Počítač se zasekává a zpomaluje, děkuji moc za pomoc! :-)

[Mandis]

Zdravím pěkně, velmi rád bych Vás požádal o pomoc.
Zasekává se mi občas počítač, teď, když třeba kopíruji z disku na přenosný disk. Jen s myší jde hýbat, ale
je nutý tvrdý restart, ani ctrl alt del nefunguje. Když jsem měl spuštěný Spyware terminator, který mi nedošel
do konce, tak jsem aspoň postupně odčišťoval co to ukázalo. Spustil jsem mbam i adwcleaner. Také mi více než
často zasekáva firefox a píše to všude možně chyba skriptu a ukončit ho, pak se zase rozeběhne.
Velmi děkuji za Váš čas s tím strávený a pomoc !!
Přeji příjemný den
Petr Manďák

[Mandis]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-11-2015
Ran by Petr (administrator) on MANDIS (09-11-2015 09:06:15)
Running from C:\MANDIS DISK\PROGRAMY WINDOWS 7\PROGRAMY PROTI VIRŮM A MALWARE\FRST-OLDERVERSION
Loaded Profiles: Petr & UpdatusUser (Available Profiles: Petr & UpdatusUser)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\AESTSr64.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe
(Crawler Group) C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Validity Sensors, Inc.) C:\Windows\System32\valWBFPolicyService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmdb.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(CyberLink Corp.) C:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Nico Mak Computing) C:\Program Files\File Association Helper\FAHWindow.exe
(Crawler Group, LLC) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe
(Crawler Group, LLC) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe
(Xerox) C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\Launcher\xrlaunch.exe
() C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmw.exe
() C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmpl.exe
() C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmwj.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\avastui.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink PowerDVD15\PowerDVD15\PowerDVD15Agent.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DeviceAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-03-23] (IDT, Inc.)
HKLM\...\Run: [FAHConsole] => C:\Program Files\File Association Helper\FAHConsole.exe [729272 2014-01-28] (Nico Mak Computing)
HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [3884368 2015-09-02] (Crawler Group, LLC)
HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [5473104 2015-09-02] (Crawler Group, LLC)
HKLM-x32\...\Run: [QlbCtrl.exe] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [323640 2009-11-24] ( Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150016 2008-08-20] (Hewlett-Packard)
HKLM-x32\...\Run: [Launcher6015B] => C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\Launcher\xrlaunch.exe [2569728 2011-04-28] (Xerox)
HKLM-x32\...\Run: [6015B RUN] => C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmRun.exe [355840 2012-01-03] ()
HKLM-x32\...\Run: [StatusAutoRun6015B] => C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmpl.exe [4476928 2012-01-03] ()
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [24576 2009-02-19] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [40960 2009-02-19] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvastUI.exe [6133520 2015-11-06] (AVAST Software)
HKLM-x32\...\Run: [DBAgent] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [1540896 2015-07-15] (Seagate Technology LLC)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2020704 2014-08-05] (Wondershare)
HKLM-x32\...\Run: [PowerDVD15Agent] => C:\Program Files (x86)\CyberLink PowerDVD15\PowerDVD15\PowerDVD15Agent.exe [950296 2015-03-19] (CyberLink Corp.)
HKU\S-1-5-21-3400088848-3241487186-2567401322-1000\...\Run: [Uploader] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe [127816 2015-07-15] (Seagate Technology LLC)
HKU\S-1-5-21-3400088848-3241487186-2567401322-1000\...\Run: [CCleaner Monitoring] => C:\PROGRAM FILES\CCLEANER\CCLEANER64.EXE [6501656 2014-10-30] (Piriform Ltd)
HKU\S-1-5-21-3400088848-3241487186-2567401322-1000\...\MountPoints2: {36787e2d-2ad3-11e5-9109-002713a4b3b0} - F:\iLinker.exe
HKU\S-1-5-21-3400088848-3241487186-2567401322-1000\...\MountPoints2: {6d08fdae-f483-11e4-b9fc-002713a4b3b0} - F:\Unlock.exe autoplay=true
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShA64.dll [2015-10-09] (AVAST Software)
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 127.0.0.1 cap.cyberlink.com
Tcpip\Parameters: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{D0B7FA16-DD22-4461-85C0-0EF88289B5B4}: [DhcpNameServer] 192.168.43.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3400088848-3241487186-2567401322-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3400088848-3241487186-2567401322-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-08-12] (Microsoft Corporation)
BHO: Spyware Terminator 2015 Internet Guard -> {82A76710-4F98-4957-92BE-99648A4E2475} -> C:\Program Files (x86)\Spyware Terminator\STInternetGuard64.dll [2015-09-02] (Crawler Group, LLC)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-03-18] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-08-12] (Microsoft Corporation)
BHO-x32: No Name -> {451C804F-C205-4F03-B48E-537EC94937BF} -> No File
BHO-x32: Spyware Terminator 2015 Internet Guard -> {82A76710-4F98-4957-92BE-99648A4E2475} -> C:\Program Files (x86)\Spyware Terminator\STInternetGuard.dll [2015-09-02] (Crawler Group, LLC)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-03-18] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-03-12] (Microsoft Corporation)
Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 - No File

FireFox:
========
FF ProfilePath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\yzkl882t.default-1417622844522
FF NewTab: hxxp://www.google.com/
FF DefaultSearchUrl: hxxp://www.google.com/search?btnG=Google+Search&q=
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: www.seznam.cz
FF Session Restore: -> is enabled.
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-18] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-18] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-09-12] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation)
FF Extension: Valence - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\yzkl882t.default-1417622844522\Extensions\fxdevtools-adapters@mozilla.org [2015-10-22]
FF Extension: Video AdBlock for Firefox - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\yzkl882t.default-1417622844522\Extensions\{a00bef25-f21a-4539-adbb-b179b29e2b92} [2015-10-25] [not signed]

Chrome:
=======
CHR HKU\S-1-5-21-3400088848-3241487186-2567401322-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\AESTSr64.exe [89600 2009-03-03] (Andrea Electronics Corporation)
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [146600 2015-10-09] (AVAST Software)
S3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 Seagate Dashboard Services; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [16216 2015-07-15] (Seagate Technology LLC)
R2 Seagate MobileBackup Service; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe [143656 2015-07-15] (Seagate Technology LLC)
R2 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [3037520 2015-09-02] (Crawler Group)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\STacSV64.exe [247808 2010-03-23] (IDT, Inc.)
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [35328 2013-10-12] (Validity Sensors, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 XRNADB; C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmdb.exe [95744 2012-01-03] () [File not signed]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-10-09] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-10-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-10-09] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-10-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-10-09] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1059656 2015-11-06] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449992 2015-11-06] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [153744 2015-10-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-10-09] (AVAST Software)
S3 AVerAF15; C:\Windows\System32\Drivers\AVerAF15.sys [311424 2009-05-22] (AVerMedia TECHNOLOGIES, Inc.) [File not signed]
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [503352 2014-01-27] () [File not signed]
R2 sp_rsdrv2; C:\Windows\System32\DRIVERS\stflt.sys [51496 2011-08-24] (Windows (R) Win 7 DDK provider)
R2 {687703DE-DC6D-4649-892B-B8497854A6AB}; C:\Program Files (x86)\CyberLink PowerDVD15\PowerDVD15\Common\NavFilter\000.fcl [29896 2015-03-19] (CyberLink Corp.)
U3 a48pud77; C:\Windows\System32\Drivers\a48pud77.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-09 04:52 - 2015-11-09 08:59 - 00000280 _____ C:\Windows\setupact.log
2015-11-09 04:52 - 2015-11-09 04:52 - 00000000 _____ C:\Windows\setuperr.log
2015-11-08 09:18 - 2015-11-08 10:20 - 1099032956 _____ C:\Users\Petr\Downloads\Once.Upon.a.Time.S01E05.720p.HDTV.X264-DIMENSION.mkv
2015-11-08 07:18 - 2015-11-08 07:18 - 00000939 _____ C:\Users\Public\Desktop\VLC media player.lnk
2015-11-08 05:45 - 2015-11-08 05:52 - 00000000 ____D C:\ProgramData\Spyware Terminator
2015-11-08 05:45 - 2015-11-08 05:45 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Spyware Terminator
2015-11-08 05:45 - 2015-11-08 05:45 - 00000000 ____D C:\Users\Petr\AppData\LocalLow\Spyware Terminator
2015-11-08 05:43 - 2015-11-08 05:43 - 00001042 _____ C:\Users\Public\Desktop\Spyware Terminator 2015.lnk
2015-11-08 05:43 - 2015-11-08 05:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyware Terminator 2015
2015-11-08 05:39 - 2015-11-08 05:47 - 00000000 ____D C:\Program Files (x86)\Spyware Terminator
2015-11-07 21:50 - 2015-11-07 20:02 - 2241804636 _____ C:\Users\Petr\Desktop\viasat-nature-Život-ve-velkých-mokřinách-3-1080p.avi
2015-11-07 21:45 - 2015-11-07 21:48 - 00000000 ____D C:\Users\Petr\Desktop\Kamera 2014
2015-11-07 21:44 - 2015-11-07 21:44 - 00000000 ____D C:\Users\Petr\Desktop\Heroes of Might and Magic III HD Edition v1.1.6
2015-11-07 19:46 - 2015-11-07 21:13 - 1468483584 _____ C:\Users\Petr\Downloads\Pohádky-na-dobrou-noc-Cz.avi
2015-11-07 17:52 - 2015-11-07 17:54 - 114034999 _____ C:\Users\Petr\Desktop\Silvestr Urampa Pašák ČT pokus 2.wmv
2015-11-07 15:34 - 2015-11-07 15:36 - 00000000 ____D C:\Users\Petr\Desktop\Pražské služby a město na kole videa
2015-11-07 15:25 - 2015-11-07 15:39 - 00000000 ____D C:\Users\Petr\Desktop\Extrémní show různé záběry
2015-11-07 14:38 - 2015-11-07 16:00 - 1457723636 _____ C:\Users\Petr\Downloads\Once.Upon.A.Time.S01E06.720p.WEB-DL.DD5.1.H.264-ECI.mkv
2015-11-07 12:55 - 2015-11-07 14:16 - 1452963324 _____ C:\Users\Petr\Downloads\Once.Upon.A.Time.S01E04.720p.WEB-DL.DD5.1.H.264-ECI.mkv
2015-11-07 11:31 - 2015-11-07 12:54 - 1477706176 _____ C:\Users\Petr\Downloads\Once.Upon.A.Time.S01E03.720p.WEB-DL.DD5.1.H.264-ECI.mkv
2015-11-07 09:21 - 2015-11-07 09:21 - 00000000 ____D C:\Users\Petr\Downloads\WinRAR 5.21 Final (x86,x64)(CZ)
2015-11-06 20:56 - 2015-11-06 20:56 - 00000000 ____D C:\Users\Petr\AppData\Roaming\DiskDefrag
2015-11-06 20:52 - 2015-11-08 15:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-11-06 20:48 - 2015-11-06 20:48 - 00001085 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Undelete.lnk
2015-11-06 20:48 - 2015-11-06 20:48 - 00001073 _____ C:\Users\Public\Desktop\Glary Undelete.lnk
2015-11-06 20:48 - 2015-11-06 20:48 - 00000000 ____D C:\Program Files (x86)\Glary Undelete
2015-11-06 20:46 - 2015-11-07 07:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glarysoft
2015-11-06 20:46 - 2015-11-06 20:46 - 00001122 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Absolute Uninstaller.lnk
2015-11-06 20:46 - 2015-11-06 20:46 - 00001110 _____ C:\Users\Public\Desktop\Absolute Uninstaller.lnk
2015-11-06 20:43 - 2015-11-06 20:43 - 05446128 _____ C:\Users\Petr\Downloads\dssetup.exe
2015-11-06 20:43 - 2015-11-06 20:43 - 04737952 _____ C:\Users\Petr\Downloads\ausetup.exe
2015-11-06 20:43 - 2015-11-06 20:43 - 04636312 _____ C:\Users\Petr\Downloads\gunsetup.exe
2015-11-06 20:15 - 2015-11-06 20:16 - 00000000 ____D C:\Users\Petr\Downloads\YouTube Video Downloader PRO FINAL v4.9.0.3
2015-11-06 17:44 - 2015-11-07 05:00 - 373915648 _____ C:\Users\Petr\Downloads\Spore - Česká Anthologie (2008-2010).iso
2015-11-06 17:39 - 2015-11-06 17:39 - 00000000 ____D C:\Users\Petr\Desktop\Nová trance music v raru
2015-11-06 17:36 - 2015-11-06 17:36 - 00000000 ____D C:\Users\Petr\Desktop\Vlasta Čiháček
2015-11-06 17:32 - 2015-11-06 17:32 - 00000000 ____D C:\Users\Petr\Downloads\YouTube Video Downloader PRO v4.9.1.0 FINAL CZ + Crack
2015-11-04 15:14 - 2015-11-08 07:35 - 00000000 ____D C:\Users\Petr\Desktop\videa do Extrémní show.cz
2015-11-04 14:23 - 2015-11-06 09:28 - 00000000 ____D C:\Users\Petr\Desktop\přehrát na disk u našich
2015-11-04 14:18 - 2015-11-04 14:19 - 00000000 ____D C:\Users\Petr\Desktop\Ladronka ofiko fotky
2015-11-04 14:17 - 2015-11-04 14:18 - 00000000 ____D C:\Users\Petr\Desktop\Ladronka 2013 funbox
2015-11-04 14:17 - 2015-11-04 14:17 - 00000000 ____D C:\Users\Petr\Desktop\Chorvatsko 2014
2015-11-04 14:07 - 2015-11-08 09:00 - 00000000 ____D C:\Users\Petr\Desktop\videa na střih Urampa
2015-11-04 14:04 - 2015-11-04 14:07 - 00000000 ____D C:\Users\Petr\Desktop\videa Letňany minirampa
2015-11-04 14:04 - 2015-11-04 14:04 - 00000000 ___RD C:\Users\Petr\Desktop\STROM - Moonspell Otakar Olsanik
2015-11-04 14:04 - 2015-11-04 14:04 - 00000000 ____D C:\Users\Petr\Desktop\portréty
2015-11-04 13:33 - 2015-11-04 14:04 - 00000000 ____D C:\Users\Petr\Desktop\Písničky
2015-11-04 13:27 - 2015-11-04 13:40 - 239604859 _____ C:\Users\Petr\Downloads\Dream-Trance-Music-Vol.01-(Hofbik).rar
2015-11-04 13:23 - 2015-11-04 13:23 - 00000000 ____D C:\Users\Petr\Desktop\Nové fotky na roztřídění 2015 2
2015-11-04 13:22 - 2015-11-06 09:14 - 00000000 ____D C:\Users\Petr\Desktop\Nová muzika
2015-11-04 13:17 - 2015-11-04 13:21 - 00000000 ____D C:\Users\Petr\Desktop\Love songs nové
2015-11-04 13:00 - 2015-11-04 13:00 - 00000000 ____D C:\Users\Petr\Downloads\Fotosizer Professional Edition 2.9.0.548 Final x86x64 CZ!
2015-11-04 12:16 - 2015-11-04 12:41 - 00000000 ____D C:\Users\Petr\Downloads\Image-Line FL Studio Producer Edition 12.1.3 Final 2015!
2015-11-03 13:52 - 2015-11-03 13:54 - 60304171 _____ C:\Users\Petr\Desktop\extreme.mp4
2015-11-03 12:28 - 2015-11-03 12:29 - 00000000 ____D C:\Users\Petr\Desktop\Propokopské údolí
2015-11-01 06:43 - 2015-11-09 04:53 - 00139264 ___SH C:\Users\Petr\Desktop\Thumbs.db
2015-10-31 19:23 - 2015-10-31 23:21 - 00000000 ____D C:\Users\Petr\Desktop\Nové fotky do nabídky upravené a retušované
2015-10-31 17:52 - 2015-10-31 17:52 - 01694208 _____ C:\Users\Petr\Desktop\adwcleaner_5.015.exe
2015-10-30 10:34 - 2015-10-30 10:35 - 00000000 ____D C:\Users\Petr\Desktop\Ladronka fest videa
2015-10-29 13:19 - 2013-08-07 01:19 - 170773056 _____ C:\Users\Petr\Desktop\Křižíkova-fontána-(Krizik's-fountain)---Michael-Jackson---Romance---part-1,-Prague---CZ.mp4
2015-10-28 09:45 - 2015-10-29 20:51 - 00000000 ____D C:\Users\Petr\Desktop\Nové fotky na zálohu 2015 podzim
2015-10-27 16:33 - 2015-10-27 16:33 - 00002062 _____ C:\Users\UpdatusUser\Desktop\Heroes of Might and Magic® IV.lnk
2015-10-27 16:33 - 2015-10-27 16:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\3DO
2015-10-27 16:29 - 2015-10-27 16:33 - 00000000 ____D C:\Program Files (x86)\Heroes of Might and Magic 4
2015-10-27 16:11 - 2015-10-27 16:28 - 00000000 ____D C:\Program Files (x86)\Might & Magic Heroes VII
2015-10-27 15:14 - 2015-10-31 05:51 - 00000000 ____D C:\Users\Petr\AppData\Roaming\DAEMON Tools Lite
2015-10-25 20:35 - 2015-10-25 20:35 - 00000000 ____D C:\Users\Petr\AppData\Roaming\MPC-HC
2015-10-25 17:36 - 2015-10-25 17:36 - 00003786 _____ C:\Windows\System32\Tasks\klcp_update
2015-10-25 17:34 - 2015-10-25 17:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2015-10-25 17:34 - 2015-10-25 17:34 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2015-10-25 14:49 - 2015-10-31 07:06 - 00000000 ____D C:\Users\Petr\Desktop\fotky na poslání ze starých akcí
2015-10-25 07:38 - 2015-11-09 07:09 - 00000000 ____D C:\Users\Petr\Desktop\Denisa filmy
2015-10-24 09:14 - 2015-10-24 09:14 - 00000000 ____D C:\Users\Petr\Desktop\Extreme show powerslide
2015-10-22 12:58 - 2015-10-31 05:51 - 00000000 ____D C:\Users\Petr\Tracing
2015-10-22 10:33 - 2015-10-22 10:33 - 00000000 ____D C:\Windows\en
2015-10-22 10:31 - 2015-10-22 10:31 - 00000000 ____D C:\Windows\cs
2015-10-22 10:30 - 2015-10-22 10:30 - 00001305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2015-10-22 10:28 - 2015-10-22 10:28 - 00001374 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2015-10-22 10:26 - 2015-10-22 10:26 - 00000020 _____ C:\Windows\¬ó•
2015-10-22 10:26 - 2015-10-22 10:26 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-10-22 10:23 - 2015-10-22 10:23 - 00001458 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2015-10-22 10:21 - 2015-10-22 10:21 - 00002486 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
2015-10-22 10:17 - 2015-10-22 10:17 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2015-10-22 10:16 - 2015-10-22 10:16 - 00000000 ____D C:\Program Files\Windows Live
2015-10-22 10:16 - 2014-03-31 20:06 - 00058056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fssfltr.sys
2015-10-22 10:15 - 2015-10-22 10:24 - 00000000 ____D C:\Program Files (x86)\Windows Live
2015-10-22 10:11 - 2010-06-02 03:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2015-10-22 10:11 - 2010-06-02 03:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2015-10-22 10:11 - 2010-06-02 03:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2015-10-22 10:11 - 2010-06-02 03:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2015-10-22 10:10 - 2010-05-26 10:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2015-10-22 10:10 - 2010-05-26 10:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2015-10-22 10:10 - 2010-05-26 10:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2015-10-22 10:10 - 2010-05-26 10:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2015-10-22 10:07 - 2009-09-04 16:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2015-10-22 10:07 - 2009-09-04 16:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2015-10-22 10:05 - 2006-11-29 12:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2015-10-22 10:05 - 2006-11-29 12:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2015-10-22 10:00 - 2015-11-04 15:42 - 00000000 ____D C:\Users\Petr\AppData\Local\Windows Live
2015-10-19 15:04 - 2015-10-31 07:38 - 00000000 ____D C:\Users\Petr\Desktop\nové fotky na extreme show.cz
2015-10-14 12:15 - 2015-10-14 12:15 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 15
2015-10-14 12:10 - 2015-10-14 12:10 - 00000000 ____D C:\Program Files (x86)\CyberLink PowerDVD15

