Kontrola logu - fb spam Vyřešeno

[Scary]

Problémy zatím nic.

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 20:57:49, on 26. 4. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)

FIREFOX: 42.0 (x86 cs)
Boot mode: Normal

Running processes:
C:\WINDOWS\SysWOW64\notepad.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Scary\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll
O2 - BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll
O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AdobeCEPServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Steam] "G:\Hry\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [OscarEditor] "C:\Program Files (x86)\OSCAR Editor X7\OscarEditor.exe" Minimum
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [iCloudDrive] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
O4 - HKCU\..\Run: [iCloudPhotos] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
O4 - Global Startup: GamePark klient 2.lnk = C:\Program Files\GamePark2\gpcl.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office

\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office

\Office14\ONBttnIE.dll
O9 - Extra button: (no name) - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra 'Tools' menuitem: Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office

\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft

Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery

\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared

\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM

\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @C:\WINDOWS\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\WINDOWS\system32\CxAudMsg64.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce

Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage

Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS

\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file

missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client

\SocketHeciServer.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel

\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel

\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service

\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService

\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\WINDOWS\system32\SAsrv.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender

\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender

\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media

Player\wmpnetwk.exe (file missing)

--
End of file - 12485 bytes

[Reklama]

[jaro3]

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AdobeCEPServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe" -launchedbylogin


ještě to projedem..

Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

[Scary]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:27-04-2016
Ran by Scary (administrator) on SCARY-PC (28-04-2016 14:06:28)
Running from C:\Users\Scary\Desktop
Loaded Profiles: Scary (Available Profiles: Scary)
Platform: Windows 8.1 Pro (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2891080 2013-10-17] (ELAN Microelectronics Corp.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2685072 2015-05-08] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [907480 2013-09-04] (Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161728 2015-08-09] (IvoSoft)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-03-19] (Apple Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472992 2013-03-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7390608 2016-04-25] (AVAST Software)
HKU\S-1-5-21-4156770014-1070260320-4288352921-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [5583120 2015-02-27] (Disc Soft Ltd)
HKU\S-1-5-21-4156770014-1070260320-4288352921-1000\...\Run: [Steam] => G:\Hry\Steam\steam.exe [3077712 2016-03-31] (Valve Corporation)
HKU\S-1-5-21-4156770014-1070260320-4288352921-1000\...\Run: [OscarEditor] => C:\Program Files (x86)\OSCAR Editor X7\OscarEditor.exe [3340288 2012-03-20] ()
HKU\S-1-5-21-4156770014-1070260320-4288352921-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [60688 2015-11-30] (Apple Inc.)
HKU\S-1-5-21-4156770014-1070260320-4288352921-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [103696 2015-11-30] (Apple Inc.)
HKU\S-1-5-21-4156770014-1070260320-4288352921-1000\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [349968 2015-11-30] (Apple Inc.)
HKU\S-1-5-21-4156770014-1070260320-4288352921-1000\...\MountPoints2: {8aab3ca4-06bf-11e5-8261-303a648a2716} - "F:\RunGame.exe"
HKU\S-1-5-21-4156770014-1070260320-4288352921-1000\...\MountPoints2: {e356dc12-03bc-11e5-8259-303a648a2716} - "E:\Setup.exe"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-04-25] (AVAST Software)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-08-09] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-08-09] (IvoSoft)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GamePark klient 2.lnk [2015-07-13]
ShortcutTarget: GamePark klient 2.lnk -> C:\Program Files\GamePark2\gpcl.exe (Allstar Group, s.r.o.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{C64906AC-8F10-4B22-A8BF-EEB257217F1D}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-4156770014-1070260320-4288352921-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-08-09] (IvoSoft)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-04-25] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2015-08-09] (IvoSoft)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-08-09] (IvoSoft)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-14] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-04-25] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-14] (Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2015-08-09] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-08-09] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-08-09] (IvoSoft)

FireFox:
========
FF ProfilePath: C:\Users\Scary\AppData\Roaming\Mozilla\Firefox\Profiles\srshbm2w.default
FF NewTab: about:newtab
FF Homepage: about:home
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2013-03-21] (Adobe Systems)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2016-03-08] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-14] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-14] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2013-03-21] (Adobe Systems)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-04-25]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF

Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://seznam.cz/"
CHR Profile: C:\Users\Scary\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Scary\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-04-26]
CHR Extension: (Bejeweled) - C:\Users\Scary\AppData\Local\Google\Chrome\User Data\Default\Extensions\adpkifcfcacgmnggcbpbjbkdijciiigm [2016-04-26]
CHR Extension: (Dokumenty Google) - C:\Users\Scary\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-04-26]
CHR Extension: (Disk Google) - C:\Users\Scary\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-26]
CHR Extension: (YouTube) - C:\Users\Scary\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-26]
CHR Extension: (Tabulky Google) - C:\Users\Scary\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-04-26]
CHR Extension: (Dokumenty Google offline) - C:\Users\Scary\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-26]
CHR Extension: (AdBlock) - C:\Users\Scary\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-04-26]
CHR Extension: (Social Fixer for Facebook) - C:\Users\Scary\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifmhoabcaeehkljcfclfiieohkohdgbb [2016-04-26]
CHR Extension: (Auto HD For YouTube™) - C:\Users\Scary\AppData\Local\Google\Chrome\User Data\Default\Extensions\koiaokdomkpjdgniimnkhgbilbjgpeak [2016-04-26]
CHR Extension: (Momentum) - C:\Users\Scary\AppData\Local\Google\Chrome\User Data\Default\Extensions\laookkfknpbbblfpciffpaejjkokdgca [2016-04-26]
CHR Extension: (Kontrola e-mailu Google) - C:\Users\Scary\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2016-04-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Scary\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-26]
CHR Extension: (Fotoaparát) - C:\Users\Scary\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofmpffnppnlgkgmbgidhhjcglloeejpg [2016-04-26]
CHR Extension: (Gmail) - C:\Users\Scary\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-26]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-04-25]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [243296 2016-04-25] (AVAST Software)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272592 2015-02-27] (Disc Soft Ltd)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [99632 2013-10-09] (ELAN Microelectronics Corp.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-08] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [345864 2015-03-19] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1884304 2015-05-08] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22997648 2015-05-08] (NVIDIA Corporation)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2015-12-23] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-04-25] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-04-25] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-04-25] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-04-25] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-04-25] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-04-25] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [465792 2016-04-25] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [166432 2016-04-25] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287528 2016-04-25] (AVAST Software)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30352 2015-05-26] (Disc Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
R3 NETwNs64; C:\Windows\system32\DRIVERS\Netwsw02.sys [3438048 2014-05-04] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-08] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-04-28 14:06 - 2016-04-28 14:07 - 00020176 _____ C:\Users\Scary\Desktop\FRST.txt
2016-04-28 14:06 - 2016-04-28 14:05 - 02376704 _____ (Farbar) C:\Users\Scary\Desktop\FRST64.exe
2016-04-28 14:05 - 2016-04-28 14:05 - 02376704 _____ (Farbar) C:\Users\Scary\Downloads\FRST64.exe
2016-04-28 14:05 - 2016-04-28 14:05 - 00000000 ____D C:\Users\Scary\Desktop\backups
2016-04-28 13:15 - 2016-04-28 13:15 - 00031773 _____ C:\Users\Scary\Downloads\[CzT]Zivi_mrtvi_The_Walking_Dead_3_serie_CZ_.torrent
2016-04-27 19:24 - 2016-04-27 19:24 - 01306190 _____ C:\Users\Scary\Desktop\Predodletova-orientace_2016_text.pdf
2016-04-27 16:39 - 2016-04-27 17:08 - 139934827 _____ C:\Users\Scary\Downloads\cocaine cowboy.rar
2016-04-27 16:29 - 2016-04-27 16:36 - 124123602 _____ C:\Users\Scary\Downloads\CandyMane---Selfview-Mixtape.rar
2016-04-26 20:53 - 2016-04-26 20:38 - 00024064 _____ C:\WINDOWS\zoek-delete.exe
2016-04-26 20:38 - 2016-04-26 20:38 - 01309184 _____ C:\Users\Scary\Desktop\zoek.exe
2016-04-26 17:18 - 2016-04-26 20:37 - 00000000 ____D C:\ProgramData\RogueKiller
2016-04-26 17:18 - 2016-04-26 17:18 - 24004168 _____ C:\Users\Scary\Desktop\RogueKillerX64.exe
2016-04-26 17:18 - 2016-04-26 17:18 - 00028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2016-04-26 16:45 - 2016-04-26 16:45 - 00000875 _____ C:\Users\Scary\Desktop\JRT.txt
2016-04-26 16:42 - 2016-04-26 16:41 - 01610008 _____ (Malwarebytes) C:\Users\Scary\Desktop\JRT.exe
2016-04-26 12:45 - 2016-04-26 12:45 - 00001515 _____ C:\Users\Scary\Desktop\sdf.txt
2016-04-26 12:30 - 2016-04-26 16:47 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-04-26 12:29 - 2016-04-26 12:29 - 00001118 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-04-26 12:29 - 2016-04-26 12:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-04-26 12:29 - 2016-04-26 12:29 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-04-26 12:29 - 2016-04-26 12:29 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-04-26 12:29 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-04-26 12:29 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-04-26 12:29 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-04-26 12:22 - 2016-04-26 12:22 - 03580480 _____ C:\Users\Scary\Desktop\adwcleaner_5.113.exe
2016-04-25 21:40 - 2016-04-25 21:40 - 00388608 _____ (Trend Micro Inc.) C:\Users\Scary\Desktop\HijackThis.exe
2016-04-25 21:34 - 2016-04-25 21:34 - 00037144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2016-04-25 21:34 - 2016-04-25 21:34 - 00003048 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1461612890
2016-04-25 21:34 - 2016-04-25 21:34 - 00001053 _____ C:\Users\Public\Desktop\Avast SafeZone Browser.lnk
2016-04-25 21:34 - 2016-04-25 21:34 - 00001053 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-04-25 21:32 - 2016-04-26 16:16 - 00004182 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2016-04-25 21:32 - 2016-04-25 21:32 - 00001938 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-04-25 21:32 - 2016-04-25 21:32 - 00000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2016-04-25 21:32 - 2016-04-25 21:32 - 00000000 ____D C:\Users\Scary\AppData\Roaming\AVAST Software
2016-04-25 21:32 - 2016-04-25 21:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-04-25 21:32 - 2016-04-25 21:32 - 00000000 ____D C:\Program Files\Common Files\AV
2016-04-25 21:31 - 2016-04-25 21:32 - 00287528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswvmm.sys
2016-04-25 21:31 - 2016-04-25 21:31 - 01070904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2016-04-25 21:31 - 2016-04-25 21:31 - 00465792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2016-04-25 21:31 - 2016-04-25 21:31 - 00398152 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2016-04-25 21:31 - 2016-04-25 21:31 - 00166432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2016-04-25 21:31 - 2016-04-25 21:31 - 00107792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2016-04-25 21:31 - 2016-04-25 21:31 - 00103064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2016-04-25 21:31 - 2016-04-25 21:31 - 00074544 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2016-04-25 21:31 - 2016-04-25 21:31 - 00052184 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2016-04-25 21:31 - 2016-04-25 21:31 - 00037656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2016-04-25 21:30 - 2016-04-25 21:34 - 00000000 ____D C:\Program Files\AVAST Software
2016-04-25 21:29 - 2016-04-25 21:34 - 00000000 ____D C:\ProgramData\AVAST Software
2016-04-25 15:00 - 2015-07-03 22:56 - 01674929 _____ (TeamExtreme) C:\Users\Scary\Desktop\Minecraft.exe
2016-04-20 19:51 - 2016-04-20 21:43 - 00738204 _____ C:\Users\Scary\Desktop\Lidé s poruchami osobnosti mohou pracovat.pptx
2016-04-18 21:14 - 2016-04-18 21:20 - 00001480 _____ C:\Users\Scary\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2016-04-18 21:14 - 2016-04-18 21:14 - 00006144 ___SH C:\Users\Scary\Documents\Thumbs.db
2016-04-18 21:00 - 2016-04-18 21:00 - 00003502 _____ C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-Scary-PC-Scary
2016-04-18 21:00 - 2016-04-18 21:00 - 00000000 ____D C:\Users\Scary\AppData\Roaming\PDAppFlex
2016-04-18 20:56 - 2016-04-18 20:56 - 00000871 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC (64 Bit).lnk
2016-04-18 20:56 - 2016-04-18 20:56 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2016-04-18 20:54 - 2016-04-18 20:56 - 00000000 ____D C:\Program Files\Common Files\Adobe
2016-04-18 20:51 - 2016-04-18 20:51 - 00001562 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk
2016-04-12 17:19 - 2016-04-12 17:19 - 00098422 _____ C:\Users\Scary\Desktop\letenka.pdf
2016-04-11 22:27 - 2016-04-11 22:27 - 00000000 ____D C:\Program Files (x86)\Vstplugins
2016-04-11 21:13 - 2016-04-12 23:18 - 00000000 ____D C:\Users\Scary\AppData\Roaming\Audacity
2016-04-11 21:13 - 2016-04-11 21:13 - 00000675 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2016-04-11 21:08 - 2016-04-11 21:08 - 00001390 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2016-04-11 21:08 - 2016-04-11 21:08 - 00001321 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2016-04-11 21:08 - 2016-04-11 21:08 - 00000000 ____D C:\WINDOWS\cs
2016-04-11 21:08 - 2016-04-11 21:08 - 00000000 ____D C:\Program Files (x86)\Windows Live
2016-04-11 21:08 - 2016-04-11 21:08 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2016-04-11 21:06 - 2016-04-11 21:08 - 00000000 ____D C:\Users\Scary\AppData\Local\Windows Live
2016-04-11 21:01 - 2016-04-11 22:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2016-04-11 21:01 - 2016-04-11 21:04 - 00000000 ____D C:\Users\Scary\AppData\Local\Sony
2016-04-11 21:01 - 2016-04-11 21:01 - 00000000 ____D C:\ProgramData\Sony
2016-04-11 21:01 - 2016-04-11 21:01 - 00000000 ____D C:\Program Files (x86)\Sony
2016-04-11 21:00 - 2016-04-11 21:04 - 00000000 ____D C:\Users\Scary\AppData\Roaming\Sony

