Kontrola logu: info.zip 2 Vyřešeno

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

Zamčeno
jdvori
Level 1
Level 1
Příspěvky: 73
Registrován: listopad 13
Pohlaví: Muž
Stav:
Offline

Re: Kontrola logu: info.zip 2

Příspěvekod jdvori » 16 říj 2016 19:14

Additional scan result of Farbar Recovery Scan Tool (x64) Version:04-10-2015
Ran by Vykovi (2016-10-16 18:54:44)
Running from C:\Users\Vykovi\Desktop
Windows 10 Home (X64) (2016-09-30 16:12:37)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2552311898-4107449365-1672926212-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2552311898-4107449365-1672926212-503 - Limited - Disabled)
Guest (S-1-5-21-2552311898-4107449365-1672926212-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2552311898-4107449365-1672926212-1003 - Limited - Enabled)
Vykovi (S-1-5-21-2552311898-4107449365-1672926212-1001 - Administrator - Enabled) => C:\Users\Vykovi

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

„Windows Live Essentials“ (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
„Windows Live Mail“ (x32 Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden
„Windows Live Messenger“ (x32 Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden
„Windows Live“ fotogalerija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version: - )
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.020.20039 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.162 - Adobe Systems Incorporated)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
ASUS AI Recovery (HKLM-x32\...\{38253529-D97D-4901-AE53-5CC9736D3A2E}) (Version: 1.0.13 - ASUS)
ASUS FancyStart (HKLM-x32\...\{2B81872B-A054-48DA-BE3B-FA5C164C303A}) (Version: 1.1.0 - ASUSTeK Computer Inc.)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.24 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.1.44 - ASUS)
ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0011 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0031 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.21 - asus)
ASUS_Screensaver (HKLM-x32\...\ASUS_Screensaver) (Version: - )
Atheros Client Installation Program (HKLM-x32\...\{D3694B69-6F8C-42D3-8A0A-EB2AB528C02C}) (Version: 7.0 - Atheros)
ATI Catalyst Install Manager (HKLM\...\{BC930EC9-72AF-82E7-0E7E-D397FE044D43}) (Version: 3.0.829.0 - ATI Technologies, Inc.)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0010 - ASUS)
Avast Free Antivirus (HKLM-x32\...\avast) (Version: 12.3.2280 - AVAST Software)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.2.0.65 - Atheros Communications)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.66.1075 - AB Team, d.o.o.)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1908 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3602c - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
ELAN Touchpad 11.15.0.18_X64 (HKLM\...\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.)
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.9 - ASUS)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
HP LaserJet P1500 series (HKLM-x32\...\HP LaserJet P1500 series) (Version: - )
hppMSRedist (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
hppusgP1500 (x32 Version: 1.1.0.1 - Hewlett-Packard) Hidden
HPSSupply (HKLM-x32\...\{7902E313-FF0F-4493-ACB1-A8147B78DCD0}) (Version: 2.1.1.0000 - Název společnosti:)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware verze 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50709.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mozilla Firefox 49.0.1 (x86 cs) (HKLM-x32\...\Mozilla Firefox 49.0.1 (x86 cs)) (Version: 49.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 49.0.1.6109 - Mozilla)
MrvlUsgTracking (HKLM-x32\...\{A82D052A-0806-42DF-80CD-1730A1AC0ED3}) (Version: 1.0.7 - Marvell)
MrvlUsgTracking64 (HKLM\...\{42F0FD29-7EB3-4CAA-AF10-BC2619B96D80}) (Version: 1.0.1 - Marvell Semiconductor Pvt Ltd)
NovaBench 3.0.4 (HKLM-x32\...\{88603FC0-6B3C-442D-981E-E3D49F083548}_is1) (Version: - Novawave Inc.)
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.140.248 - Google, Inc.)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.42.304.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6403 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30127 - Realtek Semiconductor Corp.)
RogueKiller verze 12 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12 - Adlice Software)
Sada Compatibility Pack pro systém Office 2007 (HKLM-x32\...\{90120000-0020-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
SafeZone Stable 1.51.2220.62 (x32 Version: 1.51.2220.62 - Avast Software) Hidden
Skype™ 7.28 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.28.101 - Skype Technologies S.A.)
Sonic Focus (HKLM-x32\...\{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}) (Version: 1.0.0.4 - Synopsys )
Splash Lite (HKLM-x32\...\{8B4A6011-BB10-4918-B561-3F6CF5712B37}) (Version: 1.7.1 - Mirillis)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 7.56a - Ghisler Software GmbH)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.31.1 - ASUS)
Wireless Console 3 (HKLM-x32\...\{8150221C-8F7E-4997-AD4E-AFDEE7F4B410}) (Version: 3.0.21 - ASUS)
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2552311898-4107449365-1672926212-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Vykovi\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileCoAuth.exe (Microsoft Corporation)

==================== Restore Points =========================

01-10-2016 15:13:58 Windows Update
01-10-2016 15:15:52 Windows Update
09-10-2016 20:36:15 Instalační služba modulů systému Windows

