Prosim o kontrolu logu - nejde nacist Facebook

Spectra · Příspěvekod **Spectra** » 22 lis 2015 11:23

Vkládám log z RogueKilleru po výmazu:

RogueKiller V10.11.6.0 (x64) [Nov 16 2015] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/software/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 10 (10.0.10240) 64 bits version
Spuštěno : Normální režim
Uživatel : Alexandra [Práva správce]
Started from : C:\Users\Alexandra\Desktop\RogueKillerX64.exe
Mód : Smazat -- Datum : 11/22/2015 11:09:31

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 10 ¤¤¤
[PUM.HomePage] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.bing.com?pc=HPNTDFJS -> Nahrazeno (http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://www.bing.com?pc=HPNTDFJS -> Nahrazeno (http://www.microsoft.com/isapi/redir.dl ... ar=msnhome)
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-1116921555-2049245244-3931339454-1002\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://www.bing.com?pc=HPNTDFJS -> Nahrazeno (http://www.microsoft.com/isapi/redir.dl ... ar=msnhome)
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-1116921555-2049245244-3931339454-1002\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://www.bing.com?pc=HPNTDFJS -> Nahrazeno (http://www.microsoft.com/isapi/redir.dl ... ar=msnhome)
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.1 ([(Private Address) (XX)]) -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 10.0.0.1 ([(Private Address) (XX)]) -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3848b299-aa1d-40c9-b1ac-b10a560eb26c} | DhcpNameServer : 10.0.0.1 ([(Private Address) (XX)]) -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{d1894928-78ca-40af-adf7-4270f2335854} | DhcpNameServer : 10.0.0.1 ([(Private Address) (XX)]) -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{3848b299-aa1d-40c9-b1ac-b10a560eb26c} | DhcpNameServer : 10.0.0.1 ([(Private Address) (XX)]) -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{d1894928-78ca-40af-adf7-4270f2335854} | DhcpNameServer : 10.0.0.1 ([(Private Address) (XX)]) -> Nahrazeno ()

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 1 ¤¤¤
[PUP][Složka] C:\ProgramData\{C19CA186-4F06-4E22-A1E6-6BAB4723A0DE} -> Smazáno
[PUP][Soubor] C:\ProgramData\{C19CA186-4F06-4E22-A1E6-6BAB4723A0DE}\0x0409.ini -> Smazáno
[PUP][Soubor] C:\ProgramData\{C19CA186-4F06-4E22-A1E6-6BAB4723A0DE}\HP Support Assistant.msi -> Smazáno

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 1 ¤¤¤
[FIREFX:Addon] 8dg3p27b.default : Avast Online Security [wrc@avast.com] -> Smazáno

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: +++++
--- User ---
[MBR] c2c4c8281b5ede099523533b30cc4ba3
[BSP] a0269b1898f8ae48dcef0b6ca0539542 : Empty|VT.Unknown MBR Code
Partition table:
0 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 2048 | Size: 650 MB
1 - [MAN-MOUNT] EFI system partition | Offset (sectors): 1333248 | Size: 260 MB
2 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 1865728 | Size: 128 MB
3 - Basic data partition | Offset (sectors): 2127872 | Size: 934387 MB
4 - [SYSTEM][MAN-MOUNT] | Offset (sectors): 1915754496 | Size: 861 MB
5 - [SYSTEM] Basic data partition | Offset (sectors): 1917517824 | Size: 17576 MB
User = LL1 ... OK
User = LL2 ... OK

Reklama

Příspěvekod **jerabina** » 22 lis 2015 14:52

Co Zoek?

+ potom nedělej ComboFix, ale FRST:

Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit Farbar Recovery Scan Tool (FRST)
32bit.:
http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
64bit.:
http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
a ulož jej na plochu. ,pak spusť FRST jako správce
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

Spectra · Příspěvekod **Spectra** » 22 lis 2015 18:55

Zoek ještě pořád běží. Start byl dnes v 11:36:36,31.
Teď jsem u --- C:\WINDOWS\SysNative\config\systemprofile\AppData DB Check 16:08:35,79
Nevím kam až to má doběhnout, ale snad by měl nastat restart.

Příspěvekod **jerabina** » 22 lis 2015 19:20

Nech to, pokud se to na něčem zasekne a dál to nepojede, tak vypni natvrdo počítač a proveď Zoek v nouzovém režimu.

Spectra · Příspěvekod **Spectra** » 22 lis 2015 23:10

Tak konečně doběhl Zoek (trvalo to 12 hodin).
Log níže:

Zoek.exe v5.0.0.1 Updated 27-09-2015
Tool run by Alexandra on ne 22.11.2015 at 11:26:12,18.
Microsoft Windows 10 Home 10.0.10240 x64
Running in: Normal Mode No Internet Access Detected
Launched: C:\Users\Alexandra\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

22.11.2015 11:48:44 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Empty Folders Check ======================

C:\PROGRA~3\Comms deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\Users\Alexandra\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\Alexandra\AppData\Local\EmieSiteList deleted successfully
C:\Users\Alexandra\AppData\Local\EmieUserList deleted successfully
C:\Users\Alexandra\AppData\Local\MediaShow deleted successfully
C:\Users\Alexandra\AppData\Local\NetworkTiles deleted successfully
C:\Users\Alexandra\AppData\Local\PackageStaging deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1116921555-2049245244-3931339454-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{FA70871F-82C0-4CB0-8E0F-287088F7B741} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{FA70871F-82C0-4CB0-8E0F-287088F7B741} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{FA70871F-82C0-4CB0-8E0F-287088F7B741} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== FireFox Fix ======================

Deleted from C:\Users\ALEXAN~1\AppData\Roaming\Mozilla\Firefox\Profiles\8dg3p27b.default\prefs.js:
user_pref("browser.startup.homepage", "https://www.google.cz/");

Added to C:\Users\ALEXAN~1\AppData\Roaming\Mozilla\Firefox\Profiles\8dg3p27b.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Deleting Files \ Folders ======================

C:\Users\Public\Pokki deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Default\AppData\Local\Pokki deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
"C:\windows\Installer\fb0b7.msi" deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\ALEXAN~1\AppData\Roaming\Mozilla\Firefox\Profiles\8dg3p27b.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [05.08.2015 17:37]

==== Firefox Extensions ======================

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\8dg3p27b.default
18CF51689186AEB9D1D149AEB0E92D03 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL - Microsoft Office 2013
0C0C5C207121C7A78414A8250E8E099A - C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll - Shockwave for Director / Shockwave for Director

==== Chromium Look ======================

Google Chrome Version: 46.0.2490.86

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[21.07.2015 19:34]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[12.10.2015 08:31]

Avast Online Security - Alexandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Skype Click to Call - Alexandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.cz/"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.cz/"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=HPNTDFJS"

