Zavírání aplikací, nelze spouštět "systémové aplikace" Vyřešeno

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

Zamčeno
Uživatelský avatar
de!v
Level 2.5
Level 2.5
Příspěvky: 274
Registrován: duben 15
Bydliště: Příbram
Pohlaví: Muž
Stav:
Offline

Re: Zavírání aplikací, nelze spouštět "systémové aplikace"

Příspěvekod de!v » 30 říj 2015 17:01

Tak ještě jednou mbam (už to nic nenašlo :D)
Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 30.10.2015
Čas skenování: 13:44
Protokol: mbam.txt
Správce: Ano

Verze: 2.2.0.1024
Databáze malwaru: v2015.10.30.03
Databáze rootkitů: v2015.10.28.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 10
CPU: x64
Souborový systém: NTFS
Uživatel: David Černý

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 630871
Uplynulý čas: 53 min, 43 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 0
(Nenalezeny žádné škodlivé položky)

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

RogueKiller V10.11.3.0 (x64) [Oct 26 2015] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/software/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 10 (10.0.10240) 64 bits version
Spuštěno : Normální režim
Uživatel : David ?erný [Práva správce]
Started from : C:\Users\David ?erný\Desktop\RogueKillerX64.exe
Mód : Smazat -- Datum : 10/30/2015 15:25:32

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 4 ¤¤¤
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 109.72.0.1 109.72.2.30 ([CZECH REPUBLIC (CZ)][(Unknown Country?) (XX)]) -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 109.72.0.1 109.72.2.30 ([CZECH REPUBLIC (CZ)][(Unknown Country?) (XX)]) -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{f9f844b6-ac82-4d20-a9ef-1be8e2654144} | DhcpNameServer : 109.72.0.1 109.72.2.30 ([CZECH REPUBLIC (CZ)][(Unknown Country?) (XX)]) -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{f9f844b6-ac82-4d20-a9ef-1be8e2654144} | DhcpNameServer : 109.72.0.1 109.72.2.30 ([CZECH REPUBLIC (CZ)][(Unknown Country?) (XX)]) -> Nahrazeno ()

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 1 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: +++++
--- User ---
[MBR] 15b396a0a1ab549918d2d3798b6b2d9f
[BSP] b2aaf44d38fad37197910d2cfd01509b : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 18000 MB
1 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 36866048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 37070848 | Size: 458837 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK



Zoek.exe v5.0.0.1 Updated 29-October-2015
Tool run by David ¬erně on p  30.10.2015 at 15:27:29,40.
Microsoft Windows 10 Pro 10.0.10240 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\DAVIDE~1\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

30.10.2015 15:47:30 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Empty Folders Check ======================

C:\Users\DAVIDE~1\AppData\Local\NetworkTiles deleted successfully
C:\Users\DAVIDE~1\AppData\Local\PeerDistRepub deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistPub deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistRepub deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3528035922-2378795729-1042103783-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully
HKEY_USERS\S-1-5-21-3528035922-2378795729-1042103783-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F4E39681-15F8-4fda-B8A3-B5C98378F2F3} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\DAVIDE~1\AppData\Roaming\Mozilla\Firefox\Profiles\dsb4iu0h.default\prefs.js:
user_pref("browser.newtab.url", "http://www.google.com/firefox");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");

Added to C:\Users\DAVIDE~1\AppData\Roaming\Mozilla\Firefox\Profiles\dsb4iu0h.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Deleted from C:\Users\DAVIDE~1\AppData\Roaming\Thunderbird\Profiles\bbjbrij8.default\prefs.js:

Added to C:\Users\DAVIDE~1\AppData\Roaming\Thunderbird\Profiles\bbjbrij8.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Deleted from C:\Users\DAVIDE~1\AppData\Roaming\TomTom\HOME\Profiles\9fk5499n.default\prefs.js:

Added to C:\Users\DAVIDE~1\AppData\Roaming\TomTom\HOME\Profiles\9fk5499n.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Deleted from C:\Users\MIRA7_~1.000\AppData\Roaming\Mozilla\Firefox\Profiles\aj0qy5k7.default\prefs.js:

Added to C:\Users\MIRA7_~1.000\AppData\Roaming\Mozilla\Firefox\Profiles\aj0qy5k7.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\DAVIDE~1\AppData\Roaming\Mozilla\Firefox\Profiles\dsb4iu0h.default

user.js not found
---- Lines extensions.VesAI removed from prefs.js ----
user_pref("extensions.VesAI.epoch", "1418737851");
---- FireFox user.js and prefs.js backups ----

prefs_30.10.2015_1639_.backup

ProfilePath: C:\Users\DAVIDE~1\AppData\Roaming\Thunderbird\Profiles\bbjbrij8.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_30.10.2015_1639_.backup

ProfilePath: C:\Users\DAVIDE~1\AppData\Roaming\TomTom\HOME\Profiles\9fk5499n.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_30.10.2015_1639_.backup

ProfilePath: C:\Users\MIRA7_~1.000\AppData\Roaming\Mozilla\Firefox\Profiles\aj0qy5k7.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_30.10.2015_1639_.backup

==== Deleting Files \ Folders ======================

C:\Users\mira7_000.THEDEIV70-PC.000\daemonprocess.txt deleted
C:\Users\mira7_000.THEDEIV70-PC.000\.android deleted
C:\Users\DAVIDE~1\.android deleted
C:\PROGRA~3\InstallMate deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\DAVIDE~1\AppData\Local\Unity deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SearchNewTab deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\windows\SysNative\Tasks\avastBCLRestartS-1-5-21-3528035922-2378795729-1042103783-1001 deleted
C:\Users\mira7_000.THEDEIV70-PC\AppData\LocalLow\AVG SafeGuard toolbar deleted
C:\Users\mira7_000.THEDEIV70-PC.000\AppData\LocalLow\AVG SafeGuard toolbar deleted
C:\Users\DAVIDE~1\AppData\LocalLow\Unity deleted
C:\WINDOWS\wininit.ini deleted
C:\Users\DAVIDE~1\elipseos.exe deleted
C:\Users\DAVIDE~1\parkmycar.exe deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\DAVIDE~1\AppData\Roaming\Mozilla\Firefox\Profiles\dsb4iu0h.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\DAVIDE~1\AppData\Roaming\Thunderbird\Profiles\bbjbrij8.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\DAVIDE~1\AppData\Roaming\TomTom\HOME\Profiles\9fk5499n.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\MIRA7_~1.000\AppData\Roaming\Mozilla\Firefox\Profiles\aj0qy5k7.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [27.09.2015 12:59]

==== Firefox Extensions ======================

ProfilePath: C:\Users\DAVIDE~1\AppData\Roaming\Mozilla\Firefox\Profiles\dsb4iu0h.default
- Firebug - %ProfilePath%\extensions\firebug@software.joehewitt.com.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

ProfilePath: C:\Users\DAVIDE~1\AppData\Roaming\TomTom\HOME\Profiles\9fk5499n.default
- Map status indicator - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com
- TomTom HOME default theme - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com
- Emulator - %ProfilePath%\extensions\Navcore.9.510.1234792@tomtom.com

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi

==== Firefox Plugins ======================


==== Fake Chromium Profiles Check ======================

Fake profile C:\Users\mira7_000.THEDEIV70-PC.000\AppData\Local\Torch deleted
Fake profile C:\Users\mira7_000.THEDEIV70-PC.000\AppData\Local\Google\Chrome SxS deleted
Fake profile C:\Users\DAVIDE~1\AppData\Local\Google\Chrome SxS deleted

==== Chromium Look ======================

Google Chrome Version: 46.0.2490.80

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[17.06.2015 19:32]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[12.10.2015 08:31]

Skype for Chromium - mira7_000.THEDEIV70-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
AVG SafeGuard - mira7_000.THEDEIV70-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Advanced SystemCare Surfing Protection - mira7_000.THEDEIV70-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd
Avast Online Security - mira7_000.THEDEIV70-PC.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Skype Click to Call - mira7_000.THEDEIV70-PC.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Avast Online Security - miros_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Skype Click to Call - miros_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Easy Auto Refresh - DAVIDE~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aabcgdmkeabbnleenpncegpcngjpnjkc
Advanced Font Settings - DAVIDE~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\caclkomlalccbpcdllchkeecicepbmbm
AdBlock - DAVIDE~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
Avast Online Security - DAVIDE~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Skype Click to Call - DAVIDE~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Avast Online Security - MIRA7_~1.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Skype Click to Call - MIRA7_~1.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl

==== Chromium Startpages ======================

C:\Users\miros_000\AppData\Local\Google\Chrome\User Data\Default\Preferences
"startup_urls": [ "https://www.google.cz/?gws_rd=ssl" ]


==== Chromium Fix ======================

C:\Users\DAVIDE~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage deleted successfully
C:\Users\DAVIDE~1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.google.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02"

==== Reset Google Chrome ======================

C:\Users\mira7_000.THEDEIV70-PC\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\mira7_000.THEDEIV70-PC.000\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\mira7_000.THEDEIV70-PC.000\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\miros_000\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\miros_000\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\DAVIDE~1\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\DAVIDE~1\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\MIRA7_~1.000\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\MIRA7_~1.000\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\mira7_000.THEDEIV70-PC\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\mira7_000.THEDEIV70-PC\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\mira7_000.THEDEIV70-PC.000\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\mira7_000.THEDEIV70-PC.000\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\mira7_000.THEDEIV70-PC.000\AppData\Local\Google\Chrome\User Data\Default\Web Data.ReadOnly was reset successfully
C:\Users\miros_000\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\miros_000\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\miros_000\AppData\Local\Google\Chrome\User Data\Default\Web Data.ReadOnly was reset successfully
C:\Users\DAVIDE~1\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\DAVIDE~1\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\DAVIDE~1\AppData\Local\Google\Chrome\User Data\Default\Web Data.ReadOnly was reset successfully
C:\Users\MIRA7_~1.000\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\MIRA7_~1.000\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\MIRA7_~1.000\AppData\Local\Google\Chrome\User Data\Default\Web Data.ReadOnly was reset successfully

==== Deleting Registry Keys ======================

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\UnityWebPlayer deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AntiLogger deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Clownfish deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Coin Miner deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Connectify Dispatch deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Connectify Hotspot deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FileZilla Server Interface deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Livestation deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ShowBatteryBar deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe deleted successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\mira7_000.THEDEIV70-PC.000\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\Users\DAVIDE~1\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\DAVIDE~1\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\Users\MIRA7_~1.000\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\DAVIDE~1\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\DAVIDE~1\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\mira7_000.THEDEIV70-PC\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\mira7_000.THEDEIV70-PC.000\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\miros_000\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\DAVIDE~1\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\MIRA7_~1.000\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=190 folders=78 737837463 bytes)

==== Empty Temp Folders ======================

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\DAVIDE~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on p  30.10.2015 at 16:52:08,61 ======================

Ten poslední ještě přidám...
Nahoru
Reklama
Top
Uživatelský avatar
de!v
Level 2.5
Level 2.5
Příspěvky: 274
Registrován: duben 15
Bydliště: Příbram
Pohlaví: Muž
Stav:
Offline

Re: Zavírání aplikací, nelze spouštět "systémové aplikace"

Příspěvekod de!v » 30 říj 2015 17:15

Logy z frst jsem nahrál sem http://leteckaposta.cz/381554376 :-) , na fórum je to moc dlouhé...
Nahoru
Uživatelský avatar
jerabina
člen Security týmu
Level 6
Level 6
Příspěvky: 3647
Registrován: březen 13
Bydliště: Litoměřice
Pohlaví: Muž
Stav:
Offline

Re: Zavírání aplikací, nelze spouštět "systémové aplikace"

Příspěvekod jerabina » 30 říj 2015 18:29

Odinstaluj vše od IObitu

Při startu se ti tam spouští spousta zbytečností, mám je později zakázat? Jedná se o:

Kód: Vybrat vše

Steam
Origin
ICQ
Spotify
Skype


Poznáváš tyto soubory?

Kód: Vybrat vše

C:\Users\David Černý\Downloads\quadripartite_doubledecker_coach_csd_trs.cdp
C:\Users\David Černý\Downloads\bt_trs.cdp
C:\Users\David Černý\Downloads\studenka_cd_2006.cdp
C:\Users\David Černý\Downloads\bautzen_yb70_bc663_cd_2006.cdp
C:\Users\David Černý\Downloads\cd_bmz.cdp
C:\Users\David Černý\Downloads\cd_ampz.cdp
C:\Users\David Černý\Downloads\inter_city_express_3_p109.cdp
C:\Users\David Černý\Downloads\680_pendolino_v2.cdp
C:\Users\David Černý\Downloads\451_021_1_lochneska.cdp
C:\Users\David Černý\Downloads\451_021_1.cdp
C:\Users\David Černý\Downloads\051.cdp
C:\Users\David Černý\Downloads\451_021_1_1.cdp
C:\Users\David Černý\Downloads\podvozek_451.cdp
C:\Users\David Černý\Downloads\cd_854_054_954_a2.cdp
C:\Users\David Černý\Downloads\enginesound_854_01_makaron1970.cdp
C:\Users\David Černý\Downloads\853_beta.cdp
C:\Users\David Černý\Downloads\csd_m290-002_trs_r02.cdp
C:\Users\David Černý\Downloads\csd_m290_cab_r01.cdp
C:\Users\David Černý\Downloads\bila_a_cervena_corony.cdp
C:\Users\David Černý\Downloads\bila_a_cervena_corony (1).cdp
C:\Users\David Černý\Downloads\cd363.cdp
C:\Users\David Černý\Downloads\cd163.cdp
C:\Users\David Černý\Downloads\cd140.cdp
C:\Users\David Černý\Downloads\cd140 (1).cdp
C:\Users\David Černý\Downloads\141.cdp
C:\Users\David Černý\Downloads\zssk_362.005.cdp
C:\Users\David Černý\Downloads\pantografy_skoda_3_25_lsp_3.cdp
C:\Users\David Černý\Downloads\744.cdp
C:\Users\David Černý\Downloads\kuid_48366_53002.cdp
C:\Users\David Černý\Downloads\104722_53025.cdp
C:\Users\David Černý\Downloads\cd_130_002.cdp
C:\Users\David Černý\Downloads\t478_001.cdp
C:\Users\David Černý\Downloads\cd_751_158.cdp
C:\Users\David Černý\Downloads\cd_751_158 (2).cdp
C:\Users\David Černý\Downloads\cd_751_158 (1).cdp
C:\Users\David Černý\Downloads\csd_781_433_8.cdp
C:\Users\David Černý\Downloads\csd_464-2_r01.cdp
C:\Users\David Černý\Downloads\cd_714.cdp
C:\Users\David Černý\Downloads\csd_354-1217_cab_r03.cdp
C:\Users\David Černý\Downloads\Sklad_2.cdp
C:\Users\David Černý\Downloads\prechod_zakazan.cdp
C:\Users\David Černý\Downloads\vystraznykriz.cdp
C:\Users\David Černý\Downloads\Vechtr.cdp
C:\Users\David Černý\Downloads\cd169.cdp
C:\Users\David Černý\Downloads\Dr__n__bu_ka-144273.cdp
C:\Users\David Černý\Downloads\380.cdp
C:\Users\David Černý\Downloads\PV_tezke_opevneni_nove.cdp
C:\Users\David Černý\Downloads\CD_Blmee.cdp


V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému.

Toto otestuj na Virustotal
C:\Program Files (x86)\TVTool\tvtool.sys

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CloseProcesses:

HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5579624 2015-07-14] (LogMeIn Inc.)
HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\David Černý\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\David Černý\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\...\Run: [Google Update] => C:\Users\David Černý\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc.)
HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8322328 2015-05-08] (Piriform Ltd)
HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\...\Run: [uTorrent] => C:\Users\David Černý\AppData\Roaming\uTorrent\uTorrent.exe [1696096 2015-08-25] (BitTorrent Inc.)
HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\...\Run: [D39285F41701F115758C3AEFBA1EAD44C4458502._service_run] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [811848 2015-10-20] (Google Inc.)
HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\...\RunOnce: [Uninstall C:\Users\David **ern?\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64<*>] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\David Černý\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64" <===== ATTENTION (Value Name with invalid characters)
HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\...\RunOnce: [Uninstall C:\Users\David **ern?\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64<*>] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\David Černý\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64" <===== ATTENTION (Value Name with invalid characters)
HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\...\RunOnce: [Uninstall C:\Users\David **ern?\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64<*>] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\David Černý\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64" <===== ATTENTION (Value Name with invalid characters)
HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\...\MountPoints2: {089d0073-621a-11e5-801a-e89a8fb36820} - "D:\autorun.exe"

HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.msn.com/spbasic.htm
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-23] (Google Inc.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-23] (Google Inc.)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-23] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-23] (Google Inc.)

