Kontrola logu HJT a problémů

miruska27 · Příspěvekod **miruska27** » 18 úno 2016 18:23

CF je proveden, přikládám log..... ALE..... při jeho chodu, na pozici "48" se zastavil a napsal mi tabulku, že Windows zastavil nějaký program a chtěl to odsouhlasit. Což jsem provedl a po dojetí CF, ale ještě před restartem mi vyhodil asi 8 nějakých malých tabulek v angličtině, na jejichž konci bylo ano/ne. Tak jsem je všechny potvrdil a CF restartoval potom PC. Zde je log, který potom vytvořil.

ComboFix 16-02-15.01 - pc 18.02.2016 17:48:03.2.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.1918.1070 [GMT 1:00]
Spuštěný z: c:\users\pc\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\pc\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\Adobe Flash Player Updater.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\AVG
c:\program files\AVG\Framework\1\avgcmlx.dll
c:\program files\AVG\Framework\1\avgcommx.dll
c:\program files\AVG\Framework\1\avgdiagex.exe
c:\program files\AVG\Framework\1\avgdumpx.exe
c:\program files\AVG\Framework\1\avgfmwelevplgx.dll
c:\program files\AVG\Framework\1\avgfmwx.dll
c:\program files\AVG\Framework\1\avglngx.dll
c:\program files\AVG\Framework\1\avglogx.dll
c:\program files\AVG\Framework\1\avgmsgdispx.dll
c:\program files\AVG\Framework\1\avgnetclix.dll
c:\program files\AVG\Framework\1\avgntdumpx.exe
c:\program files\AVG\Framework\1\avgntopensslx.fmw.1.dll
c:\program files\AVG\Framework\1\avgopensslx.fmw.1.dll
c:\program files\AVG\Framework\1\avgsvcfmwplgx.dll
c:\program files\AVG\Framework\1\avgsysx.fmw.1.dll
c:\program files\AVG\Framework\1\avguifmwplgx.dll
c:\program files\AVG\Framework\1\crash.avgdx
c:\program files\AVG\Framework\Common\avgelevx.exe
c:\program files\AVG\Framework\Common\avgfmwbasex.dll
c:\program files\AVG\Framework\Common\avgntopensslx.fmw.1.dll
c:\program files\AVG\Framework\Common\avgopensslx.fmw.1.dll
c:\program files\AVG\Framework\Common\avgsvcx.exe
c:\program files\AVG\Framework\Common\avgsysx.fmw.1.dll
c:\program files\AVG\Framework\Common\avguirnx.exe
c:\program files\AVG\Framework\Common\avguix.exe
c:\program files\AVG\Nový Aplikace Microsoft Office Access.mdb
c:\program files\AVG\UiDll\2171\cef.pak
c:\program files\AVG\UiDll\2171\cef_100_percent.pak
c:\program files\AVG\UiDll\2171\cef_200_percent.pak
c:\program files\AVG\UiDll\2171\icudtl.dat
c:\program files\AVG\UiDll\2171\libcef.dll
c:\program files\AVG\Zen\3rd_party\licenses\3rdparty.txt
c:\program files\AVG\Zen\3rd_party\readme.txt
c:\program files\AVG\Zen\add.zip
c:\program files\AVG\Zen\add.zip.zfs
c:\program files\AVG\Zen\avgcommx.dll
c:\program files\AVG\Zen\avgntopensslx.zen.1.dll
c:\program files\AVG\Zen\avgopensslx.zen.1.dll
c:\program files\AVG\Zen\avgreloadablex.dll
c:\program files\AVG\Zen\avgreplibx.dll
c:\program files\AVG\Zen\avgsysx.zen.1.dll
c:\program files\AVG\Zen\cfg.zip
c:\program files\AVG\Zen\cfg.zip.zfs
c:\program files\AVG\Zen\dllupdateman.ini
c:\program files\AVG\Zen\html.zip
c:\program files\AVG\Zen\html.zip.zfs
c:\program files\AVG\Zen\prevcar.xml
c:\program files\AVG\Zen\rules.zip
c:\program files\AVG\Zen\rules.zip.zfs
c:\program files\AVG\Zen\zapix.dll
c:\program files\AVG\Zen\zappapix.dll
c:\program files\AVG\Zen\zelevpluginx.dll
c:\program files\AVG\Zen\zen_cz.chm
c:\program files\AVG\Zen\zen_cz.lng
c:\program files\AVG\Zen\zen_da.chm
c:\program files\AVG\Zen\zen_da.lng
c:\program files\AVG\Zen\zen_es.chm
c:\program files\AVG\Zen\zen_es.lng
c:\program files\AVG\Zen\zen_fr.chm
c:\program files\AVG\Zen\zen_fr.lng
c:\program files\AVG\Zen\zen_ge.chm
c:\program files\AVG\Zen\zen_ge.lng
c:\program files\AVG\Zen\zen_hu.chm
c:\program files\AVG\Zen\zen_hu.lng
c:\program files\AVG\Zen\zen_id.chm
c:\program files\AVG\Zen\zen_id.lng
c:\program files\AVG\Zen\zen_in.chm
c:\program files\AVG\Zen\zen_in.lng
c:\program files\AVG\Zen\zen_it.chm
c:\program files\AVG\Zen\zen_it.lng
c:\program files\AVG\Zen\zen_jp.chm
c:\program files\AVG\Zen\zen_jp.lng
c:\program files\AVG\Zen\zen_ko.chm
c:\program files\AVG\Zen\zen_ko.lng
c:\program files\AVG\Zen\zen_ms.chm
c:\program files\AVG\Zen\zen_ms.lng
c:\program files\AVG\Zen\zen_nl.chm
c:\program files\AVG\Zen\zen_nl.lng
c:\program files\AVG\Zen\zen_pb.chm
c:\program files\AVG\Zen\zen_pb.lng
c:\program files\AVG\Zen\zen_pl.chm
c:\program files\AVG\Zen\zen_pl.lng
c:\program files\AVG\Zen\zen_pt.chm
c:\program files\AVG\Zen\zen_pt.lng
c:\program files\AVG\Zen\zen_ru.chm
c:\program files\AVG\Zen\zen_ru.lng
c:\program files\AVG\Zen\zen_sc.chm
c:\program files\AVG\Zen\zen_sc.lng
c:\program files\AVG\Zen\zen_sk.chm
c:\program files\AVG\Zen\zen_sk.lng
c:\program files\AVG\Zen\zen_sp.chm
c:\program files\AVG\Zen\zen_sp.lng
c:\program files\AVG\Zen\zen_tr.chm
c:\program files\AVG\Zen\zen_tr.lng
c:\program files\AVG\Zen\zen_us.chm
c:\program files\AVG\Zen\zen_us.lng
c:\program files\AVG\Zen\zen_zh.chm
c:\program files\AVG\Zen\zen_zh.lng
c:\program files\AVG\Zen\zen_zt.chm
c:\program files\AVG\Zen\zen_zt.lng
c:\program files\AVG\Zen\zprivacyfixpluginx.dll
c:\program files\AVG\Zen\zsvcpluginx.dll
c:\program files\AVG\Zen\zuiplugin_dllx.dll
c:\program files\Skype\Updater
c:\program files\Skype\Updater\Updater.dll
c:\program files\Skype\Updater\Updater.exe
c:\windows\Tasks\Adobe Flash Player Updater.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_avgsvc
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2016-01-18 do 2016-02-18 )))))))))))))))))))))))))))))))
.
.
2016-02-18 17:11 . 2016-02-18 17:13 -------- d-----w- c:\users\pc\AppData\Local\temp
2016-02-18 17:11 . 2016-02-18 17:11 -------- d-----w- c:\users\Public\AppData\Local\temp
2016-02-18 17:11 . 2016-02-18 17:11 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-02-18 17:07 . 2016-02-18 17:07 -------- d-----w- c:\users\pc\AppData\Local\CrashDumps
2016-02-18 12:02 . 2016-02-18 12:02 62576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{ABB698E7-A2F2-4BFE-86A4-00439A998B86}\offreg.2676.dll
2016-02-17 22:38 . 2016-02-17 22:01 24064 ----a-w- c:\windows\zoek-delete.exe
2016-02-17 22:01 . 2016-02-17 22:01 -------- d-----w- C:\zoek_backup
2016-02-17 13:09 . 2016-02-17 16:17 -------- d-----w- C:\AdwCleaner
2016-02-17 04:26 . 2015-12-16 09:15 9014120 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{ABB698E7-A2F2-4BFE-86A4-00439A998B86}\mpengine.dll
2016-02-10 21:17 . 2016-01-16 18:34 949760 ----a-w- c:\windows\system32\aeinv.dll
2016-02-10 21:17 . 2016-01-11 14:07 544768 ----a-w- c:\windows\system32\generaltel.dll
2016-02-10 21:17 . 2016-01-11 14:07 1198080 ----a-w- c:\windows\system32\appraiser.dll
2016-02-10 21:17 . 2016-01-16 18:42 22464 ----a-w- c:\windows\system32\CompatTelRunner.exe
2016-02-10 21:17 . 2016-01-11 14:07 65536 ----a-w- c:\windows\system32\acmigration.dll
2016-02-10 21:17 . 2016-01-11 14:07 591360 ----a-w- c:\windows\system32\invagent.dll
2016-02-10 21:17 . 2016-01-11 14:07 424960 ----a-w- c:\windows\system32\devinv.dll
2016-02-10 21:15 . 2016-02-06 09:54 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2016-02-09 22:43 . 2016-02-09 22:43 -------- d-----w- c:\program files\Common Files\Java
2016-02-09 22:40 . 2016-02-09 22:40 -------- d-----w- c:\program files\Common Files\Skype
2016-02-03 15:15 . 2016-02-03 15:15 334280 ----a-w- c:\windows\system32\aswBoot.exe
2016-02-03 15:15 . 2016-02-03 15:15 52184 ----a-w- c:\windows\avastSS.scr
2016-01-21 17:01 . 2016-01-21 17:01 -------- d-----w- c:\windows\system32\%LOCALAPPDATA%
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-02-17 21:46 . 2014-07-30 16:52 24688 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2016-02-17 13:14 . 2014-07-30 16:21 170200 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2016-02-12 11:33 . 2014-07-30 16:32 796864 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2016-02-12 11:33 . 2014-07-30 16:32 142528 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2016-02-10 11:54 . 2016-01-10 19:57 221240 ----a-w- c:\windows\system32\drivers\aswvmm.sys
2016-02-09 22:42 . 2014-07-30 18:08 95840 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2016-02-03 15:15 . 2016-01-10 19:57 447848 ----a-w- c:\windows\system32\drivers\aswSP.sys
2016-02-03 15:15 . 2016-01-10 19:57 127432 ----a-w- c:\windows\system32\drivers\aswStm.sys
2016-02-03 15:15 . 2016-01-10 19:57 91168 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2016-02-03 15:15 . 2016-01-10 19:57 58776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2016-02-03 15:15 . 2016-01-10 19:57 32792 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2016-02-03 15:15 . 2016-01-10 19:57 91232 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2016-02-03 15:15 . 2016-01-10 19:57 812720 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2016-01-22 06:05 . 2016-02-11 21:01 251392 ----a-w- c:\windows\system32\schannel.dll
2016-01-18 16:28 . 2016-01-18 16:28 970912 ----a-w- c:\windows\system32\msvcr120.dll
