Počítač byl na LAN párty bez antiviru a vypnutým firewallem

[catr]

Dochází k maximálnímu využívání operačních pamětí (8GB), počítač nejde vypnout... musím ručně, nelze nainstalovat eset, končí to na kroku výpočet místa na disku a nic se neděje třeba půl dne.
Jinej antivir sem instalovat nezkoušel, protože tenhle mám koupenej.

díky za pomoc.


Logfile of random's system information tool 1.10 (written by random/random)
Run by martínek at 2015-01-25 23:46:56
Microsoft Windows 8.1 Pro
System drive C: has 510 GB (54%) free of 953 GB
Total RAM: 8071 MB (84% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:47:04, on 25. 1. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17416)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Bloody5\Bloody5\Bloody5.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\martínek.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
O4 - HKCU\..\Run: [Bloody2] "C:\Program Files (x86)\Bloody5\Bloody5\Bloody5.exe" Minimum
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 6876 bytes

======Listing Processes======





wininit.exe


C:\Windows\system32\lsass.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"dwm.exe"
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\igfxCUIService.exe
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
dashost.exe {895f9581-a3c3-492d-823ae6b6c21fc6a9}
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
taskhostex.exe
taskeng.exe {0AB8E82A-6A98-4255-A27B-B08784959A0A}
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss 7b089e27-3770-4a1e-9b7b-60f9899bda69 1
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe 0x4
\??\C:\Windows\system32\conhost.exe 0x4
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Bloody5\Bloody5\Bloody5.exe" Minimum

"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="1928.0.1583270166\1635452211" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,18,39,47 --gpu-vendor-id=0x10de --gpu-device-id=0x1201 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.4475 --ignored=" --type=renderer " /prefetch:822062411
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17477_none_fa2b7d3b9b36c7b4\TiWorker.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/MaterialDesignNTP/Default/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/QUIC/Disabled/RememberCertificateErrorDecisions/Default/SPDY/Spdy31Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_45/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_02/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="1928.5.1190279536\1615694816" /prefetch:673131151
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 572 576 584 65536 580

"C:\Users\martínek\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-07-25 2403104]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2014-07-25 1283136]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Bloody2"=C:\Program Files (x86)\Bloody5\Bloody5\Bloody5.exe [2014-09-13 13969920]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IMSS"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [2013-09-16 134616]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.yuy2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"vidc.yvyu"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"vidc.uyvy"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux5"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-01-25 23:46:57 ----D---- C:\Program Files\trend micro
2015-01-25 23:46:56 ----D---- C:\rsit
2015-01-25 23:41:05 ----D---- C:\Windows\pss
2015-01-25 20:08:43 ----A---- C:\Windows\system32\drivers\ESETCleanersDriver.sys
2015-01-24 17:22:18 ----D---- C:\ProgramData\WarThunder
2015-01-14 17:12:17 ----A---- C:\Windows\system32\TSWbPrxy.exe
2015-01-14 17:12:17 ----A---- C:\Windows\system32\profsvc.dll
2015-01-14 17:12:17 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2015-01-14 17:12:17 ----A---- C:\Windows\system32\drivers\ahcache.sys
2015-01-14 17:12:16 ----A---- C:\Windows\SYSWOW64\wer.dll
2015-01-14 17:12:16 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2015-01-14 17:12:16 ----A---- C:\Windows\system32\wer.dll
2015-01-14 17:12:16 ----A---- C:\Windows\system32\nlasvc.dll
2015-01-14 17:12:16 ----A---- C:\Windows\system32\nlaapi.dll
2015-01-14 17:12:16 ----A---- C:\Windows\system32\ncsi.dll
2015-01-14 17:12:15 ----A---- C:\Windows\SYSWOW64\wermgr.exe
2015-01-14 17:12:15 ----A---- C:\Windows\SYSWOW64\WerFaultSecure.exe
2015-01-14 17:12:15 ----A---- C:\Windows\SYSWOW64\WerFault.exe
2015-01-14 17:12:15 ----A---- C:\Windows\SYSWOW64\werdiagcontroller.dll
2015-01-14 17:12:15 ----A---- C:\Windows\SYSWOW64\Faultrep.dll
2015-01-14 17:12:15 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2015-01-14 17:12:15 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2015-01-14 17:12:15 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2015-01-14 17:12:15 ----A---- C:\Windows\system32\wermgr.exe
2015-01-14 17:12:15 ----A---- C:\Windows\system32\WerFaultSecure.exe
2015-01-14 17:12:15 ----A---- C:\Windows\system32\WerFault.exe
2015-01-14 17:12:15 ----A---- C:\Windows\system32\werdiagcontroller.dll
2015-01-14 17:12:15 ----A---- C:\Windows\system32\Faultrep.dll
2015-01-14 17:12:15 ----A---- C:\Windows\system32\EncDump.dll
2015-01-14 17:12:15 ----A---- C:\Windows\system32\ci.dll
2015-01-14 17:12:15 ----A---- C:\Windows\system32\audiosrv.dll
2015-01-14 17:12:15 ----A---- C:\Windows\system32\AudioSes.dll
2015-01-14 17:12:15 ----A---- C:\Windows\system32\AUDIOKSE.dll
2015-01-14 17:12:15 ----A---- C:\Windows\system32\AudioEng.dll
2015-01-14 17:12:15 ----A---- C:\Windows\system32\AudioEndpointBuilder.dll
2015-01-14 17:12:15 ----A---- C:\Windows\system32\audiodg.exe
2015-01-09 00:15:48 ----D---- C:\MagicPlusMini

======List of files/folders modified in the last 1 month======

2015-01-25 23:46:57 ----RD---- C:\Program Files
2015-01-25 23:46:49 ----D---- C:\Windows\Prefetch
2015-01-25 23:44:06 ----D---- C:\ProgramData\NVIDIA
2015-01-25 23:41:05 ----D---- C:\Windows
2015-01-25 21:00:00 ----D---- C:\Windows\system32\sru
2015-01-25 20:26:21 ----D---- C:\Windows\Temp
2015-01-25 20:08:43 ----D---- C:\Windows\system32\drivers
2015-01-25 19:48:32 ----SHD---- C:\Windows\Installer
2015-01-25 19:44:02 ----D---- C:\Windows\LiveKernelReports
2015-01-25 19:39:35 ----SHD---- C:\System Volume Information
2015-01-25 19:38:21 ----D---- C:\Windows\Microsoft.NET
2015-01-25 19:33:43 ----RD---- C:\Windows\System32
2015-01-25 19:33:43 ----D---- C:\Windows\Inf
2015-01-25 19:33:43 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-01-24 17:22:18 ----HD---- C:\ProgramData
2015-01-24 15:40:01 ----D---- C:\Users\martínek\AppData\Roaming\TS3Client
2015-01-23 23:08:44 ----D---- C:\Users\martínek\AppData\Roaming\vlc
2015-01-23 00:08:50 ----D---- C:\Windows\system32\config
2015-01-23 00:05:24 ----D---- C:\Windows\CbsTemp
2015-01-23 00:05:20 ----D---- C:\Windows\WinSxS
2015-01-23 00:05:20 ----D---- C:\Windows\SysWOW64
2015-01-22 01:12:09 ----D---- C:\Fraps
2015-01-21 00:57:00 ----D---- C:\Windows\AppReadiness
2015-01-21 00:56:59 ----HD---- C:\Program Files\WindowsApps
2015-01-19 22:32:02 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-01-17 13:32:49 ----D---- C:\Windows\system32\catroot2
2015-01-17 01:31:13 ----D---- C:\Windows\system32\CodeIntegrity
2015-01-16 22:11:06 ----D---- C:\Windows\system32\MRT
2015-01-16 22:09:07 ----A---- C:\Windows\system32\MRT.exe
2014-12-31 12:14:31 ----N---- C:\Windows\system32\MpSigStub.exe
2014-12-30 23:53:21 ----D---- C:\Program Files (x86)\Common Files
2014-12-30 23:52:52 ----D---- C:\UT2004
2014-12-30 21:28:17 ----D---- C:\Windows\SYSWOW64\directx
2014-12-30 21:21:42 ----D---- C:\Hry
2014-12-29 16:57:45 ----D---- C:\Windows\system32\drivers\UMDF
2014-12-28 22:01:36 ----D---- C:\Windows\system32\DriverStore

