logfile HiJackThis Vyřešeno

[petrjak]

ComboFix 16-02-15.01 - Peca 16.02.2016 22:54:08.2.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.8030.5832 [GMT 1:00]
Spuštěný z: C:\Users\Peca\Desktop\ComboFix.exe
Použité ovládací přepínače :: C:\Users\Peca\Desktop\CFScript.txt.txt
AV: AVG Internet Security *Disabled/Updated* {4D41356F-32AD-7C42-C820-63775EE4F413}
FW: AVG Internet Security *Disabled* {757AB44A-78C2-7D1A-E37F-CA42A037B368}
SP: AVG Internet Security *Disabled/Updated* {F620D48B-1497-73CC-F290-58052563BEAE}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FILE ::
"c:\windows\logo_1.exe"
"c:\windows\logo1_.exe"
"c:\windows\rundll16.exe"
"c:\windows\SysWow64\eEmpty.exe"
"c:\windows\SysWow64\msvcp80.dll"
"c:\windows\SysWow64\msvcr80.dll"
"c:\windows\SysWow64\runouce.exe"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\VDLL.DLL"


((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))


c:\program files (x86)\Google\Update
c:\program files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
c:\program files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
c:\program files (x86)\Google\Update\1.3.29.5\GoogleUpdate.exe
c:\program files (x86)\Google\Update\1.3.29.5\GoogleUpdateBroker.exe
c:\program files (x86)\Google\Update\1.3.29.5\GoogleUpdateComRegisterShell64.exe
c:\program files (x86)\Google\Update\1.3.29.5\GoogleUpdateHelper.msi
c:\program files (x86)\Google\Update\1.3.29.5\GoogleUpdateOnDemand.exe
c:\program files (x86)\Google\Update\1.3.29.5\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\1.3.29.5\GoogleUpdateWebPlugin.exe
c:\program files (x86)\Google\Update\1.3.29.5\goopdate.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_am.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_ar.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_bg.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_bn.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_ca.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_cs.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_da.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_de.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_el.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_en-GB.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_en.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_es-419.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_es.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_et.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_fa.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_fi.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_fil.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_fr.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_gu.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_hi.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_hr.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_hu.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_id.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_is.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_it.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_iw.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_ja.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_kn.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_ko.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_lt.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_lv.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_ml.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_mr.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_ms.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_nl.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_no.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_pl.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_pt-BR.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_pt-PT.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_ro.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_ru.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_sk.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_sl.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_sr.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_sv.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_sw.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_ta.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_te.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_th.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_tr.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_uk.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_ur.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_vi.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_zh-CN.dll
c:\program files (x86)\Google\Update\1.3.29.5\goopdateres_zh-TW.dll
c:\program files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll
c:\program files (x86)\Google\Update\1.3.29.5\psmachine.dll
c:\program files (x86)\Google\Update\1.3.29.5\psmachine_64.dll
c:\program files (x86)\Google\Update\1.3.29.5\psuser.dll
c:\program files (x86)\Google\Update\1.3.29.5\psuser_64.dll
c:\program files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\49.0.2623.47\49.0.2623.47_49.0.2623.39_chrome_updater.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Skype\Updater\Updater.dll
c:\program files (x86)\Skype\Updater\Updater.exe
c:\programdata\MicroWorld
c:\programdata\MicroWorld\MWAV\MWAVDBX.MDB
c:\programdata\RogueKiller
c:\programdata\RogueKiller\config.ini
c:\programdata\RogueKiller\Logs\RKreport_DEL_02112016_112545.json
c:\programdata\RogueKiller\Logs\RKreport_DEL_02112016_112551.json
c:\programdata\RogueKiller\Logs\RKreport_DEL_02112016_112553.json
c:\programdata\RogueKiller\Logs\RKreport_DEL_02112016_112606.json
c:\programdata\RogueKiller\Logs\RKreport_DEL_02112016_112608.json
c:\programdata\RogueKiller\Logs\RKreport_DEL_02112016_113924.json
c:\programdata\RogueKiller\Logs\RKreport_SCN_02102016_213538.json
c:\programdata\RogueKiller\Logs\RKreport_SCN_02112016_111940.json
c:\programdata\RogueKiller\Logs\RKreport_SCN_02112016_113711.json
c:\programdata\RogueKiller\vt.cache
c:\windows\SysWow64\eEmpty.exe
c:\windows\SysWow64\msvcp80.dll
c:\windows\SysWow64\msvcr80.dll
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job


((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_SkypeUpdate
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_gupdate
-------\Service_gupdatem


((((((((((((((((((((((((( Soubory vytvořené od 2016-01-16 do 2016-02-16 )))))))))))))))))))))))))))))))


2016-02-16 21:58:14 . 2016-02-16 21:58:14 -------- d-----w- C:\Users\Default\AppData\Local\temp
2016-02-16 07:17:17 . 2016-02-16 07:17:17 -------- d-----w- C:\Users\Peca\AppData\Local\CrashDumps
2016-02-14 13:02:06 . 2016-02-14 13:02:06 -------- d-----w- C:\Users\Peca\AppData\Local\VirtualStore
2016-02-12 20:34:29 . 2016-02-12 21:01:05 -------- d-----w- C:\UsbFix
2016-02-11 10:59:40 . 2016-02-11 10:42:59 24064 ----a-w- C:\Windows\zoek-delete.exe
2016-02-11 10:59:39 . 2016-02-16 22:00:57 -------- d-----w- C:\Users\Peca\AppData\Local\Temp
2016-02-10 20:25:28 . 2016-02-11 10:27:07 28272 ----a-w- C:\Windows\system32\drivers\TrueSight.sys
2016-02-10 18:43:12 . 2016-02-10 18:43:12 -------- d-----w- C:\ftb
2016-02-10 18:42:26 . 2016-02-10 18:42:28 -------- d-----w- C:\Users\Peca\AppData\Roaming\ftblauncher
2016-02-10 07:22:00 . 2016-02-10 07:22:02 -------- d-----w- C:\Program Files\CCleaner
2016-02-10 07:09:01 . 2016-02-14 21:46:12 -------- d-----w- C:\Users\Peca\AppData\Roaming\vlc
2016-02-09 15:18:54 . 2016-02-16 22:00:43 192216 ----a-w- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2016-02-09 15:18:27 . 2016-02-09 15:18:29 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-02-09 15:18:27 . 2016-02-09 15:18:27 -------- d-----w- C:\ProgramData\Malwarebytes
2016-02-09 15:18:27 . 2015-10-05 08:50:18 63704 ----a-w- C:\Windows\system32\drivers\mwac.sys
2016-02-09 15:18:27 . 2015-10-05 08:50:10 109272 ----a-w- C:\Windows\system32\drivers\mbamchameleon.sys
2016-02-09 15:18:27 . 2015-10-05 08:50:06 25816 ----a-w- C:\Windows\system32\drivers\mbam.sys
2016-02-08 10:48:28 . 2016-02-08 10:48:28 -------- d---a-w- C:\Windows\rundll16.exe
2016-02-08 10:48:28 . 2016-02-08 10:48:28 -------- d---a-w- C:\Windows\logo1_.exe
2016-02-05 17:08:10 . 2016-02-05 17:08:10 -------- d---a-w- C:\Windows\VDLL.DLL
2016-02-05 17:08:10 . 2016-02-05 17:08:10 -------- d---a-w- C:\Windows\SysWow64\runouce.exe
2016-02-05 17:08:10 . 2016-02-05 17:08:10 -------- d---a-w- C:\Windows\logo_1.exe
2016-02-05 16:21:29 . 2015-11-16 15:18:19 20240 ----a-w- C:\Windows\system32\Spool\prtprocs\x64\TeamViewer_PrintProcessor.dll
2016-01-31 19:46:56 . 2016-01-31 19:46:56 -------- d-----w- C:\Program Files (x86)\ESET
2016-01-31 18:00:34 . 2016-01-31 18:01:55 -------- d-----w- C:\Users\Peca\AppData\Local\Deployment
2016-01-31 15:26:23 . 2016-01-31 15:26:23 -------- d-----w- C:\Program Files\ESET
2016-01-30 20:18:11 . 2016-02-08 08:54:24 -------- d-----w- C:\Users\Peca\AppData\Roaming\TeamViewer
2016-01-30 20:18:05 . 2015-11-16 15:18:19 35112 ----a-w- C:\Windows\system32\drivers\teamviewervpn.sys
2016-01-30 20:18:03 . 2016-02-05 16:21:32 -------- d-----w- C:\Program Files (x86)\TeamViewer
2016-01-22 14:15:46 . 2016-01-22 14:15:46 260528 ----a-w- C:\Windows\system32\drivers\avgmfx64.sys
.