FF NewTab: about:newtab
FF Homepage: about:home
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-3528035922-2378795729-1042103783-1001: @tools.google.com/Google Update;version=3 -> C:\Users\David Černý\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-3528035922-2378795729-1042103783-1001: @tools.google.com/Google Update;version=9 -> C:\Users\David Černý\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-3528035922-2378795729-1042103783-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\David Černý\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [No File]

R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-07-30] (IObit)
S3 WinRing0_1_2_0; C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [14544 2010-11-01] (OpenLibSys.org)

Service:
LiveUpdateSvc
WinRing0_1_2_0

C:\Users\David Černý\AppData\Roaming\temp.ini
C:\Users\David Černý\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\ProgramData\regid.1999-06.com.hiteksoftware_08B23B79-BF13-481A-A14E-B3BA53F3BBCC.swidtag
C:\ProgramData\V2SData.data

C:\Program Files (x86)\IObit
C:\ProgramData\IObit
C:\Users\David Černý\AppData\Roaming\IObit
C:\ProgramData\RogueKiller

Task: {10826C94-B048-4931-B4AE-1EEE4ECF9E16} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {1177FE56-12C8-4A04-BCEE-1C25022B8066} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-17] (Adobe Systems Incorporated)
Task: {262241C8-70EA-4662-8423-78EC73889531} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe
Task: {415FFE9C-BB20-4523-98B3-90ECFA0C648E} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {4AA122E0-41DA-4460-AFB1-EEB1488C20AF} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {5AADB3C8-23A0-43F1-ABD0-08B67927FDBB} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-3528035922-2378795729-1042103783-1025
Task: {6C4D2D58-DDD0-4BA0-BF2F-EDC803EF8145} - \Microsoft\Windows\Setup\gwx\runappraiser -> No File <==== ATTENTION
Task: {7119F0DA-FDF0-45CD-B088-3DD112049D7B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
Task: {79215B01-DCFF-4D0C-8209-065D667DAD6F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3528035922-2378795729-1042103783-1001Core => C:\Users\David Černý\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {7A6A5D31-8B93-459F-9EDA-449CA06C7E5F} - System32\Tasks\WpsNotifyTask_David  Černý => C:\Users\David Černý\AppData\Local\Kingsoft\Kingsoft Office\9.1.0.4759\wtoolex\wpsnotify.exe [2015-02-09] (Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {7BB76EC5-3288-4BB9-AFF2-BFE9DD2A29C5} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3528035922-2378795729-1042103783-1001UA => C:\Users\David Černý\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {8DDD8188-E651-49F8-AD56-136689608654} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe [2013-08-26] ()
Task: {907932E7-FF3C-43CB-AB90-F10418B2AF62} - System32\Tasks\{ACC8676D-F5C6-40CA-A306-E8794D8DDF94} => pcalua.exe -a "C:\Users\David Černý\Downloads\listove_obalky.exe"
Task: {92EF4589-A29F-4EB6-BA1E-D63F083D5FBE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {947C2D49-9E85-4843-9124-3E6D2C24C12A} - System32\Tasks\WpsUpdateTask_David  Černý => C:\Program Files (x86)\Kingsoft\Kingsoft Office\wtoolex\wpsupdate.exe
Task: {B0416555-781A-4B91-A6EE-0EA54303053E} - \avastBCLRestartS-1-5-21-3528035922-2378795729-1042103783-1001 -> No File <==== ATTENTION
Task: {E85EC381-118A-484C-87EF-7440092A5208} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\AbelssoftPreloader.job => C:\Program Files (x86)\WashAndGo\AbelssoftPreloader.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3528035922-2378795729-1042103783-1001Core.job => C:\Users\David Černý\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3528035922-2378795729-1042103783-1001UA.job => C:\Users\David Černý\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\SesamTVMC.job => THEDEIV70 PC David ern
Task: C:\WINDOWS\Tasks\WpsNotifyTask_David  Černý.job => C:\Users\David Černý\AppData\Local\Kingsoft\Kingsoft Office\9.1.0.4759\wtoolex\wpsnotify.exe
Task: C:\WINDOWS\Tasks\WpsUpdateTask_David  Černý.job => C:\Program Files (x86)\Kingsoft\Kingsoft Office\wtoolex\wpsupdate.exe

AlternateDataStreams: C:\0ca0c71a47171ae4a9f9a02ab1:Win32App
AlternateDataStreams: C:\10fd65a87d6732f6ea:Win32App
AlternateDataStreams: C:\27c0327fa2ab858ab15c24b6f9ccec55:Win32App
AlternateDataStreams: C:\2f9b9acbcd8460e95af8ee3fbdfefb7f:Win32App
AlternateDataStreams: C:\5351da2f387140aab87c2c3b:Win32App
AlternateDataStreams: C:\873f318543a54f58a5645f07aa97509b:Win32App
AlternateDataStreams: C:\935dd43124a4e781a3d845d3:Win32App
AlternateDataStreams: C:\b5a2e963bab5d1d7daf2cf55409f:Win32App
AlternateDataStreams: C:\Conto:Win32App
AlternateDataStreams: C:\d38a82011f20b3e00cd72779:Win32App
AlternateDataStreams: C:\e87f8684bbb6b9e656:Win32App
AlternateDataStreams: C:\FSXTMP:Win32App
AlternateDataStreams: C:\Program Files\Bus Driver:Win32App
AlternateDataStreams: C:\Program Files\Bus Simulator:Win32App
AlternateDataStreams: C:\Program Files\Bytescout Watermarking (Free):Win32App
AlternateDataStreams: C:\Program Files\CCleaner:Win32App
AlternateDataStreams: C:\Program Files\Core Temp:Win32App
AlternateDataStreams: C:\Program Files\FlatOut:Win32App
AlternateDataStreams: C:\Program Files\FlatOut2:Win32App
AlternateDataStreams: C:\Program Files\GIMP 2:Win32App
AlternateDataStreams: C:\Program Files\Microsoft Silverlight:Win32App
AlternateDataStreams: C:\Program Files\OMSI:Win32App
AlternateDataStreams: C:\Program Files\PerformanceTest:Win32App
AlternateDataStreams: C:\Program Files\Recuva:Win32App
AlternateDataStreams: C:\Program Files\Screen+:Win32App
AlternateDataStreams: C:\Program Files\WinRAR:Win32App
AlternateDataStreams: C:\Program Files\Zune:Win32App
AlternateDataStreams: C:\Program Files (x86)\AGEIA Technologies:Win32App
AlternateDataStreams: C:\Program Files (x86)\Audacity:Win32App
AlternateDataStreams: C:\Program Files (x86)\BlueStacks:Win32App
AlternateDataStreams: C:\Program Files (x86)\C-TECH AKANTHA ULTIMATE GAMING SOFTWARE:Win32App
AlternateDataStreams: C:\Program Files (x86)\CrystalDiskInfo:Win32App
AlternateDataStreams: C:\Program Files (x86)\DVDStyler:Win32App
AlternateDataStreams: C:\Program Files (x86)\e-Saver:Win32App
AlternateDataStreams: C:\Program Files (x86)\Easy Feed Editor:Win32App
AlternateDataStreams: C:\Program Files (x86)\FeedDemon:Win32App
AlternateDataStreams: C:\Program Files (x86)\Flash File Recovery:Win32App
AlternateDataStreams: C:\Program Files (x86)\Free MP3 Sound Recorder:Win32App
AlternateDataStreams: C:\Program Files (x86)\Free MP3 WMA OGG Converter:Win32App
AlternateDataStreams: C:\Program Files (x86)\FreeQRCreator:Win32App
AlternateDataStreams: C:\Program Files (x86)\gPhotoShow:Win32App
AlternateDataStreams: C:\Program Files (x86)\Graffiti Studio 2.0:Win32App
AlternateDataStreams: C:\Program Files (x86)\HyperCam 3:Win32App
AlternateDataStreams: C:\Program Files (x86)\i-Menu:Win32App
AlternateDataStreams: C:\Program Files (x86)\IcoFX 2:Win32App
AlternateDataStreams: C:\Program Files (x86)\Instalační průvodce:Win32App
AlternateDataStreams: C:\Program Files (x86)\Lazesoft Recovery Suite:Win32App
AlternateDataStreams: C:\Program Files (x86)\Microsoft Expression:Win32App
AlternateDataStreams: C:\Program Files (x86)\Microsoft SQL Server Compact Edition:Win32App
AlternateDataStreams: C:\Program Files (x86)\Microsoft Visual Studio 10.0:Win32App
AlternateDataStreams: C:\Program Files (x86)\MidiPiano:Win32App
AlternateDataStreams: C:\Program Files (x86)\Minecraft:Win32App
AlternateDataStreams: C:\Program Files (x86)\MiniTool Partition Wizard Free 9.0:Win32App
AlternateDataStreams: C:\Program Files (x86)\Mozilla Thunderbird:Win32App
AlternateDataStreams: C:\Program Files (x86)\MP3 2 Ogg Lab 2004:Win32App
AlternateDataStreams: C:\Program Files (x86)\MSBuild:Win32App
AlternateDataStreams: C:\Program Files (x86)\OpenOffice.org 3:Win32App
AlternateDataStreams: C:\Program Files (x86)\Origin:Win32App
AlternateDataStreams: C:\Program Files (x86)\ParkMyCar:Win32App
AlternateDataStreams: C:\Program Files (x86)\Popisovač CD-DVD:Win32App
AlternateDataStreams: C:\Program Files (x86)\Popisovač CD-DVD 4:Win32App
AlternateDataStreams: C:\Program Files (x86)\PVD15:Win32App
AlternateDataStreams: C:\Program Files (x86)\Rail Simulator:Win32App
AlternateDataStreams: C:\Program Files (x86)\Real Alternative:Win32App
AlternateDataStreams: C:\Program Files (x86)\Recordable Setup:Win32App
AlternateDataStreams: C:\Program Files (x86)\Rigs of Rods 0.38:Win32App
AlternateDataStreams: C:\Program Files (x86)\Rozvrhy:Win32App
AlternateDataStreams: C:\Program Files (x86)\SensorsViewPro43:Win32App
AlternateDataStreams: C:\Program Files (x86)\Steam:Win32App
AlternateDataStreams: C:\Program Files (x86)\TeamViewer:Win32App
AlternateDataStreams: C:\Program Files (x86)\TomTom HOME 2:Win32App
AlternateDataStreams: C:\Program Files (x86)\Type light:Win32App
AlternateDataStreams: C:\Program Files (x86)\VID_0E8F&PID_0003:Win32App
AlternateDataStreams: C:\Program Files (x86)\WashAndGo:Win32App
AlternateDataStreams: C:\Program Files (x86)\Winamp:Win32App
AlternateDataStreams: C:\Program Files (x86)\Windows Live:Win32App
AlternateDataStreams: C:\WINDOWS\My Product Name:Win32App
AlternateDataStreams: C:\WINDOWS\WPDeviceManager:Win32App
AlternateDataStreams: C:\WINDOWS\SysWOW64\Adobe:Win32App
AlternateDataStreams: C:\Program Files\Common Files\microsoft shared:Win32App
AlternateDataStreams: C:\ProgramData\BlueStacks:Win32App
AlternateDataStreams: C:\ProgramData\Microsoft:Win32App
AlternateDataStreams: C:\ProgramData\regid.1995-08.com.techsmith:Win32App
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm
AlternateDataStreams: C:\ProgramData\TechSmith:Win32App
AlternateDataStreams: C:\Users\David Černý\AppData\Roaming\.minecraft:Win32App
AlternateDataStreams: C:\Users\David Černý\Documents\capella:Win32App