2016-01-18 16:28 . 2016-01-18 16:28 455328 ----a-w- c:\windows\system32\msvcp120.dll
2016-01-18 16:28 . 2016-01-18 16:28 247984 ----a-w- c:\windows\system32\vccorlib120.dll
2015-12-08 21:54 . 2016-01-13 11:39 1620992 ----a-w- c:\windows\system32\WMVDECOD.DLL
2015-12-08 21:54 . 2016-01-13 11:39 902144 ----a-w- c:\windows\system32\WMADMOD.DLL
2015-12-08 21:54 . 2016-01-13 11:39 739328 ----a-w- c:\windows\system32\WMSPDMOD.DLL
2015-12-08 21:54 . 2016-01-13 11:39 541184 ----a-w- c:\windows\system32\WMVSDECD.DLL
2015-12-08 21:54 . 2016-01-13 11:39 815616 ----a-w- c:\windows\system32\WMADMOE.DLL
2015-12-08 21:54 . 2016-01-13 11:39 740352 ----a-w- c:\windows\system32\wmpmde.dll
2015-12-08 21:54 . 2016-01-13 11:39 665088 ----a-w- c:\windows\system32\WMVXENCD.DLL
2015-12-08 21:54 . 2016-01-13 11:39 1568768 ----a-w- c:\windows\system32\WMVENCOD.DLL
2015-12-08 21:54 . 2016-01-13 11:39 358400 ----a-w- c:\windows\system32\WMVSENCD.DLL
2015-12-08 21:54 . 2016-01-13 11:39 1325056 ----a-w- c:\windows\system32\WMSPDMOE.DLL
2015-12-08 21:54 . 2016-01-13 11:39 1202688 ----a-w- c:\windows\system32\WMALFXGFXDSP.dll
2015-12-08 21:54 . 2016-01-13 11:39 2285056 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2015-12-08 21:54 . 2016-01-13 11:39 154112 ----a-w- c:\windows\system32\VIDRESZR.DLL
2015-12-08 21:53 . 2016-01-13 11:39 338944 ----a-w- c:\windows\system32\SysFxUI.dll
2015-12-08 21:53 . 2016-01-13 11:39 206848 ----a-w- c:\windows\system32\RESAMPLEDMO.DLL
2015-12-08 21:53 . 2016-01-13 11:39 509952 ----a-w- c:\windows\system32\qedit.dll
2015-12-08 21:53 . 2016-01-13 11:39 519680 ----a-w- c:\windows\system32\qdvd.dll
2015-12-08 21:53 . 2016-01-13 11:39 1329664 ----a-w- c:\windows\system32\quartz.dll
2015-12-08 21:53 . 2016-01-13 11:39 206848 ----a-w- c:\windows\system32\qasf.dll
2015-12-08 21:53 . 2016-01-13 11:39 970240 ----a-w- c:\windows\system32\msmpeg2adec.dll
2015-12-08 21:53 . 2016-01-13 11:39 829952 ----a-w- c:\windows\system32\MSMPEG2ENC.DLL
2015-12-08 21:53 . 2016-01-13 11:39 241152 ----a-w- c:\windows\system32\MPG4DECD.DLL
2015-12-08 21:53 . 2016-01-13 11:39 241152 ----a-w- c:\windows\system32\MP43DECD.DLL
2015-12-08 21:53 . 2016-01-13 11:39 79872 ----a-w- c:\windows\system32\MP3DMOD.DLL
2015-12-08 21:53 . 2016-01-13 11:39 415744 ----a-w- c:\windows\system32\MP4SDECD.DLL
2015-12-08 21:53 . 2016-01-13 11:39 3209728 ----a-w- c:\windows\system32\mf.dll
2015-12-08 21:53 . 2016-01-13 11:39 728576 ----a-w- c:\windows\system32\mcmde.dll
2015-12-08 21:53 . 2016-01-13 11:39 354816 ----a-w- c:\windows\system32\mfplat.dll
2015-12-08 21:53 . 2016-01-13 11:39 609280 ----a-w- c:\windows\system32\MFWMAAEC.DLL
2015-12-08 21:53 . 2016-01-13 11:39 53248 ----a-w- c:\windows\system32\mfvdsp.dll
2015-12-08 21:53 . 2016-01-13 11:39 103424 ----a-w- c:\windows\system32\mfps.dll
2015-12-08 21:53 . 2016-01-13 11:39 4608 ----a-w- c:\windows\system32\ksuser.dll
2015-12-08 21:53 . 2016-01-13 11:39 305664 ----a-w- c:\windows\system32\gdi32.dll
2015-12-08 21:53 . 2016-01-13 11:39 489984 ----a-w- c:\windows\system32\evr.dll
2015-12-08 21:53 . 2016-01-13 11:39 67584 ----a-w- c:\windows\system32\devenum.dll
2015-12-08 21:53 . 2016-01-13 11:39 153600 ----a-w- c:\windows\system32\COLORCNV.DLL
2015-12-08 21:53 . 2016-01-13 11:39 50176 ----a-w- c:\windows\system32\rrinstaller.exe
2015-12-08 21:53 . 2016-01-13 11:39 23040 ----a-w- c:\windows\system32\mfpmp.exe
2015-12-08 21:53 . 2016-01-13 11:39 193536 ----a-w- c:\windows\system32\ksproxy.ax
2015-12-08 21:50 . 2016-01-13 11:39 2048 ----a-w- c:\windows\system32\mferror.dll
2015-12-08 21:43 . 2016-01-13 11:39 81408 ----a-w- c:\windows\system32\drivers\drmk.sys
2015-12-08 21:11 . 2016-01-13 11:39 177152 ----a-w- c:\windows\system32\drivers\portcls.sys
2015-12-08 21:11 . 2016-01-13 11:39 5120 ----a-w- c:\windows\system32\drivers\drmkaud.sys
2015-12-02 12:25 . 2014-07-30 14:35 247976 ------w- c:\windows\system32\MpSigStub.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2016-02-03 15:15 770088 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2015-11-10 14688512]
"PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2007-12-10 323584]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2016-02-15 7139768]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli c:\program files\Lenovo\Bluetooth Software\BtwProximityCP.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AmIcoSinglun]
2000-01-01 00:00 237568 ----a-w- c:\program files\AmIcoSingLun\AmIcoSinglun.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
2014-04-17 20:38 748256 ----a-w- c:\program files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2016-01-29 18:29 595504 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
R1 BAPIDRV;BAPIDRV;c:\windows\system32\DRIVERS\BAPIDRV.sys [x]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes Anti-Malware\mbamservice.exe [2015-10-05 1135416]
R3 AndnetBus;LGE Mobile USB Composite Device;c:\windows\system32\DRIVERS\lgandnetbus.sys [2014-10-09 15744]
R3 AndNetDiag;LGE AndroidNet USB Serial Port;c:\windows\system32\DRIVERS\lgandnetdiag.sys [2014-10-09 23680]
R3 ANDNetModem;LGE AndroidNet USB Modem;c:\windows\system32\DRIVERS\lgandnetmodem.sys [2014-10-09 28416]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2016-01-22 102912]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys [2015-10-05 51928]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2014-07-31 1343400]
R4 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2014-04-17 276992]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [2014-06-04 18624]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2016-02-03 812720]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2016-02-03 447848]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO32.SYS [2015-11-10 23840]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2016-02-03 32792]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2016-02-03 91168]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys [2016-02-03 127432]
S2 BrcmMgmtAgent;Broadcom Management Agent;c:\program files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe [2012-08-02 154624]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 RtkAudioService;Realtek Audio Service;c:\program files\Realtek\Audio\HDA\RtkAudioService.exe [2015-11-10 266496]
S2 ssinstall;SInstalátor;c:\windows\System32\ssins.exe [2014-12-25 2324216]
S3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [2015-11-10 76952]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys [2013-10-02 176856]
S3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys [2014-03-25 508632]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2011-09-17 33832]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2015-10-05 23256]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [2014-07-30 47360]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
utcsvc REG_MULTI_SZ DiagTrack
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-07-14 19:34 991048 ----a-w- c:\program files\Google\Chrome\Application\43.0.2357.134\Installer\chrmstp.exe
.
.
------- Doplňkový sken -------
.
TCP: DhcpNameServer = 172.20.0.1 188.116.64.5
TCP: Interfaces\{39C2584A-1543-461E-AA43-BACBF2239248}: DhcpNameServer = 172.20.0.1 188.116.64.5
FF - ProfilePath - c:\users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\cri16llo.default\
FF - prefs.js: browser.startup.homepage - hxxps://www.seznam.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
MSConfigStartUp-AvgUi - c:\program files\AVG\Framework\Common\avguix.exe
.
.
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\Realtek\Audio\HDA\RtHDVBg.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\conhost.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\Lenovo\Bluetooth Software\btwdins.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\system32\sppsvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\System32\WUDFHost.exe
c:\windows\system32\wbem\unsecapp.exe
.
**************************************************************************
.
Celkový čas: 2016-02-18 18:17:33 - počítač byl restartován
ComboFix-quarantined-files.txt 2016-02-18 17:17
ComboFix2.txt 2016-02-18 12:02
.
Před spuštěním: Volných bajtů: 40 802 476 032
Po spuštění: Volných bajtů: 40 464 216 064
.
- - End Of File - - F7EF1EF757279E4166F5EF077E956C74
A36C5E4F47E84449FF07ED3517B43A31

Reklama

Příspěvekod **jaro3** » 19 úno 2016 09:14

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

KillAll::
File::
c:\windows\system32\DRIVERS\BAPIDRV.sys

Driver::
BAPIDRV

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

miruska27 · Příspěvekod **miruska27** » 19 úno 2016 12:40

Jaro proveden patřičný sken CF, opět na pozici "48" se zastavil a napsal, že program "pev.3XE" nefunguje, nebo byl ukončen. Což jsem odsouhlasil a CF dojel do konce. Po restartu vytvořil log a je tu.....

