Zdravíčko,
poprosil bych o kontrolu logu. V PC je vše OK, jen preventivně.
Logfile of random's system information tool 1.10 (written by random/random)
Run by Petr at 2015-01-29 20:45:19
Microsoft Windows 8.1 Pro
System drive C: has 48 GB (42%) free of 114 GB
Total RAM: 8120 MB (57% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:45:26, on 29. 1. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17416)
Boot mode: Normal
Running processes:
C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\AVG\AVG2015\avgui.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Program Files\trend micro\Petr.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll
O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe" 60
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [Google Update] "C:\Users\Petr\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [DAEMON Tools Lite] "E:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [SteelSeries Engine] C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe
O4 - HKCU\..\Run: [GarenaPlus] "C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe" -autolaunch
O4 - Startup: TEMP.bat
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: (no name) - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra 'Tools' menuitem: Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: ACP User Service (amdacpusrsvc) - Advanced Micro Devices - C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Dragon Age: Origins - Content Updater (DAUpdaterSvc) - BioWare - D:\Hry\Steam Hry\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
--
End of file - 11244 bytes
======Listing Processes======
c:\PROGRA~2\AVG\AVG2015\avgrsa.exe /boot
C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe /pipeName=c2feea3f-0200-0000-9d2e-ec563b9e1e39 /binaryPath="C:\Program Files (x86)\AVG\AVG2015\"
wininit.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgfws.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
dashost.exe {13e2f630-10c5-4829-8b7d633db963f1b9}
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgemca.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
atieclxx
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
taskhostex.exe
"C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe" /s
C:\Windows\Explorer.EXE
ClassicStartMenu.exe -startup
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4632.0.2005261485\484588581" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,18,39 --gpu-vendor-id=0x1002 --gpu-device-id=0x67b1 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=14.501.1003.0 --ignored=" --type=renderer " /prefetch:822062411
"C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/MaterialDesignNTP/Default/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/QUIC/Disabled/RememberCertificateErrorDecisions/OneMonth/SPDY/Spdy31Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_64/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="4632.2.340227723\2111864928" /prefetch:673131151
"C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/MaterialDesignNTP/Default/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/QUIC/Disabled/RememberCertificateErrorDecisions/OneMonth/SPDY/Spdy31Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_64/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="4632.3.45727855\888910196" /prefetch:673131151
"C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/MaterialDesignNTP/Default/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/QUIC/Disabled/RememberCertificateErrorDecisions/OneMonth/SPDY/Spdy31Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_64/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="4632.9.1628085469\367561977" /prefetch:673131151
"C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
ctfmon.exe
"C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe" /AUTOHIDE
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
taskeng.exe {D68A0C6B-9DAE-4E70-8ACA-59C87C9AA7C7}
"C:\Program Files\Microsoft Office\Office15\MsoSync.exe"
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
"E:\Program Files (x86)\GRETECH\GomAudio\GOMA.exe" -Embedding
"C:\Users\Petr\AppData\Roaming\uTorrent\utorrent.exe"
"C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="4632.139.2090128642\1562674231" --ppapi-flash-args=enable_hw_video_decode=1 --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Steam\Steam.exe"
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" -cefhost -cachedir "C:\Program Files (x86)\Steam\config\htmlcache" -cookiepath "C:\Program Files (x86)\Steam\config\cookies" -steampid 1228 --blacklist-accelerated-compositing --process-per-tab --disable-accelerated-video-decode --enable-direct-write
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" --type=renderer --disable-accelerated-video-decode --disable-delegated-renderer --disable-gpu-compositing --disable-threaded-compositing --enable-pinch --enable-software-compositing --no-sandbox --enable-direct-write --lang=en-US --lang=en-US --product-version="Valve Steam Client" --enable-pinch --disable-accelerated-compositing --disable-gpu-compositing --channel="3508.0.444824236\460807076" /prefetch:673131151