==== Reset Google Chrome ======================

C:\Users\Alexandra\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Alexandra\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Alexandra\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Alexandra\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2C0D8C2E79C150C439A9B5310AEF56C5 deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{69D56D69-6523-4A68-89ED-26C26BBD4D59} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E2C8D0C2-1C97-4C05-939A-5B13A0FE655C} deleted successfully
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\96D65D96325686A498DE622CB6DBD495 deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\2C0D8C2E79C150C439A9B5310AEF56C5 deleted successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Alexandra\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Alexandra\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Alexandra\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Alexandra\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Alexandra\AppData\Local\Mozilla\Firefox\Profiles\8dg3p27b.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Alexandra\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=5953 folders=142 293970931 bytes)

==== Empty Temp Folders ======================

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\ALEXAN~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on ne 22.11.2015 at 23:06:36,60 ======================

Spectra · Příspěvekod **Spectra** » 22 lis 2015 23:20

Posílám logy po Farbar Rcovery Scan Tool (FRST)

Log č. 1 - FRST.txt:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:22-11-2015
Ran by Alexandra (administrator) on PAVILION_NTB (22-11-2015 23:11:44)
Running from C:\Users\Alexandra\Desktop
Loaded Profiles: Alexandra (Available Profiles: Alexandra)
Platform: Windows 10 Home (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
() C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
() C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\WpcMon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\msosync.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8496344 2015-11-08] (Realtek Semiconductor)
HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [3957816 2014-03-01] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [415288 2014-03-01] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [415288 2014-03-01] (Hewlett-Packard)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-01-27] (Apple Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3945656 2015-09-19] (Synaptics Incorporated)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [126240 2014-02-13] (Hewlett-Packard Company)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6111312 2015-11-08] (AVAST Software)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49904 2014-08-13] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [313656 2013-04-18] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [653576 2015-06-29] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
HKU\S-1-5-21-1116921555-2049245244-3931339454-1002\...\Run: [GoogleChromeAutoLaunch_99F61B3BC587B8744BBFA7D9D524B720] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [811848 2015-11-07] (Google Inc.)
HKU\S-1-5-21-1116921555-2049245244-3931339454-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [48145024 2015-10-14] (Skype Technologies S.A.)
HKU\S-1-5-21-1116921555-2049245244-3931339454-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8551848 2015-10-19] (Piriform Ltd)
HKU\S-1-5-21-1116921555-2049245244-3931339454-1002\...\RunOnce: [Uninstall C:\Users\Alexandra\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Alexandra\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\amd64"
HKU\S-1-5-21-1116921555-2049245244-3931339454-1002\...\RunOnce: [Uninstall C:\Users\Alexandra\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Alexandra\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64"
HKU\S-1-5-21-1116921555-2049245244-3931339454-1002\...\RunOnce: [Uninstall C:\Users\Alexandra\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Alexandra\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64"
HKU\S-1-5-21-1116921555-2049245244-3931339454-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [31232 2015-07-10] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-08-05] (AVAST Software)
ShellIconOverlayIdentifiers: [01UnsuppModule] -> {AEB16659-2125-4ADA-A4AB-45EE21E86469} => No File
ShellIconOverlayIdentifiers: [02SyncingModule] -> {48AB5ADA-36B1-4137-99C9-2BD97F8788AB} => No File
ShellIconOverlayIdentifiers: [03SyncedModule] -> {472CE1AD-5D53-4BCF-A1FB-3982A5F55138} => No File
ShellIconOverlayIdentifiers: [04ReadOnlyModule] -> {A433C3E0-8B24-40EB-93C3-4B10D9959F58} => No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{d1894928-78ca-40af-adf7-4270f2335854}: [DhcpNameServer] 10.0.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-1116921555-2049245244-3931339454-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.cz/
HKU\S-1-5-21-1116921555-2049245244-3931339454-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
SearchScopes: HKU\S-1-5-21-1116921555-2049245244-3931339454-1002 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-09-29] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-08-05] (AVAST Software)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-11-01] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-11-20] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-05] (AVAST Software)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-03-04] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-20] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-1116921555-2049245244-3931339454-1002 -> hxxp://google.cz/

FireFox:
========
FF ProfilePath: C:\Users\Alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\8dg3p27b.default
FF NewTab: about:newtab
FF Homepage: about:home
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-20] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-20] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-08-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-19] (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-08-05] [not signed]