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-09 09:07 - 2014-01-19 15:33 - 01860078 _____ C:\Windows\WindowsUpdate.log
2015-11-09 09:06 - 2014-11-18 16:24 - 00000000 ____D C:\FRST
2015-11-09 08:59 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-09 08:40 - 2014-11-26 13:40 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-11-09 08:23 - 2009-07-14 05:45 - 00031104 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-09 08:23 - 2009-07-14 05:45 - 00031104 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-08 19:27 - 2014-02-27 08:48 - 00000000 ____D C:\Users\Petr\AppData\Roaming\vlc
2015-11-08 19:25 - 2014-12-03 11:28 - 00000000 ____D C:\Users\Petr\AppData\Roaming\uTorrent
2015-11-08 17:08 - 2011-04-12 09:34 - 00668790 _____ C:\Windows\system32\perfh005.dat
2015-11-08 17:08 - 2011-04-12 09:34 - 00141418 _____ C:\Windows\system32\perfc005.dat
2015-11-08 17:08 - 2009-07-14 06:13 - 01583214 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-08 15:46 - 2015-10-05 15:59 - 00000000 ____D C:\Users\Petr\Desktop\Trance music new podzim 2015
2015-11-08 15:38 - 2014-12-03 16:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-11-07 22:02 - 2014-08-03 12:19 - 00000000 ____D C:\Users\Petr\Desktop\fotky převod
2015-11-07 17:35 - 2014-02-10 13:38 - 00000000 ____D C:\Users\Petr\Desktop\Nová tvořivost
2015-11-07 10:53 - 2014-01-27 21:09 - 00000000 ____D C:\Program Files\WinRAR
2015-11-07 08:27 - 2014-01-20 07:33 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-11-07 08:26 - 2014-01-27 21:37 - 00000000 ____D C:\Program Files\Recuva
2015-11-07 08:19 - 2015-06-29 17:22 - 00000000 ____D C:\Program Files (x86)\Pinnacle
2015-11-06 18:17 - 2014-01-27 20:32 - 00000000 ____D C:\Mandis disk
2015-11-06 15:44 - 2014-05-13 13:27 - 01059656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2015-11-06 15:44 - 2014-01-27 22:10 - 00449992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2015-11-06 09:50 - 2014-01-27 21:35 - 00000000 ____D C:\ProgramData\Adobe
2015-11-06 09:50 - 2014-01-21 09:42 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Adobe
2015-11-05 05:05 - 2015-09-12 06:03 - 00000000 ____D C:\Users\Petr\Desktop\word dokumenty plocha
2015-11-04 07:23 - 2010-10-10 10:43 - 00000000 ____D C:\Users\Petr\Desktop\Samík tisk fotek
2015-11-04 07:22 - 2010-10-10 11:06 - 00000000 ____D C:\Users\Petr\Desktop\Starší fotky na tisk Samíčka
2015-10-31 19:06 - 2014-12-10 10:55 - 00000000 ____D C:\AdwCleaner
2015-10-31 16:09 - 2015-05-14 16:26 - 00000000 ____D C:\Users\Petr\Desktop\filmy novééé
2015-10-31 05:37 - 2014-06-23 12:59 - 00000000 ____D C:\Windows\Minidump
2015-10-30 14:10 - 2015-06-16 15:23 - 00000000 ____D C:\Users\Petr\Desktop\nová videa z exhibic
2015-10-30 12:55 - 2014-01-28 00:13 - 00000000 ____D C:\Users\Petr\Desktop\fotky na poslaní druhým
2015-10-30 09:09 - 2015-05-01 09:08 - 00000000 ____D C:\Users\Petr\Desktop\Kamera 2015
2015-10-29 21:01 - 2014-12-05 10:24 - 00000000 ____D C:\Users\Petr\Desktop\fotky Samíka na přebrání
2015-10-28 10:08 - 2015-08-18 14:10 - 00000000 ____D C:\Users\Petr\Desktop\SM-N9005_20150618173255
2015-10-28 07:45 - 2014-05-13 13:27 - 00004184 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-10-25 20:48 - 2014-01-19 16:35 - 00000000 ____D C:\Users\Petr
2015-10-25 20:25 - 2015-07-13 11:22 - 00000000 ____D C:\Users\Petr\Downloads\Nové programy na instalování 2015
2015-10-25 06:51 - 2015-07-13 11:24 - 00000000 ____D C:\Users\Petr\Desktop\Nové fotky na roztřídění 2015
2015-10-24 17:47 - 2009-07-14 05:45 - 00502632 _____ C:\Windows\system32\FNTCACHE.DAT
2015-10-24 12:29 - 2014-01-27 20:45 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-10-24 12:28 - 2014-01-27 20:49 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-10-24 06:40 - 2014-01-27 20:43 - 00001973 _____ C:\Users\Public\Desktop\Samsung Kies 3.lnk
2015-10-23 06:57 - 2015-10-03 07:38 - 00000000 ____D C:\Users\Petr\Desktop\A Muzika na akci
2015-10-22 10:14 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-10-18 10:41 - 2014-02-01 20:15 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-10-18 10:40 - 2014-02-01 20:15 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-10-18 10:40 - 2014-02-01 20:15 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-16 08:20 - 2014-10-30 20:20 - 00024526 ____H C:\Users\Petr\Desktop\~WRL2879.tmp
2015-10-14 12:29 - 2014-02-26 18:38 - 00000000 ____D C:\Users\Petr\Documents\CyberLink
2015-10-14 12:16 - 2014-02-26 18:33 - 00000000 ____D C:\Users\Petr\AppData\Local\CyberLink
2015-10-14 12:08 - 2015-10-07 16:05 - 00000000 ____D C:\ProgramData\SUPPORTDIR
2015-10-12 05:25 - 2015-06-29 17:22 - 00000000 ____D C:\Users\Public\Documents\Pinnacle Content
2015-10-12 05:25 - 2015-06-29 17:22 - 00000000 ____D C:\Program Files (x86)\Pinnacle Studio 17

==================== Files in the root of some directories =======

2015-06-29 18:20 - 2015-07-03 16:38 - 0000428 _____ () C:\Users\Petr\AppData\Roaming\MANDIS.MTBF.txt
2015-06-29 18:20 - 2015-07-03 16:54 - 0000934 _____ () C:\Users\Petr\AppData\Roaming\__AvidCloudManager.log
2015-06-29 18:20 - 2015-06-29 18:26 - 0000792 _____ () C:\Users\Petr\AppData\Roaming\__AvidCloudManagerPrevious.log
2014-01-20 23:21 - 2014-01-20 23:21 - 0000000 _____ () C:\Users\Petr\AppData\Local\AtStart.txt
2014-01-20 23:21 - 2014-01-20 23:21 - 0000000 _____ () C:\Users\Petr\AppData\Local\DSwitch.txt
2014-01-20 23:21 - 2014-01-20 23:21 - 0000000 _____ () C:\Users\Petr\AppData\Local\QSwitch.txt
2014-01-27 21:15 - 2014-01-27 21:24 - 0000370 _____ () C:\ProgramData\hpzinstall.log

Some files in TEMP:
====================
C:\Users\Petr\AppData\Local\Temp\vlc-2.2.1-win32.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-10-31 06:43

==================== End of FRST.txt ============================

[Mandis]

Additional scan result of Farbar Recovery Scan Tool (x64) Version:07-11-2015
Ran by Petr (2015-11-09 09:07:45)
Running from C:\MANDIS DISK\PROGRAMY WINDOWS 7\PROGRAMY PROTI VIRŮM A MALWARE\FRST-OLDERVERSION
Windows 7 Professional Service Pack 1 (X64) (2014-01-19 15:35:53)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3400088848-3241487186-2567401322-500 - Administrator - Disabled)
Guest (S-1-5-21-3400088848-3241487186-2567401322-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3400088848-3241487186-2567401322-1003 - Limited - Enabled)
Petr (S-1-5-21-3400088848-3241487186-2567401322-1000 - Administrator - Enabled) => C:\Users\Petr
UpdatusUser (S-1-5-21-3400088848-3241487186-2567401322-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Absolute Uninstaller 5.3.1.20 (HKLM-x32\...\Absolute Uninstaller) (Version: 5.3.1.20 - Glarysoft Ltd)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\{B7B3E9B3-FB14-4927-894B-E9124509AF5A}) (Version: 10.0.32.18 - Adobe Systems, Inc.)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Photoshop CS (HKLM-x32\...\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}) (Version: CS - Adobe Systems, Inc.)
Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Aktualizace NVIDIA 1.15.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.15.2 - NVIDIA Corporation)
Avast Pro Antivirus (HKLM-x32\...\avast) (Version: 10.4.2233 - AVAST Software)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.60.350.6 - Broadcom Corporation)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon MG5500 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5500_series) (Version: 1.02 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
CyberLink PowerDVD 15 (HKLM-x32\...\{DE85B8F3-D088-4D6E-A970-EE0BC7883A66}) (Version: 15.0.1510.58 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
ENE CIR Receiver Driver (HKLM\...\FFE7D41DF3C645075BB149E21988B63996C34187) (Version: 2.7.4.0 - ENE)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Glary Undelete 5.0.1.19 (HKLM-x32\...\Glary Undelete) (Version: 5.0.1.19 - Glarysoft Ltd)
Google Earth (HKLM-x32\...\{97C0EA4A-1A0B-4C53-ACEB-49984DA79C90}) (Version: 4.3.7204.836 - Google)
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Heroes of Might and Magic® IV (HKLM-x32\...\InstallShield_{192E2132-E977-4D3E-90BA-9DBCE1B57F8C}) (Version: 1.00.0000 - 3DO)
Heroes of Might and Magic® IV (x32 Version: 1.00.0000 - 3DO) Hidden
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP MediaSmart Live TV (HKLM-x32\...\InstallShield_{67626E09-5366-4480-8F1E-93FADF50CA15}) (Version: 3.0 - CyberLink Corp.)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Quick Launch Buttons (HKLM-x32\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.50.12.1 - Hewlett-Packard)
HP Scanjet G4000 Series (HKLM\...\{10297E58-2DFE-478B-9A1D-4B14E4E79CDF}) (Version: 13.0 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard)
hpg4000 (x32 Version: 13.0.0.0 - Název společnosti:) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6276.0 - IDT)
Image Retriever 9 (HKLM-x32\...\{EB4C309A-8DCB-4AB6-867A-06D67C96B234}) (Version: 9.0.0.0 - Nuance Communications, Inc.)
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.00.00.1030 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.35 - Irfan Skiljan)
Jpeg Resampler Vs 6+ (HKLM-x32\...\JpegResampler2010_is1) (Version: - Jpeg Resampler)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
K-Lite Codec Pack 11.5.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.5.0 - )
KMSnano 24 (HKLM\...\KMSnano 24_is1) (Version: KMSnano 24 - )
Microsoft .NET Framework 4.5.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 42.0 (x86 cs) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 cs)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
NVIDIA Ovladače grafiky 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
Ovládací panel NVIDIA 331.65 (Version: 331.65 - NVIDIA Corporation) Hidden
PaperPort Image Printer 64-bit (HKLM\...\{918A2C48-E40E-4341-B9C1-A38D50213F6B}) (Version: 1.00.0000 - Nuance Communications, Inc.)
Playway to English 1 CD-ROM (HKLM-x32\...\{6A031978-1FDC-42D4-A30B-018FA99C5784}) (Version: 2.00.0000 - Cambridge University Press, Helbling Languages)
QLBCASL (x32 Version: 6.40.17.2 - Hewlett-Packard) Hidden
Registrace uživatele zařízení Canon MG5500 series (HKLM-x32\...\Registrace uživatele zařízení Canon MG5500 series) (Version: - ‭Canon Inc.)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.) Hidden
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
ScanSoft OmniPage SE 16 (HKLM-x32\...\{27AC9FC3-9041-4CA0-B718-C0B8122D9B32}) (Version: 16.1.0000 - Nuance Communications, Inc.)
ScanSoft PaperPort 11 (HKLM-x32\...\{1D66156D-D721-4B55-B08B-BDC917E8DCD0}) (Version: 11.2.0000 - Nuance Communications, Inc.)
Seagate Dashboard (HKLM-x32\...\{EA266F00-A8E7-43A0-8DED-FBFE3F076934}) (Version: 4.2.002.0 - Seagate)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
Seznam Software (HKU\S-1-5-21-3400088848-3241487186-2567401322-1000\...\SeznamInstall) (Version: - Seznam.cz)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.13.13771 - Skype Technologies S.A.)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
SP45629 - Intel Chipset Installation Utility (HKLM-x32\...\{7AB416C2-4AEC-4967-A873-E2A3B404E6EC}) (Version: 1.0.0 - Hewlett-Packard International Pte. Ltd.)
Spyware Terminator 2015 (HKLM-x32\...\{56736259-613E-4A3B-B428-6235F2E76F44}_is1) (Version: 3.0.0.102 - Crawler Group)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.25790 - TeamViewer)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: - )
Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0405-1000-0000000FF1CE}_Office15.PROPLUSR_{2B44F588-2B80-4DD3-B577-B10B3C6865EA}) (Version: - Microsoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinZip 19.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E5}) (Version: 19.0.11293 - WinZip Computing, S.L. )
Xerox WorkCentre 6015B (HKLM-x32\...\InstallShield_{FB21CB19-03DB-4422-AB72-3CA9C9499512}) (Version: 1.005.00 - Xerox)
Xerox WorkCentre 6015B (x32 Version: 1.005.00 - Xerox) Hidden
XnView 1.99.5 (HKLM-x32\...\XnView_is1) (Version: 1.99.5 - Gougelet Pierre-e)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

09-11-2015 08:35:06 S

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2014-11-19 21:26 - 2015-10-07 17:02 - 00000870 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost
::1 localhost
127.0.0.1 cap.cyberlink.com

