Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by Romanka on 12.08.2016 at 18:48:09,76.
Microsoft Windows 10 Home 10.0.10586 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Romanka\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
12.08.2016 18:50:46 Zoek.exe System Restore Point Created Successfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
127.0.0.1 localhost
==== Empty Folders Check ======================
C:\PROGRA~2\InstallShield Installation Information deleted successfully
C:\PROGRA~3\Comms deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\Users\Romanka\AppData\Local\ActiveSync deleted successfully
C:\Users\Romanka\AppData\Local\NetworkTiles deleted successfully
C:\Users\Romanka\AppData\Local\VirtualStore deleted successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Maps deleted successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\NetworkTiles deleted successfully
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\Romanka\AppData\Roaming\Mozilla\Firefox\Profiles\jugnph8w.default\prefs.js:
Added to C:\Users\Romanka\AppData\Roaming\Mozilla\Firefox\Profiles\jugnph8w.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Deleting Files \ Folders ======================
C:\PROGRA~2\InstallShield Installation Information not found
C:\PROGRA~3\Package Cache deleted
==== Firefox Start and Search pages ======================
ProfilePath: C:\Users\Romanka\AppData\Roaming\Mozilla\Firefox\Profiles\jugnph8w.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
Prosím o kontrolu Vyřešeno
Re: Prosím o kontrolu
----------------------------------------------------------------------------
CrystalDiskInfo 7.0.0 (C) 2008-2016 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows 10 [10.0 Build 10586] (x64)
Date : 2016/08/13 9:18:55
-- Controller Map ----------------------------------------------------------
+ Řadič SATA AMD [ATA]
- HGST HTS545050A7E380
- Řadič prostorů úložišť [SCSI]
-- Disk List ---------------------------------------------------------------
(1) HGST HTS545050A7E380 : 500,1 GB [0/0/0, pd1]
----------------------------------------------------------------------------
(1) HGST HTS545050A7E380
----------------------------------------------------------------------------
Model : HGST HTS545050A7E380
Firmware : GG2OACA0
Serial Number : TE85144N03D5MW
Disk Size : 500,1 GB (8,4/137,4/500,1/500,1)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 976773168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 6
Transfer Mode : ---- | SATA/300
Power On Hours : 3108 hod.
Power On Count : 1372 krát
Temperature : 34 C (93 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 4080h [ON]
AAM Level : ----
Drive Letter : C: D:
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 _97 _62 000000000000 Počet chyb čtení
02 100 100 _40 000000000000 Průchodnost disku
03 214 100 _33 000E00000001 Čas na roztočení ploten
04 100 100 __0 0000000005CC Počet spuštění/zastavení
05 100 100 __5 000000000000 Počet přemapovaných sektorů
07 100 100 _67 000000000000 Počet chybných hledání
08 100 100 _40 000000000000 Čas potřebný na vyhledání
09 _93 _93 __0 000000000C24 Hodin v činnosti
0A 100 100 _60 000000000000 Počet opakovaných pokusů o roztočení ploten
0C 100 100 __0 00000000055C Počet cyklů zapnutí zařízení
B7 100 100 __0 000000000000 Specifický pro výrobce
B8 100 100 _97 000000000000 Ukončovacích chyb
BB 100 _94 __0 010800060006 Ohlášeno neopravitelných chyb
BC 100 100 __0 000000000000 Časový limit příkazu
BE _66 _56 _45 000015220022 Teplota toku vzduchu
BF 100 100 __0 0000000000D6 Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 000000B600B6 Počet vypnutí disku
C1 _80 _80 __0 0000000316BB Počet cyklů načítání/vymazání
C4 100 100 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 100 100 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
DF 100 100 __0 000000000000 Zatížení budiče magnetických hlav způsobené opakovanými úkony
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2020 5445 3835 3134 344E 3033 4435 4D57
020: 0003 4000 0004 4747 324F 4143 4130 4847 5354 2048
030: 5453 3534 3530 3530 4137 4533 3830 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 0D06 0000 004C 0044
080: 01FC 0028 706B 7C09 6123 7069 BC09 6123 203F 003A
090: 003B 4080 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 6030 3A38 0000 0000 0000 0000 6003 826C 5000 CCA7
110: ADC1 8AD7 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 000B
130: 0000 0000 2182 1CF1 3A00 0000 4000 0400 0003 0000
140: 0000 0405 0901 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 3248 4243 0000 2802 0000 5DBD 2388 8000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 003D 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 101F 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0080 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 84A5
-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 64 61 00 00 00 00 00 00 00 02 25
010: 00 64 64 00 00 00 00 00 00 00 03 23 00 D6 64 01
020: 00 00 00 0E 00 00 04 32 00 64 64 CC 05 00 00 00
030: 00 00 05 33 00 64 64 00 00 00 00 00 00 00 07 2F
040: 00 64 64 00 00 00 00 00 00 00 08 25 00 64 64 00
050: 00 00 00 00 00 00 09 32 00 5D 5D 24 0C 00 00 00
060: 00 00 0A 33 00 64 64 00 00 00 00 00 00 00 0C 32
