Odezva HDD

Zpráva

marquesb51 · #1 Příspěvek od **marquesb51** » 22 lis 2016 12:18

Dobrý den,

u svého notebooku Lenovo Y580 pozoruji často velmi vysokou odezvu HDD ve správci úloh (běžně do 10 s).
Systém je taktéž dost pomalý, trvá než se počítač stane po přihlášení "použitelným" nebo než se načte spouštěný program.

Prosím tedy o kontrolu logu z FRST, děkuji.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-11-2016 01
Ran by Marek (administrator) on MAREK-NTB (22-11-2016 12:10:45)
Running from C:\Users\Marek\Desktop
Loaded Profiles: Marek (Available Profiles: Marek)
Platform: Windows 8.1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Inventor 2017\Moldflow\bin\mitsijm.exe
(Nitro PDF Software) C:\Program Files\Nitro\Pro 10\NitroPDFDriverService10x64.exe
(MKS Software Inc.) C:\Windows\System32\nutsrv4.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(PTC Inc.) C:\Program Files\PTC\PTC Portmapper\i486_nt\obj\portmap.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
() C:\Program Files (x86)\OSTotoHotspot\WifiService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Flexera Software, Inc.) C:\Program Files\MSC.Software\MSC.Licensing\11.9\lmgrd.exe
(Flexera Software, Inc.) C:\Program Files\MSC.Software\MSC.Licensing\11.9\lmgrd.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(MSC.Software Corporation) C:\Program Files\MSC.Software\MSC.Licensing\11.9\msc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(KARPOLAN) C:\Program Files (x86)\Keyboard LEDs\KeyboardLeds.exe
() C:\Users\Marek\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(Spotify Ltd) C:\Users\Marek\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam7\YouCamService7.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTStackServer.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(forum.viry.cz) C:\Users\Marek\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-26] (Logitech, Inc.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13647576 2013-08-27] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-07] (Realtek Semiconductor)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17111056 2015-09-27] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [193008 2015-09-27] (Lenovo(beijing) Limited)
HKLM\...\Run: [RtsFT] => C:\Windows\RTFTrack.exe [6334096 2012-09-28] (Realtek semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2655520 2015-11-05] (NVIDIA Corporation)
HKLM\...\Run: [OODefragTray] => C:\Program Files\OO Software\Defrag\oodtray.exe
HKLM-x32\...\Run: [NuTCSetupEnviron] => C:\Program Files\PTC\MKS Toolkit\bin\ncoeenv.exe [37248 2012-10-12] (MKS Software Inc.)
HKLM-x32\...\Run: [YouCam Service7] => C:\Program Files (x86)\CyberLink\YouCam7\YouCamService7.exe [458168 2016-03-15] (CyberLink Corp.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2012-02-20] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-04-18] (Apple Inc.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-2799171281-1836920862-2753578075-1001\...\Run: [KeyboardLeds.exe] => C:\Program Files (x86)\Keyboard LEDs\KeyboardLeds.exe [912896 2012-09-06] (KARPOLAN)
HKU\S-1-5-21-2799171281-1836920862-2753578075-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Marek\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-2799171281-1836920862-2753578075-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Marek\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-2799171281-1836920862-2753578075-1001\...\Run: [Spotify Web Helper] => C:\Users\Marek\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1431664 2016-11-21] (Spotify Ltd)
HKU\S-1-5-21-2799171281-1836920862-2753578075-1001\...\Run: [SafeInCloud] => C:\Program Files (x86)\Safe In Cloud\SafeInCloud.exe [2191872 2016-04-06] ()
HKU\S-1-5-21-2799171281-1836920862-2753578075-1001\...\Run: [ShowBatteryBar] => C:\Program Files\BatteryBar\ShowBatteryBar.exe [89600 2014-09-19] ()
HKU\S-1-5-21-2799171281-1836920862-2753578075-1001\...\Policies\Explorer: []
HKU\S-1-5-21-2799171281-1836920862-2753578075-1001\...\MountPoints2: {08698f6e-a3e7-11e5-8297-20689d9d50e8} - "I:\setup.exe"
HKU\S-1-5-21-2799171281-1836920862-2753578075-1001\...\MountPoints2: {51caeaf2-da83-11e5-82b9-20689d9d50e8} - "F:\autorun.exe"
HKU\S-1-5-21-2799171281-1836920862-2753578075-1001\...\MountPoints2: {9278e790-6794-11e5-8257-20689d9d50e8} - "G:\setup.exe"
HKU\S-1-5-21-2799171281-1836920862-2753578075-1001\...\MountPoints2: {951243c6-735b-11e5-826c-20689d9d50e8} - "H:\setup.exe"
HKU\S-1-5-21-2799171281-1836920862-2753578075-1001\...\MountPoints2: {c842d34c-104b-11e6-82d5-20689d9d50e8} - "F:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-2799171281-1836920862-2753578075-1001\...\MountPoints2: {f114b603-dbb5-11e5-82bb-20689d9d50e8} - "F:\autorun.exe"
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [177600 2015-11-05] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [155792 2015-11-05] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Marek\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Marek\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Marek\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2016-02-07] (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Marek\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Marek\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Marek\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2015-09-27]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\Marek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2015-10-14] ()
GroupPolicy: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog9-x64 11 C:\Windows\system32\nutafun4.dll [205624 2012-10-12] (MKS Software Inc.)
Winsock: Catalog9-x64 12 C:\Windows\system32\nutafun4.dll [205624 2012-10-12] (MKS Software Inc.)
Tcpip\Parameters: [DhcpNameServer] 147.229.190.143 147.229.191.143
Tcpip\..\Interfaces\{4A850DFE-7A89-43AE-85FB-C14383E1C310}: [DhcpNameServer] 147.229.190.143 147.229.191.143
Tcpip\..\Interfaces\{9DCC9498-09AE-4605-BA12-038FC60C9D6C}: [DhcpNameServer] 147.229.37.10 147.229.37.11

