2017-02-08] (Skype Technologies S.A.)
Task: {63654BFC-D130-4937-84F0-906C35088FE3} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => %SystemRoot%\ehome\ehPrivJob.exe
Task: {689A1F72-A672-4814-B7CE-57ED1A78D2F2} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => %SystemRoot%\ehome\ehPrivJob.exe
Task: {68F34176-CED9-4C01-8E0D-C5B8FB86C0B9} - System32\Tasks\{231E83E6-AE0A-42B2-A98E-BC68C75FF36C} => C:\Program Files\THQ\Titan Quest\Titan Quest.exe
Task: {6E983407-9DCA-4F57-B829-5D4BAB70D2F7} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => %SystemRoot%\ehome\ehrec.exe
Task: {701E91A0-8D78-4F79-A5E9-03458E8833DC} - System32\Tasks\{BB5A419A-A926-47C4-AC46-F9B89CE24309} => C:\Program Files\Gameforge4D\4Story\4Story.exe
Task: {766265A2-976A-4B33-B87F-719C88938995} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {7DFE6A54-30FB-4B14-ACAF-9AF6E3EE8994} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe
Task: {7E7B86BE-7FF2-48F9-8E62-D725CF8C6485} - System32\Tasks\{620DF12F-46F3-41AA-8C78-72A638B917AC} => pcalua.exe -a D:\score.exe -d D:\
Task: {7F26A3F1-5FFE-4C5A-AE50-F8F8AE8DE034} - System32\Tasks\{781B0311-4727-4C05-9777-441AF3261A8C} => pcalua.exe -a "C:\Users\Jakub\AppData\Local\Temp\Temp2_BF2Demo.zip\Battlefield 2 Demo.exe" <==== ATTENTION
Task: {7FED7A7D-D275-4EC3-A742-699C8DDA7E75} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {833F0D6B-D871-48F5-B236-7A374DDBB6A9} - System32\Tasks\{1CA07491-5284-4E93-9DCC-913845C00CAE} => pcalua.exe -a "C:\Program Files\Alwil Software\Avast4\aswRunDll.exe" -c "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
Task: {89133E86-CE31-4575-AA9A-AC319D2CD603} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe
Task: {8AD79378-AD13-4C2C-9D03-4C1888DE62A7} - System32\Tasks\{A8D8077E-6C8B-4B72-9ADF-32BD034EF108} => pcalua.exe -a "C:\Users\Jakub\AppData\Local\Temp\Temp1_BF2Demo.zip\Battlefield 2 Demo.exe" <==== ATTENTION
Task: {8DAFF394-64AB-49F0-8F7E-847265508BC0} - System32\Tasks\{11CC0A3D-C7CF-4D4C-AD7C-3BD92DD27B61} => C:\Program Files\Codemasters\Worms 4 Totalni narez\launcher.exe
Task: {9119BC90-3CD1-40BA-AF68-8BE7DB4BCFAF} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-02-24] (Microsoft Corporation)
Task: {96662C2A-8150-4267-B5BD-B83B9C79C50D} - \{3D7B948F-B370-47B5-AF83-B1A3CBA4817E} -> No File <==== ATTENTION
Task: {96E6CE43-187A-4A89-9758-2BA0501FB489} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {A02C4B05-D277-4A56-BC7B-6B91E862BE3D} - System32\Tasks\{EE240858-34C8-4068-9A7D-C0D7A8812F41} => C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
Task: {A6C60ACA-732F-4B64-84A0-290B4989480F} - System32\Tasks\{A7A84784-B8DE-48B4-B1E7-7E8E2E145664} => C:\Users\Jakub\Downloads\battlefield2demo.exe
Task: {A800DC5A-0DA4-4262-B9DD-9C70BBA6F4A9} - System32\Tasks\GoogleUpdateTaskMachineUA1cf48cd20c95a20 => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-17] (Google Inc.)
Task: {A901E003-EADD-4D6E-9231-D570C7C1FE3C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {AABA5F74-F267-4B6E-92A8-3AF35C82568A} - System32\Tasks\{4B1DE031-FE81-43B7-9FBE-C58585F710FC} => pcalua.exe -a C:\Users\Jakub\Downloads\battlefield2demo.exe -d C:\Users\Jakub\Downloads
Task: {AB8B5B77-F3E7-4E0E-AEBF-382C2A14DBF1} - \{6E24917B-ADF8-4F2A-A75D-422397EA5DF7} -> No File <==== ATTENTION
Task: {AC0E3BAD-E946-4239-A12B-81A7C40DCA00} - System32\Tasks\{AD079EEC-6C28-431F-AF41-BEF344F35889} => C:\Program Files\Audiosurf\Audiosurf.exe
Task: {AC5FD1DC-D2DD-4F1C-A43A-4A711822BFD7} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {AD8883C8-02FF-4ED3-B804-4A5224EC6B71} - System32\Tasks\{6EF5867F-8787-470D-9B84-C346DACE8832} => C:\Program Files\Bethesda Softworks\Oblivion\OblivionLauncher.exe
Task: {AE0D9FC2-8BFD-48F7-B18E-879E8053126B} - \{FC1DA9C3-A138-44BA-B18E-0F29DDBC1A6D} -> No File <==== ATTENTION
Task: {B4F21B9C-E494-491A-8352-D45EE00FCA7C} - System32\Tasks\{546C4CFA-2932-4B17-99E7-75451400687B} => pcalua.exe -a F:\setup.exe -d F:\
Task: {B7BCECE4-86C9-42F1-9FA3-F466001E972E} - System32\Tasks\{41F9976B-0882-4ECD-92FA-18CAAC435FC3} => pcalua.exe -a C:\Users\Jakub\Desktop\InstallWoW.exe -d C:\Users\Jakub\Desktop
Task: {B87C658E-550D-43FC-801D-F32AF97DE1DF} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {BB7C28A6-EE2A-4EEF-87EA-ACB9840615BE} - System32\Tasks\{C4D29B72-0CA2-445A-A701-74125B26B084} => C:\Program Files\Codemasters\Worms 4 Totalni narez\launcher.exe
Task: {BDE44979-AEAC-4B94-83BB-07848EA1286D} - System32\Tasks\{6F8832F0-B012-4DAD-849B-50E330BCB3F3} => C:\Program Files\Bethesda Softworks\Oblivion\OblivionLauncher.exe
Task: {C198640D-762A-4CDB-9B06-73D8666C28F6} - System32\Tasks\{DEB1DAA2-49C2-4CD8-8681-AF776A9A34F6} => C:\Program Files\Gothic II\system\Gothic2.exe
Task: {C2562FB3-A03E-465D-8A8D-CB5BFC00E06D} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {C410164E-05BB-4F34-AA09-C40720E7F4CA} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {C5CDC22F-A3AB-49F2-9563-85C02EB2923C} - \{8D4AA04D-9519-40CF-B4B0-48B5B573F0C9} -> No File <==== ATTENTION
Task: {C7A6ED76-7963-4850-8A38-C7C3C463BF06} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => %SystemRoot%\ehome\ehPrivJob.exe
Task: {C8762E7B-C3A3-4325-8715-6C2BB017CB3E} - System32\Tasks\{BC82801B-AA2D-413F-BF3F-60B2351DD286} => C:\Program Files\THQ\Titan Quest\Titan Quest.exe
Task: {C8CBEA15-6386-4F25-B0A8-010648EE1FA1} - System32\Tasks\{67AB9B31-9DE0-4C54-9EA8-8AB8A587F2B3} => pcalua.exe -a D:\score.exe -d D:\
Task: {CAAAB354-415A-481A-BD17-2F87F0C44E77} - System32\Tasks\{95536B2A-9316-4F78-9733-5F5046032007} => pcalua.exe -a "C:\Users\Jakub\Desktop\Left 4 Dead\Left 4 Dead CZ\patch + cestina\Left 4 Dead.exe" -d "C:\Users\Jakub\Desktop\Left 4 Dead\Left 4 Dead CZ\patch + cestina"
Task: {CECCF328-2F66-43E5-965D-B4A7D1AC00C6} - System32\Tasks\{F5BB01D6-F25C-4912-953A-6427229EF386} => C:\Users\Jakub\Downloads\battlefield2demo.exe
Task: {D051B95A-D078-4E32-9DBE-31058B59AF44} - System32\Tasks\{72AB90DC-8A99-4202-BEF0-0515513F1524} => C:\Users\Jakub\Downloads\battlefield2demo.exe
Task: {D32AD087-099A-495F-8A49-90F1240FBC16} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {D3B64E95-3D98-4CC3-BA9F-EB3C65F968EB} - System32\Tasks\{761232D8-2543-40E1-BD9A-4021E5DCF7F1} => C:\Program Files\Gameforge4D\4Story\4Story.exe