070: 00 64 64 5C 05 00 00 00 00 00 B7 32 00 64 64 00
080: 00 00 00 00 00 00 B8 33 00 64 64 00 00 00 00 00
090: 00 00 BB 32 00 64 5E 06 00 06 00 08 01 00 BC 32
0A0: 00 64 64 00 00 00 00 00 00 00 BE 22 00 42 38 22
0B0: 00 22 15 00 00 00 BF 32 00 64 64 D6 00 00 00 00
0C0: 00 00 C0 32 00 64 64 B6 00 B6 00 00 00 00 C1 32
0D0: 00 50 50 BB 16 03 00 00 00 00 C4 32 00 64 64 00
0E0: 00 00 00 00 00 00 C5 32 00 64 64 00 00 00 00 00
0F0: 00 00 C6 30 00 64 64 00 00 00 00 00 00 00 C7 36
100: 00 64 64 00 00 00 00 00 00 00 DF 2A 00 64 64 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 2D 00 01 51
170: 03 00 01 00 02 75 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 D2
CrystalDiskInfo 7.0.0 (C) 2008-2016 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows 10 [10.0 Build 10586] (x64)
Date : 2016/08/13 9:18:55
-- Controller Map ----------------------------------------------------------
+ Řadič SATA AMD [ATA]
- HGST HTS545050A7E380
- Řadič prostorů úložišť [SCSI]
-- Disk List ---------------------------------------------------------------
(1) HGST HTS545050A7E380 : 500,1 GB [0/0/0, pd1]
----------------------------------------------------------------------------
(1) HGST HTS545050A7E380
----------------------------------------------------------------------------
Model : HGST HTS545050A7E380
Firmware : GG2OACA0
Serial Number : TE85144N03D5MW
Disk Size : 500,1 GB (8,4/137,4/500,1/500,1)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 976773168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 6
Transfer Mode : ---- | SATA/300
Power On Hours : 3108 hod.
Power On Count : 1372 krát
Temperature : 34 C (93 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 4080h [ON]
AAM Level : ----
Drive Letter : C: D:
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 _97 _62 000000000000 Počet chyb čtení
02 100 100 _40 000000000000 Průchodnost disku
03 214 100 _33 000E00000001 Čas na roztočení ploten
04 100 100 __0 0000000005CC Počet spuštění/zastavení
05 100 100 __5 000000000000 Počet přemapovaných sektorů
07 100 100 _67 000000000000 Počet chybných hledání
08 100 100 _40 000000000000 Čas potřebný na vyhledání
09 _93 _93 __0 000000000C24 Hodin v činnosti
0A 100 100 _60 000000000000 Počet opakovaných pokusů o roztočení ploten
0C 100 100 __0 00000000055C Počet cyklů zapnutí zařízení
B7 100 100 __0 000000000000 Specifický pro výrobce
B8 100 100 _97 000000000000 Ukončovacích chyb
BB 100 _94 __0 010800060006 Ohlášeno neopravitelných chyb
BC 100 100 __0 000000000000 Časový limit příkazu
BE _66 _56 _45 000015220022 Teplota toku vzduchu
BF 100 100 __0 0000000000D6 Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 000000B600B6 Počet vypnutí disku
C1 _80 _80 __0 0000000316BB Počet cyklů načítání/vymazání
C4 100 100 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 100 100 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
DF 100 100 __0 000000000000 Zatížení budiče magnetických hlav způsobené opakovanými úkony
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2020 5445 3835 3134 344E 3033 4435 4D57
020: 0003 4000 0004 4747 324F 4143 4130 4847 5354 2048
030: 5453 3534 3530 3530 4137 4533 3830 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 0D06 0000 004C 0044
080: 01FC 0028 706B 7C09 6123 7069 BC09 6123 203F 003A
090: 003B 4080 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 6030 3A38 0000 0000 0000 0000 6003 826C 5000 CCA7
110: ADC1 8AD7 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 000B
130: 0000 0000 2182 1CF1 3A00 0000 4000 0400 0003 0000
140: 0000 0405 0901 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 3248 4243 0000 2802 0000 5DBD 2388 8000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 003D 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 101F 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0080 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 84A5
-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 64 61 00 00 00 00 00 00 00 02 25
010: 00 64 64 00 00 00 00 00 00 00 03 23 00 D6 64 01
020: 00 00 00 0E 00 00 04 32 00 64 64 CC 05 00 00 00
030: 00 00 05 33 00 64 64 00 00 00 00 00 00 00 07 2F
040: 00 64 64 00 00 00 00 00 00 00 08 25 00 64 64 00
050: 00 00 00 00 00 00 09 32 00 5D 5D 24 0C 00 00 00
060: 00 00 0A 33 00 64 64 00 00 00 00 00 00 00 0C 32
070: 00 64 64 5C 05 00 00 00 00 00 B7 32 00 64 64 00
080: 00 00 00 00 00 00 B8 33 00 64 64 00 00 00 00 00
090: 00 00 BB 32 00 64 5E 06 00 06 00 08 01 00 BC 32
0A0: 00 64 64 00 00 00 00 00 00 00 BE 22 00 42 38 22
0B0: 00 22 15 00 00 00 BF 32 00 64 64 D6 00 00 00 00
0C0: 00 00 C0 32 00 64 64 B6 00 B6 00 00 00 00 C1 32
0D0: 00 50 50 BB 16 03 00 00 00 00 C4 32 00 64 64 00
0E0: 00 00 00 00 00 00 C5 32 00 64 64 00 00 00 00 00
0F0: 00 00 C6 30 00 64 64 00 00 00 00 00 00 00 C7 36
100: 00 64 64 00 00 00 00 00 00 00 DF 2A 00 64 64 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 2D 00 01 51
170: 03 00 01 00 02 75 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 D2
Re: Prosím o kontrolu
přijde mi že se zoek nedodělal cely, nevyzvalo to k restartu pc a jako poslední řádek naskočilo Firefox Extensions datum a čas
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu
Firefox Extensions -- stává se , že se to někdy na tom zastaví.