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-04-28 14:06 - 2015-05-19 19:15 - 00000000 ____D C:\FRST
2016-04-28 14:03 - 2015-05-23 22:24 - 00000000 ____D C:\Users\Scary\AppData\Roaming\uTorrent
2016-04-28 14:03 - 2015-05-22 15:25 - 00000000 ____D C:\Users\Scary\AppData\Local\ClassicShell
2016-04-28 13:56 - 2015-05-23 12:12 - 00000000 ____D C:\Users\Scary\AppData\Roaming\vlc
2016-04-28 13:27 - 2015-05-22 14:49 - 00000978 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-28 13:26 - 2013-08-22 08:56 - 00148385 _____ C:\WINDOWS\system32\slmgr.vbs
2016-04-28 13:26 - 2013-08-22 01:52 - 00148385 _____ C:\WINDOWS\SysWOW64\slmgr.vbs
2016-04-28 11:31 - 2015-05-22 14:27 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4156770014-1070260320-4288352921-1000
2016-04-28 11:26 - 2016-01-31 12:38 - 00000000 ___RD C:\Users\Scary\iCloudDrive
2016-04-28 11:26 - 2015-05-22 14:49 - 00000974 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-28 11:26 - 2015-05-22 14:34 - 00000000 __SHD C:\Users\Scary\IntelGraphicsProfiles
2016-04-28 08:17 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-04-28 08:17 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-04-28 08:04 - 2015-05-22 14:27 - 00003970 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{51710AE4-8352-428B-A6A9-72EA8229F35E}
2016-04-28 08:03 - 2015-05-22 15:39 - 00000000 ____D C:\Users\Scary\AppData\Local\Adobe
2016-04-27 19:25 - 2015-05-22 14:28 - 01092608 ___SH C:\Users\Scary\Desktop\Thumbs.db
2016-04-27 16:28 - 2013-09-30 06:20 - 01749406 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-04-27 16:28 - 2013-09-30 05:57 - 00740962 _____ C:\WINDOWS\system32\perfh005.dat
2016-04-27 16:28 - 2013-09-30 05:57 - 00152146 _____ C:\WINDOWS\system32\perfc005.dat
2016-04-27 16:28 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\Inf
2016-04-27 16:22 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-04-26 20:52 - 2015-05-19 15:34 - 00000000 ____D C:\zoek_backup
2016-04-26 16:37 - 2015-05-18 19:56 - 00000000 ____D C:\AdwCleaner
2016-04-26 12:19 - 2015-05-22 14:17 - 00000000 ____D C:\Users\Scary
2016-04-26 08:07 - 2015-05-22 14:22 - 00000000 ____D C:\Users\Scary\AppData\Local\VirtualStore
2016-04-26 00:34 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-04-25 16:59 - 2015-06-29 21:03 - 00000000 ____D C:\Users\Scary\AppData\Roaming\TS3Client
2016-04-25 16:56 - 2016-01-31 12:38 - 00003420 _____ C:\WINDOWS\System32\Tasks\Apple Diagnostics
2016-04-25 15:20 - 2015-07-06 09:52 - 00000000 ____D C:\Users\Scary\AppData\Roaming\.minecraft
2016-04-19 22:59 - 2013-08-22 16:44 - 05147416 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-04-19 18:14 - 2015-05-22 15:39 - 00000000 ____D C:\ProgramData\Adobe
2016-04-18 21:14 - 2015-05-22 14:22 - 00000000 ____D C:\Users\Scary\AppData\Roaming\Adobe
2016-04-11 22:16 - 2016-01-11 13:28 - 00000000 ____D C:\Users\Scary\AppData\Roaming\Skype
2016-04-11 21:32 - 2015-05-22 14:50 - 00002215 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-11 21:32 - 2015-05-22 14:50 - 00002203 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-04-10 16:46 - 2014-11-07 22:37 - 00000000 ____D C:\Users\Scary\Documents\m
2016-03-29 19:50 - 2015-11-26 19:55 - 00001986 _____ C:\Users\Scary\Desktop\PDF Split And Merge Basic.lnk