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 Wof;Windows Overlay File System Filter Driver; C:\Windows\system32\drivers\Wof.sys [2014-03-13 157016]
R1 dtsoftbus01;@oem18.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\Windows\System32\drivers\dtsoftbus01.sys [2014-11-29 283064]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-03-31 3785216]
R3 IntcDAud;@oem7.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2014-03-31 450520]
R3 iwdbus;@oem10.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\Windows\System32\drivers\iwdbus.sys [2014-03-26 27032]
R3 MEIx64;@oem5.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2013-09-16 99288]
R3 NVHDA;@oem20.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2014-11-17 197408]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2014-11-13 13213512]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-07-25 20256]
R3 nvvad_WaveExtensible;@oem17.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-03-31 40392]
R3 RTL8168;@netrt630x64.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2013-06-18 591360]
S3 ESETCleanersDriver;ESET Cleaner Service; \??\C:\Windows\system32\Drivers\ESETCleanersDriver.sys [2015-01-25 170280]
S3 intaud_WaveExtensible;@oem9.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2014-03-26 38296]
S3 WinUsb;@wpdmtp.inf,%WinUsb.SvcDesc%;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2013-08-22 78848]
S3 WUDFSensorLP;@locationprovider.inf,%WudfLocationProviderDisplayName%;Služba Reflektor UMDF pro zprostředkovatele umístění (LocationProvider); C:\Windows\system32\DRIVERS\WUDFRd.sys [2014-05-31 227840]
S3 WUDFWpdFs;WUDFWpdFs; C:\Windows\system32\DRIVERS\WUDFRd.sys [2014-05-31 227840]
S3 WUDFWpdMtp;WUDFWpdMtp; C:\Windows\system32\DRIVERS\WUDFRd.sys [2014-05-31 227840]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2014-04-09 296432]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-09-16 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-09-16 390616]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-07-25 1720608]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-07-25 18956064]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-11-12 934032]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-11-12 409800]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-15 116648]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-04-09 279024]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-15 116648]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]

-----------------EOF-----------------

[altrok]

Dobry vecer

Ted nerozumim... mate ho koupenej, ale instalujete az po LAN party?

Ktere 3 procesy v okamziku takoveho vyuziti RAM ji spotrebovavaji nejvice? Udelejte klidne screenshot.

V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).

• Stahnete Crystal Disk Info (CDI) http://sourceforge.jp/frs/redir.php?m=j ... o6_2_2.zip
• archiv extrahujte a spustte soubor DiskInfo.exe
• ve spustenem programu kliknete nahore na Upravy -> Kopirovat (log mate nyni zkopirovany ve schrance)
• log vlozte do dalsi odpovedi (Ctrl + V)

Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/

• ukoncete vsechny programy
• kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
• kliknete na Scan, pote na Clean
• po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner [Sx].txt), jehoz obsah mi zkopirujte do pristi odpovedi

[catr]

Kupoval jsem ho až po LAN, do té doby jen defender.
To přeplnění RAM dělá to při hraní War Thunderu, nikdy pře tím to nedělalo ani když pc běžel 10 hodin na hrách.


----------------------------------------------------------------------------
CrystalDiskInfo 6.2.2 (C) 2008-2014 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 8.1 Pro [6.3 Build 9600] (x64)
Date : 2015/01/26 21:56:44

-- Controller Map ----------------------------------------------------------
+ Intel(R) 8 Series/C220 Series SATA AHCI Controller - 8C02 [ATA]
- ST1000DM003-1CH162
- ST3750640NS
- Řadič prostorů úložišť [SCSI]

-- Disk List ---------------------------------------------------------------
(1) ST1000DM003-1CH162 : 1000,2 GB [0/0/0, pd1] - st
(2) ST3750640NS : 750,1 GB [1/0/0, pd1] - st

----------------------------------------------------------------------------
(1) ST1000DM003-1CH162
----------------------------------------------------------------------------
Model : ST1000DM003-1CH162
Firmware : CC49
Serial Number : Z1D93L5N
Disk Size : 1000,2 GB (8,4/137,4/1000,2/1000,2)
Buffer Size : Neznámy údaj
Queue Depth : 32
# of Sectors : 1953525168
Rotation Rate : 7200 RPM
Interface : Serial ATA
Major Version : ACS-2
Minor Version : ACS-3 Revision 3b
Transfer Mode : SATA/600 | SATA/600
Power On Hours : 420 hod.
Power On Count : 236 krát
Temperature : 31 C (87 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 8080h [ON]
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 118 _99 __6 00000A4B2E18 Počet chyb čtení
03 _97 _97 __0 000000000000 Čas na roztočení ploten
04 100 100 _20 0000000000F7 Počet spuštění/zastavení
05 100 100 _10 000000000000 Počet přemapovaných sektorů
07 _69 _60 _30 000000916B09 Počet chybných hledání
09 100 100 __0 0000000001A4 Hodin v činnosti
0A 100 100 _97 000000000000 Počet opakovaných pokusů o roztočení ploten
0C 100 100 _20 0000000000EC Počet cyklů zapnutí zařízení
B7 100 100 __0 000000000000 Specifický pro výrobce
B8 100 100 _99 000000000000 Ukončovacích chyb
BB 100 100 __0 000000000000 Ohlášeno neopravitelných chyb
BC 100 _80 __0 00130017010A Časový limit příkazu
BD _98 _98 __0 000000000002 Vysoká rychlost zápisu
BE _69 _59 _45 00001F14001F Teplota toku vzduchu
BF 100 100 __0 000000000000 Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 000000000017 Počet vypnutí disku
C1 100 100 __0 0000000001C0 Počet cyklů načítání/vymazání
C2 _31 _41 __0 000E0000001F Teplota
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 184 __0 00000000069E Počet chyb v kontrolním součtu UltraDMA
F0 100 253 __0 16730000019D Čas nastavování hlaviček - v hodinách
F1 100 253 __0 000102DC2CDF Total Host Writes
F2 100 253 __0 0000D68C9A20 Total Host Reads