Zkus ještě jednou v nouz. režimu.
Vlož nový log z HJT + informuj o problémech
Zkus ještě jednou v nouz. režimu.
Vlož nový log z HJT + informuj o problémech
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosím o kontrolu
Zoek.exe v5.0.0.1 Updated 27-09-2015
Tool run by Romanka on 13.08.2016 at 11:20:43,41.
Microsoft Windows 10 Home 10.0.10586 x64
Running in: Safe Mode MINIMAL No Internet Access Detected
Launched: C:\Users\Romanka\Desktop\zoek.exe [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2016-08-12-173907.log 2723 bytes
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
127.0.0.1 localhost
==== Empty Folders Check ======================
C:\Users\Romanka\AppData\Local\ActiveSync deleted successfully
C:\Users\Romanka\AppData\Local\NetworkTiles deleted successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Maps deleted successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\NetworkTiles deleted successfully
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\Romanka\AppData\Roaming\Mozilla\Firefox\Profiles\jugnph8w.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
Added to C:\Users\Romanka\AppData\Roaming\Mozilla\Firefox\Profiles\jugnph8w.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Firefox Start and Search pages ======================
ProfilePath: C:\Users\Romanka\AppData\Roaming\Mozilla\Firefox\Profiles\jugnph8w.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Firefox Extensions ======================
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi
==== Firefox Plugins ======================
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02"
==== Reset Google Chrome ======================
Nothing found to reset
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Romanka\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Romanka\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Romanka\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Romanka\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
==== Empty FireFox Cache ======================
C:\Users\Romanka\AppData\Local\Mozilla\Firefox\Profiles\jugnph8w.default\cache2 emptied successfully
==== Empty Chrome Cache ======================
No Chrome User Data found
==== Empty All Flash Cache ======================
No Flash Cache Found
==== Empty All Java Cache ======================
No Java Cache Found
==== C:\zoek_backup content ======================
C:\zoek_backup (files=25 folders=29 28110730 bytes)
==== Empty Temp Folders ======================
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Romanka\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on 13.08.2016 at 11:54:33,92 ======================
Tool run by Romanka on 13.08.2016 at 11:20:43,41.
Microsoft Windows 10 Home 10.0.10586 x64
Running in: Safe Mode MINIMAL No Internet Access Detected
Launched: C:\Users\Romanka\Desktop\zoek.exe [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2016-08-12-173907.log 2723 bytes
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
127.0.0.1 localhost
==== Empty Folders Check ======================
C:\Users\Romanka\AppData\Local\ActiveSync deleted successfully
C:\Users\Romanka\AppData\Local\NetworkTiles deleted successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Maps deleted successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\NetworkTiles deleted successfully
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\Romanka\AppData\Roaming\Mozilla\Firefox\Profiles\jugnph8w.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
Added to C:\Users\Romanka\AppData\Roaming\Mozilla\Firefox\Profiles\jugnph8w.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Firefox Start and Search pages ======================
ProfilePath: C:\Users\Romanka\AppData\Roaming\Mozilla\Firefox\Profiles\jugnph8w.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Firefox Extensions ======================
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi
==== Firefox Plugins ======================
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02"
==== Reset Google Chrome ======================
Nothing found to reset
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Romanka\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Romanka\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Romanka\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Romanka\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
==== Empty FireFox Cache ======================
C:\Users\Romanka\AppData\Local\Mozilla\Firefox\Profiles\jugnph8w.default\cache2 emptied successfully
==== Empty Chrome Cache ======================
No Chrome User Data found
==== Empty All Flash Cache ======================
No Flash Cache Found
==== Empty All Java Cache ======================
No Java Cache Found
==== C:\zoek_backup content ======================
C:\zoek_backup (files=25 folders=29 28110730 bytes)
==== Empty Temp Folders ======================
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Romanka\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on 13.08.2016 at 11:54:33,92 ======================
Re: Prosím o kontrolu
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:04:03, on 13.08.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10586.0545)
FIREFOX: 48.0 (x86 cs)
Boot mode: Safe mode
Running processes:
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Users\Romanka\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Romanka\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Romanka\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Romanka\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: AdaptiveSleepService - Unknown owner - C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: HP CASL Framework Service (hpqcaslwmiex) - HP - C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
O23 - Service: @oem14.inf,%hpservice_desc%;HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 7252 bytes
Scan saved at 12:04:03, on 13.08.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10586.0545)
FIREFOX: 48.0 (x86 cs)
Boot mode: Safe mode
Running processes:
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Users\Romanka\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Romanka\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Romanka\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Romanka\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: AdaptiveSleepService - Unknown owner - C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: HP CASL Framework Service (hpqcaslwmiex) - HP - C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
O23 - Service: @oem14.inf,%hpservice_desc%;HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 7252 bytes
Re: Prosím o kontrolu
zkusil jsem stahnut i origo ovladače ale také nepomohlo, mozilla pracuje jak když nepracuje, flash aplikce (především přtelkyně chce hrat farmrville a to se ani nenačte) nevím co s tím, kdybych měl ovladače tak bych tam zkusil dat W7 jestli by to bylo lepší
každopádně podle předchozích vysledku, které jsem zde vkládal, bylo tam něco nebo ne?
