Kontrola logu - velmi zpomalený notebook

Nitram3 · Příspěvekod **Nitram3** » 05 led 2016 15:20

Dobrý den, prosím o preventivní kontrolu logu z HJT. Notebook se z ničeho nic velmi zpomalil, dlouho se zapíná a někdy se s ním vůbec nedá pracovat. Myslel jsem, že jde o vadný HDD, ale kontrola disku nehlásí žádný problém. Ani antivirus nic neobjevil, tak mě napadlo toto, jako poslední možnost. Děkuji

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:37:30, on 04.01.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10240.16603)
Boot mode: Normal

Running processes:
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\TeamViewer\TeamViewer.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\Juraj\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe
C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
C:\Users\Juraj\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Users\Juraj\AppData\Local\Programs\Google\MusicManager\MusicManager.exe
C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe
C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\HDD Health\hddhealth.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\HDD Health\hddhealth.exe
C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Juraj\Documents\GIGABYTE\GIGABYTE Sim\Mouse.exe
C:\Users\Juraj\AppData\Local\Pushbullet\bin\pushbullet_client.exe
C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Juraj\Downloads\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Advanced SystemCare Surfing Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPlugin_Protection.dll
O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
O4 - HKLM\..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [GIGABYTEMOUSE] C:\Users\Juraj\Documents\GIGABYTE\GIGABYTE Sim\Mouse.exe
O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
O4 - HKLM\..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKLM\..\Run: [IObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart
O4 - HKCU\..\Run: [Google Update] "C:\Users\Juraj\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Google Photos Backup] "C:\Users\Juraj\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe" /autostart
O4 - HKCU\..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Juraj\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [MusicManager] "C:\Users\Juraj\AppData\Local\Programs\Google\MusicManager\MusicManager.exe"
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [Pushbullet] "C:\Program Files (x86)\Pushbullet\pushbullet.exe" -show false
O4 - HKCU\..\Run: [Advanced SystemCare 9] "C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe" /Auto
O4 - HKCU\..\Run: [Unified Remote V3] "C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe"
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_DA1AC66AAEC15AF034F8035EC85E4FEE] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKCU\..\Run: [hddhealth] C:\Program Files (x86)\HDD Health\hddhealth.exe -wl
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Juraj\AppData\Local\Microsoft\OneDrive\17.3.5892.0626_1\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Juraj\AppData\Local\Microsoft\OneDrive\17.3.5892.0626_1\amd64"
O4 - HKCU\..\RunOnce: [Application Restart #2] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window --flag-switches-begin --enable-centered-app-list --enable-devtools-experiments --enable-extension-action-redesign --enable-md-settings --enable-pdf-material-ui --enable-tab-audio-muting --flag-switches-end --restore-last-session
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Global Startup: FancyStart daemon.lnk = ?
O4 - Global Startup: HDDHealth.lnk = C:\Program Files (x86)\HDD Health\hddhealth.exe
O8 - Extra context menu item: Volat toto číslo pomocí aplikace SideSync - res://C:\Program Files (x86)\Samsung\SideSync4\SideSyncContextMenu.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\WINDOWS\SysWOW64\nvinit.dll
O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 9 (AdvancedSystemCareService9) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HDDHealth - Unknown owner - C:\Program Files (x86)\HDD Health\HDDHealthService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\ngcsvc.dll,-100 (NgcSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: PDFProFiltSrvPP - Nuance Communications, Inc. - C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
O23 - Service: RemoteServerWin - Unified Intents AB - C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 16066 bytes

Reklama

Příspěvekod **jaro3** » 05 led 2016 16:52

Odinstaluj:
Advanced SystemCare

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.

Stáhni si TFC
http://www.geekstogo.com/forum/files/fi ... -oldtimer/
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni AdwCleaner (by Xplode)
http://www.bleepingcomputer.com/download/adwcleaner/

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu klikni na „Logfile“ ,objeví log ( jinak je uložen systémovem disku jako AdwCleaner[C?].txt), jeho obsah sem celý vlož.

Stáhni si Malwarebytes' Anti-Malware
- Při instalaci odeber zatržítko u „Povolit bezplatnou zkušební verzi Malwarebytes' Anti-Malware Premium“
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a klikni na Skenovat nyní a
- po proběhnutí programu se ti objeví hláška vpravo dole tak klikni na Kopírovat do schránky a vlož sem celý log.

- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).

Pokud budou problémy , spusť v nouz. režimu.

Nitram3 · Příspěvekod **Nitram3** » 06 led 2016 14:17

Děkuju, jenom než s tím začnu, mám dotaz. Proč musím mazat historii atd. z Firefoxu?

Nitram3 · Příspěvekod **Nitram3** » 06 led 2016 16:39

Tady jsou logy:

ADW:
# AdwCleaner v5.028 - Logfile created 06/01/2016 at 14:49:24
# Updated 04/01/2016 by Xplode
# Database : 2016-01-04.2 [Server]
# Operating system : Windows 10 Home (x64)
# Username : Juraj Havel - JURAJ-PC
# Running from : C:\Users\Juraj\Downloads\adwcleaner_5.028.exe
# Option : Scan
# Support : http://toolslib.net/forum

***** [ Services ] *****

***** [ Folders ] *****

Folder Found : C:\ProgramData\Babylon
Folder Found : C:\ProgramData\Partner
Folder Found : C:\Users\Juraj\AppData\Local\Babylon
Folder Found : C:\Users\Juraj\AppData\Roaming\Babylon

***** [ Files ] *****

File Found : C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_microsoft-visual-basic.en.softonic.com_0.localstorage
File Found : C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_visual-studio-2013.en.softonic.com_0.localstorage
File Found : C:\Users\Juraj\AppData\Roaming\Mozilla\Firefox\Profiles\14cdsg0w.default\user.js

***** [ DLL ] *****

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

***** [ Registry ] *****

Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10921475-03CE-4E04-90CE-E2E7EF20C814}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}

***** [ Web browsers ] *****

[C:\Users\Juraj\AppData\Roaming\Mozilla\Firefox\Profiles\14cdsg0w.default\prefs.js] [Preference] Found : user_pref("network.hxxp.request.max-start-delay", 0);

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1887 bytes] ##########

MBAM:
Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 06.01.2016
Čas skenování: 15:12
Protokol: antimalware log.txt
Správce: Ano

Verze: 2.2.0.1024
Databáze malwaru: v2016.01.06.03
Databáze rootkitů: v2016.01.05.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 10
CPU: x64
Souborový systém: NTFS
Uživatel: Juraj Havel

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 421863
Uplynulý čas: 47 min, 33 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 1
PUP.Optional.Delta.ShrtCln, C:\Users\Juraj\Downloads\Unlocker1.9.2.exe, , [f47786b0297065d1887932675ba5a55b],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)

(end)

Příspěvekod **jerabina** » 06 led 2016 17:48

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
klikni na „Prohledat-Scan“, po prohledání klikni na „ Vymazat-Clean“

Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [C?].txt) , jeho obsah sem celý vlož.

Spusť znovu MbAM a dej Skenovat nyní
- po proběhnutí programu se ti objeví hláška tak klikni na „Vše do karantény(smazat vybrané)“ a na „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a někam ho ulož. Zkopíruj se celý obsah toho logu.

Stáhni si Junkware Removal Tool by Thisisu

na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

Nitram3 · Příspěvekod **Nitram3** » 06 led 2016 21:37

Logy:

ADW:
# AdwCleaner v5.028 - Logfile created 06/01/2016 at 19:06:28
# Updated 04/01/2016 by Xplode
# Database : 2016-01-04.2 [Server]
# Operating system : Windows 10 Home (x64)
# Username : Juraj Havel - JURAJ-PC
# Running from : C:\Users\Juraj\Downloads\adwcleaner_5.028.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

***** [ Folders ] *****

[-] Folder Deleted : C:\ProgramData\Babylon
[-] Folder Deleted : C:\ProgramData\Partner
[-] Folder Deleted : C:\Users\Juraj\AppData\Local\Babylon
[-] Folder Deleted : C:\Users\Juraj\AppData\Roaming\Babylon

***** [ Files ] *****

[-] File Deleted : C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_microsoft-visual-basic.en.softonic.com_0.localstorage
[-] File Deleted : C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_visual-studio-2013.en.softonic.com_0.localstorage
[-] File Deleted : C:\Users\Juraj\AppData\Roaming\Mozilla\Firefox\Profiles\14cdsg0w.default\user.js

***** [ DLLs ] *****

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10921475-03CE-4E04-90CE-E2E7EF20C814}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}

***** [ Web browsers ] *****

[-] [C:\Users\Juraj\AppData\Roaming\Mozilla\Firefox\Profiles\14cdsg0w.default\prefs.js] [Preference] Deleted : user_pref("network.hxxp.request.max-start-delay", 0);

*************************

:: "Tracing" keys removed
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [2063 bytes] ##########:

MbAM:
Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 06.01.2016
Čas skenování: 19:16
Protokol: mbam log.txt
Správce: Ano

Verze: 2.2.0.1024
Databáze malwaru: v2016.01.06.04
Databáze rootkitů: v2016.01.05.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 10
CPU: x64
Souborový systém: NTFS
Uživatel: Juraj Havel

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 421864
Uplynulý čas: 48 min, 22 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 0
(Nenalezeny žádné škodlivé položky)