ComboFix 16-02-19.01 - pc 19.02.2016 12:06:47.3.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.1918.1245 [GMT 1:00]
Spuštěný z: c:\users\pc\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\pc\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
FILE ::
"c:\windows\system32\DRIVERS\BAPIDRV.sys"
.
.
Přerušeno ... Prosím spusťte ComboFix znovu.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_BAPIDRV
-------\Service_BAPIDRV
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2016-01-19 do 2016-02-19 )))))))))))))))))))))))))))))))
.
.
2016-02-19 11:27 . 2016-02-19 11:27 -------- d-----w- c:\users\Public\AppData\Local\temp
2016-02-19 11:27 . 2016-02-19 11:27 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-02-18 17:11 . 2016-02-19 11:28 -------- d-----w- c:\users\pc\AppData\Local\temp
2016-02-18 17:07 . 2016-02-19 11:24 -------- d-----w- c:\users\pc\AppData\Local\CrashDumps
2016-02-18 12:02 . 2016-02-18 12:02 62576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{ABB698E7-A2F2-4BFE-86A4-00439A998B86}\offreg.2676.dll
2016-02-17 22:38 . 2016-02-17 22:01 24064 ----a-w- c:\windows\zoek-delete.exe
2016-02-17 22:01 . 2016-02-17 22:01 -------- d-----w- C:\zoek_backup
2016-02-17 13:09 . 2016-02-17 16:17 -------- d-----w- C:\AdwCleaner
2016-02-17 04:26 . 2015-12-16 09:15 9014120 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{ABB698E7-A2F2-4BFE-86A4-00439A998B86}\mpengine.dll
2016-02-10 21:17 . 2016-01-16 18:34 949760 ----a-w- c:\windows\system32\aeinv.dll
2016-02-10 21:17 . 2016-01-11 14:07 544768 ----a-w- c:\windows\system32\generaltel.dll
2016-02-10 21:17 . 2016-01-11 14:07 1198080 ----a-w- c:\windows\system32\appraiser.dll
2016-02-10 21:17 . 2016-01-16 18:42 22464 ----a-w- c:\windows\system32\CompatTelRunner.exe
2016-02-10 21:17 . 2016-01-11 14:07 65536 ----a-w- c:\windows\system32\acmigration.dll
2016-02-10 21:17 . 2016-01-11 14:07 591360 ----a-w- c:\windows\system32\invagent.dll
2016-02-10 21:17 . 2016-01-11 14:07 424960 ----a-w- c:\windows\system32\devinv.dll
2016-02-10 21:15 . 2016-02-06 09:54 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2016-02-09 22:43 . 2016-02-09 22:43 -------- d-----w- c:\program files\Common Files\Java
2016-02-09 22:40 . 2016-02-09 22:40 -------- d-----w- c:\program files\Common Files\Skype
2016-02-03 15:15 . 2016-02-03 15:15 334280 ----a-w- c:\windows\system32\aswBoot.exe
2016-02-03 15:15 . 2016-02-03 15:15 52184 ----a-w- c:\windows\avastSS.scr
2016-01-21 17:01 . 2016-01-21 17:01 -------- d-----w- c:\windows\system32\%LOCALAPPDATA%
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-02-17 21:46 . 2014-07-30 16:52 24688 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2016-02-17 13:14 . 2014-07-30 16:21 170200 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2016-02-12 11:33 . 2014-07-30 16:32 796864 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2016-02-12 11:33 . 2014-07-30 16:32 142528 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2016-02-10 11:54 . 2016-01-10 19:57 221240 ----a-w- c:\windows\system32\drivers\aswvmm.sys
2016-02-09 22:42 . 2014-07-30 18:08 95840 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2016-02-03 15:15 . 2016-01-10 19:57 447848 ----a-w- c:\windows\system32\drivers\aswSP.sys
2016-02-03 15:15 . 2016-01-10 19:57 127432 ----a-w- c:\windows\system32\drivers\aswStm.sys
2016-02-03 15:15 . 2016-01-10 19:57 91168 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2016-02-03 15:15 . 2016-01-10 19:57 58776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2016-02-03 15:15 . 2016-01-10 19:57 32792 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2016-02-03 15:15 . 2016-01-10 19:57 91232 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2016-02-03 15:15 . 2016-01-10 19:57 812720 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2016-01-22 06:05 . 2016-02-11 21:01 251392 ----a-w- c:\windows\system32\schannel.dll
2016-01-18 16:28 . 2016-01-18 16:28 970912 ----a-w- c:\windows\system32\msvcr120.dll
2016-01-18 16:28 . 2016-01-18 16:28 455328 ----a-w- c:\windows\system32\msvcp120.dll
2016-01-18 16:28 . 2016-01-18 16:28 247984 ----a-w- c:\windows\system32\vccorlib120.dll
2015-12-08 21:54 . 2016-01-13 11:39 1620992 ----a-w- c:\windows\system32\WMVDECOD.DLL
2015-12-08 21:54 . 2016-01-13 11:39 902144 ----a-w- c:\windows\system32\WMADMOD.DLL
2015-12-08 21:54 . 2016-01-13 11:39 739328 ----a-w- c:\windows\system32\WMSPDMOD.DLL
2015-12-08 21:54 . 2016-01-13 11:39 541184 ----a-w- c:\windows\system32\WMVSDECD.DLL
2015-12-08 21:54 . 2016-01-13 11:39 815616 ----a-w- c:\windows\system32\WMADMOE.DLL
2015-12-08 21:54 . 2016-01-13 11:39 740352 ----a-w- c:\windows\system32\wmpmde.dll
2015-12-08 21:54 . 2016-01-13 11:39 665088 ----a-w- c:\windows\system32\WMVXENCD.DLL
2015-12-08 21:54 . 2016-01-13 11:39 1568768 ----a-w- c:\windows\system32\WMVENCOD.DLL
2015-12-08 21:54 . 2016-01-13 11:39 358400 ----a-w- c:\windows\system32\WMVSENCD.DLL
2015-12-08 21:54 . 2016-01-13 11:39 1325056 ----a-w- c:\windows\system32\WMSPDMOE.DLL
2015-12-08 21:54 . 2016-01-13 11:39 1202688 ----a-w- c:\windows\system32\WMALFXGFXDSP.dll
2015-12-08 21:54 . 2016-01-13 11:39 2285056 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2015-12-08 21:54 . 2016-01-13 11:39 154112 ----a-w- c:\windows\system32\VIDRESZR.DLL
2015-12-08 21:53 . 2016-01-13 11:39 338944 ----a-w- c:\windows\system32\SysFxUI.dll
2015-12-08 21:53 . 2016-01-13 11:39 206848 ----a-w- c:\windows\system32\RESAMPLEDMO.DLL
2015-12-08 21:53 . 2016-01-13 11:39 509952 ----a-w- c:\windows\system32\qedit.dll
2015-12-08 21:53 . 2016-01-13 11:39 519680 ----a-w- c:\windows\system32\qdvd.dll
2015-12-08 21:53 . 2016-01-13 11:39 1329664 ----a-w- c:\windows\system32\quartz.dll
2015-12-08 21:53 . 2016-01-13 11:39 206848 ----a-w- c:\windows\system32\qasf.dll
2015-12-08 21:53 . 2016-01-13 11:39 970240 ----a-w- c:\windows\system32\msmpeg2adec.dll
2015-12-08 21:53 . 2016-01-13 11:39 829952 ----a-w- c:\windows\system32\MSMPEG2ENC.DLL
2015-12-08 21:53 . 2016-01-13 11:39 241152 ----a-w- c:\windows\system32\MPG4DECD.DLL
2015-12-08 21:53 . 2016-01-13 11:39 241152 ----a-w- c:\windows\system32\MP43DECD.DLL
2015-12-08 21:53 . 2016-01-13 11:39 79872 ----a-w- c:\windows\system32\MP3DMOD.DLL
2015-12-08 21:53 . 2016-01-13 11:39 415744 ----a-w- c:\windows\system32\MP4SDECD.DLL
2015-12-08 21:53 . 2016-01-13 11:39 3209728 ----a-w- c:\windows\system32\mf.dll
2015-12-08 21:53 . 2016-01-13 11:39 728576 ----a-w- c:\windows\system32\mcmde.dll
2015-12-08 21:53 . 2016-01-13 11:39 354816 ----a-w- c:\windows\system32\mfplat.dll
2015-12-08 21:53 . 2016-01-13 11:39 609280 ----a-w- c:\windows\system32\MFWMAAEC.DLL
2015-12-08 21:53 . 2016-01-13 11:39 53248 ----a-w- c:\windows\system32\mfvdsp.dll
2015-12-08 21:53 . 2016-01-13 11:39 103424 ----a-w- c:\windows\system32\mfps.dll
2015-12-08 21:53 . 2016-01-13 11:39 4608 ----a-w- c:\windows\system32\ksuser.dll
2015-12-08 21:53 . 2016-01-13 11:39 305664 ----a-w- c:\windows\system32\gdi32.dll
2015-12-08 21:53 . 2016-01-13 11:39 489984 ----a-w- c:\windows\system32\evr.dll
2015-12-08 21:53 . 2016-01-13 11:39 67584 ----a-w- c:\windows\system32\devenum.dll
2015-12-08 21:53 . 2016-01-13 11:39 153600 ----a-w- c:\windows\system32\COLORCNV.DLL
2015-12-08 21:53 . 2016-01-13 11:39 50176 ----a-w- c:\windows\system32\rrinstaller.exe
2015-12-08 21:53 . 2016-01-13 11:39 23040 ----a-w- c:\windows\system32\mfpmp.exe
2015-12-08 21:53 . 2016-01-13 11:39 193536 ----a-w- c:\windows\system32\ksproxy.ax
2015-12-08 21:50 . 2016-01-13 11:39 2048 ----a-w- c:\windows\system32\mferror.dll
2015-12-08 21:43 . 2016-01-13 11:39 81408 ----a-w- c:\windows\system32\drivers\drmk.sys
2015-12-08 21:11 . 2016-01-13 11:39 177152 ----a-w- c:\windows\system32\drivers\portcls.sys
2015-12-08 21:11 . 2016-01-13 11:39 5120 ----a-w- c:\windows\system32\drivers\drmkaud.sys
2015-12-02 12:25 . 2014-07-30 14:35 247976 ------w- c:\windows\system32\MpSigStub.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2016-02-03 15:15 770088 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2015-11-10 14688512]
"PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2007-12-10 323584]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2016-02-15 7139768]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli c:\program files\Lenovo\Bluetooth Software\BtwProximityCP.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AmIcoSinglun]
2000-01-01 00:00 237568 ----a-w- c:\program files\AmIcoSingLun\AmIcoSinglun.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
2014-04-17 20:38 748256 ----a-w- c:\program files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2016-01-29 18:29 595504 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
R2 MBAMService;MBAMService;c:\program files\Malwarebytes Anti-Malware\mbamservice.exe [2015-10-05 1135416]
R3 AndnetBus;LGE Mobile USB Composite Device;c:\windows\system32\DRIVERS\lgandnetbus.sys [2014-10-09 15744]
R3 AndNetDiag;LGE AndroidNet USB Serial Port;c:\windows\system32\DRIVERS\lgandnetdiag.sys [2014-10-09 23680]
R3 ANDNetModem;LGE AndroidNet USB Modem;c:\windows\system32\DRIVERS\lgandnetmodem.sys [2014-10-09 28416]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2016-01-22 102912]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys [2015-10-05 51928]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2014-07-31 1343400]
R4 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2014-04-17 276992]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [2014-06-04 18624]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2016-02-03 812720]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2016-02-03 447848]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO32.SYS [2015-11-10 23840]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2016-02-03 32792]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2016-02-03 91168]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys [2016-02-03 127432]
S2 BrcmMgmtAgent;Broadcom Management Agent;c:\program files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe [2012-08-02 154624]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 RtkAudioService;Realtek Audio Service;c:\program files\Realtek\Audio\HDA\RtkAudioService.exe [2015-11-10 266496]
S2 ssinstall;SInstalátor;c:\windows\System32\ssins.exe [2014-12-25 2324216]
S3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [2015-11-10 76952]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys [2013-10-02 176856]
S3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys [2014-03-25 508632]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2011-09-17 33832]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2015-10-05 23256]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [2014-07-30 47360]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
utcsvc REG_MULTI_SZ DiagTrack
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-07-14 19:34 991048 ----a-w- c:\program files\Google\Chrome\Application\43.0.2357.134\Installer\chrmstp.exe
.
.
------- Doplňkový sken -------
.
TCP: DhcpNameServer = 172.20.0.1 188.116.64.5
TCP: Interfaces\{39C2584A-1543-461E-AA43-BACBF2239248}: DhcpNameServer = 172.20.0.1 188.116.64.5
FF - ProfilePath - c:\users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\cri16llo.default\
FF - prefs.js: browser.startup.homepage - hxxps://www.seznam.cz/
.
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\program files\Realtek\Audio\HDA\RtHDVBg.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\conhost.exe
c:\program files\Lenovo\Bluetooth Software\btwdins.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\system32\sppsvc.exe
c:\windows\System32\WUDFHost.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Celkový čas: 2016-02-19 12:32:25 - počítač byl restartován
ComboFix-quarantined-files.txt 2016-02-19 11:32
ComboFix2.txt 2016-02-18 17:17
ComboFix3.txt 2016-02-18 12:02
.
Před spuštěním: Volných bajtů: 45 257 453 568
Po spuštění: Volných bajtů: 45 110 882 304
.
- - End Of File - - ED2A1790906E3209907B09AD2EAC2935
A36C5E4F47E84449FF07ED3517B43A31