==================== Files in the root of some directories =======

2016-04-18 21:14 - 2016-04-18 21:20 - 0001480 _____ () C:\Users\Scary\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2015-05-22 15:01 - 2015-05-22 15:01 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-01-23 19:17 - 2016-01-23 19:17 - 0001534 _____ () C:\ProgramData\ss.ini

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-04-20 21:50

==================== End of FRST.txt ============================

[jaro3]

Addition.txt je kde?

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CloseProcesses:
HKU\S-1-5-21-4156770014-1070260320-4288352921-1000\...\MountPoints2: {8aab3ca4-06bf-11e5-8261-303a648a2716} - "F:\RunGame.exe"
HKU\S-1-5-21-4156770014-1070260320-4288352921-1000\...\MountPoints2: {e356dc12-03bc-11e5-8259-303a648a2716} - "E:\Setup.exe"
SearchScopes: HKU\S-1-5-21-4156770014-1070260320-4288352921-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\ProgramData\DP45977C.lfl
C:\ProgramData\ss.ini

EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

[Scary]

Additional scan result of Farbar Recovery Scan Tool (x64) Version:27-04-2016
Ran by Scary (2016-04-28 14:07:15)
Running from C:\Users\Scary\Desktop
Windows 8.1 Pro (X64) (2015-05-22 12:22:23)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4156770014-1070260320-4288352921-500 - Administrator - Disabled)
Guest (S-1-5-21-4156770014-1070260320-4288352921-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4156770014-1070260320-4288352921-1003 - Limited - Enabled)
Scary (S-1-5-21-4156770014-1070260320-4288352921-1000 - Administrator - Enabled) => C:\Users\Scary