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)

(end)

JRT:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.1 (11.24.2015)
Operating System: Windows 10 Home x64
Ran by Juraj Havel (Administrator) on 06.01.2016 at 20:21:48,71
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

File System: 13

Successfully deleted: C:\ProgramData\iobit\driver booster (Folder)
Successfully deleted: C:\ProgramData\productdata (Folder)
Successfully deleted: C:\Users\Juraj\AppData\Local\{5E83632D-55AA-4DC7-8313-F8D83818E047} (Empty Folder)
Successfully deleted: C:\Users\Juraj\AppData\Local\{61366148-3CF5-4388-BD68-4AF7351F78AD} (Empty Folder)
Successfully deleted: C:\Users\Juraj\AppData\Local\{9C7C3164-9447-49EA-95B2-D0DFC261A3F4} (Empty Folder)
Successfully deleted: C:\Users\Juraj\AppData\Local\{F32FC698-707E-4926-83E4-551B930F56AF} (Empty Folder)
Successfully deleted: C:\Users\Juraj\AppData\Roaming\iobit\driver booster (Folder)
Successfully deleted: C:\Users\Juraj\AppData\Roaming\productdata (Folder)
Successfully deleted: C:\WINDOWS\system32\Tasks\Driver Booster Scheduler (Task)
Successfully deleted: C:\WINDOWS\system32\Tasks\Driver Booster SkipUAC (Juraj) (Task)
Successfully deleted: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Juraj.job (Task)
Successfully deleted: C:\Program Files (x86)\iobit\driver booster (Folder)
Successfully deleted: C:\WINDOWS\prefetch\DRIVERBOOSTER.EXE-51D78DCC.pf (File)

Deleted the following from C:\Users\Juraj\AppData\Roaming\Mozilla\Firefox\Profiles\14cdsg0w.default\prefs.js
user_pref(browser.urlbar.suggest.searches, true);

Registry: 1

Successfully deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_DA1AC66AAEC15AF034F8035EC85E4FEE (Registry Value)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 06.01.2016 at 20:33:13,47
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

RK:
˙ţR#o#g#u#e#K#i#l#l#e#r# #V#1#1#.#0#.#6#.#0# #(#x#6#4#)# #[#J#a#n# # #4# #2#0#1#6#]# #(#F#r#e#e#)# #b#y# #A#d#l#i#c#e# #S#o#f#t#w#a#r#e#\#M#i#c#r#o#s#o#f#t#\#W#i#n#d#o#w#s#\#R#e#c#e#n#t#\#S#t#a#?#e#n#é# #s#o#u#b#o#r#y# #(#3#)#.#l#n#k# #[#L#N#K#@#]# #C#:#\#U#s#e#r#s#\#J#u#r#a#j#\#D#o#w#n#l#o#a#d#s# #-#># #N#a#l#e#z#e#n#o#[#S#o#u#b#o#r#]# #C#:#\#U#s#e#r#s#\#J#u#r#a#j#\#D#o#w#n#l#o#a#d#s#\#g#o#o#g#l#e#d#r#i#v#e#s#y#n#c#.#e#x#e# #-#># #N#a#l#e#z#e#n#o#
#:# #U#n#k#n#o#w#n# #@# #0#x#b#d#0#3#f#c# #(#j#m#p# #0#x#8#9#c#3#6#5#a#c#|#j#m#p# #0#x#7#0#b#6#d#3#3#4#)#n#a#m#.#c#z#"#)#;# #-#># #N#a#l#e#z#e#n#o#

Příspěvekod **Orcus** » 06 led 2016 22:47

Log z RK je pokažený, udělej znovu celý sken.

Nitram3 · Příspěvekod **Nitram3** » 07 led 2016 15:34

Tady je ten log z RK:
RogueKiller V11.0.6.0 (x64) [Jan 4 2016] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/software/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 10 (10.0.10240) 64 bits version
Spuštěno : Normální režim
Uživatel : Juraj Havel [Práva správce]
Started from : C:\Users\Juraj\Desktop\RogueKillerX64.exe
Mód : Prohledat -- Datum : 01/07/2016 15:27:54

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 6 ¤¤¤
[PUP] (X64) HKEY_LOCAL_MACHINE\Software\Partner -> Nalezeno
[Hidden.From.SCM] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\fsmfu (System32\drivers\nporclu.sys) -> Nalezeno
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-1004667532-806584802-2637913605-1002\Software\Microsoft\Internet Explorer\Main | Start Page : http://asus.msn.com -> Nalezeno
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-1004667532-806584802-2637913605-1002\Software\Microsoft\Internet Explorer\Main | Start Page : http://asus.msn.com -> Nalezeno
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-1004667532-806584802-2637913605-1002\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://asus.msn.com -> Nalezeno
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-1004667532-806584802-2637913605-1002\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://asus.msn.com -> Nalezeno

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 20 ¤¤¤
[Suspicious.Path][Soubor] C:\Users\Juraj\AppData\Roaming\Microsoft\Windows\Recent\Plocha.lnk [LNK@] C:\Users\Juraj\Desktop -> Nalezeno
[Suspicious.Path][Soubor] C:\Users\Juraj\AppData\Roaming\Microsoft\Windows\Recent\Sta?ené soubory (2).lnk [LNK@] C:\Users\Juraj\Downloads -> Nalezeno
[Suspicious.Path][Soubor] C:\Users\Juraj\AppData\Roaming\Microsoft\Windows\Recent\Sta?ené soubory (3).lnk [LNK@] C:\Users\Juraj\Downloads -> Nalezeno
[Suspicious.Path][Soubor] C:\Users\Juraj\AppData\Roaming\Microsoft\Windows\Recent\Sta?ené soubory.lnk [LNK@] C:\Users\Juraj\Downloads -> Nalezeno
[Suspicious.Path][Soubor] C:\Users\Juraj\AppData\Roaming\Microsoft\Windows\Recent\Videa (2).lnk [LNK@] C:\Users\Juraj\Videos -> Nalezeno
[Suspicious.Path][Soubor] C:\Users\Juraj\AppData\Roaming\Microsoft\Windows\SendTo\Dropbox.lnk [LNK@] C:\Users\Juraj\Dropbox -> Nalezeno
[Suspicious.Startup|VT.Unknown][Soubor] C:\Users\Juraj\Desktop\Downloads\android-studio-bundle-135.1740770-windows (1).exe -> Nalezeno
[Suspicious.Startup|VT.Unknown][Soubor] C:\Users\Juraj\Desktop\Downloads\android-studio-bundle-135.1740770-windows.exe -> Nalezeno
[Suspicious.Startup|VT.TrojanDropper.Agent.g8][Soubor] C:\Users\Juraj\Desktop\Downloads\duplicate-file-finder-setup (1).exe -> Nalezeno
[Suspicious.Startup|VT.Unknown][Soubor] C:\Users\Juraj\Desktop\Downloads\pomocny.bat -> Nalezeno
[Suspicious.Startup|VT.Unknown][Soubor] C:\Users\Juraj\Desktop\Downloads\win32.bat -> Nalezeno
[Suspicious.Startup|VT.Unknown][Soubor] C:\Users\Juraj\Desktop\Downloads\win64.bat -> Nalezeno
[Suspicious.Startup|VT.Unknown][Soubor] C:\Users\Juraj\Downloads\353.06-notebook-win8-win7-64bit-international-whql.exe -> Nalezeno
[Suspicious.Startup|VT.Unknown][Soubor] C:\Users\Juraj\Downloads\Firefox Setup 40.0.exe -> Nalezeno
[Suspicious.Path][Soubor] C:\Users\Juraj\Links\Desktop.lnk [LNK@] C:\Users\Juraj\Desktop -> Nalezeno
[Suspicious.Path][Soubor] C:\Users\Juraj\Links\Disk Google.lnk [LNK@] C:\Users\Juraj\Disk Google -> Nalezeno
[Suspicious.Path][Soubor] C:\Users\Juraj\Links\Downloads.lnk [LNK@] C:\Users\Juraj\Downloads -> Nalezeno
[Suspicious.Path][Soubor] C:\Users\Juraj\Links\Dropbox.lnk [LNK@] C:\Users\Juraj\Dropbox -> Nalezeno
[PUP][Složka] C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} -> Nalezeno
[PUP][Složka] C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98} -> Nalezeno