IE trusted site: HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\...\cyberspacehq.com -> hxxp://linktrader.cyberspacehq.com
IE restricted site: HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\...\100sexlinks.com -> 100sexlinks.com

EmptyTemp:
Hosts:
End


(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt

Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.
Když nevíš jak dál, přichází na řadu prostudovat manuál!
HJT návod

Pokud neodpovídám do vašich témat v sekci HJT když jsem online, tak je to jen proto, že jsem na mobilu kde je studování logů a psaní skriptů nemožné. Neberte to tedy prosím jako ignoraci.
Nahoru
Uživatelský avatar
de!v
Level 2.5
Level 2.5
Příspěvky: 274
Registrován: duben 15
Bydliště: Příbram
Pohlaví: Muž
Stav:
Offline

Re: Zavírání aplikací, nelze spouštět "systémové aplikace"

Příspěvekod de!v » 30 říj 2015 20:08

Fix result of Farbar Recovery Scan Tool (x64) Version:29-10-2015
Ran by David Černý (2015-10-30 19:41:40) Run:1
Running from C:\Users\David Černý\Desktop
Loaded Profiles: David Černý & mira7_000 (Available Profiles: David Černý & mira7_000 & miros_000)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:

HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5579624 2015-07-14] (LogMeIn Inc.)
HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\David Černý\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\David Černý\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\...\Run: [Google Update] => C:\Users\David Černý\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc.)
HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8322328 2015-05-08] (Piriform Ltd)
HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\...\Run: [uTorrent] => C:\Users\David Černý\AppData\Roaming\uTorrent\uTorrent.exe [1696096 2015-08-25] (BitTorrent Inc.)
HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\...\Run: [D39285F41701F115758C3AEFBA1EAD44C4458502._service_run] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [811848 2015-10-20] (Google Inc.)
HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\...\RunOnce: [Uninstall C:\Users\David **ern?\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64<*>] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\David Černý\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64" <===== ATTENTION (Value Name with invalid characters)
HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\...\RunOnce: [Uninstall C:\Users\David **ern?\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64<*>] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\David Černý\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64" <===== ATTENTION (Value Name with invalid characters)
HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\...\RunOnce: [Uninstall C:\Users\David **ern?\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64<*>] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\David Černý\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64" <===== ATTENTION (Value Name with invalid characters)
HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\...\MountPoints2: {089d0073-621a-11e5-801a-e89a8fb36820} - "D:\autorun.exe"

HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.msn.com/spbasic.htm
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-23] (Google Inc.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-23] (Google Inc.)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-23] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-23] (Google Inc.)

FF NewTab: about:newtab
FF Homepage: about:home
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-3528035922-2378795729-1042103783-1001: @tools.google.com/Google Update;version=3 -> C:\Users\David Černý\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-3528035922-2378795729-1042103783-1001: @tools.google.com/Google Update;version=9 -> C:\Users\David Černý\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-3528035922-2378795729-1042103783-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\David Černý\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [No File]

R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-07-30] (IObit)
S3 WinRing0_1_2_0; C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [14544 2010-11-01] (OpenLibSys.org)

Service:
LiveUpdateSvc
WinRing0_1_2_0

C:\Users\David Černý\AppData\Roaming\temp.ini
C:\Users\David Černý\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\ProgramData\regid.1999-06.com.hiteksoftware_08B23B79-BF13-481A-A14E-B3BA53F3BBCC.swidtag
C:\ProgramData\V2SData.data

C:\Program Files (x86)\IObit
C:\ProgramData\IObit
C:\Users\David Černý\AppData\Roaming\IObit
C:\ProgramData\RogueKiller

Task: {10826C94-B048-4931-B4AE-1EEE4ECF9E16} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {1177FE56-12C8-4A04-BCEE-1C25022B8066} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-17] (Adobe Systems Incorporated)
Task: {262241C8-70EA-4662-8423-78EC73889531} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe
Task: {415FFE9C-BB20-4523-98B3-90ECFA0C648E} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {4AA122E0-41DA-4460-AFB1-EEB1488C20AF} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {5AADB3C8-23A0-43F1-ABD0-08B67927FDBB} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-3528035922-2378795729-1042103783-1025
Task: {6C4D2D58-DDD0-4BA0-BF2F-EDC803EF8145} - \Microsoft\Windows\Setup\gwx\runappraiser -> No File <==== ATTENTION
Task: {7119F0DA-FDF0-45CD-B088-3DD112049D7B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
Task: {79215B01-DCFF-4D0C-8209-065D667DAD6F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3528035922-2378795729-1042103783-1001Core => C:\Users\David Černý\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {7A6A5D31-8B93-459F-9EDA-449CA06C7E5F} - System32\Tasks\WpsNotifyTask_David Černý => C:\Users\David Černý\AppData\Local\Kingsoft\Kingsoft Office\9.1.0.4759\wtoolex\wpsnotify.exe [2015-02-09] (Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {7BB76EC5-3288-4BB9-AFF2-BFE9DD2A29C5} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3528035922-2378795729-1042103783-1001UA => C:\Users\David Černý\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {8DDD8188-E651-49F8-AD56-136689608654} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe [2013-08-26] ()
Task: {907932E7-FF3C-43CB-AB90-F10418B2AF62} - System32\Tasks\{ACC8676D-F5C6-40CA-A306-E8794D8DDF94} => pcalua.exe -a "C:\Users\David Černý\Downloads\listove_obalky.exe"
Task: {92EF4589-A29F-4EB6-BA1E-D63F083D5FBE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {947C2D49-9E85-4843-9124-3E6D2C24C12A} - System32\Tasks\WpsUpdateTask_David Černý => C:\Program Files (x86)\Kingsoft\Kingsoft Office\wtoolex\wpsupdate.exe
Task: {B0416555-781A-4B91-A6EE-0EA54303053E} - \avastBCLRestartS-1-5-21-3528035922-2378795729-1042103783-1001 -> No File <==== ATTENTION
Task: {E85EC381-118A-484C-87EF-7440092A5208} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\AbelssoftPreloader.job => C:\Program Files (x86)\WashAndGo\AbelssoftPreloader.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3528035922-2378795729-1042103783-1001Core.job => C:\Users\David Černý\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3528035922-2378795729-1042103783-1001UA.job => C:\Users\David Černý\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\SesamTVMC.job => THEDEIV70 PC David ern
Task: C:\WINDOWS\Tasks\WpsNotifyTask_David Černý.job => C:\Users\David Černý\AppData\Local\Kingsoft\Kingsoft Office\9.1.0.4759\wtoolex\wpsnotify.exe
Task: C:\WINDOWS\Tasks\WpsUpdateTask_David Černý.job => C:\Program Files (x86)\Kingsoft\Kingsoft Office\wtoolex\wpsupdate.exe

