Prosím o kontrolu, NTB častěji spíná chlazení

Zpráva

artmle9 · #1 Příspěvek od **artmle9** » 26 led 2015 17:10

Prosím o konrolu, dřive nebylo chlazení NTB vůbec slyšet, pouze při hraní her (NFS UND2) Občas se stává, že spouští chlazení i když na NTB nic nedělám. Mám pocit, že dělá něco o co vůbec nemám zájem, děkuji o kontrolu.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Lukáš Kilhof at 2015-01-26 17:01:35
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 179 GB (75%) free of 238 GB
Total RAM: 4061 MB (55% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:01:39, on 26.1.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Windows\vsnpstd3.exe
C:\Program Files (x86)\Internet Download Manager\IDMan.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
C:\Program Files (x86)\Google\Google Talk\googletalk.exe
C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Lukáš Kilhof.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.windowsxlive.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [googletalk] C:\Program Files (x86)\Google\Google Talk\googletalk.exe /autostart
O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [PPort12reminder] "C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini"
O4 - HKLM\..\Run: [PDFHook] C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe
O4 - HKLM\..\Run: [PDF5 Registry Controller] C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe
O4 - HKLM\..\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
O4 - HKLM\..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
O4 - HKLM\..\Run: [WD Quick View] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Otevřít programem PDF Viewer Plus - res://C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm
O8 - Extra context menu item: Stáhnout s IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Stáhnout s IDM obsah FLV videa - C:\Program Files (x86)\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Stáhnout s IDM všechny odkazy - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} (20-20 3D Viewer for IKEA) - http://kitchenplanner.ikea.com/CZ/Core/ ... _Win32.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\Windows\system32\brsvc01a.exe
O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exe
O23 - Service: Intel® PROSet/Wireless WiMAX Red Bend Device Management Service (DMAgent) - Red Bend Ltd. - C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: FastBootAgent - ASUSTeK Computer Inc. - C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MySql - Unknown owner - C:/apache/mysql/bin/mysqld-nt.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PDFProFiltSrvPP - Nuance Communications, Inc. - C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Unsigned Themes (UnsignedThemes) - The Within Network, LLC - C:\Windows\UnsignedThemesSvc.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WD Backup (WDBackup) - Western Digital Technologies, Inc. - C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
O23 - Service: WD Drive Manager (WDDriveService) - Western Digital Technologies, Inc. - C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
O23 - Service: Intel® PROSet/Wireless WiMAX Service (WiMAXAppSrv) - Intel(R) Corporation - C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: webcamXP Service (wxpSvc) - Unknown owner - C:\Program Files (x86)\webcamXP 5\wService.exe

--
End of file - 13009 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\UnsignedThemesSvc.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\FBAgent.exe"
"C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files\ATKGFNEX\GFNEXSrv.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\SysWOW64\brsvc01a.exe
brss01a.exe
C:\Windows\Explorer.EXE
"taskhost.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
taskeng.exe {7F1C9E56-3C1A-4392-8E84-F3E45385DA42}
"C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe"
"C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe"
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
Atouch64.exe
"C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe"
"C:\Program Files\P4G\BatteryLife.exe"
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe"
"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Windows\vsnpstd3.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe"
"C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe"
WLIDSvcM.exe 2500
"C:\Program Files (x86)\Internet Download Manager\IDMan.exe" /onboot
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDECK.EXE" -r
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe"
"C:\Program Files (x86)\Google\Google Talk\googletalk.exe" /autostart
"C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe"
"C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe"
"C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Windows\system32\wbem\wmiprvse.exe
-BootProc
ATKOSD.exe
KBFiltr.exe
WDC.exe
"C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
-BootProc
"C:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-d44465fb-4aa7-4b0c-83dd-fd267e8ab523 -SystemEventPortName:HostProcess-612717ad-def3-4078-a37a-da3162b568ff -IoCancelEventPortName:HostProcess-f4f69004-14f7-4ce8-9e50-62bde1193aac -NonStateChangingEventPortName:HostProcess-9ad0ff9b-5825-474d-88f3-d206b37640d7 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:aba9d11d-6f05-4695-ab81-747847c0b881 -DeviceGroupId:WpdFsGroup
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Windows\AsScrPro.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto -scheduled -critical
"taskhost.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe"
C:\Windows\system32\AUDIODG.EXE 0x9a0
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe7_ Global\UsGthrCtrlFltPipeMssGthrPipe7 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
"C:\Users\Lukáš Kilhof\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Lukáš Kilhof\AppData\Roaming\Mozilla\Firefox\Profiles\ulpgii9g.default

prefs.js - "browser.startup.homepage" - "www.seznam.cz"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.296 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.296 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

C:\Users\Lukáš Kilhof\AppData\Roaming\Mozilla\Firefox\Profiles\ulpgii9g.default\extensions\
2020Player_IKEA@2020Technologies.com
toolbar@vratnepenize.cz

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDMIEHlprObj Class - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2011-03-17 357216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDMIEHlprObj Class - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2011-03-17 210352]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{551A852F-39A6-44A7-9C13-AFBEC9185A9D}]
PlusIEEventHelper Class - C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06 249856]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-11-30 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení k účtu Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-11-30 172968]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2014-08-22 1331288]
"snpstd3"=C:\Windows\vsnpstd3.exe [2007-05-10 835584]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-02-11 162328]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-02-11 386584]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-02-11 417304]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"IDMan"=C:\Program Files (x86)\Internet Download Manager\IDMan.exe [2011-03-17 3278232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AllShareAgent]
C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AmIcoSinglun64]
C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-04-09 320000]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-01-08 3674320]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ETDWare]
C:\Program Files\Elantech\ETDCtrl.exe [2009-06-12 619392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Lukáš Kilhof\AppData\Local\Google\Update\GoogleUpdate.exe /c []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Deskjet 3050A J611 series (NET)]
C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe -deviceID CN1894D1JX05PJ:NW -scfn HP Deskjet 3050A J611 series (NET) -AutoStart 1 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\icq]
C:\Users\Lukáš Kilhof\AppData\Roaming\ICQM\icq.exe -CU []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM]
C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [2009-05-05 222496]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Setwallpaper]
c:\programdata\SetWallpaper.cmd []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-07-25 21415008]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmartClock]
C:\Program Files (x86)\SmartClock\SmartClock.exe [2003-04-26 880128]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snpstd3]
C:\Windows\vsnpstd3.exe [2007-05-10 835584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Software updater]
C:\Users\Lukáš Kilhof\AppData\Roaming\FreeSoftwareUpdater\updater.exe -h http://neoupdater.com/ []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk]
C:\Windows\Installer\{60D6618B-153F-4353-8185-908E676E5888}\_DCE9A4DB2A5F2786140FA3.exe [2009-10-01 12862]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^tmchlang.lnk]
C:\Program Files\Trend Micro\Internet Security\TmChLang.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Lukáš Kilhof^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^WinMySQLadmin.lnk]
C:\apache\mysql\bin\WINMYS~1.EXE [2000-09-20 1176064]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2009-07-13 2244096]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [2009-07-07 8493624]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [2009-04-20 159744]
"googletalk"=C:\Program Files (x86)\Google\Google Talk\googletalk.exe [2007-01-01 3739648]
"IndexSearch"=C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [2010-03-09 46368]
"PaperPort PTD"=C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [2010-03-09 29984]
"PPort12reminder"=C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe [2010-02-09 328992]
"PDFHook"=C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [2010-03-05 636192]
"PDF5 Registry Controller"=C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [2010-03-05 62752]
"ControlCenter4"=C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [2011-04-20 139264]
"BrStsMon00"=C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2010-06-10 2621440]
"WD Quick View"=C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [2014-07-22 5562736]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-10-07 507776]

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe []

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\shared tools\msconfig\startupreg\ASUS Camera ScreenSaver]
C:\Windows\AsScrProlog.exe [2009-10-01 72248]

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2009-10-01 3054136]