Chrome:
=======
CHR Profile: C:\Users\Alexandra\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Alexandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-09]
CHR Extension: (Google Drive) - C:\Users\Alexandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-01]
CHR Extension: (YouTube) - C:\Users\Alexandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-28]
CHR Extension: (Google Search) - C:\Users\Alexandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-03]
CHR Extension: (Google Docs Offline) - C:\Users\Alexandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-20]
CHR Extension: (Avast Online Security) - C:\Users\Alexandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-11-03]
CHR Extension: (Skype Click to Call) - C:\Users\Alexandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-10-16]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Alexandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-04]
CHR Extension: (Gmail) - C:\Users\Alexandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-31]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-21]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-04-06] (Advanced Micro Devices, Inc.) [File not signed]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-05] (AVAST Software)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [88064 2014-03-05] () [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2780856 2015-10-07] (Microsoft Corporation)
S3 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2011-10-17] (Hewlett-Packard Company) [File not signed]
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [174592 2012-12-04] (HP) [File not signed]
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [602888 2015-06-29] (Hewlett-Packard Development Company, L.P.)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [88064 2014-03-01] (Softex Inc.) [File not signed]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910128 2015-02-07] (Electronic Arts)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [294616 2015-11-08] (Realtek Semiconductor)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-08-05] (Microsoft Corporation)
S3 w3logsvc; C:\WINDOWS\SysWOW64\inetsrv\w3logsvc.dll [72192 2015-08-05] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36608 2013-12-14] (Advanced Micro Devices, Inc.)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-11-04] (Advanced Micro Devices)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-08-05] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-08-05] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-08-05] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-08-05] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-08-05] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1059656 2015-11-08] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449992 2015-11-08] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-08-05] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-08-05] (AVAST Software)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [237568 2015-07-10] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-05] (Realtek Semiconductor Corp.)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [886528 2015-09-30] (Realtek )
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [615728 2015-06-04] (Realtek Semiconductor Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [4629744 2015-09-19] (Realtek Semiconductor Corporation )
R3 SmbDrv; C:\Windows\system32\DRIVERS\Smb_driver_AMDASF.sys [42184 2015-09-19] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [31472 2014-04-22] (Synaptics Incorporated)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-22 23:11 - 2015-11-22 23:12 - 00020812 _____ C:\Users\Alexandra\Desktop\FRST.txt
2015-11-22 23:11 - 2015-11-22 23:11 - 00000000 ____D C:\FRST
2015-11-22 23:09 - 2015-11-22 23:11 - 02346496 _____ (Farbar) C:\Users\Alexandra\Desktop\FRST64.exe
2015-11-22 23:07 - 2015-11-22 23:07 - 00000000 ___HD C:\OneDriveTemp
2015-11-22 23:06 - 2015-11-22 23:06 - 00016148 _____ C:\WINDOWS\system32\PAVILION_NTB_Alexandra_HistoryPrediction.bin
2015-11-22 22:53 - 2015-11-22 11:24 - 00024064 _____ C:\WINDOWS\zoek-delete.exe
2015-11-22 15:38 - 2015-11-22 15:38 - 00000000 ____D C:\Users\Alexandra\AppData\Local\NetworkTiles
2015-11-22 15:03 - 2015-11-22 15:03 - 00000000 ____D C:\Users\Alexandra\AppData\Local\Apple
2015-11-22 11:48 - 2015-11-22 23:06 - 00008812 _____ C:\zoek-results.log
2015-11-22 11:24 - 2015-11-22 22:48 - 00000000 ____D C:\zoek_backup
2015-11-22 10:41 - 2015-11-22 10:41 - 05639131 _____ (Swearware) C:\Users\Alexandra\Desktop\ComboFix.exe
2015-11-22 10:41 - 2015-11-22 10:41 - 00000091 _____ C:\Users\Alexandra\Desktop\Zoe.txt
2015-11-22 10:39 - 2015-11-22 11:24 - 01309184 _____ C:\Users\Alexandra\Desktop\zoek.exe
2015-11-21 16:20 - 2015-11-22 11:04 - 00000000 ____D C:\Users\Alexandra\AppData\Local\CrashDumps
2015-11-21 12:03 - 2015-11-22 10:46 - 00037624 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2015-11-21 12:03 - 2015-11-21 12:36 - 00000000 ____D C:\ProgramData\RogueKiller
2015-11-21 12:02 - 2015-11-21 12:03 - 23710792 _____ C:\Users\Alexandra\Desktop\RogueKillerX64.exe
2015-11-20 23:21 - 2015-11-20 23:22 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-11-20 23:21 - 2015-11-20 23:21 - 00001182 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-11-20 23:21 - 2015-11-20 23:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-11-20 23:21 - 2015-11-20 23:21 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-11-20 23:21 - 2015-11-20 23:21 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-11-20 23:21 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-11-20 23:21 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-11-20 23:21 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2015-11-20 23:20 - 2015-11-20 23:20 - 00000651 _____ C:\Users\Alexandra\Desktop\AdwCleaner[S3].txt
2015-11-20 23:11 - 2015-11-20 23:11 - 00448512 _____ (OldTimer Tools) C:\Users\Alexandra\Desktop\TFC.exe
2015-11-20 23:07 - 2015-11-20 23:20 - 22908888 _____ (Malwarebytes ) C:\Users\Alexandra\Desktop\mbam-setup-2.2.0.1024.exe
2015-11-20 23:06 - 2015-11-20 23:14 - 01732096 _____ C:\Users\Alexandra\Desktop\AdwCleaner.exe
2015-11-20 22:57 - 2015-11-20 22:58 - 00050688 _____ (Atribune.org) C:\Users\Alexandra\Desktop\ATF-Cleaner.exe
2015-11-20 18:48 - 2015-11-20 18:48 - 00013989 _____ C:\Users\Alexandra\Downloads\hijackthis.log
2015-11-20 18:47 - 2015-11-20 18:47 - 00388608 _____ (Trend Micro Inc.) C:\Users\Alexandra\Desktop\hijackthis.exe
2015-11-20 18:20 - 2015-11-22 23:05 - 00003850 _____ C:\WINDOWS\PFRO.log
2015-11-20 18:11 - 2015-11-20 23:15 - 00000000 ____D C:\AdwCleaner
2015-11-20 18:10 - 2015-11-20 18:10 - 01732096 _____ C:\Users\Alexandra\Downloads\adwcleaner_5.021.exe
2015-11-20 17:56 - 2015-11-22 23:06 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-11-20 17:47 - 2015-11-20 17:47 - 00002872 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2015-11-20 17:47 - 2015-11-20 17:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-11-20 17:47 - 2015-11-20 17:47 - 00000000 ____D C:\Program Files\CCleaner
2015-11-20 17:46 - 2015-11-20 17:46 - 06762072 _____ (Piriform Ltd) C:\Users\Alexandra\Downloads\ccsetup511.exe
2015-11-20 15:45 - 2015-11-20 15:45 - 00000000 ____D C:\Users\Alexandra\AppData\Roaming\Sun
2015-11-20 15:45 - 2015-11-20 15:45 - 00000000 ____D C:\Users\Alexandra\.oracle_jre_usage
2015-11-20 15:43 - 2015-11-20 15:43 - 00000000 ____D C:\Users\Alexandra\AppData\LocalLow\Oracle
2015-11-20 15:09 - 2015-11-20 15:15 - 00000000 ____D C:\Users\Alexandra\AppData\Local\Mozilla
2015-11-20 15:09 - 2015-11-20 15:09 - 00001239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-11-20 15:09 - 2015-11-20 15:09 - 00000000 ____D C:\Users\Alexandra\AppData\Roaming\Mozilla
2015-11-20 15:09 - 2015-11-20 15:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-11-20 15:09 - 2015-11-20 15:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-11-20 15:08 - 2015-11-20 15:08 - 00243880 _____ C:\Users\Alexandra\Downloads\Firefox Setup Stub 42.0 (1).exe
2015-11-20 15:07 - 2015-11-20 15:07 - 00243880 _____ C:\Users\Alexandra\Downloads\Firefox Setup Stub 42.0.exe
2015-11-18 23:49 - 2015-11-18 23:49 - 00046005 _____ C:\Users\Alexandra\Documents\Můj film0.wlmp
2015-11-18 17:29 - 2015-11-18 23:59 - 11246701 _____ C:\Users\Alexandra\Documents\Jaká jsem.pptx
2015-11-18 17:23 - 2015-11-18 17:23 - 00003164 _____ C:\WINDOWS\System32\Tasks\{A9B0091A-9894-4149-8FAF-64E51B7B0793}
2015-11-18 14:42 - 2015-11-18 14:42 - 00002361 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
2015-11-18 14:42 - 2015-11-18 14:42 - 00001454 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2015-11-18 14:42 - 2015-11-18 14:42 - 00001385 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2015-11-18 14:42 - 2015-11-18 14:42 - 00001365 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2015-11-18 14:42 - 2015-11-18 14:42 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2015-11-18 14:42 - 2015-11-18 14:42 - 00000000 ____D C:\WINDOWS\PCHEALTH
2015-11-18 14:42 - 2015-11-18 14:42 - 00000000 ____D C:\WINDOWS\cs
2015-11-18 14:42 - 2015-11-18 14:42 - 00000000 ____D C:\Program Files\Windows Live
2015-11-18 14:42 - 2015-11-18 14:42 - 00000000 ____D C:\Program Files (x86)\Windows Live