AlternateDataStreams: C:\0ca0c71a47171ae4a9f9a02ab1:Win32App
AlternateDataStreams: C:\10fd65a87d6732f6ea:Win32App
AlternateDataStreams: C:\27c0327fa2ab858ab15c24b6f9ccec55:Win32App
AlternateDataStreams: C:\2f9b9acbcd8460e95af8ee3fbdfefb7f:Win32App
AlternateDataStreams: C:\5351da2f387140aab87c2c3b:Win32App
AlternateDataStreams: C:\873f318543a54f58a5645f07aa97509b:Win32App
AlternateDataStreams: C:\935dd43124a4e781a3d845d3:Win32App
AlternateDataStreams: C:\b5a2e963bab5d1d7daf2cf55409f:Win32App
AlternateDataStreams: C:\Conto:Win32App
AlternateDataStreams: C:\d38a82011f20b3e00cd72779:Win32App
AlternateDataStreams: C:\e87f8684bbb6b9e656:Win32App
AlternateDataStreams: C:\FSXTMP:Win32App
AlternateDataStreams: C:\Program Files\Bus Driver:Win32App
AlternateDataStreams: C:\Program Files\Bus Simulator:Win32App
AlternateDataStreams: C:\Program Files\Bytescout Watermarking (Free):Win32App
AlternateDataStreams: C:\Program Files\CCleaner:Win32App
AlternateDataStreams: C:\Program Files\Core Temp:Win32App
AlternateDataStreams: C:\Program Files\FlatOut:Win32App
AlternateDataStreams: C:\Program Files\FlatOut2:Win32App
AlternateDataStreams: C:\Program Files\GIMP 2:Win32App
AlternateDataStreams: C:\Program Files\Microsoft Silverlight:Win32App
AlternateDataStreams: C:\Program Files\OMSI:Win32App
AlternateDataStreams: C:\Program Files\PerformanceTest:Win32App
AlternateDataStreams: C:\Program Files\Recuva:Win32App
AlternateDataStreams: C:\Program Files\Screen+:Win32App
AlternateDataStreams: C:\Program Files\WinRAR:Win32App
AlternateDataStreams: C:\Program Files\Zune:Win32App
AlternateDataStreams: C:\Program Files (x86)\AGEIA Technologies:Win32App
AlternateDataStreams: C:\Program Files (x86)\Audacity:Win32App
AlternateDataStreams: C:\Program Files (x86)\BlueStacks:Win32App
AlternateDataStreams: C:\Program Files (x86)\C-TECH AKANTHA ULTIMATE GAMING SOFTWARE:Win32App
AlternateDataStreams: C:\Program Files (x86)\CrystalDiskInfo:Win32App
AlternateDataStreams: C:\Program Files (x86)\DVDStyler:Win32App
AlternateDataStreams: C:\Program Files (x86)\e-Saver:Win32App
AlternateDataStreams: C:\Program Files (x86)\Easy Feed Editor:Win32App
AlternateDataStreams: C:\Program Files (x86)\FeedDemon:Win32App
AlternateDataStreams: C:\Program Files (x86)\Flash File Recovery:Win32App
AlternateDataStreams: C:\Program Files (x86)\Free MP3 Sound Recorder:Win32App
AlternateDataStreams: C:\Program Files (x86)\Free MP3 WMA OGG Converter:Win32App
AlternateDataStreams: C:\Program Files (x86)\FreeQRCreator:Win32App
AlternateDataStreams: C:\Program Files (x86)\gPhotoShow:Win32App
AlternateDataStreams: C:\Program Files (x86)\Graffiti Studio 2.0:Win32App
AlternateDataStreams: C:\Program Files (x86)\HyperCam 3:Win32App
AlternateDataStreams: C:\Program Files (x86)\i-Menu:Win32App
AlternateDataStreams: C:\Program Files (x86)\IcoFX 2:Win32App
AlternateDataStreams: C:\Program Files (x86)\Instalační průvodce:Win32App
AlternateDataStreams: C:\Program Files (x86)\Lazesoft Recovery Suite:Win32App
AlternateDataStreams: C:\Program Files (x86)\Microsoft Expression:Win32App
AlternateDataStreams: C:\Program Files (x86)\Microsoft SQL Server Compact Edition:Win32App
AlternateDataStreams: C:\Program Files (x86)\Microsoft Visual Studio 10.0:Win32App
AlternateDataStreams: C:\Program Files (x86)\MidiPiano:Win32App
AlternateDataStreams: C:\Program Files (x86)\Minecraft:Win32App
AlternateDataStreams: C:\Program Files (x86)\MiniTool Partition Wizard Free 9.0:Win32App
AlternateDataStreams: C:\Program Files (x86)\Mozilla Thunderbird:Win32App
AlternateDataStreams: C:\Program Files (x86)\MP3 2 Ogg Lab 2004:Win32App
AlternateDataStreams: C:\Program Files (x86)\MSBuild:Win32App
AlternateDataStreams: C:\Program Files (x86)\OpenOffice.org 3:Win32App
AlternateDataStreams: C:\Program Files (x86)\Origin:Win32App
AlternateDataStreams: C:\Program Files (x86)\ParkMyCar:Win32App
AlternateDataStreams: C:\Program Files (x86)\Popisovač CD-DVD:Win32App
AlternateDataStreams: C:\Program Files (x86)\Popisovač CD-DVD 4:Win32App
AlternateDataStreams: C:\Program Files (x86)\PVD15:Win32App
AlternateDataStreams: C:\Program Files (x86)\Rail Simulator:Win32App
AlternateDataStreams: C:\Program Files (x86)\Real Alternative:Win32App
AlternateDataStreams: C:\Program Files (x86)\Recordable Setup:Win32App
AlternateDataStreams: C:\Program Files (x86)\Rigs of Rods 0.38:Win32App
AlternateDataStreams: C:\Program Files (x86)\Rozvrhy:Win32App
AlternateDataStreams: C:\Program Files (x86)\SensorsViewPro43:Win32App
AlternateDataStreams: C:\Program Files (x86)\Steam:Win32App
AlternateDataStreams: C:\Program Files (x86)\TeamViewer:Win32App
AlternateDataStreams: C:\Program Files (x86)\TomTom HOME 2:Win32App
AlternateDataStreams: C:\Program Files (x86)\Type light:Win32App
AlternateDataStreams: C:\Program Files (x86)\VID_0E8F&PID_0003:Win32App
AlternateDataStreams: C:\Program Files (x86)\WashAndGo:Win32App
AlternateDataStreams: C:\Program Files (x86)\Winamp:Win32App
AlternateDataStreams: C:\Program Files (x86)\Windows Live:Win32App
AlternateDataStreams: C:\WINDOWS\My Product Name:Win32App
AlternateDataStreams: C:\WINDOWS\WPDeviceManager:Win32App
AlternateDataStreams: C:\WINDOWS\SysWOW64\Adobe:Win32App
AlternateDataStreams: C:\Program Files\Common Files\microsoft shared:Win32App
AlternateDataStreams: C:\ProgramData\BlueStacks:Win32App
AlternateDataStreams: C:\ProgramData\Microsoft:Win32App
AlternateDataStreams: C:\ProgramData\regid.1995-08.com.techsmith:Win32App
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm
AlternateDataStreams: C:\ProgramData\TechSmith:Win32App
AlternateDataStreams: C:\Users\David Černý\AppData\Roaming\.minecraft:Win32App
AlternateDataStreams: C:\Users\David Černý\Documents\capella:Win32App