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 13 (Driver: Nahrán) ¤¤¤
[IAT:Inl(Hook.IEAT)] (chrome.exe @ kernel32.dll) ntdll!LdrUnloadDll : Unknown @ 0xc503fc (jmp 0x89cb65ac|jmp 0x6937d334)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ kernel32.dll) ntdll!LdrUnloadDll : Unknown @ 0xaf03fc (jmp 0x89b565ac|jmp 0x694dd334)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ kernel32.dll) ntdll!LdrUnloadDll : Unknown @ 0xf303fc (jmp 0x89f965ac|jmp 0x6909d334)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ kernel32.dll) ntdll!LdrUnloadDll : Unknown @ 0x4203fc (jmp 0x894865ac|jmp 0x69bad334)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ kernel32.dll) ntdll!LdrUnloadDll : Unknown @ 0xe003fc (jmp 0x89e665ac|jmp 0x691cd334)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ kernel32.dll) ntdll!LdrUnloadDll : Unknown @ 0xce03fc (jmp 0x89d465ac|jmp 0x692ed334)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ kernel32.dll) ntdll!LdrUnloadDll : Unknown @ 0xd703fc (jmp 0x89dd65ac|jmp 0x6925d334)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ kernel32.dll) ntdll!LdrUnloadDll : Unknown @ 0xb403fc (jmp 0x89ba65ac|jmp 0x6948d334)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ kernel32.dll) ntdll!LdrUnloadDll : Unknown @ 0xbc03fc (jmp 0x89c265ac|jmp 0x6940d334)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ kernel32.dll) ntdll!LdrUnloadDll : Unknown @ 0x10c03fc (jmp 0x8a1265ac|jmp 0x68f0d334)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ kernel32.dll) ntdll!LdrUnloadDll : Unknown @ 0x2903fc (jmp 0x892f65ac|jmp 0x69d3d334)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ kernel32.dll) ntdll!LdrUnloadDll : Unknown @ 0xc503fc (jmp 0x89cb65ac|jmp 0x6937d334)
[IAT:Inl(Hook.IEAT)] (chrome.exe @ kernel32.dll) ntdll!LdrUnloadDll : Unknown @ 0xfa03fc (jmp 0x8a0065ac|jmp 0x6902d334)

¤¤¤ Webové prohlížeče : 1 ¤¤¤
[PUM.HomePage][FIREFX:Config] 14cdsg0w.default : user_pref("browser.startup.homepage", "seznam.cz"); -> Nalezeno

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: Hitachi HTS547575A9E384 +++++
--- User ---
[MBR] 91b64eb842a783a33e12e2e8b7b786c8
[BSP] baa58400c4105655dd5a43eaed9ccc63 : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0x1c) [HIDDEN!] Offset (sectors): 2048 | Size: 25600 MB
1 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 52430848 | Size: 300062 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 666957824 | Size: 389740 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

Ještě mi psal, že tam našel nějaké IAT/EAT hook. Co to je?

Příspěvekod **Orcus** » 07 led 2016 22:44

Jedná se o navázání knihoven Google Chromu na jádro.
http://www.adlice.com/iat-hooks/

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.
Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "
- V záložkách (Registry , Tasks , Web Browser apod.) vše zatrhni (dej zatržítka).
- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje " Mazání dokončeno "
- Klikni na "Zpráva" a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

====================================================

Stáhni
Zoek.exe

a ulož si ho na plochu.
Zavři všechny ostatní programy, okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
- pozor, náběh programu může trvat déle.

Do okna programu vlož skript níže:

Kód: Vybrat vše

autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;

Klikni na Run Script
Program provede sken, opravu, sken i oprava může trvat i více minut, je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .

Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů, jinak se sám ukládá do:
C:\zoek-results.log
Zkopíruj sem celý obsah toho logu.

====================================================

Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

Nitram3 · Příspěvekod **Nitram3** » 09 led 2016 21:41

Tady jsou logy:
Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by Juraj Havel on 09.01.2016 at 12:47:24,31.
Microsoft Windows 10 Home 10.0.10240 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Juraj\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

09.01.2016 12:52:14 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\Cisco deleted successfully
C:\Program Files\Google deleted successfully
C:\Program Files\Common Files\Intel deleted successfully
C:\Users\DefaultAppPool\AppData\LocalLow deleted successfully
C:\Users\Juraj\AppData\Local\Axialis deleted successfully
C:\Users\Juraj\AppData\Local\NetworkTiles deleted successfully
C:\Users\Juraj\AppData\Local\PackageStaging deleted successfully
C:\Users\Juraj\AppData\Local\Skype deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1004667532-806584802-2637913605-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8DCB7100-DF86-4384-8842-8FA844297B3F} deleted successfully
HKEY_USERS\S-1-5-21-1004667532-806584802-2637913605-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{8DCB7100-DF86-4384-8842-8FA844297B3F} deleted successfully
HKEY_USERS\S-1-5-21-1004667532-806584802-2637913605-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1CA1377B-DC1D-4A52-9585-6E06050FAC53} deleted successfully
HKEY_USERS\S-1-5-21-1004667532-806584802-2637913605-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{1CA1377B-DC1D-4A52-9585-6E06050FAC53} deleted successfully
HKEY_USERS\S-1-5-21-1004667532-806584802-2637913605-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully
HKEY_USERS\S-1-5-21-1004667532-806584802-2637913605-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully
HKEY_USERS\S-1-5-21-1004667532-806584802-2637913605-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} deleted successfully
HKEY_USERS\S-1-5-21-1004667532-806584802-2637913605-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} deleted successfully
HKEY_USERS\S-1-5-21-1004667532-806584802-2637913605-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{D2CE3E00-F94A-4740-988E-03DC2F38C34F} deleted successfully
HKEY_USERS\S-1-5-21-1004667532-806584802-2637913605-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{D2CE3E00-F94A-4740-988E-03DC2F38C34F} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{8DCB7100-DF86-4384-8842-8FA844297B3F} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{8DCB7100-DF86-4384-8842-8FA844297B3F} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{D2CE3E00-F94A-4740-988E-03DC2F38C34F} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{D2CE3E00-F94A-4740-988E-03DC2F38C34F} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-1004667532-806584802-2637913605-1002\SOFTWARE\Microsoft\Internet Explorer\Approved Extensions\{8DCB7100-DF86-4384-8842-8FA844297B3F} deleted successfully
HKEY_USERS\S-1-5-21-1004667532-806584802-2637913605-1002\SOFTWARE\Microsoft\Internet Explorer\Approved Extensions\{1CA1377B-DC1D-4A52-9585-6E06050FAC53} deleted successfully
HKEY_USERS\S-1-5-21-1004667532-806584802-2637913605-1002\SOFTWARE\Microsoft\Internet Explorer\Approved Extensions\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully
HKEY_USERS\S-1-5-21-1004667532-806584802-2637913605-1002\SOFTWARE\Microsoft\Internet Explorer\Approved Extensions\{BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} deleted successfully
HKEY_USERS\S-1-5-21-1004667532-806584802-2637913605-1002\SOFTWARE\Microsoft\Internet Explorer\Approved Extensions\{D2CE3E00-F94A-4740-988E-03DC2F38C34F} deleted successfully
HKEY_USERS\S-1-5-21-1004667532-806584802-2637913605-1002\SOFTWARE\Microsoft\Internet Explorer\Approved Extensions\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully

==== Deleting Services ======================

==== FireFox Fix ======================

Deleted from C:\Users\Juraj\AppData\Roaming\Mozilla\Firefox\Profiles\14cdsg0w.default\prefs.js:
user_pref("browser.startup.homepage", "about:home"about:home);

Added to C:\Users\Juraj\AppData\Roaming\Mozilla\Firefox\Profiles\14cdsg0w.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Deleting Files \ Folders ======================

C:\PROGRA~2\Cisco not found
C:\Users\Juraj\.android deleted
C:\install.exe deleted
C:\LGExtract.exe deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Juraj\AppData\Roaming\Mozilla\Firefox\Profiles\14cdsg0w.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"sp@avast.com"="C:\Program Files\AVAST Software\Avast\SafePrice\FF" [05.01.2016 15:33]

==== Firefox Extensions ======================

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Juraj\AppData\Roaming\Mozilla\Firefox\Profiles\14cdsg0w.default
70858ED7836E5C849D33576A84DC8CCF - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll - Shockwave Flash
3D1497F3F1A344FFB733CE616BB9096D - C:\Users\Juraj\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll - Google Update

==== Chromium Look ======================

Google Chrome Version: 46.0.2490.86

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[28.11.2015 13:29]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
lmjegmlicamnimmfhcmpkclmigmmcbeh - No path found[]

Alza.cz - Juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\alolkjllepandfpjlngldkbaeddmoppf
Pushbullet - Juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\chlffgpmiacpedhhbkiomidkjlcfhogd
Wikiwand - Juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\emffkefkbkpkgpdeeooapgaicgmcbolj
Bookmark Manager - Juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik
Avast Online Security - Juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Google Play - Juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi
Google Drive App Launcher - Juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh
Play Books - Juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmimngoggfoobjdlefbcabngfnmieonb
Inbox - Juraj\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkclgpgponpjmpfokoepglboejdobkpl
Avast Online Security - Juraj\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki
Google Drive App Launcher - Juraj\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh

==== Chromium Fix ======================

C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_adserver.adtech.de_0.localstorage deleted successfully
C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_advert.uloz.to_0.localstorage deleted successfully
C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage deleted successfully
C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage deleted successfully
C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] not found

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
HKLM\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
HKLM\Wow6432Node\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} - http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
HKLM\Wow6432Node\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

==== Reset Google Chrome ======================

C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Profile 1\Preferences was reset successfully
C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Profile 1\Secure Preferences was reset successfully
C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\iWisoft Free Video Converter_is1 deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EEventManager deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON SX125 Series deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateLBPShortCut deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateP2GoShortCut deleted successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Juraj\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Juraj\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Juraj\AppData\Local\Microsoft\Windows\INetCache\IE\WPF83D7.tmp will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\Juraj\AppData\Local\Mozilla\Firefox\Profiles\14cdsg0w.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Juraj\AppData\Local\Google\Chrome\User Data\Profile 1\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=11 folders=1 1222967 bytes)