2015-11-18 14:42 - 2015-11-18 14:42 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-11-18 14:41 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2015-11-18 14:41 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2015-11-18 14:41 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2015-11-18 14:41 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2015-11-18 14:41 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2015-11-18 14:41 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2015-11-18 14:41 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
2015-11-18 14:41 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
2015-11-18 14:41 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
2015-11-18 14:41 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
2015-11-18 14:41 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
2015-11-18 14:41 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
2015-11-18 14:39 - 2015-11-18 23:27 - 00000000 ____D C:\Users\Alexandra\AppData\Local\Windows Live
2015-11-18 14:39 - 2015-11-18 14:39 - 01243336 _____ (společnost Microsoft Corporation) C:\Users\Alexandra\Downloads\wlsetup-web (1).exe
2015-11-18 14:38 - 2015-11-18 14:39 - 01243336 _____ (společnost Microsoft Corporation) C:\Users\Alexandra\Downloads\wlsetup-web.exe
2015-11-17 12:08 - 2015-11-17 12:08 - 00000000 ____D C:\ProgramData\EA Core
2015-11-15 16:03 - 2015-11-15 16:03 - 00000000 ____D C:\Users\Alexandra\AppData\Local\Microsoft Help
2015-11-10 20:08 - 2015-11-05 06:15 - 00541024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-11-10 20:08 - 2015-11-05 06:13 - 00577888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2015-11-10 20:08 - 2015-11-05 05:20 - 21873664 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-11-10 20:08 - 2015-11-05 05:18 - 24597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-11-10 20:08 - 2015-11-05 04:59 - 02675200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2015-11-10 20:08 - 2015-11-05 04:47 - 19326464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-11-10 20:08 - 2015-11-05 04:35 - 18803712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-11-10 20:08 - 2015-11-05 04:27 - 02049536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2015-11-10 20:08 - 2015-11-05 04:23 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2015-11-10 20:07 - 2015-11-05 06:15 - 08020832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-11-10 20:07 - 2015-11-05 06:14 - 00459104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-11-10 20:07 - 2015-11-05 06:11 - 01392480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-11-10 20:07 - 2015-11-05 06:06 - 03621248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-11-10 20:07 - 2015-11-05 06:06 - 00966416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-11-10 20:07 - 2015-11-05 06:01 - 00607408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-11-10 20:07 - 2015-11-05 05:56 - 01083072 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-11-10 20:07 - 2015-11-05 05:56 - 00116064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2015-11-10 20:07 - 2015-11-05 05:56 - 00025280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2015-11-10 20:07 - 2015-11-05 05:30 - 00961376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-11-10 20:07 - 2015-11-05 05:24 - 02878512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-11-10 20:07 - 2015-11-05 05:23 - 00762888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-11-10 20:07 - 2015-11-05 05:23 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2015-11-10 20:07 - 2015-11-05 05:18 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-11-10 20:07 - 2015-11-05 05:18 - 00539728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-11-10 20:07 - 2015-11-05 05:17 - 02418688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-11-10 20:07 - 2015-11-05 05:12 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2015-11-10 20:07 - 2015-11-05 05:11 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-11-10 20:07 - 2015-11-05 05:10 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-11-10 20:07 - 2015-11-05 05:10 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-11-10 20:07 - 2015-11-05 05:07 - 01068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-11-10 20:07 - 2015-11-05 05:06 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2015-11-10 20:07 - 2015-11-05 05:05 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-11-10 20:07 - 2015-11-05 05:05 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-11-10 20:07 - 2015-11-05 05:03 - 02180608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-11-10 20:07 - 2015-11-05 05:03 - 01015808 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-11-10 20:07 - 2015-11-05 05:01 - 00949760 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-11-10 20:07 - 2015-11-05 05:01 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-11-10 20:07 - 2015-11-05 05:01 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-11-10 20:07 - 2015-11-05 04:59 - 03587072 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-11-10 20:07 - 2015-11-05 04:58 - 01383936 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-11-10 20:07 - 2015-11-05 04:58 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-11-10 20:07 - 2015-11-05 04:56 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-11-10 20:07 - 2015-11-05 04:55 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2015-11-10 20:07 - 2015-11-05 04:54 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2015-11-10 20:07 - 2015-11-05 04:42 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-11-10 20:07 - 2015-11-05 04:40 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-11-10 20:07 - 2015-11-05 04:35 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-11-10 20:07 - 2015-11-05 04:34 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2015-11-10 20:07 - 2015-11-05 04:33 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-11-10 20:07 - 2015-11-05 04:33 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-11-10 20:07 - 2015-11-05 04:30 - 00767488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-11-10 20:07 - 2015-11-05 04:28 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-11-10 20:07 - 2015-11-05 04:27 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-11-08 20:51 - 2015-11-08 20:48 - 02918104 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2015-11-08 20:51 - 2015-11-08 20:48 - 02702552 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2015-11-08 20:51 - 2015-11-08 20:48 - 01413776 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll
2015-11-08 20:51 - 2015-11-08 20:48 - 01104040 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\slcnt64.dll
2015-11-08 20:51 - 2015-11-08 20:48 - 00943784 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll
2015-11-08 20:51 - 2015-11-08 20:48 - 00734376 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll
2015-11-08 20:51 - 2015-11-08 20:48 - 00518896 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2015-11-08 20:51 - 2015-11-08 20:48 - 00454288 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll
2015-11-08 20:51 - 2015-11-08 20:48 - 00375128 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2015-11-08 20:51 - 2015-11-08 20:48 - 00369296 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll
2015-11-08 20:51 - 2015-11-08 20:48 - 00331880 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2015-11-08 20:51 - 2015-11-08 20:48 - 00329360 _____ (Synopsys, Inc.) C:\WINDOWS\SysWOW64\SRCOM.dll
2015-11-08 20:51 - 2015-11-08 20:48 - 00329360 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll
2015-11-08 20:51 - 2015-11-08 20:48 - 00250536 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll
2015-11-08 20:51 - 2015-11-08 20:48 - 00155888 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2015-11-08 20:51 - 2015-11-08 20:48 - 00101208 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2015-11-08 20:50 - 2015-11-08 20:48 - 72113152 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2015-11-08 20:50 - 2015-11-08 20:48 - 02897741 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2015-11-08 20:50 - 2015-11-08 20:48 - 01748696 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2015-11-08 20:50 - 2015-11-08 20:48 - 01576976 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64APO.dll
2015-11-08 20:50 - 2015-11-08 20:48 - 01310936 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2015-11-08 20:50 - 2015-11-08 20:48 - 00631000 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2015-11-08 20:50 - 2015-11-08 20:48 - 00560328 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll
2015-11-08 20:50 - 2015-11-08 20:48 - 00310104 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2015-11-08 20:50 - 2015-11-08 20:48 - 00310104 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2015-11-08 20:50 - 2015-11-08 20:48 - 00204120 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2015-11-08 20:50 - 2015-11-08 20:48 - 00113576 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2015-11-08 20:50 - 2015-11-08 20:48 - 00108640 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll
2015-11-08 20:50 - 2015-11-08 20:48 - 00078680 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2015-10-30 20:11 - 2015-11-20 19:22 - 00000000 ___HD C:\$WINDOWS.~BT