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 2020 5A31 4439 334C 354E
020: 0000 0000 0004 4343 3439 2020 2020 5354 3130 3030
030: 444D 3030 332D 3143 4831 3632 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 850E 0006 004C 0040
080: 03F0 001F 346B 7D69 4163 3469 BC49 4163 207F 0035
090: 0035 8080 FFFE 0000 D000 0000 0000 0000 0000 0000
100: 6DB0 7470 0000 0000 0000 0000 6003 0000 5000 C500
110: 65CD 302C 0000 0000 0000 0000 0000 0000 0000 401E
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 6DB0
130: 7470 6DB0 7470 2020 0002 0140 0100 5000 3C06 3C0A
140: 0000 003C 0000 0008 0000 0000 05FF 0280 0000 0000
150: 0008 0000 0000 0000 0000 0000 0000 0000 5800 8800
160: 0000 0000 0000 0000 0000 0000 0000 0000 0002 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 3085 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1C20 0000 0000
220: 0000 0000 107E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0003 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 5CA5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 0A 00 01 0F 00 76 63 18 2E 4B 0A 00 00 00 03 03
010: 00 61 61 00 00 00 00 00 00 00 04 32 00 64 64 F7
020: 00 00 00 00 00 00 05 33 00 64 64 00 00 00 00 00
030: 00 00 07 0F 00 45 3C 09 6B 91 00 00 00 00 09 32
040: 00 64 64 A4 01 00 00 00 00 00 0A 13 00 64 64 00
050: 00 00 00 00 00 00 0C 32 00 64 64 EC 00 00 00 00
060: 00 00 B7 32 00 64 64 00 00 00 00 00 00 00 B8 32
070: 00 64 64 00 00 00 00 00 00 00 BB 32 00 64 64 00
080: 00 00 00 00 00 00 BC 32 00 64 50 0A 01 17 00 13
090: 00 00 BD 3A 00 62 62 02 00 00 00 00 00 00 BE 22
0A0: 00 45 3B 1F 00 14 1F 00 00 00 BF 32 00 64 64 00
0B0: 00 00 00 00 00 00 C0 32 00 64 64 17 00 00 00 00
0C0: 00 00 C1 32 00 64 64 C0 01 00 00 00 00 00 C2 22
0D0: 00 1F 29 1F 00 00 00 0E 00 00 C5 12 00 64 64 00
0E0: 00 00 00 00 00 00 C6 10 00 64 64 00 00 00 00 00
0F0: 00 00 C7 3E 00 C8 B8 9E 06 00 00 00 00 00 F0 00
100: 00 64 FD 9D 01 00 00 73 16 23 F1 00 00 64 FD DF
110: 2C DC 02 01 00 00 F2 00 00 64 FD 20 9A 8C D6 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 3F 02 00 73
170: 03 00 01 00 01 6F 02 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 08 1E 00 00 04 03 03 03 03 03 03 03
190: 03 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 8B 44 33 0B 60 01 00 00
1B0: 00 00 00 00 01 00 4A 02 DF 2C DC 02 01 00 00 00
1C0: 20 9A 8C D6 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 32 13 00 00 01 00 00 00
1E0: 00 00 00 00 E0 00 01 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 DC

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 01 00 01 06 00 00 00 00 00 00 00 00 00 00 03 00
010: 00 00 00 00 00 00 00 00 00 00 04 14 00 00 00 00
020: 00 00 00 00 00 00 05 0A 00 00 00 00 00 00 00 00
030: 00 00 07 1E 00 00 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 61 00 00 00 00
050: 00 00 00 00 00 00 0C 14 00 00 00 00 00 00 00 00
060: 00 00 B7 00 00 00 00 00 00 00 00 00 00 00 B8 63
070: 00 00 00 00 00 00 00 00 00 00 BB 00 00 00 00 00
080: 00 00 00 00 00 00 BC 00 00 00 00 00 00 00 00 00
090: 00 00 BD 00 00 00 00 00 00 00 00 00 00 00 BE 2D
0A0: 00 00 00 00 00 00 00 00 00 00 BF 00 00 00 00 00
0B0: 00 00 00 00 00 00 C0 00 00 00 00 00 00 00 00 00
0C0: 00 00 C1 00 00 00 00 00 00 00 00 00 00 00 C2 00
0D0: 00 00 00 00 00 00 00 00 00 00 C5 00 00 00 00 00
0E0: 00 00 00 00 00 00 C6 00 00 00 00 00 00 00 00 00
0F0: 00 00 C7 00 00 00 00 00 00 00 00 00 00 00 F0 00
100: 00 00 00 00 00 00 00 00 00 00 F1 00 00 00 00 00
110: 00 00 00 00 00 00 F2 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 FD

----------------------------------------------------------------------------
(2) ST3750640NS
----------------------------------------------------------------------------
Model : ST3750640NS
Firmware : 3.AEK
Serial Number : 5QD2P9H9
Disk Size : 750,1 GB (8,4/137,4/750,1/750,1)
Buffer Size : 16384 KB
Queue Depth : 32
# of Sectors : 1465149168
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA/ATAPI-7
Minor Version : ----
Transfer Mode : ---- | SATA/300
Power On Hours : 31774 hod.
Power On Count : 4547 krát
Temperature : 38 C (100 F)
Health Status : Pozor
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : FEFEh [ON]
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 112 _80 __6 000009E5A1D1 Počet chyb čtení
03 _93 _92 __0 000000000000 Čas na roztočení ploten
04 _96 _96 _20 0000000013A9 Počet spuštění/zastavení
05 100 100 _36 00000000001D Počet přemapovaných sektorů
07 _83 _60 _30 00000C222A72 Počet chybných hledání
09 _64 _64 __0 000000007C1E Hodin v činnosti
0A 100 _99 _97 000000000000 Počet opakovaných pokusů o roztočení ploten
0C _96 _96 _20 0000000011C3 Počet cyklů zapnutí zařízení
BB 100 100 __0 000000000000 Ohlášeno neopravitelných chyb
BD 100 100 __0 000000000000 Vysoká rychlost zápisu
BE _62 _40 _45 000026260026 Teplota toku vzduchu
C2 _38 _60 __0 001100000026 Teplota
C3 _75 _55 __0 000008D03718 Počet oprav chybného čtení
C5 100 _99 __0 000000000003 Počet podezřelých sektorů
C6 100 _99 __0 000000000003 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 253 __0 000000000000 Počet chyb při zápisu sektorů
CA 100 253 __0 000000000000 Počet chyb při směrování údajů

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 2020 3551 4432 5039 4839
020: 0000 8000 0004 332E 4145 4B20 2020 5354 3337 3530
030: 3634 304E 5320 2020 2020 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 00F0 0078 0000
070: 0000 0000 0000 0000 0000 001F 0506 0000 0048 0040
080: 00FE 0000 346B 7D09 5923 3469 3409 4023 207F 0000
090: 0000 FEFE FFFE 0000 FE00 0000 0000 0000 0000 0000
100: 66F0 5754 0000 0000 0000 0000 4000 0000 0000 0000
110: 0000 0000 0000 0000 0000 0000 0000 0100 0000 0002
120: 0000 0000 0000 0000 0000 0000 0000 0000 0009 66F0
130: 5754 66F0 5754 2020 0002 02B6 0002 008A 3C06 3C0A
140: 0000 07C6 0100 0800 1314 3000 0002 0080 0000 0000
150: 00A0 0202 0000 0404 0000 0000 0000 0000 1200 000B
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 003D 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 29A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 0A 00 01 0F 00 70 50 D1 A1 E5 09 00 00 00 03 03
010: 00 5D 5C 00 00 00 00 00 00 00 04 32 00 60 60 A9
020: 13 00 00 00 00 00 05 33 00 64 64 1D 00 00 00 00
030: 00 00 07 0F 00 53 3C 72 2A 22 0C 00 00 00 09 32
040: 00 40 40 1E 7C 00 00 00 00 00 0A 13 00 64 63 00
050: 00 00 00 00 00 00 0C 32 00 60 60 C3 11 00 00 00
060: 00 00 BB 32 00 64 64 00 00 00 00 00 00 00 BD 3A
070: 00 64 64 00 00 00 00 00 00 00 BE 22 00 3E 28 26
080: 00 26 26 00 00 00 C2 22 00 26 3C 26 00 00 00 11
090: 00 00 C3 1A 00 4B 37 18 37 D0 08 00 00 00 C5 12
0A0: 00 64 63 03 00 00 00 00 00 00 C6 10 00 64 63 03
0B0: 00 00 00 00 00 00 C7 3E 00 C8 C8 00 00 00 00 00
0C0: 00 00 C8 00 00 64 FD 00 00 00 00 00 00 00 CA 32
0D0: 00 64 FD 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 82 00 AE 01 00 5B
170: 03 00 01 00 01 CA 02 00 00 00 00 00 00 00 00 00
180: 00 00 03 00 00 00 05 07 07 07 07 07 07 07 07 00
190: 00 00 00 00 00 00 00 01 86 EC BC 09 00 00 00 00
1A0: 00 00 76 A5 28 FE 96 0D 00 00 03 00 00 00 00 00
1B0: 00 00 00 00 86 EC BC 09 00 00 00 00 00 00 00 00
1C0: 02 00 01 00 00 00 00 00 00 00 9A 71 DD 72 03 00
1D0: 00 00 59 07 0D 00 00 00 00 00 1E 7C 00 00 00 00
1E0: 6B 4D 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 21