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001 -> DefaultScope {20D2BC93-79E0-48EA-9088-1A14BB7426D8} URL = hxxps://www.google.com/search?q={searchTerms}&s ... utEncoding?}
SearchScopes: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001 -> {20D2BC93-79E0-48EA-9088-1A14BB7426D8} URL = hxxps://www.google.com/search?q={searchTerms}&s ... utEncoding?}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-03-21] (Microsoft Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-03-20] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-03-21] (Microsoft Corporation)
BHO-x32: WebCGMHlprObj Class -> {56B38F40-4E70-11d4-A076-0080AD86BA2F} -> C:\Windows\SysWow64\cgmopenbho.dll [2005-06-09] (CGM Open Consortium, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-27] (Oracle Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-03-20] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-27] (Oracle Corporation)
IE Session Restore: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001 -> is enabled.
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-03-20] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-03-20] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-03-20] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-03-20] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: gimz64sw.default
FF DefaultProfile: 6ig7ns52.default
FF ProfilePath: C:\Users\Marek\AppData\Roaming\Mozilla\SeaMonkey\Profiles\gimz64sw.default [2016-09-05]
FF Extension: (DOM Inspector) - C:\Users\Marek\AppData\Roaming\Mozilla\SeaMonkey\Profiles\gimz64sw.default\Extensions\inspector@mozilla.org.xpi [2016-02-10] [not signed]
FF Extension: (ChatZilla) - C:\Users\Marek\AppData\Roaming\Mozilla\SeaMonkey\Profiles\gimz64sw.default\Extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}.xpi [2016-02-10] [not signed]
FF ProfilePath: C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\6ig7ns52.default [2016-11-22]
FF Homepage: Mozilla\Firefox\Profiles\6ig7ns52.default -> about:home
FF Session Restore: Mozilla\Firefox\Profiles\6ig7ns52.default -> is enabled.
FF Extension: (Avira Browser Safety) - C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\6ig7ns52.default\Extensions\abs@avira.com.xpi [2016-11-22]
FF Extension: (Ad-Aware Ad Block) - C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\6ig7ns52.default\Extensions\AdBlockerLavaSoftFF@lavasoft.com.xpi [2016-11-22]
FF Extension: (S3.Google Translator) - C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\6ig7ns52.default\Extensions\s3google@translator.xpi [2016-08-16]
FF Extension: (Tab Auto Reload) - C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\6ig7ns52.default\Extensions\TabAutoReload@schuzak.jp.xpi [2016-10-08]
FF Extension: (Simple bookmarks menu) - C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\6ig7ns52.default\Extensions\{8e1651be-1f0f-469e-baaa-003bf71d973c}.xpi [2016-10-06]
FF Extension: (Tab Mix Plus) - C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\6ig7ns52.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2016-08-16]
FF Extension: (Theme Font & Size Changer) - C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\6ig7ns52.default\Extensions\{f69e22c7-bc50-414a-9269-0f5c344cd94c}.xpi [2016-11-22]
FF SearchPlugin: C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\6ig7ns52.default\searchplugins\googletranslate.xml [2015-09-27]
FF SearchPlugin: C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\6ig7ns52.default\searchplugins\kickassto.xml [2015-09-27]
FF SearchPlugin: C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\6ig7ns52.default\searchplugins\vyhledvn-vide-ve-slub-youtube.xml [2015-11-22]
FF SearchPlugin: C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\6ig7ns52.default\searchplugins\wikipedia-eng.xml [2015-09-27]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2015-09-27] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [youcam@cyberlink.com] - C:\Program Files (x86)\CyberLink\YouCam7\BrowserExtension\Firefox
FF Extension: (CyberLink YouCam WebLogin) - C:\Program Files (x86)\CyberLink\YouCam7\BrowserExtension\Firefox [2016-04-07] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll [2016-11-08] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-08] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2016-10-06] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-27] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-03-20] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-03-20] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2012-08-10] (Nero AG)
FF Plugin-x32: @ptc.com/ProductViewLite -> C:\Program Files (x86)\Common Files\PTC\np6_pvapplite9.dll [2013-04-04] (PTC)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.cz/
CHR StartupUrls: Default -> "hxxp://www.google.com/ig/redirectdomain?brand=KMOH&bmod=KMOH"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default [2016-11-22]
CHR Extension: (Prezentace Google) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-27]
CHR Extension: (Dokumenty Google) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-27]
CHR Extension: (Disk Google) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-05]
CHR Extension: (YouTube) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27]
CHR Extension: (Adblock Plus) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-11-02]
CHR Extension: (Vyhledávání Google) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-05]
CHR Extension: (Tabulky Google) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-27]
CHR Extension: (I don't care about cookies) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\fihnjjcciajhdojfnbdddfaoknhalnja [2016-11-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-18]
CHR Extension: (ImTranslator: Překladač, Slovník, Hlas) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\noaijdpnepcgjemiklgfkcfbkokogabh [2016-11-10]
CHR Extension: (Neater Bookmarks) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofgjggbjanlhbgaemjbkiegeebmccifi [2016-10-10]
CHR Extension: (Gmail) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-27]
CHR Extension: (Chrome Media Router) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-11-02]
CHR Profile: C:\Users\Marek\AppData\Local\Google\Chrome\User Data\System Profile [2016-09-05]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1231376 2016-03-23] (Autodesk Inc.)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-08-08] (Broadcom Corporation.)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [976600 2013-08-19] (Broadcom Corporation.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2823920 2016-03-20] (Microsoft Corporation)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2016-01-19] (Digital Wave Ltd.)
S3 Disc Soft Ultra Bus Service; C:\Program Files\DAEMON Tools Ultra\DiscSoftBusService.exe [1340760 2015-08-10] (Disc Soft Ltd)
S4 hddrsrv; C:\Program Files (x86)\HDD Regenerator\hrsrv.exe [82144 2013-05-08] ()
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-08-27] (Intel Corporation)
R2 mitsijm2017; C:\Program Files\Autodesk\Inventor 2017\Moldflow\bin\mitsijm.exe [967456 2015-08-04] (Autodesk, Inc.)
R3 MSC.Licensing_11.9; C:\Program Files\MSC.Software\MSC.Licensing\11.9\lmgrd.exe [1775440 2011-03-15] (Flexera Software, Inc.)
R2 NitroDriverReadSpool10; C:\Program Files\Nitro\Pro 10\NitroPDFDriverService10x64.exe [324760 2015-07-03] (Nitro PDF Software)
S4 NitroUpdateService; C:\Program Files\Nitro\Pro 10\Nitro_UpdateService.exe [418968 2015-07-03] ()
R2 NuTCRACKERService; C:\Windows\system32\nutsrv4.exe [574776 2012-10-12] (MKS Software Inc.)
S3 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [1666296 2015-07-30] (O&O Software GmbH)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2016-09-10] (Electronic Arts)
S3 ose; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [203296 2016-03-19] (Microsoft Corporation) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2016-10-28] ()
R2 PortmapperService; C:\Program Files\PTC/PTC Portmapper/i486_nt/obj/portmap.exe [499712 2016-02-14] (PTC Inc.) [File not signed]
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10155792 2016-11-04] (TeamViewer GmbH)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
R2 WifiSrv; C:\Program Files (x86)\OSTotoHotspot\WifiService.exe [208896 2016-09-08] () [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 160WifiNat; C:\Program Files (x86)\OSTotoHotspot\driver\WiFiNat64.sys [27888 2016-09-08] ()
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-08-08] (Broadcom Corporation.)
R3 clwvd7; C:\Windows\system32\DRIVERS\clwvd7.sys [42968 2015-03-24] (CyberLink Corporation)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-09-27] (Disc Soft Ltd)
R3 dtultrascsibus; C:\Windows\System32\drivers\dtultrascsibus.sys [30264 2016-02-25] (Disc Soft Ltd)
R3 dtultrausbbus; C:\Windows\System32\drivers\dtultrausbbus.sys [47160 2016-02-25] (Disc Soft Ltd)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [27552 2015-09-27] (REALiX(tm))
R1 LUMDriver; C:\Windows\system32\drivers\LUMDriver.sys [24848 2008-01-02] (IBM)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3344352 2013-07-08] (Intel Corporation)
S3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [8229264 2012-09-28] (Realtek Semiconductor Corp.)
S3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-14] (Synaptics Incorporated)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381608 2016-02-25] (Duplex Secure Ltd.)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [34760 2013-08-22] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [265056 2013-08-22] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-11-22 12:10 - 2016-11-22 12:11 - 00026164 _____ C:\Users\Marek\Desktop\FRST.txt
2016-11-22 12:10 - 2016-11-22 12:10 - 00000000 ____D C:\FRST
2016-11-22 12:09 - 2016-11-22 12:09 - 00112640 _____ (forum.viry.cz) C:\Users\Marek\Desktop\FRSTLauncher.exe
2016-11-22 12:08 - 2016-11-22 12:08 - 02412544 _____ (Farbar) C:\Users\Marek\Desktop\FRST64.exe
2016-11-22 12:03 - 2016-11-22 12:03 - 02551888 _____ (Skillbrains ) C:\Users\Marek\Desktop\setup-lightshot.exe
2016-11-22 12:03 - 2016-11-22 12:03 - 00000201 _____ C:\Users\Marek\Desktop\TinyPic - Free Image Hosting, Photo Sharing & Video Hosting.URL
2016-11-21 21:15 - 2016-11-21 21:15 - 00002177 _____ C:\Users\Public\Desktop\Circle Track Analyzer v3.6.lnk
2016-11-21 21:15 - 2016-11-21 21:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Perf.Trends
2016-11-21 21:15 - 2016-11-21 21:15 - 00000000 ____D C:\Program Files (x86)\Performance Trends
2016-11-21 21:15 - 2000-12-06 13:02 - 00209608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TABCTL32.OCX
2016-11-21 21:15 - 1999-02-17 05:50 - 00725504 _____ (Bits Per Second Ltd) C:\Windows\SysWOW64\GSPROP32.DLL
2016-11-21 21:15 - 1998-11-11 05:50 - 00636032 _____ (Bits Per Second Ltd) C:\Windows\SysWOW64\GRAPHS32.OCX
2016-11-21 21:15 - 1998-11-11 05:50 - 00423016 _____ (Bits Per Second Ltd) C:\Windows\SysWOW64\GSW32.EXE
2016-11-21 21:15 - 1998-11-11 05:50 - 00242816 _____ (Bits Per Second Ltd) C:\Windows\SysWOW64\GSWAG32.DLL
2016-11-21 21:15 - 1998-11-11 05:50 - 00152688 _____ (Bits Per Second Ltd) C:\Windows\SysWOW64\GSWDLL32.DLL
2016-11-21 21:15 - 1998-06-26 20:22 - 00216096 _____ (Bits Per Second Ltd) C:\Windows\SysWOW64\Graph32.ocx
2016-11-21 21:15 - 1996-01-12 00:00 - 00200704 _____ (Sheridan Software Systems, Inc.) C:\Windows\SysWOW64\THREED32.OCX
2016-11-21 21:15 - 1996-01-12 00:00 - 00089600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GRID32.OCX
2016-11-21 21:15 - 1996-01-12 00:00 - 00052736 _____ (Outrider Systems, Inc.) C:\Windows\SysWOW64\SPIN32.OCX
2016-11-21 20:22 - 2016-11-21 20:22 - 00001942 _____ C:\Users\Marek\.acar.cfg
2016-11-21 20:22 - 2016-11-21 20:22 - 00001400 _____ C:\Users\Marek\achassis_defaultPrefs.xml
2016-11-21 20:22 - 2016-11-21 20:22 - 00000723 _____ C:\Users\Marek\achassis_defaultSession.xml
2016-11-21 20:22 - 2016-11-21 20:22 - 00000318 _____ C:\Users\Marek\pythonctl.bat
2016-11-21 15:06 - 2016-11-21 18:02 - 00148346 _____ C:\Users\Marek\aview.loq
2016-11-17 16:21 - 2016-11-17 16:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate
2016-11-17 16:21 - 2016-11-17 16:21 - 00000000 ____D C:\Program Files (x86)\Seagate
2016-11-17 16:12 - 2016-11-17 16:16 - 00000024 _____ C:\Users\Marek\Desktop\Nový textový dokument.txt
2016-11-09 16:27 - 2016-11-09 16:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-11-08 18:33 - 2016-11-08 18:33 - 00000000 ____D C:\Users\Marek\AppData\Local\GHISLER
2016-11-08 17:45 - 2016-11-08 17:45 - 00003070 _____ C:\Windows\System32\Tasks\{F61E1AFC-8C8D-48E3-8343-CAAD12446A74}
2016-11-07 18:41 - 2016-11-07 18:41 - 00000983 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
2016-11-04 20:52 - 2016-11-04 20:53 - 00000000 ____D C:\Program Files\PDFCreator
2016-11-04 20:52 - 2016-11-04 20:52 - 00115200 _____ (pdfforge GmbH) C:\Windows\system32\pdfcmon.dll
2016-11-04 20:52 - 2016-11-04 20:52 - 00000000 ____D C:\Users\Marek\AppData\Local\PDFCreator
2016-11-04 20:52 - 2016-11-04 20:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2016-11-02 17:27 - 2016-11-02 17:27 - 00000000 ___RD C:\160WiFi Files
2016-10-28 18:06 - 2016-10-28 18:06 - 00000000 ____D C:\Users\Marek\AppData\Local\My Games
2016-10-28 14:20 - 2016-10-28 14:20 - 00000000 ____D C:\ProgramData\Orbit
2016-10-28 14:02 - 2016-10-28 14:02 - 00000000 ____D C:\Users\Marek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2016-10-28 14:02 - 2016-10-28 14:02 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2016-10-28 10:22 - 2016-10-28 10:22 - 00098332 _____ C:\ProgramData\1477646516.bdinstall.bin
2016-10-28 10:21 - 2016-10-28 10:21 - 00037671 _____ C:\ProgramData\1477646513.bdinstall.bin
2016-10-28 10:20 - 2016-10-28 10:20 - 00000000 ____D C:\ProgramData\GZ
2016-10-28 00:48 - 2016-10-28 00:48 - 00173337 _____ C:\ProgramData\1477612064.bdinstall.bin
2016-10-28 00:48 - 2012-11-02 12:17 - 00261056 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys
2016-10-28 00:47 - 2016-10-28 00:47 - 00000000 ____D C:\Users\Marek\AppData\Roaming\QuickScan
2016-10-24 14:32 - 2016-10-24 14:32 - 00000000 ____D C:\Program Files\BatteryBar