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-22 23:11 - 2015-08-05 16:28 - 01951294 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-11-22 23:11 - 2015-07-10 17:02 - 00808930 _____ C:\WINDOWS\system32\perfh005.dat
2015-11-22 23:11 - 2015-07-10 17:02 - 00181640 _____ C:\WINDOWS\system32\perfc005.dat
2015-11-22 23:08 - 2014-08-12 17:08 - 00000000 ____D C:\Users\Alexandra\Documents\Youcam
2015-11-22 23:07 - 2014-08-12 17:55 - 00000000 ____D C:\Users\Alexandra\AppData\Roaming\Skype
2015-11-22 23:07 - 2014-08-12 17:18 - 00000982 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-22 23:07 - 2014-08-12 17:09 - 00000000 __RDO C:\Users\Alexandra\OneDrive
2015-11-22 23:05 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-22 23:05 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-11-22 23:05 - 2015-07-10 10:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-11-22 23:05 - 2014-05-12 19:42 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2015-11-22 22:59 - 2014-08-12 17:18 - 00000986 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-22 21:25 - 2014-08-12 17:14 - 00004214 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{F1255ECA-308B-43D9-9EE5-4E534D0276F7}
2015-11-22 15:27 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-11-20 23:18 - 2015-08-05 17:10 - 00000000 ____D C:\Users\Alexandra\AppData\Local\Comms
2015-11-20 19:28 - 2015-08-05 17:22 - 00000000 ___DC C:\WINDOWS\Panther
2015-11-20 18:47 - 2014-08-12 17:07 - 00000000 ____D C:\Users\Alexandra\AppData\Local\VirtualStore
2015-11-20 17:55 - 2015-07-10 13:20 - 00358520 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-11-20 17:51 - 2015-05-03 20:37 - 00000000 ____D C:\Users\Alexandra\Tracing
2015-11-20 15:46 - 2014-08-12 17:42 - 00000000 ____D C:\ProgramData\Oracle
2015-11-20 15:45 - 2015-08-05 16:29 - 00000000 ____D C:\Users\Alexandra
2015-11-20 15:45 - 2015-05-27 20:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-11-20 15:45 - 2015-05-27 20:34 - 00000000 ____D C:\Program Files (x86)\Java
2015-11-20 15:44 - 2015-05-27 20:35 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-11-20 15:33 - 2015-09-30 20:53 - 00000374 _____ C:\WINDOWS\Tasks\HPCeeScheduleForAlexandra.job
2015-11-20 15:24 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-11-19 20:44 - 2015-07-10 12:04 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-11-18 23:28 - 2014-08-13 20:52 - 00000052 _____ C:\WINDOWS\SysWOW64\DOErrors.log
2015-11-13 16:37 - 2015-09-30 20:53 - 00003282 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForAlexandra
2015-11-11 20:41 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\rescache
2015-11-11 03:30 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-11-10 21:01 - 2015-07-10 11:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-11-10 21:00 - 2014-08-25 11:33 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-11-10 20:55 - 2014-08-25 11:33 - 145617392 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-11-08 20:51 - 2015-08-05 16:27 - 00005680 _____ C:\WINDOWS\system32\Drivers\rtkhdasetting.zip
2015-11-08 20:51 - 2015-08-05 16:26 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2015-11-08 20:51 - 2014-05-12 19:36 - 00000000 ___HD C:\Program Files (x86)\Temp
2015-11-08 20:48 - 2015-06-24 21:59 - 03234520 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2015-11-08 20:48 - 2015-06-24 21:59 - 02931416 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2015-11-08 20:48 - 2015-06-24 21:59 - 00184688 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2015-11-08 20:48 - 2015-06-24 21:57 - 04506840 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2015-11-08 20:48 - 2015-06-24 21:57 - 00014952 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2015-11-08 20:48 - 2014-05-12 19:36 - 02825944 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RtlExUpd.dll
2015-11-08 20:48 - 2014-04-01 02:07 - 00000000 ____D C:\SWSetup
2015-11-08 17:37 - 2014-08-12 17:40 - 01059656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2015-11-08 17:37 - 2014-08-12 17:40 - 00449992 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2015-11-03 19:20 - 2015-10-02 02:33 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-11-03 19:20 - 2015-10-02 02:33 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-03 16:33 - 2014-08-12 17:55 - 00000000 ____D C:\ProgramData\Skype
2015-11-02 20:54 - 2015-08-05 17:20 - 00002424 _____ C:\Users\Alexandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-11-01 20:32 - 2014-08-12 17:27 - 00000000 ____D C:\Program Files\Microsoft Office 15