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2016-10-12 20:49 - 00000753 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01C995FF-D178-4E7B-AC4A-9E950006A207} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {03896D04-23AB-4F74-A27D-B1B71EE41E2C} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask => C:\Windows\system32\MDMAgent.exe [2016-07-16] (Microsoft Corporation)
Task: {0837D897-84CB-4E30-A8DD-807937A81DFC} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {11EF8237-224D-4CF9-9039-61D08754EA5D} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => C:\Windows\system32\compattelrunner.exe [2016-09-15] (Microsoft Corporation)
Task: {148318FC-5974-4508-A415-B3AFD16E5DDB} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {16DEA092-FB0C-40D0-AE20-0536BECC21D9} - System32\Tasks\Microsoft\Windows\EDP\EDP App Launch Task
Task: {184784E2-6ACB-4154-BD0F-A955BE13F177} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePolicyChange
Task: {19D97EB6-8454-4543-9E0F-D672D9575E7F} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {1B65DD58-D16B-45E8-BEB4-94D7E4D64DF7} - System32\Tasks\Microsoft\Windows\EDP\EDP Auth Task
Task: {26C43E52-5E1F-449D-9EE8-B798E4503ADC} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-09-18] (Microsoft Corporation)
Task: {2784776C-0F7E-4AEC-8ECF-B93194AA3103} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2010-11-15] (ASUS)
Task: {29308477-8F7E-4D4F-92D5-F1534E61B6F5} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {34B4C7C8-2756-47EA-8EDB-9209FDC1344E} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {3B02C417-E8B5-48BF-8476-3D53575FDCAE} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-09-18] (AVAST Software)
Task: {3C9616B2-742C-4820-AFAE-F3D2459E9677} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {3D966D87-5FE5-4FBC-8E90-DB0F48E454DB} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {3E3E65EA-6693-4ACC-947D-206853F50D65} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {42145BE5-4059-431F-919A-1A381C5966DE} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {43DF67E8-D733-48FA-98F2-4E6D341E4A79} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattelrunner.exe [2016-09-15] (Microsoft Corporation)
Task: {47B1E67E-7CCB-4BA2-9243-FA7459463883} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Vykovi\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe [2016-09-30] (Microsoft Corporation)
Task: {4862E6AD-7FEC-4184-B4B9-BA165E266396} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {4FC05BC5-DA0D-4CA1-BDC4-7482EFA5CBB0} - System32\Tasks\Microsoft\Windows\ErrorDetails\ErrorDetailsUpdate
Task: {51B7FB15-4DCB-400E-9A98-10E802F21FB3} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceScreenOnOff
Task: {55FF9C28-24B3-4D34-A3D0-9D8088040BCD} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {5654DFBB-E797-4758-B9A0-8BAE94A91F1D} - System32\Tasks\Microsoft\Windows\DUSM\dusmtask => C:\Windows\System32\dusmtask.exe [2016-07-16] (Microsoft Corporation)
Task: {5FAAF530-ED1B-4F7B-AD7B-1694AA0B202B} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\CryptoPolicyTask
Task: {6232090F-3BD0-4E1F-960B-78CBA797F685} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleWnsCommand
Task: {63DEEA9E-3114-4459-85CD-E091CCE86098} - System32\Tasks\Microsoft\Windows\SpacePort\SpaceManagerTask => C:\Windows\system32\spaceman.exe [2016-09-15] (Microsoft Corporation)
Task: {64AF17CC-70B2-4267-8369-751B3FCC35E1} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {656F26ED-CB7A-405C-870F-40D33F2259F1} - System32\Tasks\Microsoft\Windows\Management\Provisioning\Logon => C:\Windows\system32\ProvTool.exe [2016-09-30] (Microsoft Corporation)
Task: {6B1AE720-1359-4B9E-9C0F-60167361EF01} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefreshTask
Task: {6D1C0035-5CAD-4340-A533-D63C9853BCC9} - System32\Tasks\Microsoft\Windows\Storage Tiers Management\Storage Tiers Management Initialization
Task: {6E8AE752-C5D2-4B34-B351-338B4370A342} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\HandleCommand
Task: {6FECF9BE-AED8-4627-80ED-91FF5361960F} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {773492A6-4F08-4DAF-9C1B-778BC17ACAED} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {78588675-6CF3-4E50-B5B1-1EC34EAA2F6B} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {788F13F5-D544-4407-8B55-DAE06FA78CCE} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2010-08-02] (ASUS)
Task: {7AC5E1E2-2FD3-40CD-8842-88CE53A3609C} - System32\Tasks\Microsoft\Windows\DiskFootprint\StorageSense
Task: {7DDF9673-8D0B-4652-B795-1BEAD1206B65} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {83FFCE63-2FA7-4FD4-83A8-8A4B113D8F46} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2011-03-07] (ASUS)
Task: {84F02A50-EBB3-404C-ABC6-4DC6024FDEAA} - System32\Tasks\Microsoft\XblGameSave\XblGameSaveTask => C:\Windows\System32\XblGameSaveTask.exe [2016-07-16] (Microsoft Corporation)
Task: {8899698F-2BF7-4725-A264-A5C81562C151} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {88ABA005-2DBD-47EB-B123-D54E92796C95} - System32\Tasks\Microsoft\Windows\ErrorDetails\EnableErrorDetailsUpdate
Task: {8D791FAA-0257-4EBC-A6DD-74E842528806} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceSettingChange
Task: {8E0E106E-D7FA-4F39-92D4-80EAA99E6B71} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17] (ASUS)
Task: {9713A702-3008-4DE2-9464-1C3FD4B03EDA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {9851188E-AC07-4F36-BA28-6D00BB2C9C46} - System32\Tasks\Microsoft\Windows\Device Information\Device => C:\Windows\system32\devicecensus.exe [2016-09-15] (Microsoft Corporation)
Task: {99DD05AA-BFCA-4FBF-AB2E-7DE200F8EC4D} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {9AA740B5-08C0-4F63-BCA4-CFE4829DF49E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-09-17] (Adobe Systems Incorporated)
Task: {9C9F899E-B978-4B4A-8425-B4A599CF4874} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {9E8ECFFE-2D41-4600-8C72-72E21072388A} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe [2016-09-15] (Microsoft Corporation)
Task: {A0077CE5-744E-4EC0-8B95-603E8AC6ED8E} - System32\Tasks\Microsoft\Windows\License Manager\TempSignedLicenseExchange
Task: {A2475B80-A8CC-4EE5-86BC-11629532A63C} - System32\Tasks\SafeZone scheduled Autoupdate 1468617636 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-09-06] (Avast Software)
Task: {A710E761-71F0-4579-B97A-436E54678288} - System32\Tasks\Microsoft\XblGameSave\XblGameSaveTaskLogon => C:\Windows\System32\XblGameSaveTask.exe [2016-07-16] (Microsoft Corporation)
Task: {AA5A49AF-78B1-4226-BC9E-9E3B226D5D67} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {AA921623-B84A-4EC8-A6DA-5D46323FC6D9} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {B320E058-C6FA-413F-876B-0C9B4428AE66} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic6
Task: {B6EE76B2-4F82-4E15-9345-C867A29CBAD0} - System32\Tasks\Microsoft\Windows\Speech\SpeechModelDownloadTask => C:\Windows\system32\speech_onecore\common\SpeechModelDownload.exe [2016-09-30] (Microsoft Corporation)
Task: {BDDEF317-2692-422F-AEA2-FFD67DC7CEA3} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterUserDevice
Task: {C125018F-0B81-4B64-B7DC-0E01220E5D0E} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceAccountChange
Task: {C1D81DCA-3E83-4A6C-879C-1A4F9658D557} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {C6B2579B-4962-4D12-883D-BBD420573A6C} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic1
Task: {C778374C-94FE-41B0-B705-5FC952201AC0} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {CC636E49-0109-402B-A40B-A37C29069A95} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\LocateCommandUserSession
Task: {D19A2726-897E-4F7D-9CE4-0773B449CE9E} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceConnectedToNetwork
Task: {D394BE25-2E16-45D4-AAB2-3E8861A09351} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitorToastTask
Task: {D3C4106A-D511-42C6-9716-465644534C87} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierinstall => C:\Windows\system32\AppHostRegistrationVerifier.exe [2016-07-16] (Microsoft Corporation)
Task: {D941F53F-7907-4FBE-B1E7-69EBD5B3A5D8} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceLocationRightsChange
Task: {DD548504-31EE-43FF-A573-1E9BCB56DC76} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {DD65096F-7326-400F-9735-4870CF42F315} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {DDAECFC0-67E3-4062-BF25-CD685F73B394} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\IntegrityCheck
Task: {E3969423-1B09-43BD-A3AC-98754F49E3A1} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {E4CC5846-C524-4D1F-BEDE-B3A25EF35E6C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {E7B04252-97CA-42C6-9920-F58B76B2C3E1} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic24
Task: {E959E007-A71C-4952-8EA8-22DE146D6227} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {EA9BAA00-6604-4A27-8A73-AFA65F0EE1B3} - System32\Tasks\Microsoft\Windows\SharedPC\Account Cleanup => Rundll32.exe %windir%\System32\Windows.SharedPC.AccountManager.dll,StartMaintenance
Task: {ECEDC57D-8965-4EB1-BD6F-84791D928E23} - System32\Tasks\microsoft\windows\applicationdata\appuriverifierdaily => C:\Windows\system32\AppHostRegistrationVerifier.exe [2016-07-16] (Microsoft Corporation)
Task: {F0496437-71B1-4E96-9E9C-3BC2F52CDE46} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {F7B3DEC5-5411-42C7-A11B-263C039AC0BB} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {FACB8164-0888-403B-B4E6-7F59329EA90F} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {FBC8485F-A585-489F-8E2C-C65FEABC1BEF} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {FCA19B16-D59E-473F-A40C-49245354DE62} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-09-16] (Adobe Systems Incorporated)
Task: {FFEE4F98-789F-4BC5-9EBF-91D4AC658C46} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Loaded Modules (Whitelisted) ==============