==== Empty Temp Folders ======================

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\Juraj\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Juraj\AppData\Local\Microsoft\Windows\INetCache\IE\WPF83D7.tmp" not found

==== EOF on 09.01.2016 at 21:08:31,79 ======================

Nitram3 · Příspěvekod **Nitram3** » 09 led 2016 21:47

Additional scan result of Farbar Recovery Scan Tool (x64) Version:09-01-2015
Ran by Juraj Havel (2016-01-09 21:17:09)
Running from C:\Users\Juraj\Downloads
Windows 10 Home (X64) (2015-08-06 06:28:55)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-1004667532-806584802-2637913605-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1004667532-806584802-2637913605-503 - Limited - Disabled)
Guest (S-1-5-21-1004667532-806584802-2637913605-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-1004667532-806584802-2637913605-1003 - Limited - Enabled)
Juraj Havel (S-1-5-21-1004667532-806584802-2637913605-1002 - Administrator - Enabled) => C:\Users\Juraj

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Out of date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Out of date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

„Windows Live Essentials“ (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
„Windows Live Mail“ (x32 Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden
„Windows Live Mesh ActiveX“ nuotolinių ryšių valdiklis (HKLM-x32\...\{9024FE65-46B8-4C8A-9D98-8DCB6BD5F598}) (Version: 15.4.5722.2 - Microsoft Corporation)
„Windows Live Messenger“ (x32 Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden
„Windows Live“ fotogalerija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)
ABBYY FineReader 9.0 Sprint (x32 Version: 9.01.513.58212 - ABBYY) Hidden
ActiveX контрола на Windows Live Mesh за отдалечени връзки (HKLM-x32\...\{B3BA4D1C-23EF-4859-9C11-1B2CCB7FADBB}) (Version: 15.4.5722.2 - Microsoft Corporation)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.009.20079 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.267 - Adobe Systems Incorporated)
Aktualizace NVIDIA 2.8.1.21 (Version: 2.8.1.21 - NVIDIA Corporation) Hidden
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.12.5.0 - Asmedia Technology)
ASUS FancyStart (HKLM-x32\...\{2B81872B-A054-48DA-BE3B-FA5C164C303A}) (Version: 1.0.8 - ASUSTeK Computer Inc.)
ASUS K3 Series ScreenSaver (HKLM-x32\...\ASUS K3 Series ScreenSaver) (Version: 1.0.0002 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.0.6 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.1.43 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0010 - ASUS)
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.1.2245 - AVAST Software)
Balíček ovladače systému Windows - Nokia Modem (02/25/2011 4.7) (HKLM\...\E0AC723A3DE3A04256288CADBBB011B112AED454) (Version: 02/25/2011 4.7 - Nokia)
Balíček ovladače systému Windows - Nokia Modem (02/25/2011 7.01.0.9) (HKLM\...\72A50F48CC5601190B9C4E74D81161693133E7F7) (Version: 02/25/2011 7.01.0.9 - Nokia)
Balíček ovladače systému Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
Brother MFL-Pro Suite DCP-L2520DW series (HKLM-x32\...\{F8ECC2FD-CE2B-4ED4-BDCC-90D0D34206FD}) (Version: 1.0.0.0 - Brother Industries, Ltd.)
Control ActiveX Windows Live Mesh pentru conexiuni la distanță (HKLM-x32\...\{260E3D78-94E6-47EC-8E29-46301572BB1E}) (Version: 15.4.5722.2 - Microsoft Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Driver Booster 3.1 (HKLM-x32\...\Driver Booster_is1) (Version: 3.1 - IObit)
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.12.5 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.77 - Dropbox, Inc.) Hidden
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.10 - ASUS)
Flash File Recovery v5.1 (HKLM-x32\...\Flash File Recovery_is1) (Version: - )
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GIGABYTE Sim (HKLM-x32\...\{55BD137D-5AC1-4BC4-9C08-DDCDC88A1B47}) (Version: 1.09.0000 - GIGABYTE)
Google Drive (HKLM-x32\...\{1C3D2F92-D25E-4D98-B810-3F3B0857BF26}) (Version: 1.26.0707.2863 - Google, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Photos Backup (HKU\S-1-5-21-1004667532-806584802-2637913605-1002\...\Google Photos Backup) (Version: 1.1.1.276 - Google, Inc.)
Google Update Helper (x32 Version: 1.2.183.13 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
HDD Health v4.2 (HKLM-x32\...\HDD Health_is1) (Version: - )
Intel PROSet Wireless (x32 Version: - ) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{006B5C65-3938-4246-B182-994A7E415EDE}) (Version: 1.1.0.0537 - Intel Corporation)
IObit Malware Fighter 3 (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 3.4 - IObit)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 5.1.0.37 - IObit)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kontrola Windows Live Mesh ActiveX za daljinske veze (HKLM-x32\...\{19CBDE24-2761-49A5-816B-D2BA65D0CA8D}) (Version: 15.4.5722.2 - Microsoft Corporation)
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave (HKLM-x32\...\{CA227A9D-09BE-4BFB-9764-48FED2DA5454}) (Version: 15.4.5722.2 - Microsoft Corporation)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
LG United Mobile Driver (HKLM-x32\...\{2A3A4BD6-6CE0-4e2a-80D2-1D0FF6ACBFBA}) (Version: 3.14.1 - LG Electronics)
LGFlashTool 1.5.10.1120 (HKLM-x32\...\LGFlashTool) (Version: 1.5.10.1120 - LGE)
Malwarebytes Anti-Malware verze 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{58FED865-4F13-408D-A5BF-996019C4B936}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB (HKLM\...\{AB8DE9BA-19E1-446A-BCFA-6B3DA9751E21}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (12.0.41012.0) (HKLM-x32\...\{AC8E0CF4-42A1-4151-B684-97CF6FD726CF}) (Version: 12.0.41012.0 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM-x32\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{05FF8209-C4F1-4C77-BC28-791653156D20}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{8C06D6DB-A391-4686-B050-99CC522A7843}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{4AEB505C-95E1-4964-9B64-8D27F3186D30}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 43.0.2 (x86 cs) (HKLM-x32\...\Mozilla Firefox 43.0.2 (x86 cs)) (Version: 43.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.2.5833 - Mozilla)
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MuseScore 2 (HKLM-x32\...\{D0969A82-E79E-45D9-95D2-B2824880F780}) (Version: 2.0.2 - Werner Schweer and Others)
Music Manager (HKU\S-1-5-21-1004667532-806584802-2637913605-1002\...\MusicManager) (Version: - Google, Inc.)
Nokia Connectivity Cable Driver (HKLM-x32\...\{A57025CC-5F2E-4D01-B387-06DB10500D43}) (Version: 7.1.78.0 - Nokia)
Nokia PC Suite (HKLM-x32\...\Nokia PC Suite) (Version: 7.1.180.94 - Nokia)
Nokia PC Suite (x32 Version: 7.1.180.94 - Nokia) Hidden
Nuance PaperPort 12 (HKLM-x32\...\{A04A7656-A8E6-451F-A687-B1E34F83A8E2}) (Version: 12.1.0006 - Nuance Communications, Inc.)
NVIDIA GeForce Experience 2.8.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.8.1.21 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 359.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 359.06 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 359.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 359.06 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OpenOffice 4.1.2 (HKLM-x32\...\{69D27D4C-36CE-4CB2-A290-C38B0A990955}) (Version: 4.12.9782 - Apache Software Foundation)
Ovládací panel NVIDIA 359.06 (Version: 359.06 - NVIDIA Corporation) Hidden
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0000 - Nuance Communications, Inc.)
PatchBeam (HKLM-x32\...\PatchBeam) (Version: 1.20 - ConeXware, Inc.)
PC Connectivity Solution (HKLM-x32\...\{644F4910-E812-49AD-93EC-86828CB81A0D}) (Version: 12.0.27.0 - Nokia)
Photodex Presenter (HKLM-x32\...\Photodex Presenter) (Version: - Photodex Corporation)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
PowerArchiver 2015 (HKLM-x32\...\PowerArchiver 2015 15.04.03) (Version: 15.04.03 - ConeXware, Inc.)
PowerArchiver 2015 (x32 Version: 15.04.03 - ConeXware, Inc.) Hidden
Prerequisites for SSDT (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
Prerequisites for SSDT (HKLM-x32\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation)
Pushbullet version 338 (HKLM-x32\...\{7578F204-49E7-4830-B051-14C23F408BFE}_is1) (Version: 338 - Pushbullet Inc)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.38.113.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7628 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10001 - Realtek Semiconductor Corp.)
Samsung SideSync (HKLM-x32\...\Samsung SideSync) (Version: 4.1.3.399 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.56.0 - Samsung Electronics Co., Ltd.)
SHIELD Streaming (Version: 4.1.0250 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.8.1.21 - NVIDIA Corporation) Hidden
Skype™ 7.17 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.17.106 - Skype Technologies S.A.)
Sonic Focus (HKLM-x32\...\{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}) (Version: 1.0.0.4 - Synopsys )
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.3 - IObit)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.6.0 - Synaptics Incorporated)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.53254 - TeamViewer)
Unified Remote (HKLM-x32\...\{415B4714-4F8C-49C6-B310-881EAF892CFB}_is1) (Version: 3.3.4 - Unified Intents AB)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX kontrola za daljinske veze (HKLM-x32\...\{8985AE5E-622A-4980-8BF8-0A1830643220}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX vadīkla attālajiem savienojumiem (HKLM-x32\...\{A3A775C9-5A63-4C55-8FDD-427A5B8F5D2B}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-i juhtelement kaugühendustele (HKLM-x32\...\{216ACEC1-4556-4717-A8DE-3F7F5F9C6F63}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.31.0 - ASUS)
WinRAR 5.21 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Wireless Console 3 (HKLM-x32\...\{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}) (Version: 3.0.19 - ASUS)
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1004667532-806584802-2637913605-1002_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Juraj\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1004667532-806584802-2637913605-1002_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Juraj\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1004667532-806584802-2637913605-1002_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Juraj\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll (Google Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00BEDE9D-02D9-421A-A094-CFACC99664F8} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {01C995FF-D178-4E7B-AC4A-9E950006A207} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {07B0D20D-81EB-473D-838D-7F198D47BC18} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {0837D897-84CB-4E30-A8DD-807937A81DFC} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {0B46EEA2-FA60-4581-B720-3270D64DB563} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-01-05] (AVAST Software)