(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))

2016-01-08 09:46:46 . 2016-01-08 09:46:46 272304 ----a-w- C:\Windows\system32\drivers\avgidsha.sys
2016-01-08 09:46:34 . 2016-01-08 09:46:34 23472 ----a-w- C:\Windows\system32\drivers\avguniva.sys
2016-01-05 15:02:38 . 2016-01-05 15:02:38 315312 ----a-w- C:\Windows\system32\drivers\avgidsdrivera.sys
2015-12-04 13:27:46 . 2015-12-04 13:27:46 42416 ----a-w- C:\Windows\system32\drivers\avgrkx64.sys


------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.

[7] 2010-11-21 03:24:09 . FE70103391A64039A921DBFFF9C7AB1B . 1008128 . . [6.1.7601.17514 (win7sp1_rtm.101119-1850)] .. C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
[-] 2014-11-11 09:37:27 . 2C353B6CE0C8D03225CAA2AF33B68D79 . 1008640 . . [6.1.7601.17514 (win7sp1_rtm.101119-1850)] .. C:\Windows\system32\user32.dll

[-] 2014-11-11 09:37:26 . 861C4346F9281DC0380DE72C8D55D6BE . 833024 . . [6.1.7601.17514 (win7sp1_rtm.101119-1850)] .. C:\Windows\SysWOW64\user32.dll
[7] 2010-11-21 03:24:20 . 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 . 833024 . . [6.1.7601.17514 (win7sp1_rtm.101119-1850)] .. C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))


*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-02-27 18:01:58 291608]
"AvgUi"="C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe" [2016-01-12 15:23:18 179624]
"AVG_UI"="C:\Program Files (x86)\AVG\Av\avuirunnerx.exe" [2016-02-01 13:46:34 25512]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=C:\Windows\SysWOW64\nvinit.dll

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 O2 Internet. RunOuc;O2 Internet. OUC;C:\Program Files (x86)\O2 Internet\UpdateDog\ouc.exe;C:\Program Files (x86)\O2 Internet\UpdateDog\ouc.exe [x]
R3 AvgAMPS;AvgAMPS;C:\Program Files (x86)\AVG\Av\avgamps.exe;C:\Program Files (x86)\AVG\Av\avgamps.exe [x]
R3 cpuz134;cpuz134;C:\Users\Peca\AppData\Local\Temp\cpuz134\cpuz134_x64.sys;C:\Users\Peca\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [x]
R3 dmvsc;dmvsc;C:\Windows\system32\drivers\dmvsc.sys;C:\Windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\system32\DRIVERS\ETD.sys;C:\Windows\SYSNATIVE\DRIVERS\ETD.sys [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;C:\Windows\system32\DRIVERS\ew_hwusbdev.sys;C:\Windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x]
R3 ew_usbenumfilter;huawei_CompositeFilter;C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys;C:\Windows\SYSNATIVE\DRIVERS\ew_usbenumfilter.sys [x]
R3 hwusb_cdcacm;hwusb_cdcacm;C:\Windows\system32\DRIVERS\ew_cdcacm.sys;C:\Windows\SYSNATIVE\DRIVERS\ew_cdcacm.sys [x]
R3 hwusb_wwanecm;hwusb_wwanecm;C:\Windows\system32\DRIVERS\ew_wwanecm.sys;C:\Windows\SYSNATIVE\DRIVERS\ew_wwanecm.sys [x]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\system32\drivers\nvvad64v.sys;C:\Windows\SYSNATIVE\drivers\nvvad64v.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys;C:\Windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTL8187;AirLive WL1700USB;C:\Windows\system32\DRIVERS\rtl8187.sys;C:\Windows\SYSNATIVE\DRIVERS\rtl8187.sys [x]
R3 Synth3dVsc;Synth3dVsc;C:\Windows\system32\drivers\synth3dvsc.sys;C:\Windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\system32\drivers\terminpt.sys;C:\Windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys;C:\Windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys;C:\Windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;C:\Windows\system32\drivers\tsusbhub.sys;C:\Windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;C:\Windows\system32\drivers\rdvgkmd.sys;C:\Windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;C:\Windows\system32\Wat\WatAdminSvc.exe;C:\Windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 AVGIDSHA;AVGIDSHA;C:\Windows\system32\DRIVERS\avgidsha.sys;C:\Windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
S0 Avgloga;AVG Logging Driver;C:\Windows\system32\DRIVERS\avgloga.sys;C:\Windows\SYSNATIVE\DRIVERS\avgloga.sys [x]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys;C:\Windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys;C:\Windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
S0 Avguniva;AVG Universal Driver;C:\Windows\system32\DRIVERS\avguniva.sys;C:\Windows\SYSNATIVE\DRIVERS\avguniva.sys [x]
S0 fltsrv;Acronis Storage Filter Management;C:\Windows\system32\DRIVERS\fltsrv.sys;C:\Windows\SYSNATIVE\DRIVERS\fltsrv.sys [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;C:\Windows\system32\DRIVERS\iusb3hcs.sys;C:\Windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 nvpciflt;nvpciflt;C:\Windows\system32\DRIVERS\nvpciflt.sys;C:\Windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 Avgdiska;AVG Disk Driver;C:\Windows\system32\DRIVERS\avgdiska.sys;C:\Windows\SYSNATIVE\DRIVERS\avgdiska.sys [x]
S1 Avgfwfd;AVG network filter service;C:\Windows\system32\DRIVERS\avgfwd6a.sys;C:\Windows\SYSNATIVE\DRIVERS\avgfwd6a.sys [x]
S1 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\avgidsdrivera.sys;C:\Windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys;C:\Windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
S1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys;C:\Windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys;C:\Windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 avgfws;AVG Firewall;C:\Program Files (x86)\AVG\Av\avgfws.exe;C:\Program Files (x86)\AVG\Av\avgfws.exe [x]
S2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\Av\avgidsagent.exe;C:\Program Files (x86)\AVG\Av\avgidsagent.exe [x]
S2 avgsvc;AVG Service;C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe;C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [x]
S2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe;C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
S2 c2cpnrsvc;Skype Click to Call PNR Service;C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
S2 HWDeviceService64.exe;HWDeviceService64.exe;C:\ProgramData\DatacardService\HWDeviceService64.exe;C:\ProgramData\DatacardService\HWDeviceService64.exe [x]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
S2 Realtek87B;Realtek87B;C:\Program Files (x86)\OEM\Wireless LAN Driver and Utility\RtlService.exe;C:\Program Files (x86)\OEM\Wireless LAN Driver and Utility\RtlService.exe [x]
S2 ZAtheros Wlan Agent;ZAtheros Wlan Agent;C:\Program Files (x86)\Atheros\Ath_WlanAgent.exe;C:\Program Files (x86)\Atheros\Ath_WlanAgent.exe [x]
S3 huawei_enumerator;huawei_enumerator;C:\Windows\system32\DRIVERS\ew_jubusenum.sys;C:\Windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
S3 IntcDAud;Intel(R) Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys;C:\Windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;C:\Windows\system32\DRIVERS\iusb3hub.sys;C:\Windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;C:\Windows\system32\DRIVERS\iusb3xhc.sys;C:\Windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\k57nd60a.sys;C:\Windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
S3 MBAMProtector;MBAMProtector;C:\Windows\system32\drivers\mbam.sys;C:\Windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\system32\drivers\MBAMSwissArmy.sys;C:\Windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
S3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\system32\drivers\mwac.sys;C:\Windows\SYSNATIVE\drivers\mwac.sys [x]
S3 teamviewervpn;TeamViewer VPN Adapter;C:\Windows\system32\DRIVERS\teamviewervpn.sys;C:\Windows\SYSNATIVE\DRIVERS\teamviewervpn.sys [x]


