Prosím o kontrolu logu - SPAM Vyřešeno

[Hyko]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-12-2016
Ran by Hasici (28-12-2016 23:52:34)
Running from C:\Users\Výjezd\OneDrive\Nová složka (3)\Desktop
Windows 10 Home Version 1607 (X64) (2016-10-03 03:19:46)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1559838653-1355675150-2530063440-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1559838653-1355675150-2530063440-503 - Limited - Disabled)
Guest (S-1-5-21-1559838653-1355675150-2530063440-501 - Limited - Disabled)
Hasici (S-1-5-21-1559838653-1355675150-2530063440-1001 - Administrator - Enabled) => C:\Users\Hasici
HomeGroupUser$ (S-1-5-21-1559838653-1355675150-2530063440-1003 - Limited - Enabled)
Výjezd (S-1-5-21-1559838653-1355675150-2530063440-1004 - Limited - Enabled) => C:\Users\Výjezd

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG AntiVirus Free Edition (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 24.0.0.180 - Adobe Systems Incorporated)
AVG (Version: 16.131.7924 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4739 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.131.7924 - AVG Technologies)
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.3.6.255 - AVG Technologies)
CCleaner (HKLM\...\CCleaner) (Version: 5.25 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Dependency Package Update (Version: 1.6.25.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.38.00 - Lenovo Inc.) Hidden
Driver & Application Installation (HKLM-x32\...\{BFECCF2A-F094-4066-8BFA-29CCBB7F6602}) (Version: 6.13.0621 - Lenovo)
Dropbox (HKU\S-1-5-21-1559838653-1355675150-2530063440-1001\...\Dropbox) (Version: 16.4.30 - Dropbox, Inc.)
Eye 312 (HKLM-x32\...\{74F923F2-2B11-4E2E-B638-A1772A9F7B7B}) (Version: 1.0.0.28 - KYE SYSTEMS CORP.)
FMW 1 (Version: 1.143.3 - AVG Technologies) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Chrome Remote Desktop Host (HKLM-x32\...\{159AA592-31AA-4EAC-A6CB-B47AB2CB1476}) (Version: 52.0.2743.48 - Google Inc.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
iSpy (64 bit) (HKLM\...\{F0F667D8-469B-4DAD-92EE-5CEB3ECBB959}) (Version: 6.5.7.0 - DeveloperInABox)
iSpy package installer (64 bit) (HKLM-x32\...\{155fede1-d0c5-45dd-9685-3b805776a257}) (Version: 6.5.7.0 - DeveloperInABox)
ITbrain Agent (x32 Version: 1.0 - InstallAware Software Corporation) Hidden
Lenovo Blacksilk USB Keyboard Driver (HKLM-x32\...\{B266E062-D6C5-485B-B426-51B152B041A6}) (Version: V1.6.13.0724 - Lenovo)
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.25.00 - Lenovo Group Limited)
Lenovo Rescue System (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 4.0.0.1901 - CyberLink Corp.)
Lenovo Rescue System (Version: 4.0.0.1901 - CyberLink Corp.) Hidden
Lenovo SoftAP (HKLM-x32\...\{F5A08FAD-697C-4952-9E7D-F741CD42F069}) (Version: 1.0.0.17 - Realtek)
Lenovo Solution Center (HKLM\...\{4041B18B-DE30-4D78-9D60-6ADC586C5E00}) (Version: 2.1.003.00 - Lenovo Group Limited)
Malwarebytes Anti-Malware verze 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1559838653-1355675150-2530063440-1001\...\OneDriveSetup.exe) (Version: 17.3.6720.1207 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1559838653-1355675150-2530063440-1004\...\OneDriveSetup.exe) (Version: 17.3.6720.1207 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 47.0.2 (x86 cs) (HKLM-x32\...\Mozilla Firefox 47.0.2 (x86 cs)) (Version: 47.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.2.6148 - Mozilla)
Mozilla Thunderbird 45.4.0 (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 45.4.0 (x86 cs)) (Version: 45.4.0 - Mozilla)
OpenOffice 4.1.2 (HKLM-x32\...\{69D27D4C-36CE-4CB2-A290-C38B0A990955}) (Version: 4.12.9782 - Apache Software Foundation)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.29078 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 8.28.307.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7027 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0224 - REALTEK Semiconductor Corp.)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.5.6 - Sophos Limited)
TeamViewer 12 Host (HKLM-x32\...\TeamViewer) (Version: 12.0.72365 - TeamViewer)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: - )
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Windows Driver Package - Realtek (RTL8168) Net (03/07/2014 8.028.0307.2014) (HKLM\...\4BB6C662B87B40DDF89647C4EDB84FF1E5EB2F9C) (Version: 03/07/2014 8.028.0307.2014 - Realtek)
Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.70.244 - Zemana Ltd.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1559838653-1355675150-2530063440-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Hasici\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1559838653-1355675150-2530063440-1001_Classes\CLSID\{083f5ae0-2b0a-11dd-bd0b-0800200c9a66}\InprocServer32 -> C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1559838653-1355675150-2530063440-1001_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\Hasici\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-1559838653-1355675150-2530063440-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\Hasici\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-1559838653-1355675150-2530063440-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Hasici\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1559838653-1355675150-2530063440-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hasici\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1559838653-1355675150-2530063440-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hasici\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1559838653-1355675150-2530063440-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hasici\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1559838653-1355675150-2530063440-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hasici\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1559838653-1355675150-2530063440-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hasici\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1559838653-1355675150-2530063440-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hasici\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1559838653-1355675150-2530063440-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hasici\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1559838653-1355675150-2530063440-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hasici\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1559838653-1355675150-2530063440-1001_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hasici\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1559838653-1355675150-2530063440-1001_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hasici\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1559838653-1355675150-2530063440-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Hasici\AppData\Roaming\Dropbox\bin\DropboxExt64.3.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1559838653-1355675150-2530063440-1004_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\Výjezd\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-1559838653-1355675150-2530063440-1004_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\Výjezd\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-1559838653-1355675150-2530063440-1004_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01B55F60-0320-4ADE-AB45-AE2F11ED3468} - System32\Tasks\Kotel => C:\@Kotel\okno.vbs [2015-01-03] ()