Task: {0F1FC558-90E6-41AA-8D37-4FBE69053762} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {139A63CE-0FB7-4712-92EA-83366110DEBA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1004667532-806584802-2637913605-1002Core => C:\Users\Juraj\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {148318FC-5974-4508-A415-B3AFD16E5DDB} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {18CDA1CA-8434-4A9F-B401-D8B90DEC4C9E} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {210EA3D9-BF81-4A49-8AE8-FB5F34510144} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {23B893DA-F0F5-46D5-8252-B66B69F00CBF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-12] (Google Inc.)
Task: {2446C477-BCA7-442E-B57A-D5F120A21178} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {24A75597-ECF2-4E2B-ADCF-CB610D1D45CB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {29308477-8F7E-4D4F-92D5-F1534E61B6F5} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {3C9616B2-742C-4820-AFAE-F3D2459E9677} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {3D966D87-5FE5-4FBC-8E90-DB0F48E454DB} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {3E3E65EA-6693-4ACC-947D-206853F50D65} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {42145BE5-4059-431F-919A-1A381C5966DE} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {4CAC6914-8F77-48D4-B959-924A81668994} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1004667532-806584802-2637913605-1002UA => C:\Users\Juraj\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {54B6FC5C-7EBD-4E14-9695-A6ABA87654F3} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {576AFA71-71BC-4E0C-8161-6614D114EF4B} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-12-05] (Dropbox, Inc.)
Task: {60BE1505-FB2B-41C5-883A-8E3671C1E64D} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-11-28] (Realtek Semiconductor)
Task: {6364A4BD-08AB-42B3-BBDB-DD25FB86E44A} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-12-05] (Dropbox, Inc.)
Task: {68C89947-AF12-474D-8285-4786960C175F} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe
Task: {6FECF9BE-AED8-4627-80ED-91FF5361960F} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {773492A6-4F08-4DAF-9C1B-778BC17ACAED} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {784492CE-0AEF-4153-BD72-80396C40E4D9} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-12-09] (Microsoft Corporation)
Task: {78588675-6CF3-4E50-B5B1-1EC34EAA2F6B} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {7DDF9673-8D0B-4652-B795-1BEAD1206B65} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {86DE04E0-7E78-492E-B8D0-D2F6A423432D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {97AA2BC6-6856-443E-BA41-4F7D2D830811} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {9DD958FB-814D-413E-848F-4897C6868CB3} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {A20B2CAE-96B0-4388-B8C9-A8AC43E1FEAA} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {A505DA0A-AA81-464F-B4F5-FED2F5FA7FC1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-03] (Adobe Systems Incorporated)
Task: {AA921623-B84A-4EC8-A6DA-5D46323FC6D9} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {B45BE766-5E55-49E6-8645-611DB92F621F} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {B8DAAFE7-D3AB-4007-9438-0F1AB4F56B51} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2010-12-02] (ASUS)
Task: {C2112F40-9A6A-4F81-BDF0-692F9EFCE3D6} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {C3AAED2A-5787-4842-A17A-FBAE2B44E71D} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17] (ASUS)
Task: {C778374C-94FE-41B0-B705-5FC952201AC0} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {D211F570-D28F-417C-9C4E-3ACD87248EB3} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {DD548504-31EE-43FF-A573-1E9BCB56DC76} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {DDC4AA6D-FAE8-4B9E-9C6D-84F972ECE290} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-12] (Google Inc.)
Task: {DDEDD713-74BB-44F2-A0C1-F4DA208A6820} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-11-28] (Realtek Semiconductor)
Task: {E959E007-A71C-4952-8EA8-22DE146D6227} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {F0496437-71B1-4E96-9E9C-3BC2F52CDE46} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {F947A727-4E2D-475D-BF78-1AFF9DC6DD7C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {FACB8164-0888-403B-B4E6-7F59329EA90F} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {FBC8485F-A585-489F-8E2C-C65FEABC1BEF} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {FFEE4F98-789F-4BC5-9EBF-91D4AC658C46} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1004667532-806584802-2637913605-1002Core.job => C:\Users\Juraj\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1004667532-806584802-2637913605-1002UA.job => C:\Users\Juraj\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-07-10 12:00 - 2015-07-10 12:00 - 00028160 _____ () C:\WINDOWS\SYSTEM32\efsext.dll
2015-08-05 22:05 - 2015-08-05 22:05 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-08-05 21:50 - 2015-11-24 20:32 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-08-19 14:21 - 2015-08-11 10:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-12-28 11:35 - 2013-03-08 09:54 - 00017760 _____ () C:\Program Files (x86)\HDD Health\HDDHealthService.exe
2015-09-15 18:36 - 2005-04-22 05:36 - 00143360 ____R () C:\WINDOWS\system32\BrSNMP64.dll
2016-01-03 21:04 - 2015-12-09 02:52 - 00217720 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2015-07-10 12:00 - 2015-07-10 12:00 - 00215352 _____ () c:\windows\system32\WerEtw.dll
2015-10-01 11:53 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-01 11:53 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-10-01 11:52 - 2015-09-17 06:43 - 02028544 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RulesService.dll
2015-12-09 09:12 - 2015-11-25 05:17 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-12-09 09:12 - 2015-11-25 05:17 - 00619008 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SignalsManager.dll
2015-12-09 09:12 - 2015-11-25 05:18 - 00928768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RulesBackgroundTasks.dll
2010-07-15 00:11 - 2010-07-15 00:11 - 00031360 _____ () C:\Program Files\P4G\DevMng.dll
2015-10-01 11:52 - 2015-09-17 06:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-12-09 09:13 - 2015-11-25 05:20 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-12-09 09:12 - 2015-11-25 05:17 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-01 11:53 - 2015-09-17 06:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-06-01 20:00 - 2015-06-01 20:00 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-07-07 07:10 - 2011-05-05 13:30 - 00057640 _____ () C:\Program Files\Synaptics\SynTP\SynTPEnhPS.dll
2010-09-24 00:53 - 2010-09-24 00:53 - 01601536 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
2012-12-03 10:54 - 2012-12-03 10:54 - 01308672 _____ () C:\Users\Juraj\Documents\GIGABYTE\GIGABYTE Sim\Mouse.exe
2016-01-05 15:04 - 2016-01-05 15:04 - 00103888 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2016-01-05 15:04 - 2016-01-05 15:04 - 00125512 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-01-09 20:32 - 2016-01-09 20:32 - 02821120 _____ () C:\Program Files\AVAST Software\Avast\defs\16010901\algo.dll
2016-01-05 15:04 - 2016-01-05 15:04 - 00469008 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-01-03 18:01 - 2015-01-09 18:46 - 00517408 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\sqlite3.dll
2015-07-02 13:50 - 2014-10-16 09:26 - 00622880 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2015-11-21 11:55 - 2015-09-21 10:49 - 00348960 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2015-11-21 11:55 - 2015-09-21 10:49 - 00183584 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2015-11-21 11:55 - 2015-09-21 10:49 - 00050976 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
2015-12-11 12:30 - 2015-12-11 12:30 - 03473408 _____ () C:\Users\Juraj\AppData\Local\Programs\Google\Google Photos Backup\gpuploader_i18n.dll
2015-11-17 18:44 - 2015-11-17 18:44 - 00117248 _____ () C:\Users\Juraj\AppData\Local\Programs\Google\MusicManager\libaacdec.dll
2015-11-17 18:45 - 2015-11-17 18:45 - 00234496 _____ () C:\Users\Juraj\AppData\Local\Programs\Google\MusicManager\libmpgdec.dll
2015-11-17 18:45 - 2015-11-17 18:45 - 00253440 _____ () C:\Users\Juraj\AppData\Local\Programs\Google\MusicManager\libid3tag.dll
2015-11-17 18:44 - 2015-11-17 18:44 - 00344064 _____ () C:\Users\Juraj\AppData\Local\Programs\Google\MusicManager\libaudioenc.dll
2016-01-09 21:09 - 2016-01-09 21:09 - 00098816 _____ () C:\Users\Juraj\AppData\Local\Temp\_MEI69802\win32api.pyd
2016-01-09 21:09 - 2016-01-09 21:09 - 00110080 _____ () C:\Users\Juraj\AppData\Local\Temp\_MEI69802\pywintypes27.dll
2016-01-09 21:09 - 2016-01-09 21:09 - 00364544 _____ () C:\Users\Juraj\AppData\Local\Temp\_MEI69802\pythoncom27.dll
2016-01-09 21:09 - 2016-01-09 21:09 - 00046080 _____ () C:\Users\Juraj\AppData\Local\Temp\_MEI69802\_socket.pyd
2016-01-09 21:09 - 2016-01-09 21:09 - 01208320 _____ () C:\Users\Juraj\AppData\Local\Temp\_MEI69802\_ssl.pyd
2016-01-09 21:09 - 2016-01-09 21:09 - 00320512 _____ () C:\Users\Juraj\AppData\Local\Temp\_MEI69802\win32com.shell.shell.pyd
2016-01-09 21:09 - 2016-01-09 21:09 - 00776704 _____ () C:\Users\Juraj\AppData\Local\Temp\_MEI69802\_hashlib.pyd
2016-01-09 21:09 - 2016-01-09 21:09 - 01176576 _____ () C:\Users\Juraj\AppData\Local\Temp\_MEI69802\wx._core_.pyd
2016-01-09 21:09 - 2016-01-09 21:09 - 00806400 _____ () C:\Users\Juraj\AppData\Local\Temp\_MEI69802\wx._gdi_.pyd
2016-01-09 21:09 - 2016-01-09 21:09 - 00816128 _____ () C:\Users\Juraj\AppData\Local\Temp\_MEI69802\wx._windows_.pyd
2016-01-09 21:09 - 2016-01-09 21:09 - 01067008 _____ () C:\Users\Juraj\AppData\Local\Temp\_MEI69802\wx._controls_.pyd
2016-01-09 21:09 - 2016-01-09 21:09 - 00733184 _____ () C:\Users\Juraj\AppData\Local\Temp\_MEI69802\wx._misc_.pyd
2016-01-09 21:09 - 2016-01-09 21:09 - 00682496 _____ () C:\Users\Juraj\AppData\Local\Temp\_MEI69802\pysqlite2._sqlite.pyd
2016-01-09 21:09 - 2016-01-09 21:09 - 00088064 _____ () C:\Users\Juraj\AppData\Local\Temp\_MEI69802\_ctypes.pyd
2016-01-09 21:09 - 2016-01-09 21:09 - 00119808 _____ () C:\Users\Juraj\AppData\Local\Temp\_MEI69802\win32file.pyd
2016-01-09 21:09 - 2016-01-09 21:09 - 00108544 _____ () C:\Users\Juraj\AppData\Local\Temp\_MEI69802\win32security.pyd
2016-01-09 21:09 - 2016-01-09 21:09 - 00007168 _____ () C:\Users\Juraj\AppData\Local\Temp\_MEI69802\hashobjs_ext.pyd
2016-01-09 21:09 - 2016-01-09 21:09 - 00017920 _____ () C:\Users\Juraj\AppData\Local\Temp\_MEI69802\thumbnails_ext.pyd