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-02-11 272896]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.ac3filter"=ac3filter64.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-01-26 17:01:35 ----D---- C:\rsit
2015-01-15 19:49:58 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-01-14 15:17:02 ----A---- C:\Windows\system32\nlasvc.dll
2015-01-14 15:17:01 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2015-01-14 15:17:01 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2015-01-14 15:17:00 ----A---- C:\Windows\system32\TSWbPrxy.exe
2015-01-14 15:16:59 ----A---- C:\Windows\system32\profsvc.dll
2015-01-14 15:16:58 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2015-01-14 15:16:55 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-01-14 15:16:52 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-01-14 15:16:51 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-01-14 15:16:49 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-01-14 15:16:49 ----A---- C:\Windows\system32\srcore.dll
2015-01-14 15:16:49 ----A---- C:\Windows\system32\srclient.dll
2015-01-14 15:16:49 ----A---- C:\Windows\system32\rstrui.exe

======List of files/folders modified in the last 1 month======

2015-01-26 17:01:39 ----D---- C:\Windows\Prefetch
2015-01-26 17:01:38 ----D---- C:\Program Files\trend micro
2015-01-26 16:47:48 ----D---- C:\Windows\Temp
2015-01-26 15:49:37 ----D---- C:\Windows\system32\config
2015-01-26 15:32:59 ----D---- C:\Windows\SysWOW64
2015-01-25 20:19:56 ----D---- C:\Users\Lukáš Kilhof\AppData\Roaming\DMCache
2015-01-25 19:41:29 ----SHD---- C:\System Volume Information
2015-01-25 13:34:23 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-01-24 20:22:41 ----D---- C:\Windows\System32
2015-01-24 20:22:41 ----D---- C:\Windows\inf
2015-01-24 20:22:41 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-01-17 00:54:50 ----D---- C:\Users\Lukáš Kilhof\AppData\Roaming\Tyre
2015-01-16 23:39:32 ----D---- C:\Program Files\Tyre
2015-01-16 23:39:31 ----D---- C:\ProgramData\Tyre
2015-01-16 07:50:07 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-15 20:48:09 ----RD---- C:\Program Files (x86)
2015-01-15 08:12:46 ----D---- C:\Windows\winsxs
2015-01-15 08:11:09 ----D---- C:\Windows\system32\drivers
2015-01-15 08:00:22 ----D---- C:\Windows\system32\MRT
2015-01-15 07:54:24 ----D---- C:\Windows\debug
2015-01-15 07:54:19 ----A---- C:\Windows\system32\MRT.exe
2015-01-11 20:06:27 ----D---- C:\Program Files (x86)\Weather Capture Advance
2015-01-04 08:42:17 ----D---- C:\Windows
2014-12-31 12:14:31 ----N---- C:\Windows\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-04 408600]
R0 lullaby;lullaby; C:\Windows\system32\DRIVERS\lullaby.sys [2009-06-18 15928]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-07-17 269008]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2013-02-13 564824]
R1 eusk2par;Aladdin SmartKey Parallel Driver; \??\C:\Windows\system32\Drivers\eusk2par-amd64.sys [2008-12-18 32336]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
R2 IDMWFP;IDMWFP; C:\Windows\system32\DRIVERS\idmwfp.sys [2011-03-17 146568]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-07-17 125584]
R2 uxpatch;uxpatch; \??\C:\Windows\system32\drivers\uxpatch.sys [2009-07-13 30568]
R3 Afc;PPdus ASPI Shell; C:\Windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784]
R3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2009-05-26 40448]
R3 athr;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2013-07-02 3979776]
R3 bpenum;Intel(R) WiMAX Link Enumerator; C:\Windows\system32\DRIVERS\bpenum.sys [2009-07-30 70144]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-02-11 10628640]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1E62x64.sys [2009-08-23 56320]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-06-05 1806400]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 12288]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2009-07-09 1222144]
R3 WSDPrintDevice;Podpora tisku WSD prostřednictvím funkce UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040]
S3 a6n89stc;a6n89stc; C:\Windows\system32\drivers\a6n89stc.sys []
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 dgderdrv;dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys []
S3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2009-06-12 112128]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-07-28 57280]
S3 HTCAND64;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2009-11-02 33736]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 SNPSTD3;USB PC Camera (SNPSTD3); C:\Windows\system32\DRIVERS\snpstd3.sys [2009-07-03 10916352]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 whfltr2k;WheelMouse USB Lower Filter Driver; C:\Windows\system32\DRIVERS\whfltr2k.sys [2007-01-26 9600]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-04-04 63928]
R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2009-09-15 359552]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 Brother XP spl Service;BrSplService; C:\Windows\syswow64\brsvc01a.exe [2002-04-11 57344]
R2 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service; C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe [2009-07-30 402432]
R2 FastBootAgent;FastBootAgent; C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe [2009-07-24 306232]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-08-22 23784]
R2 PDFProFiltSrvPP;PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [2010-03-09 144672]
R2 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-10-01 5087584]
R2 UnsignedThemes;Unsigned Themes; C:\Windows\UnsignedThemesSvc.exe [2009-07-13 24168]
R2 WDBackup;WD Backup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [2014-11-14 1042808]
R2 WDDriveService;WD Drive Manager; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [2014-06-02 296312]
R2 WiMAXAppSrv;Intel® PROSet/Wireless WiMAX Service; C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe [2009-07-30 1048576]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-08-22 368624]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-26 107912]
S2 MySql;MySql; C:/apache/mysql/bin/mysqld-nt.exe []
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-25 267440]
S3 BrYNSvc;BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [2010-01-25 245760]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-09-12 1512448]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-26 107912]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-22 114688]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-01-15 114800]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-08-30 1255736]
S3 wxpSvc;webcamXP Service; C:\Program Files (x86)\webcamXP 5\wService.exe [2011-07-27 5023744]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

#2 Příspěvek od **altrok** » 26 led 2015 17:52

Zdravim

V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).

Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/

ukoncete vsechny programy
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Scan, pote na Clean
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner [Sx].txt), jehoz obsah mi zkopirujte do pristi odpovedi

artmle9 · #3 Příspěvek od **artmle9** » 26 led 2015 18:02

Koš nebyl vyprázdněn.

# AdwCleaner v4.109 - Report created 26/01/2015 at 17:59:25
# Updated 24/01/2015 by Xplode
# Database : 2015-01-25.1 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Lukáš Kilhof - LK-PC
# Running from : C:\Users\Lukáš Kilhof\Desktop\adwcleaner_4.109.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\NCH Software
Folder Deleted : C:\Program Files (x86)\LemurLeap
Folder Deleted : C:\Users\Lukáš Kilhof\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\Lukáš Kilhof\AppData\Roaming\FreeSoftwareUpdater
Folder Deleted : C:\Users\Lukáš Kilhof\AppData\Roaming\NCH Software

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{415419C3-DAD0-4DF1-AC37-22C72AD81878}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{38122A36-83B2-46B8-B39A-EC72A4614A07}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{17B10E59-09E1-4C39-A738-6774D7AB7778}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{47700C35-9E3E-4DAD-934C-0CE28A87237C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{72063D77-7590-4DA9-A7F8-F5ECAF3632C4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D54C859C-6066-4F31-8FE0-2AAEDCAE67D7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{CA021789-C8CD-4676-BC40-90077A19D5CD}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\PIP
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\LemurLeap
Key Deleted : HKLM\SOFTWARE\PIP
Key Deleted : HKLM\SOFTWARE\LemurLeap

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17496

-\\ Mozilla Firefox v35.0 (x86 cs)

*************************

AdwCleaner[R0].txt - [3535 octets] - [26/01/2015 17:57:34]
AdwCleaner[S0].txt - [3319 octets] - [26/01/2015 17:59:25]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3379 octets] ##########

#4 Příspěvek od **altrok** » 26 led 2015 18:06

Nebyl, ale v pristim kroku bude (spolu s historii prohlizecu a vsemi docasnymi soubory - tempy).