--- Ostatní služby/ovladače v paměti ---

*NewlyCreated* - MBAMSWISSARMY


--------- X64 Entries -----------


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-12-27 20:28:28 12343400]
"RtHDVBg_Dolby"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" [2011-11-15 18:18:24 1156712]
"IgfxTray"="C:\Windows\system32\igfxtray.exe" [2012-03-07 07:09:16 170264]
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe" [2012-03-07 07:09:06 398616]
"NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-02-05 21:01:44 2585744]
"ETDCtrl"="C:\Program Files (x86)\Elantech\ETDCtrl.exe" [BU]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=C:\Windows\System32\nvinitx.dll C:\Windows\System32\nvinitx.dll

------- Doplňkový sken -------

uLocal Page = %SystemRoot%\system32\blank.htm
mLocal Page = C:\Windows\System32\blank.htm
IE: E&xportovat do aplikace Microsoft Office Excel - C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 8.8.8.8 8.8.4.4 192.168.1.1

- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)


Binary file temp00 matches

--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@C:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_19_0_0_226_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="C:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_19_0_0_226_ActiveX.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

------------------------ Jiné spuštené procesy ------------------------

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\ProgramData\O2 Internet\OnlineUpdate\ouc.exe
C:\Program Files (x86)\OEM\Wireless LAN Driver and Utility\RtWlan.exe
C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe

**************************************************************************

Celkový čas: 2016-02-16 23:03:21 - počítač byl restartován
ComboFix-quarantined-files.txt 2016-02-16 22:03:21
ComboFix2.txt 2016-02-15 19:27:13

Před spuštěním: Volných bajtů: 101 331 161 088
Po spuštění: Volných bajtů: 101 089 812 480

- - End Of File - - E3C334148E1EADFFF38FBB653AC64D17
A36C5E4F47E84449FF07ED3517B43A31

[Reklama]

[petrjak]

aswMBR version 1.0.1.2290 Copyright(c) 2014 AVAST Software
Run date: 2016-02-16 23:17:45
-----------------------------
23:17:45.058 OS Version: Windows x64 6.1.7601 Service Pack 1
23:17:45.058 Number of processors: 4 586 0x3A09
23:17:45.058 ComputerName: PECA-PC UserName: Peca
23:17:47.258 Initialize success
23:17:47.382 VM: initialized successfully
23:17:47.382 VM: Intel CPU supported
23:18:03.212 VM: supported disk I/O ataport.SYS
23:18:16.148 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
23:18:16.148 Disk 0 Vendor: Hitachi_HTS547575A9E384 JE4OA60A Size: 715404MB BusType: 11
23:18:16.304 VM: Disk 0 MBR read successfully
23:18:16.304 Disk 0 MBR scan
23:18:16.304 Disk 0 Windows 7 default MBR code
23:18:16.320 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 18432 MB offset 2048
23:18:16.336 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 696870 MB offset 37955584
23:18:16.336 Disk 0 default boot code
23:18:16.445 Disk 0 scanning C:\Windows\system32\drivers
23:18:25.664 Service scanning
23:18:49.220 Modules scanning
23:18:49.220 Disk 0 trace - called modules:
23:18:49.252 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
23:18:49.252 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80083fc060]
23:18:49.267 3 CLASSPNP.SYS[fffff8800140143f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8007e23060]
23:18:49.267 Disk 0 statistics 111831/0/18 @ 7,91 MB/s
23:18:49.267 Scan finished successfully
23:19:19.968 Disk 0 MBR has been saved successfully to "C:\Users\Peca\Desktop\MBR.dat"
23:19:19.968 The log file has been saved successfully to "C:\Users\Peca\Desktop\aswMBR.txt"

[jaro3]

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.


C:\Program Files (x86)\ESET
C:\Program Files\ESET
Smaž tyto označené složky.

Vlož nový log z HJT + informuj o problémech.

[petrjak]

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:54:56, on 17.2.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
C:\Program Files (x86)\AVG\Av\avgui.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Users\Peca\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe" /lps=fmw
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\Av\avuirunnerx.exe" C:\Program Files (x86)\AVG\Av\avgui.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - (no file) (HKCU)
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AvgAMPS - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgamps.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgidsagent.exe
O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: HWDeviceService64.exe - Unknown owner - C:\ProgramData\DatacardService\HWDeviceService64.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: O2 Internet. OUC (O2 Internet. RunOuc) - Unknown owner - C:\Program Files (x86)\O2 Internet\UpdateDog\ouc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Realtek87B - Realtek - C:\Program Files (x86)\OEM\Wireless LAN Driver and Utility\RtlService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Aktivátor Správce výběru OS Acronis (Správce výběru OS) - Unknown owner - C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe
O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Wlan Agent - Atheros - C:\Program Files (x86)\Atheros\Ath_WlanAgent.exe

--
End of file - 7045 bytes

[petrjak]

stale na ext hdd je ta slozka... jinak pc bezi normalne bych rekl,prosim o kontrolu logu a zda je vse ok a co stou slozkou,dekuji..