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {03860CA9-4CAD-4B98-B9DB-AF86C6B86D37} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-30] (Piriform Ltd)
Task: {0514F0AA-FEE5-454B-ABBC-73D964CD32D2} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {1BDBF622-B099-48FE-99E2-7CF70359EA15} - System32\Tasks\Aktualizační služba softwaru InstallShield => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [2005-02-16] (InstallShield Software Corporation)
Task: {28111E61-6639-47FA-9793-E8FA7DBE1C62} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2015-10-05] ()
Task: {290D5554-2CAE-4D00-806C-9E9C0E582A26} - System32\Tasks\Seagate_Install_Launch => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Dashboard.exe [2015-07-15] (Seagate Technology LLC)
Task: {3570B0B4-59D9-40EF-8523-5AEDA83C63F7} - \{6ABD546F-1447-4F17-8719-217A60A08082} -> No File <==== ATTENTION
Task: {363E8906-277F-4C49-A834-3C1B7DBA7FCF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {5D453047-3A84-4F1A-AC87-1BE8CFE71FC5} - System32\Tasks\{31860E30-4547-4642-8629-7170D2FD9702} => pcalua.exe -a C:\Users\Petr\Downloads\shrink_pic18.exe -d C:\Users\Petr\Downloads
Task: {5F683279-ADDC-4EF0-BE6A-660043C46E6F} - System32\Tasks\ScanSoft Background Update => C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25] (Nuance Communications, Inc.)
Task: {6C8090A5-F99F-445F-B7ED-64A81BA8B065} - System32\Tasks\{86CAD3F7-6666-42E6-BE0A-9FC365226892} => pcalua.exe -a C:\Users\Petr\Downloads\sp49094.exe -d C:\Users\Petr\Downloads
Task: {7BAEC43E-0DB8-4473-8332-A1F8227CF352} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {86465518-AB01-4B30-8424-72DCC3F55A3E} - System32\Tasks\CapSvcInst => c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CapSvcInst.exe
Task: {911BBD05-01B1-4BAB-86BD-8E0AA4709D9A} - System32\Tasks\Program k provádění aktualizací online Adobe => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21] (Adobe Systems Incorporated)
Task: {945AD81E-B507-4097-910B-A57BC020C4ED} - System32\Tasks\{5AAB68F2-60FA-4A53-9AC2-A3AABD2B8201} => pcalua.exe -a C:\NET\Ovladače\sp54929.exe -d C:\Users\Petr\Desktop
Task: {976D5659-B906-47EE-AF75-7A6FF3B724A6} - System32\Tasks\TVAgent => c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe [2009-09-18] (CyberLink Corp.)
Task: {AD38FBB6-47F4-4DBD-87BA-2927908C8115} - System32\Tasks\Program k provádění aktualizací online InstallShield Software => c:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [2005-02-16] (InstallShield Software Corporation)
Task: {B0EAFEB9-53A6-45E7-87D7-0830827B5E97} - System32\Tasks\CapUninst => c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CapUninst.exe
Task: {CA347752-E84E-469C-92DA-F1BC2EF80899} - System32\Tasks\{B372E8E1-2F30-4E18-81EC-F54138B2C422} => pcalua.exe -a C:\Windows\system32\pcwrun.exe -c "C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe"
Task: {CCCFAA2F-A49F-4442-9FA4-4B6C9B7CF26A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-18] (Adobe Systems Incorporated)
Task: {E761BA03-0B37-430E-934F-58B44EB6A262} - System32\Tasks\Online aktualizační program HP => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2007-05-08] (Hewlett-Packard)
Task: {EA1D17F4-3B65-415A-A4AE-F6DD0DB28498} - \SPBIW_UpdateTask_Time_313638333535373833362d4a375b5a5a6c783245343741 -> No File <==== ATTENTION
Task: {EE48280A-3618-4AA9-A03A-A12FA45C6892} - System32\Tasks\{8D31B56D-AD40-4217-90B4-39D497011277} => pcalua.exe -a "C:\Users\Petr\Desktop\programy Windows 7\nový\tcmd704a.exe" -d "C:\Users\Petr\Desktop\programy Windows 7\nový"
Task: {F3C5033A-DF67-4D5B-8C8C-31260D9BE5D9} - System32\Tasks\CapSchedInst => c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CapSchedInst.exe
Task: {F4351C94-C5DB-4397-9157-9F184A3D9326} - System32\Tasks\avast! Emergency Update => C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe [2015-10-09] (AVAST Software)
Task: {F8371EBB-6BAF-45C2-BCDA-2A49E5603530} - System32\Tasks\{29F6DA13-39F6-43FF-817A-2C30AA114663} => pcalua.exe -a "C:\Users\Petr\Desktop\programy Windows 7\Nové instalace 2013\irfanview_lang_czech.exe" -d "C:\Users\Petr\Desktop\programy Windows 7\Nové instalace 2013"
Task: {FF28A300-8F11-4399-B779-F1A5D46C7609} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-21] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (Whitelisted) ==============

2014-01-21 03:18 - 2013-10-23 09:20 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-02-10 19:55 - 2012-03-09 14:34 - 00022528 _____ () C:\Windows\System32\xrhk1alm.dll
2012-01-03 10:04 - 2012-01-03 10:04 - 00095744 _____ () C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmdb.exe
2012-01-03 10:04 - 2012-01-03 10:04 - 00247296 _____ () C:\PROGRAM FILES (X86)\XEROX OFFICE PRINTING\WORKCENTRE SSW\PRINTINGSCOUT\XRKSMW.EXE
2012-01-03 10:05 - 2012-01-03 10:05 - 04476928 _____ () C:\PROGRAM FILES (X86)\XEROX OFFICE PRINTING\WORKCENTRE SSW\PRINTINGSCOUT\XRKSMPL.EXE
2012-01-03 10:04 - 2012-01-03 10:04 - 00227840 _____ () C:\PROGRAM FILES (X86)\XEROX OFFICE PRINTING\WORKCENTRE SSW\PRINTINGSCOUT\XRKSMWJ.EXE
2014-10-23 20:19 - 2014-10-23 20:19 - 00043520 _____ () C:\PROGRAM FILES\CCLEANER\lang\lang-1029.dll
2015-10-09 15:41 - 2015-10-09 15:41 - 00103376 _____ () C:\Program Files\Alwil Software\Avast5\log.dll
2015-10-09 15:41 - 2015-10-09 15:41 - 00123976 _____ () C:\Program Files\Alwil Software\Avast5\JsonRpcServer.dll
2015-11-08 11:00 - 2015-11-08 11:00 - 02990592 _____ () C:\Program Files\Alwil Software\Avast5\defs\15110700\algo.dll
2015-10-09 15:41 - 2015-10-09 15:41 - 40539648 _____ () C:\Program Files\Alwil Software\Avast5\libcef.dll
2015-10-07 15:56 - 2014-08-05 09:22 - 01489408 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2015-10-07 15:56 - 2014-05-19 16:19 - 00137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2015-10-14 12:12 - 2015-03-19 07:46 - 00867592 _____ () C:\Program Files (x86)\CyberLink PowerDVD15\PowerDVD15\common\UNO\UNO.dll
2015-10-14 12:11 - 2013-12-10 12:31 - 00074240 _____ () C:\Program Files (x86)\CyberLink PowerDVD15\PowerDVD15\Common\Koan\_ctypes.pyd
2015-10-14 12:11 - 2013-12-10 12:31 - 00285184 _____ () C:\Program Files (x86)\CyberLink PowerDVD15\PowerDVD15\Common\Koan\_hashlib.pyd
2015-10-14 12:11 - 2013-12-10 12:31 - 00040960 _____ () C:\Program Files (x86)\CyberLink PowerDVD15\PowerDVD15\Common\Koan\_socket.pyd
2015-10-14 12:11 - 2013-12-10 12:31 - 00721920 _____ () C:\Program Files (x86)\CyberLink PowerDVD15\PowerDVD15\Common\Koan\_ssl.pyd

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3400088848-3241487186-2567401322-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.43.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{35577E9F-171C-41D0-B655-756E08D2486A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{EB0987BF-3349-47D4-B597-1B3F0ADA55E1}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{94A63192-3A7C-43AA-9D29-F5636E2114C6}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{058AEEA4-7722-44C0-B335-4A3F997B531D}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{E4BAC347-63DB-4197-97B3-176158DE78D6}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{B8C5F0BE-1EDE-4475-A8A7-CCF0767681B8}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{E557D77D-F5EC-4C72-9528-53AB97F375C0}] => (Allow) C:\Program Files\KMSnano\qemu-system-i386.exe
FirewallRules: [{E5043FF6-4EC8-4D44-B5A6-45144B6A623E}] => (Allow) C:\Program Files\KMSnano\qemu-system-i386.exe
FirewallRules: [{A942E273-C820-4E95-AA1F-416ECD7C5880}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{EF270BDC-CD4A-4A0A-8CFD-A0AC945730D1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{D4C21880-E4B1-4B0E-9DE8-1C41B6785803}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{6E83BA24-2B68-494C-9459-D72D336B59E0}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{190C4C3E-A4A5-440B-8CDA-FE2C186E5028}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsudi.exe
FirewallRules: [{6921BF56-2606-4B23-85BB-DDC24D8E0993}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpsapp.exe
FirewallRules: [{5DB7BB8F-3F2B-419D-A0FF-56D542D0CB9F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe
FirewallRules: [{0B574E8F-BCEC-4483-BB41-0BB5C6D9DE7F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{688FCDEA-B268-457B-8D78-B091150A8219}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{7205D8B7-5CF9-42BA-9173-5B79540245DA}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{BB90227C-9914-4966-A4F7-148EE98FDEC2}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{09748AE2-AE0B-4AD6-96B5-6DD707AF0767}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{B81A88B0-4BBE-49BB-B414-FF167FAD98BD}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{A04DC8B9-D771-4325-A46D-60A36FADB18D}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{0B6D27EC-DF44-4272-B6AC-F453EB0CBCCB}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{F483036C-446D-4412-A82F-9F60B3800FA1}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{450BDF45-D1B7-4F54-B7F7-8A8AF056B824}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{E910043F-5C65-45B8-AC43-5211BAF93080}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{D58AD317-9E34-47AD-8F51-87565B7EE705}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [TCP Query User{9E18F5B3-D36D-4D09-AEE2-A16C8698D143}C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe] => (Allow) C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe
FirewallRules: [UDP Query User{31787E16-FC3D-4088-982F-644BC73A9E3B}C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe] => (Allow) C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe
FirewallRules: [{D1BD381E-FC6A-460A-AFB0-95CC1564DAFB}] => (Block) C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe
FirewallRules: [{62569C6C-7F09-4B0F-98DF-B00135D2B69E}] => (Block) C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe
FirewallRules: [{D1EFDA8C-5544-4FD3-8882-3C477E03BF2A}] => (Allow) LPort=8888
FirewallRules: [TCP Query User{BA309BEA-C992-4680-A1D7-C7E3C789D0BA}C:\users\petr\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\petr\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{B7361255-9C8A-40EB-B3FB-4A78B47EE353}C:\users\petr\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\petr\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{FE31AF74-5E16-4F7E-AE61-68DE1B3476A8}C:\users\petr\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\petr\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{D53369BE-D2AF-42B9-A1E7-D7BA16A25423}C:\users\petr\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\petr\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{DE86DDF0-BAD5-4BC3-97AA-E85F611FC7AA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9D3E01E2-1F9A-44CF-B25A-E6CEF1D0EA2A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{45CA5035-3611-4A94-9EE7-A8B2FAAA54B3}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{589502F4-FDFE-499F-A01F-533CB4EDB52D}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{CB1D2879-110E-464C-B16D-A257ED89A021}] => (Allow) LPort=8888
FirewallRules: [{DE638763-6F1A-4271-866E-50AF8A10F90F}] => (Allow) C:\Program Files (x86)\CyberLink PowerDVD15\PowerDVD15\PowerDVD.exe
FirewallRules: [{77A0DCBE-3540-4678-8818-8A8CF1F6A52A}] => (Allow) C:\Program Files (x86)\CyberLink PowerDVD15\PowerDVD15\Kernel\DMS\CLMSServerPDVD15.exe
FirewallRules: [{E8D9352B-86E9-4B18-B028-147B34A5C23B}] => (Allow) C:\Program Files (x86)\CyberLink PowerDVD15\PowerDVD15\PowerDVD15Agent.exe
FirewallRules: [{868F8872-BA98-424C-B966-6B1E878FB276}] => (Allow) C:\Program Files (x86)\CyberLink PowerDVD15\PowerDVD15\Movie\PowerDVDMovie.exe
FirewallRules: [{F6153927-0C00-4875-8EF6-B92F7D2182A1}] => (Allow) C:\Program Files (x86)\CyberLink PowerDVD15\PowerDVD15\Movie\PowerDVD Cinema\PowerDVDCinema.exe
FirewallRules: [{445F2C75-808D-4A31-88C1-AD4AA8BF6E4E}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{F11E2B46-0E06-4945-A2D4-7F75344C2F63}] => (Allow) LPort=2869
FirewallRules: [{F32348DA-9235-4751-B067-6EB8E3E30166}] => (Allow) LPort=1900
FirewallRules: [{A466C3ED-3557-4F4E-980D-4B2BC7905EE7}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{CD698E9D-DC5B-4013-9CF1-2FF105B0DD6A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6B1900DC-2AD5-4A62-ADF4-90E2E8709D9C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0830BAA2-D1B5-4BAE-93A6-F6DDA0E17306}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminator.exe
FirewallRules: [{BBB9A777-D1CF-4ACD-B439-250BE014B369}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminator.exe
FirewallRules: [{99A6FAD8-FAB7-47A6-86CE-AA4346C03FBB}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
FirewallRules: [{A99D4B74-FDDF-4DCC-B8B2-E299109E51E6}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
FirewallRules: [TCP Query User{DC4EC295-0FEA-47D3-870E-9B2F1991DB21}C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe] => (Block) C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe
FirewallRules: [UDP Query User{CB2FA0BE-E624-4A2E-9869-4E54AC8243EA}C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe] => (Block) C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe

==================== Faulty Device Manager Devices =============

Name: Základní systémové zařízení
Description: Základní systémové zařízení
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: A309
Description: A309
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Základní systémové zařízení
Description: Základní systémové zařízení
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Základní systémové zařízení
Description: Základní systémové zařízení
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Teredo Tunneling Pseudo-Interface
Description: Adaptér tunelového režimu Microsoft Teredo
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/09/2015 09:00:33 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/09/2015 08:14:12 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/09/2015 07:51:26 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: Selhalo načtení automatické aktualizace kořenového certifikátu jiného výrobce z: <http://ctldl.windowsupdate.com/msdownlo ... 4C2AFD.crt>. Došlo k chybě Daná operace se vrátila, protože vypršel časový limit.
.

Error: (11/09/2015 07:43:50 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: Selhalo načtení automatické aktualizace kořenového certifikátu jiného výrobce z: <http://ctldl.windowsupdate.com/msdownlo ... 4C2AFD.crt>. Došlo k chybě Daná operace se vrátila, protože vypršel časový limit.
.

Error: (11/09/2015 07:43:46 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: Selhalo načtení automatické aktualizace kořenového certifikátu jiného výrobce z: <http://ctldl.windowsupdate.com/msdownlo ... 4C2AFD.crt>. Došlo k chybě Zvolený server nemůže provést požadovanou operaci.
.

Error: (11/09/2015 07:43:44 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: Selhalo načtení automatické aktualizace kořenového certifikátu jiného výrobce z: <http://ctldl.windowsupdate.com/msdownlo ... 4C2AFD.crt>. Došlo k chybě Daná operace se vrátila, protože vypršel časový limit.
.

Error: (11/09/2015 07:39:10 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/09/2015 06:43:04 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/09/2015 04:54:31 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/09/2015 04:53:04 AM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhost (1920) WebCacheLocal: Při otevírání souboru protokolu C:\Users\Petr\AppData\Local\Microsoft\Windows\WebCache\V0100010.log došlo k chybě -1811.


System errors:
=============
Error: (11/09/2015 08:59:09 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (8:57:40, ‎9.‎11.‎2015) bylo neočekávané.

Error: (11/09/2015 08:12:48 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (8:11:57, ‎9.‎11.‎2015) bylo neočekávané.

Error: (11/09/2015 07:45:23 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Windows Update přestala během spouštění reagovat.

Error: (11/09/2015 07:38:05 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (7:37:03, ‎9.‎11.‎2015) bylo neočekávané.

Error: (11/09/2015 06:42:42 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba hpqwmiex neuspěla při spuštění v důsledku následující chyby:
%%1053

Error: (11/09/2015 06:42:41 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby hpqwmiex bylo dosaženo časového limitu (30000 ms).

Error: (11/09/2015 06:42:42 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1053hpqwmiex{F5539356-2F02-40D4-999E-FA61F45FE12E}

Error: (11/09/2015 06:41:12 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (6:39:41, ‎9.‎11.‎2015) bylo neočekávané.

Error: (11/09/2015 04:52:50 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (4:50:56, ‎9.‎11.‎2015) bylo neočekávané.

Error: (11/09/2015 04:51:56 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby Wlansvc bylo dosaženo časového limitu (30000 ms).