Task: {D4F47096-D1D4-4261-B56A-03D738B4AA6C} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => %SystemRoot%\ehome\ehPrivJob.exe
Task: {D5D08984-83CB-40CB-9A23-6A9196D7F6D9} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {D9F05914-16AB-471C-905F-8BE8834236F0} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => %SystemRoot%\ehome\ehPrivJob.exe
Task: {E0E0ADEB-AA09-489B-A07C-EDBD419C4F4B} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => %SystemRoot%\ehome\ehPrivJob.exe
Task: {E12B7B7E-6CAB-49AA-9595-A230E08CE32B} - \{7B29C8A2-3F7A-4611-8DFB-77D62EE6DC5B} -> No File <==== ATTENTION
Task: {E1C6E2ED-C613-43E7-80AE-DA935115E754} - System32\Tasks\{EAF30263-413B-4DA2-8576-2B34FBF6E8F2} => pcalua.exe -a D:\samandmax\Setup.exe -d D:\samandmax
Task: {E5DF5D6C-2B5B-438A-8B9E-3A1D75D2E86C} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => %SystemRoot%\ehome\mcupdate.exe
Task: {EB411D69-F15C-48A1-B760-92396ABD0B8F} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => %SystemRoot%\ehome\ehPrivJob.exe
Task: {EB5B097D-7567-45DC-9698-C195B6B46E22} - System32\Tasks\{F6FCE509-EDCE-46D3-A3F7-DC368A17606C} => pcalua.exe -a "C:\Users\Jakub\Downloads\WindowsPhone (1).exe" -d C:\Users\Jakub\Downloads
Task: {ED430CCE-27DF-43A2-8EC4-3919ADC59803} - \{E94E52BB-A05B-4AFE-BF17-C281ADA79C89} -> No File <==== ATTENTION
Task: {F441C46D-7A28-49AF-BACC-247CC7E8982B} - \{A6235A17-EC21-4A4D-9C17-7DE386FC72B0} -> No File <==== ATTENTION
Task: {F5BFC3C4-7EB9-41E7-8E15-B7CC547D83EA} - System32\Tasks\{7593A9CC-052E-4109-B7C5-F7558108EAC9} => C:\Program Files\Codemasters\Worms 4 Totalni narez\launcher.exe
Task: {F5CC62ED-94CE-495F-BC71-AA6F73EA9B63} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {FADF9029-1F8B-4A33-BD10-2A773CD4D8AB} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {FEBE778C-53F5-4CF9-BDE8-A1A471037471} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\Jakub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Terraria\Dedicated Server.lnk -> C:\Program Files\Terraria\start-server.bat ()
ShortcutWithArgument: C:\Users\Jakub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Vzdálená plocha Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1" --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
ShortcutWithArgument: C:\Users\Jakub\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
==================== Loaded Modules (Whitelisted) ==============
2016-07-16 09:25 - 2016-07-16 09:25 - 00190976 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-14 18:48 - 2016-12-09 11:11 - 02048496 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-12 15:22 - 2016-11-14 12:00 - 00123448 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2017-02-24 22:34 - 2017-01-20 07:47 - 01732896 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-02-24 22:34 - 2017-01-20 07:47 - 02097616 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\arwlib.dll
2017-02-24 22:34 - 2017-01-20 07:47 - 01719760 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2016-12-14 18:48 - 2016-12-09 11:11 - 02048496 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-09-12 16:14 - 2016-09-12 16:14 - 00679624 _____ () C:\Users\Jakub\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll
2016-07-16 09:25 - 2016-07-16 09:25 - 00108032 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-11 14:19 - 2016-12-21 05:42 - 00321536 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-11 14:19 - 2016-12-21 05:25 - 06726656 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-11 14:19 - 2016-12-21 05:21 - 01150464 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-09-15 20:07 - 2016-08-06 04:21 - 00526848 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-11 14:19 - 2016-12-21 05:22 - 01724928 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-11 14:19 - 2016-12-21 05:24 - 03158016 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-02-07 01:50 - 2017-02-01 10:01 - 01870168 _____ () C:\Program Files\Google\Chrome\Application\56.0.2924.87\libglesv2.dll
2017-02-07 01:50 - 2017-02-01 10:01 - 00085848 _____ () C:\Program Files\Google\Chrome\Application\56.0.2924.87\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKU\S-1-5-21-2460206527-1493759754-90791392-1000\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"
HKU\S-1-5-21-2460206527-1493759754-90791392-1000\Software\Classes\.bat: batfile => <===== ATTENTION
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\S-1-5-21-2460206527-1493759754-90791392-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2460206527-1493759754-90791392-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-2460206527-1493759754-90791392-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-2460206527-1493759754-90791392-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-2460206527-1493759754-90791392-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-2460206527-1493759754-90791392-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-2460206527-1493759754-90791392-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-2460206527-1493759754-90791392-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-2460206527-1493759754-90791392-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-2460206527-1493759754-90791392-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-2460206527-1493759754-90791392-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-2460206527-1493759754-90791392-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-2460206527-1493759754-90791392-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-2460206527-1493759754-90791392-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-2460206527-1493759754-90791392-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2460206527-1493759754-90791392-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-2460206527-1493759754-90791392-1000\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-2460206527-1493759754-90791392-1000\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-2460206527-1493759754-90791392-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-2460206527-1493759754-90791392-1000\...\100sexlinks.com -> 100sexlinks.com
There are 4788 more sites.