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-11-22 12:01 - 2015-09-27 12:16 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-11-22 11:56 - 2015-11-01 15:47 - 00000000 ____D C:\Users\Marek\Cloud Sticky Notes
2016-11-22 11:56 - 2015-10-25 23:40 - 00000000 ____D C:\Users\Marek\AppData\Local\Spotify
2016-11-22 11:54 - 2015-09-27 11:56 - 00000000 ___RD C:\Users\Marek\Desktop\Programy a systém
2016-11-22 11:38 - 2015-09-27 12:40 - 00000980 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-11-22 11:22 - 2015-09-27 10:12 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2799171281-1836920862-2753578075-1001
2016-11-22 11:09 - 2015-10-25 23:40 - 00000000 ____D C:\Users\Marek\AppData\Roaming\Spotify
2016-11-22 10:46 - 2015-11-09 23:12 - 00000000 ____D C:\Users\Marek\AppData\Roaming\Seznam.cz
2016-11-22 10:44 - 2016-09-21 18:44 - 00000000 ____D C:\Users\Marek\AppData\Local\SafeInCloud
2016-11-22 10:44 - 2016-09-21 18:39 - 00000000 ____D C:\Users\Marek\AppData\Roaming\MyPhoneExplorer
2016-11-22 10:43 - 2015-09-27 11:39 - 00003974 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{A0B61E7B-2F1A-4BFA-BE4A-803220D6D81B}
2016-11-22 10:42 - 2015-10-14 11:08 - 00000000 ____D C:\Users\Marek\Documents\YouCam
2016-11-22 10:41 - 2015-09-27 12:40 - 00000976 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-11-22 10:40 - 2015-09-27 10:29 - 00000000 __SHD C:\Users\Marek\IntelGraphicsProfiles
2016-11-22 00:51 - 2015-09-27 12:49 - 00000000 ____D C:\Users\Marek\AppData\Roaming\Skype
2016-11-22 00:51 - 2015-09-27 10:07 - 00000000 ____D C:\Users\Marek\AppData\Local\Packages
2016-11-22 00:29 - 2015-09-30 18:35 - 03370496 ___SH C:\Users\Marek\Desktop\Thumbs.db
2016-11-21 23:59 - 2015-10-15 17:38 - 00000000 ____D C:\Users\Marek\AppData\Local\Deployment
2016-11-21 22:26 - 2015-10-09 00:50 - 00000000 ____D C:\Users\Marek\AppData\Local\CrashDumps
2016-11-21 21:15 - 2015-09-27 11:53 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-11-21 20:22 - 2016-04-25 11:27 - 00000000 ____D C:\Users\Marek\private.cdb
2016-11-21 20:22 - 2015-11-03 11:10 - 00000000 ____D C:\Users\Marek\.msca
2016-11-21 20:22 - 2015-09-27 10:06 - 00000000 ____D C:\Users\Marek
2016-11-21 19:44 - 2016-04-30 18:00 - 00000000 ____D C:\Users\Public\Documents\.forever
2016-11-21 19:43 - 2016-05-01 16:14 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-11-21 19:43 - 2014-03-18 16:33 - 01745984 _____ C:\Windows\system32\PerfStringBackup.INI
2016-11-21 19:43 - 2014-03-18 15:54 - 00739924 _____ C:\Windows\system32\perfh005.dat
2016-11-21 19:43 - 2014-03-18 15:54 - 00151610 _____ C:\Windows\system32\perfc005.dat
2016-11-21 19:43 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf
2016-11-21 14:28 - 2015-11-30 08:15 - 00000000 ____D C:\Users\Marek\Documents MB51
2016-11-17 16:21 - 2015-09-27 18:34 - 00000000 ____D C:\ProgramData\Package Cache
2016-11-17 15:57 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-11-17 15:57 - 2013-08-22 15:44 - 00668984 _____ C:\Windows\system32\FNTCACHE.DAT
2016-11-17 15:56 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-11-15 00:39 - 2015-09-27 12:40 - 00002215 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-11-10 20:20 - 2016-05-12 20:14 - 00000000 ____D C:\Users\Marek\AppData\Local\Rockstar_Games
2016-11-09 20:32 - 2015-10-16 18:29 - 00007635 _____ C:\Users\Marek\AppData\Local\Resmon.ResmonCfg
2016-11-09 16:27 - 2015-09-27 12:49 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-11-09 16:27 - 2015-09-27 12:49 - 00000000 ____D C:\Users\Marek\AppData\Local\Skype
2016-11-09 16:27 - 2015-09-27 12:49 - 00000000 ____D C:\ProgramData\Skype
2016-11-09 09:18 - 2015-09-27 12:40 - 00000000 ____D C:\Users\Marek\AppData\Local\Google
2016-11-08 15:01 - 2015-09-27 12:16 - 00003802 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-11-08 15:01 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-11-08 15:01 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\Macromed
2016-11-07 21:51 - 2015-09-27 18:25 - 00000000 ____D C:\Users\Marek\AppData\Roaming\vlc
2016-11-07 18:41 - 2015-10-08 22:43 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-11-07 18:40 - 2015-10-19 19:50 - 00000000 ____D C:\Users\Marek\AppData\Roaming\TeamViewer
2016-11-04 20:57 - 2015-10-05 21:37 - 00000000 ____D C:\Users\Marek\AppData\Roaming\Nitro
2016-11-04 17:22 - 2016-10-11 09:41 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-11-02 16:37 - 2016-02-28 14:14 - 00000270 __RSH C:\ProgramData\ntuser.pol
2016-10-29 19:53 - 2016-01-02 17:30 - 00281688 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2016-10-29 19:53 - 2016-01-02 17:30 - 00281688 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2016-10-29 18:59 - 2016-01-02 17:30 - 00281688 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2016-10-28 17:05 - 2015-10-15 20:15 - 00000000 ____D C:\Program Files (x86)\Fraps
2016-10-28 14:30 - 2015-09-27 11:56 - 00000000 ____D C:\Users\Marek\Desktop\Hry
2016-10-28 14:20 - 2016-01-02 17:30 - 00000000 ____D C:\Users\Marek\AppData\Local\PunkBuster
2016-10-28 14:20 - 2015-10-15 19:58 - 00000000 ____D C:\Users\Marek\Documents\My Games
2016-10-28 14:02 - 2016-01-02 17:30 - 00076888 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2016-10-28 13:41 - 2015-11-22 16:44 - 00030720 ___SH C:\Users\Marek\Downloads\Thumbs.db
2016-10-28 13:41 - 2015-09-30 20:10 - 00000000 ____D C:\Hry
2016-10-28 02:22 - 2015-10-03 19:36 - 00485032 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-10-28 00:48 - 2016-10-18 17:12 - 00000000 ____D C:\Windows\LastGood
2016-10-26 23:43 - 2015-10-08 22:47 - 00000000 ____D C:\Program Files (x86)\Steam
2016-10-24 15:51 - 2016-04-12 12:09 - 00000000 ____D C:\Users\Marek\AppData\Roaming\BatteryBar