[jaro3]

Dej sem název té složky i s cestou.

[petrjak]

Nazev slozky: a8faeb992466e48ea1 je na ext disku H,hned kdyz se otevre disk H

[Orcus]

OK, cesta je tedy "H:\a8faeb992466e48ea1"? Je složka vidět, pokud máš skryté "skryté soubory a složky"?

Pokud ano, smažeme přes FRST.

Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

[petrjak]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:17-02-2016
Ran by Peca (administrator) on PECA-PC (18-02-2016 07:17:11)
Running from C:\Users\Peca\Desktop
Loaded Profiles: Peca (Available Profiles: Peca)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
() C:\ProgramData\O2 Internet\OnlineUpdate\ouc.exe
(Realtek) C:\Program Files (x86)\OEM\Wireless LAN Driver and Utility\RtlService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\OEM\Wireless LAN Driver and Utility\RtWLan.exe
(Atheros) C:\Program Files (x86)\Atheros\Ath_WlanAgent.exe
() C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe
(Trend Micro Inc.) C:\Users\Peca\Desktop\HijackThis.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12343400 2011-12-27] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1156712 2011-11-15] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585744 2015-02-05] (NVIDIA Corporation)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2821936 2012-03-07] (ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-27] (Intel Corporation)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [179624 2016-01-12] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [3873704 2016-02-01] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-809672343-419374325-4203523192-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8619224 2016-01-15] (Piriform Ltd)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [177624 2015-02-05] (NVIDIA Corporation)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [177624 2015-02-05] (NVIDIA Corporation)
AppInit_DLLs: ,C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [177624 2015-02-05] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [164752 2015-02-05] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4 192.168.1.1
Tcpip\..\Interfaces\{BE3D3E9D-0225-4618-985B-433A37A3773F}: [DhcpNameServer] 8.8.8.8 8.8.4.4 192.168.1.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-809672343-419374325-4203523192-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-809672343-419374325-4203523192-1000\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKU\S-1-5-21-809672343-419374325-4203523192-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKU\S-1-5-21-809672343-419374325-4203523192-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-11-07] (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-11-07] (Oracle Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-22] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-22] (VideoLAN)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-11-07] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-11-07] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [No File]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)