A log HJT...

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:35:55, on 19.2.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18205)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Windows\PixArt\Pac7302\Monitor.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\Explorer.exe
C:\Windows\system32\SearchFilterHost.exe
F:\Programy\HijackThis.exe
C:\Windows\system32\DllHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_74\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_74\bin\jp2ssv.dll
O4 - HKLM\..\Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe" -s
O4 - HKLM\..\Run: [PAC7302_Monitor] C:\Windows\PixArt\PAC7302\Monitor.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Broadcom Management Agent (BrcmMgmtAgent) - Broadcom Corporation - C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SInstalátor (ssinstall) - PS Media s.r.o. - C:\Windows\System32\ssins.exe

--
End of file - 3289 bytes

Příspěvekod **Orcus** » 19 úno 2016 22:46

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

====================================================

Vyčisti systém CCleanerem

====================================================

Stáhni si zde DelFix
http://general-changelog-team.fr/fr/dow ... e/9-delfix

ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore) .
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci.

Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem. Jinak je zpráva zde: C: \ DelFix.txt

Co problémy?

miruska27 · Příspěvekod **miruska27** » 20 úno 2016 06:43

Vše provedeno a vyčištěno, přikládám log z DelFix.....

Problémy.... Zkusil jsem udělat JRT, ale po půl hodině stání při prohlížení souborů, jsem ho zastavil a RK mi našel zase v registrech už asi 20x smazaných 6 stejných chyb. Nevím, jestli se dá udělat touto cestou ještě něco, aby se nalezl problém..... Přesto všem děkuji za pomoc...

# DelFix v1.011 - Logfile created 20/02/2016 at 06:37:39
# Updated 18/08/2015 by Xplode
# Username : pc - ELIŠKA
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)

~ Removing disinfection tools ...

Deleted : C:\zoek_backup
Deleted : C:\AdwCleaner
Deleted : C:\ComboFix.txt
Deleted : C:\zoek-results.log
Deleted : C:\Users\pc\Desktop\adwcleaner_5.034.exe
Deleted : C:\Users\pc\Desktop\aswmbr.exe
Deleted : C:\Users\pc\Desktop\JRT.exe
Deleted : C:\Users\pc\Desktop\RogueKiller.exe
Deleted : C:\Users\pc\Desktop\TFC.exe
Deleted : C:\Users\pc\Desktop\zoek.exe
Deleted : HKLM\SOFTWARE\Swearware
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis
Deleted : HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ASWMBR

~ Cleaning system restore ...

Deleted : RP #587 [ComboFix created restore point | 02/20/2016 05:36:50]

New restore point created !

########## - EOF - ##########

miruska27 · Příspěvekod **miruska27** » 20 úno 2016 09:28

Avg už je pryč...... Aspoň doufám, že všechno.....

Příspěvekod **Orcus** » 20 úno 2016 17:25

Ad JRT - občas prostě nejde.

RK - dodej nový log s nálezy prosím.

miruska27 · Příspěvekod **miruska27** » 20 úno 2016 18:42

Hezký večer. Provedeno, přikládám log z RK. Věřím, že JRT se občas nepovede, ale mě jel bez problémů JRT i RK v pohodě a během chvilky. Potom se něco stalo, netuším co, a JRT udělám už JEN v nouzovém režimu za zhruba 2 hodiny, a RK taky jede enormě dlouho. A závada je pořád stejná, už jsem ji tu řešil asi 3x a stále je to stejné. Proto mám obavu, jestli se něco podaří v mém zakletém PC najde, co způsobuje tento problém. Přesto děkuji za snahu pomoci.....

RogueKiller V11.0.12.0 [Feb 15 2016] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/software/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno : Normální režim
Uživatel : pc [Práva správce]
Started from : C:\Users\pc\Desktop\RogueKiller.exe
Mód : Prohledat -- Datum : 02/20/2016 18:28:10

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 6 ¤¤¤
[PUM.Dns] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 172.20.0.1 188.116.64.5 ([X][X]) -> Nalezeno
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 172.20.0.1 188.116.64.5 ([X][X]) -> Nalezeno
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : 172.20.0.1 188.116.64.5 ([X][X]) -> Nalezeno
[PUM.Dns] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{39C2584A-1543-461E-AA43-BACBF2239248} | DhcpNameServer : 172.20.0.1 188.116.64.5 ([X][X]) -> Nalezeno
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{39C2584A-1543-461E-AA43-BACBF2239248} | DhcpNameServer : 172.20.0.1 188.116.64.5 ([X][X]) -> Nalezeno
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{39C2584A-1543-461E-AA43-BACBF2239248} | DhcpNameServer : 172.20.0.1 188.116.64.5 ([X][X]) -> Nalezeno

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: ST500DM002-1BC142 ATA Device +++++
--- User ---
[MBR] 457051b5cbd7270aedb2fb4cf7ea430f
[BSP] 79bbf48e99295a2842037a4e428f012d : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100000 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 204802048 | Size: 376938 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: Generic USB SD Reader +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )

+++++ PhysicalDrive2: Generic USB CF Reader +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )

+++++ PhysicalDrive3: Generic USB xD/SM Reader +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )

+++++ PhysicalDrive4: Generic USB MS Reader +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )

Příspěvekod **jerabina** » 20 úno 2016 18:46

Hezký večer i tobě :-)

Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit Farbar Recovery Scan Tool (FRST)
32bit.:
http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
64bit.:
http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
a ulož jej na plochu. ,pak spusť FRST jako správce
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

miruska27 · Příspěvekod **miruska27** » 20 úno 2016 18:57

Děkuji....... Tady jsou oba logy.....