2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-10-01 14:48 - 2016-09-15 19:25 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-21 22:09 - 2015-08-21 22:09 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2016-10-01 14:48 - 2016-09-15 19:25 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-09-30 18:22 - 2016-09-30 18:22 - 01864384 _____ () C:\Users\Vykovi\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\ClientTelemetry.dll
2016-09-30 18:06 - 2016-09-30 18:06 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-10-01 14:51 - 2016-09-15 18:39 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-10-01 14:48 - 2016-09-15 18:24 - 09760256 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-10-01 14:48 - 2016-09-15 18:18 - 01401344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-10-01 14:48 - 2016-09-15 18:17 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-10-01 14:48 - 2016-09-15 18:18 - 02424832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-10-01 14:48 - 2016-09-15 18:20 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2010-04-03 04:21 - 2008-10-01 08:08 - 00011264 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2010-07-15 01:11 - 2010-07-15 01:11 - 00031360 _____ () C:\Program Files\P4G\DevMng.dll
2015-08-21 22:09 - 2015-08-21 22:09 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2016-10-01 15:27 - 2016-10-01 15:30 - 00072192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.8.190.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-10-01 15:27 - 2016-10-01 15:30 - 00178176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.8.190.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-10-01 15:27 - 2016-10-01 15:30 - 35250688 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.8.190.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2016-09-18 09:19 - 2016-09-18 09:19 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-09-18 09:19 - 2016-09-18 09:19 - 00482928 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-10-16 18:09 - 2016-10-16 18:09 - 03121496 _____ () C:\Program Files\AVAST Software\Avast\defs\16101600\algo.dll
2009-11-02 23:20 - 2009-11-02 23:20 - 00619816 ____N () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-11-02 23:23 - 2009-11-02 23:23 - 00013096 ____N () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2011-06-10 19:49 - 2011-06-10 19:49 - 01163264 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\acAuth.dll
2016-07-14 10:27 - 2016-07-14 10:27 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ASUS.DAT:Win32App_1
AlternateDataStreams: C:\Program Files\ATI Technologies:Win32App_1
AlternateDataStreams: C:\Program Files\Microsoft Silverlight:Win32App_1
AlternateDataStreams: C:\Program Files\P4G:Win32App_1
AlternateDataStreams: C:\Program Files\RogueKiller:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\AMD APP:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\ASUS:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Atheros:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\ATI Technologies:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Bluetooth Suite:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Malwarebytes Anti-Malware:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Microsoft Office:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Microsoft SQL Server Compact Edition:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Mozilla Firefox:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Spybot - Search & Destroy 2:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Windows Live:Win32App_1
AlternateDataStreams: C:\ProgramData\P4G:Win32App_1
AlternateDataStreams: C:\Users\Vykovi\Documents\recept-moučník(Hela Křikl.).eml:OECustomProperty