CodeIntegrity:
===================================
Date: 2015-07-13 11:53:26.259
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sfc_os.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5 CPU M 520 @ 2.40GHz
Percentage of memory in use: 45%
Total physical RAM: 4022.87 MB
Available physical RAM: 2176.84 MB
Total Virtual: 8043.93 MB
Available Virtual: 6012.14 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:596.07 GB) (Free:122.95 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: 82DE393B)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=596.1 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

[Mandis]

Logfile of random's system information tool 1.10 (written by random/random)
Run by Petr at 2015-11-09 09:47:13
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 126 GB (21%) free of 610 GB
Total RAM: 4023 MB (52% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:47:18, on 9.11.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17728)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe
C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\Launcher\xrlaunch.exe
C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files\Alwil Software\Avast5\avastui.exe
C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe
C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
C:\Program Files (x86)\CyberLink PowerDVD15\PowerDVD15\PowerDVD15Agent.exe
C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DeviceAgent.exe
c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Petr.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ::1 localhost
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: (no name) - {451C804F-C205-4F03-B48E-537EC94937BF} - (no file)
O2 - BHO: Spyware Terminator 2015 Internet Guard - {82A76710-4F98-4957-92BE-99648A4E2475} - C:\PROGRA~2\SPYWAR~1\STINTE~1.DLL
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [Launcher6015B] "C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\Launcher\xrlaunch.exe" /S Xerox WorkCentre 6015B
O4 - HKLM\..\Run: [6015B RUN] "C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmRun.exe"
O4 - HKLM\..\Run: [StatusAutoRun6015B] "C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmpl.exe" Xerox WorkCentre 6015B,hide,\S
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [DBAgent] "C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe" /WinStart
O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O4 - HKLM\..\Run: [PowerDVD15Agent] "C:\Program Files (x86)\CyberLink PowerDVD15\PowerDVD15\PowerDVD15Agent.exe"
O4 - HKCU\..\Run: [Uploader] C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\PROGRAM FILES\CCLEANER\CCLEANER64.EXE" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-3400088848-3241487186-2567401322-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3400088848-3241487186-2567401322-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O9 - Extra button: Odeslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Protocol: WSWSVCUchrome - {1CA93FF0-A218-44F1 - (no file)
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Seagate Dashboard Services - Seagate Technology LLC - C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe
O23 - Service: Seagate MobileBackup Service - Seagate Technology LLC - C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Spyware Terminator 2015 Realtime Shield Service (ST2012_Svc) - Crawler Group - C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\STacSV64.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Validity WBF Policy Service (valWBFPolicyService) - Unknown owner - C:\Windows\system32\valWBFPolicyService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: XRcnStatutsDatabase (XRNADB) - Unknown owner - C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmdb.exe

--
End of file - 12394 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\STacSV64.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
C:\Windows\system32\WLANExt.exe 35029808
\??\C:\Windows\system32\conhost.exe "-18190193281494595760-1767050264173344539-1569335741597566785-5833452121587266885
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\AESTSr64.exe
"C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\File Association Helper\FAHWindow.exe" register
"C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe"
"C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe" /Start
"C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe"
"C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\Launcher\xrlaunch.exe" /S Xerox WorkCentre 6015B
"C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmW.exe"
\??\C:\Windows\system32\conhost.exe "-13013061171161671466-1190402263-261434311-361360529-1866456450-1906042038248389929
"C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmwj.exe"
"C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmpl.exe" Xerox WorkCentre 6015B,hide,\S
\??\C:\Windows\system32\conhost.exe "-1511481529-2848108391233616920-4076347551051353729-1413135927-1516238346-805290136
"C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe"
"C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
C:\Windows\system32\valWBFPolicyService.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe" /ELEVATED
"C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmdb.exe"
WLIDSvcM.exe 2824
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files\Alwil Software\Avast5\avastui.exe" /nogui
"C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe" /WinStart
"C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe"
"C:\Program Files (x86)\CyberLink PowerDVD15\PowerDVD15\PowerDVD15Agent.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-a9575860-fa2a-4689-a167-f0407a79ae60 -SystemEventPortName:HostProcess-e90dbdae-a91a-4b2f-919b-e66a8dc9ab20 -IoCancelEventPortName:HostProcess-38d1694e-e8b9-4c29-bfdc-092ba087f214 -NonStateChangingEventPortName:HostProcess-85ef8a0d-a2b9-4673-8f27-97e41c69419a -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:0592857c-747b-4f6f-9bf6-c7a8550fd26a -DeviceGroupId:
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"taskhost.exe"
taskeng.exe {A59FB3AF-B309-45DA-85BD-E15737419543}
taskeng.exe {9FB1420D-7829-4302-A616-23F16CF2BFF2}
"C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DeviceAgent.exe" -background
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
C:\Windows\system32\sppsvc.exe
"C:\Windows\system32\wuauclt.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528

"C:\Mandis disk\programy Windows 7\Programy proti virům a malware\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\yzkl882t.default-1417622844522

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "www.seznam.cz"
prefs.js - "keyword.URL" - "http://www.google.com/search?btnG=Google+Search&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 19.0.0.226 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 19.0.0.226 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL


C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll

C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\yzkl882t.default-1417622844522\extensions\
fxdevtools-adapters@mozilla.org
{a00bef25-f21a-4539-adbb-b179b29e2b92}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-08-12 219304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{82A76710-4F98-4957-92BE-99648A4E2475}]
Spyware Terminator 2015 Internet Guard - C:\PROGRA~2\SPYWAR~1\STINTE~2.DLL [2015-09-02 2013520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office15\URLREDIR.DLL [2014-01-23 881880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL [2015-03-18 2334928]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-08-12 153768]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{451C804F-C205-4F03-B48E-537EC94937BF}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{82A76710-4F98-4957-92BE-99648A4E2475}]
Spyware Terminator 2015 Internet Guard - C:\PROGRA~2\SPYWAR~1\STINTE~1.DLL [2015-09-02 1255248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení k účtu Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL [2014-01-22 707800]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2015-03-18 1729752]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-10-14 2837288]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2010-03-23 487424]
"FAHConsole"=C:\Program Files\File Association Helper\FAHConsole.exe [2014-01-28 729272]
"SpywareTerminatorShield"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2015-09-02 3884368]
"SpywareTerminatorUpdater"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [2015-09-02 5473104]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Uploader"=C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe [2015-07-15 127816]
"CCleaner Monitoring"=C:\PROGRAM FILES\CCLEANER\CCLEANER64.EXE [2014-10-30 6501656]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"QlbCtrl.exe"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2009-11-24 323640]
"hpqSRMon"=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2008-08-20 150016]
"Launcher6015B"=C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\Launcher\xrlaunch.exe [2011-04-28 2569728]
"6015B RUN"=C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmRun.exe [2012-01-03 355840]
"StatusAutoRun6015B"=C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmpl.exe [2012-01-03 4476928]
"PaperPort PTD"=C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [2009-02-19 24576]
"IndexSearch"=C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [2009-02-19 40960]
"AvastUI.exe"=C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2015-11-06 6133520]
"DBAgent"=C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [2015-07-15 1540896]
"Wondershare Helper Compact.exe"=C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2014-08-05 2020704]
"PowerDVD15Agent"=C:\Program Files (x86)\CyberLink PowerDVD15\PowerDVD15\PowerDVD15Agent.exe [2015-03-19 950296]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
"EnableLinkedConnections"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"msacm.l3codecp"=l3codecp.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-11-09 09:23:26 ----D---- C:\rsit
2015-11-09 09:23:26 ----D---- C:\Program Files\trend micro
2015-11-08 05:45:13 ----D---- C:\Users\Petr\AppData\Roaming\Spyware Terminator
2015-11-08 05:45:13 ----D---- C:\ProgramData\Spyware Terminator
2015-11-08 05:39:44 ----D---- C:\Program Files (x86)\Spyware Terminator
2015-11-06 20:56:00 ----D---- C:\Users\Petr\AppData\Roaming\DiskDefrag
2015-11-06 20:52:14 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-11-06 20:48:07 ----D---- C:\Program Files (x86)\Glary Undelete
2015-11-06 20:46:37 ----D---- C:\Program Files (x86)\Absolute Uninstaller
2015-10-27 16:29:00 ----D---- C:\Program Files (x86)\Heroes of Might and Magic 4
2015-10-27 16:11:19 ----D---- C:\Program Files (x86)\Might & Magic Heroes VII
2015-10-27 15:14:28 ----D---- C:\Users\Petr\AppData\Roaming\DAEMON Tools Lite
2015-10-25 20:35:51 ----D---- C:\Users\Petr\AppData\Roaming\MPC-HC
2015-10-25 17:34:28 ----D---- C:\Program Files (x86)\K-Lite Codec Pack
2015-10-22 10:33:32 ----D---- C:\Windows\en
2015-10-22 10:31:40 ----D---- C:\Windows\cs
2015-10-22 10:26:00 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-10-22 10:16:55 ----A---- C:\Windows\system32\drivers\fssfltr.sys
2015-10-22 10:16:54 ----DC---- C:\Windows\system32\DRVSTORE
2015-10-22 10:16:39 ----D---- C:\Program Files\Windows Live
2015-10-22 10:15:13 ----D---- C:\Program Files (x86)\Windows Live
2015-10-22 10:11:00 ----A---- C:\Windows\SYSWOW64\XAudio2_7.dll
2015-10-22 10:11:00 ----A---- C:\Windows\SYSWOW64\XAPOFX1_5.dll
2015-10-22 10:11:00 ----A---- C:\Windows\system32\XAudio2_7.dll
2015-10-22 10:11:00 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2015-10-22 10:10:58 ----A---- C:\Windows\SYSWOW64\D3DCompiler_43.dll
2015-10-22 10:10:58 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2015-10-22 10:10:53 ----A---- C:\Windows\SYSWOW64\d3dx11_43.dll
2015-10-22 10:10:53 ----A---- C:\Windows\system32\d3dx11_43.dll
2015-10-22 10:07:39 ----A---- C:\Windows\SYSWOW64\d3dx10_42.dll
2015-10-22 10:07:39 ----A---- C:\Windows\system32\d3dx10_42.dll
2015-10-22 10:05:33 ----A---- C:\Windows\SYSWOW64\d3dx9_32.dll
2015-10-22 10:05:33 ----A---- C:\Windows\system32\d3dx9_32.dll
2015-10-14 12:10:34 ----D---- C:\Program Files (x86)\CyberLink PowerDVD15

======List of files/folders modified in the last 1 month======

2015-11-09 09:47:16 ----D---- C:\Windows\Temp
2015-11-09 09:23:26 ----D---- C:\Program Files
2015-11-09 09:08:35 ----D---- C:\FRST
2015-11-09 09:07:58 ----D---- C:\Windows
2015-11-09 08:35:39 ----SHD---- C:\System Volume Information
2015-11-09 04:53:52 ----D---- C:\Windows\inf
2015-11-08 19:27:03 ----D---- C:\Users\Petr\AppData\Roaming\vlc
2015-11-08 19:25:00 ----D---- C:\Users\Petr\AppData\Roaming\uTorrent
2015-11-08 17:08:33 ----D---- C:\Windows\System32
2015-11-08 17:08:33 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-11-08 15:44:54 ----D---- C:\Windows\system32\config
2015-11-08 15:38:25 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-11-08 06:42:40 ----RD---- C:\Program Files (x86)
2015-11-08 06:42:40 ----D---- C:\Windows\system32\drivers
2015-11-08 05:45:13 ----HD---- C:\ProgramData
2015-11-08 05:43:32 ----D---- C:\Windows\Prefetch
2015-11-07 10:53:37 ----D---- C:\Program Files\WinRAR
2015-11-07 10:52:45 ----D---- C:\Windows\system32\catroot
2015-11-07 08:27:43 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2015-11-07 08:26:15 ----D---- C:\Program Files\Recuva
2015-11-07 08:20:10 ----SHD---- C:\Windows\Installer
2015-11-07 08:20:10 ----HD---- C:\Config.Msi
2015-11-07 08:20:09 ----D---- C:\Windows\system32\DriverStore
2015-11-07 08:19:22 ----D---- C:\Program Files (x86)\Pinnacle
2015-11-06 18:17:22 ----D---- C:\Mandis disk
2015-11-06 09:50:14 ----D---- C:\Users\Petr\AppData\Roaming\Adobe
2015-11-06 09:50:14 ----D---- C:\ProgramData\Adobe
2015-10-31 19:06:41 ----D---- C:\AdwCleaner
2015-10-31 05:37:32 ----D---- C:\Windows\Minidump
2015-10-31 05:37:32 ----D---- C:\Windows\Logs
2015-10-27 16:05:37 ----SD---- C:\ProgramData\Microsoft
2015-10-27 16:05:16 ----SD---- C:\Users\Petr\AppData\Roaming\Microsoft
2015-10-25 17:36:25 ----D---- C:\Windows\system32\Tasks
2015-10-25 17:22:09 ----D---- C:\Windows\SysWOW64
2015-10-24 17:48:10 ----D---- C:\Windows\winsxs
2015-10-24 12:29:40 ----D---- C:\ProgramData\Microsoft Help
2015-10-24 12:26:13 ----RSD---- C:\Windows\assembly
2015-10-22 10:14:07 ----D---- C:\Program Files\Common Files\Microsoft Shared
2015-10-19 16:26:23 ----D---- C:\Program Files (x86)\Common Files
2015-10-18 10:40:53 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-10-14 12:08:12 ----D---- C:\ProgramData\SUPPORTDIR
2015-10-12 05:25:59 ----D---- C:\Program Files (x86)\Pinnacle Studio 17
2015-10-12 05:00:06 ----RSD---- C:\Windows\Fonts

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-10-09 65224]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-10-09 274808]
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 30008]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2014-01-27 503352]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2015-10-09 28144]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-10-09 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-11-06 1059656]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-11-06 449992]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 {687703DE-DC6D-4649-892B-B8497854A6AB};Power Control [2015/10/14 13:19:04]; \??\C:\Program Files (x86)\CyberLink PowerDVD15\PowerDVD15\Common\NavFilter\000.fcl [2015-03-19 29896]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-10-09 28656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-10-09 90968]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-10-09 153744]
R2 sp_rsdrv2;Spyware Terminator Driver Filter; C:\Windows\system32\DRIVERS\stflt.sys [2011-08-24 51496]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 43320]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl664.sys [2014-01-21 3060800]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2009-06-28 70656]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2009-04-29 18432]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2009-10-12 151040]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-10-27 196384]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-03-01 187392]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt64.sys [2010-03-23 505344]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-10-14 396848]
R3 WinUSB;WinUSB Service; C:\Windows\system32\DRIVERS\WinUSB.sys [2010-11-21 41984]
S3 AVerAF15;HP DVB-T TV Tuner; C:\Windows\System32\Drivers\AVerAF15.sys [2009-05-22 311424]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2014-03-31 58056]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\AESTSr64.exe [2009-03-03 89600]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2015-10-09 146600]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 30520]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-10-23 922912]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-10-27 1364256]
R2 Seagate Dashboard Services;Seagate Dashboard Services; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [2015-07-15 16216]
R2 Seagate MobileBackup Service;Seagate MobileBackup Service; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe [2015-07-15 143656]
R2 ST2012_Svc;Spyware Terminator 2015 Realtime Shield Service; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [2015-09-02 3037520]
R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\STacSV64.exe [2010-03-23 247808]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-01-29 4915040]
R2 valWBFPolicyService;Validity WBF Policy Service; C:\Windows\system32\valWBFPolicyService.exe [2013-10-12 35328]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
R2 XRNADB;XRcnStatutsDatabase; C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmdb.exe [2012-01-03 95744]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]
R3 hpqwmiex;hpqwmiex; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2009-04-30 229944]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-18 269000]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2014-03-31 1512640]
S3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-03-13 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-11-06 147624]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 178760]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 5132888]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-01-21 1255736]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

[Mandis]

NOVÝ FRTS LOG !!!
Dokončil jsem postupně před zasekáváním Spywareterminator a dal z koupeného Avast Pro test po restartu a domazal vše.
Prosím nyní podívat se na tyto nové, děkuji pěkně

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-11-2015
Ran by Petr (administrator) on MANDIS (10-11-2015 11:01:16)
Running from F:\Mandis disk\Programy Win7\Programy proti virům a malware
Loaded Profiles: Petr & UpdatusUser (Available Profiles: Petr & UpdatusUser)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\AESTSr64.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe
(Nico Mak Computing) C:\Program Files\File Association Helper\FAHWindow.exe
(Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe
(Xerox) C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\Launcher\xrlaunch.exe
() C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmpl.exe
() C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmw.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
() C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmwj.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe
(CyberLink Corp.) C:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe
() C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Validity Sensors, Inc.) C:\Windows\System32\valWBFPolicyService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmdb.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\avastui.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DeviceAgent.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-03-23] (IDT, Inc.)
HKLM\...\Run: [FAHConsole] => C:\Program Files\File Association Helper\FAHConsole.exe [729272 2014-01-28] (Nico Mak Computing)
HKLM-x32\...\Run: [QlbCtrl.exe] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [323640 2009-11-24] ( Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150016 2008-08-20] (Hewlett-Packard)
HKLM-x32\...\Run: [Launcher6015B] => C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\Launcher\xrlaunch.exe [2569728 2011-04-28] (Xerox)
HKLM-x32\...\Run: [6015B RUN] => C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmRun.exe [355840 2012-01-03] ()
HKLM-x32\...\Run: [StatusAutoRun6015B] => C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmpl.exe [4476928 2012-01-03] ()
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [24576 2009-02-19] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [40960 2009-02-19] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvastUI.exe [6133520 2015-11-06] (AVAST Software)
HKLM-x32\...\Run: [DBAgent] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [1540896 2015-07-15] (Seagate Technology LLC)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2020704 2014-08-05] (Wondershare)
HKU\S-1-5-21-3400088848-3241487186-2567401322-1000\...\Run: [Uploader] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe [127816 2015-07-15] (Seagate Technology LLC)
HKU\S-1-5-21-3400088848-3241487186-2567401322-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-30] (Piriform Ltd)
HKU\S-1-5-21-3400088848-3241487186-2567401322-1000\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [457088 2015-09-23] (Sony)
HKU\S-1-5-21-3400088848-3241487186-2567401322-1000\...\MountPoints2: {36787e2d-2ad3-11e5-9109-002713a4b3b0} - F:\iLinker.exe
HKU\S-1-5-21-3400088848-3241487186-2567401322-1000\...\MountPoints2: {6d08fdae-f483-11e4-b9fc-002713a4b3b0} - F:\Unlock.exe autoplay=true
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShA64.dll [2015-10-09] (AVAST Software)
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 127.0.0.1 cap.cyberlink.com
Tcpip\Parameters: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{D0B7FA16-DD22-4461-85C0-0EF88289B5B4}: [DhcpNameServer] 192.168.43.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3400088848-3241487186-2567401322-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3400088848-3241487186-2567401322-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-08-12] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-03-18] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-08-12] (Microsoft Corporation)
BHO-x32: No Name -> {451C804F-C205-4F03-B48E-537EC94937BF} -> No File
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-03-18] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-03-12] (Microsoft Corporation)
Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 - No File