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:04 - 2017-02-26 13:32 - 00000753 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2460206527-1493759754-90791392-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Jakub\AppData\Local\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
HKLM\...\StartupApproved\Run: => "Autodesk Sync"
HKLM\...\StartupApproved\Run: => "LogMeIn Hamachi Ui"
HKU\S-1-5-21-2460206527-1493759754-90791392-1000\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-2460206527-1493759754-90791392-1000\...\StartupApproved\Run: => "Steam"
Re: Prosím o kontrolu logu
Addition další část:
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-32bit] => (Allow) LPort=808
FirewallRules: [{86140C6A-8E1E-46E4-8394-CB28317B4062}] => (Block) C:\program files\pc remote\pc remote\pcremote.exe
FirewallRules: [{F27D38A7-3FA9-48B4-8BE2-DBBAD0C22632}] => (Block) C:\program files\pc remote\pc remote\pcremote.exe
FirewallRules: [UDP Query User{548983C4-E2D3-4EA0-828D-04DCA7ED700D}C:\program files\pc remote\pc remote\pcremote.exe] => (Allow) C:\program files\pc remote\pc remote\pcremote.exe
FirewallRules: [TCP Query User{5C1FBDDA-ACD0-4225-9CD3-0668FE5C7A07}C:\program files\pc remote\pc remote\pcremote.exe] => (Allow) C:\program files\pc remote\pc remote\pcremote.exe
FirewallRules: [{DC024EEB-B0AD-4AE6-A773-84A792E28FBB}] => (Block) C:\program files\asus\asus smart gesture\astpcenter\x86\asussgplusbtserver.exe
FirewallRules: [{CC1841DE-8262-4E9F-846E-0AA4EBB44E39}] => (Block) C:\program files\asus\asus smart gesture\astpcenter\x86\asussgplusbtserver.exe
FirewallRules: [UDP Query User{646C8A47-FC1A-4032-B009-419E166799B9}C:\program files\asus\asus smart gesture\astpcenter\x86\asussgplusbtserver.exe] => (Allow) C:\program files\asus\asus smart gesture\astpcenter\x86\asussgplusbtserver.exe
FirewallRules: [TCP Query User{16F69783-362C-46DC-8D4B-DDA49550D7D5}C:\program files\asus\asus smart gesture\astpcenter\x86\asussgplusbtserver.exe] => (Allow) C:\program files\asus\asus smart gesture\astpcenter\x86\asussgplusbtserver.exe
FirewallRules: [UDP Query User{C6DE9EC4-7DD5-455A-86B5-DEBB81402208}C:\program files\minecraft\runtime\jre-x32\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files\minecraft\runtime\jre-x32\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{3E142011-3BAB-4937-836D-B6B12CABD363}C:\program files\minecraft\runtime\jre-x32\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files\minecraft\runtime\jre-x32\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{5C7B7CB2-A4B1-4AF9-B758-3268C4066F74}C:\program files\minecraft\runtime\jre-x32\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files\minecraft\runtime\jre-x32\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{40466C94-AD99-4EEF-84B7-711D5534216E}C:\program files\minecraft\runtime\jre-x32\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files\minecraft\runtime\jre-x32\1.8.0_25\bin\javaw.exe
FirewallRules: [{D0F1DB81-C9AB-4399-A2A3-B3E13A6122FE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{72DCA4C2-CBC7-45E8-A44B-B7D1E48CFBB8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{1D575E0F-989E-44F4-A917-BAC519CE32EB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{D8A49E36-79C7-4358-8D6F-8C7C9F567558}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{DFF237F0-BA3F-4ADA-BC1C-3E3C393608E8}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{BCE61410-9AAE-410C-85F9-3867211A4BC2}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{4D4395B3-22A9-4B74-86BF-9AA337E60994}] => (Allow) C:\Users\Jakub\Downloads\Desktop\Terraria\Binding of Isaac\DNT\[www.mpc-g.com]DST172998\bin\dontstarve_steam.exe
FirewallRules: [{C79182E2-852A-41EF-A408-DA996B67E78C}] => (Allow) C:\Users\Jakub\Downloads\Desktop\Terraria\Binding of Isaac\DNT\[www.mpc-g.com]DST172998\bin\dontstarve_steam.exe
FirewallRules: [{D16C33B4-6168-48F2-98E0-4D2CAF65C979}] => (Block) C:\users\jakub\downloads\desktop\terraria\binding of isaac\dnt\[www.mpc-g.com]dst172998\bin\dontstarve_dedicated_server_nullrenderer.exe
FirewallRules: [{FDE8B3F2-A00B-4A2C-B1A8-94E095EA0882}] => (Block) C:\users\jakub\downloads\desktop\terraria\binding of isaac\dnt\[www.mpc-g.com]dst172998\bin\dontstarve_dedicated_server_nullrenderer.exe
FirewallRules: [UDP Query User{A9631DFD-3544-403A-BFAF-297BD42A9B9C}C:\users\jakub\downloads\desktop\terraria\binding of isaac\dnt\[www.mpc-g.com]dst172998\bin\dontstarve_dedicated_server_nullrenderer.exe] => (Allow) C:\users\jakub\downloads\desktop\terraria\binding of isaac\dnt\[www.mpc-g.com]dst172998\bin\dontstarve_dedicated_server_nullrenderer.exe
FirewallRules: [TCP Query User{F022EB80-650D-4928-AE92-FD61356E62B5}C:\users\jakub\downloads\desktop\terraria\binding of isaac\dnt\[www.mpc-g.com]dst172998\bin\dontstarve_dedicated_server_nullrenderer.exe] => (Allow) C:\users\jakub\downloads\desktop\terraria\binding of isaac\dnt\[www.mpc-g.com]dst172998\bin\dontstarve_dedicated_server_nullrenderer.exe
FirewallRules: [UDP Query User{7915FF48-A16D-48E7-B2AE-D98127E1EEED}C:\program files\skype\phone\skype.exe] => (Allow) C:\program files\skype\phone\skype.exe
FirewallRules: [TCP Query User{4FDD1742-EE2E-4B95-81B6-ED85E35DE111}C:\program files\skype\phone\skype.exe] => (Allow) C:\program files\skype\phone\skype.exe
FirewallRules: [UDP Query User{D8A649A9-475E-4E9B-95C3-012E8262426A}C:\users\jakub\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\jakub\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{DA10DE63-A9D1-474B-ABC0-908DE17897D3}C:\users\jakub\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\jakub\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{C4729A13-79FD-45F2-B945-651EB81A2EA8}C:\program files\java\jre1.8.0_91\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_91\bin\javaw.exe
FirewallRules: [UDP Query User{230BAA12-CFD0-4734-A722-A05929EBEF18}C:\program files\java\jre1.8.0_91\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_91\bin\javaw.exe
FirewallRules: [{11D85D15-EC57-4879-83F4-0C06B4C4372A}] => (Block) C:\program files\java\jre1.8.0_91\bin\javaw.exe