Chrome:
=======
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/"
CHR Profile: C:\Users\Peca\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Peca\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-02-11]
CHR Extension: (Dokumenty Google) - C:\Users\Peca\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-02-11]
CHR Extension: (Disk Google) - C:\Users\Peca\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-11]
CHR Extension: (YouTube) - C:\Users\Peca\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-11]
CHR Extension: (Vyhledávání Google) - C:\Users\Peca\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-11]
CHR Extension: (Tabulky Google) - C:\Users\Peca\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-02-11]
CHR Extension: (Dokumenty Google offline) - C:\Users\Peca\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-02-11]
CHR Extension: (Skype) - C:\Users\Peca\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-02-11]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Peca\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-02-11]
CHR Extension: (Gmail) - C:\Users\Peca\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-11]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [604144 2016-02-01] (AVG Technologies CZ, s.r.o.)
R2 avgfws; C:\Program Files (x86)\AVG\Av\avgfws.exe [1580352 2016-02-01] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [3881184 2016-02-01] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1048488 2016-01-12] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [561104 2016-02-01] (AVG Technologies CZ, s.r.o.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2014-01-15] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S2 O2 Internet. RunOuc; C:\Program Files (x86)\O2 Internet\UpdateDog\ouc.exe [651856 2013-10-26] ()
R2 Realtek87B; C:\Program Files (x86)\OEM\Wireless LAN Driver and Utility\RtlService.exe [40960 2009-12-07] (Realtek) [File not signed]
R2 Správce výběru OS; C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe [2156952 2011-12-12] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6889232 2015-12-14] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Atheros\Ath_WlanAgent.exe [72864 2012-02-19] (Atheros) [File not signed]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [184240 2015-11-06] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [97208 2015-08-29] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [315312 2016-01-05] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [272304 2016-01-08] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [284080 2015-10-21] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [398256 2015-08-14] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [260528 2016-01-22] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [42416 2015-12-04] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [302000 2015-10-08] (AVG Technologies CZ, s.r.o.)
R0 Avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [23472 2016-01-08] (AVG Technologies CZ, s.r.o.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [254528 2014-11-06] (DT Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 hwusb_cdcacm; C:\Windows\System32\DRIVERS\ew_cdcacm.sys [125952 2014-07-25] (Huawei Technologies Co., Ltd.)
S3 hwusb_wwanecm; C:\Windows\System32\DRIVERS\ew_wwanecm.sys [380672 2014-09-30] (Huawei Technologies Co., Ltd.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-02-18] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
S3 cpuz134; \??\C:\Users\Peca\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-18 07:17 - 2016-02-18 07:17 - 00016747 _____ C:\Users\Peca\Desktop\FRST.txt
2016-02-18 07:16 - 2016-02-18 07:17 - 00000000 ____D C:\FRST
2016-02-18 07:14 - 2016-02-18 07:14 - 02371072 _____ (Farbar) C:\Users\Peca\Desktop\FRST64.exe
2016-02-17 15:58 - 2016-02-17 15:58 - 00000973 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Záhada skateparku.lnk
2016-02-17 15:58 - 2016-02-17 15:58 - 00000961 _____ C:\Users\Public\Desktop\Záhada skateparku.lnk
2016-02-17 15:58 - 2016-02-17 15:58 - 00000000 ____D C:\Users\Peca\AppData\Roaming\Zahada.skateparku
2016-02-17 15:57 - 2016-02-17 15:57 - 00000000 ____D C:\Program Files (x86)\Záhada skateparku
2016-02-17 15:56 - 2016-02-17 15:56 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2016-02-17 15:56 - 2016-02-17 15:56 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2016-02-17 15:54 - 2016-02-17 15:55 - 18509368 _____ (Adobe Systems Inc.) C:\Users\Peca\Downloads\Adobe-Air-v19.0.0.190.exe
2016-02-17 12:52 - 2016-02-17 12:52 - 00388608 _____ (Trend Micro Inc.) C:\Users\Peca\Desktop\HijackThis.exe
2016-02-17 12:37 - 2016-02-17 12:37 - 00020998 _____ C:\Users\Peca\Documents\cc_20160217_123703.reg
2016-02-16 23:22 - 2016-02-17 15:49 - 00000000 ____D C:\Users\Peca\AppData\Local\Adobe
2016-02-16 08:17 - 2016-02-17 12:14 - 00000000 ____D C:\Users\Peca\AppData\Local\CrashDumps
2016-02-15 20:13 - 2016-02-17 12:39 - 00000000 ____D C:\Qoobox
2016-02-15 20:13 - 2016-02-16 22:58 - 00000000 ____D C:\Windows\erdnt
2016-02-15 13:24 - 2016-02-15 13:25 - 00000598 _____ C:\Users\Peca\Downloads\SystemLook.txt
2016-02-15 13:22 - 2016-02-15 13:22 - 00165376 _____ C:\Users\Peca\Desktop\SystemLook_x64.exe
2016-02-15 08:11 - 2016-02-15 08:11 - 00004310 _____ C:\Users\Peca\Documents\cc_20160215_081119.reg
2016-02-14 14:02 - 2016-02-14 14:02 - 00000000 ____D C:\Users\Peca\AppData\Local\VirtualStore
2016-02-12 21:34 - 2016-02-12 22:01 - 00000000 ____D C:\UsbFix
2016-02-12 21:32 - 2016-02-12 21:33 - 03086957 _____ (El Desaparecido - SosVirus.net - UsbFix.net) C:\Users\Peca\Desktop\UsbFix_2016_8.190.exe
2016-02-12 19:34 - 2016-02-12 19:40 - 00000455 _____ C:\DelFix.txt
2016-02-12 19:32 - 2016-02-12 19:32 - 00000000 ____D C:\Users\Peca\Downloads\backups
2016-02-11 18:10 - 2016-02-11 18:10 - 00000990 _____ C:\Users\Peca\Documents\cc_20160211_181017.reg
2016-02-11 13:40 - 2016-02-11 13:41 - 00000000 ____D C:\Users\Peca\Downloads\Faktury
2016-02-11 13:36 - 2016-02-11 13:36 - 00011966 _____ C:\Users\Peca\Downloads\[CzT]Carovny_Minecraft_v_1_5_2_2013_.torrent
2016-02-11 11:59 - 2016-02-11 11:42 - 00024064 _____ C:\Windows\zoek-delete.exe
2016-02-10 21:25 - 2016-02-11 11:27 - 00028272 _____ C:\Windows\system32\Drivers\TrueSight.sys
2016-02-10 19:43 - 2016-02-10 19:43 - 00000000 ____D C:\ftb
2016-02-10 19:42 - 2016-02-10 19:42 - 00000000 ____D C:\Users\Peca\AppData\Roaming\ftblauncher
2016-02-10 19:41 - 2016-02-10 19:41 - 07561844 _____ C:\Users\Peca\Downloads\FTB_Launcher.exe
2016-02-10 08:28 - 2016-02-10 08:29 - 00000920 _____ C:\Users\Peca\Documents\cc_20160210_082849.reg
2016-02-10 08:28 - 2016-02-10 08:28 - 00024258 _____ C:\Users\Peca\Documents\cc_20160210_082755.reg
2016-02-10 08:22 - 2016-02-10 08:22 - 00002786 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2016-02-10 08:22 - 2016-02-10 08:22 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-02-10 08:22 - 2016-02-10 08:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-02-10 08:22 - 2016-02-10 08:22 - 00000000 ____D C:\Program Files\CCleaner
2016-02-10 08:20 - 2016-02-10 08:20 - 06828320 _____ (Piriform Ltd) C:\Users\Peca\Downloads\ccsetup514.exe
2016-02-10 08:09 - 2016-02-14 22:46 - 00000000 ____D C:\Users\Peca\AppData\Roaming\vlc
2016-02-10 08:08 - 2016-02-10 08:10 - 00000871 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-02-10 08:08 - 2016-02-10 08:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-02-10 08:06 - 2016-02-10 19:49 - 00000000 ____D C:\Users\Peca\Downloads\VLC Media Player 2.1 Final (32 - 64 bit) - SceneDL (PimpRG)
2016-02-09 16:18 - 2016-02-18 06:26 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-02-09 16:18 - 2016-02-09 16:18 - 00001102 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-02-09 16:18 - 2016-02-09 16:18 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-02-09 16:18 - 2016-02-09 16:18 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-02-09 16:18 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-02-09 16:18 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-02-09 16:18 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-02-09 16:13 - 2016-02-09 16:13 - 22908888 _____ (Malwarebytes ) C:\Users\Peca\Downloads\mbam-setup-2.2.0.1024.exe
2016-02-09 12:02 - 2016-02-09 12:02 - 00050688 _____ (Atribune.org) C:\Users\Peca\Downloads\ATF-Cleaner.exe
2016-02-08 11:48 - 2016-02-08 11:48 - 00000000 ____D C:\Windows\rundll16.exe
2016-02-08 11:48 - 2016-02-08 11:48 - 00000000 ____D C:\Windows\logo1_.exe
2016-02-07 00:15 - 2016-02-09 08:14 - 00044885 _____ C:\Users\Peca\Documents\pinfect.zip
2016-02-05 18:08 - 2016-02-05 18:08 - 00000000 ____D C:\Windows\VDLL.DLL
2016-02-05 18:08 - 2016-02-05 18:08 - 00000000 ____D C:\Windows\SysWOW64\runouce.exe
2016-02-05 18:08 - 2016-02-05 18:08 - 00000000 ____D C:\Windows\logo_1.exe
2016-02-05 17:49 - 2016-02-08 11:47 - 00000054 _____ C:\Windows\Lic.xxx
2016-02-05 17:48 - 2005-09-22 23:22 - 00000522 _____ C:\Windows\SysWOW64\Microsoft.VC80.CRT.manifest
2016-02-05 17:39 - 2016-02-05 17:45 - 68866904 _____ C:\Users\Peca\Downloads\mwav.exe
2016-02-05 17:19 - 2016-02-05 17:19 - 00001043 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-02-05 17:19 - 2016-02-05 17:19 - 00001031 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk
2016-02-05 17:18 - 2016-02-05 17:18 - 09666744 _____ (TeamViewer GmbH) C:\Users\Peca\Downloads\TeamViewer_Setup_cs.exe
2016-01-31 19:04 - 2016-02-10 19:09 - 00002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-01-31 19:04 - 2016-02-10 19:09 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-01-31 19:02 - 2016-01-31 19:02 - 00003944 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-01-31 19:02 - 2016-01-31 19:02 - 00003692 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-01-31 19:00 - 2016-01-31 19:01 - 00000000 ____D C:\Users\Peca\AppData\Local\Deployment
2016-01-31 16:26 - 2016-01-31 16:26 - 00000000 ____D C:\ProgramData\ESET
2016-01-30 21:18 - 2016-02-08 09:54 - 00000000 ____D C:\Users\Peca\AppData\Roaming\TeamViewer
2016-01-30 21:18 - 2016-02-05 17:21 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-01-30 21:18 - 2015-11-16 16:18 - 00035112 _____ (TeamViewer GmbH) C:\Windows\system32\Drivers\teamviewervpn.sys
2016-01-22 15:15 - 2016-01-22 15:15 - 00260528 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx64.sys