FireFox:
========
FF ProfilePath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\yzkl882t.default-1417622844522
FF NewTab: hxxp://www.google.com/
FF DefaultSearchUrl: hxxp://www.google.com/search?btnG=Google+Search&q=
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: www.seznam.cz
FF Session Restore: -> is enabled.
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-18] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-18] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-09-12] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation)
FF Extension: Valence - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\yzkl882t.default-1417622844522\Extensions\fxdevtools-adapters@mozilla.org [2015-10-22]
FF Extension: Video AdBlock for Firefox - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\yzkl882t.default-1417622844522\Extensions\{a00bef25-f21a-4539-adbb-b179b29e2b92} [2015-10-25] [not signed]

Chrome:
=======
CHR HKU\S-1-5-21-3400088848-3241487186-2567401322-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\AESTSr64.exe [89600 2009-03-03] (Andrea Electronics Corporation)
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [146600 2015-10-09] (AVAST Software)
S3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 Seagate Dashboard Services; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [16216 2015-07-15] (Seagate Technology LLC)
R2 Seagate MobileBackup Service; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe [143656 2015-07-15] (Seagate Technology LLC)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\STacSV64.exe [247808 2010-03-23] (IDT, Inc.)
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [35328 2013-10-12] (Validity Sensors, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 XRNADB; C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmdb.exe [95744 2012-01-03] () [File not signed]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-10-09] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-10-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-10-09] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-10-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-10-09] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1059656 2015-11-06] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449992 2015-11-06] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [153744 2015-10-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-10-09] (AVAST Software)
S3 AVerAF15; C:\Windows\System32\Drivers\AVerAF15.sys [311424 2009-05-22] (AVerMedia TECHNOLOGIES, Inc.) [File not signed]
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [503352 2014-01-27] () [File not signed]
U3 a6osypn2; C:\Windows\System32\Drivers\a6osypn2.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero byte File/Folder)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-10 10:51 - 2015-11-10 10:51 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-11-10 10:51 - 2015-11-10 10:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-11-10 10:46 - 2015-11-10 10:46 - 00001023 _____ C:\Users\Public\Desktop\Fotosizer.lnk
2015-11-10 10:46 - 2015-11-10 10:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fotosizer
2015-11-10 10:46 - 2015-11-10 10:46 - 00000000 ____D C:\Program Files (x86)\Fotosizer
2015-11-09 20:45 - 2015-11-09 21:17 - 00000000 ____D C:\Users\Petr\Desktop\Denisa fotky telefon
2015-11-09 20:29 - 2015-11-09 20:29 - 00000000 ____D C:\Users\Petr\AppData\Local\Sony
2015-11-09 20:12 - 2015-11-09 20:12 - 00000000 ____D C:\Users\Petr\Documents\Sony
2015-11-09 19:21 - 2015-11-09 19:22 - 00142598 _____ C:\Windows\DPINST.LOG
2015-11-09 19:17 - 2015-11-09 19:17 - 00002102 _____ C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2015-11-09 19:17 - 2015-11-09 19:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2015-11-09 19:16 - 2015-11-09 19:16 - 00000000 ____D C:\ProgramData\Sony
2015-11-09 19:16 - 2015-11-09 19:16 - 00000000 ____D C:\Program Files (x86)\Sony
2015-11-09 19:15 - 2015-11-09 19:15 - 29361616 _____ (Sony Mobile Communications ) C:\Users\Petr\Downloads\Sony PC Companion_Web.exe
2015-11-09 09:23 - 2015-11-09 09:47 - 00000000 ____D C:\Program Files\trend micro
2015-11-09 09:23 - 2015-11-09 09:25 - 00000000 ____D C:\rsit
2015-11-09 04:52 - 2015-11-10 10:41 - 00001852 _____ C:\Windows\setupact.log
2015-11-09 04:52 - 2015-11-09 04:52 - 00000000 _____ C:\Windows\setuperr.log
2015-11-08 09:18 - 2015-11-08 10:20 - 1099032956 _____ C:\Users\Petr\Downloads\Once.Upon.a.Time.S01E05.720p.HDTV.X264-DIMENSION.mkv
2015-11-08 07:18 - 2015-11-08 07:18 - 00000939 _____ C:\Users\Public\Desktop\VLC media player.lnk
2015-11-08 05:39 - 2015-11-10 09:26 - 00000000 ____D C:\Program Files (x86)\Spyware Terminator
2015-11-07 21:50 - 2015-11-07 20:02 - 2241804636 _____ C:\Users\Petr\Desktop\viasat-nature-Život-ve-velkých-mokřinách-3-1080p.avi
2015-11-07 21:45 - 2015-11-07 21:48 - 00000000 ____D C:\Users\Petr\Desktop\Kamera 2014
2015-11-07 21:44 - 2015-11-07 21:44 - 00000000 ____D C:\Users\Petr\Desktop\Heroes of Might and Magic III HD Edition v1.1.6
2015-11-07 19:46 - 2015-11-07 21:13 - 1468483584 _____ C:\Users\Petr\Downloads\Pohádky-na-dobrou-noc-Cz.avi
2015-11-07 17:52 - 2015-11-07 17:54 - 114034999 _____ C:\Users\Petr\Desktop\Silvestr Urampa Pašák ČT pokus 2.wmv
2015-11-07 15:34 - 2015-11-07 15:36 - 00000000 ____D C:\Users\Petr\Desktop\Pražské služby a město na kole videa
2015-11-07 15:25 - 2015-11-07 15:39 - 00000000 ____D C:\Users\Petr\Desktop\Extrémní show různé záběry
2015-11-07 14:38 - 2015-11-07 16:00 - 1457723636 _____ C:\Users\Petr\Downloads\Once.Upon.A.Time.S01E06.720p.WEB-DL.DD5.1.H.264-ECI.mkv
2015-11-07 12:55 - 2015-11-07 14:16 - 1452963324 _____ C:\Users\Petr\Downloads\Once.Upon.A.Time.S01E04.720p.WEB-DL.DD5.1.H.264-ECI.mkv
2015-11-07 11:31 - 2015-11-07 12:54 - 1477706176 _____ C:\Users\Petr\Downloads\Once.Upon.A.Time.S01E03.720p.WEB-DL.DD5.1.H.264-ECI.mkv
2015-11-06 20:56 - 2015-11-06 20:56 - 00000000 ____D C:\Users\Petr\AppData\Roaming\DiskDefrag
2015-11-06 20:52 - 2015-11-08 15:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-11-06 20:48 - 2015-11-06 20:48 - 00001085 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Undelete.lnk
2015-11-06 20:48 - 2015-11-06 20:48 - 00001073 _____ C:\Users\Public\Desktop\Glary Undelete.lnk
2015-11-06 20:48 - 2015-11-06 20:48 - 00000000 ____D C:\Program Files (x86)\Glary Undelete
2015-11-06 20:46 - 2015-11-07 07:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glarysoft
2015-11-06 20:46 - 2015-11-06 20:46 - 00001122 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Absolute Uninstaller.lnk
2015-11-06 20:46 - 2015-11-06 20:46 - 00001110 _____ C:\Users\Public\Desktop\Absolute Uninstaller.lnk
2015-11-06 17:44 - 2015-11-07 05:00 - 373915648 _____ C:\Users\Petr\Downloads\Spore - Česká Anthologie (2008-2010).iso
2015-11-06 17:39 - 2015-11-06 17:39 - 00000000 ____D C:\Users\Petr\Desktop\Nová trance music v raru
2015-11-06 17:36 - 2015-11-06 17:36 - 00000000 ____D C:\Users\Petr\Desktop\Vlasta Čiháček
2015-11-04 15:14 - 2015-11-08 07:35 - 00000000 ____D C:\Users\Petr\Desktop\videa do Extrémní show.cz
2015-11-04 14:23 - 2015-11-06 09:28 - 00000000 ____D C:\Users\Petr\Desktop\přehrát na disk u našich
2015-11-04 14:18 - 2015-11-04 14:19 - 00000000 ____D C:\Users\Petr\Desktop\Ladronka ofiko fotky
2015-11-04 14:17 - 2015-11-04 14:18 - 00000000 ____D C:\Users\Petr\Desktop\Ladronka 2013 funbox
2015-11-04 14:17 - 2015-11-04 14:17 - 00000000 ____D C:\Users\Petr\Desktop\Chorvatsko 2014
2015-11-04 14:07 - 2015-11-08 09:00 - 00000000 ____D C:\Users\Petr\Desktop\videa na střih Urampa
2015-11-04 14:04 - 2015-11-04 14:07 - 00000000 ____D C:\Users\Petr\Desktop\videa Letňany minirampa
2015-11-04 14:04 - 2015-11-04 14:04 - 00000000 ___RD C:\Users\Petr\Desktop\STROM - Moonspell Otakar Olsanik
2015-11-04 14:04 - 2015-11-04 14:04 - 00000000 ____D C:\Users\Petr\Desktop\portréty
2015-11-04 13:33 - 2015-11-04 14:04 - 00000000 ____D C:\Users\Petr\Desktop\Písničky
2015-11-04 13:27 - 2015-11-04 13:40 - 239604859 _____ C:\Users\Petr\Downloads\Dream-Trance-Music-Vol.01-(Hofbik).rar
2015-11-04 13:23 - 2015-11-04 13:23 - 00000000 ____D C:\Users\Petr\Desktop\Nové fotky na roztřídění 2015 2
2015-11-04 13:22 - 2015-11-06 09:14 - 00000000 ____D C:\Users\Petr\Desktop\Nová muzika
2015-11-04 13:17 - 2015-11-04 13:21 - 00000000 ____D C:\Users\Petr\Desktop\Love songs nové
2015-11-03 13:52 - 2015-11-03 13:54 - 60304171 _____ C:\Users\Petr\Desktop\extreme.mp4
2015-11-03 12:28 - 2015-11-03 12:29 - 00000000 ____D C:\Users\Petr\Desktop\Propokopské údolí
2015-11-01 06:43 - 2015-11-09 10:12 - 00153600 ___SH C:\Users\Petr\Desktop\Thumbs.db
2015-10-31 19:23 - 2015-10-31 23:21 - 00000000 ____D C:\Users\Petr\Desktop\Nové fotky do nabídky upravené a retušované
2015-10-31 17:52 - 2015-10-31 17:52 - 01694208 _____ C:\Users\Petr\Desktop\adwcleaner_5.015.exe
2015-10-30 10:34 - 2015-10-30 10:35 - 00000000 ____D C:\Users\Petr\Desktop\Ladronka fest videa
2015-10-29 13:19 - 2013-08-07 01:19 - 170773056 _____ C:\Users\Petr\Desktop\Křižíkova-fontána-(Krizik's-fountain)---Michael-Jackson---Romance---part-1,-Prague---CZ.mp4
2015-10-28 09:45 - 2015-10-29 20:51 - 00000000 ____D C:\Users\Petr\Desktop\Nové fotky na zálohu 2015 podzim
2015-10-27 16:33 - 2015-10-27 16:33 - 00002062 _____ C:\Users\UpdatusUser\Desktop\Heroes of Might and Magic® IV.lnk
2015-10-27 16:33 - 2015-10-27 16:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\3DO
2015-10-27 16:29 - 2015-10-27 16:33 - 00000000 ____D C:\Program Files (x86)\Heroes of Might and Magic 4
2015-10-27 16:11 - 2015-10-27 16:28 - 00000000 ____D C:\Program Files (x86)\Might & Magic Heroes VII
2015-10-27 15:14 - 2015-10-31 05:51 - 00000000 ____D C:\Users\Petr\AppData\Roaming\DAEMON Tools Lite
2015-10-25 20:35 - 2015-10-25 20:35 - 00000000 ____D C:\Users\Petr\AppData\Roaming\MPC-HC
2015-10-25 17:36 - 2015-10-25 17:36 - 00003786 _____ C:\Windows\System32\Tasks\klcp_update
2015-10-25 17:34 - 2015-10-25 17:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2015-10-25 17:34 - 2015-10-25 17:34 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2015-10-25 14:49 - 2015-10-31 07:06 - 00000000 ____D C:\Users\Petr\Desktop\fotky na poslání ze starých akcí
2015-10-24 09:14 - 2015-10-24 09:14 - 00000000 ____D C:\Users\Petr\Desktop\Extreme show powerslide
2015-10-22 12:58 - 2015-10-31 05:51 - 00000000 ____D C:\Users\Petr\Tracing
2015-10-22 10:33 - 2015-10-22 10:33 - 00000000 ____D C:\Windows\en
2015-10-22 10:31 - 2015-10-22 10:31 - 00000000 ____D C:\Windows\cs
2015-10-22 10:30 - 2015-10-22 10:30 - 00001305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2015-10-22 10:28 - 2015-10-22 10:28 - 00001374 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2015-10-22 10:26 - 2015-10-22 10:26 - 00000020 _____ C:\Windows\¬ó•
2015-10-22 10:26 - 2015-10-22 10:26 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-10-22 10:23 - 2015-10-22 10:23 - 00001458 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2015-10-22 10:21 - 2015-10-22 10:21 - 00002486 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
2015-10-22 10:17 - 2015-10-22 10:17 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2015-10-22 10:16 - 2015-10-22 10:16 - 00000000 ____D C:\Program Files\Windows Live
2015-10-22 10:16 - 2014-03-31 20:06 - 00058056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fssfltr.sys
2015-10-22 10:15 - 2015-10-22 10:24 - 00000000 ____D C:\Program Files (x86)\Windows Live
2015-10-22 10:11 - 2010-06-02 03:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2015-10-22 10:11 - 2010-06-02 03:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2015-10-22 10:11 - 2010-06-02 03:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2015-10-22 10:11 - 2010-06-02 03:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2015-10-22 10:10 - 2010-05-26 10:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2015-10-22 10:10 - 2010-05-26 10:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2015-10-22 10:10 - 2010-05-26 10:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2015-10-22 10:10 - 2010-05-26 10:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2015-10-22 10:07 - 2009-09-04 16:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2015-10-22 10:07 - 2009-09-04 16:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2015-10-22 10:05 - 2006-11-29 12:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2015-10-22 10:05 - 2006-11-29 12:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2015-10-22 10:00 - 2015-11-04 15:42 - 00000000 ____D C:\Users\Petr\AppData\Local\Windows Live
2015-10-19 15:04 - 2015-10-31 07:38 - 00000000 ____D C:\Users\Petr\Desktop\nové fotky na extreme show.cz

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-10 11:01 - 2014-11-18 16:24 - 00000000 ____D C:\FRST
2015-11-10 10:53 - 2009-07-14 05:45 - 00031104 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-10 10:53 - 2009-07-14 05:45 - 00031104 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-10 10:52 - 2014-01-19 15:33 - 01291902 _____ C:\Windows\WindowsUpdate.log
2015-11-10 10:51 - 2014-01-27 21:09 - 00000000 ____D C:\Program Files\WinRAR
2015-11-10 10:49 - 2011-04-12 09:34 - 00668790 _____ C:\Windows\system32\perfh005.dat
2015-11-10 10:49 - 2011-04-12 09:34 - 00141418 _____ C:\Windows\system32\perfc005.dat
2015-11-10 10:49 - 2009-07-14 06:13 - 01583214 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-10 10:42 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-10 09:40 - 2014-11-26 13:40 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-11-10 09:37 - 2014-01-20 07:33 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-11-10 09:36 - 2014-02-13 19:23 - 00000000 ____D C:\ProgramData\CyberLink
2015-11-10 09:35 - 2015-10-07 16:05 - 00000000 ____D C:\ProgramData\SUPPORTDIR
2015-11-10 09:17 - 2014-12-10 10:55 - 00000000 ____D C:\AdwCleaner
2015-11-10 08:49 - 2009-07-14 06:08 - 00032564 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-11-09 22:33 - 2014-02-27 08:48 - 00000000 ____D C:\Users\Petr\AppData\Roaming\vlc
2015-11-09 22:21 - 2014-05-13 13:27 - 00004184 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-11-08 19:25 - 2014-12-03 11:28 - 00000000 ____D C:\Users\Petr\AppData\Roaming\uTorrent
2015-11-08 15:46 - 2015-10-05 15:59 - 00000000 ____D C:\Users\Petr\Desktop\Trance music new podzim 2015
2015-11-08 15:38 - 2014-12-03 16:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-11-07 22:02 - 2014-08-03 12:19 - 00000000 ____D C:\Users\Petr\Desktop\fotky převod
2015-11-07 17:35 - 2014-02-10 13:38 - 00000000 ____D C:\Users\Petr\Desktop\Nová tvořivost
2015-11-07 08:19 - 2015-06-29 17:22 - 00000000 ____D C:\Program Files (x86)\Pinnacle
2015-11-06 18:17 - 2014-01-27 20:32 - 00000000 ____D C:\Mandis disk
2015-11-06 15:44 - 2014-05-13 13:27 - 01059656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2015-11-06 15:44 - 2014-01-27 22:10 - 00449992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2015-11-06 09:50 - 2014-01-27 21:35 - 00000000 ____D C:\ProgramData\Adobe
2015-11-06 09:50 - 2014-01-21 09:42 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Adobe
2015-11-05 05:05 - 2015-09-12 06:03 - 00000000 ____D C:\Users\Petr\Desktop\word dokumenty plocha
2015-11-04 07:23 - 2010-10-10 10:43 - 00000000 ____D C:\Users\Petr\Desktop\Samík tisk fotek
2015-11-04 07:22 - 2010-10-10 11:06 - 00000000 ____D C:\Users\Petr\Desktop\Starší fotky na tisk Samíčka
2015-10-31 16:09 - 2015-05-14 16:26 - 00000000 ____D C:\Users\Petr\Desktop\filmy novééé
2015-10-31 05:37 - 2014-06-23 12:59 - 00000000 ____D C:\Windows\Minidump
2015-10-30 14:10 - 2015-06-16 15:23 - 00000000 ____D C:\Users\Petr\Desktop\nová videa z exhibic
2015-10-30 12:55 - 2014-01-28 00:13 - 00000000 ____D C:\Users\Petr\Desktop\fotky na poslaní druhým
2015-10-30 09:09 - 2015-05-01 09:08 - 00000000 ____D C:\Users\Petr\Desktop\Kamera 2015
2015-10-29 21:01 - 2014-12-05 10:24 - 00000000 ____D C:\Users\Petr\Desktop\fotky Samíka na přebrání
2015-10-28 10:08 - 2015-08-18 14:10 - 00000000 ____D C:\Users\Petr\Desktop\SM-N9005_20150618173255
2015-10-25 20:48 - 2014-01-19 16:35 - 00000000 ____D C:\Users\Petr
2015-10-25 06:51 - 2015-07-13 11:24 - 00000000 ____D C:\Users\Petr\Desktop\Nové fotky na roztřídění 2015
2015-10-24 17:47 - 2009-07-14 05:45 - 00502632 _____ C:\Windows\system32\FNTCACHE.DAT
2015-10-24 12:29 - 2014-01-27 20:45 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-10-24 12:28 - 2014-01-27 20:49 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-10-24 06:40 - 2014-01-27 20:43 - 00001973 _____ C:\Users\Public\Desktop\Samsung Kies 3.lnk
2015-10-23 06:57 - 2015-10-03 07:38 - 00000000 ____D C:\Users\Petr\Desktop\A Muzika na akci
2015-10-22 10:14 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-10-18 10:41 - 2014-02-01 20:15 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-10-18 10:40 - 2014-02-01 20:15 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-10-18 10:40 - 2014-02-01 20:15 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-16 08:20 - 2014-10-30 20:20 - 00024526 ____H C:\Users\Petr\Desktop\~WRL2879.tmp
2015-10-14 12:29 - 2014-02-26 18:38 - 00000000 ____D C:\Users\Petr\Documents\CyberLink
2015-10-14 12:16 - 2014-02-26 18:33 - 00000000 ____D C:\Users\Petr\AppData\Local\CyberLink
2015-10-12 05:25 - 2015-06-29 17:22 - 00000000 ____D C:\Users\Public\Documents\Pinnacle Content
2015-10-12 05:25 - 2015-06-29 17:22 - 00000000 ____D C:\Program Files (x86)\Pinnacle Studio 17