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-4156770014-1070260320-4288352921-1000\...\uTorrent) (Version: 3.4.6.42094 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
Aktualizace NVIDIA 2.4.3.31 (Version: 2.4.3.31 - NVIDIA Corporation) Hidden
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.2.2261 - AVAST Software)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Classic Shell (HKLM\...\{E289B7DD-6732-4333-A47A-75A145D23EE3}) (Version: 4.2.4 - IvoSoft)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.21.50 - Conexant)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 5.0.1.0406 - Disc Soft Ltd)
Desktop Lighter (HKU\S-1-5-21-4156770014-1070260320-4288352921-1000\...\{CFA2CFAB-4B51-47D5-8ECF-5C007F37DB94}) (Version: 1.4 - DiMXSoft)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
FreeRIP MP3 Converter 4.8.0 (HKLM-x32\...\{501451DE-5808-4599-B544-8BD0915B6B24}_is1) (Version: 4.8.0 - GreenTree Applications SRL)
GamePark (HKLM-x32\...\GameParkClient_is1) (Version: - GamePark)
GamePark klient 2.0.9.0 (HKLM\...\{52E5D8A7-B129-4A29-AD4B-EBB749DCC3A3}_is1) (Version: 2.0.9.0 - GamePark)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
iCloud (HKLM\...\{4B48E22A-2FB0-4EFA-B99E-954B1E50CD69}) (Version: 5.1.0.34 - Apple Inc.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4170 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
iTunes (HKLM\...\{A31C5565-90D9-4615-AE13-94D86C3836C7}) (Version: 12.3.3.17 - Apple Inc.)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.31.1 - ELAN Microelectronic Corp.)
Malwarebytes Anti-Malware verze 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 42.0 (x86 cs) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 cs)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0 - Mozilla)
My Game Long Name (HKLM\...\UDK-a03f7f14-9108-4fb9-8540-5f418523dcaa) (Version: - Epic Games, Inc.)
NVIDIA GeForce Experience 2.4.3.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.3.31 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 332.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 332.33 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.13.0927 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0927 - NVIDIA Corporation)
OSCAR Editor (x32 Version: 12.03.0004 - A4TECH) Hidden
Ovládací panel NVIDIA 332.33 (Version: 332.33 - NVIDIA Corporation) Hidden
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
PDF Split And Merge Basic (HKLM\...\{C91B24F6-1629-11E2-B696-21676188709B}) (Version: 2.2.2 - Andrea Vacondio)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{FE5C2FAA-118D-4509-B51D-3F71CC9E1B3E}) (Version: 4.3 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{2937FD88-C9D6-4B82-B539-37CD0A572F42}) (Version: 4.3 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RICOH_Media_Driver_v2.22.18.01 (HKLM-x32\...\{FE041B02-234C-4AAA-9511-80DF6482A458}) (Version: 2.22.18.01 - RICOH)
SafeZone Stable 1.48.2066.98 (x32 Version: 1.48.2066.98 - Avast Software) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden
SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.3.31 - NVIDIA Corporation) Hidden
Skype™ 7.17 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.17.106 - Skype Technologies S.A.)
Sony Vegas Pro 8.0 (HKLM-x32\...\{7C9AD221-994C-45B2-B46D-26F5735158CF}) (Version: 8.0.217 - Sony)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Vegas Pro 12.0 (64-bit) (HKLM\...\{A7500970-FE98-11E1-B560-F04DA23A5C58}) (Version: 12.0.367 - Sony)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
Worms Revolution (HKLM-x32\...\Steam App 200170) (Version: - Team17 Digital Ltd)
X7 Oscar Editor (HKLM-x32\...\InstallShield_{3C2379D2-337A-4FFA-9017-BDFB80EC0931}) (Version: 12.03.0004 - A4TECH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4156770014-1070260320-4288352921-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {051A038C-835B-4680-8686-573BA995E52C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-22] (Google Inc.)
Task: {19D169D1-3C38-40D5-A412-0F8AE86BAD37} - System32\Tasks\{6642D7EB-D4EF-4BD9-B25E-06E88DE4364F} => pcalua.exe -a "C:\hry\EA GAMES\Need for Speed Underground 2\speed2.exe" -d "C:\hry\EA GAMES\Need for Speed Underground 2"
Task: {26D4A7A9-A8BA-400F-BA53-3C178B57A92D} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2015-12-01] (Apple Inc.)
Task: {2C126E9E-9CAF-4914-8A3F-10B777576B5E} - System32\Tasks\Microsoft\Windows\WS\WSLicenses => C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\WSLicense\WmiPrvSE.exe [2015-10-21] (Microsoft Corporation)
Task: {37DA91C5-6360-40EB-9409-080DD39C8A5B} - System32\Tasks\{B71981C3-E62A-4867-9C88-D227DD3DE971} => pcalua.exe -a G:\Video\NFSUNDRGRND2\Texmod.exe -d G:\Video\NFSUNDRGRND2
Task: {88E4E6F0-24EB-4EA6-A8B9-E1A666E62914} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-22] (Google Inc.)
Task: {8C212483-FCC4-4AB5-AA02-A5D079ECAE08} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {9BFF0D47-286B-4574-A7D7-68BED12777FF} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-04-25] (AVAST Software)
Task: {A5424504-BE99-48F7-ABE3-CEB4BB9AC32E} - System32\Tasks\SafeZone scheduled Autoupdate 1461612890 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-03-30] (Avast Software)
Task: {A990DAB9-9C2B-453A-ABD0-0DC0BF67D283} - System32\Tasks\Microsoft\Windows\WS\WSSync => C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\WSLicense\dllhost.exe [2015-10-21] (Microsoft Corporation)
Task: {CD5AEECE-ADED-4862-9B50-860014F19068} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-04-25] (AVAST Software)
Task: {EE2D84C8-7F2E-4A31-BD8C-19BB0A2B058A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {F7466D5D-54B6-4ECE-BE32-56A7F2D25A84} - System32\Tasks\AdobeAAMUpdater-1.0-Scary-PC-Scary => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-03-21] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-03-18 23:56 - 2016-03-18 23:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-03-18 23:56 - 2016-03-18 23:56 - 01329936 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-06-29 20:52 - 2015-12-23 19:13 - 00076888 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2015-05-22 14:33 - 2014-01-06 10:13 - 00117536 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2015-03-19 21:02 - 2015-03-19 21:02 - 00393480 _____ () C:\WINDOWS\system32\igfxTray.exe
2015-05-22 15:01 - 2010-10-26 06:40 - 00049056 _____ () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
2016-04-25 21:31 - 2016-04-25 21:31 - 00123344 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2016-04-25 21:31 - 2016-04-25 21:31 - 00135816 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-04-27 11:12 - 2016-04-27 11:12 - 02891264 _____ () C:\Program Files\AVAST Software\Avast\defs\16042700\algo.dll
2016-04-25 21:31 - 2016-04-25 21:31 - 00478144 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-04-28 08:01 - 2016-04-28 08:01 - 02891264 _____ () C:\Program Files\AVAST Software\Avast\defs\16042704\algo.dll
2015-05-22 14:43 - 2013-09-16 21:20 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-05-22 14:41 - 2015-05-08 02:36 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-03-18 23:56 - 2016-03-18 23:56 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2016-03-18 23:56 - 2016-03-18 23:56 - 00237328 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2016-03-18 23:56 - 2016-03-18 23:56 - 01040656 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2016-04-25 21:31 - 2016-04-25 21:31 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2016-04-26 20:40 - 00000753 ____A C:\WINDOWS\system32\Drivers\etc\hosts