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-18 07:11 - 2014-11-06 23:46 - 00000000 ____D C:\Users\Peca\AppData\Roaming\Skype
2016-02-18 06:39 - 2014-11-08 16:40 - 00000000 ____D C:\ProgramData\MFAData
2016-02-17 19:59 - 2015-08-18 16:52 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-02-17 15:56 - 2015-05-16 17:05 - 00000000 ____D C:\Users\Peca\AppData\Roaming\Adobe
2016-02-17 15:56 - 2015-05-16 15:44 - 00000000 ____D C:\ProgramData\Adobe
2016-02-17 15:56 - 2015-05-14 11:46 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-02-17 12:46 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-02-17 12:41 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-02-17 12:17 - 2014-11-06 23:48 - 00000000 ____D C:\Users\Peca\AppData\Roaming\uTorrent
2016-02-16 23:00 - 2014-11-06 23:36 - 00000000 ____D C:\Program Files (x86)\Google
2016-02-16 23:00 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2016-02-16 22:58 - 2009-07-14 03:34 - 51392512 _____ C:\Windows\system32\config\SOFTWARE.bak
2016-02-16 22:58 - 2009-07-14 03:34 - 24379392 _____ C:\Windows\system32\config\SYSTEM.bak
2016-02-16 22:58 - 2009-07-14 03:34 - 00249856 _____ C:\Windows\system32\config\DEFAULT.bak
2016-02-16 22:58 - 2009-07-14 03:34 - 00028672 _____ C:\Windows\system32\config\SAM.bak
2016-02-16 22:58 - 2009-07-14 03:34 - 00024576 _____ C:\Windows\system32\config\SECURITY.bak
2016-02-16 22:57 - 2014-11-06 23:46 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-02-13 19:25 - 2014-11-06 23:46 - 00000000 ____D C:\ProgramData\Skype
2016-02-12 21:41 - 2010-11-21 10:27 - 00669850 _____ C:\Windows\system32\perfh005.dat
2016-02-12 21:41 - 2010-11-21 10:27 - 00141450 _____ C:\Windows\system32\perfc005.dat
2016-02-12 21:41 - 2009-07-14 06:13 - 01585674 _____ C:\Windows\system32\PerfStringBackup.INI
2016-02-12 21:29 - 2015-08-18 16:55 - 00003962 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{DF796AF6-CEFE-435C-B89D-45C63B5111A8}
2016-02-12 04:49 - 2016-01-15 08:31 - 00000936 _____ C:\Users\Public\Desktop\AVG Protection.lnk
2016-02-12 04:49 - 2016-01-15 08:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2016-02-12 04:48 - 2015-06-15 10:16 - 00000000 ____D C:\Users\Peca\AppData\Local\Avg
2016-02-11 16:23 - 2015-10-25 10:14 - 00000000 ____D C:\Users\Peca\Downloads\vypisy ge
2016-02-10 08:25 - 2014-11-06 23:37 - 00000000 ____D C:\Users\Peca\AppData\Roaming\DAEMON Tools Lite
2016-02-10 08:24 - 2014-11-06 12:07 - 00000000 ____D C:\Windows\Panther
2016-02-09 12:15 - 2009-07-14 05:45 - 00287160 _____ C:\Windows\system32\FNTCACHE.DAT
2016-02-09 11:34 - 2015-03-13 13:12 - 00000000 ____D C:\ProgramData\TEMP
2016-02-09 10:15 - 2014-11-06 12:14 - 00000000 ____D C:\Users\Peca
2016-02-06 19:51 - 2014-11-07 08:47 - 00000000 ____D C:\Users\Peca\AppData\Roaming\.minecraft
2016-02-05 16:22 - 2015-03-13 13:13 - 00000000 ____D C:\Users\Peca\AppData\Roaming\AVG
2016-01-31 18:14 - 2014-11-17 08:07 - 00000000 ____D C:\Users\Peca\AppData\Roaming\dvdcss
2016-01-31 18:14 - 2014-11-06 23:35 - 00000000 ____D C:\Users\Peca\AppData\Roaming\GHISLER
2016-01-31 18:11 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration

==================== Files in the root of some directories =======

2014-06-20 23:36 - 2015-03-29 12:59 - 0048753 _____ () C:\Program Files (x86)\AutoMapa EU.md5
2014-11-07 09:24 - 2014-11-07 09:24 - 0005230 _____ () C:\Users\Peca\AppData\Local\WiDiSetupLog.20141107.092420.txt

Some zero byte size files/folders:
==========================
C:\Windows\logo1_.exe
C:\Windows\logo_1.exe
C:\Windows\rundll16.exe
C:\Windows\VDLL.DLL
C:\Windows\SysWOW64\runouce.exe

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll
[2010-11-21 04:24] - [2014-11-11 10:37] - 1008640 ____A (Microsoft Corporation) 2C353B6CE0C8D03225CAA2AF33B68D79

C:\Windows\SysWOW64\User32.dll
[2010-11-21 04:24] - [2014-11-11 10:37] - 0833024 ____A (Microsoft Corporation) 861C4346F9281DC0380DE72C8D55D6BE

C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-02-18 00:08

==================== End of FRST.txt ============================

[petrjak]

Additional scan result of Farbar Recovery Scan Tool (x64) Version:17-02-2016
Ran by Peca (2016-02-18 07:17:45)
Running from C:\Users\Peca\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2014-11-06 11:14:27)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-809672343-419374325-4203523192-500 - Administrator - Disabled)
Guest (S-1-5-21-809672343-419374325-4203523192-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-809672343-419374325-4203523192-1002 - Limited - Enabled)
Peca (S-1-5-21-809672343-419374325-4203523192-1000 - Administrator - Enabled) => C:\Users\Peca