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52} => ""="Firmware"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SpbCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\uefi.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52} => ""="Firmware"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2552311898-4107449365-1672926212-1001\Control Panel\Desktop\\Wallpaper -> c:\users\vykovi\appdata\roaming\microsoft\windows live photo gallery\tapeta programu windows live fotogalerie.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
HKU\S-1-5-21-2552311898-4107449365-1672926212-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [WirelessDisplay-Infra-In-TCP] => (Allow) %systemroot%\system32\CastSrv.exe
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{C417376F-97FC-4E46-9E19-7C5D19D30502}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{13D803AD-111A-499E-BF51-BB4163679A7E}] => (Allow) C:\Windows\System32\spool\drivers\x64\3\HP1006MC.EXE
FirewallRules: [{10DFE638-11EB-4DEE-BFE5-097D1E060143}] => (Allow) C:\Windows\System32\spool\drivers\x64\3\HP1006MC.EXE
FirewallRules: [{4C5C55D3-6471-46B0-8C69-F90DE933EB3F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{B36B7768-F50C-44E2-99F3-8D7CF8C97D7E}] => (Allow) LPort=2869
FirewallRules: [{8B6F2C2C-8018-43A7-B7AC-26177AFB6846}] => (Allow) LPort=1900
FirewallRules: [{5B3CF587-354A-4C45-9A75-28C42D5E9E63}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{91E76949-866F-4FFA-A05B-B0085FDC8DA9}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{FF0E14E4-C858-4882-BB0F-5B5456352724}] => (Allow) LPort=5353
FirewallRules: [{4664F37F-1F3E-4729-9525-81A1AED2C27C}] => (Allow) LPort=8182
FirewallRules: [{71219990-8512-45E6-A44C-6CB3953DABA3}] => (Allow) C:\Windows\System32\spool\drivers\x64\3\HP1006MC.EXE
FirewallRules: [{E7C477D1-3764-49F8-BE71-A22D30D8AB79}] => (Allow) C:\Windows\System32\spool\drivers\x64\3\HP1006MC.EXE
FirewallRules: [{999D544A-8D2B-4965-BAF2-40E3E3BDF511}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DF6E3F11-9227-48C6-A892-883F1CE2F619}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{50CE38AB-1A80-4BD6-82E6-22DAEE5BACA0}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{460BB5F0-680B-4475-AFEF-4A9210782952}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{FA6D524E-DC31-448B-8FBC-661BB473EAB5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5563A757-4B45-4A6A-B263-C4E4E929DD43}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Faulty Device Manager Devices =============

Name: Bluetooth Module
Description: Bluetooth Module
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Qualcomm Atheros Communications
Service: BTHUSB
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/12/2016 08:46:52 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Vykovi-NTB)
Description: Aplikaci Microsoft.Getstarted_4.0.12.0_x64__8wekyb3d8bbwe:App.AppX7mv0s3r0wanj0n66dy6vax24ps6avzvz.mca se nepovedlo aktivovat, protože došlo k chybě: -2144927149. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (10/12/2016 08:37:14 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Vykovi-NTB)
Description: Aplikaci Microsoft.WindowsAlarms_8wekyb3d8bbwe!App se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (10/12/2016 08:37:08 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Vykovi-NTB)
Description: Aplikaci Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (10/12/2016 08:37:08 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Vykovi-NTB)
Description: Aplikaci Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (10/09/2016 09:57:55 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (10/09/2016 09:43:20 PM) (Source: Microsoft Security Client) (EventID: 5000) (User: )
Description: 0x1ProtectionManagement

Error: (10/09/2016 09:43:20 PM) (Source: Microsoft Security Client) (EventID: 5000) (User: )
Description: 0x1ProtectionManagement

Error: (10/09/2016 09:42:34 PM) (Source: Microsoft Security Client) (EventID: 5000) (User: )
Description: 0x1ProtectionManagement

Error: (10/09/2016 09:42:34 PM) (Source: Microsoft Security Client) (EventID: 5000) (User: )
Description: 0x1ProtectionManagement

Error: (10/09/2016 08:36:57 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.