Dejte log FRST.txt, prilozte i Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101

artmle9 · #5 Příspěvek od **artmle9** » 26 led 2015 18:42

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-01-2015 01
Ran by Lukáš Kilhof (administrator) on LK-PC on 26-01-2015 18:36:24
Running from C:\Users\Lukáš Kilhof\Desktop
Loaded Profiles: Lukáš Kilhof (Available profiles: Lukáš Kilhof)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(The Within Network, LLC) C:\Windows\UnsignedThemesSvc.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe
() C:\Program Files\ATKGFNEX\GFNEXSrv.exe
(brother Industries Ltd) C:\Windows\SysWOW64\BRSVC01A.EXE
(brother Industries Ltd) C:\Windows\SysWOW64\BRSS01A.EXE
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
() C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
() C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe
(ATK) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
(ASUSTeK Computer Inc.) C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe
(ATK) C:\Program Files\P4G\BatteryLife.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS CopyProtect\ASPG.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
() C:\Windows\vsnpstd3.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Red Bend Ltd.) C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDECK.EXE
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
(ASUS) C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
(Google) C:\Program Files (x86)\Google\Google Talk\googletalk.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(ASUS) C:\Windows\AsScrPro.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [snpstd3] => C:\Windows\vsnpstd3.exe [835584 2007-05-10] ()
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2244096 2009-07-13] (VIA)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [8493624 2009-07-07] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [159744 2009-04-20] (ASUS)
HKLM-x32\...\Run: [googletalk] => C:\Program Files (x86)\Google\Google Talk\googletalk.exe [3739648 2007-01-01] (Google)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46368 2010-03-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [29984 2010-03-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PPort12reminder] => C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe [328992 2010-02-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2011-04-20] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2621440 2010-06-10] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5562736 2014-07-22] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-563694034-3119439484-3167028291-1000\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3278232 2011-03-17] (Tonec Inc.)
HKU\S-1-5-21-563694034-3119439484-3167028291-1000\...\MountPoints2: G - G:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-563694034-3119439484-3167028291-1000\...\MountPoints2: {77005094-25dd-11e4-9f1b-90e6ba5986da} - G:\HTC_Sync_Manager_PC.exe
ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll (Tonec Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-563694034-3119439484-3167028291-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.windowsxlive.net
HKU\S-1-5-21-563694034-3119439484-3167028291-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: IDMIEHlprObj Class -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: IDMIEHlprObj Class -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll (Zeon Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKU\S-1-5-21-563694034-3119439484-3167028291-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
DPF: HKLM-x32 {1ABA5FAC-1417-422B-BA82-45C35E2C908B} http://kitchenplanner.ikea.com/CZ/Core/ ... _Win32.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Lukáš Kilhof\AppData\Roaming\Mozilla\Firefox\Profiles\ulpgii9g.default
FF Homepage: www.seznam.cz
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: 20-20 3D Viewer - IKEA - C:\Users\Lukáš Kilhof\AppData\Roaming\Mozilla\Firefox\Profiles\ulpgii9g.default\Extensions\2020Player_IKEA@2020Technologies.com [2014-07-11]
FF Extension: VratnePenize.cz - C:\Users\Lukáš Kilhof\AppData\Roaming\Mozilla\Firefox\Profiles\ulpgii9g.default\Extensions\toolbar@vratnepenize.cz [2014-09-09]
FF Extension: Google Translator for Firefox - C:\Users\Lukáš Kilhof\AppData\Roaming\Mozilla\Firefox\Profiles\ulpgii9g.default\Extensions\translator@zoli.bod.xpi [2014-07-12]
FF Extension: Adblock Plus - C:\Users\Lukáš Kilhof\AppData\Roaming\Mozilla\Firefox\Profiles\ulpgii9g.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-08-21]
FF HKU\S-1-5-21-563694034-3119439484-3167028291-1000\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Lukáš Kilhof\AppData\Roaming\IDM\idmmzcc3
FF Extension: IDM CC - C:\Users\Lukáš Kilhof\AppData\Roaming\IDM\idmmzcc3 [2013-10-16]
FF HKU\S-1-5-21-563694034-3119439484-3167028291-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Lukáš Kilhof\AppData\Roaming\IDM\idmmzcc3

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-08-08] () [File not signed]
R2 Brother XP spl Service; C:\Windows\SysWOW64\brsvc01a.exe [57344 2002-04-11] (brother Industries Ltd) [File not signed]
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed]
R2 DMAgent; C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe [402432 2009-07-30] (Red Bend Ltd.) [File not signed]
R2 FastBootAgent; C:\Windows\SysWOW64\Fast Boot\FastBootAgent.exe [306232 2009-07-24] (ASUSTeK Computer Inc.)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
S2 MySql; C:/apache/mysql/bin/mysqld-nt.exe [1089536 2001-01-22] () [File not signed]
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-09] (Nuance Communications, Inc.)
R2 UnsignedThemes; C:\Windows\UnsignedThemesSvc.exe [24168 2009-07-13] (The Within Network, LLC)
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2014-11-14] (Western Digital Technologies, Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [296312 2014-06-02] (Western Digital Technologies, Inc.)
R2 WiMAXAppSrv; C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe [1048576 2009-07-30] (Intel(R) Corporation) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 wxpSvc; C:\Program Files (x86)\webcamXP 5\wService.exe [5023744 2011-07-27] (Moonware Studios) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASMMAP64; C:\Program Files\ATKGFNEX\ASMMAP64.sys [14904 2007-07-24] ()
R1 eusk2par; C:\Windows\system32\Drivers\eusk2par-amd64.sys [32336 2008-12-18] (Aladdin Knowledge Systems Ltd.)
S3 HTCAND64; C:\Windows\System32\Drivers\ANDROIDUSB.sys [33736 2009-11-02] (HTC, Corporation) [File not signed]
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1806400 2009-06-05] ()
S3 SNPSTD3; C:\Windows\System32\DRIVERS\snpstd3.sys [10916352 2009-07-03] (Sonix Co. Ltd.)
S3 SNPSTD3; C:\Windows\SysWOW64\DRIVERS\snpstd3.sys [10526464 2009-07-03] (Sonix Co. Ltd.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-02-13] (Duplex Secure Ltd.)
R2 uxpatch; C:\Windows\system32\drivers\uxpatch.sys [30568 2009-07-13] ()
S3 whfltr2k; C:\Windows\System32\DRIVERS\whfltr2k.sys [9600 2007-01-26] () [File not signed]
U3 aa278ki7; C:\Windows\System32\Drivers\aa278ki7.sys [0 ] (Intel Corporation) <==== ATTENTION (zero size file/folder)
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
U3 tmlwf; No ImagePath
U3 tmwfp; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-26 18:36 - 2015-01-26 18:37 - 00016595 _____ () C:\Users\Lukáš Kilhof\Desktop\FRST.txt
2015-01-26 18:35 - 2015-01-26 18:36 - 00000000 ____D () C:\FRST
2015-01-26 18:35 - 2015-01-26 18:35 - 02129920 _____ (Farbar) C:\Users\Lukáš Kilhof\Desktop\FRST64.exe
2015-01-26 18:33 - 2015-01-26 18:34 - 00029696 _____ () C:\Users\Lukáš Kilhof\AppData\Local\MSGBOX.EXE
2015-01-26 17:57 - 2015-01-26 17:59 - 00000000 ____D () C:\AdwCleaner
2015-01-26 17:56 - 2015-01-26 17:56 - 02194432 _____ () C:\Users\Lukáš Kilhof\Desktop\adwcleaner_4.109.exe
2015-01-26 17:01 - 2015-01-26 17:01 - 01222144 _____ () C:\Users\Lukáš Kilhof\Desktop\RSITx64.exe
2015-01-26 17:01 - 2015-01-26 17:01 - 00000000 ____D () C:\rsit
2015-01-16 23:56 - 2015-01-16 23:56 - 00000502 _____ () C:\Users\Lukáš Kilhof\Desktop\eu.itn
2015-01-15 19:49 - 2015-01-15 19:50 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-14 15:17 - 2014-12-11 18:47 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 15:17 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 15:17 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-14 15:17 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-14 15:16 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 15:16 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 15:16 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 15:16 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-14 15:16 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-14 15:16 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-14 15:16 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-14 15:16 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-14 15:16 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-04 08:42 - 2015-01-26 18:00 - 00533280 _____ () C:\Windows\PFRO.log
2014-12-30 18:00 - 2014-12-30 18:00 - 00000870 _____ () C:\Users\Lukáš Kilhof\AppData\Local\recently-used.xbel
2014-12-30 17:59 - 2014-12-30 17:59 - 00000000 ____D () C:\Users\Lukáš Kilhof\AppData\Local\gegl-0.2
2014-12-27 21:56 - 2014-12-27 22:24 - 00000000 ____D () C:\Users\Lukáš Kilhof\AppData\Local\Microsoft Games