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:20-02-2016
Ran by pc (administrator) on ELIŠKA (20-02-2016 18:53:04)
Running from C:\Users\pc\Desktop
Loaded Profiles: pc (Available Profiles: pc)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(PixArt Imaging Incorporation) C:\Windows\PixArt\Pac7302\Monitor.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Broadcom Corporation) C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(PS Media s.r.o.) C:\Windows\System32\ssins.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
() C:\Users\pc\Desktop\RogueKiller.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [14688512 2015-11-10] (Realtek Semiconductor)
HKLM\...\Run: [PAC7302_Monitor] => C:\Windows\PixArt\PAC7302\Monitor.exe [323584 2007-12-10] (PixArt Imaging Incorporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7139768 2016-02-15] (AVAST Software)
HKU\S-1-5-21-860103369-4256068919-2072106398-1000\Control Panel\Desktop\\SCRNSAVE.EXE ->
Lsa: [Notification Packages] scecli C:\Program Files\Lenovo\Bluetooth Software\BtwProximityCP.dll
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2016-02-03] (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 172.20.0.1 188.116.64.5
Tcpip\..\Interfaces\{39C2584A-1543-461E-AA43-BACBF2239248}: [DhcpNameServer] 172.20.0.1 188.116.64.5

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-860103369-4256068919-2072106398-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-860103369-4256068919-2072106398-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKU\S-1-5-21-860103369-4256068919-2072106398-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_74\bin\ssv.dll [2016-02-09] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-02-03] (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_74\bin\jp2ssv.dll [2016-02-09] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\cri16llo.default
FF NewTab: about:newtab
FF Homepage: hxxps://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-12] ()
FF Plugin: @java.com/DTPlugin,version=11.74.2 -> C:\Program Files\Java\jre1.8.0_74\bin\dtplugin\npDeployJava1.dll [2016-02-09] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.74.2 -> C:\Program Files\Java\jre1.8.0_74\bin\plugin2\npjp2.dll [2016-02-09] (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Extension: Adblock Plus - C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\cri16llo.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-20]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-02-03]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-02-03]

Chrome:
=======
CHR Profile: C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-08]
CHR Extension: (Google Docs) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-08]
CHR Extension: (Google Drive) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-09-08]
CHR Extension: (YouTube) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-08]
CHR Extension: (Google Search) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-09-08]
CHR Extension: (Google Sheets) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-08]
CHR Extension: (Chrome Web Store Payments) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-08]
CHR Extension: (Gmail) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-08]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-02-03]
CHR HKU\S-1-5-21-860103369-4256068919-2072106398-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [kegdldmohomdaelnepdpbkdhfemobdgl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [276992 2014-04-17] (Advanced Micro Devices, Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [237096 2016-02-03] (AVAST Software)
R2 BrcmMgmtAgent; C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe [154624 2012-08-02] (Broadcom Corporation) [File not signed]
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [829696 2014-07-17] (Broadcom Corporation.)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [45568 2011-04-13] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [55808 2011-04-13] (Hewlett-Packard) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe [266496 2015-11-10] (Realtek Semiconductor)
R2 ssinstall; C:\Windows\System32\ssins.exe [2324216 2014-12-25] (PS Media s.r.o.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdide; C:\Windows\System32\DRIVERS\amdide.sys [11944 2014-11-15] (Advanced Micro Devices Inc.)
R3 AmUStor; C:\Windows\System32\drivers\AmUStor.SYS [76952 2015-11-10] (Alcor Micro, Corp.)
S3 AndnetBus; C:\Windows\System32\DRIVERS\lgandnetbus.sys [15744 2014-10-09] (LG Electronics Inc.)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag.sys [23680 2014-10-09] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem.sys [28416 2014-10-09] (LG Electronics Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [32792 2016-02-03] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [91168 2016-02-03] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [91232 2016-02-03] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [58776 2016-02-03] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [812720 2016-02-03] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447848 2016-02-03] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [127432 2016-02-03] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [221240 2016-02-10] (AVAST Software)
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [176856 2013-10-02] (Broadcom Corporation.)
R3 btwampfl; C:\Windows\system32\drivers\btwampfl.sys [508632 2014-03-25] (Broadcom Corporation.)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2015-11-10] (REALiX(tm))
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-10-05] (Malwarebytes Corporation)
S3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [461824 2009-04-28] (PixArt Imaging Inc.)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [18624 2014-06-04] (IObit)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [24688 2016-02-20] ()
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 btaudio; system32\drivers\btaudio.sys [X]
S3 BTDriver; system32\DRIVERS\btport.sys [X]
S3 BTWDNDIS; system32\DRIVERS\btwdndis.sys [X]
S3 btwhid; system32\DRIVERS\btwhid.sys [X]
S3 BTWUSB; System32\Drivers\btwusb.sys [X]
S3 catchme; \??\C:\Users\pc\AppData\Local\Temp\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-20 18:53 - 2016-02-20 18:53 - 00011565 _____ C:\Users\pc\Desktop\FRST.txt
2016-02-20 18:52 - 2016-02-20 18:53 - 00000000 ____D C:\FRST
2016-02-20 18:51 - 2016-02-20 18:51 - 01722368 _____ (Farbar) C:\Users\pc\Desktop\FRST.exe
2016-02-20 18:35 - 2016-02-20 18:35 - 00006078 _____ C:\Users\pc\Desktop\RogKill.txt
2016-02-20 18:13 - 2016-02-20 18:13 - 20945480 _____ C:\Users\pc\Desktop\RogueKiller.exe
2016-02-20 06:37 - 2016-02-20 06:37 - 00000913 _____ C:\DelFix.txt
2016-02-18 18:07 - 2016-02-20 06:33 - 00000000 ____D C:\Users\pc\AppData\Local\CrashDumps
2016-02-17 23:38 - 2016-02-17 23:01 - 00024064 _____ C:\Windows\zoek-delete.exe
2016-02-17 13:46 - 2016-02-17 13:46 - 00050688 _____ (Atribune.org) C:\Users\pc\Desktop\ATF-Cleaner.exe
2016-02-12 12:25 - 2016-02-12 13:43 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-02-11 22:01 - 2016-01-22 07:13 - 03993536 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2016-02-11 22:01 - 2016-01-22 07:13 - 03938752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-02-11 22:01 - 2016-01-22 07:13 - 00138176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-02-11 22:01 - 2016-01-22 07:13 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-02-11 22:01 - 2016-01-22 07:09 - 01310232 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-02-11 22:01 - 2016-01-22 07:06 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-02-11 22:01 - 2016-01-22 07:06 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-02-11 22:01 - 2016-01-22 07:06 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-02-11 22:01 - 2016-01-22 07:06 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-02-11 22:01 - 2016-01-22 07:06 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-02-11 22:01 - 2016-01-22 07:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-02-11 22:01 - 2016-01-22 07:05 - 00654336 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-02-11 22:01 - 2016-01-22 07:05 - 00251392 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-02-11 22:01 - 2016-01-22 07:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-02-11 22:01 - 2016-01-22 07:04 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2016-02-11 22:01 - 2016-01-22 07:04 - 00535040 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2016-02-11 22:01 - 2016-01-22 07:02 - 01060864 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-02-11 22:01 - 2016-01-22 07:02 - 00872448 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-02-11 22:01 - 2016-01-22 07:02 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-02-11 22:01 - 2016-01-22 07:02 - 00293888 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-02-11 22:01 - 2016-01-22 07:02 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-02-11 22:01 - 2016-01-22 07:02 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-02-11 22:01 - 2016-01-22 07:02 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\msorcl32.dll
2016-02-11 22:01 - 2016-01-22 07:02 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-02-11 22:01 - 2016-01-22 07:02 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-02-11 22:01 - 2016-01-22 07:02 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-02-11 22:01 - 2016-01-22 06:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-02-11 22:01 - 2016-01-22 06:59 - 00642560 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-02-11 22:01 - 2016-01-22 06:59 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-02-11 22:01 - 2016-01-22 06:59 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-02-11 22:01 - 2016-01-22 06:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-02-11 22:01 - 2016-01-22 06:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-02-11 22:01 - 2016-01-22 06:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-11 22:01 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-11 22:01 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-02-11 22:01 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-02-11 22:01 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-11 22:01 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-02-11 22:01 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-11 22:01 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-11 22:01 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-02-11 22:01 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-11 22:01 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-11 22:01 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-02-11 22:01 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-02-11 22:01 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-11 22:01 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-02-11 22:01 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-02-11 22:01 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-02-11 22:01 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-02-11 22:01 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-11 22:01 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-02-11 22:01 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-02-11 22:01 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-02-11 22:01 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-02-11 22:01 - 2016-01-22 06:07 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-02-11 22:01 - 2016-01-22 06:01 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-02-11 22:01 - 2016-01-22 06:00 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-02-11 22:01 - 2016-01-22 05:53 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-02-11 22:01 - 2016-01-22 05:53 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-02-11 22:01 - 2016-01-22 05:53 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-02-11 22:01 - 2016-01-22 05:51 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-02-11 22:01 - 2016-01-22 05:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-02-11 22:01 - 2016-01-22 05:51 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-02-11 22:01 - 2016-01-22 05:51 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-02-11 22:01 - 2016-01-22 05:51 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-02-11 22:01 - 2016-01-22 05:51 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-11 22:01 - 2016-01-22 05:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-02-11 22:01 - 2016-01-22 05:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-02-10 22:17 - 2016-01-16 19:42 - 00022464 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-02-10 22:17 - 2016-01-16 19:34 - 00949760 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-02-10 22:17 - 2016-01-11 15:07 - 01198080 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-02-10 22:17 - 2016-01-11 15:07 - 00591360 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-02-10 22:17 - 2016-01-11 15:07 - 00544768 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-02-10 22:17 - 2016-01-11 15:07 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-02-10 22:17 - 2016-01-11 15:07 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-02-10 22:16 - 2016-01-22 21:10 - 00341200 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-02-10 22:16 - 2016-01-22 07:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-02-10 22:16 - 2016-01-22 07:05 - 12877824 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-02-10 22:16 - 2016-01-22 07:02 - 00496640 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-02-10 22:16 - 2016-01-22 07:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-02-10 22:16 - 2016-01-22 07:01 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-02-10 22:16 - 2016-01-22 07:01 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-02-10 22:16 - 2016-01-22 07:00 - 01498624 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-02-10 22:16 - 2016-01-22 07:00 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-02-10 22:16 - 2016-01-22 06:59 - 01805824 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-02-10 22:16 - 2016-01-22 06:55 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-02-10 22:16 - 2016-01-22 06:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-02-10 22:16 - 2016-01-22 06:52 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-02-10 22:16 - 2016-01-22 06:51 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-02-10 22:16 - 2016-01-22 06:51 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-02-10 22:16 - 2016-01-22 06:51 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-02-10 22:16 - 2016-01-22 06:46 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-02-10 22:16 - 2016-01-22 06:43 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-02-10 22:16 - 2016-01-22 06:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-02-10 22:16 - 2016-01-22 06:38 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-02-10 22:16 - 2016-01-22 06:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-02-10 22:16 - 2016-01-22 06:35 - 04611072 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-02-10 22:16 - 2016-01-22 06:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-02-10 22:16 - 2016-01-22 06:34 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-02-10 22:16 - 2016-01-22 06:33 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-02-10 22:16 - 2016-01-22 06:27 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-02-10 22:16 - 2016-01-22 06:25 - 00687104 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-02-10 22:16 - 2016-01-22 06:25 - 00684032 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-02-10 22:16 - 2016-01-22 06:24 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-02-10 22:16 - 2016-01-22 06:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-02-10 22:16 - 2016-01-22 06:12 - 02973184 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-02-10 22:16 - 2016-01-22 06:07 - 02120704 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-02-10 22:16 - 2016-01-22 06:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-02-10 22:16 - 2016-01-16 19:36 - 01413632 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-02-10 22:16 - 2016-01-07 18:47 - 02386944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-02-10 22:16 - 2016-01-07 18:35 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-02-10 22:16 - 2016-01-06 19:41 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2016-02-10 22:16 - 2016-01-06 18:56 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2016-02-10 22:15 - 2016-02-06 11:01 - 20366848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-02-10 22:15 - 2016-02-06 10:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-02-10 22:15 - 2016-02-06 10:43 - 02280448 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-02-10 22:15 - 2016-02-06 10:38 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-02-10 22:15 - 2016-02-06 10:16 - 12857856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-02-10 22:15 - 2016-02-06 09:54 - 01312256 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-02-10 22:15 - 2016-01-11 19:47 - 02956288 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-02-10 22:15 - 2016-01-11 19:47 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-02-10 22:15 - 2016-01-11 19:35 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-02-10 22:15 - 2016-01-11 19:17 - 02062848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-02-10 22:15 - 2016-01-11 19:14 - 00573440 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-02-10 22:15 - 2016-01-11 19:14 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-02-10 22:15 - 2016-01-11 19:14 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-02-10 22:15 - 2016-01-11 19:14 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-02-10 22:15 - 2016-01-11 19:14 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-02-10 22:15 - 2016-01-11 19:14 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-02-10 22:15 - 2016-01-11 19:14 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-02-09 23:43 - 2016-02-09 23:43 - 00000000 ____D C:\Program Files\Common Files\Java
2016-02-09 23:40 - 2016-02-09 23:40 - 00002719 _____ C:\Users\Public\Desktop\Skype.lnk
2016-02-09 23:40 - 2016-02-09 23:40 - 00002719 _____ C:\ProgramData\Desktop\Skype.lnk
2016-02-09 23:40 - 2016-02-09 23:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-02-09 23:40 - 2016-02-09 23:40 - 00000000 ____D C:\Program Files\Common Files\Skype
2016-02-06 09:20 - 2016-02-06 09:20 - 04559944 _____ (UltimateOutsider) C:\Users\pc\Desktop\GWX_control_panel.exe
2016-02-03 16:15 - 2016-02-03 16:15 - 00334280 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-02-03 16:15 - 2016-02-03 16:15 - 00052184 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-02-01 16:25 - 2000-01-01 01:00 - 11513856 _____ (ATI Technologies Inc.) C:\Windows\system32\atioglxx.dll
2016-02-01 16:25 - 2000-01-01 01:00 - 04945920 _____ (ATI Technologies Inc. ) C:\Windows\system32\atiumdva.dll
2016-02-01 16:25 - 2000-01-01 01:00 - 04450816 _____ (ATI Technologies Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2016-02-01 16:25 - 2000-01-01 01:00 - 03839488 _____ (ATI Technologies Inc. ) C:\Windows\system32\atiumdag.dll
2016-02-01 16:25 - 2000-01-01 01:00 - 00733184 _____ (ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
2016-02-01 16:25 - 2000-01-01 01:00 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIDEMGX.dll
2016-02-01 16:25 - 2000-01-01 01:00 - 00348160 _____ (ATI Technologies, Inc.) C:\Windows\system32\atipdlxx.dll
2016-02-01 16:25 - 2000-01-01 01:00 - 00278528 _____ (ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.dll
2016-02-01 16:25 - 2000-01-01 01:00 - 00159744 _____ () C:\Windows\system32\atitmmxx.dll
2016-02-01 16:25 - 2000-01-01 01:00 - 00152496 _____ C:\Windows\system32\atiumdva.cap
2016-02-01 16:25 - 2000-01-01 01:00 - 00135168 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2016-02-01 16:25 - 2000-01-01 01:00 - 00053248 _____ (ATI Technologies Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2016-02-01 16:25 - 2000-01-01 01:00 - 00051712 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom32.dll
2016-02-01 16:25 - 2000-01-01 01:00 - 00043520 _____ (ATI Technologies, Inc.) C:\Windows\system32\ati2edxx.dll
2016-02-01 16:25 - 2000-01-01 01:00 - 00012288 _____ (AMD) C:\Windows\system32\atimuixx.dll
2016-01-21 18:01 - 2016-01-21 18:01 - 00000000 ____D C:\Windows\system32\%LOCALAPPDATA%