System errors:
=============
Error: (10/13/2016 01:00:09 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Místní adaptér Bluetooth selhal. Důvod selhaní nebylo možno určit a adaptér nebude používán. Ovladač vysílače byl vyjmut z paměti.

Error: (10/13/2016 08:00:09 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (10/13/2016 07:42:51 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníAktivace{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}{F72671A9-012C-4725-9D2F-2A4D32D65169}NT AUTHORITYSYSTEMS-1-5-18LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici

Error: (10/13/2016 07:42:37 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníAktivace{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici

Error: (10/13/2016 07:42:36 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníAktivace{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici

Error: (10/13/2016 07:42:29 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba NetTcpActivator závisí na službě NetTcpPortSharing, která neuspěla při spuštění v důsledku následující chyby:
%%1058

Error: (10/13/2016 07:41:30 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: 1084dpsNení k dispozici{DDCFD26B-FEED-44CD-B71D-79487D2E5E5A}

Error: (10/13/2016 07:41:29 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: 1084dpsNení k dispozici{DDCFD26B-FEED-44CD-B71D-79487D2E5E5A}

Error: (10/13/2016 07:41:29 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: 1084dpsNení k dispozici{DDCFD26B-FEED-44CD-B71D-79487D2E5E5A}

Error: (10/13/2016 07:41:26 AM) (Source: DCOM) (EventID: 10005) (User: Vykovi-NTB)
Description: 1068netprofmNení k dispozici{A47979D2-C419-11D9-A5B4-001185AD2B89}


CodeIntegrity:
===================================
Date: 2016-10-03 10:10:19.119
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

Date: 2016-10-03 10:10:18.969
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

Date: 2016-10-03 10:10:18.671
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

Date: 2016-10-03 10:10:18.591
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

Date: 2016-10-03 10:10:14.588
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

Date: 2016-10-03 10:10:12.882
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

Date: 2016-10-03 09:48:44.094
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

Date: 2016-10-03 09:48:43.921
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

Date: 2016-10-03 09:48:43.337
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

Date: 2016-10-03 09:48:43.168
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

Processor: AMD E-350 Processor
Percentage of memory in use: 46%
Total physical RAM: 3691.71 MB
Available physical RAM: 1983.2 MB
Total Virtual: 7403.71 MB
Available Virtual: 5535.38 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:299.97 GB) (Free:238.53 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:373.22 GB) (Free:345.62 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 0CD9B3F5)
Partition 1: (Not Active) - (Size=25 GB) - (Type=1C)
Partition 2: (Active) - (Size=300 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=373.2 GB) - (Type=OF Extended)

==================== End of Addition.txt ============================
Nahoru
Reklama
Top
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Kontrola logu: info.zip 2

Příspěvekod jaro3 » 17 říj 2016 10:42

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CloseProcesses:
ShortcutTarget: FancyStart daemon.lnk -> C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_94E3CE3704FE82FBF49A6A.exe ()
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
SearchScopes: HKU\S-1-5-21-2552311898-4107449365-1672926212-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
U3 idsvc; no ImagePath
2016-10-06 23:21 - 2016-10-06 23:21 - 00003648 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
C:\Program Files (x86)\Spybot - Search & Destroy 2
C:\ProgramData\Spybot - Search & Destroy
C:\ProgramData\FullRemove.exe
C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
C:\Users\Vykovi\AppData\Local\Temp\7za.exe
C:\Users\Vykovi\AppData\Local\Temp\DaS_21.exe
C:\Users\Vykovi\AppData\Local\Temp\dllnt_dump.dll
C:\Users\Vykovi\AppData\Local\Temp\hijackthis.exe
C:\Users\Vykovi\AppData\Local\Temp\NirCmd.exe
C:\Users\Vykovi\AppData\Local\Temp\PEVZ.EXE
C:\Users\Vykovi\AppData\Local\Temp\Quarantine.exe
C:\Users\Vykovi\AppData\Local\Temp\remove.exe
C:\Users\Vykovi\AppData\Local\Temp\sed.exe
C:\Users\Vykovi\AppData\Local\Temp\shortcut.exe
C:\Users\Vykovi\AppData\Local\Temp\swreg.exe
C:\Users\Vykovi\AppData\Local\Temp\swxcacls.exe
C:\Users\Vykovi\AppData\Local\Temp\wget.exe
C:\Users\Vykovi\AppData\Local\Temp\zoek-delete.exe
Task: {19D97EB6-8454-4543-9E0F-D672D9575E7F} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {4862E6AD-7FEC-4184-B4B9-BA165E266396} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {55FF9C28-24B3-4D34-A3D0-9D8088040BCD} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {64AF17CC-70B2-4267-8369-751B3FCC35E1} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {8899698F-2BF7-4725-A264-A5C81562C151} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {9713A702-3008-4DE2-9464-1C3FD4B03EDA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {99DD05AA-BFCA-4FBF-AB2E-7DE200F8EC4D} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {9E8ECFFE-2D41-4600-8C72-72E21072388A} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe [2016-09-15] (Microsoft Corporation)
Task: {AA5A49AF-78B1-4226-BC9E-9E3B226D5D67} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {C1D81DCA-3E83-4A6C-879C-1A4F9658D557} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {DD65096F-7326-400F-9735-4870CF42F315} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {E3969423-1B09-43BD-A3AC-98754F49E3A1} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {E4CC5846-C524-4D1F-BEDE-B3A25EF35E6C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {F7B3DEC5-5411-42C7-A11B-263C039AC0BB} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
AlternateDataStreams: C:\ASUS.DAT:Win32App_1
AlternateDataStreams: C:\Program Files\ATI Technologies:Win32App_1
AlternateDataStreams: C:\Program Files\Microsoft Silverlight:Win32App_1
AlternateDataStreams: C:\Program Files\P4G:Win32App_1
AlternateDataStreams: C:\Program Files\RogueKiller:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\AMD APP:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\ASUS:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Atheros:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\ATI Technologies:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Bluetooth Suite:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Malwarebytes Anti-Malware:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Microsoft Office:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Microsoft SQL Server Compact Edition:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Mozilla Firefox:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Spybot - Search & Destroy 2:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Windows Live:Win32App_1
AlternateDataStreams: C:\ProgramData\P4G:Win32App_1

EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

C:\folders.log tohle znáš?
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
jdvori
Level 1
Level 1
Příspěvky: 73
Registrován: listopad 13
Pohlaví: Muž
Stav:
Offline

Re: Kontrola logu: info.zip 2

Příspěvekod jdvori » 17 říj 2016 21:16

Fix result of Farbar Recovery Scan Tool (x64) Version:04-10-2015
Ran by Vykovi (2016-10-17 21:09:32) Run:1
Running from C:\Users\Vykovi\Desktop
Loaded Profiles: Vykovi (Available Profiles: Vykovi & DefaultAppPool)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
ShortcutTarget: FancyStart daemon.lnk -> C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_94E3CE3704FE82FBF49A6A.exe ()
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
SearchScopes: HKU\S-1-5-21-2552311898-4107449365-1672926212-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
U3 idsvc; no ImagePath
2016-10-06 23:21 - 2016-10-06 23:21 - 00003648 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
C:\Program Files (x86)\Spybot - Search & Destroy 2
C:\ProgramData\Spybot - Search & Destroy
C:\ProgramData\FullRemove.exe
C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
C:\Users\Vykovi\AppData\Local\Temp\7za.exe
C:\Users\Vykovi\AppData\Local\Temp\DaS_21.exe
C:\Users\Vykovi\AppData\Local\Temp\dllnt_dump.dll
C:\Users\Vykovi\AppData\Local\Temp\hijackthis.exe
C:\Users\Vykovi\AppData\Local\Temp\NirCmd.exe
C:\Users\Vykovi\AppData\Local\Temp\PEVZ.EXE
C:\Users\Vykovi\AppData\Local\Temp\Quarantine.exe
C:\Users\Vykovi\AppData\Local\Temp\remove.exe
C:\Users\Vykovi\AppData\Local\Temp\sed.exe
C:\Users\Vykovi\AppData\Local\Temp\shortcut.exe
C:\Users\Vykovi\AppData\Local\Temp\swreg.exe
C:\Users\Vykovi\AppData\Local\Temp\swxcacls.exe
C:\Users\Vykovi\AppData\Local\Temp\wget.exe
C:\Users\Vykovi\AppData\Local\Temp\zoek-delete.exe
Task: {19D97EB6-8454-4543-9E0F-D672D9575E7F} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {4862E6AD-7FEC-4184-B4B9-BA165E266396} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {55FF9C28-24B3-4D34-A3D0-9D8088040BCD} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {64AF17CC-70B2-4267-8369-751B3FCC35E1} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {8899698F-2BF7-4725-A264-A5C81562C151} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {9713A702-3008-4DE2-9464-1C3FD4B03EDA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {99DD05AA-BFCA-4FBF-AB2E-7DE200F8EC4D} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {9E8ECFFE-2D41-4600-8C72-72E21072388A} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe [2016-09-15] (Microsoft Corporation)
Task: {AA5A49AF-78B1-4226-BC9E-9E3B226D5D67} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {C1D81DCA-3E83-4A6C-879C-1A4F9658D557} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {DD65096F-7326-400F-9735-4870CF42F315} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {E3969423-1B09-43BD-A3AC-98754F49E3A1} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {E4CC5846-C524-4D1F-BEDE-B3A25EF35E6C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {F7B3DEC5-5411-42C7-A11B-263C039AC0BB} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
AlternateDataStreams: C:\ASUS.DAT:Win32App_1
AlternateDataStreams: C:\Program Files\ATI Technologies:Win32App_1
AlternateDataStreams: C:\Program Files\Microsoft Silverlight:Win32App_1
AlternateDataStreams: C:\Program Files\P4G:Win32App_1
AlternateDataStreams: C:\Program Files\RogueKiller:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\AMD APP:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\ASUS:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Atheros:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\ATI Technologies:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Bluetooth Suite:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Malwarebytes Anti-Malware:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Microsoft Office:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Microsoft SQL Server Compact Edition:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Mozilla Firefox:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Spybot - Search & Destroy 2:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Windows Live:Win32App_1
AlternateDataStreams: C:\ProgramData\P4G:Win32App_1