==================== Files in the root of some directories =======

2015-10-12 15:49 - 2016-07-31 13:37 - 0159200 ____T () C:\Users\Marek\AppData\Roaming\CrashRpt1402.dll
2015-10-16 18:29 - 2016-11-09 20:32 - 0007635 _____ () C:\Users\Marek\AppData\Local\Resmon.ResmonCfg
2016-10-28 00:48 - 2016-10-28 00:48 - 0173337 _____ () C:\ProgramData\1477612064.bdinstall.bin
2016-10-28 10:21 - 2016-10-28 10:21 - 0037671 _____ () C:\ProgramData\1477646513.bdinstall.bin
2016-10-28 10:22 - 2016-10-28 10:22 - 0098332 _____ () C:\ProgramData\1477646516.bdinstall.bin
2015-09-27 13:17 - 2015-09-27 13:17 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-09-27 18:38 - 2015-09-27 18:38 - 0000133 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc

Files to move or delete:
====================
C:\Users\Marek\pythonctl.bat

Some files in TEMP:
====================
C:\Users\Marek\AppData\Local\Temp\SkypeSetup.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\MATLAB R2015b Startup Accelerator.job => C:\Program Files\MATLAB\R2015b\bin\win64\MATLABStartupAccelerator.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Marek\Desktop" je 79 MB.

***** Startup Programs *****

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

#2 Příspěvek od **Rudy** » 22 lis 2016 18:53

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

marquesb51 · #3 Příspěvek od **marquesb51** » 26 lis 2016 18:40

Dobrý den, omlouvám se za opožděnou odověď, nebyl jsem u PC.
Zde je log z AdwCleaneru:

# AdwCleaner v6.030 - Log soubor vytvořen 26/11/2016 na 18:32:48
# Aktualizováno dne 19/10/2016 z Malwarebytes
# Databáze : 2016-11-26.1 [Server]
# Operační systém : Windows 8.1 (X64)
# Uživatelské jméno : Marek - MAREK-NTB
# Beží od : C:\Users\Marek\Desktop\adwcleaner_6.030.exe
# Mod: Čištění
# Podpora : hxxps://www.malwarebytes.com/support

***** [ Služby ] *****

***** [ Adresáře ] *****

[-] Adresář smazán:C:\ProgramData\PC Faster
[#] Adresář nelze smazat:C:\ProgramData\Application Data\PC Faster
[-] Adresář smazán:C:\Users\Public\Documents\PC Faster
[#] Adresář nelze smazat:C:\ProgramData\pc faster
[#] Adresář nelze smazat:C:\ProgramData\Application Data\pc faster
[#] Adresář nelze smazat:C:\Users\Public\Documents\pc faster

***** [ Soubory ] *****

***** [ DLL ] *****

***** [ WMI ] *****

***** [ Zástupce ] *****

***** [ Plánovač úloh ] *****

***** [ Registry ] *****

[-] Klíč smazán:HKLM\SOFTWARE\0d79c293c1ed61418462e24595c90d04

***** [ Prohlížeče ] *****

*************************

:: "Tracing" klíč smazán
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [1222 Bajtů] - [26/11/2016 18:32:48]
C:\AdwCleaner\AdwCleaner[S0].txt - [1652 Bajtů] - [26/11/2016 18:32:12]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1370 Bajtů] ##########

#4 Příspěvek od **Rudy** » 26 lis 2016 19:07

Dejte nový log FRST.

