Prosím o kontrolu logu

Příspěvekod **jerabina** » 02 lis 2015 16:52

Zkus to provést v nouzovém režimu.

Reklama

Holecek · Příspěvekod **Holecek** » 02 lis 2015 17:04

ï»¿Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:31-10-2015
Ran by Lucy (administrator) on LUCY-PC (02-11-2015 17:00:40)
Running from C:\Users\Lucy\Desktop
Loaded Profiles: Lucy (Available Profiles: UpdatusUser & Lucy)
Platform: Windows 8.1 (X64) Language: ÄŒeÅ¡tina (ÄŒeskÃ¡ republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Safe Mode (minimal)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\userinit.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13626072 2013-06-25] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1311304 2013-06-05] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [683352 2013-06-27] (Alps Electric Co., Ltd.)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [6339656 2013-05-15] (Realtek semiconductor)
HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-08-27] (NVIDIA Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286704 2013-05-08] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [OnekeyStudio] => C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [4196432 2012-09-15] (Lenovo)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15794160 2013-11-27] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80368 2013-11-27] (Lenovo(beijing) Limited)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3091224 2013-07-31] (Logitech, Inc.)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [168464 2012-10-31] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [217088 2012-04-19] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [95192 2013-03-09] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-2321680494-1980280422-1872297814-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [57981568 2015-09-27] (Skype Technologies S.A.)
HKU\S-1-5-21-2321680494-1980280422-1872297814-1002\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3638256 2015-10-28] (Electronic Arts)
HKU\S-1-5-21-2321680494-1980280422-1872297814-1002\...\MountPoints2: {43084f65-b897-11e3-be88-0c8bfd7e0c2e} - "F:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-2321680494-1980280422-1872297814-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Bubbles.scr [788480 2014-10-29] (Microsoft Corporation)
AppInit_DLLs: C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [184048 2013-12-26] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{A0CAB5CF-E9D0-43FD-984A-FC4BD4B1DCF4}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKU\S-1-5-21-2321680494-1980280422-1872297814-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.cz/
HKU\S-1-5-21-2321680494-1980280422-1872297814-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-2321680494-1980280422-1872297814-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
SearchScopes: HKLM -> DefaultScope {CE178326-4DD8-4821-950B-3FE6D084147D} URL =
SearchScopes: HKLM-x32 -> DefaultScope {CE178326-4DD8-4821-950B-3FE6D084147D} URL =
SearchScopes: HKU\S-1-5-21-2321680494-1980280422-1872297814-1002 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2321680494-1980280422-1872297814-1002 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_65\bin\ssv.dll [2015-10-30] (Oracle Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2013-07-31] (Logitech, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-30] (Oracle Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2013-07-31] (Logitech, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Lucy\AppData\Roaming\Mozilla\Firefox\Profiles\hi65jocb.default
FF NewTab: about:newtab
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-16] ()
FF Plugin: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-10-30] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-10-30] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-16] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-16] (Intel Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Extension: FT DeepDark - C:\Users\Lucy\AppData\Roaming\Mozilla\Firefox\Profiles\hi65jocb.default\Extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66} [2015-10-30]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-03-16] [not signed]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [6817544 2014-04-16] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2264280 2014-03-25] (COMODO)
S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-05-08] (Intel Corporation)
S2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
S2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-05-16] (Intel Corporation)
S2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [156616 2013-06-26] (Intel Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-16] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-06-13] ()
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2099208 2015-10-28] (Electronic Arts)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe [68368 2013-11-27] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3376880 2013-06-13] (IntelÂ® Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1385272 2013-04-24] (Motorola Solutions, Inc.)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [23168 2014-04-16] (COMODO)
S1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [748784 2014-04-16] (COMODO)
S1 cmdhlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [37560 2014-04-16] (COMODO)
R0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [115656 2013-06-03] (Intel Corporation)
S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2015-10-30] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
S3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3589600 2013-09-25] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [3598304 2013-06-28] (Intel Corporation)
S3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [8243528 2013-05-15] (Realtek Semiconductor Corp.)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-02 17:00 - 2015-11-02 17:00 - 00012945 _____ C:\Users\Lucy\Desktop\FRST.txt
2015-11-02 13:56 - 2015-11-02 17:00 - 00000000 ____D C:\FRST
2015-11-02 13:52 - 2015-11-02 13:52 - 02198016 _____ (Farbar) C:\Users\Lucy\Desktop\FRST64.exe