EmptyTemp:
End
*****************

Processes closed successfully.
C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_94E3CE3704FE82FBF49A6A.exe => moved successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}" => key removed successfully
HKCR\Wow6432Node\CLSID\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} => key not found.
"HKU\S-1-5-21-2552311898-4107449365-1672926212-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}" => key removed successfully
HKCR\CLSID\{012E1000-F331-11DB-8314-0800200C9A66} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => value removed successfully
HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => key not found.
idsvc => service removed successfully
C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask => moved successfully
C:\Program Files (x86)\Spybot - Search & Destroy 2 => moved successfully
C:\ProgramData\Spybot - Search & Destroy => moved successfully
C:\ProgramData\FullRemove.exe => moved successfully
C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log => moved successfully
C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log => moved successfully
C:\Users\Vykovi\AppData\Local\Temp\7za.exe => moved successfully
C:\Users\Vykovi\AppData\Local\Temp\DaS_21.exe => moved successfully
C:\Users\Vykovi\AppData\Local\Temp\dllnt_dump.dll => moved successfully
C:\Users\Vykovi\AppData\Local\Temp\hijackthis.exe => moved successfully
C:\Users\Vykovi\AppData\Local\Temp\NirCmd.exe => moved successfully
C:\Users\Vykovi\AppData\Local\Temp\PEVZ.EXE => moved successfully
C:\Users\Vykovi\AppData\Local\Temp\Quarantine.exe => moved successfully
C:\Users\Vykovi\AppData\Local\Temp\remove.exe => moved successfully
C:\Users\Vykovi\AppData\Local\Temp\sed.exe => moved successfully
C:\Users\Vykovi\AppData\Local\Temp\shortcut.exe => moved successfully
C:\Users\Vykovi\AppData\Local\Temp\swreg.exe => moved successfully
C:\Users\Vykovi\AppData\Local\Temp\swxcacls.exe => moved successfully
C:\Users\Vykovi\AppData\Local\Temp\wget.exe => moved successfully
C:\Users\Vykovi\AppData\Local\Temp\zoek-delete.exe => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{19D97EB6-8454-4543-9E0F-D672D9575E7F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{19D97EB6-8454-4543-9E0F-D672D9575E7F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4862E6AD-7FEC-4184-B4B9-BA165E266396}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4862E6AD-7FEC-4184-B4B9-BA165E266396}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{55FF9C28-24B3-4D34-A3D0-9D8088040BCD}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{55FF9C28-24B3-4D34-A3D0-9D8088040BCD}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC => key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{64AF17CC-70B2-4267-8369-751B3FCC35E1}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{64AF17CC-70B2-4267-8369-751B3FCC35E1}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8899698F-2BF7-4725-A264-A5C81562C151}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8899698F-2BF7-4725-A264-A5C81562C151}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9713A702-3008-4DE2-9464-1C3FD4B03EDA}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9713A702-3008-4DE2-9464-1C3FD4B03EDA}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{99DD05AA-BFCA-4FBF-AB2E-7DE200F8EC4D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{99DD05AA-BFCA-4FBF-AB2E-7DE200F8EC4D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9E8ECFFE-2D41-4600-8C72-72E21072388A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9E8ECFFE-2D41-4600-8C72-72E21072388A}" => key removed successfully
C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask => not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CreateExplorerShellUnelevatedTask" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AA5A49AF-78B1-4226-BC9E-9E3B226D5D67}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AA5A49AF-78B1-4226-BC9E-9E3B226D5D67}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C1D81DCA-3E83-4A6C-879C-1A4F9658D557}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C1D81DCA-3E83-4A6C-879C-1A4F9658D557}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DD65096F-7326-400F-9735-4870CF42F315}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DD65096F-7326-400F-9735-4870CF42F315}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E3969423-1B09-43BD-A3AC-98754F49E3A1}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E3969423-1B09-43BD-A3AC-98754F49E3A1}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E4CC5846-C524-4D1F-BEDE-B3A25EF35E6C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E4CC5846-C524-4D1F-BEDE-B3A25EF35E6C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F7B3DEC5-5411-42C7-A11B-263C039AC0BB}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F7B3DEC5-5411-42C7-A11B-263C039AC0BB}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => key removed successfully
C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => moved successfully
C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => moved successfully
C:\ASUS.DAT => ":Win32App_1" ADS removed successfully.
C:\Program Files\ATI Technologies => ":Win32App_1" ADS removed successfully.
C:\Program Files\Microsoft Silverlight => ":Win32App_1" ADS removed successfully.
C:\Program Files\P4G => ":Win32App_1" ADS removed successfully.
C:\Program Files\RogueKiller => ":Win32App_1" ADS removed successfully.
C:\Program Files (x86)\AMD APP => ":Win32App_1" ADS removed successfully.
C:\Program Files (x86)\ASUS => ":Win32App_1" ADS removed successfully.
C:\Program Files (x86)\Atheros => ":Win32App_1" ADS removed successfully.
C:\Program Files (x86)\ATI Technologies => ":Win32App_1" ADS removed successfully.
C:\Program Files (x86)\Bluetooth Suite => ":Win32App_1" ADS removed successfully.
C:\Program Files (x86)\Malwarebytes Anti-Malware => ":Win32App_1" ADS removed successfully.
C:\Program Files (x86)\Microsoft Office => ":Win32App_1" ADS removed successfully.
C:\Program Files (x86)\Microsoft SQL Server Compact Edition => ":Win32App_1" ADS removed successfully.
C:\Program Files (x86)\Mozilla Firefox => ":Win32App_1" ADS removed successfully.
"C:\Program Files (x86)\Spybot - Search & Destroy 2" => ":Win32App_1" ADS not found.
C:\Program Files (x86)\Windows Live => ":Win32App_1" ADS removed successfully.
C:\ProgramData\P4G => ":Win32App_1" ADS removed successfully.
EmptyTemp: => 374.3 MB temporary data Removed.