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-20 18:14 - 2014-07-30 17:52 - 00024688 _____ C:\Windows\system32\Drivers\TrueSight.sys
2016-02-20 18:07 - 2009-07-14 05:34 - 00028944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-02-20 18:07 - 2009-07-14 05:34 - 00028944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-02-20 17:58 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-02-20 06:36 - 2014-09-04 20:10 - 00000000 ____D C:\Windows\erdnt
2016-02-20 06:33 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf
2016-02-19 12:41 - 2015-04-19 06:50 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-02-19 12:28 - 2009-07-14 03:04 - 00000215 _____ C:\Windows\system.ini
2016-02-18 18:10 - 2014-08-14 19:46 - 00000000 ___RD C:\Program Files\Skype
2016-02-17 17:22 - 2015-10-20 14:03 - 00000000 ___RD C:\Users\pc\Desktop\Topení
2016-02-17 14:14 - 2014-07-30 17:21 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-02-17 13:44 - 2014-07-30 17:21 - 00001060 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-02-17 13:44 - 2014-07-30 17:21 - 00001060 _____ C:\ProgramData\Desktop\Malwarebytes Anti-Malware.lnk
2016-02-17 13:44 - 2014-07-30 17:21 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2016-02-13 08:27 - 2014-07-30 17:27 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-02-12 13:43 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\rescache
2016-02-12 12:33 - 2014-07-30 17:32 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-02-12 12:33 - 2014-07-30 17:32 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-02-12 05:28 - 2010-11-21 02:16 - 03784540 _____ C:\Windows\system32\perfh005.dat
2016-02-12 05:28 - 2010-11-21 02:16 - 01214662 _____ C:\Windows\system32\perfc005.dat
2016-02-12 05:28 - 2010-11-20 22:01 - 00006224 _____ C:\Windows\system32\PerfStringBackup.INI
2016-02-11 05:26 - 2015-02-06 00:06 - 00357128 _____ C:\Windows\system32\FNTCACHE.DAT
2016-02-11 05:24 - 2014-12-10 15:35 - 00000000 ____D C:\Windows\system32\appraiser
2016-02-11 05:24 - 2014-07-31 14:58 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-02-11 05:24 - 2010-11-21 02:25 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-10 23:07 - 2014-07-31 10:15 - 00000000 ____D C:\Windows\system32\MRT
2016-02-10 23:03 - 2014-07-31 10:15 - 144254680 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-02-10 12:54 - 2016-01-10 20:57 - 00221240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2016-02-09 23:44 - 2014-08-14 19:46 - 00000000 ____D C:\Users\pc\AppData\Roaming\Skype
2016-02-09 23:43 - 2015-09-07 21:46 - 00000000 ____D C:\Users\pc\.oracle_jre_usage
2016-02-09 23:42 - 2014-07-30 19:08 - 00095840 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2016-02-09 23:42 - 2014-07-30 19:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-02-09 23:42 - 2014-07-30 19:08 - 00000000 ____D C:\Program Files\Java
2016-02-09 23:40 - 2014-08-23 18:01 - 00000000 ____D C:\ProgramData\Skype
2016-02-03 16:15 - 2016-01-10 20:57 - 00812720 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2016-02-03 16:15 - 2016-01-10 20:57 - 00447848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2016-02-03 16:15 - 2016-01-10 20:57 - 00127432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-02-03 16:15 - 2016-01-10 20:57 - 00091232 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-02-03 16:15 - 2016-01-10 20:57 - 00091168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-02-03 16:15 - 2016-01-10 20:57 - 00058776 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-02-03 16:15 - 2016-01-10 20:57 - 00032792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-01-31 06:44 - 2014-07-30 17:03 - 00000965 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-01-31 06:44 - 2014-07-30 17:03 - 00000965 _____ C:\ProgramData\Desktop\CCleaner.lnk
2016-01-31 06:27 - 2009-07-14 05:53 - 00032574 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-01-29 23:05 - 2016-01-02 03:09 - 00000000 ____D C:\Program Files\WinZip
2016-01-22 15:05 - 2014-07-30 16:35 - 00000000 ____D C:\Users\pc\AppData\Local\ElevatedDiagnostics