2015-10-31 13:54 - 2015-10-31 13:54 - 00000000 _____ C:\Users\Lucy\AppData\Local\jv16PT_temp.tmp
2015-10-31 09:58 - 2015-10-31 09:59 - 05637361 _____ (Swearware) C:\Users\Lucy\Desktop\ComboFix.exe
2015-10-31 08:19 - 2015-10-31 08:19 - 00007664 _____ C:\Users\Lucy\Desktop\zoek-results.txt
2015-10-31 08:17 - 2015-10-31 08:08 - 00024064 _____ C:\WINDOWS\zoek-delete.exe
2015-10-31 08:08 - 2015-10-30 23:29 - 00000886 _____ C:\zoek-results2015-10-30-222929.log
2015-10-31 08:06 - 2015-11-02 16:59 - 00000000 ____D C:\WINDOWS\pss
2015-10-31 08:04 - 2015-10-31 08:04 - 00000088 _____ C:\Users\Lucy\Desktop\skript.txt
2015-10-30 23:29 - 2015-10-31 08:18 - 00007664 _____ C:\zoek-results.log
2015-10-30 23:21 - 2015-10-31 08:16 - 00000000 ____D C:\zoek_backup
2015-10-30 21:51 - 2015-10-30 21:51 - 01309184 _____ C:\Users\Lucy\Desktop\zoek.exe
2015-10-30 20:00 - 2015-10-30 20:00 - 00011634 _____ C:\Users\Lucy\Desktop\rk_4F34.tmp.txt
2015-10-30 19:33 - 2015-10-30 21:25 - 00000000 ____D C:\ProgramData\RogueKiller
2015-10-30 19:33 - 2015-10-30 19:33 - 00037624 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2015-10-30 19:24 - 2015-10-30 19:25 - 22924872 _____ C:\Users\Lucy\Desktop\winlogon.exe.exe
2015-10-30 19:17 - 2015-10-30 19:17 - 01694208 _____ C:\Users\Lucy\Desktop\adwcleaner_5.015.exe
2015-10-30 18:53 - 2015-10-30 18:53 - 00000000 ____D C:\Users\Lucy\AppData\Roaming\Sun
2015-10-30 18:53 - 2015-10-30 18:53 - 00000000 ____D C:\Users\Lucy\.oracle_jre_usage
2015-10-30 18:52 - 2015-10-30 18:54 - 00000000 ____D C:\ProgramData\Oracle
2015-10-30 18:22 - 2015-10-30 19:23 - 00000000 ____D C:\AdwCleaner
2015-10-30 18:07 - 2015-10-30 18:07 - 00448512 _____ (OldTimer Tools) C:\Users\Lucy\Desktop\TFC.exe
2015-10-30 17:36 - 2015-10-30 23:14 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-10-30 17:36 - 2015-10-30 17:38 - 00001161 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-10-30 17:36 - 2015-10-30 17:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-10-30 17:36 - 2015-10-30 17:38 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-10-30 17:36 - 2015-10-30 17:36 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-10-30 17:36 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-10-30 17:36 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-10-30 17:36 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2015-10-30 17:21 - 2015-10-30 17:22 - 00050688 _____ (Atribune.org) C:\Users\Lucy\Desktop\ATF-Cleaner.exe
2015-10-30 13:23 - 2015-10-30 13:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-10-29 09:33 - 2015-10-29 09:33 - 00000000 __RHD C:\Users\Lucy\AppData\Roaming\SecuROM
2015-10-28 23:17 - 2015-10-28 23:17 - 00002367 _____ C:\Users\Public\Desktop\The Simsâ„¢ 3.lnk
2015-10-28 23:17 - 2015-10-28 23:17 - 00000195 _____ C:\WINDOWS\DirectX.log
2015-10-28 23:17 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll
2015-10-28 23:17 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll
2015-10-28 21:27 - 2015-10-28 21:28 - 00000000 ____D C:\Program Files (x86)\Origin Games
2015-10-28 21:26 - 2015-10-30 18:05 - 00000000 ____D C:\Users\Lucy\AppData\Roaming\Origin
2015-10-28 21:26 - 2015-10-28 21:27 - 00000000 ____D C:\Users\Lucy\AppData\Local\Origin
2015-10-28 21:21 - 2015-11-02 16:54 - 00000000 ____D C:\ProgramData\Origin
2015-10-28 21:21 - 2015-10-28 23:22 - 00000000 ____D C:\ProgramData\Electronic Arts
2015-10-28 21:21 - 2015-10-28 21:21 - 00001038 _____ C:\Users\Public\Desktop\Origin.lnk
2015-10-28 21:21 - 2015-10-28 21:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2015-10-28 21:19 - 2015-10-28 21:25 - 00000000 ____D C:\Program Files (x86)\Origin
2015-10-28 21:17 - 2015-10-28 21:18 - 31332760 _____ (Electronic Arts, Inc.) C:\Users\Lucy\Downloads\OriginThinSetup.exe
2015-10-27 22:51 - 2015-11-02 16:53 - 00002328 _____ C:\WINDOWS\setupact.log
2015-10-27 22:51 - 2015-10-27 22:51 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-10-27 22:50 - 2015-10-31 08:17 - 00005700 _____ C:\WINDOWS\PFRO.log
2015-10-27 22:43 - 2015-10-29 09:31 - 00000000 ____D C:\Users\Lucy\Documents\Electronic Arts
2015-10-27 22:40 - 2015-10-28 23:15 - 00447752 _____ (On2.com) C:\WINDOWS\SysWOW64\vp6vfw.dll
2015-10-27 22:38 - 2015-10-27 22:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hry
2015-10-27 22:14 - 2015-11-02 16:59 - 01067324 _____ C:\WINDOWS\WindowsUpdate.log
2015-10-27 22:02 - 2015-10-27 22:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-10-27 21:28 - 2015-10-27 21:28 - 00000000 ____D C:\Hry
2015-10-25 22:45 - 2015-10-25 22:45 - 00018250 _____ C:\Users\Lucy\Desktop\zivotopis 2.odt
2015-10-20 23:56 - 2014-04-16 00:35 - 00028352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll
2015-10-20 23:56 - 2014-04-16 00:34 - 00029888 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll
2015-10-15 15:31 - 2015-09-19 04:18 - 00035384 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2015-10-15 15:31 - 2015-09-18 14:42 - 01290752 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-10-15 15:31 - 2015-09-18 14:42 - 01163776 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-10-15 15:31 - 2015-09-18 14:42 - 00766464 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-10-15 15:31 - 2015-09-18 14:42 - 00699904 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-10-15 15:31 - 2015-09-18 14:42 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-10-15 15:31 - 2015-09-18 14:42 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-10-14 00:57 - 2015-08-06 17:47 - 04710400 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2015-10-14 00:57 - 2015-08-06 17:18 - 04068352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2015-10-14 00:56 - 2015-09-29 13:31 - 07457624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-10-14 00:56 - 2015-09-29 13:31 - 01658536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-10-14 00:56 - 2015-09-29 13:31 - 01519592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-10-14 00:56 - 2015-09-29 13:31 - 01487008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-10-14 00:56 - 2015-09-29 13:31 - 01355848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-10-14 00:56 - 2015-09-24 17:42 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2015-10-14 00:56 - 2015-09-24 