Task: {0D5D9B78-5767-4BEF-9DFF-658215005CBF} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2013-05-18] (Lenovo)
Task: {193074E7-0195-469C-A18F-E39D14F1491C} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {19C28F9E-8F6F-46E3-A15E-215578EBA32C} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {274D4194-599A-44CE-8BBF-E49A560511DA} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1559838653-1355675150-2530063440-1001UA1d237017652f5c1 => C:\Users\Hasici\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {2B1731C7-4D49-4615-9557-EB2EB82518C6} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Hasici\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {2CD2FD6E-DF83-4D1B-8B16-920C4B84280C} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1559838653-1355675150-2530063440-1001Core1d2370175fe3791 => C:\Users\Hasici\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {37165FCF-9E79-4004-9F7C-796C348FF1F3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-28] (Google Inc.)
Task: {4B45B943-82B9-4BE6-A687-51B41715DF2B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {4F604FC4-BA3D-48B4-A6F7-2D9DDEEBF8D0} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {5BC14FF5-EF1C-4E38-BFAA-153B304029C1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-06] (Piriform Ltd)
Task: {796B4CD2-04F6-4E04-A626-DEBC1A300A20} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-28] (Google Inc.)
Task: {797D659A-5EA6-4D96-B242-E9F8A2C2E655} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2013-05-18] (Lenovo)
Task: {8244D7BF-8808-4DB6-AABE-DB0A5B44EDD6} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {83719224-7216-4FBE-BF13-8244239C1884} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {88E8747E-C5C0-4D7D-A931-81A9CCACB08C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {90BCA6E7-A26D-4004-A226-F9E78E31BB98} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {98CA1C31-988F-4C13-995A-32BA012D78CA} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {9C03013D-3B94-42EE-83ED-FE37A67EAF70} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {A62C0D3F-94CA-4FD5-AC06-D06BF8ECBC50} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {A6744F93-FE3E-4DF1-9791-CA33A7862828} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2013-05-18] ()
Task: {B0FEAAEB-E659-45A9-9462-7C74E62FECFB} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-12-17] (Microsoft Corporation)
Task: {BE572D3E-CC9D-4DA8-A089-FF9F3763FE2E} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2014-05-22] ()
Task: {E5E9EB85-4AE7-44A1-847E-3CE196C8C12A} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {EA4EB2F8-A5F9-4899-B31D-CB800ACC972D} - System32\Tasks\Topeni => C:\@Kotel\temp.bat [2015-04-03] () <==== ATTENTION
Task: {F8DD59D0-C2CE-4F7C-B5CB-BE91BCCD92F0} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1559838653-1355675150-2530063440-1001Core1d2370175fe3791.job => C:\Users\Hasici\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1559838653-1355675150-2530063440-1001UA1d237017652f5c1.job => C:\Users\Hasici\AppData\Local\Dropbox\Update\DropboxUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-14 19:16 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2014-12-15 22:01 - 2011-08-17 05:46 - 00032768 _____ () C:\Windows\jmesoft\Service.exe
2016-12-14 19:16 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-12-17 03:52 - 2016-12-17 03:52 - 01678560 _____ () C:\Users\Výjezd\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\amd64\ClientTelemetry.dll
2016-12-28 10:03 - 2016-12-28 10:03 - 00152944 _____ () C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll
2016-10-03 13:33 - 2016-10-03 13:33 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-12-14 19:11 - 2016-12-09 10:41 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-11-09 18:00 - 2016-11-02 11:21 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-11-09 18:01 - 2016-11-02 11:15 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-11-09 18:00 - 2016-11-02 11:14 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-11-09 18:00 - 2016-11-02 11:16 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-11-09 18:00 - 2016-11-02 11:17 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-12-17 07:36 - 2016-12-17 07:36 - 01678560 _____ () C:\Users\Hasici\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\amd64\ClientTelemetry.dll
2016-07-11 16:18 - 2016-07-11 16:18 - 00181760 _____ () C:\Program Files\iSpy\iSpy.Video.FFMPEG.dll
2015-08-25 18:11 - 2015-08-25 18:11 - 00066560 _____ () C:\Program Files\iSpy\iSpyMonitor.exe
2016-12-18 08:47 - 2016-12-18 08:51 - 00072192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-12-18 08:47 - 2016-12-18 08:51 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-12-18 08:47 - 2016-12-18 08:51 - 42130432 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2016-12-18 08:47 - 2016-12-18 08:51 - 02216448 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\roottools.dll
2016-12-17 03:52 - 2016-12-17 03:52 - 01244376 _____ () C:\Users\Výjezd\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\ClientTelemetry.dll
2016-11-28 10:57 - 2016-11-28 10:56 - 48920064 _____ () C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll
2014-12-15 22:01 - 2013-09-12 10:39 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-12-17 07:36 - 2016-12-17 07:36 - 01244376 _____ () C:\Users\Hasici\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\ClientTelemetry.dll
2016-12-22 07:32 - 2016-11-11 21:36 - 00035792 _____ () C:\Users\Hasici\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2016-12-22 07:32 - 2016-11-11 21:36 - 00100296 _____ () C:\Users\Hasici\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2016-12-22 07:32 - 2016-11-11 21:36 - 00018888 _____ () C:\Users\Hasici\AppData\Roaming\Dropbox\bin\select.pyd
2016-12-22 07:32 - 2016-12-21 19:26 - 00019760 _____ () C:\Users\Hasici\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2016-12-22 07:32 - 2016-11-11 21:36 - 00694224 _____ () C:\Users\Hasici\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2016-12-22 07:31 - 2016-12-21 19:26 - 00020816 _____ () C:\Users\Hasici\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2016-12-22 07:32 - 2016-11-11 21:37 - 00123856 _____ () C:\Users\Hasici\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2016-12-22 07:31 - 2016-12-21 19:26 - 01682760 _____ () C:\Users\Hasici\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2016-12-22 07:31 - 2016-12-21 19:26 - 00020808 _____ () C:\Users\Hasici\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2016-12-22 07:31 - 2016-11-11 21:36 - 00145864 _____ () C:\Users\Hasici\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2016-12-22 07:31 - 2016-11-11 21:37 - 00019408 _____ () C:\Users\Hasici\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2016-12-22 07:31 - 2016-11-11 21:36 - 00116688 _____ () C:\Users\Hasici\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2016-12-22 07:32 - 2016-11-11 21:38 - 00105928 _____ () C:\Users\Hasici\AppData\Roaming\Dropbox\bin\win32api.pyd