FirewallRules: [{ED832058-EF82-4567-B986-493312BE4492}] => (Block) C:\program files\java\jre1.8.0_91\bin\javaw.exe
FirewallRules: [TCP Query User{A9062A36-ABB3-4FC8-8070-E7EFAD694B5A}C:\users\jakub\documents\curse\minecraft\install\runtime\jre-x32\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\jakub\documents\curse\minecraft\install\runtime\jre-x32\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{74ACC873-3A9E-4E1F-B3CF-F9E47AFFC184}C:\users\jakub\documents\curse\minecraft\install\runtime\jre-x32\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\jakub\documents\curse\minecraft\install\runtime\jre-x32\1.8.0_25\bin\javaw.exe
FirewallRules: [{7127EE65-B067-4566-9D32-95672FB98E87}] => (Block) C:\users\jakub\documents\curse\minecraft\install\runtime\jre-x32\1.8.0_25\bin\javaw.exe
FirewallRules: [{01E4A11A-DBC7-439F-B7B3-48EB7AD87A3C}] => (Block) C:\users\jakub\documents\curse\minecraft\install\runtime\jre-x32\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{DB7543C5-3295-42F1-8A1E-F107BF31B7BE}C:\program files\age of empires 2 & the conquerors expansion - full game\empires2.exe] => (Allow) C:\program files\age of empires 2 & the conquerors expansion - full game\empires2.exe
FirewallRules: [UDP Query User{D7D04458-63CD-44BA-AE29-7BBB9AEEB7EA}C:\program files\age of empires 2 & the conquerors expansion - full game\empires2.exe] => (Allow) C:\program files\age of empires 2 & the conquerors expansion - full game\empires2.exe
FirewallRules: [{C58640EA-CE31-42B3-B7BC-44CE924A2CCC}] => (Block) C:\program files\age of empires 2 & the conquerors expansion - full game\empires2.exe
FirewallRules: [{91092976-9395-4D65-8051-BBF8D3956B1D}] => (Block) C:\program files\age of empires 2 & the conquerors expansion - full game\empires2.exe
FirewallRules: [TCP Query User{1149CEC7-4269-423A-9456-68AF2F136D93}C:\program files\voobly\voobly.exe] => (Allow) C:\program files\voobly\voobly.exe
FirewallRules: [UDP Query User{FDD179CF-3D53-4A03-A57B-FB2A39D60EE8}C:\program files\voobly\voobly.exe] => (Allow) C:\program files\voobly\voobly.exe
FirewallRules: [{AEFD5C43-8961-4DF9-AB8A-77C22C24416A}] => (Block) C:\program files\voobly\voobly.exe
FirewallRules: [{19C26AFD-0724-481C-AE47-97749076354B}] => (Block) C:\program files\voobly\voobly.exe
FirewallRules: [TCP Query User{58D743F5-2D63-44C4-860E-3E7A5D5B60D3}C:\program files\age of empires 2 & the conquerors expansion - full game\age2_x1\age2_x1.exe] => (Allow) C:\program files\age of empires 2 & the conquerors expansion - full game\age2_x1\age2_x1.exe
FirewallRules: [UDP Query User{F553069C-D5A2-4AAA-B771-FC44DAD37C43}C:\program files\age of empires 2 & the conquerors expansion - full game\age2_x1\age2_x1.exe] => (Allow) C:\program files\age of empires 2 & the conquerors expansion - full game\age2_x1\age2_x1.exe
FirewallRules: [{6B7E5932-B215-428A-A7F6-D5CC8A455C67}] => (Block) C:\program files\age of empires 2 & the conquerors expansion - full game\age2_x1\age2_x1.exe
FirewallRules: [{003BBB9F-FD4C-4A3B-ABE5-27E3CEB9A6C9}] => (Block) C:\program files\age of empires 2 & the conquerors expansion - full game\age2_x1\age2_x1.exe
FirewallRules: [TCP Query User{A1D78CD3-51E1-4062-B660-F252BB308FE1}C:\windows\system32\dplaysvr.exe] => (Allow) C:\windows\system32\dplaysvr.exe
FirewallRules: [UDP Query User{66141FD1-60BC-4060-A1DF-E79A3D63B424}C:\windows\system32\dplaysvr.exe] => (Allow) C:\windows\system32\dplaysvr.exe
FirewallRules: [{96F6159D-E9CD-4593-8269-3DAD1363570C}] => (Block) C:\windows\system32\dplaysvr.exe
FirewallRules: [{2EDC4FA8-FB71-47F4-80BD-1D5792003828}] => (Block) C:\windows\system32\dplaysvr.exe
FirewallRules: [TCP Query User{386EAF6A-F5EA-436B-82AC-4A62A2841176}C:\program files\age of empires 2 & the conquerors expansion - full game\myth-age2_x1.exe] => (Allow) C:\program files\age of empires 2 & the conquerors expansion - full game\myth-age2_x1.exe
FirewallRules: [UDP Query User{19D7CFB9-7EA1-4EE7-ADCA-C1E12183C34B}C:\program files\age of empires 2 & the conquerors expansion - full game\myth-age2_x1.exe] => (Allow) C:\program files\age of empires 2 & the conquerors expansion - full game\myth-age2_x1.exe
FirewallRules: [{5AD632FA-2372-49A3-AC62-F1F8A35B030B}] => (Block) C:\program files\age of empires 2 & the conquerors expansion - full game\myth-age2_x1.exe
FirewallRules: [{9E1D4F49-801B-47B4-B90D-25C89EA5917B}] => (Block) C:\program files\age of empires 2 & the conquerors expansion - full game\myth-age2_x1.exe
FirewallRules: [TCP Query User{91369508-198A-4137-AC08-D4BCBE70C55D}C:\users\jakub\downloads\desktop\wow\terraria 1.3.4.3\terraria.exe] => (Allow) C:\users\jakub\downloads\desktop\wow\terraria 1.3.4.3\terraria.exe
FirewallRules: [UDP Query User{871D7BF7-1E85-456B-BEB5-67372782A1D5}C:\users\jakub\downloads\desktop\wow\terraria 1.3.4.3\terraria.exe] => (Allow) C:\users\jakub\downloads\desktop\wow\terraria 1.3.4.3\terraria.exe
FirewallRules: [{FC97EF06-9DFD-4DEE-8C98-8D14FF6A3A07}] => (Block) C:\users\jakub\downloads\desktop\wow\terraria 1.3.4.3\terraria.exe
FirewallRules: [{1A449D79-A08A-4357-87FD-6FC090E24BAB}] => (Block) C:\users\jakub\downloads\desktop\wow\terraria 1.3.4.3\terraria.exe
FirewallRules: [TCP Query User{5AE01F73-E80D-4873-96E3-37810ADE658C}C:\users\jakub\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\jakub\appdata\roaming\gameranger\gameranger\gameranger.exe
FirewallRules: [UDP Query User{248B7378-7788-4355-96BB-6F0C87F43BD7}C:\users\jakub\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\jakub\appdata\roaming\gameranger\gameranger\gameranger.exe
FirewallRules: [{A6B42EBD-F697-486F-8D9B-B4A89170054A}] => (Block) C:\users\jakub\appdata\roaming\gameranger\gameranger\gameranger.exe
FirewallRules: [{E71FF6D0-EA25-479A-A984-B098216CB75C}] => (Block) C:\users\jakub\appdata\roaming\gameranger\gameranger\gameranger.exe
FirewallRules: [{7480A684-A2A0-4C35-84A9-7C615F7E9FFC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{0A6093DF-EBEB-4F91-9F5E-5B7D1F02A6D7}] => (Allow) C:\Program Files\Google\Chrome Remote Desktop\56.0.2924.51\remoting_host.exe