každopádně podle předchozích vysledku, které jsem zde vkládal, bylo tam něco nebo ne?
Re: Prosím o kontrolu
memtest se rozběhl když jsem tam zadal nějakou hodnotu, např 3000 tak to běželo asi dvě hodiny a počet chyb 0
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu
Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod
Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.
000E00000001 Čas na roztočení ploten
0000000000D6 Počet udalostí zaznamenaných otřesovým senzorem
Udělej znovu CDI.
Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.
Návod
Kód: Vybrat vše
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Romanka\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Romanka\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.
000E00000001 Čas na roztočení ploten
0000000000D6 Počet udalostí zaznamenaných otřesovým senzorem
Udělej znovu CDI.
Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosím o kontrolu
aswMBR version 1.0.1.2290 Copyright(c) 2014 AVAST Software
Run date: 2016-08-14 11:36:11
-----------------------------
11:36:11.762 OS Version: Windows x64 6.2.9200
11:36:11.762 Number of processors: 2 586 0x1
11:36:11.778 ComputerName: ROMANKA UserName: Romanka
11:36:12.497 Initialize success
11:36:12.684 VM: initialized successfully
11:36:12.684 VM: Amd CPU BiosDisabled
11:36:34.268 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000002b
11:36:34.284 Disk 0 Vendor: HGST_HTS545050A7E380 GG2OACA0 Size: 476940MB BusType: 11
11:36:34.456 Disk 0 MBR read successfully
11:36:34.472 Disk 0 MBR scan
11:36:34.487 Disk 0 unknown MBR code
11:36:34.503 Disk 0 Partition 1 00 EE GPT 2097151 MB offset 1
11:36:34.628 Disk 0 scanning C:\Windows\system32\drivers
11:36:45.425 Service scanning
11:37:15.562 Modules scanning
11:37:15.593 Disk 0 trace - called modules:
11:37:15.656 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys amdxata.sys storport.sys hal.dll amdsata.sys
11:37:15.671 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xffffe000cea63460]
11:37:15.687 3 CLASSPNP.SYS[fffff800ca6b7d95] -> nt!IofCallDriver -> [0xffffe000cea646f0]
11:37:15.718 5 hpdskflt.sys[fffff800caeb2448] -> nt!IofCallDriver -> [0xffffe000ce3b95a0]
11:37:15.734 7 amdxata.sys[fffff800ca0616da] -> nt!IofCallDriver -> \Device\0000002b[0xffffe000ce3bb060]
11:37:15.750 Disk 0 statistics 139402/0/0 @ 8,04 MB/s
11:37:15.765 Scan finished successfully
11:43:39.719 Disk 0 MBR has been saved successfully to "C:\Users\Romanka\Desktop\MBR.dat"
11:43:39.766 The log file has been saved successfully to "C:\Users\Romanka\Desktop\aswMBR.txt"
Run date: 2016-08-14 11:36:11
-----------------------------
11:36:11.762 OS Version: Windows x64 6.2.9200
11:36:11.762 Number of processors: 2 586 0x1
11:36:11.778 ComputerName: ROMANKA UserName: Romanka
11:36:12.497 Initialize success
11:36:12.684 VM: initialized successfully
11:36:12.684 VM: Amd CPU BiosDisabled
11:36:34.268 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000002b
11:36:34.284 Disk 0 Vendor: HGST_HTS545050A7E380 GG2OACA0 Size: 476940MB BusType: 11
11:36:34.456 Disk 0 MBR read successfully
11:36:34.472 Disk 0 MBR scan
11:36:34.487 Disk 0 unknown MBR code
11:36:34.503 Disk 0 Partition 1 00 EE GPT 2097151 MB offset 1
11:36:34.628 Disk 0 scanning C:\Windows\system32\drivers
11:36:45.425 Service scanning
11:37:15.562 Modules scanning
11:37:15.593 Disk 0 trace - called modules:
11:37:15.656 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys amdxata.sys storport.sys hal.dll amdsata.sys
11:37:15.671 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xffffe000cea63460]
11:37:15.687 3 CLASSPNP.SYS[fffff800ca6b7d95] -> nt!IofCallDriver -> [0xffffe000cea646f0]
11:37:15.718 5 hpdskflt.sys[fffff800caeb2448] -> nt!IofCallDriver -> [0xffffe000ce3b95a0]
11:37:15.734 7 amdxata.sys[fffff800ca0616da] -> nt!IofCallDriver -> \Device\0000002b[0xffffe000ce3bb060]
11:37:15.750 Disk 0 statistics 139402/0/0 @ 8,04 MB/s
11:37:15.765 Scan finished successfully
11:43:39.719 Disk 0 MBR has been saved successfully to "C:\Users\Romanka\Desktop\MBR.dat"
11:43:39.766 The log file has been saved successfully to "C:\Users\Romanka\Desktop\aswMBR.txt"
Re: Prosím o kontrolu
000E00000001 Čas na roztočení ploten
0000000000D6 Počet udalostí zaznamenaných otřesovým senzorem
Udělej znovu CDI.