17:40 - 00737280 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2015-10-14 00:56 - 2015-09-10 19:02 - 25851392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-10-14 00:56 - 2015-09-10 18:09 - 20358144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-10-14 00:56 - 2015-08-27 03:43 - 22372152 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-10-14 00:56 - 2015-08-27 03:42 - 19795904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-10-14 00:56 - 2015-08-07 22:40 - 01736520 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-10-14 00:56 - 2015-08-07 22:40 - 01499920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-10-14 00:56 - 2015-08-07 22:40 - 01134752 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2015-10-14 00:56 - 2015-08-07 22:40 - 00686960 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2015-10-14 00:56 - 2015-08-07 22:40 - 00507176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2015-10-14 00:56 - 2015-08-07 15:13 - 00862720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2015-10-14 00:56 - 2015-08-06 18:05 - 00669184 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2015-10-14 00:56 - 2015-08-06 17:37 - 00536576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2015-10-14 00:55 - 2015-09-29 13:29 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-10-14 00:55 - 2015-09-28 19:45 - 03705344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-10-14 00:55 - 2015-09-28 19:26 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-10-14 00:55 - 2015-09-28 19:25 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-10-14 00:55 - 2015-09-28 19:25 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-10-14 00:55 - 2015-09-28 19:25 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-10-14 00:55 - 2015-09-28 19:22 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-10-14 00:55 - 2015-09-28 19:22 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-10-14 00:55 - 2015-09-28 19:22 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-10-14 00:55 - 2015-09-28 19:15 - 02243072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-10-14 00:55 - 2015-09-28 19:13 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-10-14 00:55 - 2015-09-28 19:12 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-10-14 00:55 - 2015-09-10 18:19 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-10-14 00:55 - 2015-09-10 18:18 - 02886656 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-10-14 00:55 - 2015-09-10 18:18 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-10-14 00:55 - 2015-09-10 18:14 - 05990400 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-10-14 00:55 - 2015-09-10 18:06 - 00616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-10-14 00:55 - 2015-09-10 18:04 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-10-14 00:55 - 2015-09-10 17:51 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2015-10-14 00:55 - 2015-09-10 17:39 - 00504832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-10-14 00:55 - 2015-09-10 17:37 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-10-14 00:55 - 2015-09-10 17:37 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-10-14 00:55 - 2015-09-10 17:35 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-10-14 00:55 - 2015-09-10 17:33 - 02279936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-10-14 00:55 - 2015-09-10 17:28 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-10-14 00:55 - 2015-09-10 17:28 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-10-14 00:55 - 2015-09-10 17:27 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-10-14 00:55 - 2015-09-10 17:24 - 14456832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-10-14 00:55 - 2015-09-10 17:21 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-10-14 00:55 - 2015-09-10 17:19 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-10-14 00:55 - 2015-09-10 17:19 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-10-14 00:55 - 2015-09-10 17:19 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-10-14 00:55 - 2015-09-10 17:17 - 02126336 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-10-14 00:55 - 2015-09-10 17:17 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2015-10-14 00:55 - 2015-09-10 17:07 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-10-14 00:55 - 2015-09-10 17:05 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-10-14 00:55 - 2015-09-10 17:02 - 04527616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-10-14 00:55 - 2015-09-10 17:01 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-10-14 00:55 - 2015-09-10 17:00 - 12853760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-10-14 00:55 - 2015-09-10 16:57 - 02487808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-10-14 00:55 - 2015-09-10 16:57 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-10-14 00:55 - 2015-09-10 16:55 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-10-14 00:55 - 2015-09-10 16:55 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-10-14 00:55 - 2015-09-10 16:55 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-10-14 00:55 - 2015-09-10 16:45 - 01546752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-10-14 00:55 - 2015-09-10 16:34 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-10-14 00:55 - 2015-09-10 16:31 - 02011136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-10-14 00:55 - 2015-09-10 16:27 - 01311232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-10-14 00:55 - 2015-09-10 16:26 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-10-14 00:55 - 2015-08-22 14:42 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-14 00:55 - 2015-08-22 14:42 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-10-14 00:55 - 2015-08-22 14:42 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-10-14 00:55 - 2015-08-22 14:42 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-10-14 00:55 - 2015-08-22 14:42 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-10-14 00:55 - 2015-08-22 14:35 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-14 00:55 - 2015-08-22 14:35 - 00016224 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-14 00:55 - 2015-08-22 14:35 - 00015712 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-14 00:55 - 2015-08-22 14:35 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-14 00:55 - 2015-08-22 14:35 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-14 00:55 - 2015-08-22 14:35 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-14 00:55 - 2015-07-16 19:58 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NcdAutoSetup.dll