marquesb51 · #5 Příspěvek od **marquesb51** » 27 lis 2016 14:27

Zde je nový FRST log:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-11-2016
Ran by Marek (administrator) on MAREK-NTB (27-11-2016 14:22:58)
Running from C:\Users\Marek\Desktop
Loaded Profiles: Marek (Available Profiles: Marek)
Platform: Windows 8.1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Inventor 2017\Moldflow\bin\mitsijm.exe
(Nitro PDF Software) C:\Program Files\Nitro\Pro 10\NitroPDFDriverService10x64.exe
(MKS Software Inc.) C:\Windows\System32\nutsrv4.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(PTC Inc.) C:\Program Files\PTC\PTC Portmapper\i486_nt\obj\portmap.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
() C:\Program Files (x86)\OSTotoHotspot\WifiService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(KARPOLAN) C:\Program Files (x86)\Keyboard LEDs\KeyboardLeds.exe
(Spotify Ltd) C:\Users\Marek\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
() C:\Users\Marek\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam7\YouCamService7.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTStackServer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-26] (Logitech, Inc.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13647576 2013-08-27] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-07] (Realtek Semiconductor)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17111056 2015-09-27] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [193008 2015-09-27] (Lenovo(beijing) Limited)
HKLM\...\Run: [RtsFT] => C:\Windows\RTFTrack.exe [6334096 2012-09-28] (Realtek semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2655520 2015-11-05] (NVIDIA Corporation)
HKLM\...\Run: [OODefragTray] => C:\Program Files\OO Software\Defrag\oodtray.exe
HKLM-x32\...\Run: [NuTCSetupEnviron] => C:\Program Files\PTC\MKS Toolkit\bin\ncoeenv.exe [37248 2012-10-12] (MKS Software Inc.)
HKLM-x32\...\Run: [YouCam Service7] => C:\Program Files (x86)\CyberLink\YouCam7\YouCamService7.exe [458168 2016-03-15] (CyberLink Corp.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2012-02-20] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-04-18] (Apple Inc.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-2799171281-1836920862-2753578075-1001\...\Run: [KeyboardLeds.exe] => C:\Program Files (x86)\Keyboard LEDs\KeyboardLeds.exe [912896 2012-09-06] (KARPOLAN)
HKU\S-1-5-21-2799171281-1836920862-2753578075-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Marek\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-2799171281-1836920862-2753578075-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Marek\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-2799171281-1836920862-2753578075-1001\...\Run: [Spotify Web Helper] => C:\Users\Marek\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1431664 2016-11-21] (Spotify Ltd)
HKU\S-1-5-21-2799171281-1836920862-2753578075-1001\...\Run: [SafeInCloud] => C:\Program Files (x86)\Safe In Cloud\SafeInCloud.exe [2191872 2016-04-06] ()
HKU\S-1-5-21-2799171281-1836920862-2753578075-1001\...\Run: [ShowBatteryBar] => C:\Program Files\BatteryBar\ShowBatteryBar.exe [89600 2014-09-19] ()
HKU\S-1-5-21-2799171281-1836920862-2753578075-1001\...\Policies\Explorer: []
HKU\S-1-5-21-2799171281-1836920862-2753578075-1001\...\MountPoints2: {08698f6e-a3e7-11e5-8297-20689d9d50e8} - "I:\setup.exe"
HKU\S-1-5-21-2799171281-1836920862-2753578075-1001\...\MountPoints2: {51caeaf2-da83-11e5-82b9-20689d9d50e8} - "F:\autorun.exe"
HKU\S-1-5-21-2799171281-1836920862-2753578075-1001\...\MountPoints2: {9278e790-6794-11e5-8257-20689d9d50e8} - "G:\setup.exe"
HKU\S-1-5-21-2799171281-1836920862-2753578075-1001\...\MountPoints2: {951243c6-735b-11e5-826c-20689d9d50e8} - "H:\setup.exe"
HKU\S-1-5-21-2799171281-1836920862-2753578075-1001\...\MountPoints2: {c842d34c-104b-11e6-82d5-20689d9d50e8} - "F:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-2799171281-1836920862-2753578075-1001\...\MountPoints2: {f114b603-dbb5-11e5-82bb-20689d9d50e8} - "F:\autorun.exe"
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [177600 2015-11-05] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [155792 2015-11-05] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Marek\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Marek\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Marek\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2016-02-07] (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Marek\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Marek\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Marek\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2015-09-27]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\Marek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2015-10-14] ()
GroupPolicy: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{4A850DFE-7A89-43AE-85FB-C14383E1C310}: [DhcpNameServer] 147.229.190.143 147.229.191.143
Tcpip\..\Interfaces\{9DCC9498-09AE-4605-BA12-038FC60C9D6C}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001 -> DefaultScope {20D2BC93-79E0-48EA-9088-1A14BB7426D8} URL = hxxps://www.google.com/search?q={searchTerms}&s ... utEncoding?}
SearchScopes: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001 -> {20D2BC93-79E0-48EA-9088-1A14BB7426D8} URL = hxxps://www.google.com/search?q={searchTerms}&s ... utEncoding?}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-03-21] (Microsoft Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-03-20] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-03-21] (Microsoft Corporation)
BHO-x32: WebCGMHlprObj Class -> {56B38F40-4E70-11d4-A076-0080AD86BA2F} -> C:\Windows\SysWow64\cgmopenbho.dll [2005-06-09] (CGM Open Consortium, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-27] (Oracle Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-03-20] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-27] (Oracle Corporation)
IE Session Restore: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001 -> is enabled.
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-03-20] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-03-20] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-03-20] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-03-20] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: gimz64sw.default
FF DefaultProfile: 6ig7ns52.default
FF ProfilePath: C:\Users\Marek\AppData\Roaming\Mozilla\SeaMonkey\Profiles\gimz64sw.default [2016-09-05]
FF Extension: (DOM Inspector) - C:\Users\Marek\AppData\Roaming\Mozilla\SeaMonkey\Profiles\gimz64sw.default\Extensions\inspector@mozilla.org.xpi [2016-02-10] [not signed]
FF Extension: (ChatZilla) - C:\Users\Marek\AppData\Roaming\Mozilla\SeaMonkey\Profiles\gimz64sw.default\Extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}.xpi [2016-02-10] [not signed]
FF ProfilePath: C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\6ig7ns52.default [2016-11-22]
FF Homepage: Mozilla\Firefox\Profiles\6ig7ns52.default -> about:home
FF Session Restore: Mozilla\Firefox\Profiles\6ig7ns52.default -> is enabled.
FF Extension: (Avira Browser Safety) - C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\6ig7ns52.default\Extensions\abs@avira.com.xpi [2016-11-22]
FF Extension: (Ad-Aware Ad Block) - C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\6ig7ns52.default\Extensions\AdBlockerLavaSoftFF@lavasoft.com.xpi [2016-11-22]
FF Extension: (S3.Google Translator) - C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\6ig7ns52.default\Extensions\s3google@translator.xpi [2016-11-22]
FF Extension: (Tab Auto Reload) - C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\6ig7ns52.default\Extensions\TabAutoReload@schuzak.jp.xpi [2016-10-08]
FF Extension: (Simple bookmarks menu) - C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\6ig7ns52.default\Extensions\{8e1651be-1f0f-469e-baaa-003bf71d973c}.xpi [2016-10-06]
FF Extension: (Tab Mix Plus) - C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\6ig7ns52.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2016-11-22]
FF Extension: (Theme Font & Size Changer) - C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\6ig7ns52.default\Extensions\{f69e22c7-bc50-414a-9269-0f5c344cd94c}.xpi [2016-11-22]
FF SearchPlugin: C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\6ig7ns52.default\searchplugins\googletranslate.xml [2015-09-27]
FF SearchPlugin: C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\6ig7ns52.default\searchplugins\kickassto.xml [2015-09-27]
FF SearchPlugin: C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\6ig7ns52.default\searchplugins\vyhledvn-vide-ve-slub-youtube.xml [2015-11-22]
FF SearchPlugin: C:\Users\Marek\AppData\Roaming\Mozilla\Firefox\Profiles\6ig7ns52.default\searchplugins\wikipedia-eng.xml [2015-09-27]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2015-09-27] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [youcam@cyberlink.com] - C:\Program Files (x86)\CyberLink\YouCam7\BrowserExtension\Firefox
FF Extension: (CyberLink YouCam WebLogin) - C:\Program Files (x86)\CyberLink\YouCam7\BrowserExtension\Firefox [2016-04-07] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll [2016-11-08] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-08] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2016-10-06] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-27] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-03-20] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-03-20] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2012-08-10] (Nero AG)
FF Plugin-x32: @ptc.com/ProductViewLite -> C:\Program Files (x86)\Common Files\PTC\np6_pvapplite9.dll [2013-04-04] (PTC)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.cz/
CHR StartupUrls: Default -> "hxxp://www.google.com/ig/redirectdomain?brand=KMOH&bmod=KMOH"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default [2016-11-27]
CHR Extension: (Prezentace Google) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-27]
CHR Extension: (Dokumenty Google) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-27]
CHR Extension: (Disk Google) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-05]
CHR Extension: (YouTube) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27]
CHR Extension: (Adblock Plus) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-11-02]
CHR Extension: (Vyhledávání Google) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-05]
CHR Extension: (Tabulky Google) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-27]
CHR Extension: (I don't care about cookies) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\fihnjjcciajhdojfnbdddfaoknhalnja [2016-11-26]
CHR Extension: (Dokumenty Google offline) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-18]
CHR Extension: (ImTranslator: Překladač, Slovník, Hlas) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\noaijdpnepcgjemiklgfkcfbkokogabh [2016-11-10]
CHR Extension: (Neater Bookmarks) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofgjggbjanlhbgaemjbkiegeebmccifi [2016-10-10]
CHR Extension: (Gmail) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-27]
CHR Extension: (Chrome Media Router) - C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-11-02]
CHR Profile: C:\Users\Marek\AppData\Local\Google\Chrome\User Data\System Profile [2016-09-05]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1231376 2016-03-23] (Autodesk Inc.)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-08-08] (Broadcom Corporation.)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [976600 2013-08-19] (Broadcom Corporation.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2823920 2016-03-20] (Microsoft Corporation)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2016-01-19] (Digital Wave Ltd.)
S3 Disc Soft Ultra Bus Service; C:\Program Files\DAEMON Tools Ultra\DiscSoftBusService.exe [1340760 2015-08-10] (Disc Soft Ltd)
S4 hddrsrv; C:\Program Files (x86)\HDD Regenerator\hrsrv.exe [82144 2013-05-08] ()
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-08-27] (Intel Corporation)
R2 mitsijm2017; C:\Program Files\Autodesk\Inventor 2017\Moldflow\bin\mitsijm.exe [967456 2015-08-04] (Autodesk, Inc.)
S3 MSC.Licensing_11.9; C:\Program Files\MSC.Software\MSC.Licensing\11.9\lmgrd.exe [1775440 2011-03-15] (Flexera Software, Inc.)
R2 NitroDriverReadSpool10; C:\Program Files\Nitro\Pro 10\NitroPDFDriverService10x64.exe [324760 2015-07-03] (Nitro PDF Software)
S4 NitroUpdateService; C:\Program Files\Nitro\Pro 10\Nitro_UpdateService.exe [418968 2015-07-03] ()
R2 NuTCRACKERService; C:\Windows\system32\nutsrv4.exe [574776 2012-10-12] (MKS Software Inc.)
S3 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [1666296 2015-07-30] (O&O Software GmbH)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2016-09-10] (Electronic Arts)
S3 ose; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [203296 2016-03-19] (Microsoft Corporation) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2016-10-28] ()
R2 PortmapperService; C:\Program Files\PTC/PTC Portmapper/i486_nt/obj/portmap.exe [499712 2016-02-14] (PTC Inc.) [File not signed]
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10155792 2016-11-04] (TeamViewer GmbH)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
R2 WifiSrv; C:\Program Files (x86)\OSTotoHotspot\WifiService.exe [208896 2016-09-08] () [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 160WifiNat; C:\Program Files (x86)\OSTotoHotspot\driver\WiFiNat64.sys [27888 2016-09-08] ()
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-08-08] (Broadcom Corporation.)
R3 clwvd7; C:\Windows\system32\DRIVERS\clwvd7.sys [42968 2015-03-24] (CyberLink Corporation)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-09-27] (Disc Soft Ltd)
R3 dtultrascsibus; C:\Windows\System32\drivers\dtultrascsibus.sys [30264 2016-02-25] (Disc Soft Ltd)
R3 dtultrausbbus; C:\Windows\System32\drivers\dtultrausbbus.sys [47160 2016-02-25] (Disc Soft Ltd)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [27552 2015-09-27] (REALiX(tm))
R1 LUMDriver; C:\Windows\system32\drivers\LUMDriver.sys [24848 2008-01-02] (IBM)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3344352 2013-07-08] (Intel Corporation)
S3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [8229264 2012-09-28] (Realtek Semiconductor Corp.)
S3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-14] (Synaptics Incorporated)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381608 2016-02-25] (Duplex Secure Ltd.)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [34760 2013-08-22] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [265056 2013-08-22] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
S1 160WifiNetPro; \??\C:\Program Files (x86)\OSTotoHotspot\160WifiNetPro64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-11-27 14:22 - 2016-11-27 14:23 - 00025660 _____ C:\Users\Marek\Desktop\FRST.txt
2016-11-27 14:22 - 2016-11-27 14:22 - 00000000 ____D C:\Users\Marek\Desktop\FRST-OlderVersion
2016-11-26 18:30 - 2016-11-26 18:32 - 00000000 ____D C:\AdwCleaner
2016-11-26 18:30 - 2016-11-26 18:30 - 03910208 _____ C:\Users\Marek\Desktop\adwcleaner_6.030.exe
2016-11-23 22:57 - 2016-11-23 22:57 - 00730485 _____ C:\Users\Marek\Desktop\BP_2010_Vrana_Jan_107684_OPUS.pdf
2016-11-23 19:07 - 2016-11-23 19:07 - 00000053 _____ C:\Users\Marek\Desktop\TDEE Calculator- Learn Your Total Daily Energy Expenditure.url
2016-11-23 19:06 - 2016-11-23 19:06 - 00000069 _____ C:\Users\Marek\Desktop\Nabrat hmotu nebo špeky- - Objemová a rýsovací fáze je BLBOST - YouTube.url
2016-11-22 15:01 - 2016-11-22 15:03 - 00000000 ____D C:\Users\Marek\Nowe
2016-11-22 15:00 - 2016-11-22 15:00 - 00000000 ____D C:\Users\Marek\Nová složka
2016-11-22 12:10 - 2016-11-22 12:10 - 00015327 _____ C:\Users\Marek\Desktop\LM.bat
2016-11-22 12:10 - 2016-11-22 12:10 - 00000000 ____D C:\FRST
2016-11-22 12:08 - 2016-11-27 14:22 - 02412032 _____ (Farbar) C:\Users\Marek\Desktop\FRST64.exe
2016-11-22 12:03 - 2016-11-22 12:03 - 02551888 _____ (Skillbrains ) C:\Users\Marek\Desktop\setup-lightshot.exe
2016-11-22 12:03 - 2016-11-22 12:03 - 00000201 _____ C:\Users\Marek\Desktop\TinyPic - Free Image Hosting.URL
2016-11-21 21:15 - 2016-11-21 21:15 - 00000000 ____D C:\Program Files (x86)\Performance Trends
2016-11-21 15:06 - 2016-11-22 15:58 - 00003037 _____ C:\Users\Marek\aview.loq
2016-11-17 16:21 - 2016-11-17 16:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate
2016-11-17 16:21 - 2016-11-17 16:21 - 00000000 ____D C:\Program Files (x86)\Seagate
2016-11-09 16:27 - 2016-11-09 16:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-11-08 18:33 - 2016-11-08 18:33 - 00000000 ____D C:\Users\Marek\AppData\Local\GHISLER
2016-11-08 17:45 - 2016-11-08 17:45 - 00003070 _____ C:\Windows\System32\Tasks\{F61E1AFC-8C8D-48E3-8343-CAAD12446A74}
2016-11-07 18:41 - 2016-11-07 18:41 - 00000983 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
2016-11-04 20:52 - 2016-11-04 20:53 - 00000000 ____D C:\Program Files\PDFCreator
2016-11-04 20:52 - 2016-11-04 20:52 - 00115200 _____ (pdfforge GmbH) C:\Windows\system32\pdfcmon.dll
2016-11-04 20:52 - 2016-11-04 20:52 - 00000000 ____D C:\Users\Marek\AppData\Local\PDFCreator
2016-11-04 20:52 - 2016-11-04 20:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2016-11-02 17:27 - 2016-11-02 17:27 - 00000000 ___RD C:\160WiFi Files
2016-10-28 18:06 - 2016-10-28 18:06 - 00000000 ____D C:\Users\Marek\AppData\Local\My Games
2016-10-28 14:20 - 2016-10-28 14:20 - 00000000 ____D C:\ProgramData\Orbit
2016-10-28 14:02 - 2016-10-28 14:02 - 00000000 ____D C:\Users\Marek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2016-10-28 14:02 - 2016-10-28 14:02 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2016-10-28 10:22 - 2016-10-28 10:22 - 00098332 _____ C:\ProgramData\1477646516.bdinstall.bin
2016-10-28 10:21 - 2016-10-28 10:21 - 00037671 _____ C:\ProgramData\1477646513.bdinstall.bin
2016-10-28 10:20 - 2016-10-28 10:20 - 00000000 ____D C:\ProgramData\GZ
2016-10-28 00:48 - 2016-10-28 00:48 - 00173337 _____ C:\ProgramData\1477612064.bdinstall.bin
2016-10-28 00:48 - 2012-11-02 12:17 - 00261056 _____ (BitDefender) C:\Windows\system32\Drivers\avchv.sys
2016-10-28 00:47 - 2016-10-28 00:47 - 00000000 ____D C:\Users\Marek\AppData\Roaming\QuickScan