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-26 18:34 - 2012-11-16 10:59 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-26 18:07 - 2009-07-14 05:45 - 00010240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-26 18:07 - 2009-07-14 05:45 - 00010240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-26 18:05 - 2009-10-01 05:17 - 01058934 _____ () C:\Windows\WindowsUpdate.log
2015-01-26 18:02 - 2014-10-26 12:51 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-26 18:02 - 2014-10-26 12:51 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-26 18:00 - 2014-12-14 19:47 - 00005944 _____ () C:\Windows\setupact.log
2015-01-26 18:00 - 2013-10-06 15:18 - 00000050 _____ () C:\Windows\system32\SupplicantTest.log
2015-01-26 18:00 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-26 17:01 - 2013-09-15 18:12 - 00000000 ____D () C:\Program Files\trend micro
2015-01-26 15:48 - 2014-09-04 12:51 - 00001579 _____ () C:\Users\Lukáš Kilhof\Desktop\Recepty 2.2.lnk
2015-01-25 20:19 - 2013-10-16 18:08 - 00000000 ____D () C:\Users\Lukáš Kilhof\AppData\Roaming\DMCache
2015-01-25 16:59 - 2014-09-28 16:49 - 00000000 ____D () C:\Users\Lukáš Kilhof\Desktop\Recepty
2015-01-25 13:34 - 2012-11-16 10:59 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-25 13:34 - 2012-11-16 10:59 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-25 13:34 - 2012-11-16 10:59 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-24 23:25 - 2013-11-09 15:50 - 00000000 ____D () C:\Users\Lukáš Kilhof\AppData\Local\CrashDumps
2015-01-24 20:22 - 2009-08-03 21:00 - 00672386 _____ () C:\Windows\system32\perfh005.dat
2015-01-24 20:22 - 2009-08-03 21:00 - 00142950 _____ () C:\Windows\system32\perfc005.dat
2015-01-24 20:22 - 2009-07-14 06:13 - 01593214 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-17 21:04 - 2014-11-30 12:17 - 00000000 ____D () C:\Users\Lukáš Kilhof\Desktop\Gmail
2015-01-17 09:53 - 2012-06-17 11:05 - 00000000 ____D () C:\Users\Lukáš Kilhof\Desktop\Programy
2015-01-17 00:54 - 2012-06-17 12:22 - 00000000 ____D () C:\Users\Lukáš Kilhof\AppData\Roaming\Tyre
2015-01-16 23:39 - 2013-06-15 20:45 - 00000000 ____D () C:\Program Files\Tyre
2015-01-16 22:18 - 2013-10-26 11:22 - 00000000 ____D () C:\Users\Lukáš Kilhof\AppData\Local\Deployment
2015-01-16 07:50 - 2014-07-01 17:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-15 08:00 - 2013-07-25 14:09 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-15 07:54 - 2012-12-01 20:57 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-13 16:23 - 2014-04-20 14:23 - 00010792 _____ () C:\Users\Lukáš Kilhof\Desktop\Ušák.xlsx
2015-01-11 20:06 - 2013-12-26 22:47 - 00000000 ____D () C:\Program Files (x86)\Weather Capture Advance
2014-12-31 12:14 - 2012-06-17 09:49 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-12-30 18:04 - 2012-08-18 17:01 - 00000000 ____D () C:\Users\Lukáš Kilhof\.gimp-2.8
2014-12-29 19:54 - 2013-10-27 12:51 - 00000000 ____D () C:\Users\Lukáš Kilhof\AppData\Local\NFS Underground 2

==================== Files in the root of some directories =======

2007-06-12 17:34 - 2007-06-12 17:34 - 0035822 _____ () C:\Program Files (x86)\Common Files\ASPG_icon.ico
2008-05-22 16:35 - 2008-05-22 16:35 - 0051962 _____ () C:\Program Files (x86)\Common Files\banner.jpg
2009-04-08 18:31 - 2009-04-08 18:31 - 0106496 _____ () C:\Program Files (x86)\Common Files\CPInstallAction.dll
2008-08-12 05:45 - 2008-08-12 05:45 - 0155648 _____ (ASUS) C:\Program Files (x86)\Common Files\MSIactionall.dll
2013-10-26 18:59 - 2013-10-26 18:59 - 0000037 ___SH () C:\Users\Lukáš Kilhof\AppData\Local\70149b02515b3bb20dd492.47983420
2012-12-06 06:47 - 2012-12-06 06:47 - 0003584 _____ () C:\Users\Lukáš Kilhof\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-26 18:33 - 2015-01-26 18:34 - 0029696 _____ () C:\Users\Lukáš Kilhof\AppData\Local\MSGBOX.EXE
2014-12-30 18:00 - 2014-12-30 18:00 - 0000870 _____ () C:\Users\Lukáš Kilhof\AppData\Local\recently-used.xbel
2012-06-17 15:00 - 2012-06-17 15:00 - 0000057 _____ () C:\ProgramData\Ament.ini
2013-07-09 19:17 - 2013-07-09 19:17 - 0000095 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2013-07-09 19:16 - 2013-07-09 19:16 - 0000089 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.64.bc
2009-10-01 05:42 - 2009-10-01 05:43 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2009-10-01 05:42 - 2009-10-01 05:42 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log

Some content of TEMP:
====================
C:\Users\Lukáš Kilhof\AppData\Local\Temp\Quarantine.exe
C:\Users\Lukáš Kilhof\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-01-24 10:59