2016-12-22 07:32 - 2016-12-21 19:26 - 00021312 _____ () C:\Users\Hasici\AppData\Roaming\Dropbox\bin\winffi.crt.compiled._winffi_crt.pyd
2016-12-22 07:31 - 2016-12-21 19:26 - 00052024 _____ () C:\Users\Hasici\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2016-12-22 07:31 - 2016-12-21 19:26 - 00038696 _____ () C:\Users\Hasici\AppData\Roaming\Dropbox\bin\fastpath.pyd
2016-12-22 07:31 - 2016-11-11 21:36 - 00392144 _____ () C:\Users\Hasici\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2016-12-22 07:31 - 2016-11-11 21:38 - 00020936 _____ () C:\Users\Hasici\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2016-12-22 07:32 - 2016-11-11 21:38 - 00024528 _____ () C:\Users\Hasici\AppData\Roaming\Dropbox\bin\win32event.pyd
2016-12-22 07:32 - 2016-11-11 21:39 - 00116176 _____ () C:\Users\Hasici\AppData\Roaming\Dropbox\bin\win32security.pyd
2016-12-22 07:32 - 2016-12-21 19:26 - 00381752 _____ () C:\Users\Hasici\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2016-12-22 07:32 - 2016-11-11 21:38 - 00124880 _____ () C:\Users\Hasici\AppData\Roaming\Dropbox\bin\win32file.pyd
2016-12-22 07:32 - 2016-12-21 19:26 - 00025424 _____ () C:\Users\Hasici\AppData\Roaming\Dropbox\bin\winffi.kernel32.compiled._winffi_kernel32.pyd
2016-12-22 07:32 - 2016-11-11 21:38 - 00024016 _____ () C:\Users\Hasici\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2016-12-22 07:32 - 2016-11-11 21:38 - 00175560 _____ () C:\Users\Hasici\AppData\Roaming\Dropbox\bin\win32gui.pyd
2016-12-22 07:32 - 2016-11-11 21:38 - 00030160 _____ () C:\Users\Hasici\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2016-12-22 07:32 - 2016-11-11 21:39 - 00043472 _____ () C:\Users\Hasici\AppData\Roaming\Dropbox\bin\win32process.pyd
2016-12-22 07:32 - 2016-11-11 21:39 - 00048592 _____ () C:\Users\Hasici\AppData\Roaming\Dropbox\bin\win32service.pyd
2016-12-22 07:32 - 2016-11-11 21:38 - 00057808 _____ () C:\Users\Hasici\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2016-12-22 07:32 - 2016-11-11 21:39 - 00024016 _____ () C:\Users\Hasici\AppData\Roaming\Dropbox\bin\win32profile.pyd
2016-12-22 07:31 - 2016-12-21 19:26 - 00246592 _____ () C:\Users\Hasici\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2016-12-22 07:31 - 2016-12-21 19:26 - 00026456 _____ () C:\Users\Hasici\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-12-22 07:32 - 2016-11-11 21:37 - 00241104 _____ () C:\Users\Hasici\AppData\Roaming\Dropbox\bin\_jpegtran.pyd
2016-12-22 07:31 - 2016-12-21 19:26 - 00020280 _____ () C:\Users\Hasici\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2016-12-22 07:32 - 2016-11-11 21:39 - 00028616 _____ () C:\Users\Hasici\AppData\Roaming\Dropbox\bin\win32ts.pyd
2016-12-22 07:32 - 2016-12-21 19:26 - 00023376 _____ () C:\Users\Hasici\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2016-12-22 07:32 - 2016-12-21 19:26 - 00020800 _____ () C:\Users\Hasici\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-12-22 07:32 - 2016-12-21 19:26 - 00019776 _____ () C:\Users\Hasici\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd
2016-12-22 07:32 - 2016-12-21 19:26 - 00020800 _____ () C:\Users\Hasici\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd
2016-12-22 07:32 - 2016-11-11 21:39 - 00350152 _____ () C:\Users\Hasici\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2016-12-22 07:32 - 2016-12-21 19:26 - 00022352 _____ () C:\Users\Hasici\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2016-12-22 07:31 - 2016-12-21 19:26 - 00024392 _____ () C:\Users\Hasici\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2016-12-22 07:31 - 2016-11-11 21:35 - 00036296 _____ () C:\Users\Hasici\AppData\Roaming\Dropbox\bin\librsync.dll
2016-12-22 07:31 - 2016-12-21 19:26 - 00031568 _____ () C:\Users\Hasici\AppData\Roaming\Dropbox\bin\enterprise_data.compiled._enterprise_data.pyd
2016-12-22 07:31 - 2016-12-03 09:13 - 00293392 _____ () C:\Users\Hasici\AppData\Roaming\Dropbox\bin\EnterpriseDataAdapter.dll
2016-12-22 07:31 - 2016-12-21 19:26 - 00084280 _____ () C:\Users\Hasici\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2016-12-22 07:31 - 2016-12-21 19:26 - 01826096 _____ () C:\Users\Hasici\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2016-12-22 07:32 - 2016-11-11 21:37 - 00083912 _____ () C:\Users\Hasici\AppData\Roaming\Dropbox\bin\sip.pyd
2016-12-22 07:31 - 2016-12-21 19:26 - 00531248 _____ () C:\Users\Hasici\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2016-12-22 07:31 - 2016-12-21 19:26 - 03928880 _____ () C:\Users\Hasici\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2016-12-22 07:31 - 2016-12-21 19:26 - 01972528 _____ () C:\Users\Hasici\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2016-12-22 07:31 - 2016-12-21 19:26 - 00133424 _____ () C:\Users\Hasici\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2016-12-22 07:31 - 2016-12-21 19:26 - 00224056 _____ () C:\Users\Hasici\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2016-12-22 07:31 - 2016-12-21 19:26 - 00207672 _____ () C:\Users\Hasici\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2016-12-22 07:32 - 2016-12-21 19:26 - 00020288 _____ () C:\Users\Hasici\AppData\Roaming\Dropbox\bin\winffi.user32._winffi_user32.pyd
2016-12-22 07:31 - 2016-11-11 21:42 - 00017864 _____ () C:\Users\Hasici\AppData\Roaming\Dropbox\bin\libEGL.dll
2016-12-22 07:31 - 2016-11-11 21:42 - 01631184 _____ () C:\Users\Hasici\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2016-12-22 07:31 - 2016-12-21 19:26 - 00042808 _____ () C:\Users\Hasici\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
2016-12-22 07:31 - 2016-12-21 19:26 - 00171320 _____ () C:\Users\Hasici\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
2016-12-22 07:31 - 2016-12-21 19:26 - 00357680 _____ () C:\Users\Hasici\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2016-12-22 07:32 - 2016-11-11 21:39 - 00060880 _____ () C:\Users\Hasici\AppData\Roaming\Dropbox\bin\win32print.pyd
2016-12-22 07:32 - 2016-12-21 19:26 - 00037192 _____ () C:\Users\Hasici\AppData\Roaming\Dropbox\bin\windisplaytoast.compiled._DisplayToast.pyd
2016-12-22 07:32 - 2016-12-21 19:26 - 00024904 _____ () C:\Users\Hasici\AppData\Roaming\Dropbox\bin\winffi.winhttp.compiled._winffi_winhttp.pyd
2016-12-22 07:31 - 2016-12-21 19:26 - 00546096 _____ () C:\Users\Hasici\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2016-12-15 02:56 - 2016-12-08 08:29 - 01829208 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libglesv2.dll
2016-12-15 02:56 - 2016-12-08 08:29 - 00085848 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Hasici\Desktop\HiJackThis.exe:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Hasici\Desktop\TFC.exe:com.dropbox.attributes [168]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2016-12-28 18:47 - 00000753 ____A C:\WINDOWS\system32\Drivers\etc\hosts