---------------- stejné hodnoty
0000000000D6 Počet udalostí zaznamenaných otřesovým senzorem
Udělej znovu CDI.
---------------- stejné hodnoty
Re: Prosím o kontrolu
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-08-2016 01
Ran by Romanka (2016-08-14 11:49:30)
Running from C:\Users\Romanka\Desktop
Windows 10 Home Version 1511 (X64) (2016-08-05 15:25:19)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-477492210-1849213221-4011673979-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-477492210-1849213221-4011673979-503 - Limited - Disabled)
Guest (S-1-5-21-477492210-1849213221-4011673979-501 - Limited - Disabled)
Romanka (S-1-5-21-477492210-1849213221-4011673979-1001 - Administrator - Enabled) => C:\Users\Romanka
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{E7659924-9EC9-B722-0136-A6D414E6E29E}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.)
Catalyst Control Center Next Localization BR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
CrystalDiskInfo 7.0.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 7.0.0 - Crystal Dew World)
HP 3D DriveGuard (HKLM-x32\...\{E8D0E2B8-B64B-44BC-8E01-00DDACBDF78A}) (Version: 6.0.28.1 - Hewlett-Packard Company)
HP AC Power Control (HKLM\...\{F819C151-FFEE-4F01-BE68-0D1F76574F44}) (Version: 1.0.6 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{39C8BE76-CF6A-466F-8618-0B52CC4CA0FC}) (Version: 8.3.27.17 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{7C3170E8-E61A-41D9-8547-8E96445EA510}) (Version: 12.5.26.37 - HP Inc.)
Malwarebytes Anti-Malware verze 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 48.0 (x86 cs) (HKLM-x32\...\Mozilla Firefox 48.0 (x86 cs)) (Version: 48.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 48.0 - Mozilla)
OEM Application Profile (x32 Version: 1.00.0000 - Název společnosti:) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.29069 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 8.19.726.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7564 - Realtek Semiconductor Corp.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.2.4.0 - Synaptics Incorporated)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-477492210-1849213221-4011673979-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Romanka\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {A5C8DF9C-0A0E-453C-9AED-CADB6A3EDE8B} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-06-15] (HP Inc.)
Task: {B05DB4C1-49E7-4EFB-B419-3F6AC4CB7FA6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-07-04] (HP Inc.)
Task: {BAC49756-44E5-4167-AB1D-C71DFF56765B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-07-04] (HP Inc.)
Task: {C91CE291-48DC-467F-B295-EE814DF9C9FE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-07-04] (HP Inc.)
Task: {DCB53F03-3C54-4E9D-B015-4C255C90A165} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-07-04] (HP Inc.)
Task: {DE384745-689D-421A-B797-93B1A5A42150} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-07-04] (HP Inc.)
Task: {FA2CFBB2-0A6D-40F7-A65B-2AE9BDAC03F3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-08-13] (Adobe Systems Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
Task: C:\Windows\Tasks\HPCeeScheduleForRomanka.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2015-07-06 21:37 - 2015-07-06 21:37 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2015-07-06 21:37 - 2015-07-06 21:37 - 00138752 _____ () C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\Windows\SYSTEM32\ism32k.dll
2016-08-06 16:04 - 2016-07-01 06:48 - 02656408 _____ () C:\Windows\system32\CoreUIComponents.dll
2016-08-06 16:04 - 2016-07-01 06:48 - 02656408 _____ () C:\Windows\System32\CoreUIComponents.dll
2016-08-09 02:28 - 2016-08-09 02:28 - 00959168 _____ () C:\Users\Romanka\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2015-12-17 21:28 - 2015-12-07 06:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-08-06 16:07 - 2016-07-01 05:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-08-06 16:04 - 2016-07-01 05:27 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-08-06 16:04 - 2016-07-01 05:21 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-08-06 16:04 - 2016-07-01 05:22 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-08-06 16:04 - 2016-07-01 05:24 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-06-25 16:34 - 2015-06-25 16:34 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2015-06-25 16:37 - 2015-06-25 16:37 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-25 16:35 - 2015-06-25 16:35 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2015-06-25 16:38 - 2015-06-25 16:38 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-25 15:53 - 2015-06-25 15:53 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2015-06-25 15:51 - 2015-06-25 15:51 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-08-06 06:03 - 2016-08-06 06:05 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-08-06 05:46 - 2016-08-06 05:47 - 10256384 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11602.1.26.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2016-08-06 06:03 - 2016-08-06 06:05 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-08-06 06:03 - 2016-08-06 06:05 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2016-08-05 08:29 - 2016-08-13 11:25 - 00000753 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-477492210-1849213221-4011673979-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-477492210-1849213221-4011673979-1001\...\StartupApproved\Run: => "OneDrive"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{A00CCB95-6C1A-4508-93AC-DE3D89DAEB28}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{85A58DE6-5482-44FC-877B-E955EB8EF84A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Restore Points =========================
12-08-2016 18:49:54 zoek.exe restore point
==================== Faulty Device Manager Devices =============
Name: Ralink RT3290 802.11bgn Wi-Fi Adapter
Description: Ralink RT3290 802.11bgn Wi-Fi Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Ralink Technology, Corp.