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-11-27 14:22 - 2014-03-18 16:33 - 01745984 _____ C:\Windows\system32\PerfStringBackup.INI
2016-11-27 14:22 - 2014-03-18 15:54 - 00739924 _____ C:\Windows\system32\perfh005.dat
2016-11-27 14:22 - 2014-03-18 15:54 - 00151610 _____ C:\Windows\system32\perfc005.dat
2016-11-27 14:22 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf
2016-11-27 14:20 - 2015-09-27 11:39 - 00003974 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{A0B61E7B-2F1A-4BFA-BE4A-803220D6D81B}
2016-11-27 14:01 - 2015-09-27 12:16 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-11-27 13:38 - 2015-09-27 12:40 - 00000980 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-11-27 13:32 - 2016-09-21 18:44 - 00000000 ____D C:\Users\Marek\AppData\Local\SafeInCloud
2016-11-27 13:23 - 2015-11-09 23:12 - 00000000 ____D C:\Users\Marek\AppData\Roaming\Seznam.cz
2016-11-27 13:19 - 2015-10-14 11:08 - 00000000 ____D C:\Users\Marek\Documents\YouCam
2016-11-27 13:19 - 2015-09-27 12:40 - 00000976 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-11-27 13:17 - 2015-09-27 10:29 - 00000000 __SHD C:\Users\Marek\IntelGraphicsProfiles
2016-11-26 18:33 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-11-26 18:33 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-11-25 18:33 - 2016-01-02 17:30 - 00281688 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2016-11-25 18:33 - 2016-01-02 17:30 - 00281688 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2016-11-25 10:11 - 2016-01-02 17:30 - 00281688 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2016-11-24 20:06 - 2016-05-12 20:14 - 00000000 ____D C:\Users\Marek\AppData\Local\Rockstar_Games
2016-11-24 01:33 - 2015-10-25 23:40 - 00000000 ____D C:\Users\Marek\AppData\Local\Spotify
2016-11-24 01:06 - 2015-10-25 23:40 - 00000000 ____D C:\Users\Marek\AppData\Roaming\Spotify
2016-11-23 23:53 - 2015-09-30 18:35 - 03417600 ___SH C:\Users\Marek\Desktop\Thumbs.db
2016-11-23 23:53 - 2015-09-27 10:07 - 00000000 ____D C:\Users\Marek\AppData\Local\Packages
2016-11-23 21:47 - 2015-11-01 15:47 - 00000000 ____D C:\Users\Marek\Cloud Sticky Notes
2016-11-23 13:59 - 2015-09-27 10:12 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2799171281-1836920862-2753578075-1001
2016-11-23 05:09 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-11-23 05:09 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppReadiness
2016-11-22 16:01 - 2015-11-03 11:10 - 00000000 ____D C:\Users\Marek\.msca
2016-11-22 16:01 - 2015-09-27 10:06 - 00000000 ____D C:\Users\Marek
2016-11-22 15:18 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\NDF
2016-11-22 15:07 - 2015-10-09 00:50 - 00000000 ____D C:\Users\Marek\AppData\Local\CrashDumps
2016-11-22 12:54 - 2016-04-25 11:27 - 00000000 ____D C:\Users\Marek\private.cdb
2016-11-22 12:45 - 2015-10-15 17:38 - 00000000 ____D C:\Users\Marek\AppData\Local\Deployment
2016-11-22 11:54 - 2015-09-27 11:56 - 00000000 ___RD C:\Users\Marek\Desktop\Programy a systém
2016-11-22 10:44 - 2016-09-21 18:39 - 00000000 ____D C:\Users\Marek\AppData\Roaming\MyPhoneExplorer
2016-11-22 00:51 - 2015-09-27 12:49 - 00000000 ____D C:\Users\Marek\AppData\Roaming\Skype
2016-11-21 21:15 - 2015-09-27 11:53 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-11-21 19:44 - 2016-04-30 18:00 - 00000000 ____D C:\Users\Public\Documents\.forever
2016-11-21 19:43 - 2016-05-01 16:14 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-11-21 14:28 - 2015-11-30 08:15 - 00000000 ____D C:\Users\Marek\Documents MB51
2016-11-17 16:21 - 2015-09-27 18:34 - 00000000 ____D C:\ProgramData\Package Cache
2016-11-17 15:57 - 2013-08-22 15:44 - 00668984 _____ C:\Windows\system32\FNTCACHE.DAT
2016-11-15 00:39 - 2015-09-27 12:40 - 00002215 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-11-09 20:32 - 2015-10-16 18:29 - 00007635 _____ C:\Users\Marek\AppData\Local\Resmon.ResmonCfg
2016-11-09 16:27 - 2015-09-27 12:49 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-11-09 16:27 - 2015-09-27 12:49 - 00000000 ____D C:\Users\Marek\AppData\Local\Skype
2016-11-09 16:27 - 2015-09-27 12:49 - 00000000 ____D C:\ProgramData\Skype
2016-11-09 09:18 - 2015-09-27 12:40 - 00000000 ____D C:\Users\Marek\AppData\Local\Google
2016-11-08 15:01 - 2015-09-27 12:16 - 00003802 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-11-08 15:01 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-11-08 15:01 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\Macromed
2016-11-07 21:51 - 2015-09-27 18:25 - 00000000 ____D C:\Users\Marek\AppData\Roaming\vlc
2016-11-07 18:41 - 2015-10-08 22:43 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-11-07 18:40 - 2015-10-19 19:50 - 00000000 ____D C:\Users\Marek\AppData\Roaming\TeamViewer
2016-11-04 20:57 - 2015-10-05 21:37 - 00000000 ____D C:\Users\Marek\AppData\Roaming\Nitro
2016-11-04 17:22 - 2016-10-11 09:41 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-11-02 16:37 - 2016-02-28 14:14 - 00000270 __RSH C:\ProgramData\ntuser.pol
2016-10-28 17:05 - 2015-10-15 20:15 - 00000000 ____D C:\Program Files (x86)\Fraps
2016-10-28 14:30 - 2015-09-27 11:56 - 00000000 ____D C:\Users\Marek\Desktop\Hry
2016-10-28 14:20 - 2016-01-02 17:30 - 00000000 ____D C:\Users\Marek\AppData\Local\PunkBuster
2016-10-28 14:20 - 2015-10-15 19:58 - 00000000 ____D C:\Users\Marek\Documents\My Games
2016-10-28 14:02 - 2016-01-02 17:30 - 00076888 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2016-10-28 13:41 - 2015-11-22 16:44 - 00030720 ___SH C:\Users\Marek\Downloads\Thumbs.db
2016-10-28 13:41 - 2015-09-30 20:10 - 00000000 ____D C:\Hry
2016-10-28 02:22 - 2015-10-03 19:36 - 00485032 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-10-28 00:48 - 2016-10-18 17:12 - 00000000 ____D C:\Windows\LastGood