==================== Files in the root of some directories =======

2015-06-29 18:20 - 2015-07-03 16:38 - 0000428 _____ () C:\Users\Petr\AppData\Roaming\MANDIS.MTBF.txt
2015-06-29 18:20 - 2015-07-03 16:54 - 0000934 _____ () C:\Users\Petr\AppData\Roaming\__AvidCloudManager.log
2015-06-29 18:20 - 2015-06-29 18:26 - 0000792 _____ () C:\Users\Petr\AppData\Roaming\__AvidCloudManagerPrevious.log
2014-01-20 23:21 - 2014-01-20 23:21 - 0000000 _____ () C:\Users\Petr\AppData\Local\AtStart.txt
2014-01-20 23:21 - 2014-01-20 23:21 - 0000000 _____ () C:\Users\Petr\AppData\Local\DSwitch.txt
2014-01-20 23:21 - 2014-01-20 23:21 - 0000000 _____ () C:\Users\Petr\AppData\Local\QSwitch.txt
2014-01-27 21:15 - 2014-01-27 21:24 - 0000370 _____ () C:\ProgramData\hpzinstall.log

Some files in TEMP:
====================
C:\Users\Petr\AppData\Local\Temp\sqlite3.dll
C:\Users\Petr\AppData\Local\Temp\vlc-2.2.1-win32.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-10-31 06:43

==================== End of FRST.txt ============================

[Mandis]

NOVÝ ADDITION.TXT

Additional scan result of Farbar Recovery Scan Tool (x64) Version:07-11-2015
Ran by Petr (2015-11-10 11:02:21)
Running from F:\Mandis disk\Programy Win7\Programy proti virům a malware
Windows 7 Professional Service Pack 1 (X64) (2014-01-19 15:35:53)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3400088848-3241487186-2567401322-500 - Administrator - Disabled)
Guest (S-1-5-21-3400088848-3241487186-2567401322-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3400088848-3241487186-2567401322-1003 - Limited - Enabled)
Petr (S-1-5-21-3400088848-3241487186-2567401322-1000 - Administrator - Enabled) => C:\Users\Petr
UpdatusUser (S-1-5-21-3400088848-3241487186-2567401322-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Absolute Uninstaller 5.3.1.20 (HKLM-x32\...\Absolute Uninstaller) (Version: 5.3.1.20 - Glarysoft Ltd)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\{B7B3E9B3-FB14-4927-894B-E9124509AF5A}) (Version: 10.0.32.18 - Adobe Systems, Inc.)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Photoshop CS (HKLM-x32\...\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}) (Version: CS - Adobe Systems, Inc.)
Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Aktualizace NVIDIA 1.15.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.15.2 - NVIDIA Corporation)
Avast Pro Antivirus (HKLM-x32\...\avast) (Version: 10.4.2233 - AVAST Software)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.60.350.6 - Broadcom Corporation)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon MG5500 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5500_series) (Version: 1.02 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
ENE CIR Receiver Driver (HKLM\...\FFE7D41DF3C645075BB149E21988B63996C34187) (Version: 2.7.4.0 - ENE)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotosizer 2.09 (HKLM-x32\...\Fotosizer) (Version: 2.09.0.548 - Fotosizer.com)
Glary Undelete 5.0.1.19 (HKLM-x32\...\Glary Undelete) (Version: 5.0.1.19 - Glarysoft Ltd)
Google Earth (HKLM-x32\...\{97C0EA4A-1A0B-4C53-ACEB-49984DA79C90}) (Version: 4.3.7204.836 - Google)
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Heroes of Might and Magic® IV (HKLM-x32\...\InstallShield_{192E2132-E977-4D3E-90BA-9DBCE1B57F8C}) (Version: 1.00.0000 - 3DO)
Heroes of Might and Magic® IV (x32 Version: 1.00.0000 - 3DO) Hidden
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP MediaSmart Live TV (HKLM-x32\...\InstallShield_{67626E09-5366-4480-8F1E-93FADF50CA15}) (Version: 3.0 - CyberLink Corp.)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Quick Launch Buttons (HKLM-x32\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.50.12.1 - Hewlett-Packard)
HP Scanjet G4000 Series (HKLM\...\{10297E58-2DFE-478B-9A1D-4B14E4E79CDF}) (Version: 13.0 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard)
hpg4000 (x32 Version: 13.0.0.0 - Název společnosti:) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6276.0 - IDT)
Image Retriever 9 (HKLM-x32\...\{EB4C309A-8DCB-4AB6-867A-06D67C96B234}) (Version: 9.0.0.0 - Nuance Communications, Inc.)
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.00.00.1030 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.35 - Irfan Skiljan)
Jpeg Resampler Vs 6+ (HKLM-x32\...\JpegResampler2010_is1) (Version: - Jpeg Resampler)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
K-Lite Codec Pack 11.5.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.5.0 - )
KMSnano 24 (HKLM\...\KMSnano 24_is1) (Version: KMSnano 24 - )
Microsoft .NET Framework 4.5.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 42.0 (x86 cs) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 cs)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
NVIDIA Ovladače grafiky 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
Ovládací panel NVIDIA 331.65 (Version: 331.65 - NVIDIA Corporation) Hidden
PaperPort Image Printer 64-bit (HKLM\...\{918A2C48-E40E-4341-B9C1-A38D50213F6B}) (Version: 1.00.0000 - Nuance Communications, Inc.)
Playway to English 1 CD-ROM (HKLM-x32\...\{6A031978-1FDC-42D4-A30B-018FA99C5784}) (Version: 2.00.0000 - Cambridge University Press, Helbling Languages)
QLBCASL (x32 Version: 6.40.17.2 - Hewlett-Packard) Hidden
Registrace uživatele zařízení Canon MG5500 series (HKLM-x32\...\Registrace uživatele zařízení Canon MG5500 series) (Version: - ‭Canon Inc.)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.) Hidden
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
ScanSoft OmniPage SE 16 (HKLM-x32\...\{27AC9FC3-9041-4CA0-B718-C0B8122D9B32}) (Version: 16.1.0000 - Nuance Communications, Inc.)
ScanSoft PaperPort 11 (HKLM-x32\...\{1D66156D-D721-4B55-B08B-BDC917E8DCD0}) (Version: 11.2.0000 - Nuance Communications, Inc.)
Seagate Dashboard (HKLM-x32\...\{EA266F00-A8E7-43A0-8DED-FBFE3F076934}) (Version: 4.2.002.0 - Seagate)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
Seznam Software (HKU\S-1-5-21-3400088848-3241487186-2567401322-1000\...\SeznamInstall) (Version: - Seznam.cz)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.13.13771 - Skype Technologies S.A.)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Sony PC Companion 2.10.289 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.289 - Sony)
SP45629 - Intel Chipset Installation Utility (HKLM-x32\...\{7AB416C2-4AEC-4967-A873-E2A3B404E6EC}) (Version: 1.0.0 - Hewlett-Packard International Pte. Ltd.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.25790 - TeamViewer)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: - )
Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0405-1000-0000000FF1CE}_Office15.PROPLUSR_{2B44F588-2B80-4DD3-B577-B10B3C6865EA}) (Version: - Microsoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WinZip 19.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E5}) (Version: 19.0.11293 - WinZip Computing, S.L. )
Xerox WorkCentre 6015B (HKLM-x32\...\InstallShield_{FB21CB19-03DB-4422-AB72-3CA9C9499512}) (Version: 1.005.00 - Xerox)
Xerox WorkCentre 6015B (x32 Version: 1.005.00 - Xerox) Hidden
XnView 1.99.5 (HKLM-x32\...\XnView_is1) (Version: 1.99.5 - Gougelet Pierre-e)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

09-11-2015 08:35:06 S
09-11-2015 19:18:44 Sony PC Companion

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2014-11-19 21:26 - 2015-10-07 17:02 - 00000870 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost
::1 localhost
127.0.0.1 cap.cyberlink.com

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {03860CA9-4CAD-4B98-B9DB-AF86C6B86D37} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-30] (Piriform Ltd)
Task: {0514F0AA-FEE5-454B-ABBC-73D964CD32D2} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {1BDBF622-B099-48FE-99E2-7CF70359EA15} - System32\Tasks\Aktualizační služba softwaru InstallShield => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [2005-02-16] (InstallShield Software Corporation)
Task: {28111E61-6639-47FA-9793-E8FA7DBE1C62} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2015-10-05] ()
Task: {290D5554-2CAE-4D00-806C-9E9C0E582A26} - System32\Tasks\Seagate_Install_Launch => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Dashboard.exe [2015-07-15] (Seagate Technology LLC)
Task: {3570B0B4-59D9-40EF-8523-5AEDA83C63F7} - \{6ABD546F-1447-4F17-8719-217A60A08082} -> No File <==== ATTENTION
Task: {363E8906-277F-4C49-A834-3C1B7DBA7FCF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {5D453047-3A84-4F1A-AC87-1BE8CFE71FC5} - System32\Tasks\{31860E30-4547-4642-8629-7170D2FD9702} => pcalua.exe -a C:\Users\Petr\Downloads\shrink_pic18.exe -d C:\Users\Petr\Downloads
Task: {5F683279-ADDC-4EF0-BE6A-660043C46E6F} - System32\Tasks\ScanSoft Background Update => C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25] (Nuance Communications, Inc.)
Task: {6C8090A5-F99F-445F-B7ED-64A81BA8B065} - System32\Tasks\{86CAD3F7-6666-42E6-BE0A-9FC365226892} => pcalua.exe -a C:\Users\Petr\Downloads\sp49094.exe -d C:\Users\Petr\Downloads
Task: {7BAEC43E-0DB8-4473-8332-A1F8227CF352} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {86465518-AB01-4B30-8424-72DCC3F55A3E} - System32\Tasks\CapSvcInst => c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CapSvcInst.exe
Task: {911BBD05-01B1-4BAB-86BD-8E0AA4709D9A} - System32\Tasks\Program k provádění aktualizací online Adobe => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21] (Adobe Systems Incorporated)
Task: {945AD81E-B507-4097-910B-A57BC020C4ED} - System32\Tasks\{5AAB68F2-60FA-4A53-9AC2-A3AABD2B8201} => pcalua.exe -a C:\NET\Ovladače\sp54929.exe -d C:\Users\Petr\Desktop
Task: {976D5659-B906-47EE-AF75-7A6FF3B724A6} - System32\Tasks\TVAgent => c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe [2009-09-18] (CyberLink Corp.)
Task: {AD38FBB6-47F4-4DBD-87BA-2927908C8115} - System32\Tasks\Program k provádění aktualizací online InstallShield Software => c:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [2005-02-16] (InstallShield Software Corporation)
Task: {B0EAFEB9-53A6-45E7-87D7-0830827B5E97} - System32\Tasks\CapUninst => c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CapUninst.exe
Task: {CA347752-E84E-469C-92DA-F1BC2EF80899} - System32\Tasks\{B372E8E1-2F30-4E18-81EC-F54138B2C422} => pcalua.exe -a C:\Windows\system32\pcwrun.exe -c "C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe"
Task: {CCCFAA2F-A49F-4442-9FA4-4B6C9B7CF26A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-18] (Adobe Systems Incorporated)
Task: {E761BA03-0B37-430E-934F-58B44EB6A262} - System32\Tasks\Online aktualizační program HP => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2007-05-08] (Hewlett-Packard)
Task: {EA1D17F4-3B65-415A-A4AE-F6DD0DB28498} - \SPBIW_UpdateTask_Time_313638333535373833362d4a375b5a5a6c783245343741 -> No File <==== ATTENTION
Task: {EE48280A-3618-4AA9-A03A-A12FA45C6892} - System32\Tasks\{8D31B56D-AD40-4217-90B4-39D497011277} => pcalua.exe -a "C:\Users\Petr\Desktop\programy Windows 7\nový\tcmd704a.exe" -d "C:\Users\Petr\Desktop\programy Windows 7\nový"
Task: {F3C5033A-DF67-4D5B-8C8C-31260D9BE5D9} - System32\Tasks\CapSchedInst => c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CapSchedInst.exe
Task: {F4351C94-C5DB-4397-9157-9F184A3D9326} - System32\Tasks\avast! Emergency Update => C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe [2015-10-09] (AVAST Software)
Task: {F8371EBB-6BAF-45C2-BCDA-2A49E5603530} - System32\Tasks\{29F6DA13-39F6-43FF-817A-2C30AA114663} => pcalua.exe -a "C:\Users\Petr\Desktop\programy Windows 7\Nové instalace 2013\irfanview_lang_czech.exe" -d "C:\Users\Petr\Desktop\programy Windows 7\Nové instalace 2013"
Task: {FF28A300-8F11-4399-B779-F1A5D46C7609} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-21] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (Whitelisted) ==============