IE trusted site: HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\...\cyberspacehq.com -> hxxp://linktrader.cyberspacehq.com
IE restricted site: HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\...\100sexlinks.com -> 100sexlinks.com

EmptyTemp:
Hosts:
End
*****************

Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\LogMeIn Hamachi Ui => value removed successfully
HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.autoupdate => value removed successfully
HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.szndesktop => value removed successfully
HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update => value removed successfully
HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => value removed successfully
HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\Software\Microsoft\Windows\CurrentVersion\Run\\uTorrent => value removed successfully
HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\Software\Microsoft\Windows\CurrentVersion\Run\\D39285F41701F115758C3AEFBA1EAD44C4458502._service_run => value removed successfully
HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Uninstall C:\Users\David **ern?\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64<*> => value could not remove. Error getting handle(4): -1073741819
HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Uninstall C:\Users\David **ern?\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64<*> => value removed successfully
HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Uninstall C:\Users\David **ern?\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64<*> => value removed successfully
"HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{089d0073-621a-11e5-801a-e89a8fb36820}" => key removed successfully
HKCR\CLSID\{089d0073-621a-11e5-801a-e89a8fb36820} => key not found.
HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\Software\Microsoft\Internet Explorer\Main\\Search Bar => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => key removed successfully
"HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => value removed successfully
HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => value removed successfully
"HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => key removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => value removed successfully
"HKCR\Wow6432Node\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => key removed successfully
Firefox "newtab" removed successfully
Firefox "homepage" removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3" => key removed successfully
C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll => moved successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9" => key removed successfully
C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll => not found.
"HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\Software\MozillaPlugins\@tools.google.com/Google Update;version=3" => key removed successfully
C:\Users\David Černý\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll => moved successfully
"HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\Software\MozillaPlugins\@tools.google.com/Google Update;version=9" => key removed successfully
C:\Users\David Černý\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll => not found.
"HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0" => key removed successfully
C:\Users\David Černý\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll => not found.
LiveUpdateSvc => service removed successfully
WinRing0_1_2_0 => service removed successfully
Service: => Error: No automatic fix found for this entry.
LiveUpdateSvc => Error: No automatic fix found for this entry.
WinRing0_1_2_0 => Error: No automatic fix found for this entry.
C:\Users\David Černý\AppData\Roaming\temp.ini => moved successfully
C:\Users\David Černý\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
C:\ProgramData\regid.1999-06.com.hiteksoftware_08B23B79-BF13-481A-A14E-B3BA53F3BBCC.swidtag => moved successfully
C:\ProgramData\V2SData.data => moved successfully
C:\Program Files (x86)\IObit => moved successfully
C:\ProgramData\IObit => moved successfully
C:\Users\David Černý\AppData\Roaming\IObit => moved successfully
C:\ProgramData\RogueKiller => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{10826C94-B048-4931-B4AE-1EEE4ECF9E16}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{10826C94-B048-4931-B4AE-1EEE4ECF9E16}" => key removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1177FE56-12C8-4A04-BCEE-1C25022B8066}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1177FE56-12C8-4A04-BCEE-1C25022B8066}" => key removed successfully
C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player Updater" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{262241C8-70EA-4662-8423-78EC73889531}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{262241C8-70EA-4662-8423-78EC73889531}" => key removed successfully
C:\WINDOWS\System32\Tasks\CreateChoiceProcessTask => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CreateChoiceProcessTask" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{415FFE9C-BB20-4523-98B3-90ECFA0C648E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{415FFE9C-BB20-4523-98B3-90ECFA0C648E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4AA122E0-41DA-4460-AFB1-EEB1488C20AF}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4AA122E0-41DA-4460-AFB1-EEB1488C20AF}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5AADB3C8-23A0-43F1-ABD0-08B67927FDBB}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5AADB3C8-23A0-43F1-ABD0-08B67927FDBB}" => key removed successfully
C:\WINDOWS\System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-3528035922-2378795729-1042103783-1025 => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-3528035922-2378795729-1042103783-1025" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6C4D2D58-DDD0-4BA0-BF2F-EDC803EF8145}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6C4D2D58-DDD0-4BA0-BF2F-EDC803EF8145}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\runappraiser" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7119F0DA-FDF0-45CD-B088-3DD112049D7B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7119F0DA-FDF0-45CD-B088-3DD112049D7B}" => key removed successfully
C:\WINDOWS\System32\Tasks\Apple\AppleSoftwareUpdate => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Apple\AppleSoftwareUpdate" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{79215B01-DCFF-4D0C-8209-065D667DAD6F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{79215B01-DCFF-4D0C-8209-065D667DAD6F}" => key removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3528035922-2378795729-1042103783-1001Core => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-3528035922-2378795729-1042103783-1001Core" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7A6A5D31-8B93-459F-9EDA-449CA06C7E5F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7A6A5D31-8B93-459F-9EDA-449CA06C7E5F}" => key removed successfully
C:\WINDOWS\System32\Tasks\WpsNotifyTask_David Černý => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WpsNotifyTask_David Černý" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7BB76EC5-3288-4BB9-AFF2-BFE9DD2A29C5}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7BB76EC5-3288-4BB9-AFF2-BFE9DD2A29C5}" => key removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3528035922-2378795729-1042103783-1001UA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-3528035922-2378795729-1042103783-1001UA" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8DDD8188-E651-49F8-AD56-136689608654}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8DDD8188-E651-49F8-AD56-136689608654}" => key removed successfully
C:\WINDOWS\System32\Tasks\Game_Booster_AutoUpdate => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Game_Booster_AutoUpdate" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{907932E7-FF3C-43CB-AB90-F10418B2AF62}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{907932E7-FF3C-43CB-AB90-F10418B2AF62}" => key removed successfully
C:\WINDOWS\System32\Tasks\{ACC8676D-F5C6-40CA-A306-E8794D8DDF94} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{ACC8676D-F5C6-40CA-A306-E8794D8DDF94}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{92EF4589-A29F-4EB6-BA1E-D63F083D5FBE}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{92EF4589-A29F-4EB6-BA1E-D63F083D5FBE}" => key removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{947C2D49-9E85-4843-9124-3E6D2C24C12A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{947C2D49-9E85-4843-9124-3E6D2C24C12A}" => key removed successfully
C:\WINDOWS\System32\Tasks\WpsUpdateTask_David Černý => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WpsUpdateTask_David Černý" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B0416555-781A-4B91-A6EE-0EA54303053E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B0416555-781A-4B91-A6EE-0EA54303053E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\avastBCLRestartS-1-5-21-3528035922-2378795729-1042103783-1001" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E85EC381-118A-484C-87EF-7440092A5208}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E85EC381-118A-484C-87EF-7440092A5208}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => key removed successfully
C:\WINDOWS\Tasks\AbelssoftPreloader.job => moved successfully