==================== Files in the root of some directories =======

2015-10-12 15:49 - 2016-07-31 13:37 - 0159200 ____T () C:\Users\Marek\AppData\Roaming\CrashRpt1402.dll
2015-10-16 18:29 - 2016-11-09 20:32 - 0007635 _____ () C:\Users\Marek\AppData\Local\Resmon.ResmonCfg
2016-10-28 00:48 - 2016-10-28 00:48 - 0173337 _____ () C:\ProgramData\1477612064.bdinstall.bin
2016-10-28 10:21 - 2016-10-28 10:21 - 0037671 _____ () C:\ProgramData\1477646513.bdinstall.bin
2016-10-28 10:22 - 2016-10-28 10:22 - 0098332 _____ () C:\ProgramData\1477646516.bdinstall.bin
2015-09-27 13:17 - 2015-09-27 13:17 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-09-27 18:38 - 2015-09-27 18:38 - 0000133 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc

Some files in TEMP:
====================
C:\Users\Marek\AppData\Local\Temp\libeay32.dll
C:\Users\Marek\AppData\Local\Temp\msvcr120.dll
C:\Users\Marek\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Marek\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-11-21 15:14

==================== End of FRST.txt ============================

#6 Příspěvek od **Rudy** » 27 lis 2016 18:04

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKU\S-1-5-21-2799171281-1836920862-2753578075-1001\...\MountPoints2: {08698f6e-a3e7-11e5-8297-20689d9d50e8} - "I:\setup.exe"
HKU\S-1-5-21-2799171281-1836920862-2753578075-1001\...\MountPoints2: {51caeaf2-da83-11e5-82b9-20689d9d50e8} - "F:\autorun.exe"
HKU\S-1-5-21-2799171281-1836920862-2753578075-1001\...\MountPoints2: {9278e790-6794-11e5-8257-20689d9d50e8} - "G:\setup.exe"
HKU\S-1-5-21-2799171281-1836920862-2753578075-1001\...\MountPoints2: {951243c6-735b-11e5-826c-20689d9d50e8} - "H:\setup.exe"
HKU\S-1-5-21-2799171281-1836920862-2753578075-1001\...\MountPoints2: {c842d34c-104b-11e6-82d5-20689d9d50e8} - "F:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-2799171281-1836920862-2753578075-1001\...\MountPoints2: {f114b603-dbb5-11e5-82bb-20689d9d50e8} - "F:\autorun.exe"
GroupPolicy: Restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001 -> DefaultScope {20D2BC93-79E0-48EA-9088-1A14BB7426D8} URL =
SearchScopes: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\ProgramData\DP45977C.lfl
C:\Users\Marek\AppData\Local\Temp
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9}\InprocServer32 -> AcInetUI.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll => No File
Task: {F3BA1D3A-8309-4A10-B203-74FF8A9C312C} - System32\Tasks\{0B4174B1-5142-4CF4-9967-6B9AB0B74916} => pcalua.exe -a C:\Users\Marek\Desktop\CD1\setup.exe -d C:\Users\Marek\Desktop\CD1
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
AlternateDataStreams: C:\Windows:nlsPreferences [386]
AlternateDataStreams: C:\ProgramData\Temp:B755D674 [176]