2014-01-21 03:18 - 2013-10-23 09:20 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-02-10 19:55 - 2012-03-09 14:34 - 00022528 _____ () C:\Windows\System32\xrhk1alm.dll
2012-01-03 10:05 - 2012-01-03 10:05 - 04476928 _____ () C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmpl.exe
2012-01-03 10:04 - 2012-01-03 10:04 - 00247296 _____ () C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmW.exe
2012-01-03 10:04 - 2012-01-03 10:04 - 00227840 _____ () C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmwj.exe
2015-11-09 19:16 - 2015-06-10 11:13 - 00113024 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
2012-01-03 10:04 - 2012-01-03 10:04 - 00095744 _____ () C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmdb.exe
2014-10-23 20:19 - 2014-10-23 20:19 - 00043520 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2015-10-09 15:41 - 2015-10-09 15:41 - 00103376 _____ () C:\Program Files\Alwil Software\Avast5\log.dll
2015-10-09 15:41 - 2015-10-09 15:41 - 00123976 _____ () C:\Program Files\Alwil Software\Avast5\JsonRpcServer.dll
2015-11-08 11:00 - 2015-11-08 11:00 - 02990592 _____ () C:\Program Files\Alwil Software\Avast5\defs\15110700\algo.dll
2015-11-09 19:16 - 2012-04-30 11:57 - 00039936 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\TMonitorAPI.dll
2015-11-09 19:16 - 2014-12-04 15:18 - 00241152 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\MExplorer.dll
2015-09-07 16:00 - 2015-09-07 16:00 - 00093568 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\CalEngine.dll
2015-09-07 16:00 - 2015-09-07 16:00 - 00143232 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\CAgdLNotes.dll
2015-09-07 16:00 - 2015-09-07 16:00 - 00167296 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\CAgdOutlook.dll
2015-09-07 16:02 - 2015-09-07 16:02 - 00212352 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\VistaCalendar.dll
2015-11-09 19:16 - 2015-04-21 13:22 - 00053248 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\VObject.dll
2015-09-07 16:01 - 2015-09-07 16:01 - 00056704 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PimNotes.dll
2015-09-07 16:01 - 2015-09-07 16:01 - 00237440 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\Report.dll
2015-11-09 19:16 - 2013-05-20 12:58 - 00620718 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\sqlite3.dll
2015-09-22 10:21 - 2015-09-22 10:21 - 02369920 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\libxt.dll
2015-09-23 17:59 - 2015-09-23 17:59 - 00820096 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PhoneUpdate.dll
2015-10-09 15:41 - 2015-10-09 15:41 - 40539648 _____ () C:\Program Files\Alwil Software\Avast5\libcef.dll
2015-10-07 15:56 - 2014-08-05 09:22 - 01489408 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2015-10-07 15:56 - 2014-05-19 16:19 - 00137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3400088848-3241487186-2567401322-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.43.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{35577E9F-171C-41D0-B655-756E08D2486A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{EB0987BF-3349-47D4-B597-1B3F0ADA55E1}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{94A63192-3A7C-43AA-9D29-F5636E2114C6}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{058AEEA4-7722-44C0-B335-4A3F997B531D}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{E4BAC347-63DB-4197-97B3-176158DE78D6}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{B8C5F0BE-1EDE-4475-A8A7-CCF0767681B8}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{E557D77D-F5EC-4C72-9528-53AB97F375C0}] => (Allow) C:\Program Files\KMSnano\qemu-system-i386.exe
FirewallRules: [{E5043FF6-4EC8-4D44-B5A6-45144B6A623E}] => (Allow) C:\Program Files\KMSnano\qemu-system-i386.exe
FirewallRules: [{A942E273-C820-4E95-AA1F-416ECD7C5880}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{EF270BDC-CD4A-4A0A-8CFD-A0AC945730D1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{D4C21880-E4B1-4B0E-9DE8-1C41B6785803}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{6E83BA24-2B68-494C-9459-D72D336B59E0}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{190C4C3E-A4A5-440B-8CDA-FE2C186E5028}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsudi.exe
FirewallRules: [{6921BF56-2606-4B23-85BB-DDC24D8E0993}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpsapp.exe
FirewallRules: [{5DB7BB8F-3F2B-419D-A0FF-56D542D0CB9F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe
FirewallRules: [{0B574E8F-BCEC-4483-BB41-0BB5C6D9DE7F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{688FCDEA-B268-457B-8D78-B091150A8219}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{7205D8B7-5CF9-42BA-9173-5B79540245DA}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{BB90227C-9914-4966-A4F7-148EE98FDEC2}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{09748AE2-AE0B-4AD6-96B5-6DD707AF0767}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{B81A88B0-4BBE-49BB-B414-FF167FAD98BD}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{A04DC8B9-D771-4325-A46D-60A36FADB18D}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{0B6D27EC-DF44-4272-B6AC-F453EB0CBCCB}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{F483036C-446D-4412-A82F-9F60B3800FA1}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{450BDF45-D1B7-4F54-B7F7-8A8AF056B824}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{E910043F-5C65-45B8-AC43-5211BAF93080}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{D58AD317-9E34-47AD-8F51-87565B7EE705}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [TCP Query User{9E18F5B3-D36D-4D09-AEE2-A16C8698D143}C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe] => (Allow) C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe
FirewallRules: [UDP Query User{31787E16-FC3D-4088-982F-644BC73A9E3B}C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe] => (Allow) C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe
FirewallRules: [{D1BD381E-FC6A-460A-AFB0-95CC1564DAFB}] => (Block) C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe
FirewallRules: [{62569C6C-7F09-4B0F-98DF-B00135D2B69E}] => (Block) C:\program files (x86)\seagate\seagate dashboard 2.0\dashboard.exe
FirewallRules: [{D1EFDA8C-5544-4FD3-8882-3C477E03BF2A}] => (Allow) LPort=8888
FirewallRules: [TCP Query User{BA309BEA-C992-4680-A1D7-C7E3C789D0BA}C:\users\petr\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\petr\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{B7361255-9C8A-40EB-B3FB-4A78B47EE353}C:\users\petr\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\petr\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{FE31AF74-5E16-4F7E-AE61-68DE1B3476A8}C:\users\petr\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\petr\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{D53369BE-D2AF-42B9-A1E7-D7BA16A25423}C:\users\petr\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\petr\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{DE86DDF0-BAD5-4BC3-97AA-E85F611FC7AA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9D3E01E2-1F9A-44CF-B25A-E6CEF1D0EA2A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{45CA5035-3611-4A94-9EE7-A8B2FAAA54B3}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{589502F4-FDFE-499F-A01F-533CB4EDB52D}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{CB1D2879-110E-464C-B16D-A257ED89A021}] => (Allow) LPort=8888
FirewallRules: [{445F2C75-808D-4A31-88C1-AD4AA8BF6E4E}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{F11E2B46-0E06-4945-A2D4-7F75344C2F63}] => (Allow) LPort=2869
FirewallRules: [{F32348DA-9235-4751-B067-6EB8E3E30166}] => (Allow) LPort=1900
FirewallRules: [{A466C3ED-3557-4F4E-980D-4B2BC7905EE7}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{CD698E9D-DC5B-4013-9CF1-2FF105B0DD6A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6B1900DC-2AD5-4A62-ADF4-90E2E8709D9C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{DC4EC295-0FEA-47D3-870E-9B2F1991DB21}C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe] => (Block) C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe
FirewallRules: [UDP Query User{CB2FA0BE-E624-4A2E-9869-4E54AC8243EA}C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe] => (Block) C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe

==================== Faulty Device Manager Devices =============

Name: Základní systémové zařízení
Description: Základní systémové zařízení
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: A309
Description: A309
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: WD SES Device USB Device
Description: WD SES Device USB Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Základní systémové zařízení
Description: Základní systémové zařízení
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Základní systémové zařízení
Description: Základní systémové zařízení
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Teredo Tunneling Pseudo-Interface
Description: Adaptér tunelového režimu Microsoft Teredo
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/10/2015 10:43:24 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/10/2015 09:36:17 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: PowerDVD.exe, verze: 15.0.30274.5111, časové razítko: 0x54ffa3a5
Název chybujícího modulu: BoomerangLib.dll_unloaded, verze: 0.0.0.0, časové razítko: 0x5507db1e
Kód výjimky: 0xc0000005
Posun chyby: 0x61b2bac0
ID chybujícího procesu: 0x1704
Čas spuštění chybující aplikace: 0xPowerDVD.exe0
Cesta k chybující aplikaci: PowerDVD.exe1
Cesta k chybujícímu modulu: PowerDVD.exe2
ID zprávy: PowerDVD.exe3

Error: (11/10/2015 09:19:44 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/10/2015 08:50:35 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/10/2015 08:17:04 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/10/2015 07:55:47 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418225

Error: (11/10/2015 07:41:31 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/09/2015 11:01:39 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Index nebyl inicializován.

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (11/09/2015 11:01:39 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Aplikace nebyla inicializována.

Kontext: aplikace Windows

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (11/09/2015 11:01:39 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Objekt indexování nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)


System errors:
=============
Error: (11/10/2015 09:17:38 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\Windows\System32\bcmihvsrv64.dll

Error: (11/10/2015 09:17:38 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\Windows\System32\bcmihvsrv64.dll

Error: (11/10/2015 09:17:31 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\Windows\System32\bcmihvsrv64.dll

Error: (11/10/2015 09:17:20 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba NVIDIA Update Service Daemon byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (11/10/2015 09:17:20 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (11/10/2015 09:17:20 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Com4QLBEx byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (11/10/2015 09:17:19 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (11/10/2015 09:17:19 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba hpqwmiex byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (11/10/2015 09:17:19 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba XRcnStatutsDatabase byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (11/10/2015 09:17:19 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Live ID Sign-in Assistant byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.


CodeIntegrity:
===================================
Date: 2015-07-13 11:53:26.259
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sfc_os.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5 CPU M 520 @ 2.40GHz
Percentage of memory in use: 70%
Total physical RAM: 4022.87 MB
Available physical RAM: 1180.41 MB
Total Virtual: 8043.93 MB
Available Virtual: 5259.01 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:596.07 GB) (Free:146.62 GB) NTFS
Drive f: (My Passport) (Fixed) (Total:1862.98 GB) (Free:19.53 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: 82DE393B)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=596.1 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: 1FBA7087)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

[Mandis]

Nový Rsit !!
Po dokončení Spyware terminator a text po restartu posílám a mooc děkuji za zpětné info:-)

Logfile of random's system information tool 1.10 (written by random/random)
Run by Petr at 2015-11-10 11:14:30
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 150 GB (25%) free of 610 GB
Total RAM: 4023 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:14:32, on 10.11.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17728)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe
C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe
C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\Launcher\xrlaunch.exe
C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe
C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
C:\Program Files\Alwil Software\Avast5\avastui.exe
C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe
C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DeviceAgent.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Petr.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ::1 localhost
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: (no name) - {451C804F-C205-4F03-B48E-537EC94937BF} - (no file)
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [Launcher6015B] "C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\Launcher\xrlaunch.exe" /S Xerox WorkCentre 6015B
O4 - HKLM\..\Run: [6015B RUN] "C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmRun.exe"
O4 - HKLM\..\Run: [StatusAutoRun6015B] "C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmpl.exe" Xerox WorkCentre 6015B,hide,\S
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [DBAgent] "C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe" /WinStart
O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O4 - HKCU\..\Run: [Uploader] C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Sony PC Companion] "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-3400088848-3241487186-2567401322-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3400088848-3241487186-2567401322-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O9 - Extra button: Odeslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Protocol: WSWSVCUchrome - {1CA93FF0-A218-44F1 - (no file)
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Seagate Dashboard Services - Seagate Technology LLC - C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe
O23 - Service: Seagate MobileBackup Service - Seagate Technology LLC - C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\STacSV64.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Validity WBF Policy Service (valWBFPolicyService) - Unknown owner - C:\Windows\system32\valWBFPolicyService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: XRcnStatutsDatabase (XRNADB) - Unknown owner - C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmdb.exe

--
End of file - 12148 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\STacSV64.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\Hpservice.exe
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\Alwil Software\Avast5\AvastSvc.exe"
C:\Windows\system32\WLANExt.exe 26462112
"C:\Windows\system32\Dwm.exe"
\??\C:\Windows\system32\conhost.exe "-13740710181825814891315371880-296399454187278207-119574535595848021856209158
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\AESTSr64.exe
"C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe"
"C:\Program Files\File Association Helper\FAHWindow.exe" register
"C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe" /Start
"C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe"
"C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\Launcher\xrlaunch.exe" /S Xerox WorkCentre 6015B
"C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmpl.exe" Xerox WorkCentre 6015B,hide,\S
"C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmW.exe"
\??\C:\Windows\system32\conhost.exe "210222372-947247941-1783682058-540642797-5103767461078581411718668873-636017285
"C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe"
"C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmwj.exe"
\??\C:\Windows\system32\conhost.exe "816013697-1697427194-1918512905926887021691369615155424860-3017896941334591623
"C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe"
taskeng.exe {E4922A1F-5A48-4C95-8547-E8282E1D6B71}
"c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe"
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
C:\Windows\system32\valWBFPolicyService.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmdb.exe"
WLIDSvcM.exe 1000
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k bthsvcs
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-2b3e3962-2e7e-4a60-88b3-d5ca67ccefdb -SystemEventPortName:HostProcess-517f325c-e8b2-437a-b16c-45ed8426fe84 -IoCancelEventPortName:HostProcess-9dac7925-ad98-445e-a15c-85f66a2e94f8 -NonStateChangingEventPortName:HostProcess-eda2ef62-ce2f-44ac-8f91-528258bc7beb -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:7971d738-9429-468f-a1ee-f966146cda03 -DeviceGroupId:
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Alwil Software\Avast5\avastui.exe" /nogui
"C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe" /WinStart
"C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe"
"C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DeviceAgent.exe" -background
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
"C:\Windows\system32\wuauclt.exe"
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528

C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"F:\Mandis disk\Programy Win7\Programy proti virům a malware\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\yzkl882t.default-1417622844522

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "www.seznam.cz"
prefs.js - "keyword.URL" - "http://www.google.com/search?btnG=Google+Search&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 19.0.0.226 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 19.0.0.226 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL


C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll

C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\yzkl882t.default-1417622844522\extensions\
fxdevtools-adapters@mozilla.org
{a00bef25-f21a-4539-adbb-b179b29e2b92}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-08-12 219304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office15\URLREDIR.DLL [2014-01-23 881880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL [2015-03-18 2334928]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-08-12 153768]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{451C804F-C205-4F03-B48E-537EC94937BF}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení k účtu Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL [2014-01-22 707800]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2015-03-18 1729752]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-10-14 2837288]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2010-03-23 487424]
"FAHConsole"=C:\Program Files\File Association Helper\FAHConsole.exe [2014-01-28 729272]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Uploader"=C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe [2015-07-15 127816]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-10-30 6501656]
"Sony PC Companion"=C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [2015-09-23 457088]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"QlbCtrl.exe"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2009-11-24 323640]
"hpqSRMon"=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2008-08-20 150016]
"Launcher6015B"=C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\Launcher\xrlaunch.exe [2011-04-28 2569728]
"6015B RUN"=C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmRun.exe [2012-01-03 355840]
"StatusAutoRun6015B"=C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmpl.exe [2012-01-03 4476928]
"PaperPort PTD"=C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [2009-02-19 24576]
"IndexSearch"=C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [2009-02-19 40960]
"AvastUI.exe"=C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2015-11-06 6133520]
"DBAgent"=C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [2015-07-15 1540896]
"Wondershare Helper Compact.exe"=C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2014-08-05 2020704]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
"EnableLinkedConnections"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"msacm.l3codecp"=l3codecp.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-11-10 10:46:38 ----D---- C:\Program Files (x86)\Fotosizer
2015-11-09 19:16:38 ----D---- C:\ProgramData\Sony
2015-11-09 19:16:38 ----D---- C:\Program Files (x86)\Sony
2015-11-09 09:23:26 ----D---- C:\rsit
2015-11-09 09:23:26 ----D---- C:\Program Files\trend micro
2015-11-08 05:39:44 ----D---- C:\Program Files (x86)\Spyware Terminator
2015-11-06 20:56:00 ----D---- C:\Users\Petr\AppData\Roaming\DiskDefrag
2015-11-06 20:52:14 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-11-06 20:48:07 ----D---- C:\Program Files (x86)\Glary Undelete
2015-11-06 20:46:37 ----D---- C:\Program Files (x86)\Absolute Uninstaller
2015-10-27 16:29:00 ----D---- C:\Program Files (x86)\Heroes of Might and Magic 4
2015-10-27 16:11:19 ----D---- C:\Program Files (x86)\Might & Magic Heroes VII
2015-10-27 15:14:28 ----D---- C:\Users\Petr\AppData\Roaming\DAEMON Tools Lite
2015-10-25 20:35:51 ----D---- C:\Users\Petr\AppData\Roaming\MPC-HC
2015-10-25 17:34:28 ----D---- C:\Program Files (x86)\K-Lite Codec Pack
2015-10-22 10:33:32 ----D---- C:\Windows\en
2015-10-22 10:31:40 ----D---- C:\Windows\cs
2015-10-22 10:26:00 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-10-22 10:16:55 ----A---- C:\Windows\system32\drivers\fssfltr.sys
2015-10-22 10:16:54 ----DC---- C:\Windows\system32\DRVSTORE
2015-10-22 10:16:39 ----D---- C:\Program Files\Windows Live
2015-10-22 10:15:13 ----D---- C:\Program Files (x86)\Windows Live
2015-10-22 10:11:00 ----A---- C:\Windows\SYSWOW64\XAudio2_7.dll
2015-10-22 10:11:00 ----A---- C:\Windows\SYSWOW64\XAPOFX1_5.dll
2015-10-22 10:11:00 ----A---- C:\Windows\system32\XAudio2_7.dll
2015-10-22 10:11:00 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2015-10-22 10:10:58 ----A---- C:\Windows\SYSWOW64\D3DCompiler_43.dll
2015-10-22 10:10:58 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2015-10-22 10:10:53 ----A---- C:\Windows\SYSWOW64\d3dx11_43.dll
2015-10-22 10:10:53 ----A---- C:\Windows\system32\d3dx11_43.dll
2015-10-22 10:07:39 ----A---- C:\Windows\SYSWOW64\d3dx10_42.dll
2015-10-22 10:07:39 ----A---- C:\Windows\system32\d3dx10_42.dll
2015-10-22 10:05:33 ----A---- C:\Windows\SYSWOW64\d3dx9_32.dll
2015-10-22 10:05:33 ----A---- C:\Windows\system32\d3dx9_32.dll

======List of files/folders modified in the last 1 month======

2015-11-10 11:14:31 ----D---- C:\Windows\Temp
2015-11-10 11:03:14 ----D---- C:\FRST
2015-11-10 11:02:36 ----D---- C:\Windows
2015-11-10 10:52:13 ----D---- C:\Program Files
2015-11-10 10:51:09 ----D---- C:\Program Files\WinRAR
2015-11-10 10:49:23 ----D---- C:\Windows\system32\config
2015-11-10 10:49:17 ----D---- C:\Windows\System32
2015-11-10 10:49:17 ----D---- C:\Windows\inf
2015-11-10 10:49:17 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-11-10 10:46:38 ----RD---- C:\Program Files (x86)
2015-11-10 09:37:25 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2015-11-10 09:36:42 ----D---- C:\ProgramData\CyberLink
2015-11-10 09:35:54 ----D---- C:\ProgramData\SUPPORTDIR
2015-11-10 09:26:28 ----HD---- C:\ProgramData
2015-11-10 09:19:08 ----D---- C:\Windows\system32\drivers
2015-11-10 09:17:20 ----D---- C:\AdwCleaner
2015-11-09 22:33:23 ----D---- C:\Users\Petr\AppData\Roaming\vlc
2015-11-09 19:20:04 ----SHD---- C:\System Volume Information
2015-11-08 19:25:00 ----D---- C:\Users\Petr\AppData\Roaming\uTorrent
2015-11-08 15:38:25 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-11-08 05:43:32 ----D---- C:\Windows\Prefetch
2015-11-07 10:52:45 ----D---- C:\Windows\system32\catroot
2015-11-07 08:20:10 ----SHD---- C:\Windows\Installer
2015-11-07 08:20:10 ----HD---- C:\Config.Msi
2015-11-07 08:20:09 ----D---- C:\Windows\system32\DriverStore
2015-11-07 08:19:22 ----D---- C:\Program Files (x86)\Pinnacle
2015-11-06 18:17:22 ----D---- C:\Mandis disk
2015-11-06 09:50:14 ----D---- C:\Users\Petr\AppData\Roaming\Adobe
2015-11-06 09:50:14 ----D---- C:\ProgramData\Adobe
2015-10-31 05:37:32 ----D---- C:\Windows\Minidump
2015-10-31 05:37:32 ----D---- C:\Windows\Logs
2015-10-27 16:05:37 ----SD---- C:\ProgramData\Microsoft
2015-10-27 16:05:16 ----SD---- C:\Users\Petr\AppData\Roaming\Microsoft
2015-10-25 17:36:25 ----D---- C:\Windows\system32\Tasks
2015-10-25 17:22:09 ----D---- C:\Windows\SysWOW64
2015-10-24 17:48:10 ----D---- C:\Windows\winsxs
2015-10-24 12:29:40 ----D---- C:\ProgramData\Microsoft Help
2015-10-24 12:26:13 ----RSD---- C:\Windows\assembly
2015-10-22 10:14:07 ----D---- C:\Program Files\Common Files\Microsoft Shared
2015-10-19 16:26:23 ----D---- C:\Program Files (x86)\Common Files
2015-10-18 10:40:53 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-10-12 05:25:59 ----D---- C:\Program Files (x86)\Pinnacle Studio 17
2015-10-12 05:00:06 ----RSD---- C:\Windows\Fonts