FirewallRules: [{BB1E0DF4-91B1-4A16-8CC7-BDEA4053D14F}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{1677DA2D-B4A9-4256-A785-3607FB6B50FE}C:\gog games\torchlight 2\torchlight2.exe] => (Allow) C:\gog games\torchlight 2\torchlight2.exe
FirewallRules: [UDP Query User{C707435D-2A40-415F-9575-C8E2B976A77C}C:\gog games\torchlight 2\torchlight2.exe] => (Allow) C:\gog games\torchlight 2\torchlight2.exe
FirewallRules: [{5E824819-57CF-4D2E-AADA-AA3F28B80970}] => (Block) C:\gog games\torchlight 2\torchlight2.exe
FirewallRules: [{3B9444A6-D22C-435A-9464-F0F4935F7529}] => (Block) C:\gog games\torchlight 2\torchlight2.exe
FirewallRules: [{12477714-3CF8-4B5B-8BE4-961008DA8407}] => (Allow) C:\Program Files\Tunngle\TnglCtrl.exe
FirewallRules: [{1E3A5DEE-F619-44D8-8549-016082862920}] => (Allow) C:\Program Files\Tunngle\TnglCtrl.exe
FirewallRules: [{ACF632C8-DC4B-45CF-8578-B0CB9EF035BD}] => (Allow) C:\Program Files\Tunngle\TnglCtrl.exe
FirewallRules: [{0FC08479-F7AA-4927-AF54-C329139A9EA6}] => (Allow) C:\Program Files\Tunngle\TnglCtrl.exe
FirewallRules: [{650F6E8A-AA5B-4CBE-9480-C87E8EE43B78}] => (Allow) C:\Program Files\Tunngle\Tunngle.exe
FirewallRules: [{40F86374-0D01-4621-BBED-3A0E6FFCA994}] => (Allow) C:\Program Files\Tunngle\Tunngle.exe
FirewallRules: [{A84A8D19-3C94-409F-8642-F905B1174229}] => (Allow) C:\Program Files\Tunngle\Tunngle.exe
FirewallRules: [{340E5546-299E-4A2B-858F-0F179EC77864}] => (Allow) C:\Program Files\Tunngle\Tunngle.exe
==================== Restore Points =========================
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (02/26/2017 05:49:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: vlc.exe, verze: 2.2.1.0, časové razítko: 0x00000004
Název chybujícího modulu: libqt4_plugin.dll, verze: 2.2.1.0, časové razítko: 0x00020002
Kód výjimky: 0x40000015
Posun chyby: 0x007ca10a
ID chybujícího procesu: 0x1cc0
Čas spuštění chybující aplikace: 0x01d29050331c66d8
Cesta k chybující aplikaci: C:\Program Files\VideoLAN\VLC\vlc.exe
Cesta k chybujícímu modulu: C:\Program Files\VideoLAN\VLC\plugins\gui\libqt4_plugin.dll
ID zprávy: 549f17d4-db86-4287-ad0a-a825098e3f58
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (02/26/2017 04:45:13 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files\CrystalDiskInfo\DiskInfo64.exe se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (02/26/2017 04:45:02 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Generování kontextu aktivace pro C:\Program Files\Microsoft\Search Enhancement Pack\Search Box Extension\SrchBxEx.dll se nezdařilo. Chyba v souboru manifestu nebo zásady C:\Program Files\Microsoft\Search Enhancement Pack\Search Box Extension\SrchBxEx.dll na řádku 2.
Neplatná syntaxe XML.
Error: (02/26/2017 04:44:56 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro c:\program files\crystaldiskinfo\DiskInfoX64.exe se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (02/26/2017 04:44:56 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro c:\program files\crystaldiskinfo\DiskInfo64.exe se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (02/26/2017 04:44:56 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files\CrystalDiskInfo\DiskInfo64.exe se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (02/26/2017 04:33:35 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Generování kontextu aktivace pro C:\Program Files\Microsoft\Search Enhancement Pack\Search Box Extension\SrchBxEx.dll se nezdařilo. Chyba v souboru manifestu nebo zásady C:\Program Files\Microsoft\Search Enhancement Pack\Search Box Extension\SrchBxEx.dll na řádku 2.
Neplatná syntaxe XML.
Error: (02/26/2017 03:40:20 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Generování kontextu aktivace pro C:\Program Files\Microsoft\Search Enhancement Pack\Search Box Extension\SrchBxEx.dll se nezdařilo. Chyba v souboru manifestu nebo zásady C:\Program Files\Microsoft\Search Enhancement Pack\Search Box Extension\SrchBxEx.dll na řádku 2.
Neplatná syntaxe XML.
Error: (02/26/2017 01:32:18 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, Neplatný popisovač.
.
Operace:
Spouštění asynchronní operace
Kontext:
Aktuální stav: DoSnapshotSet
Error: (02/26/2017 01:32:02 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).
System Error:
Přístup byl odepřen.
.
System errors:
=============
Error: (02/26/2017 05:47:08 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
a APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (02/26/2017 05:44:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Hamachi2Svc neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (02/26/2017 05:44:09 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Hamachi2Svc bylo dosaženo časového limitu (30000 ms).
Error: (02/26/2017 05:43:39 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN se nepodařilo spustit.
Cesta k modulu: C:\WINDOWS\system32\athExt.dll
Kód chyby: 126
Error: (02/26/2017 05:43:39 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba NetTcpActivator závisí na službě NetTcpPortSharing, která neuspěla při spuštění v důsledku následující chyby:
Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.
Error: (02/26/2017 05:43:38 PM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: Tento počítač je nakonfigurován jako člen pracovní skupiny, nikoliv jako
člen domény. Přihlašovací služba Netlogon nepotřebuje být spuštěna v této
konfiguraci.
Error: (02/26/2017 05:43:35 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (17:19:46, 26.02.2017) bylo neočekávané.
Error: (02/26/2017 03:11:04 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
Error: (02/26/2017 02:33:15 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
a APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (02/26/2017 01:59:49 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba NetTcpActivator závisí na službě NetTcpPortSharing, která neuspěla při spuštění v důsledku následující chyby:
Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.