Service: netr28x
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (08/13/2016 11:54:42 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ROMANKA)
Description: Aplikaci Microsoft.Getstarted_4.0.9.0_x64__8wekyb3d8bbwe:App.AppX7mv0s3r0wanj0n66dy6vax24ps6avzvz.mca se nepovedlo aktivovat, protože došlo k chybě: -2144927149. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
Error: (08/13/2016 11:19:03 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ROMANKA)
Description: Aplikaci Microsoft.Getstarted_4.0.9.0_x64__8wekyb3d8bbwe:App.AppX7mv0s3r0wanj0n66dy6vax24ps6avzvz.mca se nepovedlo aktivovat, protože došlo k chybě: -2144927149. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
Error: (08/12/2016 06:50:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).
System Error:
Přístup byl odepřen.
.
Error: (08/11/2016 07:08:43 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
Error: (08/11/2016 07:03:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SearchUI.exe, verze: 10.0.10586.494, časové razítko: 0x5775e69a
Název chybujícího modulu: Windows.UI.Xaml.dll, verze: 10.0.10586.545, časové razítko: 0x57a1bca1
Kód výjimky: 0xc000027b
Posun chyby: 0x00000000006fd01b
ID chybujícího procesu: 0x1124
Čas spuštění chybující aplikace: 0xSearchUI.exe0
Cesta k chybující aplikaci: SearchUI.exe1
Cesta k chybujícímu modulu: SearchUI.exe2
ID zprávy: SearchUI.exe3
Úplný název chybujícího balíčku: SearchUI.exe4
ID aplikace související s chybujícím balíčkem: SearchUI.exe5
Error: (08/09/2016 06:23:25 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ROMANKA)
Description: Aplikaci Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
Error: (08/09/2016 06:16:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: taskhostw.exe, verze: 10.0.10586.0, časové razítko: 0x5632d756
Název chybujícího modulu: ntdll.dll, verze: 10.0.10586.306, časové razítko: 0x571af2eb
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000231f7
ID chybujícího procesu: 0xb70
Čas spuštění chybující aplikace: 0xtaskhostw.exe0
Cesta k chybující aplikaci: taskhostw.exe1
Cesta k chybujícímu modulu: taskhostw.exe2
ID zprávy: taskhostw.exe3
Úplný název chybujícího balíčku: taskhostw.exe4
ID aplikace související s chybujícím balíčkem: taskhostw.exe5
Error: (08/09/2016 06:13:54 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ROMANKA)
Description: Aplikaci Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
Error: (08/09/2016 06:11:08 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ROMANKA)
Description: Aplikaci Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
Error: (08/06/2016 08:19:45 AM) (Source: Adaptive Sleep Service) (EventID: 0) (User: )
Description: Failed to create service, error code = 1073
System errors:
=============
Error: (08/13/2016 01:21:59 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Hostitel synchronizace_218ee bylo dosaženo časového limitu (30000 ms).
Error: (08/13/2016 01:21:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Hostitel synchronizace_218ee byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.
Error: (08/13/2016 12:56:11 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Hostitel synchronizace_261d6 bylo dosaženo časového limitu (30000 ms).
Error: (08/13/2016 12:56:11 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Úložiště uživatelských dat_261d6 bylo dosaženo časového limitu (30000 ms).
Error: (08/13/2016 12:56:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Přístup k uživatelským datům_261d6 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.
Error: (08/13/2016 12:56:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Úložiště uživatelských dat_261d6 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.
Error: (08/13/2016 12:56:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Data kontaktů_261d6 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.
Error: (08/13/2016 12:56:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Hostitel synchronizace_261d6 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.