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 0A 00 01 06 00 00 00 00 00 00 00 00 00 00 03 00
010: 00 00 00 00 00 00 00 00 00 00 04 14 00 00 00 00
020: 00 00 00 00 00 00 05 24 00 00 00 00 00 00 00 00
030: 00 00 07 1E 00 00 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 61 00 00 00 00
050: 00 00 00 00 00 00 0C 14 00 00 00 00 00 00 00 00
060: 00 00 BB 00 00 00 00 00 00 00 00 00 00 00 BD 00
070: 00 00 00 00 00 00 00 00 00 00 BE 2D 00 00 00 00
080: 00 00 00 00 00 00 C2 00 00 00 00 00 00 00 00 00
090: 00 00 C3 00 00 00 00 00 00 00 00 00 00 00 C5 00
0A0: 00 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00
0B0: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
0C0: 00 00 C8 00 00 00 00 00 00 00 00 00 00 00 CA 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 26

[catr]

# AdwCleaner v4.109 - Report created 26/01/2015 at 22:32:00
# Updated 24/01/2015 by Xplode
# Database : 2015-01-25.1 [Live]
# Operating System : Windows 8.1 Pro (64 bits)
# Username : martínek - SČÓT
# Running from : C:\Users\martínek\Downloads\adwcleaner_4.109.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\NCH Software
Folder Deleted : C:\ProgramData\ytd video downloader
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader
Folder Deleted : C:\Program Files (x86)\GreenTree Applications
Folder Deleted : C:\Program Files (x86)\NCH Software
File Deleted : C:\Users\martínek\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage-journal

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Google Chrome v40.0.2214.91


*************************

AdwCleaner[R0].txt - [1282 octets] - [26/01/2015 21:59:15]
AdwCleaner[R1].txt - [1342 octets] - [26/01/2015 22:29:13]
AdwCleaner[S0].txt - [1277 octets] - [26/01/2015 22:32:00]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1337 octets] ##########

[altrok]

prvni disk je v poradku - ma pravdepodobne jen pokrouceny/vadny kabel, takze pri vypnutem PC zkuste kabel srovnat, vypojit a zapojit

druhy - mensi - disk ma premapovane sektory a doporucuji jeho stav kontrolovat

procistime PC a uvidime, do jake miry to pomuze

Dejte log FRST.txt, prilozte i Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101

[catr]

Po stažení a umístění na plochu a spuštění jako správce se dočkám takovéto hlášky....viz obrázek v příloze...divné chování.

[altrok]

Spustte tedy jen samotny FRST64.exe (bez FRSTLauncheru).

[catr]