==================== Files in the root of some directories =======

2014-07-30 18:17 - 2014-07-30 18:17 - 0007887 _____ () C:\Users\pc\AppData\Roaming\pcouffin.cat
2014-07-30 18:17 - 2014-07-30 18:17 - 0001144 _____ () C:\Users\pc\AppData\Roaming\pcouffin.inf
2014-07-30 18:17 - 2014-07-30 18:17 - 0047360 _____ (VSO Software) C:\Users\pc\AppData\Roaming\pcouffin.sys
2014-10-06 15:19 - 2014-10-06 15:19 - 0000017 _____ () C:\Users\pc\AppData\Local\resmon.resmoncfg
2015-09-16 10:14 - 2015-09-16 10:32 - 0000059 _____ () C:\Users\pc\AppData\Local\UserProducts.xml

Some files in TEMP:
====================
C:\Users\pc\AppData\Local\temp\dllnt_dump.dll

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-02-18 14:26

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x86) Version:20-02-2016
Ran by pc (2016-02-20 18:53:58)
Running from C:\Users\pc\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X86) (2014-07-30 14:21:12)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-860103369-4256068919-2072106398-500 - Administrator - Disabled)
Guest (S-1-5-21-860103369-4256068919-2072106398-501 - Limited - Disabled)
pc (S-1-5-21-860103369-4256068919-2072106398-1000 - Administrator - Enabled) => C:\Users\pc

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

32 Bit HP CIO Components Installer (Version: 8.1.4 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.010.20059 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 20.0.0.270 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM\...\InstallShield_{6D2EFF3B-B191-4B1F-8ABF-C4A8028DB8CF}) (Version: 1.13.17.36725 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (Version: 1.13.17.36725 - Alcor Micro Corp.) Hidden
AMD Catalyst Install Manager (HKLM\...\{7EC000DE-9910-63DF-DA31-A7D2888E0012}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Ashampoo Burning Studio 14 v.14.0.5 (HKLM\...\{91B33C97-7BCF-CDFE-4321-58EBF3E8641C}_is1) (Version: 14.0.5 - Ashampoo GmbH & Co. KG)
Avast Free Antivirus (HKLM\...\Avast) (Version: 11.1.2253 - AVAST Software)
AVG Zen (Version: 1.31.9 - AVG Technologies) Hidden
Balíček ovladače systému Windows - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0) (HKLM\...\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382) (Version: 05/31/2012 7.1.2.0 - Nokia)
Broadcom NetXtreme-I Netlink Driver and Management Installer (HKLM\...\{0AEF4677-C1BE-489C-A5BA-85382F8DA38B}) (Version: 15.4.13.1 - Broadcom Corporation)
ccc-core-static (Version: 2010.0210.2339.42455 - Název společnosti:) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.14 - Piriform)
CDex - Open Source Digital Audio CD Extractor (HKLM\...\CDex) (Version: 1.70.4.2009 - Georgy Berdyshev)
ConvertXtoDVD 2.2.3.258 (HKLM\...\{BB406CEB-6207-4512-9BB2-89950DC9D6B6}_is1) (Version: 2.2.3.258 - VSO-Software SARL)
DVDFab 9.1.5.9 (25/07/2014) (HKLM\...\DVDFab 9_is1) (Version: - Fengtao Software Inc.)
FMW 1 (Version: 1.42.1 - AVG Technologies) Hidden
Google Update Helper (Version: 1.3.28.1 - Google Inc.) Hidden
Java 8 Update 71 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218071F0}) (Version: 8.0.710.15 - Oracle Corporation)
Java 8 Update 74 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218074F0}) (Version: 8.0.740.2 - Oracle Corporation)
Kdo je kdo 2.3.1 (HKU\S-1-5-21-860103369-4256068919-2072106398-1000\...\Kdo je kdo 2.3.1) (Version: - )
K-Lite Mega Codec Pack 10.6.0 (HKLM\...\KLiteCodecPack_is1) (Version: 10.6.0 - )
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.5800 - Broadcom Corporation)
LG PC Suite (HKLM\...\LG PC Suite) (Version: 5.3.24.20150327 - LG Electronics)
LG United Mobile Drivers (HKLM\...\{2D5218EB-6992-46E3-8ECE-76C79AB955CE}) (Version: 3.13.2.0 - LG Electronics)
Malwarebytes Anti-Malware verze 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 4.5.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{90110405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Mozilla Firefox 44.0.2 (x86 cs) (HKLM\...\Mozilla Firefox 44.0.2 (x86 cs)) (Version: 44.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 44.0.2.5884 - Mozilla)
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nokia Suite (Version: 3.8.54.0 - Nokia) Hidden
PC Connectivity Solution (HKLM\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
Rajče průvodce verze 1.59.54.269 (HKLM\...\rajce.net_is1) (Version: - rajce.net)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7628 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Sada Compatibility Pack pro systém Office 2007 (HKLM\...\{90120000-0020-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Seznam Instalátor (HKLM\...\ssinstall) (Version: - Seznam.cz)
Skins (Version: 2010.0210.2339.42455 - ATI) Hidden
Skype™ 7.18 (HKLM\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.111 - Skype Technologies S.A.)
SlimDrivers (HKLM\...\{A5457401-D56A-43F2-9524-78E54A7FC07A}) (Version: 2.2.32705 - SlimWare Utilities, Inc.)
Speccy (HKLM\...\Speccy) (Version: 1.28 - Piriform)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WinZip 12.1 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240B8}) (Version: 12.1.8519 - WinZip Computing, S.L. )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {4CD618E8-BA97-4551-98F8-C31435AF1ED3} - System32\Tasks\{D6D98FFB-52FF-4EC0-B5E6-59E7366B9695} => C:\Users\pc\Desktop\driver genius 12 pro\crack\DriverGenius.exe
Task: {71992CC9-2F1C-43E0-ACFB-54C4505B2775} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-01-15] (Piriform Ltd)
Task: {7EFC90F0-990C-4C71-A974-8A5EEE50265A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {8F9EB5EC-1739-4C2C-ABED-8CFF91C7FF0E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: {A1A9FCF9-DEE5-4CE4-A118-52C587D9CAF5} - System32\Tasks\{F8FC0305-1501-4429-B7FD-D1B0FA95DFCB} => pcalua.exe -a "F:\Programy\WinZip 12.1\winzip_12_1_cestina.exe" -d "F:\Programy\WinZip 12.1"
Task: {A841F1A7-BAE5-4A86-A403-058C955EEC7F} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-02-17] (AVAST Software)
Task: {AE0C4201-F740-4E9C-B238-E24FEFB3D1A6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-12] (Adobe Systems Incorporated)
Task: {E1859085-F238-4FB6-BF75-7A2CAB22EADA} - System32\Tasks\{E07AB695-AA10-45BC-8D90-782A467E3AB3} => pcalua.exe -a C:\Windows\system32\BTCPL.cpl
Task: {E38BBC1C-77CA-4649-BA10-872D6F910B94} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-02-03] (AVAST Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-01-10 20:57 - 2016-01-10 20:57 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-02-03 16:15 - 2016-02-03 16:15 - 00113496 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2016-02-03 16:15 - 2016-02-03 16:15 - 00133768 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-02-03 16:15 - 2016-02-03 16:15 - 00480760 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-02-20 06:30 - 2016-02-20 06:30 - 02835968 _____ () C:\Program Files\AVAST Software\Avast\defs\16021901\algo.dll
2016-02-20 17:59 - 2016-02-20 17:59 - 02835968 _____ () C:\Program Files\AVAST Software\Avast\defs\16022000\algo.dll
2016-02-20 18:13 - 2016-02-20 18:13 - 20945480 _____ () C:\Users\pc\Desktop\RogueKiller.exe

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:04 - 2016-02-19 12:28 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-860103369-4256068919-2072106398-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\pc\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 172.20.0.1 - 188.116.64.5
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: AmIcoSinglun => C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe
MSCONFIG\startupreg: StartCCC => "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe" MSRun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{4DFCB9C9-74EE-40C1-B10C-DABBD32C6562}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{B7127D4B-1199-4633-8169-4232ECF95506}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{64CC535D-D491-4BB8-A286-6BB6FD9A6F74}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{129288BC-F2F7-40FF-AC99-7A7F298668D6}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{93D9D3A8-1742-4105-9BDB-FF28CF6692DF}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{EDA01231-43E7-4486-92AC-CABBE20B1F75}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{F7E035F2-7D20-4ABC-92CC-56AC75A9FE5C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{03440AB0-1568-4DF0-86CF-9CEA4BD3C3BE}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe

==================== Restore Points =========================

20-02-2016 06:37:41 End of disinfection

==================== Faulty Device Manager Devices =============

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: I:\
Description: USB SD Reader
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Generic
Service: WUDFRd
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.

Name: G:\
Description: USB CF Reader
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Generic
Service: WUDFRd
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.

Name: E:\
Description: USB xD/SM Reader
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Generic
Service: WUDFRd
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.

Name: H:\
Description: USB MS Reader
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Generic
Service: WUDFRd
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.

==================== Event log errors: =========================

Application errors:
==================
Error: (02/20/2016 05:59:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/20/2016 08:06:21 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/20/2016 06:29:52 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/19/2016 07:01:58 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/19/2016 05:02:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/19/2016 12:29:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/19/2016 12:23:51 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Systém Windows nemůže získat přístup k souboru z jednoho z těchto důvodů:
došlo k problému s připojením k síti, s diskem, na kterém je soubor uložen, nebo
s ovladači ukládání nainstalovanými v tomto počítači; nebo disk chybí.
Systém Windows kvůli této chybě ukončil program pev.3XE.