Error: (08/13/2016 12:05:19 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: 1084dpsNení k dispozici{DDCFD26B-FEED-44CD-B71D-79487D2E5E5A}
Error: (08/13/2016 12:05:19 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: 1084dpsNení k dispozici{DDCFD26B-FEED-44CD-B71D-79487D2E5E5A}
CodeIntegrity:
===================================
Date: 2016-08-11 18:59:07.067
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-08-06 17:00:11.306
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-08-06 16:19:27.001
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-08-05 17:13:39.600
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: AMD A4-1250 APU with Radeon(TM) HD Graphics
Percentage of memory in use: 19%
Total physical RAM: 7638.26 MB
Available physical RAM: 6132.21 MB
Total Virtual: 9494.26 MB
Available Virtual: 8083.23 MB
==================== Drives ================================
Drive c: (System) (Fixed) (Total:106.87 GB) (Free:80.78 GB) NTFS
Drive d: (Data) (Fixed) (Total:358.34 GB) (Free:263.28 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 25844AE9)
Partition: GPT.
==================== End of Addition.txt ============================
Ran by Romanka (2016-08-14 11:49:30)
Running from C:\Users\Romanka\Desktop
Windows 10 Home Version 1511 (X64) (2016-08-05 15:25:19)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-477492210-1849213221-4011673979-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-477492210-1849213221-4011673979-503 - Limited - Disabled)
Guest (S-1-5-21-477492210-1849213221-4011673979-501 - Limited - Disabled)
Romanka (S-1-5-21-477492210-1849213221-4011673979-1001 - Administrator - Enabled) => C:\Users\Romanka
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{E7659924-9EC9-B722-0136-A6D414E6E29E}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.)
Catalyst Control Center Next Localization BR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
CrystalDiskInfo 7.0.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 7.0.0 - Crystal Dew World)
HP 3D DriveGuard (HKLM-x32\...\{E8D0E2B8-B64B-44BC-8E01-00DDACBDF78A}) (Version: 6.0.28.1 - Hewlett-Packard Company)
HP AC Power Control (HKLM\...\{F819C151-FFEE-4F01-BE68-0D1F76574F44}) (Version: 1.0.6 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{39C8BE76-CF6A-466F-8618-0B52CC4CA0FC}) (Version: 8.3.27.17 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{7C3170E8-E61A-41D9-8547-8E96445EA510}) (Version: 12.5.26.37 - HP Inc.)
Malwarebytes Anti-Malware verze 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 48.0 (x86 cs) (HKLM-x32\...\Mozilla Firefox 48.0 (x86 cs)) (Version: 48.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 48.0 - Mozilla)
OEM Application Profile (x32 Version: 1.00.0000 - Název společnosti:) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.29069 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 8.19.726.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7564 - Realtek Semiconductor Corp.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.2.4.0 - Synaptics Incorporated)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-477492210-1849213221-4011673979-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Romanka\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {A5C8DF9C-0A0E-453C-9AED-CADB6A3EDE8B} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-06-15] (HP Inc.)
Task: {B05DB4C1-49E7-4EFB-B419-3F6AC4CB7FA6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-07-04] (HP Inc.)
Task: {BAC49756-44E5-4167-AB1D-C71DFF56765B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-07-04] (HP Inc.)
Task: {C91CE291-48DC-467F-B295-EE814DF9C9FE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-07-04] (HP Inc.)
Task: {DCB53F03-3C54-4E9D-B015-4C255C90A165} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-07-04] (HP Inc.)
Task: {DE384745-689D-421A-B797-93B1A5A42150} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-07-04] (HP Inc.)
Task: {FA2CFBB2-0A6D-40F7-A65B-2AE9BDAC03F3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-08-13] (Adobe Systems Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
Task: C:\Windows\Tasks\HPCeeScheduleForRomanka.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2015-07-06 21:37 - 2015-07-06 21:37 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2015-07-06 21:37 - 2015-07-06 21:37 - 00138752 _____ () C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\Windows\SYSTEM32\ism32k.dll
2016-08-06 16:04 - 2016-07-01 06:48 - 02656408 _____ () C:\Windows\system32\CoreUIComponents.dll
2016-08-06 16:04 - 2016-07-01 06:48 - 02656408 _____ () C:\Windows\System32\CoreUIComponents.dll
2016-08-09 02:28 - 2016-08-09 02:28 - 00959168 _____ () C:\Users\Romanka\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2015-12-17 21:28 - 2015-12-07 06:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-08-06 16:07 - 2016-07-01 05:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-08-06 16:04 - 2016-07-01 05:27 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-08-06 16:04 - 2016-07-01 05:21 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-08-06 16:04 - 2016-07-01 05:22 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-08-06 16:04 - 2016-07-01 05:24 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-06-25 16:34 - 2015-06-25 16:34 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2015-06-25 16:37 - 2015-06-25 16:37 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-25 16:35 - 2015-06-25 16:35 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2015-06-25 16:38 - 2015-06-25 16:38 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-25 15:53 - 2015-06-25 15:53 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2015-06-25 15:51 - 2015-06-25 15:51 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-08-06 06:03 - 2016-08-06 06:05 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-08-06 05:46 - 2016-08-06 05:47 - 10256384 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11602.1.26.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2016-08-06 06:03 - 2016-08-06 06:05 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-08-06 06:03 - 2016-08-06 06:05 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2016-08-05 08:29 - 2016-08-13 11:25 - 00000753 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-477492210-1849213221-4011673979-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-477492210-1849213221-4011673979-1001\...\StartupApproved\Run: => "OneDrive"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{A00CCB95-6C1A-4508-93AC-DE3D89DAEB28}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{85A58DE6-5482-44FC-877B-E955EB8EF84A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Restore Points =========================
12-08-2016 18:49:54 zoek.exe restore point
==================== Faulty Device Manager Devices =============
Name: Ralink RT3290 802.11bgn Wi-Fi Adapter
Description: Ralink RT3290 802.11bgn Wi-Fi Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Ralink Technology, Corp.