The system needed a reboot..

==== End of Fixlog 21:10:33 ====
Nahoru
jdvori
Level 1
Level 1
Příspěvky: 73
Registrován: listopad 13
Pohlaví: Muž
Stav:
Offline

Re: Kontrola logu: info.zip 2

Příspěvekod jdvori » 17 říj 2016 21:23

Ten folders.log mi nic neříká. Je zajímavé, že se to uložilo nedávno 12.10.2016.
Níže posílám odkaz na virustotal, kde jsem to nechal zkontrolovat. Nevím, zda to pomůže.
Jinak se mi zdá, že už počítač zlepšil...

https://www.virustotal.com/cs/file/e88d ... 476731938/
Nahoru
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Kontrola logu: info.zip 2

Příspěvekod jaro3 » 18 říj 2016 09:50

Sophos Virus Removal Tool je praktický softwarový nástroj, který by mohl odstranit infekce, které antivirový program nedetekuje .
Stáhněte si ho zde z některého odkazu:
http://www.majorgeeks.com/mg/get/sophos ... ool,1.html
http://www.majorgeeks.com/mg/getmirror/ ... ool,1.html
http://www.majorgeeks.com/mg/getmirror/ ... ool,2.html

Viry mohou zpomalit počítač, nebo se snaží ukrást vaše data, a ani nevíte , že je máte. Co potřebujete, je rychlý a snadný způsob, jak je najít a zbavit se jich, pokud již máte antivirový program v počítači nainstalován , můžete nainstalovat i nástroj Sophos Virus Removal , který identifikuje a vyčistí zbylé infekce, které mohl Váš antivirový program přehlédnout.
K použití Sophos Virus Removal Tool na něj poklepejte a stiskněte tlačítko „Start scanning“ . Pak bude Sophos Virus Removal Tool vyhledávat a odstraňovat viry, které najde. Může být vyžadován restart.

Stáhni si Zemana AntiMalware Free z tohoto odkazu:
https://www.zemana.com/Download/AntiMal ... .Setup.exe
a ulož si ho na plochu.
Poklepej na tento soubor na ploše a postupuj podle pokynů k instalaci programu.
Přijmi licenci k používání programu EULA , pokud se nabídne.
Pokud je k dispozici aktualizace programu , klepni na tlačítko „Update now“ ( aktualizovat nyní).
Na konci klepni na tlačítko Nastavení (ozubené kolo v rohu)> Advanced> ""
- "Přečetl jsem si upozornění a chci pokračovat stejně .....
Zaškrtnutí Auto Launch
Nezaškrtnutí Auto upload
Zaškrtnutí All Browser Extensions (Všechna rozšíření prohlížeče)
Inteligentní nastavení skenování jako náhrada za hloubkové prověření
Zavři všechny otevřené soubory, složky a prohlížeče
Klepni na tlačítko Scan now (Skenovat) a začne sken hrozeb.
Když je skenování dokončeno, objeví se tisková zpráva , zkopíruj sem celý obsah té zprávy.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
jdvori
Level 1
Level 1
Příspěvky: 73
Registrován: listopad 13
Pohlaví: Muž
Stav:
Offline

Re: Kontrola logu: info.zip 2

Příspěvekod jdvori » 19 říj 2016 20:27

Sophos Virus Removal Tool jsem použil, nic nenašel.

Zemanu jsem také použil, bohužel jsem nepochopil, jak je to s logem, takže to odstranilo vše co to našlo. Ale počítač teď už šlape dobře...
Nahoru
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Kontrola logu: info.zip 2

Příspěvekod jaro3 » 19 říj 2016 22:08

Stáhni si zde DelFix
https://toolslib.net/downloads/viewdownload/2-delfix/

ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore)
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci

Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem.Jinak je zpráva zde:
v C: \ DelFix.txt

Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
jdvori
Level 1
Level 1
Příspěvky: 73
Registrován: listopad 13
Pohlaví: Muž
Stav:
Offline

Re: Kontrola logu: info.zip 2  Vyřešeno

Příspěvekod jdvori » 19 říj 2016 22:46

# DelFix v1.013 - Logfile created 19/10/2016 at 22:43:54
# Updated 17/04/2016 by Xplode
# Username : Vykovi - VYKOVI-NTB
# Operating System : Windows 10 Home (64 bits)

~ Removing disinfection tools ...

Deleted : C:\FRST
Deleted : C:\zoek_backup
Deleted : C:\AdwCleaner
Deleted : C:\zoek-results.log
Deleted : C:\zoek-results2014-09-28-174007.log
Deleted : C:\zoek-results2016-10-10-184836.log
Deleted : C:\zoek-results2016-10-11-041055.log
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\AdwCleaner

~ Cleaning system restore ...

Deleted : RP #4 [Windows Update | 10/16/2016 17:36:14]

New restore point created !

########## - EOF - ##########
Nahoru
Zamčeno

Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 123 hostů