127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4156770014-1070260320-4288352921-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Scary\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4156770014-1070260320-4288352921-1000\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-4156770014-1070260320-4288352921-1000\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-4156770014-1070260320-4288352921-1000\...\StartupApproved\Run: => "OscarEditor"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{12980939-B746-4D64-8717-8E017E37B304}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{7E297C53-0361-4BF1-872E-4FDD33729EB8}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{10C90BB9-BF97-4266-98C8-B6E4C4C59498}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{3BAC765B-3E2A-4638-B2BD-6361680AB168}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{25DCF773-0C29-4BCE-BB5B-EAD0C4CB920B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{594FAA14-7D04-4B61-A666-969358D608D5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{58BEB6B8-40DD-46E5-BCD0-F4FBE33D9A54}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe
FirewallRules: [UDP Query User{0AAC81A8-4078-4865-91C5-170110D84D53}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe
FirewallRules: [{8A05B67E-CF13-4975-A0AD-1AF1CA53C77A}] => (Allow) C:\Users\Scary\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{564A29BF-D389-410B-8084-857C23C9AFA0}] => (Allow) C:\Users\Scary\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{14A00FB2-CF21-4A17-90FC-F39231CD8E84}] => (Allow) G:\Hry\Steam\Steam.exe
FirewallRules: [{70BF82EC-7964-4901-9921-ABBF6019D3B5}] => (Allow) G:\Hry\Steam\Steam.exe
FirewallRules: [{42C81637-39E3-49B6-93C9-DE16405856E5}] => (Allow) G:\Hry\Steam\bin\steamwebhelper.exe
FirewallRules: [{5A7D55F1-D245-4942-9890-51BE4162A942}] => (Allow) G:\Hry\Steam\bin\steamwebhelper.exe
FirewallRules: [{96285972-DFED-4E43-8E38-F1E7C32168A9}] => (Allow) G:\Hry\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{D9E3CBC0-8EE1-4B63-84B4-D03CF2250E0B}] => (Allow) G:\Hry\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{F66B58CA-FC29-4E5E-8536-7554C95982A6}G:\install\call of duty 2\cod2mp_s.exe] => (Allow) G:\install\call of duty 2\cod2mp_s.exe
FirewallRules: [UDP Query User{CA04ABF0-1332-4E99-8553-7BBE21AEA5B0}G:\install\call of duty 2\cod2mp_s.exe] => (Allow) G:\install\call of duty 2\cod2mp_s.exe
FirewallRules: [TCP Query User{8F3DF423-8ED2-41BA-BA9F-52ACB348771D}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{338CF482-F8DF-47B6-A408-781417E4EED8}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [TCP Query User{9DBC56EB-1E0E-4E60-9E67-E9AA9905854A}G:\hry\activision\call of duty 2\cod2mp_s.exe] => (Allow) G:\hry\activision\call of duty 2\cod2mp_s.exe
FirewallRules: [UDP Query User{87AE142B-7344-4190-AEEA-71D7CEFAA4D6}G:\hry\activision\call of duty 2\cod2mp_s.exe] => (Allow) G:\hry\activision\call of duty 2\cod2mp_s.exe
FirewallRules: [{CF4D089D-7FEB-44C3-BBA7-FFB803A65F7C}] => (Allow) G:\Hry\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{99D57C19-BB25-4F9D-93D8-F118C92BEEEF}] => (Allow) G:\Hry\Steam\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [TCP Query User{CF0887E9-7A5E-408D-9395-B2D06A514BCF}C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [UDP Query User{CE3D3549-A9CF-4075-BF05-F504679A5B81}C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [TCP Query User{908FAE76-1D01-4EC8-9D2C-274F065551E3}C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [UDP Query User{45CA7AB7-F3CB-4981-8671-0EE99AEF41AD}C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [{C6219DD3-D6FD-4748-A5C2-953597D71565}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{EC7DA392-3C8A-4DAE-88C2-8EC38018BB9F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{0724588F-1B13-4674-B463-06BC71C855AA}G:\hry\activision\call of duty 2\cod2mp_s.exe] => (Allow) G:\hry\activision\call of duty 2\cod2mp_s.exe
FirewallRules: [UDP Query User{203D5BEF-F2D9-4290-8161-6AD9F1D0D94D}G:\hry\activision\call of duty 2\cod2mp_s.exe] => (Allow) G:\hry\activision\call of duty 2\cod2mp_s.exe
FirewallRules: [TCP Query User{D4B24695-895D-4C7D-980E-2AACFF56D0D8}G:\hry\activision\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) G:\hry\activision\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [UDP Query User{24C9064C-4A42-4E4C-874E-8582BC8C1C93}G:\hry\activision\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) G:\hry\activision\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [{FAF86AD9-9634-4CFD-9BA4-1E3A93196FBD}] => (Allow) G:\Hry\Steam\steamapps\common\WormsRevolution\WormsRevolution.exe
FirewallRules: [{0F1419B7-AC70-473F-9648-B10E6B79B394}] => (Allow) G:\Hry\Steam\steamapps\common\WormsRevolution\WormsRevolution.exe
FirewallRules: [TCP Query User{46093CE5-F55C-45D4-B546-57FB4EC6FBD1}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{C72A61A4-B204-449E-B949-B66790099E7C}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{66CE287D-F61A-4E20-8F2A-C7BC4CF9079A}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{5746F925-9540-4F60-B310-7386A14C7B47}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{01667333-6065-465B-96E6-D4E90D99D3B2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2AB5332B-36AC-4511-801B-8A599C1F7F8E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{678DDAF0-A46A-455C-A578-32369E9103B1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{6897E965-F661-422B-828F-95ECDE5D6A8A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{60F7EEDD-3751-409F-A2F7-6B5F357B1938}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{03F31598-24C6-4E55-9B10-9DCCA73FE98B}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{8F87D1BD-B5DE-4636-9D6F-F5770529DD68}] => (Allow) LPort=2869
FirewallRules: [{398C37CF-344D-43F8-B014-DF8CEAA8DEE6}] => (Allow) LPort=1900
FirewallRules: [{5C1998C7-EC96-4030-96E6-AFB0576D2C5F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