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-01-2015
Ran by martínek (administrator) on SČÓT on 28-01-2015 23:45:59
Running from C:\Users\martínek\Desktop
Loaded Profiles: martínek (Available profiles: martínek)
Platform: Windows 8.1 Pro (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Program Files (x86)\Bloody5\Bloody5\Bloody5.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-09-16] (Intel Corporation)
HKU\S-1-5-21-3812749808-3805465097-3344886715-1001\...\Run: [Bloody2] => C:\Program Files (x86)\Bloody5\Bloody5\Bloody5.exe [13969920 2014-09-13] ()
HKU\S-1-5-21-3812749808-3805465097-3344886715-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-3812749808-3805465097-3344886715-1001\...\MountPoints2: {14acb025-8e20-11e4-827c-74d43584f86f} - "E:\Lenovo_Suite.exe"
HKU\S-1-5-21-3812749808-3805465097-3344886715-1001\...\MountPoints2: {14acb037-8e20-11e4-827c-74d43584f86f} - "E:\Lenovo_Suite.exe"
HKU\S-1-5-21-3812749808-3805465097-3344886715-1001\...\MountPoints2: {14acc060-8e20-11e4-827c-74d43584f86f} - "E:\Lenovo_Suite.exe"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\martínek\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\martínek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-15]
CHR Extension: (Dokumenty Google) - C:\Users\martínek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-15]
CHR Extension: (Disk Google) - C:\Users\martínek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-15]
CHR Extension: (YouTube) - C:\Users\martínek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-15]
CHR Extension: (Vyhledávání Google) - C:\Users\martínek\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-15]
CHR Extension: (Tabulky Google) - C:\Users\martínek\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-15]
CHR Extension: (Peněženka Google) - C:\Users\martínek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-15]
CHR Extension: (Gmail) - C:\Users\martínek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-15]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [296432 2014-04-09] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-11-29] (Disc Soft Ltd)
S3 ESETCleanersDriver; C:\Windows\system32\Drivers\ESETCleanersDriver.sys [170280 2015-01-25] (ESET)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-28 23:45 - 2015-01-28 23:46 - 00009111 _____ () C:\Users\martínek\Desktop\FRST.txt
2015-01-28 23:45 - 2015-01-28 23:46 - 00000000 ____D () C:\FRST
2015-01-28 23:45 - 2015-01-28 23:45 - 02130432 _____ (Farbar) C:\Users\martínek\Downloads\FRST64.exe
2015-01-28 23:45 - 2015-01-28 23:45 - 02130432 _____ (Farbar) C:\Users\martínek\Desktop\FRST64.exe
2015-01-27 23:03 - 2015-01-27 23:03 - 00015327 _____ () C:\Users\martínek\Desktop\LM.bat
2015-01-27 23:00 - 2015-01-27 23:03 - 00029696 _____ () C:\Users\martínek\AppData\Local\MSGBOX.EXE
2015-01-27 22:59 - 2015-01-27 22:59 - 00112640 _____ (forum.viry.cz) C:\Users\martínek\Downloads\FRSTLauncher.exe
2015-01-27 22:59 - 2015-01-27 22:59 - 00112640 _____ (forum.viry.cz) C:\Users\martínek\Desktop\FRSTLauncher.exe
2015-01-26 21:59 - 2015-01-26 22:32 - 00000000 ____D () C:\AdwCleaner
2015-01-26 21:56 - 2015-01-26 21:56 - 00000000 ____D () C:\Users\martínek\Downloads\CrystalDiskInfo6_2_2
2015-01-26 21:53 - 2015-01-26 21:55 - 02817875 _____ () C:\Users\martínek\Downloads\CrystalDiskInfo6_2_2.zip
2015-01-26 21:53 - 2015-01-26 21:53 - 02194432 _____ () C:\Users\martínek\Downloads\adwcleaner_4.109.exe
2015-01-26 21:22 - 2015-01-26 21:23 - 00000197 _____ () C:\Windows\system32\2015-01-26-20-22-47.046-AvastVBoxSVC.exe-3984.log
2015-01-25 23:59 - 2015-01-25 23:59 - 00000247 _____ () C:\Windows\system32\2015-01-25-22-59-18.066-aswFe.exe-4604.log
2015-01-25 23:56 - 2015-01-25 23:59 - 00000247 _____ () C:\Windows\system32\2015-01-25-22-56-36.099-aswFe.exe-3136.log
2015-01-25 23:56 - 2015-01-25 23:56 - 00000197 _____ () C:\Windows\system32\2015-01-25-22-56-35.088-AvastVBoxSVC.exe-3212.log
2015-01-25 23:53 - 2015-01-25 23:53 - 00000000 ____D () C:\Windows\SysWOW64\vbox
2015-01-25 23:53 - 2015-01-25 23:53 - 00000000 ____D () C:\Windows\system32\vbox
2015-01-25 23:49 - 2015-01-26 22:32 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-01-25 23:49 - 2015-01-25 23:49 - 05006864 _____ (AVAST Software) C:\Users\martínek\Downloads\avast_free_antivirus_setup_online.exe
2015-01-25 23:46 - 2015-01-25 23:47 - 00000000 ____D () C:\rsit
2015-01-25 23:46 - 2015-01-25 23:47 - 00000000 ____D () C:\Program Files\trend micro
2015-01-25 23:46 - 2015-01-25 23:46 - 01222144 _____ () C:\Users\martínek\Downloads\RSITx64.exe
2015-01-25 23:41 - 2015-01-25 23:41 - 00000000 ____D () C:\Windows\pss
2015-01-25 20:09 - 2015-01-25 20:11 - 81465344 _____ () C:\Users\martínek\Downloads\ess_nt64_csy.msi
2015-01-25 20:08 - 2015-01-25 20:08 - 00170280 _____ (ESET) C:\Windows\system32\Drivers\ESETCleanersDriver.sys
2015-01-25 20:08 - 2015-01-25 20:08 - 00000000 ____D () C:\Users\martínek\Downloads\Speclean
2015-01-25 19:42 - 2015-01-25 19:43 - 01660616 _____ (ESET) C:\Users\martínek\Downloads\eset_smart_security_live_installer_.exe
2015-01-24 17:22 - 2015-01-24 17:22 - 00000000 ____D () C:\ProgramData\WarThunder
2015-01-23 16:26 - 2015-01-23 16:26 - 00000000 ____D () C:\Users\martínek\Documents\MasterCollection_CS5_5_LS6
2015-01-14 17:12 - 2014-12-19 07:26 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 17:12 - 2014-12-12 03:04 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 17:12 - 2014-12-12 01:51 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
2015-01-14 17:12 - 2014-12-09 02:50 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 17:12 - 2014-12-08 20:42 - 00535640 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-01-14 17:12 - 2014-12-08 20:42 - 00531616 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-01-14 17:12 - 2014-12-08 20:42 - 00448792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2015-01-14 17:12 - 2014-12-08 20:42 - 00413248 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2015-01-14 17:12 - 2014-12-08 20:42 - 00372408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2015-01-14 17:12 - 2014-12-08 20:42 - 00108944 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-01-14 17:12 - 2014-12-08 20:42 - 00038264 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2015-01-14 17:12 - 2014-12-08 20:42 - 00033584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2015-01-14 17:12 - 2014-12-06 04:17 - 00360448 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-01-14 17:12 - 2014-12-06 02:41 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 17:12 - 2014-12-06 02:35 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2015-01-14 17:12 - 2014-10-29 05:00 - 00465320 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2015-01-14 17:12 - 2014-10-29 05:00 - 00139984 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2015-01-14 17:12 - 2014-10-29 04:52 - 00500016 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-01-14 17:12 - 2014-10-29 04:52 - 00482872 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-01-14 17:12 - 2014-10-29 04:52 - 00394120 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-01-14 17:12 - 2014-10-29 04:52 - 00272248 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-01-14 17:12 - 2014-10-29 04:12 - 00413136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2015-01-14 17:12 - 2014-10-29 04:12 - 00136296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2015-01-14 17:12 - 2014-10-29 04:07 - 00424544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-01-14 17:12 - 2014-10-29 04:07 - 00370424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-01-14 17:12 - 2014-10-29 04:07 - 00344536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-01-14 17:12 - 2014-10-29 03:44 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2015-01-14 17:12 - 2014-10-29 02:59 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
2015-01-14 17:12 - 2014-10-29 02:24 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2015-01-14 17:12 - 2014-10-29 02:02 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-01-14 17:12 - 2014-10-29 02:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-09 00:15 - 2015-01-09 00:15 - 00000000 ____D () C:\MagicPlusMini
2015-01-01 21:06 - 2015-01-01 21:06 - 04717142 _____ () C:\Users\martínek\Downloads\Adobe.Flash.Player.11.1.apk
2014-12-30 23:52 - 2014-12-30 23:52 - 00001545 _____ () C:\Users\martínek\Desktop\Play UT2004.lnk
2014-12-30 23:52 - 2014-12-30 23:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unreal Tournament 2004
2014-12-30 23:20 - 2014-12-30 23:20 - 00000000 ____D () C:\Users\martínek\AppData\Local\SKIDROW
2014-12-30 21:28 - 2014-12-30 21:28 - 00000959 _____ () C:\Users\Public\Desktop\Sniper Ghost Warrior 2.lnk
2014-12-30 20:47 - 2014-12-30 23:17 - 00000000 ____D () C:\Users\martínek\Desktop\COD2 1,3
2014-12-29 16:57 - 2014-12-29 16:57 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-28 23:45 - 2014-09-14 21:51 - 01464342 _____ () C:\Windows\WindowsUpdate.log
2015-01-28 23:42 - 2014-09-14 21:56 - 00003966 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{9F889ADC-F302-44CF-9258-BF6EE44D708E}
2015-01-28 23:41 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sru
2015-01-28 23:39 - 2014-09-15 20:07 - 00000966 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-27 23:47 - 2013-08-22 16:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-01-27 23:25 - 2014-09-15 20:07 - 00000970 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-27 23:11 - 2014-09-19 21:59 - 00058368 ___SH () C:\Users\martínek\Desktop\Thumbs.db
2015-01-26 23:01 - 2014-09-14 21:58 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3812749808-3805465097-3344886715-1001
2015-01-26 22:39 - 2013-09-30 05:20 - 01658450 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-26 22:39 - 2013-09-30 04:57 - 00704264 _____ () C:\Windows\system32\perfh005.dat
2015-01-26 22:39 - 2013-09-30 04:57 - 00143624 _____ () C:\Windows\system32\perfc005.dat
2015-01-26 22:32 - 2014-09-15 20:06 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-01-26 22:32 - 2013-09-29 20:09 - 00426424 _____ () C:\Windows\PFRO.log
2015-01-26 22:32 - 2013-08-22 15:46 - 00030328 _____ () C:\Windows\setupact.log
2015-01-26 22:32 - 2013-08-22 15:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-26 00:08 - 2014-09-21 16:17 - 00000000 ____D () C:\Users\martínek\Documents\WarThunder
2015-01-25 23:41 - 2014-09-14 21:52 - 00000000 ____D () C:\Users\martínek
2015-01-25 20:26 - 2014-09-15 20:09 - 00002203 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-25 19:44 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\LiveKernelReports
2015-01-24 21:20 - 2013-08-22 16:38 - 00714720 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-24 21:20 - 2013-08-22 16:38 - 00106976 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-24 15:40 - 2014-09-19 20:33 - 00000000 ____D () C:\Users\martínek\AppData\Roaming\TS3Client
2015-01-23 23:08 - 2014-10-04 17:00 - 00000000 ____D () C:\Users\martínek\AppData\Roaming\vlc
2015-01-22 01:12 - 2014-09-15 20:58 - 00000000 ____D () C:\Fraps
2015-01-21 00:57 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-01-16 22:11 - 2014-09-17 19:20 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-16 22:09 - 2014-09-17 19:20 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-13 02:21 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-01-05 20:39 - 2014-12-07 16:02 - 00000036 _____ () C:\Users\martínek\Desktop\ts.txt
2014-12-31 12:14 - 2014-09-16 22:30 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-12-30 23:52 - 2014-11-29 14:01 - 00000000 ____D () C:\UT2004
2014-12-30 23:52 - 2014-09-15 20:34 - 00074958 _____ () C:\Windows\DirectX.log
2014-12-30 21:28 - 2014-12-13 18:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hry
2014-12-30 21:28 - 2014-09-15 20:31 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-12-30 21:21 - 2014-12-13 17:50 - 00000000 ____D () C:\Hry
2014-12-30 20:50 - 2014-12-13 18:11 - 00000000 ____D () C:\Users\martínek\AppData\Local\PunkBuster