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG Internet Security (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Internet Security (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
FW: AVG Internet Security (Enabled) {757AB44A-78C2-7D1A-E37F-CA42A037B368}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM-x32\...\uTorrent) (Version: 2.0.4 - )
Acronis Disk Director (HKLM-x32\...\{8EFB7927-48AD-4E6D-91B7-6B2BD6C3F380}) (Version: 11.0.2343 - Acronis)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.010.20059 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 19.0.0.190 - Adobe Systems Incorporated)
Adobe Flash Player 19 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Age Of Empires 3 CZ verze 1.0 (HKLM-x32\...\{A6502644-790D-4DCB-824F-45C64B22AF4D}_is1) (Version: 1.0 - tomi2k9)
AVG (Version: 16.41.7442 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4530 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.41.7442 - AVG Technologies)
Balíček ovladače systému Windows - Realtek Semiconductor Corp. HD Audio Driver (03/24/2009 6.0.1.5817) (HKLM\...\906E8F69A380BB356ABDBF74E7EA07F5B8E446B6) (Version: 03/24/2009 6.0.1.5817 - Realtek Semiconductor Corp.)
Broadcom NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 15.0.7.1 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.14 - Piriform)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.40.2.0131 - DT Soft Ltd)
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.7000.7 - Dolby Laboratories Inc)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
ETDWare PS/2-X64 10.6.9.9_WHQL (HKLM\...\Elantech) (Version: 10.6.9.9 - ELAN Microelectronic Corp.)
FMW 1 (Version: 1.52.1 - AVG Technologies) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.47 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
ICQ 8.2 (verze 6901) (HKU\S-1-5-21-809672343-419374325-4203523192-1000\...\ICQ) (Version: 8.2.6901.0 - ICQ)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2669 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Malwarebytes Anti-Malware verze 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile CSY Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile CSY Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended CSY Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended CSY Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.5614.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Minecraft1.8 (HKLM-x32\...\Minecraft1. (Version: - )
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
NVIDIA Ovladače grafiky 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.52 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
O2 Internet (HKLM-x32\...\O2 Internet) (Version: 23.015.05.00.445 - Huawei Technologies Co.,Ltd)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Ovládací panel NVIDIA 347.52 (Version: 347.52 - NVIDIA Corporation) Hidden
PC Navigator 10 10.0.51-2 (HKLM-x32\...\PCNavigator10_is1) (Version: 10.0.51-2 - MapFactor)
PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.8.0 - Prolific Technology INC)
PTV Navigator truck 8 CarPC Edition (HKLM-x32\...\{A38FAB37-E10F-400C-BF83-5CAE27C212E2}_is1) (Version: 8.0.0.11 - PTV AG)
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 3.1 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6543 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver and Utility (HKLM-x32\...\{0DF70CB6-553A-4C57-8E6D-87635EECFB78}) (Version: 1.00.0145 - Ovislink Corp.)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.53254 - TeamViewer)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Záhada skateparku (HKLM-x32\...\Zahada.skateparku) (Version: 1.02 - UNKNOWN)
Záhada skateparku (x32 Version: 1.02 - UNKNOWN) Hidden
Zune (HKLM\...\Zune) (Version: 04.08.2345.00 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00DBAF79-945B-4723-A2BE-761045AB75F0} - System32\Tasks\{DBE4769F-70E9-4E52-AE2B-D5292476BF86} => Iexplore.exe hxxp://www.skype.com/go/downloading?sou ... tError=404
Task: {3C27D99F-CA86-42E6-A087-CAC639AEA851} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-01-15] (Piriform Ltd)
Task: {6F7B4A3E-0F79-4717-8CBF-7E271FAAEF6F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {B75205D7-2CD6-4081-887A-93F40364E7AB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {DA2EC615-0808-460F-9D0C-AF84C31B8A88} - System32\Tasks\{DE6CB899-5D0B-4EBE-89B4-FC3200015E14} => pcalua.exe -a C:\Users\Peca\AppData\Roaming\.minecraft\Uninstall.exe
Task: {EF102E8C-8025-4DAB-A869-596660A65CC9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Peca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft\Minecraft Debugger.lnk -> C:\Users\Peca\AppData\Roaming\.minecraft\minecraft launcher\Debug.bat ()

==================== Loaded Modules (Whitelisted) ==============

2015-03-10 16:34 - 2015-02-05 20:07 - 00117576 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-02-05 17:21 - 2015-11-16 16:18 - 00020240 _____ () C:\Windows\system32\spool\PRTPROCS\x64\TeamViewer_PrintProcessor.dll
2016-01-15 21:44 - 2016-01-15 21:44 - 00047616 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2014-01-15 04:42 - 2014-01-15 04:42 - 00351824 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2015-05-05 11:01 - 2013-10-26 10:45 - 00651856 _____ () C:\ProgramData\O2 Internet\OnlineUpdate\ouc.exe
2011-12-12 11:06 - 2011-12-12 11:06 - 02156952 _____ () C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe
2016-02-10 19:09 - 2016-02-10 05:23 - 02143048 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.47\libglesv2.dll
2016-02-10 19:09 - 2016-02-10 05:23 - 00100168 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.47\libegl.dll
2016-02-10 19:09 - 2016-02-10 05:23 - 31393608 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.47\PepperFlash\pepflashplayer.dll
2015-03-10 16:43 - 2015-02-05 22:01 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2016-01-15 08:26 - 2016-01-15 08:25 - 40500224 _____ () C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll
2015-05-05 11:01 - 2013-08-31 06:44 - 02417152 _____ () C:\ProgramData\O2 Internet\OnlineUpdate\QtCore4.dll
2015-05-05 11:01 - 2009-01-10 19:32 - 00011362 _____ () C:\ProgramData\O2 Internet\OnlineUpdate\mingwm10.dll
2015-05-05 11:01 - 2009-06-23 03:42 - 00043008 _____ () C:\ProgramData\O2 Internet\OnlineUpdate\libgcc_s_dw2-1.dll
2015-05-05 11:01 - 2013-08-31 06:46 - 01148416 _____ () C:\ProgramData\O2 Internet\OnlineUpdate\QtNetwork4.dll
2015-04-30 12:57 - 2009-12-09 20:20 - 00126976 _____ () C:\Program Files (x86)\OEM\Wireless LAN Driver and Utility\EnumDevLib.dll
2016-01-11 10:36 - 2016-01-11 10:36 - 00932032 ____R () C:\Program Files (x86)\Skype\Phone\ssScreenVVS2.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:0B4227B4

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2016-02-16 23:00 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-809672343-419374325-4203523192-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Peca\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: uTorrent => "C:\Program Files (x86)\uTorrent\uTorrent.exe"
MSCONFIG\startupreg: Zune Launcher => "C:\Program Files\Zune\ZuneLauncher.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{4AE2928D-309D-4914-93DB-263A79221AC6}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{B54F7BF5-4F5F-41C3-9DDE-09AB44ACB5C4}] => (Allow) %ProgramFiles%\Zune\Zune.exe
FirewallRules: [{5C4198F0-4F22-4EEA-8A3E-A91C9EC2CD9F}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{BFB8D7FA-782D-45ED-881C-0D7B50287D44}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{864E5994-637A-4B87-9AD5-D167E0DC4786}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{28F18A57-7743-4B2E-9030-D754DEB7137B}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{16BEB015-AED5-48FC-80D4-6CE0F9E0CE99}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{9B42CB7D-944C-448D-9857-B327930E879F}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{439BAE54-746E-4AB9-A8EE-E01BFC130B53}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{3B06D1E4-B1E4-4E2E-B676-FC290737E43D}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{767BB03C-8AA6-4889-A4E5-0E93C1651592}] => (Allow) LPort=1542
FirewallRules: [{187D3ED0-D6A9-4C09-B4AC-6D4BEF540503}] => (Allow) LPort=1542
FirewallRules: [{709F701F-08CE-47A1-9F77-AEB24A5476C9}] => (Allow) LPort=53
FirewallRules: [TCP Query User{D1F020FF-3831-43BC-B7C2-B8B4017AD568}C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{165A8E1E-FCA4-4252-B52B-71CDE4687FC0}C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{39450B10-277E-42F6-80DE-F625B455E5FB}C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{D20994F5-B9DA-4B57-8697-27C582D7428A}C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [{D6FF1231-00B7-4CAB-ADA1-3978396CB890}] => (Allow) C:\Program Files (x86)\OEM\Wireless LAN Driver and Utility\RtWLan.exe
FirewallRules: [{520A2446-BE9D-459E-82C1-DA71691323A6}] => (Allow) C:\Program Files (x86)\OEM\Wireless LAN Driver and Utility\RtWLan.exe
FirewallRules: [{A13B4500-C144-4C1B-9964-9243E4E371BB}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{329FD758-EE5F-4288-B4BA-C325D63F7792}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{652E43A8-4284-4517-B6DD-184A8310102D}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{EE6DB920-55EA-416D-BA14-AD73AF4EC0ED}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{E319C910-22B4-4BF5-BF15-0E114A6F9153}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{C43E9DE7-302C-428D-BEDE-2472C0E8A1F3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{69B8AFFB-0BF5-48C1-ADD7-6CF371F39C66}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{F413887C-4000-4D40-A219-8CEC563BC857}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{455A221D-EED7-4CE2-BF33-B06076065873}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{8722D773-71D9-4FF6-A927-633AA31726B6}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{2A8F830E-DC17-45A6-A043-41BEF0F75927}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{38D030BA-1099-42EE-814D-DB1426CFE8BE}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{065D20CE-CC31-4CFE-883E-5FB20D02F25A}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{912FA6CA-EA6F-47C3-A25D-07B6F4158A80}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{71B02FC7-EDFC-4722-958C-90173BEA56F7}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe

==================== Restore Points =========================

12-02-2016 19:40:27 End of disinfection
15-02-2016 20:16:51 ComboFix created restore point

==================== Faulty Device Manager Devices =============

Name: ELAN PS/2 Port Smart-Pad
Description: ELAN PS/2 Port Smart-Pad
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: ELAN
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Základní systémové zařízení
Description: Základní systémové zařízení
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Základní systémové zařízení
Description: Základní systémové zařízení
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/18/2016 04:24:26 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005

Error: (02/17/2016 07:59:03 PM) (Source: MsiInstaller) (EventID: 1024) (User: Peca-PC)
Description: Aktualizaci {AC76BA86-7AD7-0000-2550-AC0F0A4E5B00} produktu Adobe Acrobat Reader DC - Czech nebylo možné nainstalovat. Kód chyby: 1625. Instalační služba systému Windows může vytvořit soubor protokolu s informacemi, které usnadní řešení potíží při instalaci softwaru. Další informace naleznete na webu na adrese http://go.microsoft.com/fwlink/?LinkId=23127

Error: (02/17/2016 12:47:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/17/2016 12:46:23 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Aktivace licence systému Windows se nezdařila. Chyba 0x80070005.

Error: (02/17/2016 12:42:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/17/2016 12:41:07 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Aktivace licence systému Windows se nezdařila. Chyba 0x80070005.

Error: (02/17/2016 09:17:58 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005

Error: (02/17/2016 12:32:14 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Generování kontextu aktivace pro C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1 se nezdařilo. Chyba v souboru manifestu nebo zásad C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2 na řádku C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/16/2016 11:07:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/16/2016 11:06:21 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Aktivace licence systému Windows se nezdařila. Chyba 0x80070005.


System errors:
=============
Error: (02/17/2016 12:46:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba O2 Internet. OUC neuspěla při spuštění v důsledku následující chyby:
%%1053

Error: (02/17/2016 12:46:39 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby O2 Internet. OUC bylo dosaženo časového limitu (30000 ms).

Error: (02/17/2016 12:41:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba O2 Internet. OUC neuspěla při spuštění v důsledku následující chyby:
%%1053

Error: (02/17/2016 12:41:22 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby O2 Internet. OUC bylo dosaženo časového limitu (30000 ms).

Error: (02/16/2016 11:06:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba O2 Internet. OUC neuspěla při spuštění v důsledku následující chyby:
%%1053

Error: (02/16/2016 11:06:59 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby O2 Internet. OUC bylo dosaženo časového limitu (30000 ms).

Error: (02/16/2016 11:00:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba O2 Internet. OUC neuspěla při spuštění v důsledku následující chyby:
%%1053

Error: (02/16/2016 11:00:16 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby O2 Internet. OUC bylo dosaženo časového limitu (30000 ms).

Error: (02/16/2016 10:58:27 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (02/16/2016 10:58:18 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.


CodeIntegrity:
===================================
Date: 2016-02-16 22:57:39.207
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-02-16 22:57:39.207
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-02-16 22:57:39.197
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-02-16 22:57:39.197
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-02-16 22:53:58.454
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-02-16 22:53:58.444
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-02-16 22:53:58.444
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-02-16 22:53:58.444
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-02-15 20:21:18.128
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-02-15 20:21:18.118
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
Percentage of memory in use: 37%
Total physical RAM: 8030.36 MB
Available physical RAM: 5017.34 MB
Total Virtual: 16058.91 MB
Available Virtual: 12699.96 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:680.54 GB) (Free:94.72 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive h: (SAMSUNG) (Fixed) (Total:465.76 GB) (Free:60.71 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or (Size: 698.6 GB) (Disk ID: 622E9765)
Partition 1: (Not Active) - (Size=18 GB) - (Type=27)
Partition 2: (Active) - (Size=680.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: D78F8BDC)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

[petrjak]

JAK SE DELAL SKEN HJT BUDE SE TAM NECO ZATRHAVAT,NEBO NE??

[jaro3]

Drive c: () (Fixed) (Total:680.54 GB) (Free:94.72 GB)

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-809672343-419374325-4203523192-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-21-809672343-419374325-4203523192-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [No File]
2016-02-08 11:48 - 2016-02-08 11:48 - 00000000 ____D C:\Windows\rundll16.exe
2016-02-08 11:48 - 2016-02-08 11:48 - 00000000 ____D C:\Windows\logo1_.exe
2016-02-07 00:15 - 2016-02-09 08:14 - 00044885 _____ C:\Users\Peca\Documents\pinfect.zip
2016-02-05 18:08 - 2016-02-05 18:08 - 00000000 ____D C:\Windows\VDLL.DLL
2016-02-05 18:08 - 2016-02-05 18:08 - 00000000 ____D C:\Windows\SysWOW64\runouce.exe
2016-02-05 18:08 - 2016-02-05 18:08 - 00000000 ____D C:\Windows\logo_1.exe
2016-02-05 17:49 - 2016-02-08 11:47 - 00000054 _____ C:\Windows\Lic.xxx
2016-01-31 19:02 - 2016-01-31 19:02 - 00003944 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-01-31 19:02 - 2016-01-31 19:02 - 00003692 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\ProgramData\ESET
C:\Windows\logo1_.exe
C:\Windows\logo_1.exe
C:\Windows\rundll16.exe
C:\Windows\VDLL.DLL
C:\Windows\SysWOW64\runouce.exe
Task: {B75205D7-2CD6-4081-887A-93F40364E7AB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {EF102E8C-8025-4DAB-A869-596660A65CC9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
H:\a8faeb992466e48ea1

EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.