2015-10-14 00:54 - 2015-08-22 14:42 - 00901264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2015-10-14 00:54 - 2015-08-22 14:42 - 00066400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-10-14 00:54 - 2015-08-22 14:42 - 00022368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-10-14 00:54 - 2015-08-22 14:42 - 00019808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-14 00:54 - 2015-08-22 14:42 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-10-14 00:54 - 2015-08-22 14:42 - 00016224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-14 00:54 - 2015-08-22 14:42 - 00015712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-10-14 00:54 - 2015-08-22 14:42 - 00013664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-14 00:54 - 2015-08-22 14:42 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-10-14 00:54 - 2015-08-22 14:42 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-10-14 00:54 - 2015-08-22 14:42 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-10-14 00:54 - 2015-08-22 14:35 - 00984448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2015-10-14 00:54 - 2015-08-22 14:35 - 00063840 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-14 00:54 - 2015-08-22 14:35 - 00020832 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-14 00:54 - 2015-08-22 14:35 - 00019808 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-14 00:54 - 2015-08-22 14:35 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-14 00:54 - 2015-08-22 14:35 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-14 00:54 - 2015-08-22 14:35 - 00013664 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-14 00:54 - 2015-08-22 14:35 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-14 00:54 - 2015-08-22 14:35 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-14 00:54 - 2015-08-22 14:35 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-environment-l1-1-0.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-02 16:59 - 2013-11-27 04:55 - 00023040 _____ C:\WINDOWS\system32\VfService.trf
2015-11-02 16:59 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-02 16:59 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-11-02 16:55 - 2014-02-25 12:48 - 00000000 ____D C:\Users\Lucy\AppData\Roaming\Skype
2015-11-02 16:03 - 2014-07-28 21:21 - 08445440 ___SH C:\Users\Lucy\Desktop\Thumbs.db
2015-11-02 16:02 - 2014-02-25 15:37 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-11-02 16:00 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-11-02 15:26 - 2014-02-25 15:38 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2321680494-1980280422-1872297814-1002
2015-11-02 14:58 - 2014-09-14 17:16 - 00000000 ____D C:\Users\Lucy\Desktop\z mobilu fotky
2015-11-02 13:15 - 2014-03-06 20:16 - 00003962 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{81390E30-C184-4EF7-BA71-D1755F1B6D9C}
2015-10-30 23:16 - 2013-11-14 13:40 - 01749406 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-10-30 23:16 - 2013-11-14 13:24 - 00740962 _____ C:\WINDOWS\system32\perfh005.dat
2015-10-30 23:16 - 2013-11-14 13:24 - 00152146 _____ C:\WINDOWS\system32\perfc005.dat
2015-10-30 23:07 - 2014-03-05 22:20 - 00140150 _____ C:\WINDOWS\system32\Drivers\fvstore.dat
2015-10-30 21:56 - 2015-02-07 00:47 - 00000000 ____D C:\Users\Lucy\Desktop\ja foceni unor 2015
2015-10-30 18:53 - 2014-10-20 18:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-10-30 18:53 - 2014-10-20 17:59 - 00000000 ____D C:\Program Files\Java
2015-10-30 18:53 - 2014-03-05 19:44 - 00000000 ____D C:\Users\Lucy
2015-10-30 18:52 - 2014-10-20 18:00 - 00326752 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2015-10-30 18:52 - 2014-10-20 18:00 - 00206944 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2015-10-30 18:52 - 2014-10-20 18:00 - 00206944 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2015-10-30 18:52 - 2014-10-20 18:00 - 00110176 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2015-10-30 18:37 - 2014-02-28 19:18 - 00000877 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-10-30 17:16 - 2014-07-20 09:36 - 00273920 ___SH C:\Users\Lucy\Downloads\Thumbs.db
2015-10-30 12:17 - 2015-01-26 16:03 - 00003886 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-10-28 23:17 - 2013-11-27 04:29 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-10-27 22:51 - 2013-08-22 15:44 - 04984464 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-10-27 22:50 - 2014-02-25 12:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-10-24 10:34 - 2013-11-27 04:57 - 00000000 ____D C:\ProgramData\Energy Manager
2015-10-23 11:26 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-10-20 23:59 - 2012-07-26 08:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-10-16 21:02 - 2014-02-25 15:37 - 00003802 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-10-16 11:32 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache
2015-10-16 05:51 - 2015-03-15 17:07 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-10-16 05:51 - 2015-03-15 17:07 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-15 17:42 - 2014-12-14 01:03 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-10-15 17:42 - 2014-07-09 09:37 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-10-14 23:34 - 2014-02-25 12:48 - 00000000 ____D C:\ProgramData\Skype
2015-10-14 23:27 - 2013-08-22 16:36 - 00000000 ___RD C:\WINDOWS\ToastData
2015-10-14 10:04 - 2014-02-28 19:41 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-10-14 10:00 - 2014-02-28 19:40 - 143481208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-10-14 00:44 - 2014-07-20 09:50 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-10-06 21:38 - 2015-04-05 16:21 - 00000000 ___SD C:\WINDOWS\system32\GWX
2015-10-05 23:02 - 2015-04-05 16:21 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX

==================== Files in the root of some directories =======

2014-03-06 20:58 - 2014-03-06 20:58 - 0000020 ___SH () C:\Users\Lucy\AppData\Roaming\App4870.ConfCollection.bin
2015-10-31 13:54 - 2015-10-31 13:54 - 0000000 _____ () C:\Users\Lucy\AppData\Local\jv16PT_temp.tmp
2013-11-27 04:53 - 2013-11-27 04:53 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

safeboot: {64f8a70b-9e05-11e3-be75-0c8bfd7e0c2e} => The system is configured to boot to Safe Mode <===== ATTENTION

LastRegBack: 2015-10-25 11:25

==================== End of FRST.txt ============================

Holecek · Příspěvekod **Holecek** » 02 lis 2015 17:07

Additional scan result of Farbar Recovery Scan Tool (x64) Version:31-10-2015
Ran by Lucy (2015-11-02 17:01:04)
Running from C:\Users\Lucy\Desktop
Windows 8.1 (X64) (2014-03-05 19:08:21)
Boot Mode: Safe Mode (minimal)
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-2321680494-1980280422-1872297814-500 - Administrator - Disabled)
Guest (S-1-5-21-2321680494-1980280422-1872297814-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-2321680494-1980280422-1872297814-1004 - Limited - Enabled)
Lucy (S-1-5-21-2321680494-1980280422-1872297814-1002 - Administrator - Enabled) => C:\Users\Lucy
UpdatusUser (S-1-5-21-2321680494-1980280422-1872297814-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: COMODO Antivirus (Disabled - Out of date) {0C2D2636-923D-EE52-2A83-E643204A8275}
FW: COMODO Firewall (Disabled) {8F7746F7-FE68-E084-3B6C-7404A51E8FB3}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Illustrator CS6 (HKLM-x32\...\{4869414E-7AEA-4C8E-BE1C-8D40977FD517}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.100.1611.210 - Alps Electric)
CCleaner (HKLM\...\CCleaner) (Version: 5.11 - Piriform)
COMODO Firewall (HKLM\...\{901D1D88-408D-48E5-80DD-CC3145BD8456}) (Version: 6.3.39949.2976 - COMODO Security Solutions Inc.)
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.28 - Lenovo)
Energy Manager (x32 Version: 1.0.0.28 - Lenovo) Hidden
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33057) (Version: 3.6.1.33057.10 - Intel)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.36943 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.5.1367 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3412 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{302600C1-6BDF-4FD1-1306-148929CC1385}) (Version: 3.1.1306.0354 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.5.4.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{702b0b5f-bcbb-44fc-b613-e96f2a3006ed}) (Version: 16.1.0 - Intel Corporation)
Java 8 Update 65 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418065F0}) (Version: 8.0.650.17 - Oracle Corporation)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10233 - Realtek Semiconductor Corp.)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.1219 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.0.0.1219 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5108.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.5108.52 - CyberLink Corp.) Hidden
Lenovo VeriFace (HKLM\...\Lenovo VeriFace) (Version: 5.0.13.5261 - Lenovo)
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3423 - CyberLink Corp.)
Lenovo YouCam (x32 Version: 4.1.3423 - CyberLink Corp.) Hidden
Logitech SetPoint 6.61 (HKLM\...\sp6) (Version: 6.61.15 - Logitech)
Malwarebytes Anti-Malware verze 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 41.0.2 (x86 cs) (HKLM-x32\...\Mozilla Firefox 41.0.2 (x86 cs)) (Version: 41.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.2.5765 - Mozilla)
NVIDIA GeForce Experience 1.6.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.6.1 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 327.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.62 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)
Onekey Theater (HKLM-x32\...\{91CC5BAE-A098-40D3-A43B-C0DC7CE263FE}) (Version: 3.0.1.0 - Lenovo)
OpenOffice 4.1.0 (HKLM-x32\...\{43245B34-BAEA-4716-B877-38E7E7026698}) (Version: 4.10.9764 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.10.1.1501 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 327.62 (Version: 327.62 - NVIDIA Corporation) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.9109 - CyberLink Corp.)
PowerTools Lite 2013 (HKLM-x32\...\PowerTools Lite 2011) (Version: - Macecraft Software)
Realtek Card Reader (HKLM-x32\...\{F0A8BF4A-972F-41E0-9800-1EFE3BF28266}) (Version: 6.2.9200.30158 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.18.621.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6954 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype™ 7.12 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.12.101 - Skype Technologies S.A.)
SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.61.90905 - SugarSync, Inc.)
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.42.130 - Electronic Arts)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.50 - Ghisler Software GmbH)
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.15 - Lenovo)
UserGuide (x32 Version: 1.0.0.15 - Lenovo) Hidden
Windows Driver Package - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (06/19/2012 10.13.29.733) (HKLM\...\8A223E56FB1ED4F697B54E5BF96F1EB63B512684) (Version: 06/19/2012 10.13.29.733 - Lenovo)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== Restore Points =========================