127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1559838653-1355675150-2530063440-1001\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-21-1559838653-1355675150-2530063440-1004\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img3.jpg
DNS Servers: 192.168.10.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\Run: => "PAC7302_Monitor"
HKLM\...\StartupApproved\Run32: => "jmesoft"
HKU\S-1-5-21-1559838653-1355675150-2530063440-1001\...\StartupApproved\StartupFolder: => "EvernoteClipper.lnk"
HKU\S-1-5-21-1559838653-1355675150-2530063440-1001\...\StartupApproved\StartupFolder: => "Sidebar510.lnk"
HKU\S-1-5-21-1559838653-1355675150-2530063440-1001\...\StartupApproved\Run: => "ContaCam"
HKU\S-1-5-21-1559838653-1355675150-2530063440-1004\...\StartupApproved\StartupFolder: => "Sidebar488.lnk"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [UDP Query User{58CC3699-6E61-4178-9D33-85D591519882}C:\program files (x86)\videolan\vlc\vlc.exe] => C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{202A1926-4F54-4FA7-B5FB-0E44B9E0C115}C:\program files (x86)\videolan\vlc\vlc.exe] => C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [{D21451C8-B703-452B-8640-28A92F243799}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{308D6781-6D57-439A-B1D7-E5781C45B7BF}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{36AF9192-92AE-45AB-8B21-A1301F244896}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{92987E6F-493F-4DCD-A33D-2045F96BD1B9}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [UDP Query User{F582FE80-00ED-4E80-A0FD-8C7ABE52BD8F}C:\totalcmd\totalcmd.exe] => C:\totalcmd\totalcmd.exe
FirewallRules: [TCP Query User{A327C829-D185-4DA7-B0D0-B4E5A5C0B8EF}C:\totalcmd\totalcmd.exe] => C:\totalcmd\totalcmd.exe
FirewallRules: [UDP Query User{1C63BD2A-753B-478D-A5C1-1AB0BA224326}C:\windows\syswow64\ftp.exe] => C:\windows\syswow64\ftp.exe
FirewallRules: [TCP Query User{A624821D-38E9-4CE5-B07D-029733B1850C}C:\windows\syswow64\ftp.exe] => C:\windows\syswow64\ftp.exe
FirewallRules: [UDP Query User{158ABC1B-C8E1-45AB-A011-B01A8C78D689}C:\program files (x86)\internet explorer\iexplore.exe] => C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{0CE44F9B-33C7-4E7B-A7CF-E9017E28A722}C:\program files (x86)\internet explorer\iexplore.exe] => C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{F1E5A994-CC9A-4A0A-8582-05190167F0C0}C:\windows\system32\ftp.exe] => C:\windows\system32\ftp.exe
FirewallRules: [TCP Query User{42854FEE-4C09-43DB-A685-2778AEC0A9B4}C:\windows\system32\ftp.exe] => C:\windows\system32\ftp.exe
FirewallRules: [{A5A9635E-EEB3-43F7-9F98-BEA2D0667078}] => C:\Users\Hasici\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{56585774-9362-490F-9EB3-478C497A8E19}] => C:\Users\Hasici\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{351C445E-64C4-4C42-93E9-627486B007BF}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{CB16D669-05C9-4484-A47D-C0120CE01C45}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{A475EF91-DA53-4E4A-BCC6-2D2C9B30FF8F}C:\windows\system32\ftp.exe] => C:\windows\system32\ftp.exe
FirewallRules: [UDP Query User{AD5B0B27-47CD-4317-B091-D0515F56053A}C:\windows\system32\ftp.exe] => C:\windows\system32\ftp.exe
FirewallRules: [{38C5E5AF-F071-4414-9B6F-F7B1761618C8}] => C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{A1ED2D1F-475A-4B33-98A8-1BC9C4A56293}] => C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{6A14FF81-89BF-45BF-B303-DBA0412C65F1}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9BEF096A-D05F-4281-AE6E-D5EB7E6D3E31}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{8956DB6A-651C-45C7-A926-4ACB27886AC8}C:\program files\ispy\ispy.exe] => C:\program files\ispy\ispy.exe
FirewallRules: [UDP Query User{769DFD30-CFCC-4E7F-872F-333FD6104540}C:\program files\ispy\ispy.exe] => C:\program files\ispy\ispy.exe
FirewallRules: [{2D5D6875-EF55-43E4-9CCB-220CCFC157F5}] => C:\Program Files (x86)\Google\Chrome Remote Desktop\52.0.2743.48\remoting_host.exe
FirewallRules: [TCP Query User{527FB461-94FA-4F4E-8CC1-7F037C8DE52F}C:\windows\syswow64\ftp.exe] => C:\windows\syswow64\ftp.exe
FirewallRules: [UDP Query User{D2DEAEEC-0D8B-4C4F-B987-618359C83FF5}C:\windows\syswow64\ftp.exe] => C:\windows\syswow64\ftp.exe
FirewallRules: [{38DDABB2-5E79-4BAD-A9D0-FADB8BCAC4F7}] => C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{5B5F953C-0116-4CA7-BE1B-875F6650B1A8}] => C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{5B11D349-A36F-4B4A-8D7B-53B8917E5ED8}] => C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{EA92508C-0982-479B-8ABE-2C1AF1B9992C}] => C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{6DE82EC9-5C99-4C12-AE24-A78D16A9D247}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{6462FAA3-422F-4FDD-9306-83378295499B}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{1AF0DC6F-E8B4-4DD9-8E71-4F98FB76AA52}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{57A6E4E9-2305-4B40-A55C-F7ADD0030E3A}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{F73DB528-19B5-401E-8376-3635F743F6DA}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