CodeIntegrity:
===================================
Date: 2017-02-26 14:38:13.176
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-02-25 14:43:42.390
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-02-24 19:23:33.996
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-02-20 19:54:40.096
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-02-19 17:25:17.629
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-02-17 16:52:26.408
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-02-15 16:49:10.957
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-02-08 20:50:07.025
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-02-07 23:41:04.679
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-02-06 17:03:55.649
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: AMD Athlon(tm) II X2 240 Processor
Percentage of memory in use: 53%
Total physical RAM: 2943.23 MB
Available physical RAM: 1378.12 MB
Total Virtual: 7357.23 MB
Available Virtual: 5441.7 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:595.2 GB) (Free:354.2 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or (Size: 596.2 GB) (Disk ID: 7D826B35)
Partition 1: (Active) - (Size=539 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=595.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
==================== End of Addition.txt ============================
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-32bit] => (Allow) LPort=808
FirewallRules: [{86140C6A-8E1E-46E4-8394-CB28317B4062}] => (Block) C:\program files\pc remote\pc remote\pcremote.exe
FirewallRules: [{F27D38A7-3FA9-48B4-8BE2-DBBAD0C22632}] => (Block) C:\program files\pc remote\pc remote\pcremote.exe
FirewallRules: [UDP Query User{548983C4-E2D3-4EA0-828D-04DCA7ED700D}C:\program files\pc remote\pc remote\pcremote.exe] => (Allow) C:\program files\pc remote\pc remote\pcremote.exe
FirewallRules: [TCP Query User{5C1FBDDA-ACD0-4225-9CD3-0668FE5C7A07}C:\program files\pc remote\pc remote\pcremote.exe] => (Allow) C:\program files\pc remote\pc remote\pcremote.exe
FirewallRules: [{DC024EEB-B0AD-4AE6-A773-84A792E28FBB}] => (Block) C:\program files\asus\asus smart gesture\astpcenter\x86\asussgplusbtserver.exe
FirewallRules: [{CC1841DE-8262-4E9F-846E-0AA4EBB44E39}] => (Block) C:\program files\asus\asus smart gesture\astpcenter\x86\asussgplusbtserver.exe
FirewallRules: [UDP Query User{646C8A47-FC1A-4032-B009-419E166799B9}C:\program files\asus\asus smart gesture\astpcenter\x86\asussgplusbtserver.exe] => (Allow) C:\program files\asus\asus smart gesture\astpcenter\x86\asussgplusbtserver.exe
FirewallRules: [TCP Query User{16F69783-362C-46DC-8D4B-DDA49550D7D5}C:\program files\asus\asus smart gesture\astpcenter\x86\asussgplusbtserver.exe] => (Allow) C:\program files\asus\asus smart gesture\astpcenter\x86\asussgplusbtserver.exe
FirewallRules: [UDP Query User{C6DE9EC4-7DD5-455A-86B5-DEBB81402208}C:\program files\minecraft\runtime\jre-x32\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files\minecraft\runtime\jre-x32\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{3E142011-3BAB-4937-836D-B6B12CABD363}C:\program files\minecraft\runtime\jre-x32\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files\minecraft\runtime\jre-x32\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{5C7B7CB2-A4B1-4AF9-B758-3268C4066F74}C:\program files\minecraft\runtime\jre-x32\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files\minecraft\runtime\jre-x32\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{40466C94-AD99-4EEF-84B7-711D5534216E}C:\program files\minecraft\runtime\jre-x32\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files\minecraft\runtime\jre-x32\1.8.0_25\bin\javaw.exe
FirewallRules: [{D0F1DB81-C9AB-4399-A2A3-B3E13A6122FE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{72DCA4C2-CBC7-45E8-A44B-B7D1E48CFBB8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{1D575E0F-989E-44F4-A917-BAC519CE32EB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{D8A49E36-79C7-4358-8D6F-8C7C9F567558}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{DFF237F0-BA3F-4ADA-BC1C-3E3C393608E8}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{BCE61410-9AAE-410C-85F9-3867211A4BC2}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{4D4395B3-22A9-4B74-86BF-9AA337E60994}] => (Allow) C:\Users\Jakub\Downloads\Desktop\Terraria\Binding of Isaac\DNT\[www.mpc-g.com]DST172998\bin\dontstarve_steam.exe
FirewallRules: [{C79182E2-852A-41EF-A408-DA996B67E78C}] => (Allow) C:\Users\Jakub\Downloads\Desktop\Terraria\Binding of Isaac\DNT\[www.mpc-g.com]DST172998\bin\dontstarve_steam.exe
FirewallRules: [{D16C33B4-6168-48F2-98E0-4D2CAF65C979}] => (Block) C:\users\jakub\downloads\desktop\terraria\binding of isaac\dnt\[www.mpc-g.com]dst172998\bin\dontstarve_dedicated_server_nullrenderer.exe
FirewallRules: [{FDE8B3F2-A00B-4A2C-B1A8-94E095EA0882}] => (Block) C:\users\jakub\downloads\desktop\terraria\binding of isaac\dnt\[www.mpc-g.com]dst172998\bin\dontstarve_dedicated_server_nullrenderer.exe
FirewallRules: [UDP Query User{A9631DFD-3544-403A-BFAF-297BD42A9B9C}C:\users\jakub\downloads\desktop\terraria\binding of isaac\dnt\[www.mpc-g.com]dst172998\bin\dontstarve_dedicated_server_nullrenderer.exe] => (Allow) C:\users\jakub\downloads\desktop\terraria\binding of isaac\dnt\[www.mpc-g.com]dst172998\bin\dontstarve_dedicated_server_nullrenderer.exe
FirewallRules: [TCP Query User{F022EB80-650D-4928-AE92-FD61356E62B5}C:\users\jakub\downloads\desktop\terraria\binding of isaac\dnt\[www.mpc-g.com]dst172998\bin\dontstarve_dedicated_server_nullrenderer.exe] => (Allow) C:\users\jakub\downloads\desktop\terraria\binding of isaac\dnt\[www.mpc-g.com]dst172998\bin\dontstarve_dedicated_server_nullrenderer.exe
FirewallRules: [UDP Query User{7915FF48-A16D-48E7-B2AE-D98127E1EEED}C:\program files\skype\phone\skype.exe] => (Allow) C:\program files\skype\phone\skype.exe
FirewallRules: [TCP Query User{4FDD1742-EE2E-4B95-81B6-ED85E35DE111}C:\program files\skype\phone\skype.exe] => (Allow) C:\program files\skype\phone\skype.exe
FirewallRules: [UDP Query User{D8A649A9-475E-4E9B-95C3-012E8262426A}C:\users\jakub\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\jakub\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{DA10DE63-A9D1-474B-ABC0-908DE17897D3}C:\users\jakub\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\jakub\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{C4729A13-79FD-45F2-B945-651EB81A2EA8}C:\program files\java\jre1.8.0_91\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_91\bin\javaw.exe
FirewallRules: [UDP Query User{230BAA12-CFD0-4734-A722-A05929EBEF18}C:\program files\java\jre1.8.0_91\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_91\bin\javaw.exe
FirewallRules: [{11D85D15-EC57-4879-83F4-0C06B4C4372A}] => (Block) C:\program files\java\jre1.8.0_91\bin\javaw.exe
FirewallRules: [{ED832058-EF82-4567-B986-493312BE4492}] => (Block) C:\program files\java\jre1.8.0_91\bin\javaw.exe
FirewallRules: [TCP Query User{A9062A36-ABB3-4FC8-8070-E7EFAD694B5A}C:\users\jakub\documents\curse\minecraft\install\runtime\jre-x32\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\jakub\documents\curse\minecraft\install\runtime\jre-x32\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{74ACC873-3A9E-4E1F-B3CF-F9E47AFFC184}C:\users\jakub\documents\curse\minecraft\install\runtime\jre-x32\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\jakub\documents\curse\minecraft\install\runtime\jre-x32\1.8.0_25\bin\javaw.exe
FirewallRules: [{7127EE65-B067-4566-9D32-95672FB98E87}] => (Block) C:\users\jakub\documents\curse\minecraft\install\runtime\jre-x32\1.8.0_25\bin\javaw.exe