Program: pev.3XE
Soubor:

Hodnota chyby je uvedena v části Další údaje.
Akce uživatele
1. Otevřete soubor znovu.
Může se jednat o dočasný problém, který se při novém spuštění programu nebude opakovat.
2.
Pokud k souboru stále nelze získat přístup a:
- Nachází se v síti,
měl by správce sítě ověřit, zda nedošlo k problému se sítí a zda lze server kontaktovat.
- Je na vyměnitelném disku (například disketě nebo disku CD-ROM), ověřte, zda je disk správně vložen do počítače.
3. Zkontrolujte a opravte systém souborů pomocí nástroje CHKDSK. Ten lze spustit tak, že kliknete na tlačítko Start a příkaz Spustit, zadáte příkaz CMD a kliknete na tlačítko OK. Do příkazového řádku zadejte příkaz CHKDSK /F a stiskněte klávesu ENTER.
4. Pokud potíže potrvají, obnovte soubor ze záložní kopie.
5. Zjistěte, zda lze otevřít jiné soubory na stejném disku. Pokud ne, může být disk poškozen. Jedná-li se o pevný disk, obraťte se na správce nebo na dodavatele počítačového hardwaru
se žádostí o pomoc.

Další údaje
Hodnota chyby: 00000000
Typ disku: 0

Error: (02/19/2016 12:23:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: pev.3XE, verze: 0.0.0.0, časové razítko: 0x4e06cfe8
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000096
Posun chyby: 0x0164287a
ID chybujícího procesu: 0x14d0
Čas spuštění chybující aplikace: 0xpev.3XE0
Cesta k chybující aplikaci: pev.3XE1
Cesta k chybujícímu modulu: pev.3XE2
ID zprávy: pev.3XE3

Error: (02/19/2016 12:00:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/19/2016 05:06:19 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

System errors:
=============
Error: (02/20/2016 10:47:13 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby ShellHWDetection bylo dosaženo časového limitu (30000 ms).

Error: (02/19/2016 09:02:21 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby btwdins bylo dosaženo časového limitu (30000 ms).

Error: (02/19/2016 09:02:21 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (02/19/2016 05:16:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Ati External Event Utility byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (02/19/2016 12:29:46 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80004005

Error: (02/19/2016 12:28:31 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (12:27:03, ‎19.‎2.‎2016) bylo neočekávané.

Error: (02/19/2016 12:16:05 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (02/19/2016 12:06:27 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (02/18/2016 10:54:45 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby btwdins bylo dosaženo časového limitu (30000 ms).

Error: (02/18/2016 10:00:10 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

==================== Memory info ===========================

Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 4800+
Percentage of memory in use: 43%
Total physical RAM: 1918.33 MB
Available physical RAM: 1092.25 MB
Total Virtual: 3836.66 MB
Available Virtual: 2697.1 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:97.66 GB) (Free:45.69 GB) NTFS
Drive f: (Místní disk E) (Fixed) (Total:368.1 GB) (Free:324.38 GB) NTFS ==>[system with boot components (obtained from drive)]

==================== MBR & Partition Table ==================

==================== End of Addition.txt ============================

Příspěvekod **jerabina** » 20 úno 2016 19:34

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CloseProcesses:

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-860103369-4256068919-2072106398-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION

FF NewTab: about:newtab

R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [18624 2014-06-04] (IObit)
S3 catchme; \??\C:\Users\pc\AppData\Local\Temp\catchme.sys [X]

C:\Windows\System32\Drivers\SmartDefragDriver.sys
C:\Windows\System32\Drivers\BAPIDRV.sys
C:\Users\pc\AppData\Local\Temp\catchme.sys

C:\Windows\system32\%LOCALAPPDATA%

AVG Zen (Version: 1.31.9 - AVG Technologies) Hidden

Task: {4CD618E8-BA97-4551-98F8-C31435AF1ED3} - System32\Tasks\{D6D98FFB-52FF-4EC0-B5E6-59E7366B9695} => C:\Users\pc\Desktop\driver genius 12 pro\crack\DriverGenius.exe
Task: {7EFC90F0-990C-4C71-A974-8A5EEE50265A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {8F9EB5EC-1739-4C2C-ABED-8CFF91C7FF0E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: {A1A9FCF9-DEE5-4CE4-A118-52C587D9CAF5} - System32\Tasks\{F8FC0305-1501-4429-B7FD-D1B0FA95DFCB} => pcalua.exe -a "F:\Programy\WinZip 12.1\winzip_12_1_cestina.exe" -d "F:\Programy\WinZip 12.1"
Task: {AE0C4201-F740-4E9C-B238-E24FEFB3D1A6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-12] (Adobe Systems Incorporated)
Task: {E1859085-F238-4FB6-BF75-7A2CAB22EADA} - System32\Tasks\{E07AB695-AA10-45BC-8D90-782A467E3AB3} => pcalua.exe -a C:\Windows\system32\BTCPL.cpl

C:\Program Files\Google\Update

EmptyTemp:
Hosts:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt

Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

miruska27 · Příspěvekod **miruska27** » 20 úno 2016 20:15

Děkuji Ti za snahu pomoci, tady je log.....

Fix result of Farbar Recovery Scan Tool (x86) Version:20-02-2016
Ran by pc (2016-02-20 20:10:34) Run:1
Running from C:\Users\pc\Desktop
Loaded Profiles: pc (Available Profiles: pc)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
CloseProcesses:

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-860103369-4256068919-2072106398-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION

FF NewTab: about:newtab

R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [18624 2014-06-04] (IObit)
S3 catchme; \??\C:\Users\pc\AppData\Local\Temp\catchme.sys [X]

C:\Windows\System32\Drivers\SmartDefragDriver.sys
C:\Windows\System32\Drivers\BAPIDRV.sys
C:\Users\pc\AppData\Local\Temp\catchme.sys

C:\Windows\system32\%LOCALAPPDATA%

AVG Zen (Version: 1.31.9 - AVG Technologies) Hidden

Task: {4CD618E8-BA97-4551-98F8-C31435AF1ED3} - System32\Tasks\{D6D98FFB-52FF-4EC0-B5E6-59E7366B9695} => C:\Users\pc\Desktop\driver genius 12 pro\crack\DriverGenius.exe
Task: {7EFC90F0-990C-4C71-A974-8A5EEE50265A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {8F9EB5EC-1739-4C2C-ABED-8CFF91C7FF0E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: {A1A9FCF9-DEE5-4CE4-A118-52C587D9CAF5} - System32\Tasks\{F8FC0305-1501-4429-B7FD-D1B0FA95DFCB} => pcalua.exe -a "F:\Programy\WinZip 12.1\winzip_12_1_cestina.exe" -d "F:\Programy\WinZip 12.1"
Task: {AE0C4201-F740-4E9C-B238-E24FEFB3D1A6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-12] (Adobe Systems Incorporated)
Task: {E1859085-F238-4FB6-BF75-7A2CAB22EADA} - System32\Tasks\{E07AB695-AA10-45BC-8D90-782A467E3AB3} => pcalua.exe -a C:\Windows\system32\BTCPL.cpl

C:\Program Files\Google\Update

EmptyTemp:
Hosts:
End
*****************

Processes closed successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully.
"HKU\S-1-5-21-860103369-4256068919-2072106398-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully.
Firefox "newtab" removed successfully.
SmartDefragDriver => Service stopped successfully.
SmartDefragDriver => service removed successfully.
catchme => service removed successfully.
C:\Windows\System32\Drivers\SmartDefragDriver.sys => moved successfully
"C:\Windows\System32\Drivers\BAPIDRV.sys" => not found.
"C:\Users\pc\AppData\Local\Temp\catchme.sys" => not found.
C:\Windows\system32\%LOCALAPPDATA% => moved successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{624B0C51-EA6B-4D32-8990-E5E10902BF26}\\SystemComponent => value removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4CD618E8-BA97-4551-98F8-C31435AF1ED3}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4CD618E8-BA97-4551-98F8-C31435AF1ED3}" => key removed successfully.
C:\Windows\System32\Tasks\{D6D98FFB-52FF-4EC0-B5E6-59E7366B9695} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D6D98FFB-52FF-4EC0-B5E6-59E7366B9695}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7EFC90F0-990C-4C71-A974-8A5EEE50265A}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7EFC90F0-990C-4C71-A974-8A5EEE50265A}" => key removed successfully.
C:\Windows\System32\Tasks\Adobe Acrobat Update Task => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Acrobat Update Task" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8F9EB5EC-1739-4C2C-ABED-8CFF91C7FF0E}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8F9EB5EC-1739-4C2C-ABED-8CFF91C7FF0E}" => key removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A1A9FCF9-DEE5-4CE4-A118-52C587D9CAF5}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A1A9FCF9-DEE5-4CE4-A118-52C587D9CAF5}" => key removed successfully.
C:\Windows\System32\Tasks\{F8FC0305-1501-4429-B7FD-D1B0FA95DFCB} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F8FC0305-1501-4429-B7FD-D1B0FA95DFCB}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AE0C4201-F740-4E9C-B238-E24FEFB3D1A6}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AE0C4201-F740-4E9C-B238-E24FEFB3D1A6}" => key removed successfully.
C:\Windows\System32\Tasks\Adobe Flash Player Updater => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player Updater" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E1859085-F238-4FB6-BF75-7A2CAB22EADA}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E1859085-F238-4FB6-BF75-7A2CAB22EADA}" => key removed successfully.
C:\Windows\System32\Tasks\{E07AB695-AA10-45BC-8D90-782A467E3AB3} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E07AB695-AA10-45BC-8D90-782A467E3AB3}" => key removed successfully.
"C:\Program Files\Google\Update" => not found.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 194 MB temporary data Removed.

The system needed a reboot.

==== End of Fixlog 20:11:10 ====

Kontrola logu HJT a problémů Vyřešeno

Re: Kontrola logu HJT a problémů

Re: Kontrola logu HJT a problémů

Re: Kontrola logu HJT a problémů

Re: Kontrola logu HJT a problémů

Re: Kontrola logu HJT a problémů

Re: Kontrola logu HJT a problémů

Re: Kontrola logu HJT a problémů

Re: Kontrola logu HJT a problémů

Re: Kontrola logu HJT a problémů

Re: Kontrola logu HJT a problémů

Re: Kontrola logu HJT a problémů

Re: Kontrola logu HJT a problémů

Kdo je online