==================== Files in the root of some directories =======

2015-01-27 23:00 - 2015-01-27 23:03 - 0029696 _____ () C:\Users\martínek\AppData\Local\MSGBOX.EXE

Some content of TEMP:
====================
C:\Users\martínek\AppData\Local\Temp\ginstall.dll
C:\Users\martínek\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\martínek\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\martínek\AppData\Local\Temp\nvStInst.exe
C:\Users\martínek\AppData\Local\Temp\ochelper.dll
C:\Users\martínek\AppData\Local\Temp\ochelper.exe
C:\Users\martínek\AppData\Local\Temp\Quarantine.exe
C:\Users\martínek\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-26 15:34

==================== End Of Log ============================

[catr]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-01-2015
Ran by martínek at 2015-01-28 23:46:37
Running from C:\Users\martínek\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Reader XI (11.0.10) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Aktualizace NVIDIA 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden
AMP WinOFF 5.0.1 (HKLM-x32\...\AMP WinOFF) (Version: 5.0.1 - Alberto Martinez Perez)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bloody5 (HKLM-x32\...\Bloody3) (Version: 14.09.0014 - Bloody)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Far Cry 3 v1.01 (HKLM-x32\...\Far Cry 3_is1) (Version: 1.01 - Ubisoft)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.91 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3540 - Intel Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.75 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.75 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.75 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Ovládací panel NVIDIA 344.75 (Version: 344.75 - NVIDIA Corporation) Hidden
PitchPerfect Musical Instrument Tuner (HKLM-x32\...\PitchPerfect) (Version: 2.12 - NCH Software)
SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden
Sniper Ghost Warrior 2 verze 3.4.1.4621 (HKLM-x32\...\Sniper Ghost Warrior 2_is1) (Version: 3.4.1.4621 - City Interactive)
SpeechRedist (HKLM-x32\...\{8795CBED-55E2-4693-9F14-84EC446935BE}) (Version: 1.0.0 - Epic Games Inc.)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)
Unreal Tournament 2004 (HKLM-x32\...\UT2004) (Version: - )
Unreal Tournament 3 (HKU\S-1-5-21-3812749808-3805465097-3344886715-1001\...\InstallShield_{BFA90209-7AFF-4DB6-8E4B-E57305751AD7}) (Version: 1.00.0000 - Epic Games)
Unreal Tournament 3 (x32 Version: 1.00.0000 - Epic Games) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3812749808-3805465097-3344886715-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)

==================== Restore Points =========================

08-01-2015 16:26:46 Naplánovaný kontrolní bod
16-01-2015 22:08:07 Windows Update
23-01-2015 00:04:57 Windows Update
25-01-2015 23:50:00 avast! antivirus system restore point

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {03D5DAF4-EB02-4D4A-96A2-A49BF6CC2539} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {2CBB7BEC-1742-44E5-9B7F-6CEC247461FA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-15] (Google Inc.)
Task: {50C4C692-0DDA-4746-B7F4-C732DBA1EE80} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-01-16] (Microsoft Corporation)
Task: {6FFD48A8-FBC8-4598-9034-CED19324EB88} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-15] (Google Inc.)
Task: {E265B814-BDDA-41D2-BFCB-5EBE8446048C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-09-15 20:05 - 2014-11-12 22:56 - 00118080 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-09-17 20:39 - 2014-09-13 15:30 - 13969920 _____ () C:\Program Files (x86)\Bloody5\Bloody5\Bloody5.exe
2013-08-22 08:19 - 2013-08-22 07:54 - 00174592 _____ () C:\Windows\system32\WinMetadata\Windows.UI.winmd
2013-08-22 08:19 - 2013-08-22 07:54 - 00050176 _____ () C:\Windows\system32\WinMetadata\Windows.Data.winmd
2013-08-22 08:19 - 2013-08-22 07:54 - 00030208 _____ () C:\Windows\system32\WinMetadata\Windows.Foundation.winmd
2014-09-14 22:06 - 2013-09-16 11:17 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-09-17 20:39 - 2013-04-03 17:29 - 00085504 _____ () C:\Program Files (x86)\Bloody5\Bloody5\DLL\DLL_ZoomControl.dll
2014-09-17 20:39 - 2014-01-10 16:48 - 04260352 _____ () C:\Program Files (x86)\Bloody5\Bloody5\Data\RES\Forms\Internet_Advertisement\Internet_Advertisement_DLL.dll
2015-01-25 20:26 - 2015-01-21 04:50 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.91\libglesv2.dll
2015-01-25 20:26 - 2015-01-21 04:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.91\libegl.dll
2015-01-25 20:26 - 2015-01-21 04:50 - 09171272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.91\pdf.dll
2015-01-25 20:26 - 2015-01-21 04:50 - 14913352 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.91\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-3812749808-3805465097-3344886715-500 - Administrator - Disabled)
Guest (S-1-5-21-3812749808-3805465097-3344886715-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-3812749808-3805465097-3344886715-1003 - Limited - Enabled)
martínek (S-1-5-21-3812749808-3805465097-3344886715-1001 - Administrator - Enabled) => C:\Users\martínek

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/26/2015 03:35:17 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Chyba služby Stínová kopie svazků: Neočekávaná chyba DeviceIoControl(\\?\Volume{89886604-3c50-11e4-8250-806e6f6e6963} - 00000000000001D8,0x0053c008,0000001BC0140080,0,0000001BBF88B850,4096,[0]). hr = 0x80070570, Soubor nebo adresář je porušen a není čitelný.
.


Operace:
Probíhá zpracování události EndPrepareSnapshots

Kontext:
Kontext spuštění: System Provider

Error: (01/25/2015 11:54:26 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.


Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (01/25/2015 11:54:00 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.


Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (01/25/2015 11:50:05 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.


Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (01/23/2015 04:24:15 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Chyba služby Stínová kopie svazků: Neočekávaná chyba DeviceIoControl(\\?\Volume{89886604-3c50-11e4-8250-806e6f6e6963} - 00000000000001A0,0x0053c008,0000002973A1BA80,0,0000002973A1CA90,4096,[0]). hr = 0x80070570, Soubor nebo adresář je porušen a není čitelný.
.


Operace:
Probíhá zpracování události EndPrepareSnapshots

Kontext:
Kontext spuštění: System Provider

Error: (01/23/2015 00:05:05 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.


Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (01/18/2015 05:57:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: nvstreamsvc.exe, verze: 3.1.100.0, časové razítko: 0x53d25804
Název chybujícího modulu: KERNELBASE.dll, verze: 6.3.9600.17278, časové razítko: 0x53eebd22
Kód výjimky: 0xc0000142
Posun chyby: 0x00000000000ec0b4
ID chybujícího procesu: 0x550
Čas spuštění chybující aplikace: 0xnvstreamsvc.exe0
Cesta k chybující aplikaci: nvstreamsvc.exe1
Cesta k chybujícímu modulu: nvstreamsvc.exe2
ID zprávy: nvstreamsvc.exe3
Úplný název chybujícího balíčku: nvstreamsvc.exe4
ID aplikace související s chybujícím balíčkem: nvstreamsvc.exe5

Error: (01/16/2015 10:22:42 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (01/13/2015 05:11:05 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

Error: (01/08/2015 04:26:50 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.


Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.


System errors:
=============
Error: (01/27/2015 11:48:19 PM) (Source: DCOM) (EventID: 10010) (User: sčót)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (01/27/2015 11:47:49 PM) (Source: DCOM) (EventID: 10010) (User: sčót)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (01/26/2015 09:20:59 PM) (Source: Microsoft-Windows-Ntfs) (EventID: 98) (User: NT AUTHORITY)
Description: D:\Device\HarddiskVolume53

Error: (01/26/2015 03:35:17 PM) (Source: volsnap) (EventID: 1) (User: )
Description: Stínová kopie svazku D: nemohla vytvořit úložiště stínové kopie na svazku D:.

Error: (01/26/2015 03:35:11 PM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: Ve struktuře systému souborů na svazku D: bylo zjištěno poškození.

Hlavní tabulka souborů (MFT) obsahuje poškozený záznam souboru. Referenční číslo souboru je 0x100000000df43. Název souboru je <nelze určit název souboru>.

Error: (01/26/2015 03:35:11 PM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: Ve struktuře systému souborů na svazku D: bylo zjištěno poškození.

Hlavní tabulka souborů (MFT) obsahuje poškozený záznam souboru. Referenční číslo souboru je 0x100000000df41. Název souboru je <nelze určit název souboru>.

Error: (01/26/2015 03:35:11 PM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: Ve struktuře systému souborů na svazku D: bylo zjištěno poškození.

Hlavní tabulka souborů (MFT) obsahuje poškozený záznam souboru. Referenční číslo souboru je 0x100000000df3c. Název souboru je <nelze určit název souboru>.

Error: (01/26/2015 03:35:11 PM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: Ve struktuře systému souborů na svazku D: bylo zjištěno poškození.

Hlavní tabulka souborů (MFT) obsahuje poškozený záznam souboru. Referenční číslo souboru je 0x100000000df3b. Název souboru je <nelze určit název souboru>.

Error: (01/26/2015 03:35:11 PM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: Ve struktuře systému souborů na svazku D: bylo zjištěno poškození.

Hlavní tabulka souborů (MFT) obsahuje poškozený záznam souboru. Referenční číslo souboru je 0x100000000df3a. Název souboru je <nelze určit název souboru>.

Error: (01/26/2015 03:35:11 PM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: Ve struktuře systému souborů na svazku D: bylo zjištěno poškození.

Hlavní tabulka souborů (MFT) obsahuje poškozený záznam souboru. Referenční číslo souboru je 0x100000000df39. Název souboru je <nelze určit název souboru>.


Microsoft Office Sessions:
=========================
Error: (01/26/2015 03:35:17 PM) (Source: VSS) (EventID: 12289) (User: )
Description: DeviceIoControl(\\?\Volume{89886604-3c50-11e4-8250-806e6f6e6963} - 00000000000001D8,0x0053c008,0000001BC0140080,0,0000001BBF88B850,4096,[0])0x80070570, Soubor nebo adresář je porušen a není čitelný.


Operace:
Probíhá zpracování události EndPrepareSnapshots

Kontext:
Kontext spuštění: System Provider

Error: (01/25/2015 11:54:26 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.

Error: (01/25/2015 11:54:00 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.

Error: (01/25/2015 11:50:05 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.

Error: (01/23/2015 04:24:15 PM) (Source: VSS) (EventID: 12289) (User: )
Description: DeviceIoControl(\\?\Volume{89886604-3c50-11e4-8250-806e6f6e6963} - 00000000000001A0,0x0053c008,0000002973A1BA80,0,0000002973A1CA90,4096,[0])0x80070570, Soubor nebo adresář je porušen a není čitelný.


Operace:
Probíhá zpracování události EndPrepareSnapshots

Kontext:
Kontext spuštění: System Provider

Error: (01/23/2015 00:05:05 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.

Error: (01/18/2015 05:57:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: nvstreamsvc.exe3.1.100.053d25804KERNELBASE.dll6.3.9600.1727853eebd22c000014200000000000ec0b455001d0333fcff06a5bC:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeKERNELBASE.dll0d9cf576-9f33-11e4-8283-74d43584f86f

Error: (01/16/2015 10:22:42 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (01/13/2015 05:11:05 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

Error: (01/08/2015 04:26:50 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4570 CPU @ 3.20GHz
Percentage of memory in use: 18%
Total physical RAM: 8070.65 MB
Available physical RAM: 6600.6 MB
Total Pagefile: 9350.65 MB
Available Pagefile: 7723.49 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931 GB) (Free:495.04 GB) NTFS
Drive d: (Nový svazek) (Fixed) (Total:698.63 GB) (Free:213.27 GB) NTFS
Drive f: (UT2004_DVDGERMAN) (CDROM) (Total:3.65 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: A11C04DE)

Partition: GPT Partition Type.

========================================================
Disk: 1 (Size: 698.6 GB) (Disk ID: 0004C482)
Partition 1: (Not Active) - (Size=698.6 GB) - (Type=07 NTFS)

==================== End Of Log ============================

[altrok]

Po aplikovani fixlistu zkuste ESET nainstalovat.

• Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
• ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
• znovu spustte FRST a kliknete na Fix
• po restartu na Vas vyskoci fixlog (pripadne bude ulozen na Plose), jehoz obsah mi vlozte do pristi odpovedi

  Kód: Vybrat vše

  Start
  CloseProcesses:
  HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
  HKU\S-1-5-21-3812749808-3805465097-3344886715-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
  HKU\S-1-5-21-3812749808-3805465097-3344886715-1001\...\MountPoints2: {14acb025-8e20-11e4-827c-74d43584f86f} - "E:\Lenovo_Suite.exe"
  HKU\S-1-5-21-3812749808-3805465097-3344886715-1001\...\MountPoints2: {14acb037-8e20-11e4-827c-74d43584f86f} - "E:\Lenovo_Suite.exe"
  HKU\S-1-5-21-3812749808-3805465097-3344886715-1001\...\MountPoints2: {14acc060-8e20-11e4-827c-74d43584f86f} - "E:\Lenovo_Suite.exe"
  ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
  SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
  
  2015-01-27 23:03 - 2015-01-27 23:03 - 00015327 _____ () C:\Users\martínek\Desktop\LM.bat
  2015-01-27 23:00 - 2015-01-27 23:03 - 00029696 _____ () C:\Users\martínek\AppData\Local\MSGBOX.EXE
  2015-01-27 22:59 - 2015-01-27 22:59 - 00112640 _____ (forum.viry.cz) C:\Users\martínek\Downloads\FRSTLauncher.exe
  2015-01-27 22:59 - 2015-01-27 22:59 - 00112640 _____ (forum.viry.cz) C:\Users\martínek\Desktop\FRSTLauncher.exe
  2015-01-26 21:59 - 2015-01-26 22:32 - 00000000 ____D () C:\AdwCleaner
  2015-01-26 21:56 - 2015-01-26 21:56 - 00000000 ____D () C:\Users\martínek\Downloads\CrystalDiskInfo6_2_2
  2015-01-26 21:53 - 2015-01-26 21:55 - 02817875 _____ () C:\Users\martínek\Downloads\CrystalDiskInfo6_2_2.zip
  2015-01-26 21:53 - 2015-01-26 21:53 - 02194432 _____ () C:\Users\martínek\Downloads\adwcleaner_4.109.exe
  2015-01-25 23:46 - 2015-01-25 23:47 - 00000000 ____D () C:\rsit
  2015-01-25 23:46 - 2015-01-25 23:47 - 00000000 ____D () C:\Program Files\trend micro
  2015-01-25 23:46 - 2015-01-25 23:46 - 01222144 _____ () C:\Users\martínek\Downloads\RSITx64.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  Hosts:
  EmptyTemp:
  End
  

[catr]

Eset šel okamžitě po vyčištění nainstalovat. Děkuji.


Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 28-01-2015
Ran by martínek at 2015-01-29 19:27:19 Run:1
Running from C:\Users\martínek\Desktop
Loaded Profiles: martínek (Available profiles: martínek)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKU\S-1-5-21-3812749808-3805465097-3344886715-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-3812749808-3805465097-3344886715-1001\...\MountPoints2: {14acb025-8e20-11e4-827c-74d43584f86f} - "E:\Lenovo_Suite.exe"
HKU\S-1-5-21-3812749808-3805465097-3344886715-1001\...\MountPoints2: {14acb037-8e20-11e4-827c-74d43584f86f} - "E:\Lenovo_Suite.exe"
HKU\S-1-5-21-3812749808-3805465097-3344886715-1001\...\MountPoints2: {14acc060-8e20-11e4-827c-74d43584f86f} - "E:\Lenovo_Suite.exe"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

2015-01-27 23:03 - 2015-01-27 23:03 - 00015327 _____ () C:\Users\martínek\Desktop\LM.bat
2015-01-27 23:00 - 2015-01-27 23:03 - 00029696 _____ () C:\Users\martínek\AppData\Local\MSGBOX.EXE
2015-01-27 22:59 - 2015-01-27 22:59 - 00112640 _____ (forum.viry.cz) C:\Users\martínek\Downloads\FRSTLauncher.exe
2015-01-27 22:59 - 2015-01-27 22:59 - 00112640 _____ (forum.viry.cz) C:\Users\martínek\Desktop\FRSTLauncher.exe
2015-01-26 21:59 - 2015-01-26 22:32 - 00000000 ____D () C:\AdwCleaner
2015-01-26 21:56 - 2015-01-26 21:56 - 00000000 ____D () C:\Users\martínek\Downloads\CrystalDiskInfo6_2_2
2015-01-26 21:53 - 2015-01-26 21:55 - 02817875 _____ () C:\Users\martínek\Downloads\CrystalDiskInfo6_2_2.zip
2015-01-26 21:53 - 2015-01-26 21:53 - 02194432 _____ () C:\Users\martínek\Downloads\adwcleaner_4.109.exe
2015-01-25 23:46 - 2015-01-25 23:47 - 00000000 ____D () C:\rsit
2015-01-25 23:46 - 2015-01-25 23:47 - 00000000 ____D () C:\Program Files\trend micro
2015-01-25 23:46 - 2015-01-25 23:46 - 01222144 _____ () C:\Users\martínek\Downloads\RSITx64.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\NvBackend => value deleted successfully.
HKU\S-1-5-21-3812749808-3805465097-3344886715-1001\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value deleted successfully.
"HKU\S-1-5-21-3812749808-3805465097-3344886715-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{14acb025-8e20-11e4-827c-74d43584f86f}" => Key deleted successfully.
HKCR\CLSID\{14acb025-8e20-11e4-827c-74d43584f86f} => Key not found.
"HKU\S-1-5-21-3812749808-3805465097-3344886715-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{14acb037-8e20-11e4-827c-74d43584f86f}" => Key deleted successfully.
HKCR\CLSID\{14acb037-8e20-11e4-827c-74d43584f86f} => Key not found.
"HKU\S-1-5-21-3812749808-3805465097-3344886715-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{14acc060-8e20-11e4-827c-74d43584f86f}" => Key deleted successfully.
HKCR\CLSID\{14acc060-8e20-11e4-827c-74d43584f86f} => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => Key deleted successfully.
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => Key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
C:\Users\martínek\Desktop\LM.bat => Moved successfully.
C:\Users\martínek\AppData\Local\MSGBOX.EXE => Moved successfully.
C:\Users\martínek\Downloads\FRSTLauncher.exe => Moved successfully.
C:\Users\martínek\Desktop\FRSTLauncher.exe => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\martínek\Downloads\CrystalDiskInfo6_2_2 => Moved successfully.
C:\Users\martínek\Downloads\CrystalDiskInfo6_2_2.zip => Moved successfully.
C:\Users\martínek\Downloads\adwcleaner_4.109.exe => Moved successfully.
C:\rsit => Moved successfully.
C:\Program Files\trend micro => Moved successfully.
C:\Users\martínek\Downloads\RSITx64.exe => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 1.4 GB temporary data.


The system needed a reboot.

==== End of Fixlog 19:27:30 ====

[altrok]

Takze jeste uklidime.

• Stahnete a spustte DelFix - https://toolslib.net/downloads/viewdownload/2-delfix/
• Oznacte jen moznost "Remove disinfection tools"
• kliknete na Run

A pokud nejsou dotazy ci jine problemy, je to ode mne vse.

[catr]

Děkuji mnohokrát.

# DelFix v10.8 - Logfile created 30/01/2015 at 01:10:19
# Updated 29/07/2014 by Xplode
# Username : martínek - SČÓT
# Operating System : Windows 8.1 Pro (64 bits)

~ Removing disinfection tools ...

Deleted : C:\FRST
Deleted : C:\Users\martínek\Desktop\Addition.txt
Deleted : C:\Users\martínek\Desktop\Fixlog.txt
Deleted : C:\Users\martínek\Desktop\frst.png
Deleted : C:\Users\martínek\Desktop\FRST.txt
Deleted : C:\Users\martínek\Desktop\FRST64.exe
Deleted : C:\Users\martínek\Downloads\FRST64.exe
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis

########## - EOF - ##########

[altrok]

Nemate zac, rad jsem pomohl


Mejte se krasne a treba zase nekdy