Service: netr28x
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (08/13/2016 11:54:42 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ROMANKA)
Description: Aplikaci Microsoft.Getstarted_4.0.9.0_x64__8wekyb3d8bbwe:App.AppX7mv0s3r0wanj0n66dy6vax24ps6avzvz.mca se nepovedlo aktivovat, protože došlo k chybě: -2144927149. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
Error: (08/13/2016 11:19:03 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ROMANKA)
Description: Aplikaci Microsoft.Getstarted_4.0.9.0_x64__8wekyb3d8bbwe:App.AppX7mv0s3r0wanj0n66dy6vax24ps6avzvz.mca se nepovedlo aktivovat, protože došlo k chybě: -2144927149. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
Error: (08/12/2016 06:50:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).
System Error:
Přístup byl odepřen.
.
Error: (08/11/2016 07:08:43 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
Error: (08/11/2016 07:03:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SearchUI.exe, verze: 10.0.10586.494, časové razítko: 0x5775e69a
Název chybujícího modulu: Windows.UI.Xaml.dll, verze: 10.0.10586.545, časové razítko: 0x57a1bca1
Kód výjimky: 0xc000027b
Posun chyby: 0x00000000006fd01b
ID chybujícího procesu: 0x1124
Čas spuštění chybující aplikace: 0xSearchUI.exe0
Cesta k chybující aplikaci: SearchUI.exe1
Cesta k chybujícímu modulu: SearchUI.exe2
ID zprávy: SearchUI.exe3
Úplný název chybujícího balíčku: SearchUI.exe4
ID aplikace související s chybujícím balíčkem: SearchUI.exe5
Error: (08/09/2016 06:23:25 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ROMANKA)
Description: Aplikaci Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
Error: (08/09/2016 06:16:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: taskhostw.exe, verze: 10.0.10586.0, časové razítko: 0x5632d756
Název chybujícího modulu: ntdll.dll, verze: 10.0.10586.306, časové razítko: 0x571af2eb
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000231f7
ID chybujícího procesu: 0xb70
Čas spuštění chybující aplikace: 0xtaskhostw.exe0
Cesta k chybující aplikaci: taskhostw.exe1
Cesta k chybujícímu modulu: taskhostw.exe2
ID zprávy: taskhostw.exe3
Úplný název chybujícího balíčku: taskhostw.exe4
ID aplikace související s chybujícím balíčkem: taskhostw.exe5
Error: (08/09/2016 06:13:54 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ROMANKA)
Description: Aplikaci Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
Error: (08/09/2016 06:11:08 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ROMANKA)
Description: Aplikaci Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
Error: (08/06/2016 08:19:45 AM) (Source: Adaptive Sleep Service) (EventID: 0) (User: )
Description: Failed to create service, error code = 1073
System errors:
=============
Error: (08/13/2016 01:21:59 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Hostitel synchronizace_218ee bylo dosaženo časového limitu (30000 ms).
Error: (08/13/2016 01:21:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Hostitel synchronizace_218ee byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.
Error: (08/13/2016 12:56:11 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Hostitel synchronizace_261d6 bylo dosaženo časového limitu (30000 ms).
Error: (08/13/2016 12:56:11 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Úložiště uživatelských dat_261d6 bylo dosaženo časového limitu (30000 ms).
Error: (08/13/2016 12:56:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Přístup k uživatelským datům_261d6 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.
Error: (08/13/2016 12:56:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Úložiště uživatelských dat_261d6 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.
Error: (08/13/2016 12:56:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Data kontaktů_261d6 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.
Error: (08/13/2016 12:56:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Hostitel synchronizace_261d6 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.
Error: (08/13/2016 12:05:19 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: 1084dpsNení k dispozici{DDCFD26B-FEED-44CD-B71D-79487D2E5E5A}
Error: (08/13/2016 12:05:19 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: 1084dpsNení k dispozici{DDCFD26B-FEED-44CD-B71D-79487D2E5E5A}
CodeIntegrity:
===================================
Date: 2016-08-11 18:59:07.067
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-08-06 17:00:11.306
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-08-06 16:19:27.001
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-08-05 17:13:39.600
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: AMD A4-1250 APU with Radeon(TM) HD Graphics
Percentage of memory in use: 19%
Total physical RAM: 7638.26 MB
Available physical RAM: 6132.21 MB
Total Virtual: 9494.26 MB
Available Virtual: 8083.23 MB
==================== Drives ================================
Drive c: (System) (Fixed) (Total:106.87 GB) (Free:80.78 GB) NTFS
Drive d: (Data) (Fixed) (Total:358.34 GB) (Free:263.28 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 25844AE9)
Partition: GPT.
==================== End of Addition.txt ============================
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 91 hostů