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-11-14 17:52

==================== End of FRST.txt ============================

Spectra · Příspěvekod **Spectra** » 22 lis 2015 23:21

FRST Log č.2 - Addition.txt:

Additional scan result of Farbar Recovery Scan Tool (x64) Version:22-11-2015
Ran by Alexandra (2015-11-22 23:12:55)
Running from C:\Users\Alexandra\Desktop
Windows 10 Home (X64) (2015-08-05 16:09:22)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-1116921555-2049245244-3931339454-500 - Administrator - Disabled)
Alexandra (S-1-5-21-1116921555-2049245244-3931339454-1002 - Administrator - Enabled) => C:\Users\Alexandra
DefaultAccount (S-1-5-21-1116921555-2049245244-3931339454-503 - Limited - Disabled)
Guest (S-1-5-21-1116921555-2049245244-3931339454-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
AMD Catalyst Install Manager (HKLM\...\{0B448829-3672-18EA-4117-C1240D4CF140}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Apple Mobile Device Support (HKLM\...\{5ED7462B-EF58-4757-B609-53755021EC34}) (Version: 8.1.0.18 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avast Pro Antivirus (HKLM-x32\...\Avast) (Version: 10.3.2225 - AVAST Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.11 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.6.3728 - CyberLink Corp.)
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.4.4824 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.6.3821 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.6.3906 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3.3709 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.3.3907 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
Evernote v. 5.2 (HKLM-x32\...\{412F6426-A3C7-11E3-8A71-00163E98E7D6}) (Version: 5.2.0.2951 - Evernote Corp.)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.86 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM-x32\...\{F90A86C9-7779-47DD-AC06-8EE832C55F55}) (Version: 6.0.18.1 - Hewlett-Packard Company)
HP Color LaserJet Pro MFP M177 (HKLM-x32\...\{78461e2a-5016-4b73-967b-20581efe6a2e}) (Version: 8.0.13295.967 - Hewlett-Packard)
HP Documentation (HKLM-x32\...\{082B1425-0F24-43FA-9B64-E8F617B0AD3B}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7493.4758 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.08 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{8C696B4B-6AB1-44BC-9416-96EAC474CABE}) (Version: 7.5.2.12 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{8B4EE87E-6D40-4C91-B5E8-0DC77DC412F1}) (Version: 1.4.1 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.002.004 - Hewlett-Packard)
HP Utility Center (HKLM\...\{B7B82520-8ECE-4743-BFD7-93B16C64B277}) (Version: 2.4.2 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
hpbDSService (x32 Version: 002.002.07399 - Hewlett-Packard) Hidden
hpbM177DSService (x32 Version: 001.001.08254 - Hewlett-Packard) Hidden
HPCLJProMFPM177 (HKLM-x32\...\{1120F88C-2B16-43F6-86FC-E9A42A999217}) (Version: 0.00.0001 - Hewlett-Packard)
HPDXP (x32 Version: 3.0.26.39 - HP) Hidden
HPLJDXPHelper (x32 Version: 060.048.005 - HP) Hidden
HPLJUTCore (x32 Version: 008.000.0001 - HP) Hidden
HPLJUTM177 (x32 Version: 008.000.0001 - HP) Hidden
hppLaserJetService (x32 Version: 009.033.00905 - Hewlett-Packard) Hidden
hppM176LaserJetService (x32 Version: 001.032.00682 - Hewlett-Packard) Hidden
hpStatusAlerts (x32 Version: 080.040.00171 - Hewlett Packard) Hidden
hpStatusAlertsM177 (x32 Version: 080.046.00111 - Hewlett-Packard) Hidden
Inst5675 (Version: 8.01.08 - Softex Inc.) Hidden
Inst5676 (Version: 8.01.08 - Softex Inc.) Hidden
iTunes (HKLM\...\{7B8D4E8A-EA2B-4A71-BFEB-A4AAAB87C5D0}) (Version: 12.1.0.71 - Apple Inc.)
Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Kolekce The Sims™ 3 Styl 70., 80. a 90. let (HKLM-x32\...\{E1868CAE-E3B9-4099-8C18-AA8944D336FD}) (Version: 17.0.77 - Electronic Arts)
LJDXPHelperUI (x32 Version: 060.048.005 - HP) Hidden
Malwarebytes Anti-Malware verze 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft Office 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 15.0.4763.1003 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 42.0 (x86 cs) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 cs)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0 - Mozilla)
OEM Application Profile (HKLM-x32\...\{315F1A48-D883-B234-7C79-15873574ACC1}) (Version: 1.00.0000 - Název společnosti:)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4763.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4763.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4763.1003 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.1.15.109 - Electronic Arts, Inc.)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{2FE00055-C4F3-4F7A-AEDD-E198D54CF12F}) (Version: 3.1.1 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{28791292-D18D-42FA-AE66-3D3D20AA8618}) (Version: 3.1.1 - Apple Inc.)
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 1.0.0.6 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.29075 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7548 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.00.13.1216 - REALTEK Semiconductor Corp.)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation)
Skype™ 7.13 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.13.101 - Skype Technologies S.A.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics ClickPad Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.95 - Synaptics Incorporated)
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.54.95 - Electronic Arts)
The Sims™ 3 Cestovní horečka (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.0.86 - Electronic Arts)
The Sims™ 3 Diesel Kolekce (HKLM-x32\...\{1C9B6173-6DC9-4EEE-9EFC-6BA115CFBE43}) (Version: 14.0.48 - Electronic Arts)
The Sims™ 3 Domácí mazlíčci (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
The Sims™ 3 Hrátky osudu (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)
The Sims™ 3 Luxusní bydlení – Kolekce (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.0.38 - Electronic Arts)
The Sims™ 3 Obludárium (HKLM-x32\...\{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}) (Version: 15.0.135 - Electronic Arts)
The Sims™ 3 Roční období (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
The Sims™ 3 Po setmění (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.0.81 - Electronic Arts)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1116921555-2049245244-3931339454-1002_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Alexandra\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileCoAuth.exe (Microsoft Corporation)