C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3528035922-2378795729-1042103783-1001Core.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3528035922-2378795729-1042103783-1001UA.job => moved successfully
C:\WINDOWS\Tasks\SesamTVMC.job => moved successfully
C:\WINDOWS\Tasks\WpsNotifyTask_David Černý.job => moved successfully
C:\WINDOWS\Tasks\WpsUpdateTask_David Černý.job => moved successfully
C:\0ca0c71a47171ae4a9f9a02ab1 => ":Win32App" ADS removed successfully.
C:\10fd65a87d6732f6ea => ":Win32App" ADS removed successfully.
C:\27c0327fa2ab858ab15c24b6f9ccec55 => ":Win32App" ADS removed successfully.
C:\2f9b9acbcd8460e95af8ee3fbdfefb7f => ":Win32App" ADS removed successfully.
C:\5351da2f387140aab87c2c3b => ":Win32App" ADS removed successfully.
C:\873f318543a54f58a5645f07aa97509b => ":Win32App" ADS removed successfully.
C:\935dd43124a4e781a3d845d3 => ":Win32App" ADS removed successfully.
C:\b5a2e963bab5d1d7daf2cf55409f => ":Win32App" ADS removed successfully.
C:\Conto => ":Win32App" ADS removed successfully.
C:\d38a82011f20b3e00cd72779 => ":Win32App" ADS removed successfully.
C:\e87f8684bbb6b9e656 => ":Win32App" ADS removed successfully.
C:\FSXTMP => ":Win32App" ADS removed successfully.
C:\Program Files\Bus Driver => ":Win32App" ADS removed successfully.
C:\Program Files\Bus Simulator => ":Win32App" ADS removed successfully.
C:\Program Files\Bytescout Watermarking (Free) => ":Win32App" ADS removed successfully.
C:\Program Files\CCleaner => ":Win32App" ADS removed successfully.
C:\Program Files\Core Temp => ":Win32App" ADS removed successfully.
C:\Program Files\FlatOut => ":Win32App" ADS removed successfully.
C:\Program Files\FlatOut2 => ":Win32App" ADS removed successfully.
C:\Program Files\GIMP 2 => ":Win32App" ADS removed successfully.
C:\Program Files\Microsoft Silverlight => ":Win32App" ADS removed successfully.
C:\Program Files\OMSI => ":Win32App" ADS removed successfully.
C:\Program Files\PerformanceTest => ":Win32App" ADS removed successfully.
C:\Program Files\Recuva => ":Win32App" ADS removed successfully.
C:\Program Files\Screen+ => ":Win32App" ADS removed successfully.
C:\Program Files\WinRAR => ":Win32App" ADS removed successfully.
C:\Program Files\Zune => ":Win32App" ADS removed successfully.
C:\Program Files (x86)\AGEIA Technologies => ":Win32App" ADS removed successfully.
C:\Program Files (x86)\Audacity => ":Win32App" ADS removed successfully.
C:\Program Files (x86)\BlueStacks => ":Win32App" ADS removed successfully.
C:\Program Files (x86)\C-TECH AKANTHA ULTIMATE GAMING SOFTWARE => ":Win32App" ADS removed successfully.
C:\Program Files (x86)\CrystalDiskInfo => ":Win32App" ADS removed successfully.
C:\Program Files (x86)\DVDStyler => ":Win32App" ADS removed successfully.
C:\Program Files (x86)\e-Saver => ":Win32App" ADS removed successfully.
C:\Program Files (x86)\Easy Feed Editor => ":Win32App" ADS removed successfully.
C:\Program Files (x86)\FeedDemon => ":Win32App" ADS removed successfully.
C:\Program Files (x86)\Flash File Recovery => ":Win32App" ADS removed successfully.
C:\Program Files (x86)\Free MP3 Sound Recorder => ":Win32App" ADS removed successfully.
C:\Program Files (x86)\Free MP3 WMA OGG Converter => ":Win32App" ADS removed successfully.
C:\Program Files (x86)\FreeQRCreator => ":Win32App" ADS removed successfully.
C:\Program Files (x86)\gPhotoShow => ":Win32App" ADS removed successfully.
C:\Program Files (x86)\Graffiti Studio 2.0 => ":Win32App" ADS removed successfully.
C:\Program Files (x86)\HyperCam 3 => ":Win32App" ADS removed successfully.
C:\Program Files (x86)\i-Menu => ":Win32App" ADS removed successfully.
C:\Program Files (x86)\IcoFX 2 => ":Win32App" ADS removed successfully.
C:\Program Files (x86)\Instalační průvodce => ":Win32App" ADS removed successfully.
C:\Program Files (x86)\Lazesoft Recovery Suite => ":Win32App" ADS removed successfully.
C:\Program Files (x86)\Microsoft Expression => ":Win32App" ADS removed successfully.
C:\Program Files (x86)\Microsoft SQL Server Compact Edition => ":Win32App" ADS removed successfully.
C:\Program Files (x86)\Microsoft Visual Studio 10.0 => ":Win32App" ADS removed successfully.
C:\Program Files (x86)\MidiPiano => ":Win32App" ADS removed successfully.
C:\Program Files (x86)\Minecraft => ":Win32App" ADS removed successfully.
C:\Program Files (x86)\MiniTool Partition Wizard Free 9.0 => ":Win32App" ADS removed successfully.
C:\Program Files (x86)\Mozilla Thunderbird => ":Win32App" ADS removed successfully.
C:\Program Files (x86)\MP3 2 Ogg Lab 2004 => ":Win32App" ADS removed successfully.
C:\Program Files (x86)\MSBuild => ":Win32App" ADS removed successfully.
C:\Program Files (x86)\OpenOffice.org 3 => ":Win32App" ADS removed successfully.
C:\Program Files (x86)\Origin => ":Win32App" ADS removed successfully.
C:\Program Files (x86)\ParkMyCar => ":Win32App" ADS removed successfully.
C:\Program Files (x86)\Popisovač CD-DVD => ":Win32App" ADS removed successfully.
C:\Program Files (x86)\Popisovač CD-DVD 4 => ":Win32App" ADS removed successfully.
C:\Program Files (x86)\PVD15 => ":Win32App" ADS removed successfully.
C:\Program Files (x86)\Rail Simulator => ":Win32App" ADS removed successfully.
C:\Program Files (x86)\Real Alternative => ":Win32App" ADS removed successfully.
C:\Program Files (x86)\Recordable Setup => ":Win32App" ADS removed successfully.
C:\Program Files (x86)\Rigs of Rods 0.38 => ":Win32App" ADS removed successfully.
C:\Program Files (x86)\Rozvrhy => ":Win32App" ADS removed successfully.
C:\Program Files (x86)\SensorsViewPro43 => ":Win32App" ADS removed successfully.
C:\Program Files (x86)\Steam => ":Win32App" ADS removed successfully.
C:\Program Files (x86)\TeamViewer => ":Win32App" ADS removed successfully.
C:\Program Files (x86)\TomTom HOME 2 => ":Win32App" ADS removed successfully.
C:\Program Files (x86)\Type light => ":Win32App" ADS removed successfully.
C:\Program Files (x86)\VID_0E8F&PID_0003 => ":Win32App" ADS removed successfully.
C:\Program Files (x86)\WashAndGo => ":Win32App" ADS removed successfully.
C:\Program Files (x86)\Winamp => ":Win32App" ADS removed successfully.
C:\Program Files (x86)\Windows Live => ":Win32App" ADS removed successfully.
C:\WINDOWS\My Product Name => ":Win32App" ADS removed successfully.
C:\WINDOWS\WPDeviceManager => ":Win32App" ADS removed successfully.
C:\WINDOWS\SysWOW64\Adobe => ":Win32App" ADS removed successfully.
C:\Program Files\Common Files\microsoft shared => ":Win32App" ADS removed successfully.
C:\ProgramData\BlueStacks => ":Win32App" ADS removed successfully.
C:\ProgramData\Microsoft => ":Win32App" ADS removed successfully.
C:\ProgramData\regid.1995-08.com.techsmith => ":Win32App" ADS removed successfully.
C:\ProgramData\Reprise => ":wupeogjxldtlfudivq`qsp`26hfm" ADS removed successfully.
C:\ProgramData\TechSmith => ":Win32App" ADS removed successfully.
C:\Users\David Černý\AppData\Roaming\.minecraft => ":Win32App" ADS removed successfully.
C:\Users\David Černý\Documents\capella => ":Win32App" ADS removed successfully.
"HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\cyberspacehq.com" => key removed successfully
"HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\008i.com" => key removed successfully
"HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\008k.com" => key removed successfully
"HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\00hq.com" => key removed successfully
"HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\0190-dialers.com" => key removed successfully
"HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\01i.info" => key removed successfully
"HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\02pmnzy5eo29bfk4.com" => key removed successfully
"HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\05p.com" => key removed successfully
"HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\07ic5do2myz3vzpk.com" => key removed successfully
"HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\08nigbmwk43i01y6.com" => key removed successfully
"HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\093qpeuqpmz6ebfa.com" => key removed successfully
"HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\0calories.net" => key removed successfully
"HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\0cj.net" => key removed successfully
"HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\0scan.com" => key removed successfully
"HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1-britney-spears-nude.com" => key removed successfully
"HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1-domains-registrations.com" => key removed successfully
"HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1-se.com" => key removed successfully
"HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1001movie.com" => key removed successfully
"HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\1001night.biz" => key removed successfully
"HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\100gal.net" => key removed successfully
"HKU\S-1-5-21-3528035922-2378795729-1042103783-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\100sexlinks.com" => key removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 512.8 MB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 19:47:08 ====

https://www.virustotal.com/cs/file/94c3 ... 446231716/

Soubory v downloadech jsou jenom modely do hry.
A ten odpad od iobitu jde pryč :)
Ty programy po spuštění, nestačí to zakázat ve správci úloh?
Nahoru
Uživatelský avatar
jerabina
člen Security týmu
Level 6
Level 6
Příspěvky: 3647
Registrován: březen 13
Bydliště: Litoměřice
Pohlaví: Muž
Stav:
Offline