2016-01-09 21:09 - 2016-01-09 21:09 - 00079360 _____ () C:\Users\Juraj\AppData\Local\Temp\_MEI69802\usb_ext.pyd
2016-01-09 21:09 - 2016-01-09 21:09 - 00167936 _____ () C:\Users\Juraj\AppData\Local\Temp\_MEI69802\win32gui.pyd
2016-01-09 21:09 - 2016-01-09 21:09 - 00018432 _____ () C:\Users\Juraj\AppData\Local\Temp\_MEI69802\win32event.pyd
2016-01-09 21:09 - 2016-01-09 21:09 - 00128512 _____ () C:\Users\Juraj\AppData\Local\Temp\_MEI69802\_elementtree.pyd
2016-01-09 21:09 - 2016-01-09 21:09 - 00127488 _____ () C:\Users\Juraj\AppData\Local\Temp\_MEI69802\pyexpat.pyd
2016-01-09 21:09 - 2016-01-09 21:09 - 00013824 _____ () C:\Users\Juraj\AppData\Local\Temp\_MEI69802\common.time34.pyd
2016-01-09 21:09 - 2016-01-09 21:09 - 00036864 _____ () C:\Users\Juraj\AppData\Local\Temp\_MEI69802\_psutil_windows.pyd
2016-01-09 21:09 - 2016-01-09 21:09 - 00038912 _____ () C:\Users\Juraj\AppData\Local\Temp\_MEI69802\win32inet.pyd
2016-01-09 21:09 - 2016-01-09 21:09 - 00525640 _____ () C:\Users\Juraj\AppData\Local\Temp\_MEI69802\windows._lib_cacheinvalidation.pyd
2016-01-09 21:09 - 2016-01-09 21:09 - 00011264 _____ () C:\Users\Juraj\AppData\Local\Temp\_MEI69802\win32crypt.pyd
2016-01-09 21:09 - 2016-01-09 21:09 - 00077312 _____ () C:\Users\Juraj\AppData\Local\Temp\_MEI69802\wx._html2.pyd
2016-01-09 21:09 - 2016-01-09 21:09 - 00027136 _____ () C:\Users\Juraj\AppData\Local\Temp\_MEI69802\_multiprocessing.pyd
2016-01-09 21:09 - 2016-01-09 21:09 - 00020480 _____ () C:\Users\Juraj\AppData\Local\Temp\_MEI69802\_yappi.pyd
2016-01-09 21:09 - 2016-01-09 21:09 - 00035840 _____ () C:\Users\Juraj\AppData\Local\Temp\_MEI69802\win32process.pyd
2016-01-09 21:09 - 2016-01-09 21:09 - 00686080 _____ () C:\Users\Juraj\AppData\Local\Temp\_MEI69802\unicodedata.pyd
2016-01-09 21:09 - 2016-01-09 21:09 - 00123392 _____ () C:\Users\Juraj\AppData\Local\Temp\_MEI69802\wx._wizard.pyd
2016-01-09 21:09 - 2016-01-09 21:09 - 00024064 _____ () C:\Users\Juraj\AppData\Local\Temp\_MEI69802\win32pipe.pyd
2016-01-09 21:09 - 2016-01-09 21:09 - 00010240 _____ () C:\Users\Juraj\AppData\Local\Temp\_MEI69802\select.pyd
2016-01-09 21:09 - 2016-01-09 21:09 - 00025600 _____ () C:\Users\Juraj\AppData\Local\Temp\_MEI69802\win32pdh.pyd
2016-01-09 21:09 - 2016-01-09 21:09 - 00017408 _____ () C:\Users\Juraj\AppData\Local\Temp\_MEI69802\win32profile.pyd
2016-01-09 21:09 - 2016-01-09 21:09 - 00022528 _____ () C:\Users\Juraj\AppData\Local\Temp\_MEI69802\win32ts.pyd
2016-01-09 21:09 - 2016-01-09 21:09 - 00078848 _____ () C:\Users\Juraj\AppData\Local\Temp\_MEI69802\wx._animate.pyd
2016-01-05 15:04 - 2016-01-05 15:04 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-09-15 18:35 - 2009-02-27 15:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2015-12-10 09:50 - 2015-10-31 01:59 - 00034768 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2015-12-10 09:50 - 2015-10-31 02:00 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2015-12-10 09:50 - 2015-12-08 22:36 - 00022848 _____ () C:\Program Files (x86)\Dropbox\Client\Crypto.Random.OSRNG.winrandom.pyd
2015-12-10 09:50 - 2015-12-08 22:36 - 00023352 _____ () C:\Program Files (x86)\Dropbox\Client\Crypto.Util._counter.pyd
2015-12-10 09:50 - 2015-12-08 22:36 - 00042296 _____ () C:\Program Files (x86)\Dropbox\Client\Crypto.Cipher._AES.pyd
2015-12-10 09:50 - 2015-10-31 01:59 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2015-12-10 09:50 - 2015-10-31 01:59 - 00093640 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2015-12-10 09:50 - 2015-10-31 01:59 - 00018376 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2015-12-10 09:50 - 2015-12-08 22:36 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2015-12-10 09:50 - 2015-10-31 02:00 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2015-12-10 09:50 - 2015-10-31 01:59 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2015-12-10 09:50 - 2015-12-08 22:36 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2015-12-10 09:50 - 2015-10-31 01:59 - 00692688 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2015-12-10 09:50 - 2015-12-08 22:36 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2015-12-10 09:50 - 2015-10-31 02:00 - 00109520 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2015-12-10 09:50 - 2015-12-08 22:36 - 01737032 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2015-12-10 09:50 - 2015-12-08 22:36 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2015-12-10 09:50 - 2015-12-08 22:36 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_python_x66cf7a7cx17a72769.pyd
2015-12-10 09:50 - 2015-12-08 22:36 - 00021840 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2015-12-10 09:50 - 2015-12-08 22:36 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2015-12-10 09:50 - 2015-10-31 02:00 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2015-12-10 09:50 - 2015-10-31 02:00 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2015-12-10 09:50 - 2015-10-31 02:00 - 00114640 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2015-12-10 09:50 - 2015-12-08 22:36 - 00021320 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_pywin_kernel32_xde9e4433x360333f0.pyd
2015-12-10 09:50 - 2015-10-31 02:00 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2015-12-10 09:50 - 2015-10-31 02:00 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2015-12-10 09:50 - 2015-10-31 02:00 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2015-12-10 09:50 - 2015-10-31 02:00 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2015-12-10 09:50 - 2015-10-31 02:00 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2015-12-10 09:50 - 2015-10-31 02:00 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2015-12-10 09:50 - 2015-10-31 02:00 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2015-12-10 09:50 - 2015-12-08 22:36 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2015-12-10 09:50 - 2015-10-31 02:00 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2015-12-10 09:50 - 2015-10-31 02:00 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2015-12-10 09:50 - 2015-12-08 22:36 - 00117056 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2015-12-10 09:50 - 2015-12-08 22:36 - 00031568 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2015-12-10 09:50 - 2015-11-05 01:04 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2015-12-10 09:50 - 2015-12-08 22:36 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2015-12-10 09:50 - 2015-10-31 01:59 - 00134608 _____ () C:\Program Files (x86)\Dropbox\Client\_elementtree.pyd
2015-12-10 09:50 - 2015-10-31 01:59 - 00134088 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2015-12-10 09:50 - 2015-10-31 02:00 - 00240584 _____ () C:\Program Files (x86)\Dropbox\Client\jpegtran.pyd
2015-12-10 09:50 - 2015-12-08 22:36 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2015-12-10 09:50 - 2015-12-08 22:36 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2015-12-10 09:50 - 2015-12-08 22:36 - 00021304 _____ () C:\Program Files (x86)\Dropbox\Client\Crypto.Util.strxor.pyd
2015-12-10 09:50 - 2015-10-31 02:00 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2015-12-10 09:50 - 2015-12-08 22:36 - 00084792 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2015-12-10 09:50 - 2015-12-08 22:36 - 01826608 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2015-12-10 09:50 - 2015-10-31 02:00 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2015-12-10 09:50 - 2015-12-08 22:36 - 03891504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2015-12-10 09:50 - 2015-12-08 22:36 - 01950000 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2015-12-10 09:50 - 2015-12-08 22:36 - 00519984 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2015-12-10 09:50 - 2015-12-08 22:36 - 00133936 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2015-12-10 09:50 - 2015-12-08 22:36 - 00225080 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2015-12-10 09:50 - 2015-12-08 22:36 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2015-12-10 09:50 - 2015-12-08 22:36 - 00024904 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2015-12-10 09:50 - 2015-12-08 22:36 - 00486704 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2015-12-10 09:50 - 2015-12-08 22:36 - 00357680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2015-12-10 09:50 - 2015-10-31 02:01 - 00019920 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick.2\qtquick2plugin.dll
2015-12-10 09:50 - 2015-10-31 02:00 - 00786904 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-12-10 09:50 - 2015-10-31 02:00 - 00063448 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-12-10 09:50 - 2015-10-31 02:00 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Window.2\windowplugin.dll
2016-01-03 18:01 - 2015-03-27 15:39 - 00182080 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\unrar.dll
2016-01-03 18:01 - 2015-01-09 18:46 - 00145184 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\zlibwapi.dll
2016-01-03 18:01 - 2014-10-16 10:26 - 00622880 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\ProductStatistics.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-1004667532-806584802-2637913605-1002\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1004667532-806584802-2637913605-1002\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-1004667532-806584802-2637913605-1002\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-1004667532-806584802-2637913605-1002\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-1004667532-806584802-2637913605-1002\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-1004667532-806584802-2637913605-1002\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-1004667532-806584802-2637913605-1002\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-1004667532-806584802-2637913605-1002\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-1004667532-806584802-2637913605-1002\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-1004667532-806584802-2637913605-1002\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-1004667532-806584802-2637913605-1002\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-1004667532-806584802-2637913605-1002\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-1004667532-806584802-2637913605-1002\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-1004667532-806584802-2637913605-1002\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-1004667532-806584802-2637913605-1002\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1004667532-806584802-2637913605-1002\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-1004667532-806584802-2637913605-1002\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-1004667532-806584802-2637913605-1002\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-1004667532-806584802-2637913605-1002\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-1004667532-806584802-2637913605-1002\...\100sexlinks.com -> 100sexlinks.com