==================== Restore Points =========================

08-11-2015 19:51:47 HPSF Applying updates
16-11-2015 21:15:25 Naplánovaný kontrolní bod
18-11-2015 14:39:59 Windows Live Essentials
18-11-2015 14:40:50 Nainstalováno rozhraní DirectX
22-11-2015 11:48:18 zoek.exe restore point

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2015-11-22 11:55 - 00000753 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {2E0AD62C-9A48-4649-AF5B-ABBEBB0EFE03} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe [2013-01-28] (Hewlett Packard)
Task: {305B0DE4-DFAB-49F8-B4AE-29E68DB80BC6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-01-13] (Hewlett-Packard Company)
Task: {3E85BA56-F6FB-4F7E-94B4-BEFAC25BD8D2} - System32\Tasks\Synology Data Replicator 3-MicrosoftAccount-Alexandra => C:\Program Files (x86)\Synology Data Replicator 3\Backup.exe
Task: {4290F34F-1683-4637-B1B7-A6B4892475E1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis Install => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-01-13] (Hewlett-Packard Company)
Task: {4817CB4D-1547-49C6-A593-0258B72688E9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-01-13] (Hewlett-Packard Company)
Task: {4DC7B6C5-D826-4F85-9759-CD75859A76A2} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-07] (Microsoft Corporation)
Task: {509F5AEC-0BAC-4B18-BE25-4890118B32A1} - System32\Tasks\HPCeeScheduleForAlexandra => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {60721E46-E36D-4151-A6B4-76B4AAF034AE} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-11-10] (Microsoft Corporation)
Task: {6EBC2208-72FE-4914-8470-4481FE220779} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-07] (Microsoft Corporation)
Task: {91984D06-D4C7-4151-A964-888FCA2A56B1} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-11-01] (Microsoft Corporation)
Task: {919DEEAA-11D0-4462-9563-6E6F17BECF42} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-08-05] (AVAST Software)
Task: {95EB7AEE-ADF7-4C16-9C73-BADCB122746A} - System32\Tasks\{A9B0091A-9894-4149-8FAF-64E51B7B0793} => c:\windows\system32\launchwinapp.exe [2015-07-10] (Microsoft Corporation)
Task: {A9F7064F-D97C-4752-8B9D-30412B9121F4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {AE85FC90-2408-4E41-B103-C676514986EB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {B112CBDA-7222-4771-8D57-0289DFE13864} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-10-19] (Piriform Ltd)
Task: {C9BAF8D3-77A3-46EC-B263-D23FB0583C1B} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [2014-03-07] (CyberLink Corp.)
Task: {CF726998-10B1-4E77-AEB1-65417F3CC631} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {DE4B616D-7F00-488F-AF90-C78C0106C9CA} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {E5C73388-5F22-44A6-BD55-335386BEFEA2} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2013-11-01] (Hewlett-Packard Development Company, L.P.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForAlexandra.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\Synology Data Replicator 3-MicrosoftAccount-Alexandra.job => C:\Program Files (x86)\Synology Data Replicator 3\Backup.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-08-05 17:13 - 2015-08-05 17:13 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2014-03-01 17:38 - 2014-03-01 17:38 - 02110464 _____ () C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll
2014-03-01 17:34 - 2014-03-01 17:34 - 00021504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll
2014-03-01 17:34 - 2014-03-01 17:34 - 00035328 _____ () C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll
2014-03-01 17:34 - 2014-03-01 17:34 - 00055296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll
2014-03-01 17:52 - 2014-03-01 17:52 - 00367504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll
2014-03-01 17:52 - 2014-03-01 17:52 - 00712592 _____ () C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll
2014-04-06 21:38 - 2014-04-06 21:38 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2014-05-12 19:39 - 2014-03-05 17:09 - 00088064 _____ () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
2015-08-19 18:23 - 2015-08-11 10:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-01-20 22:35 - 2015-01-20 22:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 22:35 - 2015-01-20 22:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-08-12 17:27 - 2015-10-07 19:28 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-10-01 18:40 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-01 18:40 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-10-01 18:39 - 2015-09-17 06:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-10-01 18:40 - 2015-09-17 06:44 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-10-01 18:39 - 2015-09-17 06:42 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-10-01 18:39 - 2015-09-17 06:42 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-01 18:40 - 2015-09-17 06:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2014-03-01 17:41 - 2014-03-01 17:41 - 00065024 _____ () C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
2015-10-19 21:00 - 2015-10-19 21:00 - 00047104 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2015-08-05 17:37 - 2015-08-05 17:37 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-08-05 17:37 - 2015-08-05 17:37 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-11-22 22:33 - 2015-11-22 22:33 - 02994176 _____ () C:\Program Files\AVAST Software\Avast\defs\15112201\algo.dll
2015-07-21 19:35 - 2015-07-21 19:35 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-11-15 12:08 - 2014-11-15 12:08 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll
2014-11-15 11:59 - 2014-11-15 11:59 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\AppVIsvStream32.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1116921555-2049245244-3931339454-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Alexandra\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\na fb 2.png
DNS Servers: 10.0.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{B285EF58-7960-4447-AE18-2943429AEEFA}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{6A719888-3717-41C7-9189-302F71BC4B1A}] => (Allow) C:\Program Files (x86)\HP\HP Color LaserJet Pro MFP M177\bin\FaxApplications.exe
FirewallRules: [{C10132A2-E9EC-4F90-B23A-16B41D683CF0}] => (Allow) C:\Program Files\HP\HP Color LaserJet Pro MFP M177\bin\FaxPrinterUtility.exe
FirewallRules: [{764C9F99-A7E0-495B-9854-F6F4B7946656}] => (Allow) C:\Program Files\HP\HP Color LaserJet Pro MFP M177\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{424CD2B8-FC1F-4EE1-8ED0-0DA5BCEAA31A}] => (Allow) C:\Program Files (x86)\HP\HP Color LaserJet Pro MFP M177\bin\EWSProxy.exe
FirewallRules: [{BD12E9BC-8EDC-4B28-88A8-9291CB412692}] => (Allow) C:\Program Files (x86)\HP\HP Color LaserJet Pro MFP M177\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{5756AD61-5B84-462E-9615-532684E8DC6E}] => (Allow) C:\Program Files\HP\HP Color LaserJet Pro MFP M177\bin\SendAFax.exe
FirewallRules: [UDP Query User{14238E9D-5551-404F-A720-607C86EC320D}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{C00EA23B-D55D-4D30-A38C-F3BE714D1792}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{913E77BA-DCD7-401E-BAC0-D75A9B05936A}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{CAF051F7-2F5A-4F65-979C-E84BBFC6286A}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{C1E69D67-6D63-40E8-B4D3-927625532368}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{27990D93-5771-4907-B353-85E79B091F8F}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{73B75352-68B2-4F6C-B0A4-3F89EDC686FA}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{F3A2F6BD-C89B-48A2-B449-2146BD177387}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{0DB0B98D-5096-4756-96F9-A33E333E11F7}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{B653CD34-CEC1-42E3-BA80-564AB2F37A06}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{88041676-10AF-4D1A-8B69-B64C5E9F73A8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{86852D8F-DCA9-4F17-8D94-DE9CDA2A187D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{06EFCB76-3D85-4DC2-957B-F668F13A21EC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{41A7C19C-4BE3-4125-8D90-3EA79AA790FC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{BD4FC065-8E1B-4421-AD77-2249D62C165B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{86BC15A3-31BC-45F7-B61C-CED8D6667267}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{400B75DE-447F-4B68-9CB8-5181DCB917B9}] => (Allow) LPort=2869
FirewallRules: [{C9615EDA-D251-49A4-8DD7-1E7E850401FF}] => (Allow) LPort=1900
FirewallRules: [{100D60B8-8454-42C8-94EB-07C8E1E13845}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{A3995851-1527-4F16-B174-1D92F76665C3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{87ABBBE8-7404-4315-8F09-99C88A357A64}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (11/22/2015 11:48:30 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (11/22/2015 11:04:30 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: backgroundTaskHost.exe, verze: 10.0.10240.16384, časové razítko: 0x559f38c5
Název chybujícího modulu: twinapi.appcore.dll, verze: 10.0.10240.16590, časové razítko: 0x563ad512
Kód výjimky: 0xc000027b
Posun chyby: 0x000000000006646f
ID chybujícího procesu: 0x214c
Čas spuštění chybující aplikace: 0xbackgroundTaskHost.exe0
Cesta k chybující aplikaci: backgroundTaskHost.exe1
Cesta k chybujícímu modulu: backgroundTaskHost.exe2
ID zprávy: backgroundTaskHost.exe3
Úplný název chybujícího balíčku: backgroundTaskHost.exe4
ID aplikace související s chybujícím balíčkem: backgroundTaskHost.exe5

Error: (11/22/2015 10:59:25 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: backgroundTaskHost.exe, verze: 10.0.10240.16384, časové razítko: 0x559f38c5
Název chybujícího modulu: twinapi.appcore.dll, verze: 10.0.10240.16590, časové razítko: 0x563ad512
Kód výjimky: 0xc000027b
Posun chyby: 0x000000000006646f
ID chybujícího procesu: 0xd58
Čas spuštění chybující aplikace: 0xbackgroundTaskHost.exe0
Cesta k chybující aplikaci: backgroundTaskHost.exe1
Cesta k chybujícímu modulu: backgroundTaskHost.exe2
ID zprávy: backgroundTaskHost.exe3
Úplný název chybujícího balíčku: backgroundTaskHost.exe4
ID aplikace související s chybujícím balíčkem: backgroundTaskHost.exe5

Error: (11/22/2015 10:53:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: backgroundTaskHost.exe, verze: 10.0.10240.16384, časové razítko: 0x559f38c5
Název chybujícího modulu: twinapi.appcore.dll, verze: 10.0.10240.16590, časové razítko: 0x563ad512
Kód výjimky: 0xc000027b
Posun chyby: 0x000000000006646f
ID chybujícího procesu: 0x13dc
Čas spuštění chybující aplikace: 0xbackgroundTaskHost.exe0
Cesta k chybující aplikaci: backgroundTaskHost.exe1
Cesta k chybujícímu modulu: backgroundTaskHost.exe2
ID zprávy: backgroundTaskHost.exe3
Úplný název chybujícího balíčku: backgroundTaskHost.exe4
ID aplikace související s chybujícím balíčkem: backgroundTaskHost.exe5

Error: (11/21/2015 04:20:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: backgroundTaskHost.exe, verze: 10.0.10240.16384, časové razítko: 0x559f38c5
Název chybujícího modulu: twinapi.appcore.dll, verze: 10.0.10240.16590, časové razítko: 0x563ad512
Kód výjimky: 0xc000027b
Posun chyby: 0x000000000006646f
ID chybujícího procesu: 0xa64
Čas spuštění chybující aplikace: 0xbackgroundTaskHost.exe0
Cesta k chybující aplikaci: backgroundTaskHost.exe1
Cesta k chybujícímu modulu: backgroundTaskHost.exe2
ID zprávy: backgroundTaskHost.exe3
Úplný název chybujícího balíčku: backgroundTaskHost.exe4
ID aplikace související s chybujícím balíčkem: backgroundTaskHost.exe5

Error: (11/21/2015 03:39:05 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PAVILION_NTB)
Description: Aplikaci Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (11/20/2015 08:07:37 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (6460) Nový soubor protokolu se nedá vytvořit, protože databáze nemůže zapisovat na jednotku protokolu. Jednotka může být jen pro čtení, špatně nakonfigurovaná nebo poškozená nebo na ní nemusí být dost místa. Chyba: -1032

Error: (11/20/2015 08:07:37 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (6460) Pokus o vytvoření souboru C:\WINDOWS\system32\edbtmp.log selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace vytvoření souboru selže a dojde k chybě -1032 (0xfffffbf8).