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-01-2015 01
Ran by Lukáš Kilhof at 2015-01-26 18:37:58
Running from C:\Users\Lukáš Kilhof\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AC3Filter 1.63b (HKLM-x32\...\AC3Filter_is1) (Version: 1.63b - Alexander Vigovsky)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Activation Assistant for the 2007 Microsoft Office suites (HKLM-x32\...\Activation Assistant for the 2007 Microsoft Office suites) (Version: - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (x32 Version: 1.0 - Microsoft Corporation) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Reader X (10.1.3) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AA1000000001}) (Version: 10.1.3 - Adobe Systems Incorporated)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Alcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{5A22D889-FBDD-4AE8-86EC-089D45FC133E}) (Version: 1.2.17.25001 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.2.17.25001 - Alcor Micro Corp.) Hidden
Any Video Converter 3.5.5 (HKLM-x32\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
AnyPic JPG to PDF Converter 1.0.2 (HKLM-x32\...\{ADD050EC-6B50-437F-807B-FF9F29216FA5}_is1) (Version: - AnyPic Soft)
Ashampoo Burning Studio 6 FREE v.6.81 (HKLM-x32\...\Ashampoo Burning Studio 6 FREE_is1) (Version: 6.8.1 - Ashampoo GmbH & Co. KG)
ASUS AI Recovery (HKLM-x32\...\{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}) (Version: 1.0.6 - ASUS)
ASUS CopyProtect (HKLM-x32\...\{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}) (Version: 1.0.0015 - ASUS)
ASUS FancyStart (HKLM-x32\...\{60D6618B-153F-4353-8185-908E676E5888}) (Version: 1.0.5 - ASUSTeK Computer Inc.)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.20 - ASUS)
ASUS MultiFrame (HKLM-x32\...\{9D48531D-2135-49FC-BC29-ACCDA5396A76}) (Version: 1.0.0019 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{1686C4D1-B1FD-42E8-B7A8-FB4C4DBA5BA8}) (Version: 1.1.19 - ASUS)
ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0007 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0028 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.17 - asus)
Asus_Camera_ScreenSaver (HKLM-x32\...\Asus_Camera_ScreenSaver) (Version: 2.0.0009 - ASUS)
Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.16 - Atheros Communications Inc.)
ATK Generic Function Service (HKLM-x32\...\{D3D54F3E-C5C3-443D-978F-87A72E5616E8}) (Version: 1.00.0008 - ATK)
ATK Hotkey (HKLM-x32\...\{7C05592D-424B-46CB-B505-E0013E8E75C9}) (Version: 1.0.0051 - ASUS)
ATK Media (HKLM-x32\...\{D1E5870E-E3E5-4475-98A6-ADD614524ADF}) (Version: 2.0.0005 - ASUS)
ATKOSD2 (HKLM-x32\...\{3B05F2FB-745B-4012-ADF2-439F36B2E70B}) (Version: 7.0.0005 - ASUS)
Brother MFL-Pro Suite DCP-7065DN (HKLM-x32\...\{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}) (Version: 1.0.9.0 - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 3.19 - Piriform)
ControlDeck (HKLM-x32\...\{5B65EF64-1DFA-414A-8C94-7BB726158E21}) (Version: 1.0.3 - ASUS)
CoreAAC Audio Decoder (remove only) (HKLM-x32\...\CoreAAC Audio Decoder) (Version: - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.46.1.0328 - DT Soft Ltd)
Defraggler (HKLM\...\Defraggler) (Version: 2.16 - Piriform)
ETDWare PS/2-x64 7.0.5.5_WHQL (HKLM\...\Elantech) (Version: - )
Far Cry 2 (HKLM-x32\...\{F2835483-37F2-4123-B4FE-0E77D58447F2}) (Version: 1.00.00 - Ubisoft)
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.3 - ASUS)
FormatFactory 2.95 (HKLM-x32\...\FormatFactory) (Version: 2.95 - Free Time)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Free YouTube to MP3 Converter version 3.12.46.923 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.46.923 - DVDVideoSoft Ltd.)
GIMP 2.8.0 (HKLM\...\GIMP-2_is1) (Version: 2.8.0 - The GIMP Team)
Google Earth (HKLM-x32\...\{28E82311-8616-11E1-BEB0-B8AC6F97B88E}) (Version: 6.2.2.6613 - Google)
Google Talk (remove only) (HKLM-x32\...\{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk) (Version: - )
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - Intel Corporation)
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2021 - Intel Corporation)
Intel® PROSet/Wireless WiMAX Software (HKLM\...\{FAE224AF-B15E-448B-88FA-1839A7570CF8}) (Version: 1.04.0000 - Intel Corporation)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - )
Java 7 Update 7 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217007FF}) (Version: 7.0.70 - Oracle)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Jpeg Resampler Vs 6+ (HKLM-x32\...\JpegResampler2010_is1) (Version: - Jpeg Resampler)
Junk Mail filter update (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MKVToolNix 5.6.0 (HKLM-x32\...\MKVToolNix) (Version: 5.6.0 - Moritz Bunkus)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 35.0 (x86 cs) (HKLM-x32\...\Mozilla Firefox 35.0 (x86 cs)) (Version: 35.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Need for Speed Underground 2 (HKLM-x32\...\{909F8EBC-EC7F-48FF-0085-475D818F0F31}) (Version: - )
NCH Toolbox (HKLM-x32\...\ToolBox) (Version: - NCH Software)
Nuance PaperPort 12 (HKLM-x32\...\{DA715959-CFF1-48A2-B3BB-98B9E569C6AC}) (Version: 12.1.0000 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 1.00.0001 - Nuance Communications, Inc.)
PDFTools Version 1.3 (08/26/2007) (HKLM-x32\...\PDFTools_is1) (Version: 1.3 - www.SheelApps.com - Sheel Khanna)
Platform (x32 Version: 1.34 - VIA Technologies, Inc.) Hidden
Pracovní kalendář (HKLM-x32\...\Pracovní kalendář) (Version: - )
rajče průvodce verze 1.59.40.255 (HKLM-x32\...\rajče.net_is1) (Version: - rajče.net)
Recepty 2.2 (HKLM-x32\...\Recepty_is1) (Version: 2.2 - Ivan Dulgerov)
Revo Uninstaller 1.83 (HKLM-x32\...\Revo Uninstaller) (Version: 1.83 - VS Revo Group)
Scansoft PDF Professional (x32 Version: - ) Hidden
SDÍLEJ.CZ Manager (HKU\S-1-5-21-563694034-3119439484-3167028291-1000\...\69f070f18ade444c) (Version: 0.0.1.36 - SDÍLEJ.CZ)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
SmartClock 2.1 (HKLM-x32\...\SmartClock) (Version: - )
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.22298 - TeamViewer)
The KMPlayer (HKLM-x32\...\The KMPlayer) (Version: 3.7.0.113 - KMP Media co., Ltd)
Trust Webcam (HKLM-x32\...\{ECD03DA7-5952-406A-8156-5F0C93618D1F}) (Version: 5.18.1211.103 - Sonix)
Tyre (HKLM\...\Tyre_is1) (Version: 6.4.2.6 - 't Schrijverke)
Tyre (HKLM-x32\...\Tyre_is1) (Version: 6.3.1.1 - 't Schrijverke)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
USB 2.0 1.3M UVC WebCam (HKLM\...\USB 2.0 1.3M UVC WebCam) (Version: - )
UxStyle Core Beta (HKLM\...\{8E363055-15E5-4D8A-9C69-A0A9DE9A3337}) (Version: 0.2.1.1 - The Within Network, LLC)
VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
WD Quick View (HKLM-x32\...\{CD2D5EDD-B170-4E8B-A631-27FE4FE6B2E4}) (Version: 2.4.4.5 - Western Digital Technologies, Inc.)
WD SmartWare (HKLM\...\{A5516566-200A-4093-953B-83721F1A984B}) (Version: 2.4.4.5 - Western Digital Technologies, Inc.)
WD SmartWare Installer (HKLM-x32\...\{e502616c-37a2-498e-a9ee-cd1234ccc820}) (Version: 2.4.4.5 - Western Digital Technologies, Inc.)
Weather Capture Advance 1.2 (HKLM-x32\...\{E10017D0-CDC3-4205-87F8-B1AC58124DE9}_is1) (Version: - Hideki Electronics Limited)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{4B4451CE-D1E6-4BDE-B4B2-59F03BB83B7C}) (Version: 14.0.8050.1202 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.26.0 - ASUS)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Wireless Console 3 (HKLM-x32\...\{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}) (Version: 3.0.10 - ASUS)
Xvid 1.2.2 final uninstall (HKLM-x32\...\Xvid_is1) (Version: 1.2 - Xvid team (Koepi))