11-04-2016 21:07:30 Nainstalováno rozhraní DirectX
22-04-2016 18:15:42 Naplánovaný kontrolní bod
26-04-2016 16:43:12 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: USB2.0-CRW
Description: USB2.0-CRW
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/28/2016 01:57:39 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Scary-PC)
Description: Aplikaci Microsoft.BingSports_8wekyb3d8bbwe!AppexSports se nepovedlo aktivovat, protože došlo k chybě: -2144927148. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (04/28/2016 01:57:39 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Scary-PC)
Description: Aplikaci Microsoft.BingHealthAndFitness_8wekyb3d8bbwe!AppexHealthAndFitness se nepovedlo aktivovat, protože došlo k chybě: -2144927148. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (04/28/2016 11:37:30 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: AppendDNSNameString: Illegal empty label in name "."

Error: (04/28/2016 11:37:30 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: AppendDNSNameString: Illegal empty label in name "."

Error: (04/28/2016 11:26:46 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [0]

Error: (04/28/2016 11:26:23 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: AppendDNSNameString: Illegal empty label in name "."

Error: (04/28/2016 11:26:22 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Scary-PC)
Description: Aplikaci Microsoft.BingHealthAndFitness_8wekyb3d8bbwe!AppexHealthAndFitness se nepovedlo aktivovat, protože došlo k chybě: -2144927148. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (04/28/2016 11:26:22 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Scary-PC)
Description: Aplikaci Microsoft.BingSports_8wekyb3d8bbwe!AppexSports se nepovedlo aktivovat, protože došlo k chybě: -2144927148. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (04/28/2016 11:26:18 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: AppendDNSNameString: Illegal empty label in name "."

Error: (04/28/2016 11:26:18 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: AppendDNSNameString: Illegal empty label in name "."


System errors:
=============
Error: (04/28/2016 08:51:59 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníAktivace{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici

Error: (04/28/2016 08:18:13 AM) (Source: DCOM) (EventID: 10010) (User: Scary-PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (04/28/2016 08:17:43 AM) (Source: DCOM) (EventID: 10010) (User: Scary-PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (04/28/2016 01:33:49 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníAktivace{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici

Error: (04/27/2016 04:21:23 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníAktivace{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici

Error: (04/27/2016 11:03:21 AM) (Source: DCOM) (EventID: 10010) (User: Scary-PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (04/27/2016 11:02:43 AM) (Source: DCOM) (EventID: 10010) (User: Scary-PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (04/27/2016 10:58:29 AM) (Source: DCOM) (EventID: 10010) (User: Scary-PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (04/27/2016 10:57:59 AM) (Source: DCOM) (EventID: 10010) (User: Scary-PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (04/27/2016 09:16:08 AM) (Source: DCOM) (EventID: 10010) (User: Scary-PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}


CodeIntegrity:
===================================
Date: 2016-04-25 21:33:45.320
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-04-25 21:33:44.863
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-04-25 21:30:09.704
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-04-25 21:30:09.476
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-04-25 08:37:40.907
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-04-25 08:37:40.735
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-04-22 18:20:12.188
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-04-22 18:20:12.032
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-04-22 14:37:05.077
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-04-22 14:37:04.917
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz
Percentage of memory in use: 35%
Total physical RAM: 3992.36 MB
Available physical RAM: 2558.5 MB
Total Virtual: 4952.36 MB
Available Virtual: 3273.42 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:97.66 GB) (Free:46.89 GB) NTFS
Drive g: (SCRNTR) (Fixed) (Total:832.88 GB) (Free:588.91 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or (Size: 931.5 GB) (Disk ID: D9FA2484)
Partition 1: (Active) - (Size=1000 MB) - (Type=0B)
Partition 2: (Not Active) - (Size=97.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=832.9 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