Error: (11/20/2015 08:07:27 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (6460) Nový soubor protokolu se nedá vytvořit, protože databáze nemůže zapisovat na jednotku protokolu. Jednotka může být jen pro čtení, špatně nakonfigurovaná nebo poškozená nebo na ní nemusí být dost místa. Chyba: -1032

Error: (11/20/2015 08:07:27 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (6460) Pokus o vytvoření souboru C:\WINDOWS\system32\edbtmp.log selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace vytvoření souboru selže a dojde k chybě -1032 (0xfffffbf8).

System errors:
=============
Error: (11/22/2015 11:09:37 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníAktivace{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici

Error: (11/22/2015 11:09:37 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníAktivace{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici

Error: (11/22/2015 11:09:36 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníAktivace{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici

Error: (11/22/2015 11:09:35 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníAktivace{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici

Error: (11/22/2015 11:09:35 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníAktivace{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici

Error: (11/22/2015 11:09:34 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníAktivace{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici

Error: (11/22/2015 11:09:34 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníAktivace{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici

Error: (11/22/2015 11:09:33 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníAktivace{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici

Error: (11/22/2015 11:09:32 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníAktivace{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici

Error: (11/22/2015 11:09:32 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníAktivace{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici

==================== Memory info ===========================

Processor: AMD A10-5745M APU with Radeon(tm) HD Graphics
Percentage of memory in use: 23%
Total physical RAM: 7365.39 MB
Available physical RAM: 5657.65 MB
Total Virtual: 8517.39 MB
Available Virtual: 6768.06 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:912.49 GB) (Free:711.63 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:17.16 GB) (Free:1.72 GB) NTFS ==>[system with boot components (obtained from drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 4A7B20AD)

Partition: GPT.

==================== End of Addition.txt ============================

Příspěvekod **jaro3** » 23 lis 2015 09:32

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CloseProcesses:
HKU\S-1-5-21-1116921555-2049245244-3931339454-1002\...\RunOnce: [Uninstall C:\Users\Alexandra\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Alexandra\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\amd64"
HKU\S-1-5-21-1116921555-2049245244-3931339454-1002\...\RunOnce: [Uninstall C:\Users\Alexandra\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Alexandra\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64"
HKU\S-1-5-21-1116921555-2049245244-3931339454-1002\...\RunOnce: [Uninstall C:\Users\Alexandra\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Alexandra\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64"
ShellIconOverlayIdentifiers: [01UnsuppModule] -> {AEB16659-2125-4ADA-A4AB-45EE21E86469} => No File
ShellIconOverlayIdentifiers: [02SyncingModule] -> {48AB5ADA-36B1-4137-99C9-2BD97F8788AB} => No File
ShellIconOverlayIdentifiers: [03SyncedModule] -> {472CE1AD-5D53-4BCF-A1FB-3982A5F55138} => No File
ShellIconOverlayIdentifiers: [04ReadOnlyModule] -> {A433C3E0-8B24-40EB-93C3-4B10D9959F58} => No File
2015-11-18 17:23 - 2015-11-18 17:23 - 00003164 _____ C:\WINDOWS\System32\Tasks\{A9B0091A-9894-4149-8FAF-64E51B7B0793}
2015-11-22 23:07 - 2014-08-12 17:18 - 00000982 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-22 22:59 - 2014-08-12 17:18 - 00000986 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
Task: {A9F7064F-D97C-4752-8B9D-30412B9121F4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {CF726998-10B1-4E77-AEB1-65417F3CC631} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt

Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

C:\Program Files (x86)\Temp --- podívej se , co je v té složce.

Stáhni si CrystalDiskInfo
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.

Spectra · Příspěvekod **Spectra** » 23 lis 2015 12:27

Moc děkuji za pomoc a podporu. Nicméně jsem se rozhodla, že NTB přeinstaluji. Nutně potřebuji přístup k datům na FCB, a to do školy.
Jsou tam rozvrhy, prezentace, obsah výuky atd.
Takže se omlouvám, ale přeinstalaci mám za 2 hodiny a tohle už řeším 3 dny.
Prosím uzavřete toto vlákno.
Děkuji

Spectra · Příspěvekod **Spectra** » 23 lis 2015 15:38

Tak po přeinstalaci na absolutně čistou instalaci W10 je problém pořád stejný.
Jen Firefox mi napsal toto:

Toto připojení není důvěryhodné

Požádali jste Firefox o zabezpečené připojení k serveru www.facebook.com, ale nelze ověřit, že tomu tak skutečně je.

Pokud je požadováno zabezpečené připojení, měl by server předložit důvěryhodnou identifikaci a tím prokázat, že se připojujete na správné místo. Nicméně, identita tohoto serveru nemohla být ověřena.
Co mám teď dělat?

Pokud se k tomuto serveru obvykle připojujete bez problému, může tato chyba znamenat, že se za tento server někdo snaží vydávat, a neměli byste pokračovat.

Tento server používá HTTP Strict Transport Security (HSTS) pro určení, zda se má Firefox připojovat pouze zabezpečeně. Z tohoto důvodu není možné přidat pro tento certifikát výjimku.

Při spojení s www.facebook.com nastala chyba, protože je používán neplatný bezpečnostní certifikát.

Certifikát není důvěryhodný, protože jeho vydavatel je neznámý.
Server patrně neposílá patřičné certifikáty zprostředkujících CA.
Může být potřeba naimportovat dodatečný kořenový certifikát.

(Kód chyby: sec_error_unknown_issuer)

Příspěvekod **Orcus** » 23 lis 2015 15:41

V tom případě to viry není. Doporučuji založit téma v jiné, odpovídající sekce. Zde můžeš uzavřít, protože není co řešit.

Ještě zkus zkontrolovat, jestli máš na PC správné datum a čas.

Prosim o kontrolu logu - nejde nacist Facebook Vyřešeno

Re: Prosim o kontrolu logu - nejde nacist Facebook

Re: Prosim o kontrolu logu - nejde nacist Facebook

Re: Prosim o kontrolu logu - nejde nacist Facebook

Re: Prosim o kontrolu logu - nejde nacist Facebook

Re: Prosim o kontrolu logu - nejde nacist Facebook

Re: Prosim o kontrolu logu - nejde nacist Facebook

Re: Prosim o kontrolu logu - nejde nacist Facebook

Re: Prosim o kontrolu logu - nejde nacist Facebook

Re: Prosim o kontrolu logu - nejde nacist Facebook

Re: Prosim o kontrolu logu - nejde nacist Facebook

Re: Prosim o kontrolu logu - nejde nacist Facebook Vyřešeno

Kdo je online