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

==================== Restore Points =========================

29-12-2014 18:56:32 Windows Update
02-01-2015 17:33:08 Windows Update
06-01-2015 18:49:20 Windows Update
11-01-2015 19:05:38 Windows Update
15-01-2015 07:53:26 Windows Update
18-01-2015 09:26:03 Windows Update
22-01-2015 15:07:02 Windows Update
25-01-2015 19:41:10 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0CF5A782-4682-4A27-8E56-CA4322D13508} - System32\Tasks\{769A87C2-D16B-4FE2-9B92-10BF9730C1D3} => C:\Users\Lukáš Kilhof\Desktop\install.exe <==== ATTENTION
Task: {2C53893E-00E8-4E50-A00A-B724E06988CA} - System32\Tasks\{D09FAE56-5A9B-41F1-B1C3-246D720EF022} => C:\Program Files (x86)\Network Stumbler\NetStumbler.exe
Task: {301166CC-3CD0-4627-B480-9A010C0636F5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-25] (Adobe Systems Incorporated)
Task: {33802523-AB21-4F8F-A10C-77AA33B098E1} - System32\Tasks\{F24BF22E-2FFB-432B-8FB3-BE7512B8A11A} => pcalua.exe -a "C:\Program Files (x86)\Nuance\PaperPort\ScannerWizardU.exe" -c /A [PaperPort 12.1] /L [czh]
Task: {3496A396-D5D1-414F-AB8F-1F0060379788} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2009-07-29] (ATK)
Task: {4AB58050-BE96-4FE1-AEFE-2F1EB2597D5A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-26] (Google Inc.)
Task: {6436DE78-1813-4690-9DBD-30658CCBFD03} - System32\Tasks\{8A7892DF-9BE2-4249-9409-E3CC635B980B} => C:\Program Files (x86)\WS32\Wswin32.exe
Task: {67BA13F5-23BA-4ECC-903C-924D2464AD8B} - System32\Tasks\WC3 => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2009-07-24] ()
Task: {85EDAE30-84D9-42C7-B93D-A0C926CCDE87} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-26] (Google Inc.)
Task: {8815C381-04BB-44AE-AAFE-2A6806E2106E} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2009-07-23] (ATK)
Task: {8EABE69A-8617-435F-8F98-AFAB8F43B7A7} - System32\Tasks\ASUSControlDeck => C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe [2009-07-23] ()
Task: {9705D9EB-1D45-4922-BA16-15AE241B3E9C} - System32\Tasks\{AB2C805F-7EC5-4878-84C6-013C49A34901} => C:\Program Files (x86)\Network Stumbler\NetStumbler.exe
Task: {B5BC0CCB-65A7-4A6B-B63C-B29BB8BC07EB} - System32\Tasks\{37CF6517-8A24-4BF6-98F7-3F5C55A984CF} => pcalua.exe -a F:\Directx\dxsetup.exe -d F:\
Task: {BE98C7E8-2A03-47B0-8547-748BA88B5988} - System32\Tasks\ASPG => C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe [2009-06-29] (ASUS)
Task: {BF78B16E-C1DD-4040-BB84-2313B5F5A7DE} - System32\Tasks\{04ABB46E-6789-45EB-A877-7555B9207218} => pcalua.exe -a "C:\Users\Lukáš Kilhof\Desktop\GameParkSetup11024_2.exe" -d "C:\Users\Lukáš Kilhof\Desktop"
Task: {E3B7F7F3-C090-48E0-A4BD-8E381FCC9077} - System32\Tasks\hpUrlLauncher.exe_{CA1F916B-B2BD-4D0B-BBB8-88346365F9F3} => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\utils\hpUrlLauncher.exe
Task: {EF278098-8CA1-4B70-8BCC-DD45670702CC} - System32\Tasks\{27D1D1E5-274A-47BA-B32D-83BEE8DCE659} => pcalua.exe -a "D:\Instalace\Microsoft office 2007\setup.exe" -d "D:\Instalace\Microsoft office 2007"
Task: {F51C5B4B-29E9-4FFE-9DE9-E009E91A4EA8} - System32\Tasks\{D5471058-19F6-4E7D-999C-C673108949FC} => C:\Program Files (x86)\Network Stumbler\NetStumbler.exe
Task: {FF87BC2B-9AB8-40C9-AFD6-6B664988C57E} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2009-05-18] (ASUS)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2009-10-01 05:58 - 2007-08-08 08:08 - 00094208 _____ () C:\Program Files\ATKGFNEX\GFNEXSrv.exe
2012-09-01 14:29 - 2010-09-06 17:21 - 00538435 _____ () C:\Program Files (x86)\JpegResampler2010\JRcm64.dll
2009-07-23 01:58 - 2009-07-23 01:58 - 00017976 _____ () C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
2008-08-14 04:59 - 2008-08-14 04:59 - 00301624 _____ () C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe
2008-10-01 07:02 - 2008-10-01 07:08 - 00011264 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2009-05-05 18:00 - 2009-05-05 18:00 - 00041472 _____ () C:\Program Files\P4G\DevMng.dll
2009-07-27 18:12 - 2009-07-27 18:12 - 00026624 _____ () C:\Program Files\P4G\OvrClk.dll
2009-10-01 05:58 - 2007-03-10 02:58 - 00124416 _____ () C:\Program Files\ATKGFNEX\AGFNEX64.dll
2009-07-24 18:32 - 2009-07-24 18:32 - 01593344 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
2012-08-10 19:29 - 2005-04-22 05:36 - 00143360 ____R () C:\Windows\system32\BrSNMP64.dll
2012-08-02 18:06 - 2007-05-10 12:18 - 00835584 _____ () C:\Windows\vsnpstd3.exe
2009-10-01 05:57 - 2009-05-07 09:51 - 00071680 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2009-10-01 05:57 - 2009-05-07 09:53 - 00379392 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2009-10-01 05:57 - 2008-01-18 07:49 - 00098816 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\VMicApi.dll
2009-10-01 05:57 - 2009-07-06 07:37 - 47601664 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Skin.dll
2009-10-01 06:00 - 2009-06-22 21:37 - 00212992 _____ () C:\Windows\SysWOW64\Fast Boot\GetBootTime.dll
2013-03-26 19:10 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2015-01-15 19:49 - 2015-01-15 19:50 - 03925104 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk => C:\Windows\pss\FancyStart daemon.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^tmchlang.lnk => C:\Windows\pss\tmchlang.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Lukáš Kilhof^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^WinMySQLadmin.lnk => C:\Windows\pss\WinMySQLadmin.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AllShareAgent => C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
MSCONFIG\startupreg: AmIcoSinglun64 => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: ETDWare => C:\Program Files\Elantech\ETDCtrl.exe
MSCONFIG\startupreg: Google Update => "C:\Users\Lukáš Kilhof\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: HP Deskjet 3050A J611 series (NET) => "C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN1894D1JX05PJ:NW" -scfn "HP Deskjet 3050A J611 series (NET)" -AutoStart 1
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: icq => C:\Users\Lukáš Kilhof\AppData\Roaming\ICQM\icq.exe -CU
MSCONFIG\startupreg: ISUSPM => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
MSCONFIG\startupreg: Setwallpaper => c:\programdata\SetWallpaper.cmd
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SmartClock => C:\Program Files (x86)\SmartClock\SmartClock.exe /boot
MSCONFIG\startupreg: snpstd3 => C:\Windows\vsnpstd3.exe
MSCONFIG\startupreg: Software updater => "C:\Users\Lukáš Kilhof\AppData\Roaming\FreeSoftwareUpdater\updater.exe" -h http://neoupdater.com/

========================= Accounts: ==========================

Administrator (S-1-5-21-563694034-3119439484-3167028291-500 - Administrator - Disabled)
Guest (S-1-5-21-563694034-3119439484-3167028291-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-563694034-3119439484-3167028291-1004 - Limited - Enabled)
Lukáš Kilhof (S-1-5-21-563694034-3119439484-3167028291-1000 - Administrator - Enabled) => C:\Users\Lukáš Kilhof

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (01/26/2015 06:37:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: WDBackupEngine.exe, verze: 2.0.0.15, časové razítko: 0x546690c1
Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.18409, časové razítko: 0x53159a86
Kód výjimky: 0xc0000005
Posun chyby: 0x000369b9
ID chybujícího procesu: 0xb6c
Čas spuštění chybující aplikace: 0xWDBackupEngine.exe0
Cesta k chybující aplikaci: WDBackupEngine.exe1
Cesta k chybujícímu modulu: WDBackupEngine.exe2
ID zprávy: WDBackupEngine.exe3

Error: (01/26/2015 06:30:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: WDBackupEngine.exe, verze: 2.0.0.15, časové razítko: 0x546690c1
Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.18409, časové razítko: 0x53159a86
Kód výjimky: 0xc0000005
Posun chyby: 0x000369b9
ID chybujícího procesu: 0x17d4
Čas spuštění chybující aplikace: 0xWDBackupEngine.exe0
Cesta k chybující aplikaci: WDBackupEngine.exe1
Cesta k chybujícímu modulu: WDBackupEngine.exe2
ID zprávy: WDBackupEngine.exe3

Error: (01/26/2015 06:25:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: WDBackupEngine.exe, verze: 2.0.0.15, časové razítko: 0x546690c1
Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.18409, časové razítko: 0x53159a86
Kód výjimky: 0xc0000005
Posun chyby: 0x0002eae4
ID chybujícího procesu: 0x14fc
Čas spuštění chybující aplikace: 0xWDBackupEngine.exe0
Cesta k chybující aplikaci: WDBackupEngine.exe1
Cesta k chybujícímu modulu: WDBackupEngine.exe2
ID zprávy: WDBackupEngine.exe3