14-10-2015 09:55:12 Windows Update
19-10-2015 23:47:20 Windows Update
27-10-2015 22:38:58 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
28-10-2015 23:16:04 Instalováno The Sims 3

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2015-10-31 08:09 - 00000753 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {141CBF43-0D12-4388-A985-0F29FDE359DC} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)
Task: {47D192EF-68BE-47B3-B1F0-6818092E8181} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)
Task: {6B78822A-4A47-4D1C-A2B1-4980F1222371} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {81BDDA45-40A7-4368-BEF1-7125CF51F6D4} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-16] (Adobe Systems Incorporated)
Task: {906BE147-F0DB-4845-9BF6-4EE78FD3F196} - System32\Tasks\AdobeAAMUpdater-1.0-Lucy-PC-Lucy => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {963B68CE-7017-45D1-B24A-1402FAEE9A56} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2014-03-25] (COMODO)
Task: {AAE75C51-C59D-47DF-836B-68A4F0D8BDB1} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-04-16] (COMODO)
Task: {D894CF07-DF03-43D3-9D78-A4E8CA6A21B5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-10-19] (Piriform Ltd)
Task: {E1B32978-E6B0-483D-8D9F-4EA520A2241F} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-04-16] (COMODO)
Task: {E61D857F-F093-4135-9855-2D56213A7265} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-10-14] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (Whitelisted) ==============

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\WINDOWS\system32\Drivers\btmhsf.sys:Microsoft_Appcompat_ReinstallUpgrade

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="1"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2321680494-1980280422-1872297814-1002\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\Web\Wallpaper\apple-wallpaper-logo.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{CA447535-2F5C-43CB-A225-7EEA509C66E6}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{84959229-B0BB-4750-BC90-FD1E4D122123}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{AD976A65-1640-468B-9A73-CC265FA71ACA}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{D54CC09A-10DB-4C72-8EC1-8AF36427D28A}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{23CB6FFB-528E-4853-9A2F-57ED601318BD}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{88B3F736-9530-459D-BF0D-F21FC4974050}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{0E865BC6-461F-41BD-BCC8-532CCEED34A3}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{A9266E94-1E07-48C1-827E-8BC0E56DBDB8}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{E0AD9423-E9A3-405F-A41F-A7DEB7BE633E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{68CDF1BB-28AA-4793-8AAF-F7C1A3FCF281}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{B6BD375B-B362-42DD-A318-959A05E4F17C}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{0F835C1F-84FF-4A61-BBCD-85C5F5EBCC60}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (11/02/2015 04:58:33 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program FRST64.exe verze 31.10.2015.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 1b40

Čas spuštění: 01d1158701dffbcd

Čas ukončení: 0

Cesta k aplikaci: C:\Users\Lucy\Desktop\FRST64.exe

ID hlášení: 8d04eab4-817a-11e5-bf33-28d2443db25b

Úplný název chybujícího balíčku:

ID aplikace související s chybujícím balíčkem:

Error: (11/02/2015 04:57:31 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program cis.exe verze 7.0.53315.4132 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 888

Čas spuštění: 01d11586c513cc8f

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\COMODO\COMODO Internet Security\cis.exe

ID hlášení: 6bc90e78-817a-11e5-bf33-28d2443db25b

Úplný název chybujícího balíčku:

ID aplikace související s chybujícím balíčkem:

Error: (10/31/2015 01:18:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program wwahost.exe verze 6.3.9600.17415 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 920

Čas spuštění: 01d113d604a74747

Čas ukončení: 4294967295

Cesta k aplikaci: C:\WINDOWS\system32\wwahost.exe

ID hlášení: 73f1473b-7fc9-11e5-bf32-28d2443db25b

Úplný název chybujícího balíčku: Microsoft.BingFinance_3.0.4.336_x64__8wekyb3d8bbwe

ID aplikace související s chybujícím balíčkem: AppexFinance

Error: (10/31/2015 01:18:11 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: Lucy-PC)
Description: Balíček Microsoft.BingFinance_3.0.4.336_x64__8wekyb3d8bbwe+AppexFinance se ukončil, protože jeho pozastavování trvalo moc dlouho.

Error: (10/31/2015 10:04:19 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program cis.exe verze 7.0.53315.4132 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 159c

Čas spuštění: 01d113ba3d7fe8c2

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\COMODO\COMODO Internet Security\cis.exe

ID hlášení: 5dbd46ba-7fae-11e5-bf31-28d2443db25b

Úplný název chybujícího balíčku:

ID aplikace související s chybujícím balíčkem:

Error: (10/30/2015 11:43:16 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Lucy-PC)
Description: Aplikaci Microsoft.BingSports_8wekyb3d8bbwe!AppexSports se nepovedlo aktivovat, protože došlo k chybě: -2144927142. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (10/30/2015 11:43:16 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program wwahost.exe verze 6.3.9600.17415 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 1aa4

Čas spuštění: 01d113645823a804

Čas ukončení: 4294967295

Cesta k aplikaci: C:\WINDOWS\system32\wwahost.exe

ID hlášení: 99a70a3a-7f57-11e5-bf2c-28d2443db25b

Úplný název chybujícího balíčku: Microsoft.BingSports_3.0.4.336_x64__8wekyb3d8bbwe

ID aplikace související s chybujícím balíčkem: AppexSports

Error: (10/30/2015 11:43:12 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: Lucy-PC)
Description: Aplikace Microsoft.BingSports_3.0.4.336_x64__8wekyb3d8bbwe+AppexSports se nespustila ve stanovenou dobu.

Error: (10/30/2015 11:22:01 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program cis.exe verze 7.0.53315.4132 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 9a0

Čas spuštění: 01d1135fbc2dd897

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\COMODO\COMODO Internet Security\cis.exe

ID hlášení: a350c0da-7f54-11e5-bf29-28d2443db25b

Úplný název chybujícího balíčku:

ID aplikace související s chybujícím balíčkem:

Error: (10/30/2015 10:31:19 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program cis.exe verze 7.0.53315.4132 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 1520

Čas spuštění: 01d11359b9776ac6

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\COMODO\COMODO Internet Security\cis.exe

ID hlášení: 8dfa6664-7f4d-11e5-bf28-28d2443db25b

Úplný název chybujícího balíčku:

ID aplikace související s chybujícím balíčkem:

System errors:
=============
Error: (11/02/2015 05:01:05 PM) (Source: DCOM) (EventID: 10005) (User: Lucy-PC)
Description: 1084WSearchNení k dispozici{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

Error: (11/02/2015 05:01:05 PM) (Source: DCOM) (EventID: 10005) (User: Lucy-PC)
Description: 1084WSearchNení k dispozici{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

Error: (11/02/2015 05:01:02 PM) (Source: DCOM) (EventID: 10005) (User: Lucy-PC)
Description: 1084WSearchNení k dispozici{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

Error: (11/02/2015 05:01:02 PM) (Source: DCOM) (EventID: 10005) (User: Lucy-PC)
Description: 1084WSearchNení k dispozici{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

Error: (11/02/2015 05:00:41 PM) (Source: DCOM) (EventID: 10005) (User: Lucy-PC)
Description: 1084WSearchNení k dispozici{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

Error: (11/02/2015 05:00:41 PM) (Source: DCOM) (EventID: 10005) (User: Lucy-PC)
Description: 1084WSearchNení k dispozici{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

Error: (11/02/2015 05:00:35 PM) (Source: DCOM) (EventID: 10005) (User: Lucy-PC)
Description: 1084Bluetooth Device MonitorNení k dispozici{DABF28BE-F6B4-4E40-8F40-C4FB26F3116C}