==================== Restore Points =========================

17-12-2016 12:13:12 Windows Update
24-12-2016 18:56:26 Scheduled Checkpoint
26-12-2016 20:28:44 Removed 8GadgetPack
27-12-2016 15:52:30 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/28/2016 07:10:41 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu WmiApRpl v knihovně DLL C:\WINDOWS\system32\wbem\wmiaprpl.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (12/28/2016 07:10:37 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (12/28/2016 07:10:36 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu MSDTC v knihovně DLL C:\WINDOWS\system32\msdtcuiu.DLL se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (12/28/2016 07:10:36 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu Lsa v knihovně DLL C:\Windows\System32\Secur32.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (12/28/2016 07:10:36 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu ESENT v knihovně DLL C:\WINDOWS\system32\esentprf.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (12/28/2016 07:10:36 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu BITS v knihovně DLL C:\Windows\System32\bitsperf.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (12/28/2016 06:37:41 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Techno-hasici)
Description: Aplikaci Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (12/28/2016 01:45:13 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu WmiApRpl v knihovně DLL C:\WINDOWS\system32\wbem\wmiaprpl.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (12/28/2016 01:44:54 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (12/28/2016 01:44:54 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu MSDTC v knihovně DLL C:\WINDOWS\system32\msdtcuiu.DLL se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.


System errors:
=============
Error: (12/28/2016 11:43:13 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění application-specific neuděluje oprávnění Local Activation pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (Using LRPC) běžící v kontejneru aplikací Unavailable – SID (Unavailable). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (12/28/2016 11:39:58 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění application-specific neuděluje oprávnění Local Activation pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (Using LRPC) běžící v kontejneru aplikací Unavailable – SID (Unavailable). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (12/28/2016 07:14:11 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění application-specific neuděluje oprávnění Local Activation pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (Using LRPC) běžící v kontejneru aplikací Unavailable – SID (Unavailable). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (12/28/2016 07:12:19 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {784E29F4-5EBE-4279-9948-1E8FE941646D} se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/28/2016 07:09:22 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {784E29F4-5EBE-4279-9948-1E8FE941646D} se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/28/2016 07:09:14 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění application-specific neuděluje oprávnění Local Activation pro serverovou aplikaci COM s identifikátorem CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
a APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (Using LRPC) běžící v kontejneru aplikací Unavailable – SID (Unavailable). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (12/28/2016 07:06:21 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba CDPUserSvc_2f514 byla ukončena s následující chybou:
Nespecifikovaná chyba

Error: (12/28/2016 07:06:19 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Volání ScRegSetValueExW skončilo neúspěšné pro FailureActions s touto chybou:
Přístup byl odepřen.

Error: (12/28/2016 07:06:16 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Volání ScRegSetValueExW skončilo neúspěšné pro FailureActions s touto chybou:
Přístup byl odepřen.

Error: (12/28/2016 07:06:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba SpyEmrgHealth neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.


CodeIntegrity:
===================================
Date: 2016-12-28 19:06:19.887
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume5\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-12-28 19:06:19.885
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume5\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-12-28 19:06:19.884
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume5\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\msvcp140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-12-28 19:06:19.411
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume5\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\msvcp140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-12-28 19:06:17.553
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume5\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-12-28 19:06:17.513
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume5\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-12-28 19:06:17.209
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume5\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-12-28 18:42:56.636
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume5\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-12-28 18:42:56.092
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume5\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-12-28 18:42:52.213
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume5\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: Intel(R) Pentium(R) CPU 2127U @ 1.90GHz
Percentage of memory in use: 64%
Total physical RAM: 3992.75 MB
Available physical RAM: 1412.97 MB
Total Virtual: 4376.75 MB
Available Virtual: 1351.79 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:439.5 GB) (Free:407.34 GB) NTFS ==>[system with boot components (obtained from drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 7A84EEC7)

Partition: GPT.