"C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/MaterialDesignNTP/Default/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/QUIC/Disabled/RememberCertificateErrorDecisions/OneMonth/SPDY/Spdy31Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_64/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="4632.144.1841888696\1114528299" /prefetch:673131151
"D:\Hry\Far Cry 4\bin\FarCry4.exe" -skipintro
"C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/MaterialDesignNTP/Default/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/QUIC/Disabled/RememberCertificateErrorDecisions/OneMonth/SPDY/Spdy31Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_64/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="4632.173.2077638809\1429229166" /prefetch:673131151
"C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/MaterialDesignNTP/Default/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/QUIC/Disabled/RememberCertificateErrorDecisions/OneMonth/SPDY/Spdy31Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_64/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="4632.174.1913162788\1885096388" /prefetch:673131151
"C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/MaterialDesignNTP/Default/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/QUIC/Disabled/RememberCertificateErrorDecisions/OneMonth/SPDY/Spdy31Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_64/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="4632.175.934623092\2012669455" /prefetch:673131151
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe22_ Global\UsGthrCtrlFltPipeMssGthrPipe22 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 572 576 584 65536 580
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/MaterialDesignNTP/Default/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/QUIC/Disabled/RememberCertificateErrorDecisions/OneMonth/SPDY/Spdy31Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_64/UMA-Uniformity-Trial-10-Percent/group_03/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="4632.176.2038420686\1489776003" /prefetch:673131151
"E:\Hlavní složky\Stažené soubory\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1292206800-3816184836-4294836885-1001Core.job - C:\Users\Petr\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1292206800-3816184836-4294836885-1001UA.job - C:\Users\Petr\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-11-12 218784]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20 803520]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-12-04 553896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL [2014-11-12 2334928]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-12-04 211880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-04-20 483520]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2014-10-22 153248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20 683200]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2014-11-12 1729744]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-04-20 440512]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20 803520]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20 683200]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Classic Start Menu"=C:\Program Files\Classic Shell\ClassicStartMenu.exe [2014-04-20 161984]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-09-19 557768]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Petr\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-06 116648]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-09-26 6482200]
"DAEMON Tools Lite"=E:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"SteelSeries Engine"=C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe [2014-10-09 87040]
"GarenaPlus"=C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe -autolaunch []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IMSS"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [2014-04-03 134616]
"AVG_UI"=C:\Program Files (x86)\AVG\AVG2015\avgui.exe [2014-12-18 3667472]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-10-15 157480]
"StartCCC"=C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [2014-11-20 767176]
C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
TEMP.bat
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"PromptOnSecureDesktop"=0
"ConsentPromptBehaviorAdmin"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.yuy2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"vidc.yvyu"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"vidc.uyvy"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux3"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-01-29 20:43:47 ----D---- C:\rsit
2015-01-29 20:43:47 ----D---- C:\Program Files\trend micro
2015-01-28 15:38:34 ----D---- C:\Program Files (x86)\AGEIA Technologies
2015-01-25 14:33:07 ----D---- C:\ProgramData\BioWare
2015-01-24 15:35:34 ----D---- C:\AppData