Error: (11/02/2015 05:00:35 PM) (Source: DCOM) (EventID: 10005) (User: Lucy-PC)
Description: 1084ShellHWDetectionNení k dispozici{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (11/02/2015 05:00:26 PM) (Source: DCOM) (EventID: 10005) (User: Lucy-PC)
Description: 1084ShellHWDetectionNení k dispozici{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (11/02/2015 05:00:24 PM) (Source: DCOM) (EventID: 10005) (User: Lucy-PC)
Description: 1084WSearchNení k dispozici{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

CodeIntegrity:
===================================
Date: 2015-11-02 16:54:52.982
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-11-02 16:54:14.675
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-11-02 16:54:08.503
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2015-11-02 15:59:46.991
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-11-02 15:52:42.264
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-11-02 15:00:42.277
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-11-02 14:41:44.598
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-11-02 14:28:21.838
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-11-02 14:20:24.056
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-11-02 13:51:10.065
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4200M CPU @ 2.50GHz
Percentage of memory in use: 20%
Total physical RAM: 8104.27 MB
Available physical RAM: 6436.85 MB
Total Virtual: 9384.27 MB
Available Virtual: 7779.42 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:889.37 GB) (Free:809.56 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:20.1 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 988C8AC3)

Partition: GPT.

==================== End of Addition.txt ============================

Příspěvekod **jerabina** » 02 lis 2015 17:30

Vypni trvale Windows Defender, máš tam COMODO.

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CloseProcesses:

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation)
HKU\S-1-5-21-2321680494-1980280422-1872297814-1002\...\MountPoints2: {43084f65-b897-11e3-be88-0c8bfd7e0c2e} - "F:\HTC_Sync_Manager_PC.exe" 

SearchScopes: HKLM -> DefaultScope {CE178326-4DD8-4821-950B-3FE6D084147D} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {CE178326-4DD8-4821-950B-3FE6D084147D} URL = 

FF NewTab: about:newtab
FF Homepage: about:home

C:\Users\Lucy\AppData\Local\jv16PT_temp.tmp
C:\Users\Lucy\Desktop\rk_4F34.tmp.txt
C:\ProgramData\RogueKiller
C:\Users\Lucy\AppData\Roaming\App4870.ConfCollection.bin
C:\ProgramData\DP45977C.lfl

Task: {6B78822A-4A47-4D1C-A2B1-4980F1222371} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {81BDDA45-40A7-4368-BEF1-7125CF51F6D4} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-16] (Adobe Systems Incorporated)
Task: {906BE147-F0DB-4845-9BF6-4EE78FD3F196} - System32\Tasks\AdobeAAMUpdater-1.0-Lucy-PC-Lucy => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

AlternateDataStreams: C:\WINDOWS\system32\Drivers\btmhsf.sys:Microsoft_Appcompat_ReinstallUpgrade

EmptyTemp:
Hosts:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt

Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

Holecek · Příspěvekod **Holecek** » 02 lis 2015 17:45

zase to nepracuje

Holecek · Příspěvekod **Holecek** » 02 lis 2015 18:05

k tomu comodu, měl jsem za to že z toho comoda tam mám jen firewall a defender mám jako antivir

Příspěvekod **jerabina** » 02 lis 2015 18:15

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: COMODO Antivirus (Disabled - Out of date) {0C2D2636-923D-EE52-2A83-E643204A8275}
FW: COMODO Firewall (Disabled) {8F7746F7-FE68-E084-3B6C-7404A51E8FB3}

Máš tam normální plnou verzi COMODO, ale ochranu v reálném čase máš vyplou stejně jako Firewall, takže si když tak ten firewall zapni.

FRST proveď v nouzovém režimu.

Holecek · Příspěvekod **Holecek** » 02 lis 2015 18:24

FRST mi v nouzovém režimu vyhodí tu samou hlášku jako předtím

Holecek · Příspěvekod **Holecek** » 02 lis 2015 18:31

to comodo jsem vypnul jen na čas aby mi při tom skenování neobtěžovalo, normálně je stále aktivní. Tak ten defender zakážu. Mě mátlo, že když ho zakážu, tak mi centrum akcí hlásí, že počítač není chráněn.

Holecek · Příspěvekod **Holecek** » 02 lis 2015 18:59

podle tohoto to vypadá, že internet security nejsou aktivní a pokud se dobře pamatuju, tak jsem instaloval jen firewall

Příspěvekod **jerabina** » 02 lis 2015 20:01

Tak si nech zaplý ten Windows Defender a Firewall od Comoda.

Stáhni si rkill
a spusť ho . Spustí se sken .Po skenu se program sám ukončí. Vlož sem log.
Pozn.: NERESTARTUJ PC !

Zkus znovu ten FRST

PS: spouštíš ho jako správce?

Holecek · Příspěvekod **Holecek** » 02 lis 2015 20:04

FRST spouštím jako správce a i v nouzovém režimu

Prosím o kontrolu logu Vyřešeno

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Kdo je online