==================== End of Addition.txt ============================

[Reklama]

[Hyko]

SystemLook 30.07.11 by jpshortstuff
Log created at 08:08 on 29/12/2016 by Hasici
Administrator - Elevation successful

========== filefind ==========

Searching for "*NETGATE*"
C:\Windows\INF\pnpxinternetgatewaydevices.inf --a---- 3094 bytes [11:41 16/07/2016] [11:41 16/07/2016] DA565ABE04750D3C5EB14532464C7169
C:\Windows\System32\DriverStore\cs-CZ\PnPXInternetGatewayDevices.inf_loc --a---- 372 bytes [12:25 03/10/2016] [12:25 03/10/2016] 1C60FF397A9AD592FCE9332F7AEC3F02
C:\Windows\System32\DriverStore\en-US\PnPXInternetGatewayDevices.inf_loc --a---- 354 bytes [14:12 16/07/2016] [14:12 16/07/2016] EA5E1FD2BDB3264C7E754CC535B03BA7
C:\Windows\System32\DriverStore\FileRepository\pnpxinternetgatewaydevices.inf_amd64_ae2759e46ea50e57\pnpxinternetgatewaydevices.inf --a---- 3094 bytes [11:41 16/07/2016] [11:41 16/07/2016] DA565ABE04750D3C5EB14532464C7169
C:\Windows\WinSxS\amd64_pnpxinternetgatewaydevices.inf.resources_31bf3856ad364e35_10.0.14393.0_cs-cz_6342d73042929ef8\PnPXInternetGatewayDevices.inf_loc --a---- 372 bytes [12:25 03/10/2016] [12:25 03/10/2016] 1C60FF397A9AD592FCE9332F7AEC3F02
C:\Windows\WinSxS\amd64_pnpxinternetgatewaydevices.inf.resources_31bf3856ad364e35_10.0.14393.0_en-us_a699228c298cfb56\PnPXInternetGatewayDevices.inf_loc --a---- 354 bytes [14:12 16/07/2016] [14:12 16/07/2016] EA5E1FD2BDB3264C7E754CC535B03BA7
C:\Windows\WinSxS\amd64_pnpxinternetgatewaydevices.inf_31bf3856ad364e35_10.0.14393.0_none_749a231d383dfd30\PnPXInternetGatewayDevices.inf --a---- 3094 bytes [11:41 16/07/2016] [11:41 16/07/2016] DA565ABE04750D3C5EB14532464C7169
C:\Windows\WinSxS\Manifests\amd64_pnpxinternetgateway..es.inf-languagepack_31bf3856ad364e35_10.0.14393.0_cs-cz_346619116a1b0ce1.manifest ------- 276 bytes [12:20 03/10/2016] [12:20 03/10/2016] 62CC47F6DDC59F35E556944AF46504CF
C:\Windows\WinSxS\Manifests\amd64_pnpxinternetgateway..es.inf-languagepack_31bf3856ad364e35_10.0.14393.0_en-us_77bc646d5115693f.manifest --a---- 283 bytes [14:10 16/07/2016] [14:10 16/07/2016] 81D1AE37D9000E35F3B838F8B0730686
C:\Windows\WinSxS\Manifests\amd64_pnpxinternetgatewaydevices.inf.resources_31bf3856ad364e35_10.0.14393.0_cs-cz_6342d73042929ef8.manifest ------- 274 bytes [12:24 03/10/2016] [12:24 03/10/2016] 69577B27A611DD90FD48C694F1A20814
C:\Windows\WinSxS\Manifests\amd64_pnpxinternetgatewaydevices.inf.resources_31bf3856ad364e35_10.0.14393.0_en-us_a699228c298cfb56.manifest --a---- 272 bytes [14:11 16/07/2016] [14:11 16/07/2016] 04D7B86BAE27D5852454DBE8DA623EE2
C:\Windows\WinSxS\Manifests\amd64_pnpxinternetgatewaydevices.inf_31bf3856ad364e35_10.0.14393.0_none_749a231d383dfd30.manifest --a---- 225 bytes [11:37 16/07/2016] [11:37 16/07/2016] 3DC0E30FDC0CFEE23455F8103CD4A0C9

Searching for "*Spy Emergency*"
No files found.

========== folderfind ==========

Searching for "*NETGATE*"
C:\Windows\System32\DriverStore\FileRepository\pnpxinternetgatewaydevices.inf_amd64_ae2759e46ea50e57 d------ [11:46 16/07/2016]
C:\Windows\WinSxS\amd64_pnpxinternetgatewaydevices.inf.resources_31bf3856ad364e35_10.0.14393.0_cs-cz_6342d73042929ef8 d------ [12:25 03/10/2016]
C:\Windows\WinSxS\amd64_pnpxinternetgatewaydevices.inf.resources_31bf3856ad364e35_10.0.14393.0_en-us_a699228c298cfb56 d------ [14:12 16/07/2016]
C:\Windows\WinSxS\amd64_pnpxinternetgatewaydevices.inf_31bf3856ad364e35_10.0.14393.0_none_749a231d383dfd30 d------ [11:41 16/07/2016]

Searching for "*Spy Emergency*"
No folders found.

-= EOF =-

[jaro3]

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CloseProcesses:
ShortcutTarget: Sidebar488.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (No File)
BootExecute: autocheck autochk * sdnclean64.exe
SearchScopes: HKU\S-1-5-21-1559838653-1355675150-2530063440-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1559838653-1355675150-2530063440-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1559838653-1355675150-2530063440-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1559838653-1355675150-2530063440-1004 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Plugin-x32: @itstructures.com/ffactivex -> C:\windows\system32\OvisLinkMediaControl\npffax.dll [No File]
CHR HKU\S-1-5-21-1559838653-1355675150-2530063440-1004\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [chfdnecihphmhljaaejmgoiahnihplgn] - hxxps://clients2.google.com/service/update2/crx
Task: {193074E7-0195-469C-A18F-E39D14F1491C} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {19C28F9E-8F6F-46E3-A15E-215578EBA32C} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {4B45B943-82B9-4BE6-A687-51B41715DF2B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {4F604FC4-BA3D-48B4-A6F7-2D9DDEEBF8D0} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {796B4CD2-04F6-4E04-A626-DEBC1A300A20} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-28] (Google Inc.)
Task: {83719224-7216-4FBE-BF13-8244239C1884} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {90BCA6E7-A26D-4004-A226-F9E78E31BB98} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {98CA1C31-988F-4C13-995A-32BA012D78CA} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {9C03013D-3B94-42EE-83ED-FE37A67EAF70} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {A62C0D3F-94CA-4FD5-AC06-D06BF8ECBC50} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {E5E9EB85-4AE7-44A1-847E-3CE196C8C12A} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {EA4EB2F8-A5F9-4899-B31D-CB800ACC972D} - System32\Tasks\Topeni => C:\@Kotel\temp.bat [2015-04-03] () <==== ATTENTION
Task: {F8DD59D0-C2CE-4F7C-B5CB-BE91BCCD92F0} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION

EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
C:\@Kotel\okno.vbs

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

Nebo na:
http://www.virscan.org/

[Hyko]

https://www.virustotal.com/cs/file/257f ... 483006322/

Fix result of Farbar Recovery Scan Tool (x64) Version: 21-12-2016
Ran by Hasici (29-12-2016 11:09:38) Run:1
Running from C:\Users\Výjezd\OneDrive\Nová složka (3)\Desktop
Loaded Profiles: Hasici & Výjezd (Available Profiles: Hasici & Výjezd)
Boot Mode: Normal
==============================================

fixlist content:
*****************
SystemLook 30.07.11 by jpshortstuff
Log created at 08:08 on 29/12/2016 by Hasici
Administrator - Elevation successful

========== filefind ==========

Searching for "*NETGATE*"
C:\Windows\INF\pnpxinternetgatewaydevices.inf --a---- 3094 bytes [11:41 16/07/2016] [11:41 16/07/2016] DA565ABE04750D3C5EB14532464C7169
C:\Windows\System32\DriverStore\cs-CZ\PnPXInternetGatewayDevices.inf_loc --a---- 372 bytes [12:25 03/10/2016] [12:25 03/10/2016] 1C60FF397A9AD592FCE9332F7AEC3F02
C:\Windows\System32\DriverStore\en-US\PnPXInternetGatewayDevices.inf_loc --a---- 354 bytes [14:12 16/07/2016] [14:12 16/07/2016] EA5E1FD2BDB3264C7E754CC535B03BA7
C:\Windows\System32\DriverStore\FileRepository\pnpxinternetgatewaydevices.inf_amd64_ae2759e46ea50e57\pnpxinternetgatewaydevices.inf --a---- 3094 bytes [11:41 16/07/2016] [11:41 16/07/2016] DA565ABE04750D3C5EB14532464C7169
C:\Windows\WinSxS\amd64_pnpxinternetgatewaydevices.inf.resources_31bf3856ad364e35_10.0.14393.0_cs-cz_6342d73042929ef8\PnPXInternetGatewayDevices.inf_loc --a---- 372 bytes [12:25 03/10/2016] [12:25 03/10/2016] 1C60FF397A9AD592FCE9332F7AEC3F02
C:\Windows\WinSxS\amd64_pnpxinternetgatewaydevices.inf.resources_31bf3856ad364e35_10.0.14393.0_en-us_a699228c298cfb56\PnPXInternetGatewayDevices.inf_loc --a---- 354 bytes [14:12 16/07/2016] [14:12 16/07/2016] EA5E1FD2BDB3264C7E754CC535B03BA7
C:\Windows\WinSxS\amd64_pnpxinternetgatewaydevices.inf_31bf3856ad364e35_10.0.14393.0_none_749a231d383dfd30\PnPXInternetGatewayDevices.inf --a---- 3094 bytes [11:41 16/07/2016] [11:41 16/07/2016] DA565ABE04750D3C5EB14532464C7169
C:\Windows\WinSxS\Manifests\amd64_pnpxinternetgateway..es.inf-languagepack_31bf3856ad364e35_10.0.14393.0_cs-cz_346619116a1b0ce1.manifest ------- 276 bytes [12:20 03/10/2016] [12:20 03/10/2016] 62CC47F6DDC59F35E556944AF46504CF
C:\Windows\WinSxS\Manifests\amd64_pnpxinternetgateway..es.inf-languagepack_31bf3856ad364e35_10.0.14393.0_en-us_77bc646d5115693f.manifest --a---- 283 bytes [14:10 16/07/2016] [14:10 16/07/2016] 81D1AE37D9000E35F3B838F8B0730686
C:\Windows\WinSxS\Manifests\amd64_pnpxinternetgatewaydevices.inf.resources_31bf3856ad364e35_10.0.14393.0_cs-cz_6342d73042929ef8.manifest ------- 274 bytes [12:24 03/10/2016] [12:24 03/10/2016] 69577B27A611DD90FD48C694F1A20814
C:\Windows\WinSxS\Manifests\amd64_pnpxinternetgatewaydevices.inf.resources_31bf3856ad364e35_10.0.14393.0_en-us_a699228c298cfb56.manifest --a---- 272 bytes [14:11 16/07/2016] [14:11 16/07/2016] 04D7B86BAE27D5852454DBE8DA623EE2
C:\Windows\WinSxS\Manifests\amd64_pnpxinternetgatewaydevices.inf_31bf3856ad364e35_10.0.14393.0_none_749a231d383dfd30.manifest --a---- 225 bytes [11:37 16/07/2016] [11:37 16/07/2016] 3DC0E30FDC0CFEE23455F8103CD4A0C9

Searching for "*Spy Emergency*"
No files found.

========== folderfind ==========

Searching for "*NETGATE*"
C:\Windows\System32\DriverStore\FileRepository\pnpxinternetgatewaydevices.inf_amd64_ae2759e46ea50e57 d------ [11:46 16/07/2016]
C:\Windows\WinSxS\amd64_pnpxinternetgatewaydevices.inf.resources_31bf3856ad364e35_10.0.14393.0_cs-cz_6342d73042929ef8 d------ [12:25 03/10/2016]
C:\Windows\WinSxS\amd64_pnpxinternetgatewaydevices.inf.resources_31bf3856ad364e35_10.0.14393.0_en-us_a699228c298cfb56 d------ [14:12 16/07/2016]
C:\Windows\WinSxS\amd64_pnpxinternetgatewaydevices.inf_31bf3856ad364e35_10.0.14393.0_none_749a231d383dfd30 d------ [11:41 16/07/2016]

Searching for "*Spy Emergency*"
No folders found.