Re: Zavírání aplikací, nelze spouštět "systémové aplikace"

Příspěvekod jerabina » 30 říj 2015 20:22

Start -> msconfig -> enter -> Po spuštění a zde si nastav co chceš, aby se spouštělo a co ne :-)

Co problémy? + nový log z HJT
Když nevíš jak dál, přichází na řadu prostudovat manuál!
HJT návod

Pokud neodpovídám do vašich témat v sekci HJT když jsem online, tak je to jen proto, že jsem na mobilu kde je studování logů a psaní skriptů nemožné. Neberte to tedy prosím jako ignoraci.
Nahoru
Uživatelský avatar
de!v
Level 2.5
Level 2.5
Příspěvky: 274
Registrován: duben 15
Bydliště: Příbram
Pohlaví: Muž
Stav:
Offline

Re: Zavírání aplikací, nelze spouštět "systémové aplikace"

Příspěvekod de!v » 30 říj 2015 20:36

Problémy se už neobjevily, tak snad je to ok :)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:30:18, on 30.10.2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10240.16412)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\David Černý\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\David Černý\Downloads\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [nvch] rundll32.exe rchnewver.dll,go
O4 - HKLM\..\Run: [i-Menu] C:\Program Files (x86)\i-Menu\i-Menu.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"
O4 - HKCU\..\Run: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
O4 - HKCU\..\Run: [icq] C:\Users\David Černý\AppData\Roaming\ICQM\icq.exe -CU
O4 - HKCU\..\Run: [PC Remote Server] C:\Program Files (x86)\PC Remote\PC Remote\PCRemote.exe /silent
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [OneDrive] "C:\Users\David Černý\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [FeedDemon] "C:\Program Files (x86)\FeedDemon\FeedDemon.exe" /startminimized
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\David Černý\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [Spotify] "C:\Users\David Černý\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
O4 - HKCU\..\RunOnce: [SeznamInstall-uninstall:3e54f45dede9e27a75e9f55c52b457d9] "C:\Users\DAVIDE~1\AppData\Local\Temp\\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe" -c "C:\Users\David Černý\AppData\Roaming\Seznam.cz"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Startup: Curse.lnk = ?
O4 - Startup: EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
O4 - Startup: Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe
O8 - Extra context menu item: Clip image - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4
O8 - Extra context menu item: Clip selection - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3
O8 - Extra context menu item: Clip this page - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1
O8 - Extra context menu item: Clip URL - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0
O8 - Extra context menu item: New note - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\NewNote.html
O8 - Extra context menu item: Nová poznámka - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\NewNote.html
O9 - Extra button: @C:\WINDOWS\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\WINDOWS\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\WINDOWS\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\WINDOWS\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\WINDOWS\WindowsMobile\INetRepl.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra button: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\David Černý\AppData\Roaming\ICQM\icq.exe (HKCU)
O9 - Extra 'Tools' menuitem: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\David Černý\AppData\Roaming\ICQM\icq.exe (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.connectify.me
O15 - ESC Trusted Zone: http://*.fastspring.com
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\Skype4COM.dll
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Desura Install Service - Desura Net Pty Ltd - C:\Program Files (x86)\Common Files\Desura\desura_service.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: EPSON V5 Service4(01) (EPSON_EB_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - Firebird Project - C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fb_inet_server.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: HiSuiteOuc64.exe - Unknown owner - C:\ProgramData\HiSuiteOuc\HiSuiteOuc64.exe
O23 - Service: HuaweiHiSuiteService64.exe - Unknown owner - C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: MySQL - Unknown owner - C:\Program Files (x86)\AWIS\AWKasa\bin\mysqld-nt.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\ngcsvc.dll,-100 (NgcSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2015.SP1a\RpcAgentSrv.exe
O23 - Service: Sandboxie Service (SbieSvc) - Sandboxie Holdings, LLC - C:\Program Files\Sandboxie\SbieSvc.exe
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: SensorsVService - Unknown owner - C:\Program Files (x86)\SensorsViewPro43\svservice.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) Extreme Tuning Utility Service (XTU3SERVICE) - Intel(R) Corporation - C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe

--
End of file - 14326 bytes

Ty programy po spuštění jsou už také ok.

Počítači to hodně prospělo, moc díky za všechnu pomoc :)
Nahoru
Uživatelský avatar
jerabina
člen Security týmu
Level 6
Level 6
Příspěvky: 3647
Registrován: březen 13
Bydliště: Litoměřice
Pohlaví: Muž
Stav:
Offline

Re: Zavírání aplikací, nelze spouštět "systémové aplikace"  Vyřešeno

Příspěvekod jerabina » 30 říj 2015 21:22

Zavři ostatní programy/prohlížeče, odpoj se od internetu a v HJT fixni:
NÁVOD

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O4 - HKCU\..\RunOnce: [SeznamInstall-uninstall:3e54f45dede9e27a75e9f55c52b457d9] "C:\Users\DAVIDE~1\AppData\Local\Temp\\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe" -c "C:\Users\David Černý\AppData\Roaming\Seznam.cz"
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\WINDOWS\WindowsMobile\INetRepl.dll



Stáhni si zde DelFix
https://toolslib.net/downloads/viewdownload/2-delfix/

ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore) .
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci.

Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem. Jinak je zpráva zde:
v C: \ DelFix.txt

Pokud nejsou problémy, je to vše a můžeš dát vyřešeno - zelenou "fajfku" ;)
Když nevíš jak dál, přichází na řadu prostudovat manuál!
HJT návod

Pokud neodpovídám do vašich témat v sekci HJT když jsem online, tak je to jen proto, že jsem na mobilu kde je studování logů a psaní skriptů nemožné. Neberte to tedy prosím jako ignoraci.
Nahoru
Uživatelský avatar
de!v
Level 2.5
Level 2.5
Příspěvky: 274
Registrován: duben 15
Bydliště: Příbram
Pohlaví: Muž
Stav:
Offline

Re: Zavírání aplikací, nelze spouštět "systémové aplikace"

Příspěvekod de!v » 30 říj 2015 21:52

V HJT je to hotové, tady ještě ten log z delfix:
# DelFix v1.011 - Logfile created 30/10/2015 at 21:46:46
# Updated 18/08/2015 by Xplode
# Username : David Černý - THEDEIV70-PC
# Operating System : Windows 10 Pro (64 bits)

~ Removing disinfection tools ...

Deleted : C:\RSIT
Deleted : C:\FRST
Deleted : C:\zoek_backup
Deleted : C:\AdwCleaner
Deleted : C:\zoek-results.log
Deleted : C:\Users\David Černý\Desktop\Addition.txt
Deleted : C:\Users\David Černý\Desktop\adwcleaner_5.015.exe
Deleted : C:\Users\David Černý\Desktop\Fixlog.txt
Deleted : C:\Users\David Černý\Desktop\FRST.txt
Deleted : C:\Users\David Černý\Desktop\FRST64.exe
Deleted : C:\Users\David Černý\Desktop\JRT (1).exe
Deleted : C:\Users\David Černý\Desktop\log.txt
Deleted : C:\Users\David Černý\Desktop\log2.txt
Deleted : C:\Users\David Černý\Desktop\RogueKillerX64.exe
Deleted : C:\Users\David Černý\Desktop\zoek-results.txt
Deleted : C:\Users\David Černý\Desktop\zoek.exe
Deleted : C:\Users\David Černý\Downloads\Addition (1).txt
Deleted : C:\Users\David Černý\Downloads\Addition.txt
Deleted : C:\Users\David Černý\Downloads\FRST.txt
Deleted : C:\Users\David Černý\Downloads\hijackthis.exe
Deleted : C:\Users\David Černý\Downloads\hijackthis.log
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis

~ Cleaning system restore ...

Deleted : RP #19 [Windows Update | 10/13/2015 19:27:05]
Deleted : RP #20 [Installed Blender | 10/17/2015 08:40:46]
Deleted : RP #21 [Windows Update | 10/20/2015 14:21:25]
Deleted : RP #22 [MSI Intel Extreme Tuning Utility | 10/24/2015 11:56:58]
Deleted : RP #23 [JRT Pre-Junkware Removal | 10/29/2015 13:14:09]
Deleted : RP #24 [zoek.exe restore point | 10/30/2015 14:46:46]

New restore point created !

########## - EOF - ##########
Tady u toho ale už asi potřeba nic dělat není, takže ještě jednou díky a zamykám :)
Nahoru
Zamčeno

Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 98 hostů