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-10-09 65224]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-10-09 274808]
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 30008]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2014-01-27 503352]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2015-10-09 28144]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-10-09 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-11-06 1059656]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-11-06 449992]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-10-09 28656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-10-09 90968]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-10-09 153744]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 43320]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl664.sys [2014-01-21 3060800]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2009-06-28 70656]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2009-04-29 18432]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2009-10-12 151040]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-10-27 196384]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-03-01 187392]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt64.sys [2010-03-23 505344]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-10-14 396848]
R3 WinUSB;WinUSB Service; C:\Windows\system32\DRIVERS\WinUSB.sys [2010-11-21 41984]
S3 a6osypn2;a6osypn2; C:\Windows\system32\drivers\a6osypn2.sys []
S3 AVerAF15;HP DVB-T TV Tuner; C:\Windows\System32\Drivers\AVerAF15.sys [2009-05-22 311424]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2014-03-31 58056]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\AESTSr64.exe [2009-03-03 89600]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2015-10-09 146600]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 30520]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-10-23 922912]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-10-27 1364256]
R2 Seagate Dashboard Services;Seagate Dashboard Services; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [2015-07-15 16216]
R2 Seagate MobileBackup Service;Seagate MobileBackup Service; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe [2015-07-15 143656]
R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_70dacb64382a61a7\STacSV64.exe [2010-03-23 247808]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-01-29 4915040]
R2 valWBFPolicyService;Validity WBF Policy Service; C:\Windows\system32\valWBFPolicyService.exe [2013-10-12 35328]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
R2 XRNADB;XRcnStatutsDatabase; C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmdb.exe [2012-01-03 95744]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]
R3 hpqwmiex;hpqwmiex; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2009-04-30 229944]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-18 269000]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2014-03-31 1512640]
S3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-03-13 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-11-06 147624]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 178760]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 5132888]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2015-06-10 155520]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-01-21 1255736]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

[Márty84]

Zdravim

Je zazrak, ze si tematu kolega cernohous13 vsiml a upozornil na nej. Kdyz si hned na zacatku tolikrat sam odpovite, obvykle zapadnete a trva spoooustu dni, nez vas nekdo objevi, protoze to vypada, ze uz tema nekdo resi. Priste dejte jen jeden log a pockejte na odpoved, urychli se to


Na plose vidim nejaka videa...

Velikost plochy by nemela presahovat 200 - 300 MB! Brzdi to chod pc. Cili ji pripadne trosku uklidte a na plochu dejte jen zastupce. Jen pozor na obcasnou chybu, ze uzivatele maji na plose slozku, v ni dalsi a v ni dalsi a do te to schovaji. To je sice hezke, ale plochu to nezmensi, jen je to v jinem supliku


Odinstalujte Terminatora, nebo aspon zakazte jeho spousteni po startu pc. Muze byt v kolizi s Avastem.

Stahnete crystal disk info http://sourceforge.jp/projects/crystald ... 5_0_0.zip/
Spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)

Udelejte novou kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

[Mandis]

Hezké ranko přeji a předem rád napíši, že si vážím moc výstižných odpovědí!! A děkuji za tuto laskavou pomoc
Spyware jsem použil jen na scan a očistu, hned jinak odinstalovávám a děkuji za tip s tou plochou,
protože na ní mám desítky giga, používám jí normálně co potřebuji nebo nevím co s tím, tak oblíbená složka
je právě plocha 2014 třeba a tam hromada věcí... Dnes to dám dopořádku a upravím, děkuji!!

Scan z crystal disk, no našel toho hodně...
----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 Professional SP1 [6.1 Build 7601] (x64)
Date : 2015/11/11 8:39:46

-- Controller Map ----------------------------------------------------------
+ Intel(R) 5 Series/3400 Series Chipset Family 6 Port SATA AHCI Controller - 3B2F [ATA]
+ ATA Channel 0 (0)
- WDC WD6400BEVT-60A0RT0 ATA Device
+ ATA Channel 1 (1)
- hp DVDRAM GT20L ATA Device
- ATA Channel 4 (4)
- ATA Channel 5 (5)
+ AXBD3USZ IDE Controller [SCSI]
- HGNEN J8HAFS5QNCPU SCSI CdRom Device

-- Disk List ---------------------------------------------------------------
(1) WDC WD6400BEVT-60A0RT0 : 640,1 GB [0/0/0, pd1]

----------------------------------------------------------------------------
(1) WDC WD6400BEVT-60A0RT0
----------------------------------------------------------------------------
Model : WDC WD6400BEVT-60A0RT0
Firmware : 01.01A01
Serial Number : WD-WX31A2058523
Disk Size : 640,1 GB (8,4/137,4/640,1)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 1250263728
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/300
Power On Hours : 10054 hod.
Power On Count : 8184 krát
Temparature : 33 C (91 F)
Health Status : Pozor
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 0060h [ON]
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000DCE Počet chyb čtení
03 186 153 _21 00000000068B Čas na roztočení ploten
04 _92 _92 __0 000000002255 Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 100 253 _51 000000000000 Počet chybných hledání
09 _87 _87 __0 000000002746 Hodin v činnosti
0A 100 100 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _92 _92 __0 000000001FF8 Počet cyklů zapnutí zařízení
B7 100 100 __0 000000000000 Neznámý
BB 100 __1 __0 000000000C39 Ohlášeno neopravitelných chyb
BC 100 __1 __0 000200020D0B Časový limit příkazu
BE _67 _42 _40 000022140021 Teplota toku vzduchu
BF __1 __1 __0 00000000159C Počet udalostí zaznamenaných otřesovým senzorem
C0 199 199 __0 000000000359 Počet vypnutí disku
C1 _30 _30 __0 00000007CCE8 Počet cyklů načítání/vymazání
C2 114 _89 __0 000000000021 Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000004 Počet podezřelých sektorů
C6 200 200 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 200 200 _51 000000000000 Počet chyb při zápisu sektorů

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2057 442D 5758 4132 4132 3035 3835 3233
020: 0000 4000 0032 3031 2E30 3031 3031 5744 4320 5744
030: 3634 3030 4245 5654 2D36 3052 3052 5430 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 003F 003F FC10 00FB 0100
060: FFFF 0FFF 0000 0107 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 0D06 0D06 0000 004C 0040
080: 01FE 0000 706B 7C09 6123 BC09 BC09 6123 003F 004D
090: 004D 0060 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 82B0 4A85 0000 0000 0000 0000 0000 0000 5001 4EE0
110: ACC6 C27C 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 16D3 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 703F 703F 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 101E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 94A5


MBAM scan: nic mi nenašel, ale to ani předtím co test po restartu od Avastu a Spyware našel,
CCleaner pravidelně pouštím ať scan, tak register scan.

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 11.11.2015
Čas skenování: 8:53
Protokol: scan mbam.txt
Správce: Ano

Verze: 2.2.0.1024
Databáze malwaru: v2015.11.11.02
Databáze rootkitů: v2015.11.04.02
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Petr

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 376387
Uplynulý čas: 34 min, 13 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Varovat
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 0
(Nenalezeny žádné škodlivé položky)

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

[Márty84]

Nemate zac!

Disk nevypada nejlepe, proverime ho...

Udelejte kontrolu programem HD Tune
Stahnete http://www.slunecnice.cz/sw/hd-tune/ , nainstalujte a spustte jako spravce (pokud vam pri instalaci nabidne nejaky doplnek, odmitnete ho!)
V tom okne kliknete na posledni zalozku - Error Scan (pokud bude zatrzeny quick scan, tak zatrzitko zruste) a kliknete na Start.
Kontrola bude nejakou dobu trvat. Dejte vedet, jestli tam bylo nejake cervene policko.
Taky se podivejte na zalozku Health a opiste mi (vyfotte), co se tam pise. Melo by tam byt OK http://www.google.cz/imgres?um=1&hl=cs& ... s:20,i:143

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 376387
Uplynulý čas: 34 min, 13 sek

Ja chtel Vlastni sken, tak jak se pise v navodu. Udelejte radeji jeste ten Vlastni sken. Sken hrozeb neprohlizi cely pocitac.

[Mandis]

Hezké ranko přeji,
trvalo to dloouho, že jsem to musel nechat i na noc, asi i jak jsem měl puštěné oba najednou...
HD Tune: WDC WD6400BEVT-60A0RT0 Health

ID Current Worst ThresholdData Status
(01) Raw Read Error Rate 200 200 51 3548 Ok
(03) Spin Up Time 186 153 21 1666 Ok
(04) Start/Stop Count 92 92 0 8796 Ok
(05) Reallocated Sector Count 200 200 140 0 Ok
(07) Seek Error Rate 100 253 51 0 Ok
(09) Power On Hours Count 87 87 0 10082 Ok
(0A) Spin Retry Count 100 100 51 0 Ok
(0B) Calibration Retry Count 100 100 0 0 Ok
(0C) Power Cycle Count 92 92 0 8191 Ok
(B7) (unknown attribute) 100 100 0 0 Ok
(BB) (unknown attribute) 100 1 0 3149 Ok
(BC) (unknown attribute) 100 1 0 134431 Ok
(BE) Airflow Temperature 69 42 40 807010335 Ok
(BF) G-sense Error Rate 1 1 0 5535 Ok
(C0) Power Off Retract Count 199 199 0 866 Ok
(C1) Load Cycle Count 30 30 0 511860 Ok
(C2) Temperature 116 89 0 31 Ok
(C4) Reallocated Event Count 200 200 0 0 Ok
(C5) Current Pending Sector 200 200 0 5 Ok
(C6) Offline Uncorrectable 200 200 0 0 Ok
(C7) Ultra DMA CRC Error Count 200 200 0 0 Ok
(C8) Write Error Rate 200 200 51 0 Ok

Power On Time : 10082
Health Status : Ok


HD Tune: WDC WD6400BEVT-60A0RT0 Error Scan

Scanned data : 610236 MB
Damaged Blocks : 0.1 %
Elapsed Time : 743:07
------
2 bloky byly červené, pošlu v příloze fotku !!
-------

A dobře 8 hodin mi běžel vlastní scan v mbam, a když ráno přijdu k počítači mám tam report ze scanu hrozeb a ani jsem
se ho nedotknul a přitom mi to ještě než jsem šel spát ukázalo 13 nalezných, ale v historii scanů nic není ... Jako by nebyl, žádný výsledek, jen ten potom rychlý, který jsem určitě nedával, podívám se na nějaké plánování scanů a zruším to. Musím to dát ještě jednou...
Děkuji za informace co s tím diskem, děkuji moc:-) Defragmetace je a byla na 0, to si hlídám.

Přeji příjemný den
tedy někdy večer bude hotový, snad tam již zůstane...

[Márty84]

S tim MBAM je to zvlastni, snad to tedy byla nahoda, potreboval bych videt co a kde nasel

Disk je poskozeny, muze to byt pricina toho sekani a zpomalovani. Uvidime po docisteni. Kazdopadne doporucuji pravidelne zalohovat data, no a v idealnim pripade vymenu disku.

[Mandis]

Děkuji za super rychlou odpověď
S tím diskem tedy teď nic nemohu? Výměna není možná je to v notebooku ... Zálohuji velmi pravidelně,
děkuji za upozornění:-)
Musí se počkat na vlastní scan MBAM?
Ono tam je naplánovaná denní očista - scan hrozeb a to se pustilo a tamto tím změnilo.
Snad se scan stihne přes den a navečer Vám to pošlu.
Děkuji pěkně a hezké ranko

[Márty84]

Děkuji za super rychlou odpověď

Odpoved byla rychla, protoze jsem byl zrovna u pc

S tím diskem tedy teď nic nemohu? Výměna není možná je to v notebooku ...

Disk ma proste poskozene sektory. Opravit to neni jak a muze to delat problemy. Muze to bezet s mirnyma obtizema treba nekolik let, ale taky to muze kleknout behem nekolika dnu. Tohle vam nikdo nepovi a ted zalezi, jestli to takhle vydrzi, nebo se to bude zhorsovat.

Musí se počkat na vlastní scan MBAM?

Ano, at je jistota. Pak budem cistit dale

[Mandis]

Hezký večer, nechal jsem běžet scan přes den a teď jsem přijel, tak rád posílám.
FRTS a pak nějaké 3 programy na vymazání, zatím to nechávám otevřené až napíšete.
Děkuji pěkně:-)

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 13.11.2015
Čas skenování: 7:23
Protokol: mbam scan nové.txt
Správce: Ano

Verze: 2.2.0.1024
Databáze malwaru: v2015.11.13.01
Databáze rootkitů: v2015.11.04.02
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Petr

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 684817
Uplynulý čas: 7 hod, 6 min, 9 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Sken hloubkových rootkitů: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 17
PUP.Optional.ModGoog, C:\FRST\Quarantine\C\AdwCleaner\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe.vir, , [cbbabcc1068563d339520ee2ef11629e],
PUP.Optional.ModGoog, C:\FRST\Quarantine\C\AdwCleaner\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleCrashHandler.exe.vir, , [bdc83449612a082edcaf6090649c4eb2],
PUP.Optional.ModGoog, C:\FRST\Quarantine\C\AdwCleaner\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdate.exe.vir, , [4144bbc2880359dd602b8a66df218c74],
PUP.Optional.ModGoog, C:\FRST\Quarantine\C\AdwCleaner\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateBroker.exe.vir, , [166f2558a9e2dc5a4f3ce70946ba956b],
PUP.Optional.ModGoog, C:\FRST\Quarantine\C\AdwCleaner\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateOnDemand.exe.vir, , [b5d03944c0cb2115553657995fa1f808],
PUP.Optional.ModGoog, C:\FRST\Quarantine\C\AdwCleaner\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdate.dll.vir, , [5a2bef8ee8a390a65e2de50bb050b24e],
PUP.Optional.ModGoog, C:\FRST\Quarantine\C\AdwCleaner\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdateres_en.dll.vir, , [f88d6f0e1d6e999d8cffa34da7592cd4],
PUP.Optional.ModGoog, C:\FRST\Quarantine\C\AdwCleaner\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll.vir, , [275e9ae306855cdaa0ebfff1669aee12],
PUP.Optional.ModGoog, C:\FRST\Quarantine\C\AdwCleaner\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\psmachine.dll.vir, , [0e7784f9563561d5a7e40ce453add030],
PUP.Optional.ModGoog, C:\FRST\Quarantine\C\AdwCleaner\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\psuser.dll.vir, , [f2935e1f91fa999d701ba94729d731cf],
PUP.Optional.Sense, C:\FRST\Quarantine\C\AdwCleaner\AdwCleaner\Quarantine\C\Program Files (x86)\Sense\62f8fbfa-3123-4bd7-b725-34bb13fb7f9c-4.exe.vir, , [00851f5e1873fc3abf4482aa2fd29868],
PUP.Optional.SBWatchman, C:\FRST\Quarantine\C\Program Files\Common Files\ShopperPro\spbia.exe, , [7c0924592a61280ece5a91cc57aa32ce],
PUP.Optional.Sense, C:\FRST\Quarantine\C\zoek_backup\C_Users_Petr_AppData_Roaming_SW.exe.vir, , [1b6a4e2ff39868ceb053c369768bf50b],
PUP.Optional.IntroKeygen, C:\Mandis disk\programy Windows 7\Programy Win7 instalace\Adobe Photoshop Lightroom 5.0 Final (64 bit) [ChingLiu]\Keygen - CORE\CORE10k.EXE, , [7d08b5c87615d1656cfb3dff5ea6f20e],
PUP.Optional.OpenCandy, F:\Mandis disk\Programy Win7\Nové programy na instalování 2015\DAEMON Tools Pro Advanced 6.0.0.0444 Final Incl. Crack\DTPro600-0444.exe, , [f095502d1d6e4cea1e0186e1f3112cd4],
RiskWare.FilePatcher, F:\Mandis disk\Programy Win7\Nové programy na instalování 2015\Wondershare-Video-Converter-Ultimate-v.8.0.5.1\Wondershare Video Converter Ultimate v.8.0.5.1\Patch\Patch.exe, , [7b0a6716dbb049edd874a8c78081817f],
PUP.Optional.IntroKeygen, F:\Mandis disk\Programy Win7\Programy Win7 instalace\Adobe Photoshop Lightroom 5.0 Final (64 bit) [ChingLiu]\Keygen - CORE\CORE10k.EXE, , [72134736b3d8a3932047013b719340c0],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)