Error: (01/26/2015 06:20:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: WDBackupEngine.exe, verze: 2.0.0.15, časové razítko: 0x546690c1
Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.18409, časové razítko: 0x53159a86
Kód výjimky: 0xc0000005
Posun chyby: 0x0002e9c7
ID chybujícího procesu: 0x1588
Čas spuštění chybující aplikace: 0xWDBackupEngine.exe0
Cesta k chybující aplikaci: WDBackupEngine.exe1
Cesta k chybujícímu modulu: WDBackupEngine.exe2
ID zprávy: WDBackupEngine.exe3

Error: (01/26/2015 06:14:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: WDBackupEngine.exe, verze: 2.0.0.15, časové razítko: 0x546690c1
Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.18409, časové razítko: 0x53159a86
Kód výjimky: 0xc0000005
Posun chyby: 0x000361b0
ID chybujícího procesu: 0x55c
Čas spuštění chybující aplikace: 0xWDBackupEngine.exe0
Cesta k chybující aplikaci: WDBackupEngine.exe1
Cesta k chybujícímu modulu: WDBackupEngine.exe2
ID zprávy: WDBackupEngine.exe3

Error: (01/26/2015 06:09:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: WDBackupEngine.exe, verze: 2.0.0.15, časové razítko: 0x546690c1
Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.18409, časové razítko: 0x53159a86
Kód výjimky: 0xc0000005
Posun chyby: 0x0002eae4
ID chybujícího procesu: 0x1718
Čas spuštění chybující aplikace: 0xWDBackupEngine.exe0
Cesta k chybující aplikaci: WDBackupEngine.exe1
Cesta k chybujícímu modulu: WDBackupEngine.exe2
ID zprávy: WDBackupEngine.exe3

Error: (01/26/2015 06:05:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: WDBackupEngine.exe, verze: 2.0.0.15, časové razítko: 0x546690c1
Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.18409, časové razítko: 0x53159a86
Kód výjimky: 0xc0000005
Posun chyby: 0x00022e8f
ID chybujícího procesu: 0xc5c
Čas spuštění chybující aplikace: 0xWDBackupEngine.exe0
Cesta k chybující aplikaci: WDBackupEngine.exe1
Cesta k chybujícímu modulu: WDBackupEngine.exe2
ID zprávy: WDBackupEngine.exe3

Error: (01/26/2015 05:09:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: WDBackupEngine.exe, verze: 2.0.0.15, časové razítko: 0x546690c1
Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.18409, časové razítko: 0x53159a86
Kód výjimky: 0xc0000005
Posun chyby: 0x000361b0
ID chybujícího procesu: 0x13d0
Čas spuštění chybující aplikace: 0xWDBackupEngine.exe0
Cesta k chybující aplikaci: WDBackupEngine.exe1
Cesta k chybujícímu modulu: WDBackupEngine.exe2
ID zprávy: WDBackupEngine.exe3

Error: (01/26/2015 04:47:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: WDBackupEngine.exe, verze: 2.0.0.15, časové razítko: 0x546690c1
Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.18409, časové razítko: 0x53159a86
Kód výjimky: 0xc0000005
Posun chyby: 0x000361b0
ID chybujícího procesu: 0x17a8
Čas spuštění chybující aplikace: 0xWDBackupEngine.exe0
Cesta k chybující aplikaci: WDBackupEngine.exe1
Cesta k chybujícímu modulu: WDBackupEngine.exe2
ID zprávy: WDBackupEngine.exe3

Error: (01/26/2015 04:32:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: WDBackupEngine.exe, verze: 2.0.0.15, časové razítko: 0x546690c1
Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.18409, časové razítko: 0x53159a86
Kód výjimky: 0xc0000005
Posun chyby: 0x0003642f
ID chybujícího procesu: 0x1498
Čas spuštění chybující aplikace: 0xWDBackupEngine.exe0
Cesta k chybující aplikaci: WDBackupEngine.exe1
Cesta k chybujícímu modulu: WDBackupEngine.exe2
ID zprávy: WDBackupEngine.exe3

System errors:
=============
Error: (01/26/2015 06:38:02 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba WD Backup byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (01/26/2015 06:30:52 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba WD Backup byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (01/26/2015 06:25:16 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba WD Backup byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (01/26/2015 06:20:24 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba WD Backup byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (01/26/2015 06:14:47 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba WD Backup byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (01/26/2015 06:09:39 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba WD Backup byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (01/26/2015 06:05:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba WD Backup byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (01/26/2015 06:01:33 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníSpuštění{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (pomocí LRPC)

Error: (01/26/2015 06:00:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba MySql byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/26/2015 05:59:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Live ID Sign-in Assistant neuspěla při spuštění v důsledku následující chyby:
%%109

Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
Date: 2012-10-14 11:31:46.700
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\sfvfs02.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-10-14 11:31:46.647
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\sfvfs02.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-10-14 11:31:27.974
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\sfvfs02.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-10-14 11:31:27.917
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\sfvfs02.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-10-14 11:31:15.569
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\sfvfs02.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-10-14 11:31:15.515
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\sfvfs02.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-10-14 11:29:10.436
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\sfvfs02.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-10-14 11:29:10.381
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\sfvfs02.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-10-14 11:26:47.128
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\sfvfs02.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-10-14 11:26:47.075
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\sfvfs02.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Duo CPU T5870 @ 2.00GHz
Percentage of memory in use: 40%
Total physical RAM: 4061.09 MB
Available physical RAM: 2422.71 MB
Total Pagefile: 8120.36 MB
Available Pagefile: 6230.25 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:232.88 GB) (Free:174.36 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:218.23 GB) (Free:194.03 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: D9B3496E)
Partition 1: (Not Active) - (Size=14.6 GB) - (Type=1C)
Partition 2: (Active) - (Size=232.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=218.2 GB) - (Type=OF Extended)

==================== End Of Log ============================

#6 Příspěvek od **altrok** » 26 led 2015 18:56

Odinstalujte Java 7 Update 7 a ponechte jen aktualni (8 U25)

Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
znovu spustte FRST a kliknete na Fix

po restartu na Vas vyskoci fixlog (pripadne bude ulozen na Plose), jehoz obsah mi vlozte do pristi odpovedi

Kód: Vybrat vše

Start
CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKU\S-1-5-21-563694034-3119439484-3167028291-1000\...\MountPoints2: G - G:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-563694034-3119439484-3167028291-1000\...\MountPoints2: {77005094-25dd-11e4-9f1b-90e6ba5986da} - G:\HTC_Sync_Manager_PC.exe

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
Toolbar: HKU\S-1-5-21-563694034-3119439484-3167028291-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Extension: VratnePenize.cz - C:\Users\Lukáš Kilhof\AppData\Roaming\Mozilla\Firefox\Profiles\ulpgii9g.default\Extensions\toolbar@vratnepenize.cz [2014-09-09]
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]

2015-01-26 18:33 - 2015-01-26 18:34 - 00029696 _____ () C:\Users\Lukáš Kilhof\AppData\Local\MSGBOX.EXE
2015-01-26 17:57 - 2015-01-26 17:59 - 00000000 ____D () C:\AdwCleaner
2015-01-26 17:56 - 2015-01-26 17:56 - 02194432 _____ () C:\Users\Lukáš Kilhof\Desktop\adwcleaner_4.109.exe
2015-01-26 17:01 - 2015-01-26 17:01 - 01222144 _____ () C:\Users\Lukáš Kilhof\Desktop\RSITx64.exe
2015-01-26 17:01 - 2015-01-26 17:01 - 00000000 ____D () C:\rsit
2015-01-26 17:01 - 2013-09-15 18:12 - 00000000 ____D () C:\Program Files\trend micro