There are 4788 more sites.

Nitram3 · Příspěvekod **Nitram3** » 09 led 2016 21:49

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-01-09 12:56 - 2016-01-09 12:56 - 00000753 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1004667532-806584802-2637913605-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Juraj\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{9A57AB12-698F-446B-87E7-860AC3C9C663}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{59C8011B-0D9E-4D97-9AB6-837774D79FA8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{88B81A00-07FF-4326-A299-E4F7D1BD7EE7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{D9C4BC46-734B-447A-9CC8-A87E36C0ED08}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{850BCC9C-8D0C-426C-8D3A-4B392B379FC7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{2CBE189C-C5F8-4045-8318-897830A39CD1}] => (Allow) LPort=5558
FirewallRules: [{056D9744-1DF9-4CB5-AFAB-5C270F79F991}] => (Allow) LPort=5556
FirewallRules: [{94EDD0A5-5FA0-4404-B561-BA061DEECAA6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{A86251CE-7EBD-40F2-A66B-7E873DAD36ED}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [UDP Query User{9CCF636F-E82B-4CB1-86D8-7918127D1386}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{B42213DB-373A-4B3E-AB75-79A0B410CEA3}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{6944E626-2306-4530-89F8-7A78E54C3926}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{92C44839-789F-4A7A-906E-636C87A3FBA6}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{68F35998-81EE-4F77-907F-8641CB886628}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{98BCC2E8-93EA-48D8-B7A1-FB6C73515712}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{A10E15C9-BC9C-4ED1-A210-F6544F2A61CB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A3EB46C8-5E13-4E0E-BEEE-AB4291979C3E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A8C2692C-02A4-4B44-934A-FE5228F1BCF1}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{BA6CE529-89BF-438D-A2BB-A5594296FC30}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{4664F37F-1F3E-4729-9525-81A1AED2C27C}] => (Allow) LPort=8182
FirewallRules: [{FF0E14E4-C858-4882-BB0F-5B5456352724}] => (Allow) LPort=5353
FirewallRules: [{91E76949-866F-4FFA-A05B-B0085FDC8DA9}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{5B3CF587-354A-4C45-9A75-28C42D5E9E63}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{8B6F2C2C-8018-43A7-B7AC-26177AFB6846}] => (Allow) LPort=1900
FirewallRules: [{B36B7768-F50C-44E2-99F3-8D7CF8C97D7E}] => (Allow) LPort=2869
FirewallRules: [{4C5C55D3-6471-46B0-8C69-F90DE933EB3F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{0E7C605E-786B-43CB-8E96-BE841AC021EB}] => (Allow) C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe
FirewallRules: [{3E55CA06-89DC-4148-866F-DBCC0DC5CA9A}] => (Allow) C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe
FirewallRules: [{32F75583-7E5E-475A-AFDF-2DAB90EE7D93}] => (Allow) LPort=54925
FirewallRules: [{75975DFA-03E8-4C22-B0CD-55C00B18CCA0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{12F6051E-B5DC-4EBD-9A7A-2E05027786AD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{16FE0B09-0619-443F-BBC8-1A5A6D028337}C:\program files (x86)\samsung\sidesync4\sidesync.exe] => (Allow) C:\program files (x86)\samsung\sidesync4\sidesync.exe
FirewallRules: [UDP Query User{F5B77A89-80A4-4FDB-94A8-8D917CCB3578}C:\program files (x86)\samsung\sidesync4\sidesync.exe] => (Allow) C:\program files (x86)\samsung\sidesync4\sidesync.exe
FirewallRules: [{4C3FAA00-418C-442C-B2EF-F6552BF1289F}] => (Allow) C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe
FirewallRules: [{B1EF29AB-3560-4A08-B51F-8FD0A916F21F}] => (Allow) C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe
FirewallRules: [{621A5FFD-AD48-413C-9C3C-7A48BD957333}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{92B08366-43A6-40B0-A8D6-7F42F88E90F0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{C4E4F1E1-EFDF-47B2-AF95-8EEE784E9F64}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{FFFEB2EB-4C03-47D4-8077-7E4F23BCF0E7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{7DDBAEB6-70C8-4792-BA0E-6D4189CB68A5}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{7DBEC8AD-6EAD-4A31-B936-2E87376E6D95}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{9AEC3A20-8E54-4BA8-8707-715DCFCA0BEE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{87B9132F-31EB-48BC-9807-2D3AD7A7E333}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{B5061513-C5F2-4C7D-B815-799B60F4EAAC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{CAA14642-5180-4C17-BF45-35F29BF7AF42}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{20CE7E20-8AFC-4AF7-B644-D1AEF3B08715}] => (Allow) C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe
FirewallRules: [{5A602F95-670E-45A3-BD7A-2D9BECA5D2E8}] => (Allow) C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe
FirewallRules: [{F19886D0-571D-4208-B2B0-421E71622BB2}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe

==================== Restore Points =========================

09-12-2015 18:43:39 Windows Update
14-12-2015 10:36:25 Windows Update
22-12-2015 20:24:50 Nainstalováno: OpenOffice 4.1.2
04-01-2016 18:44:36 Windows Update
06-01-2016 14:24:07 ASU_MSI_TRAN
06-01-2016 20:21:58 JRT Pre-Junkware Removal
09-01-2016 12:51:11 zoek.exe restore point

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (01/09/2016 09:11:23 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest1 se nezdařilo. Chyba v souboru manifestu nebo zásad C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest2 na řádku C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest3.
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest.