FirewallRules: [{01E4A11A-DBC7-439F-B7B3-48EB7AD87A3C}] => (Block) C:\users\jakub\documents\curse\minecraft\install\runtime\jre-x32\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{DB7543C5-3295-42F1-8A1E-F107BF31B7BE}C:\program files\age of empires 2 & the conquerors expansion - full game\empires2.exe] => (Allow) C:\program files\age of empires 2 & the conquerors expansion - full game\empires2.exe
FirewallRules: [UDP Query User{D7D04458-63CD-44BA-AE29-7BBB9AEEB7EA}C:\program files\age of empires 2 & the conquerors expansion - full game\empires2.exe] => (Allow) C:\program files\age of empires 2 & the conquerors expansion - full game\empires2.exe
FirewallRules: [{C58640EA-CE31-42B3-B7BC-44CE924A2CCC}] => (Block) C:\program files\age of empires 2 & the conquerors expansion - full game\empires2.exe
FirewallRules: [{91092976-9395-4D65-8051-BBF8D3956B1D}] => (Block) C:\program files\age of empires 2 & the conquerors expansion - full game\empires2.exe
FirewallRules: [TCP Query User{1149CEC7-4269-423A-9456-68AF2F136D93}C:\program files\voobly\voobly.exe] => (Allow) C:\program files\voobly\voobly.exe
FirewallRules: [UDP Query User{FDD179CF-3D53-4A03-A57B-FB2A39D60EE8}C:\program files\voobly\voobly.exe] => (Allow) C:\program files\voobly\voobly.exe
FirewallRules: [{AEFD5C43-8961-4DF9-AB8A-77C22C24416A}] => (Block) C:\program files\voobly\voobly.exe
FirewallRules: [{19C26AFD-0724-481C-AE47-97749076354B}] => (Block) C:\program files\voobly\voobly.exe
FirewallRules: [TCP Query User{58D743F5-2D63-44C4-860E-3E7A5D5B60D3}C:\program files\age of empires 2 & the conquerors expansion - full game\age2_x1\age2_x1.exe] => (Allow) C:\program files\age of empires 2 & the conquerors expansion - full game\age2_x1\age2_x1.exe
FirewallRules: [UDP Query User{F553069C-D5A2-4AAA-B771-FC44DAD37C43}C:\program files\age of empires 2 & the conquerors expansion - full game\age2_x1\age2_x1.exe] => (Allow) C:\program files\age of empires 2 & the conquerors expansion - full game\age2_x1\age2_x1.exe
FirewallRules: [{6B7E5932-B215-428A-A7F6-D5CC8A455C67}] => (Block) C:\program files\age of empires 2 & the conquerors expansion - full game\age2_x1\age2_x1.exe
FirewallRules: [{003BBB9F-FD4C-4A3B-ABE5-27E3CEB9A6C9}] => (Block) C:\program files\age of empires 2 & the conquerors expansion - full game\age2_x1\age2_x1.exe
FirewallRules: [TCP Query User{A1D78CD3-51E1-4062-B660-F252BB308FE1}C:\windows\system32\dplaysvr.exe] => (Allow) C:\windows\system32\dplaysvr.exe
FirewallRules: [UDP Query User{66141FD1-60BC-4060-A1DF-E79A3D63B424}C:\windows\system32\dplaysvr.exe] => (Allow) C:\windows\system32\dplaysvr.exe
FirewallRules: [{96F6159D-E9CD-4593-8269-3DAD1363570C}] => (Block) C:\windows\system32\dplaysvr.exe
FirewallRules: [{2EDC4FA8-FB71-47F4-80BD-1D5792003828}] => (Block) C:\windows\system32\dplaysvr.exe
FirewallRules: [TCP Query User{386EAF6A-F5EA-436B-82AC-4A62A2841176}C:\program files\age of empires 2 & the conquerors expansion - full game\myth-age2_x1.exe] => (Allow) C:\program files\age of empires 2 & the conquerors expansion - full game\myth-age2_x1.exe
FirewallRules: [UDP Query User{19D7CFB9-7EA1-4EE7-ADCA-C1E12183C34B}C:\program files\age of empires 2 & the conquerors expansion - full game\myth-age2_x1.exe] => (Allow) C:\program files\age of empires 2 & the conquerors expansion - full game\myth-age2_x1.exe
FirewallRules: [{5AD632FA-2372-49A3-AC62-F1F8A35B030B}] => (Block) C:\program files\age of empires 2 & the conquerors expansion - full game\myth-age2_x1.exe
FirewallRules: [{9E1D4F49-801B-47B4-B90D-25C89EA5917B}] => (Block) C:\program files\age of empires 2 & the conquerors expansion - full game\myth-age2_x1.exe
FirewallRules: [TCP Query User{91369508-198A-4137-AC08-D4BCBE70C55D}C:\users\jakub\downloads\desktop\wow\terraria 1.3.4.3\terraria.exe] => (Allow) C:\users\jakub\downloads\desktop\wow\terraria 1.3.4.3\terraria.exe
FirewallRules: [UDP Query User{871D7BF7-1E85-456B-BEB5-67372782A1D5}C:\users\jakub\downloads\desktop\wow\terraria 1.3.4.3\terraria.exe] => (Allow) C:\users\jakub\downloads\desktop\wow\terraria 1.3.4.3\terraria.exe
FirewallRules: [{FC97EF06-9DFD-4DEE-8C98-8D14FF6A3A07}] => (Block) C:\users\jakub\downloads\desktop\wow\terraria 1.3.4.3\terraria.exe
FirewallRules: [{1A449D79-A08A-4357-87FD-6FC090E24BAB}] => (Block) C:\users\jakub\downloads\desktop\wow\terraria 1.3.4.3\terraria.exe
FirewallRules: [TCP Query User{5AE01F73-E80D-4873-96E3-37810ADE658C}C:\users\jakub\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\jakub\appdata\roaming\gameranger\gameranger\gameranger.exe
FirewallRules: [UDP Query User{248B7378-7788-4355-96BB-6F0C87F43BD7}C:\users\jakub\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\jakub\appdata\roaming\gameranger\gameranger\gameranger.exe
FirewallRules: [{A6B42EBD-F697-486F-8D9B-B4A89170054A}] => (Block) C:\users\jakub\appdata\roaming\gameranger\gameranger\gameranger.exe
FirewallRules: [{E71FF6D0-EA25-479A-A984-B098216CB75C}] => (Block) C:\users\jakub\appdata\roaming\gameranger\gameranger\gameranger.exe
FirewallRules: [{7480A684-A2A0-4C35-84A9-7C615F7E9FFC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{0A6093DF-EBEB-4F91-9F5E-5B7D1F02A6D7}] => (Allow) C:\Program Files\Google\Chrome Remote Desktop\56.0.2924.51\remoting_host.exe
FirewallRules: [{BB1E0DF4-91B1-4A16-8CC7-BDEA4053D14F}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{1677DA2D-B4A9-4256-A785-3607FB6B50FE}C:\gog games\torchlight 2\torchlight2.exe] => (Allow) C:\gog games\torchlight 2\torchlight2.exe
FirewallRules: [UDP Query User{C707435D-2A40-415F-9575-C8E2B976A77C}C:\gog games\torchlight 2\torchlight2.exe] => (Allow) C:\gog games\torchlight 2\torchlight2.exe
FirewallRules: [{5E824819-57CF-4D2E-AADA-AA3F28B80970}] => (Block) C:\gog games\torchlight 2\torchlight2.exe
FirewallRules: [{3B9444A6-D22C-435A-9464-F0F4935F7529}] => (Block) C:\gog games\torchlight 2\torchlight2.exe
FirewallRules: [{12477714-3CF8-4B5B-8BE4-961008DA8407}] => (Allow) C:\Program Files\Tunngle\TnglCtrl.exe
FirewallRules: [{1E3A5DEE-F619-44D8-8549-016082862920}] => (Allow) C:\Program Files\Tunngle\TnglCtrl.exe
FirewallRules: [{ACF632C8-DC4B-45CF-8578-B0CB9EF035BD}] => (Allow) C:\Program Files\Tunngle\TnglCtrl.exe
FirewallRules: [{0FC08479-F7AA-4927-AF54-C329139A9EA6}] => (Allow) C:\Program Files\Tunngle\TnglCtrl.exe
FirewallRules: [{650F6E8A-AA5B-4CBE-9480-C87E8EE43B78}] => (Allow) C:\Program Files\Tunngle\Tunngle.exe
FirewallRules: [{40F86374-0D01-4621-BBED-3A0E6FFCA994}] => (Allow) C:\Program Files\Tunngle\Tunngle.exe
FirewallRules: [{A84A8D19-3C94-409F-8642-F905B1174229}] => (Allow) C:\Program Files\Tunngle\Tunngle.exe
FirewallRules: [{340E5546-299E-4A2B-858F-0F179EC77864}] => (Allow) C:\Program Files\Tunngle\Tunngle.exe
==================== Restore Points =========================
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (02/26/2017 05:49:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: vlc.exe, verze: 2.2.1.0, časové razítko: 0x00000004
Název chybujícího modulu: libqt4_plugin.dll, verze: 2.2.1.0, časové razítko: 0x00020002
Kód výjimky: 0x40000015
Posun chyby: 0x007ca10a
ID chybujícího procesu: 0x1cc0
Čas spuštění chybující aplikace: 0x01d29050331c66d8
Cesta k chybující aplikaci: C:\Program Files\VideoLAN\VLC\vlc.exe
Cesta k chybujícímu modulu: C:\Program Files\VideoLAN\VLC\plugins\gui\libqt4_plugin.dll
ID zprávy: 549f17d4-db86-4287-ad0a-a825098e3f58
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (02/26/2017 04:45:13 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files\CrystalDiskInfo\DiskInfo64.exe se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (02/26/2017 04:45:02 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Generování kontextu aktivace pro C:\Program Files\Microsoft\Search Enhancement Pack\Search Box Extension\SrchBxEx.dll se nezdařilo. Chyba v souboru manifestu nebo zásady C:\Program Files\Microsoft\Search Enhancement Pack\Search Box Extension\SrchBxEx.dll na řádku 2.