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

marquesb51 · #7 Příspěvek od **marquesb51** » 27 lis 2016 19:46

Fix result of Farbar Recovery Scan Tool (x64) Version: 27-11-2016
Ran by Marek (27-11-2016 19:30:20) Run:1
Running from C:\Users\Marek\Desktop
Loaded Profiles: Marek (Available Profiles: Marek)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKU\S-1-5-21-2799171281-1836920862-2753578075-1001\...\MountPoints2: {08698f6e-a3e7-11e5-8297-20689d9d50e8} - "I:\setup.exe"
HKU\S-1-5-21-2799171281-1836920862-2753578075-1001\...\MountPoints2: {51caeaf2-da83-11e5-82b9-20689d9d50e8} - "F:\autorun.exe"
HKU\S-1-5-21-2799171281-1836920862-2753578075-1001\...\MountPoints2: {9278e790-6794-11e5-8257-20689d9d50e8} - "G:\setup.exe"
HKU\S-1-5-21-2799171281-1836920862-2753578075-1001\...\MountPoints2: {951243c6-735b-11e5-826c-20689d9d50e8} - "H:\setup.exe"
HKU\S-1-5-21-2799171281-1836920862-2753578075-1001\...\MountPoints2: {c842d34c-104b-11e6-82d5-20689d9d50e8} - "F:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-2799171281-1836920862-2753578075-1001\...\MountPoints2: {f114b603-dbb5-11e5-82bb-20689d9d50e8} - "F:\autorun.exe"
GroupPolicy: Restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001 -> DefaultScope {20D2BC93-79E0-48EA-9088-1A14BB7426D8} URL =
SearchScopes: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\ProgramData\DP45977C.lfl
C:\Users\Marek\AppData\Local\Temp
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9}\InprocServer32 -> AcInetUI.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll => No File
Task: {F3BA1D3A-8309-4A10-B203-74FF8A9C312C} - System32\Tasks\{0B4174B1-5142-4CF4-9967-6B9AB0B74916} => pcalua.exe -a C:\Users\Marek\Desktop\CD1\setup.exe -d C:\Users\Marek\Desktop\CD1
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
AlternateDataStreams: C:\Windows:nlsPreferences [386]
AlternateDataStreams: C:\ProgramData\Temp:B755D674 [176]

EmptyTemp:
End
*****************

"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{08698f6e-a3e7-11e5-8297-20689d9d50e8}" => key removed successfully
HKCR\CLSID\{08698f6e-a3e7-11e5-8297-20689d9d50e8} => key not found.
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{51caeaf2-da83-11e5-82b9-20689d9d50e8}" => key removed successfully
HKCR\CLSID\{51caeaf2-da83-11e5-82b9-20689d9d50e8} => key not found.
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9278e790-6794-11e5-8257-20689d9d50e8}" => key removed successfully
HKCR\CLSID\{9278e790-6794-11e5-8257-20689d9d50e8} => key not found.
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{951243c6-735b-11e5-826c-20689d9d50e8}" => key removed successfully
HKCR\CLSID\{951243c6-735b-11e5-826c-20689d9d50e8} => key not found.
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c842d34c-104b-11e6-82d5-20689d9d50e8}" => key removed successfully
HKCR\CLSID\{c842d34c-104b-11e6-82d5-20689d9d50e8} => key not found.
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f114b603-dbb5-11e5-82bb-20689d9d50e8}" => key removed successfully
HKCR\CLSID\{f114b603-dbb5-11e5-82bb-20689d9d50e8} => key not found.
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully
HKU\S-1-5-21-2799171281-1836920862-2753578075-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully

"C:\Users\Marek\AppData\Local\Temp" folder move:

Could not move "C:\Users\Marek\AppData\Local\Temp" => Scheduled to move on reboot.

"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}" => key removed successfully
"HKU\S-1-5-21-2799171281-1836920862-2753578075-1001_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F3BA1D3A-8309-4A10-B203-74FF8A9C312C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F3BA1D3A-8309-4A10-B203-74FF8A9C312C}" => key removed successfully
C:\Windows\System32\Tasks\{0B4174B1-5142-4CF4-9967-6B9AB0B74916} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{0B4174B1-5142-4CF4-9967-6B9AB0B74916}" => key removed successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => not found.
C:\Windows => ":nlsPreferences" ADS removed successfully.
C:\ProgramData\Temp => ":B755D674" ADS removed successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 55920300 B
Java, Flash, Steam htmlcache => 27586507 B
Windows/system/drivers => 4127427 B
Edge => 0 B
Chrome => 774697665 B
Firefox => 97202298 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 9512 B
ProgramData => 0 B
Public => 0 B
systemprofile => 94579 B
systemprofile32 => 216 B
LocalService => 228910 B
NetworkService => 178134 B
Marek => 1001081694 B
UpdatusUser => 0 B
UpdatusUser => 0 B

RecycleBin => 24884994 B
EmptyTemp: => 1.9 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 27-11-2016 19:32:59)

C:\Users\Marek\AppData\Local\Temp => moved successfully

==== End of Fixlog 19:32:59 ====

#8 Příspěvek od **Rudy** » 27 lis 2016 20:10

Smazáno. Nastala nějaká změna?

marquesb51 · #9 Příspěvek od **marquesb51** » 27 lis 2016 20:33

Děkuji za pomoc,

zlepšení nenastalo, NTB možná bootuje o něco déle.

Když se počítač zasekne, ve správci úloh to v naprosté většině bývá vlivem HDD (100 % vytížení).
Dle CrystalDiskInfo je disk "v pořádku", ještě zbývá kontrola utilitou od výrobce a spíše si myslím, že bude čas na reinstall.

#10 Příspěvek od **Rudy** » 27 lis 2016 21:39

Nemáte zač! Který proces zabírá nejvíce syst. prostředků?

marquesb51 · #11 Příspěvek od **marquesb51** » 27 lis 2016 22:16

Právě že vždy ten, který je spuštěn, což je v pořádku, jenom enormně vytěžuje HDD.
Zvláštní také je, že ve Správci úloh v kartě "PROCESY" je celkové maximální vytížení HDD cca. do 50 %, zatímco v tu samou chvíli na kartě "VÝKON" je 100 %.

Teď jsem disk připojil k PC, spustil nástroj od Seagate a dle tohoto je vše v pořádku. (utilita ukazuje pouze PASS, nevypisuje žádné detaily)
Minulý týden jsem provedl defragmentaci pomocí O&O Defrag (ta trvala cca. 90 hodin!

).
Už mě vážně nenapadá nic jiného než reinstall.

#12 Příspěvek od **Rudy** » 27 lis 2016 22:28

Co ještě obnova systému k datu, kdy korketně fungoval?

#13 Příspěvek od **JaRon** » 28 lis 2016 08:29

este doplnim:
http://forum.viry.cz/viewtopic.php?f=46&t=79325 cast 8
pozri ci disk nie je v PIO mode a vloz sem obrazok benchmark

VIRY.CZ

Odezva HDD

Odezva HDD

Re: Odezva HDD

Re: Odezva HDD

Re: Odezva HDD

Re: Odezva HDD

Re: Odezva HDD

Re: Odezva HDD

Re: Odezva HDD

Re: Odezva HDD

Re: Odezva HDD

Re: Odezva HDD

Re: Odezva HDD

Re: Odezva HDD