-= EOF =-
*****************

SystemLook 30.07.11 by jpshortstuff => Error: No automatic fix found for this entry.
Log created at 08:08 on 29/12/2016 by Hasici => Error: No automatic fix found for this entry.
Administrator - Elevation successful => Error: No automatic fix found for this entry.
========== filefind ========== => Error: No automatic fix found for this entry.
Searching for "*NETGATE*" => Error: No automatic fix found for this entry.
"C:\Windows\INF\pnpxinternetgatewaydevices.inf --a---- 3094 bytes [11:41 16/07/2016] [11:41 16/07/2016] DA565ABE04750D3C5EB14532464C7169" => not found.
"C:\Windows\System32\DriverStore\cs-CZ\PnPXInternetGatewayDevices.inf_loc --a---- 372 bytes [12:25 03/10/2016] [12:25 03/10/2016] 1C60FF397A9AD592FCE9332F7AEC3F02" => not found.
"C:\Windows\System32\DriverStore\en-US\PnPXInternetGatewayDevices.inf_loc --a---- 354 bytes [14:12 16/07/2016] [14:12 16/07/2016] EA5E1FD2BDB3264C7E754CC535B03BA7" => not found.
"C:\Windows\System32\DriverStore\FileRepository\pnpxinternetgatewaydevices.inf_amd64_ae2759e46ea50e57\pnpxinternetgatewaydevices.inf --a---- 3094 bytes [11:41 16/07/2016] [11:41 16/07/2016] DA565ABE04750D3C5EB14532464C7169" => not found.
"C:\Windows\WinSxS\amd64_pnpxinternetgatewaydevices.inf.resources_31bf3856ad364e35_10.0.14393.0_cs-cz_6342d73042929ef8\PnPXInternetGatewayDevices.inf_loc --a---- 372 bytes [12:25 03/10/2016] [12:25 03/10/2016] 1C60FF397A9AD592FCE9332F7AEC3F02" => not found.
"C:\Windows\WinSxS\amd64_pnpxinternetgatewaydevices.inf.resources_31bf3856ad364e35_10.0.14393.0_en-us_a699228c298cfb56\PnPXInternetGatewayDevices.inf_loc --a---- 354 bytes [14:12 16/07/2016] [14:12 16/07/2016] EA5E1FD2BDB3264C7E754CC535B03BA7" => not found.
"C:\Windows\WinSxS\amd64_pnpxinternetgatewaydevices.inf_31bf3856ad364e35_10.0.14393.0_none_749a231d383dfd30\PnPXInternetGatewayDevices.inf --a---- 3094 bytes [11:41 16/07/2016] [11:41 16/07/2016] DA565ABE04750D3C5EB14532464C7169" => not found.
"C:\Windows\WinSxS\Manifests\amd64_pnpxinternetgateway..es.inf-languagepack_31bf3856ad364e35_10.0.14393.0_cs-cz_346619116a1b0ce1.manifest ------- 276 bytes [12:20 03/10/2016] [12:20 03/10/2016] 62CC47F6DDC59F35E556944AF46504CF" => not found.
"C:\Windows\WinSxS\Manifests\amd64_pnpxinternetgateway..es.inf-languagepack_31bf3856ad364e35_10.0.14393.0_en-us_77bc646d5115693f.manifest --a---- 283 bytes [14:10 16/07/2016] [14:10 16/07/2016] 81D1AE37D9000E35F3B838F8B0730686" => not found.
"C:\Windows\WinSxS\Manifests\amd64_pnpxinternetgatewaydevices.inf.resources_31bf3856ad364e35_10.0.14393.0_cs-cz_6342d73042929ef8.manifest ------- 274 bytes [12:24 03/10/2016] [12:24 03/10/2016] 69577B27A611DD90FD48C694F1A20814" => not found.
"C:\Windows\WinSxS\Manifests\amd64_pnpxinternetgatewaydevices.inf.resources_31bf3856ad364e35_10.0.14393.0_en-us_a699228c298cfb56.manifest --a---- 272 bytes [14:11 16/07/2016] [14:11 16/07/2016] 04D7B86BAE27D5852454DBE8DA623EE2" => not found.
"C:\Windows\WinSxS\Manifests\amd64_pnpxinternetgatewaydevices.inf_31bf3856ad364e35_10.0.14393.0_none_749a231d383dfd30.manifest --a---- 225 bytes [11:37 16/07/2016] [11:37 16/07/2016] 3DC0E30FDC0CFEE23455F8103CD4A0C9" => not found.
Searching for "*Spy Emergency*" => Error: No automatic fix found for this entry.
No files found. => Error: No automatic fix found for this entry.
========== folderfind ========== => Error: No automatic fix found for this entry.
Searching for "*NETGATE*" => Error: No automatic fix found for this entry.
"C:\Windows\System32\DriverStore\FileRepository\pnpxinternetgatewaydevices.inf_amd64_ae2759e46ea50e57 d------ [11:46 16/07/2016]" => not found.
"C:\Windows\WinSxS\amd64_pnpxinternetgatewaydevices.inf.resources_31bf3856ad364e35_10.0.14393.0_cs-cz_6342d73042929ef8 d------ [12:25 03/10/2016]" => not found.
"C:\Windows\WinSxS\amd64_pnpxinternetgatewaydevices.inf.resources_31bf3856ad364e35_10.0.14393.0_en-us_a699228c298cfb56 d------ [14:12 16/07/2016]" => not found.
"C:\Windows\WinSxS\amd64_pnpxinternetgatewaydevices.inf_31bf3856ad364e35_10.0.14393.0_none_749a231d383dfd30 d------ [11:41 16/07/2016]" => not found.
Searching for "*Spy Emergency*" => Error: No automatic fix found for this entry.
No folders found. => Error: No automatic fix found for this entry.
-= EOF =- => Error: No automatic fix found for this entry.

==== End of Fixlog 11:09:39 ====

okno.vbs je můj skript na to, když se kopírují teploty na ftp, aby nebylo vidět okno s odesíláním

[Hyko]

Děkuji všem za poskytnutí rad při čistění PC, mluvil jsem s providerem a z pc už nic neodchází, děkuji