Neplatná syntaxe XML.
Error: (02/26/2017 04:44:56 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro c:\program files\crystaldiskinfo\DiskInfoX64.exe se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (02/26/2017 04:44:56 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro c:\program files\crystaldiskinfo\DiskInfo64.exe se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (02/26/2017 04:44:56 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files\CrystalDiskInfo\DiskInfo64.exe se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (02/26/2017 04:33:35 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Generování kontextu aktivace pro C:\Program Files\Microsoft\Search Enhancement Pack\Search Box Extension\SrchBxEx.dll se nezdařilo. Chyba v souboru manifestu nebo zásady C:\Program Files\Microsoft\Search Enhancement Pack\Search Box Extension\SrchBxEx.dll na řádku 2.
Neplatná syntaxe XML.
Error: (02/26/2017 03:40:20 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Generování kontextu aktivace pro C:\Program Files\Microsoft\Search Enhancement Pack\Search Box Extension\SrchBxEx.dll se nezdařilo. Chyba v souboru manifestu nebo zásady C:\Program Files\Microsoft\Search Enhancement Pack\Search Box Extension\SrchBxEx.dll na řádku 2.
Neplatná syntaxe XML.
Error: (02/26/2017 01:32:18 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, Neplatný popisovač.
.
Operace:
Spouštění asynchronní operace
Kontext:
Aktuální stav: DoSnapshotSet
Error: (02/26/2017 01:32:02 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).
System Error:
Přístup byl odepřen.
.
System errors:
=============
Error: (02/26/2017 05:47:08 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
a APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (02/26/2017 05:44:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Hamachi2Svc neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (02/26/2017 05:44:09 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Hamachi2Svc bylo dosaženo časového limitu (30000 ms).
Error: (02/26/2017 05:43:39 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN se nepodařilo spustit.
Cesta k modulu: C:\WINDOWS\system32\athExt.dll
Kód chyby: 126
Error: (02/26/2017 05:43:39 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba NetTcpActivator závisí na službě NetTcpPortSharing, která neuspěla při spuštění v důsledku následující chyby:
Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.
Error: (02/26/2017 05:43:38 PM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: Tento počítač je nakonfigurován jako člen pracovní skupiny, nikoliv jako
člen domény. Přihlašovací služba Netlogon nepotřebuje být spuštěna v této
konfiguraci.
Error: (02/26/2017 05:43:35 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (17:19:46, 26.02.2017) bylo neočekávané.
Error: (02/26/2017 03:11:04 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
Error: (02/26/2017 02:33:15 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
a APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (02/26/2017 01:59:49 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba NetTcpActivator závisí na službě NetTcpPortSharing, která neuspěla při spuštění v důsledku následující chyby:
Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.
CodeIntegrity:
===================================
Date: 2017-02-26 14:38:13.176
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-02-25 14:43:42.390
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-02-24 19:23:33.996
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-02-20 19:54:40.096
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-02-19 17:25:17.629
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-02-17 16:52:26.408
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-02-15 16:49:10.957
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-02-08 20:50:07.025
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-02-07 23:41:04.679
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-02-06 17:03:55.649
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: AMD Athlon(tm) II X2 240 Processor
Percentage of memory in use: 53%
Total physical RAM: 2943.23 MB
Available physical RAM: 1378.12 MB
Total Virtual: 7357.23 MB
Available Virtual: 5441.7 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:595.2 GB) (Free:354.2 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or (Size: 596.2 GB) (Disk ID: 7D826B35)
Partition 1: (Active) - (Size=539 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=595.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
==================== End of Addition.txt ============================
Re: Prosím o kontrolu logu
Memtest nenašel žádnou chybu.
- jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43113
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logu
Nemáš antivir? Vidím tam jen zbytky Avastu a Aviry..
případně odinstaluj tímto:
Avast:
Jak odinstalovat avast! za použití nástroje aswClear:
Stáhněte aswClear.exe
http://files.avast.com/files/eng/aswclear.exe
na vaší pracovní plochu
Spusťte jej
Pokud jste instalovali avast! do jiného než výchozího adresáře, nalistujte jej. (Poznámka: Buďte opatrní! Obsah adresáře, který vyberete, bude smazán!!!
Stiskněte SMAZAT
Restartujte počítač
Avira:
Avira uninstall
http://www.raymond.cc/blog/archives/200 ... are/#more-
Download Avira RegCleaner
http://www.avira.com/en/download/produc ... ry-cleaner
000000001302 Čas na roztočení ploten
000000001302 Čas na roztočení ploten
údaj se nemění.
Temperature : 44 C (111 F)--- více chladit HDD!
Tcpip\..\Interfaces\{0ccc13c1-fd50-48b8-bdc6-8042ddc467bc}: [DhcpNameServer] 7.254.254.254
DhcpNameServer : 7.254.254.254 [UNITED STATES (US)]
Ty jsi v USA? Máš tam nastavenu pro router adresu v USA..
případně odinstaluj tímto:
Avast:
Jak odinstalovat avast! za použití nástroje aswClear:
Stáhněte aswClear.exe
http://files.avast.com/files/eng/aswclear.exe
na vaší pracovní plochu
Spusťte jej
Pokud jste instalovali avast! do jiného než výchozího adresáře, nalistujte jej. (Poznámka: Buďte opatrní! Obsah adresáře, který vyberete, bude smazán!!!
Stiskněte SMAZAT
Restartujte počítač
Avira:
Avira uninstall
http://www.raymond.cc/blog/archives/200 ... are/#more-
Download Avira RegCleaner
http://www.avira.com/en/download/produc ... ry-cleaner
000000001302 Čas na roztočení ploten
000000001302 Čas na roztočení ploten
údaj se nemění.
Temperature : 44 C (111 F)--- více chladit HDD!
Tcpip\..\Interfaces\{0ccc13c1-fd50-48b8-bdc6-8042ddc467bc}: [DhcpNameServer] 7.254.254.254
DhcpNameServer : 7.254.254.254 [UNITED STATES (US)]
Ty jsi v USA? Máš tam nastavenu pro router adresu v USA..
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 4 hosti