Error: (01/09/2016 09:10:02 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest1 se nezdařilo. Chyba v souboru manifestu nebo zásad C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest2 na řádku C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest3.
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest.

Error: (01/09/2016 09:09:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: mediasrv.exe, verze: 1.1.0.51, časové razítko: 0x4d6e5b7d
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x7f194cd3
ID chybujícího procesu: 0x1a30
Čas spuštění chybující aplikace: 0xmediasrv.exe0
Cesta k chybující aplikaci: mediasrv.exe1
Cesta k chybujícímu modulu: mediasrv.exe2
ID zprávy: mediasrv.exe3
Úplný název chybujícího balíčku: mediasrv.exe4
ID aplikace související s chybujícím balíčkem: mediasrv.exe5

Error: (01/09/2016 09:09:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: obexsrv.exe, verze: 1.1.0.51, časové razítko: 0x4d6e5ab8
Název chybujícího modulu: obexsrv.exe, verze: 1.1.0.51, časové razítko: 0x4d6e5ab8
Kód výjimky: 0xc0000005
Posun chyby: 0x0005225c
ID chybujícího procesu: 0x1504
Čas spuštění chybující aplikace: 0xobexsrv.exe0
Cesta k chybující aplikaci: obexsrv.exe1
Cesta k chybujícímu modulu: obexsrv.exe2
ID zprávy: obexsrv.exe3
Úplný název chybujícího balíčku: obexsrv.exe4
ID aplikace související s chybujícím balíčkem: obexsrv.exe5

Error: (01/09/2016 09:09:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: devmonsrv.exe, verze: 1.1.0.51, časové razítko: 0x4d6e5bd3
Název chybujícího modulu: devmonsrv.exe, verze: 1.1.0.51, časové razítko: 0x4d6e5bd3
Kód výjimky: 0xc0000005
Posun chyby: 0x00043c86
ID chybujícího procesu: 0x1bc0
Čas spuštění chybující aplikace: 0xdevmonsrv.exe0
Cesta k chybující aplikaci: devmonsrv.exe1
Cesta k chybujícímu modulu: devmonsrv.exe2
ID zprávy: devmonsrv.exe3
Úplný název chybujícího balíčku: devmonsrv.exe4
ID aplikace související s chybujícím balíčkem: devmonsrv.exe5

Error: (01/09/2016 09:07:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: devmonsrv.exe, verze: 1.1.0.51, časové razítko: 0x4d6e5bd3
Název chybujícího modulu: devmonsrv.exe, verze: 1.1.0.51, časové razítko: 0x4d6e5bd3
Kód výjimky: 0xc0000005
Posun chyby: 0x00043c86
ID chybujícího procesu: 0x928
Čas spuštění chybující aplikace: 0xdevmonsrv.exe0
Cesta k chybující aplikaci: devmonsrv.exe1
Cesta k chybujícímu modulu: devmonsrv.exe2
ID zprávy: devmonsrv.exe3
Úplný název chybujícího balíčku: devmonsrv.exe4
ID aplikace související s chybujícím balíčkem: devmonsrv.exe5

Error: (01/09/2016 09:07:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: obexsrv.exe, verze: 1.1.0.51, časové razítko: 0x4d6e5ab8
Název chybujícího modulu: obexsrv.exe, verze: 1.1.0.51, časové razítko: 0x4d6e5ab8
Kód výjimky: 0xc0000005
Posun chyby: 0x0005225c
ID chybujícího procesu: 0x930
Čas spuštění chybující aplikace: 0xobexsrv.exe0
Cesta k chybující aplikaci: obexsrv.exe1
Cesta k chybujícímu modulu: obexsrv.exe2
ID zprávy: obexsrv.exe3
Úplný název chybujícího balíčku: obexsrv.exe4
ID aplikace související s chybujícím balíčkem: obexsrv.exe5

Error: (01/09/2016 12:51:41 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (01/09/2016 12:46:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: devmonsrv.exe, verze: 1.1.0.51, časové razítko: 0x4d6e5bd3
Název chybujícího modulu: devmonsrv.exe, verze: 1.1.0.51, časové razítko: 0x4d6e5bd3
Kód výjimky: 0xc0000005
Posun chyby: 0x00043c86
ID chybujícího procesu: 0x28e0
Čas spuštění chybující aplikace: 0xdevmonsrv.exe0
Cesta k chybující aplikaci: devmonsrv.exe1
Cesta k chybujícímu modulu: devmonsrv.exe2
ID zprávy: devmonsrv.exe3
Úplný název chybujícího balíčku: devmonsrv.exe4
ID aplikace související s chybujícím balíčkem: devmonsrv.exe5

Error: (01/09/2016 12:44:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: devmonsrv.exe, verze: 1.1.0.51, časové razítko: 0x4d6e5bd3
Název chybujícího modulu: devmonsrv.exe, verze: 1.1.0.51, časové razítko: 0x4d6e5bd3
Kód výjimky: 0xc0000005
Posun chyby: 0x00043c86
ID chybujícího procesu: 0x2858
Čas spuštění chybující aplikace: 0xdevmonsrv.exe0
Cesta k chybující aplikaci: devmonsrv.exe1
Cesta k chybujícímu modulu: devmonsrv.exe2
ID zprávy: devmonsrv.exe3
Úplný název chybujícího balíčku: devmonsrv.exe4
ID aplikace související s chybujícím balíčkem: devmonsrv.exe5

System errors:
=============
Error: (01/09/2016 09:09:54 PM) (Source: DCOM) (EventID: 10005) (User: Juraj-PC)
Description: 1053Bluetooth Media ServiceNení k dispozici{9AC233E9-AC75-4DB5-85C4-DAB13A484FEA}

Error: (01/09/2016 09:09:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Bluetooth Media Service neuspěla při spuštění v důsledku následující chyby:
%%1053

Error: (01/09/2016 09:09:54 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Bluetooth Media Service bylo dosaženo časového limitu (30000 ms).

Error: (01/09/2016 09:09:27 PM) (Source: DCOM) (EventID: 10005) (User: Juraj-PC)
Description: 1053Bluetooth OBEX ServiceNení k dispozici{E9E0D51D-F407-4D91-B294-C111F721A3AF}

Error: (01/09/2016 09:09:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Bluetooth OBEX Service neuspěla při spuštění v důsledku následující chyby:
%%1053

Error: (01/09/2016 09:09:27 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Bluetooth OBEX Service bylo dosaženo časového limitu (30000 ms).

Error: (01/09/2016 09:09:24 PM) (Source: DCOM) (EventID: 10005) (User: Juraj-PC)
Description: 1053Bluetooth Device MonitorNení k dispozici{DABF28BE-F6B4-4E40-8F40-C4FB26F3116C}

Error: (01/09/2016 09:09:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Bluetooth Device Monitor neuspěla při spuštění v důsledku následující chyby:
%%1053

Error: (01/09/2016 09:09:24 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Bluetooth Device Monitor bylo dosaženo časového limitu (30000 ms).

Error: (01/09/2016 09:08:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Adaptér naslouchání Net.Msmq neuspěla při spuštění v důsledku následující chyby:
%%1053

CodeIntegrity:
===================================
Date: 2015-08-21 22:04:14.803
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-08-21 22:04:14.348
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-08-21 22:04:13.632
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-08-21 22:04:13.066
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-08-21 22:04:12.430
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-08-21 22:04:11.674
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-08-21 22:04:10.713
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-08-21 22:04:10.256
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-08-21 22:04:09.814
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-08-21 22:04:09.291
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

Processor: Intel(R) Pentium(R) CPU B950 @ 2.10GHz
Percentage of memory in use: 52%
Total physical RAM: 4006.7 MB
Available physical RAM: 1901.41 MB
Total Virtual: 8102.7 MB
Available Virtual: 6042.71 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:293.03 GB) (Free:193.73 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (Data) (Fixed) (Total:380.61 GB) (Free:79.14 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or

(Size: 698.6 GB) (Disk ID: 496B9619)
Partition 1: (Not Active) - (Size=25 GB) - (Type=1C)
Partition 2: (Active) - (Size=293 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=380.6 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Kontrola logu - velmi zpomalený notebook Vyřešeno

Kontrola logu - velmi zpomalený notebook

Re: Kontrola logu - velmi zpomalený notebook

Re: Kontrola logu - velmi zpomalený notebook

Re: Kontrola logu - velmi zpomalený notebook

Re: Kontrola logu - velmi zpomalený notebook

Re: Kontrola logu - velmi zpomalený notebook

Re: Kontrola logu - velmi zpomalený notebook

Re: Kontrola logu - velmi zpomalený notebook

Re: Kontrola logu - velmi zpomalený notebook

Re: Kontrola logu - velmi zpomalený notebook

Re: Kontrola logu - velmi zpomalený notebook

Re: Kontrola logu - velmi zpomalený notebook

Kdo je online