[Scary]

Fix result of Farbar Recovery Scan Tool (x64) Version:27-04-2016
Ran by Scary (2016-04-29 13:40:30) Run:2
Running from C:\Users\Scary\Desktop
Loaded Profiles: Scary (Available Profiles: Scary)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
HKU\S-1-5-21-4156770014-1070260320-4288352921-1000\...\MountPoints2: {8aab3ca4-06bf-11e5-8261-303a648a2716} - "F:\RunGame.exe"
HKU\S-1-5-21-4156770014-1070260320-4288352921-1000\...\MountPoints2: {e356dc12-03bc-11e5-8259-303a648a2716} - "E:\Setup.exe"
SearchScopes: HKU\S-1-5-21-4156770014-1070260320-4288352921-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\ProgramData\DP45977C.lfl
C:\ProgramData\ss.ini

EmptyTemp:
End
*****************

Processes closed successfully.
"HKU\S-1-5-21-4156770014-1070260320-4288352921-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8aab3ca4-06bf-11e5-8261-303a648a2716}" => key removed successfully
HKCR\CLSID\{8aab3ca4-06bf-11e5-8261-303a648a2716} => key not found.
"HKU\S-1-5-21-4156770014-1070260320-4288352921-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e356dc12-03bc-11e5-8259-303a648a2716}" => key removed successfully
HKCR\CLSID\{e356dc12-03bc-11e5-8259-303a648a2716} => key not found.
"HKU\S-1-5-21-4156770014-1070260320-4288352921-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}" => key removed successfully
HKCR\CLSID\{012E1000-F331-11DB-8314-0800200C9A66} => key not found.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully
C:\ProgramData\ss.ini => moved successfully
EmptyTemp: => 1.2 GB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 13:40:43 ====

[jaro3]

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CloseProcesses:
Task: {051A038C-835B-4680-8686-573BA995E52C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-22] (Google Inc.)
Task: {88E4E6F0-24EB-4EA6-A8B9-E1A666E62914} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-22] (Google Inc.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

problémy tedy žádné?

[Scary]

Problémy žádné.

Fix result of Farbar Recovery Scan Tool (x64) Version:27-04-2016
Ran by Scary (2016-04-29 19:31:07) Run:3
Running from C:\Users\Scary\Desktop
Loaded Profiles: Scary (Available Profiles: Scary)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
Task: {051A038C-835B-4680-8686-573BA995E52C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-22] (Google Inc.)
Task: {88E4E6F0-24EB-4EA6-A8B9-E1A666E62914} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-22] (Google Inc.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{051A038C-835B-4680-8686-573BA995E52C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{051A038C-835B-4680-8686-573BA995E52C}" => key removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{88E4E6F0-24EB-4EA6-A8B9-E1A666E62914}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{88E4E6F0-24EB-4EA6-A8B9-E1A666E62914}" => key removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => key removed successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => not found.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
EmptyTemp: => 359.3 MB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 19:31:17 ====

[jerabina]

Stáhni si zde DelFix
https://toolslib.net/downloads/viewdownload/2-delfix/

ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore) .
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci.

Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem. Jinak je zpráva zde:
v C: \ DelFix.txt

Pokud nejsou problémy, je to vše a můžeš dát vyřešeno - zelenou "fajfku"

[Scary]

VŠE SNAD OK. TAK DĚKUJU MOC.

# DelFix v1.013 - Logfile created 30/04/2016 at 11:10:46
# Updated 17/04/2016 by Xplode
# Username : Scary - SCARY-PC
# Operating System : Windows 8.1 Pro (64 bits)

~ Removing disinfection tools ...

Deleted : C:\FRST
Deleted : C:\zoek_backup
Deleted : C:\AdwCleaner
Deleted : C:\RegBackup
Deleted : C:\zoek-results.log
Deleted : C:\zoek-results2015-05-19-135216.log
Deleted : C:\Users\Scary\Desktop\Addition.txt
Deleted : C:\Users\Scary\Desktop\adwcleaner_5.113.exe
Deleted : C:\Users\Scary\Desktop\Fixlog.txt
Deleted : C:\Users\Scary\Desktop\FRST.txt
Deleted : C:\Users\Scary\Desktop\FRST64.exe
Deleted : C:\Users\Scary\Desktop\JRT.exe
Deleted : C:\Users\Scary\Desktop\JRT.txt
Deleted : C:\Users\Scary\Desktop\HijackThis.exe
Deleted : C:\Users\Scary\Desktop\hijackthis.log
Deleted : C:\Users\Scary\Desktop\RogueKillerX64.exe
Deleted : C:\Users\Scary\Desktop\zoek.exe
Deleted : C:\Users\Scary\Downloads\FRST64.exe
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis

~ Cleaning system restore ...

Deleted : RP #60 [Nainstalováno rozhraní DirectX | 04/11/2016 19:07:30]
Deleted : RP #61 [Naplánovaný kontrolní bod | 04/22/2016 16:15:42]
Deleted : RP #62 [JRT Pre-Junkware Removal | 04/26/2016 14:43:12]

New restore point created !

########## - EOF - ##########