Task: {0CF5A782-4682-4A27-8E56-CA4322D13508} - System32\Tasks\{769A87C2-D16B-4FE2-9B92-10BF9730C1D3} => C:\Users\Lukáš Kilhof\Desktop\install.exe <==== ATTENTION
Task: {B5BC0CCB-65A7-4A6B-B63C-B29BB8BC07EB} - System32\Tasks\{37CF6517-8A24-4BF6-98F7-3F5C55A984CF} => pcalua.exe -a F:\Directx\dxsetup.exe -d F:\
Task: {BF78B16E-C1DD-4040-BB84-2313B5F5A7DE} - System32\Tasks\{04ABB46E-6789-45EB-A877-7555B9207218} => pcalua.exe -a "C:\Users\Lukáš Kilhof\Desktop\GameParkSetup11024_2.exe" -d "C:\Users\Lukáš Kilhof\Desktop"
Task: {EF278098-8CA1-4B70-8BCC-DD45670702CC} - System32\Tasks\{27D1D1E5-274A-47BA-B32D-83BEE8DCE659} => pcalua.exe -a "D:\Instalace\Microsoft office 2007\setup.exe" -d "D:\Instalace\Microsoft office 2007"
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Hosts:
EmptyTemp:
End

artmle9 · #7 Příspěvek od **artmle9** » 26 led 2015 19:26

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 24-01-2015 01
Ran by Lukáš Kilhof at 2015-01-26 19:17:15 Run:1
Running from C:\Users\Lukáš Kilhof\Desktop
Loaded Profiles: Lukáš Kilhof (Available profiles: Lukáš Kilhof)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKU\S-1-5-21-563694034-3119439484-3167028291-1000\...\MountPoints2: G - G:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-563694034-3119439484-3167028291-1000\...\MountPoints2: {77005094-25dd-11e4-9f1b-90e6ba5986da} - G:\HTC_Sync_Manager_PC.exe

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Toolbar: HKU\S-1-5-21-563694034-3119439484-3167028291-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Extension: VratnePenize.cz - C:\Users\Lukáš Kilhof\AppData\Roaming\Mozilla\Firefox\Profiles\ulpgii9g.default\Extensions\toolbar@vratnepenize.cz [2014-09-09]
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]

2015-01-26 18:33 - 2015-01-26 18:34 - 00029696 _____ () C:\Users\Lukáš Kilhof\AppData\Local\MSGBOX.EXE
2015-01-26 17:57 - 2015-01-26 17:59 - 00000000 ____D () C:\AdwCleaner
2015-01-26 17:56 - 2015-01-26 17:56 - 02194432 _____ () C:\Users\Lukáš Kilhof\Desktop\adwcleaner_4.109.exe
2015-01-26 17:01 - 2015-01-26 17:01 - 01222144 _____ () C:\Users\Lukáš Kilhof\Desktop\RSITx64.exe
2015-01-26 17:01 - 2015-01-26 17:01 - 00000000 ____D () C:\rsit
2015-01-26 17:01 - 2013-09-15 18:12 - 00000000 ____D () C:\Program Files\trend micro

Task: {0CF5A782-4682-4A27-8E56-CA4322D13508} - System32\Tasks\{769A87C2-D16B-4FE2-9B92-10BF9730C1D3} => C:\Users\Lukáš Kilhof\Desktop\install.exe <==== ATTENTION
Task: {B5BC0CCB-65A7-4A6B-B63C-B29BB8BC07EB} - System32\Tasks\{37CF6517-8A24-4BF6-98F7-3F5C55A984CF} => pcalua.exe -a F:\Directx\dxsetup.exe -d F:\
Task: {BF78B16E-C1DD-4040-BB84-2313B5F5A7DE} - System32\Tasks\{04ABB46E-6789-45EB-A877-7555B9207218} => pcalua.exe -a "C:\Users\Lukáš Kilhof\Desktop\GameParkSetup11024_2.exe" -d "C:\Users\Lukáš Kilhof\Desktop"
Task: {EF278098-8CA1-4B70-8BCC-DD45670702CC} - System32\Tasks\{27D1D1E5-274A-47BA-B32D-83BEE8DCE659} => pcalua.exe -a "D:\Instalace\Microsoft office 2007\setup.exe" -d "D:\Instalace\Microsoft office 2007"
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value not found.
"HKU\S-1-5-21-563694034-3119439484-3167028291-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G" => Key deleted successfully.
"HKU\S-1-5-21-563694034-3119439484-3167028291-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{77005094-25dd-11e4-9f1b-90e6ba5986da}" => Key deleted successfully.
HKCR\CLSID\{77005094-25dd-11e4-9f1b-90e6ba5986da} => Key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-21-563694034-3119439484-3167028291-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => value deleted successfully.
HKCR\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => Key not found.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
C:\Users\Lukáš Kilhof\AppData\Roaming\Mozilla\Firefox\Profiles\ulpgii9g.default\Extensions\toolbar@vratnepenize.cz => Moved successfully.
dgderdrv => Service deleted successfully.
C:\Users\Lukáš Kilhof\AppData\Local\MSGBOX.EXE => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\Lukáš Kilhof\Desktop\adwcleaner_4.109.exe => Moved successfully.
C:\Users\Lukáš Kilhof\Desktop\RSITx64.exe => Moved successfully.
C:\rsit => Moved successfully.
C:\Program Files\trend micro => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0CF5A782-4682-4A27-8E56-CA4322D13508}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0CF5A782-4682-4A27-8E56-CA4322D13508}" => Key deleted successfully.
C:\Windows\System32\Tasks\{769A87C2-D16B-4FE2-9B92-10BF9730C1D3} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{769A87C2-D16B-4FE2-9B92-10BF9730C1D3}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B5BC0CCB-65A7-4A6B-B63C-B29BB8BC07EB}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B5BC0CCB-65A7-4A6B-B63C-B29BB8BC07EB}" => Key deleted successfully.
C:\Windows\System32\Tasks\{37CF6517-8A24-4BF6-98F7-3F5C55A984CF} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{37CF6517-8A24-4BF6-98F7-3F5C55A984CF}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BF78B16E-C1DD-4040-BB84-2313B5F5A7DE}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BF78B16E-C1DD-4040-BB84-2313B5F5A7DE}" => Key deleted successfully.
C:\Windows\System32\Tasks\{04ABB46E-6789-45EB-A877-7555B9207218} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{04ABB46E-6789-45EB-A877-7555B9207218}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EF278098-8CA1-4B70-8BCC-DD45670702CC}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EF278098-8CA1-4B70-8BCC-DD45670702CC}" => Key deleted successfully.
C:\Windows\System32\Tasks\{27D1D1E5-274A-47BA-B32D-83BEE8DCE659} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{27D1D1E5-274A-47BA-B32D-83BEE8DCE659}" => Key deleted successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 650.4 MB temporary data.

The system needed a reboot.

==== End of Fixlog 19:18:15 ====

#8 Příspěvek od **altrok** » 26 led 2015 19:41

Pozorujte, jak se PC chova ted... pokud zase vetraky i pri necinnosti zacnou moc foukat, zkontrolujte ve spravci uloh (task manager), ktere procesy nejvice vytezuji RAM a procesor. Je taky mozne, ze mate vetraky zanesene prachem, takze doporucuji PC vyfoukat stlacenym vzduchem.

Takze jeste uklidime.

Stahnete a spustte DelFix - https://toolslib.net/downloads/viewdownload/2-delfix/
Oznacte jen moznost "Remove disinfection tools"
kliknete na Run

A pokud nejsou dotazy ci jine problemy, je to ode mne vse.

artmle9 · #9 Příspěvek od **artmle9** » 26 led 2015 19:49

Mockrát děkuji, snad bude vše OK

#10 Příspěvek od **altrok** » 26 led 2015 19:56

Nemate zac, rad jsem pomohl

PC byl vycisten, takze pokud se problemy vrati/pretrvavaji, dejte vedet na mail, vlakno odemknu a budeme patrat dal

VIRY.CZ

Prosím o kontrolu, NTB častěji spíná chlazení

Prosím o kontrolu, NTB častěji spíná chlazení

Re: Prosím o kontrolu, NTB častěji spíná chlazení

Re: Prosím o kontrolu, NTB častěji spíná chlazení

Re: Prosím o kontrolu, NTB častěji spíná chlazení

Re: Prosím o kontrolu, NTB častěji spíná chlazení

Re: Prosím o kontrolu, NTB častěji spíná chlazení

Re: Prosím o kontrolu, NTB častěji spíná chlazení

Re: Prosím o kontrolu, NTB častěji spíná chlazení

Re: Prosím o kontrolu, NTB častěji spíná chlazení

Re: Prosím o kontrolu, NTB častěji spíná chlazení