2015-01-21 22:34:22 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2015-01-21 22:34:22 ----A---- C:\Windows\SYSWOW64\PnkBstrA.exe
2015-01-21 22:34:22 ----A---- C:\Windows\SYSWOW64\pbsvc_moh.exe
2015-01-21 22:19:21 ----D---- C:\Windows\1C4551A64743409391E41477CD655043.TMP
2015-01-18 12:35:57 ----D---- C:\Textures Backup
2015-01-16 22:09:13 ----D---- C:\ProgramData\VS Revo Group
2015-01-14 20:15:23 ----D---- C:\Program Files (x86)\Unigine
2015-01-14 18:53:30 ----D---- C:\Users\Petr\AppData\Roaming\Orbit
2015-01-14 15:20:38 ----A---- C:\Windows\system32\profsvc.dll
2015-01-14 15:20:37 ----A---- C:\Windows\system32\TSWbPrxy.exe
2015-01-14 15:20:37 ----A---- C:\Windows\system32\nlasvc.dll
2015-01-14 15:20:37 ----A---- C:\Windows\system32\ncsi.dll
2015-01-14 15:20:37 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2015-01-14 15:20:37 ----A---- C:\Windows\system32\drivers\ahcache.sys
2015-01-14 15:20:32 ----A---- C:\Windows\SYSWOW64\wer.dll
2015-01-14 15:20:32 ----A---- C:\Windows\system32\wer.dll
2015-01-14 15:20:32 ----A---- C:\Windows\system32\AudioEndpointBuilder.dll
2015-01-14 15:20:31 ----A---- C:\Windows\SYSWOW64\WerFaultSecure.exe
2015-01-14 15:20:31 ----A---- C:\Windows\SYSWOW64\Faultrep.dll
2015-01-14 15:20:31 ----A---- C:\Windows\system32\WerFaultSecure.exe
2015-01-14 15:20:31 ----A---- C:\Windows\system32\Faultrep.dll
2015-01-14 15:20:31 ----A---- C:\Windows\system32\EncDump.dll
2015-01-14 15:20:31 ----A---- C:\Windows\system32\ci.dll
2015-01-12 15:10:46 ----D---- C:\Users\Petr\AppData\Roaming\AMD
2015-01-12 15:05:47 ----D---- C:\Windows\Downloaded Installations
2015-01-12 15:05:47 ----D---- C:\Fraps
2015-01-12 15:01:47 ----D---- C:\ProgramData\ATI
2015-01-12 15:00:21 ----D---- C:\ProgramData\AMD
2015-01-12 15:00:21 ----D---- C:\Program Files (x86)\AMD AVT
2015-01-12 15:00:11 ----D---- C:\Program Files (x86)\AMD
2015-01-12 14:59:29 ----D---- C:\Users\Petr\AppData\Roaming\ATI
2015-01-12 14:54:31 ----D---- C:\Program Files\Common Files\ATI Technologies
2015-01-12 14:54:30 ----D---- C:\Program Files\AMD
2015-01-09 22:59:54 ----D---- C:\Users\Petr\AppData\Roaming\TeamViewer
======List of files/folders modified in the last 1 month======
2015-01-29 20:45:09 ----D---- C:\Users\Petr\AppData\Roaming\uTorrent
2015-01-29 20:43:47 ----RD---- C:\Program Files
2015-01-29 20:42:41 ----D---- C:\Windows\Temp
2015-01-29 20:42:31 ----D---- C:\Users\Petr\AppData\Roaming\Skype
2015-01-29 20:42:27 ----D---- C:\ProgramData\MFAData
2015-01-29 20:41:24 ----D---- C:\Program Files (x86)\MSI Afterburner
2015-01-29 20:27:43 ----D---- C:\Users\Petr\AppData\Roaming\ClassicShell
2015-01-29 20:00:00 ----D---- C:\Windows\system32\sru
2015-01-29 19:25:58 ----D---- C:\Program Files (x86)\Steam
2015-01-29 14:53:18 ----D---- C:\Windows\Microsoft.NET
2015-01-29 14:04:25 ----D---- C:\Windows\debug
2015-01-29 13:32:43 ----RD---- C:\Windows\System32
2015-01-29 13:32:43 ----D---- C:\Windows\Inf
2015-01-29 13:32:43 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-01-29 13:32:07 ----D---- C:\Windows\system32\config
2015-01-29 13:27:38 ----D---- C:\Windows
2015-01-28 22:37:56 ----D---- C:\Windows\system32\Tasks
2015-01-28 18:20:55 ----D---- C:\Windows\SoftwareDistribution
2015-01-28 16:37:33 ----SD---- C:\Users\Petr\AppData\Roaming\Microsoft
2015-01-28 15:38:34 ----SHD---- C:\Windows\Installer
2015-01-28 15:38:34 ----RD---- C:\Program Files (x86)
2015-01-28 15:38:34 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2015-01-28 07:46:04 ----D---- C:\Windows\WinSxS
2015-01-28 07:46:04 ----D---- C:\Windows\SysWOW64
2015-01-28 07:46:03 ----D---- C:\Windows\CbsTemp
2015-01-28 07:46:02 ----SHD---- C:\System Volume Information
2015-01-25 14:33:07 ----HD---- C:\ProgramData
2015-01-24 21:20:40 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-01-24 12:46:04 ----D---- C:\Windows\Logs
2015-01-24 10:58:40 ----D---- C:\Windows\system32\MRT
2015-01-24 10:56:55 ----A---- C:\Windows\system32\MRT.exe
2015-01-22 15:32:30 ----HD---- C:\Program Files\WindowsApps
2015-01-22 15:32:30 ----D---- C:\Windows\AppReadiness
2015-01-21 22:19:44 ----D---- C:\Windows\system32\LogFiles
2015-01-21 22:19:32 ----RSD---- C:\Windows\assembly
2015-01-21 22:19:21 ----D---- C:\Program Files (x86)\Common Files
2015-01-16 22:16:34 ----D---- C:\hry
2015-01-16 22:15:10 ----D---- C:\Windows\system32\drivers
2015-01-14 20:55:56 ----D---- C:\Users\Petr\AppData\Roaming\MAXON
2015-01-14 18:23:30 ----D---- C:\Windows\system32\catroot2
2015-01-14 15:39:48 ----D---- C:\Windows\system32\CodeIntegrity
2015-01-12 19:39:33 ----D---- C:\Windows\system32\wdi
2015-01-12 18:21:28 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2015-01-12 15:04:21 ----D---- C:\Users\Petr\AppData\Roaming\DAEMON Tools Lite
2015-01-12 15:00:40 ----D---- C:\Windows\system32\catroot
2015-01-12 15:00:10 ----D---- C:\Windows\system32\DriverStore
2015-01-12 14:54:55 ----D---- C:\ProgramData\Package Cache
2015-01-12 14:54:31 ----D---- C:\Program Files\Common Files
2015-01-12 14:45:28 ----D---- C:\ProgramData\NVIDIA Corporation
2015-01-12 14:45:28 ----D---- C:\Program Files\NVIDIA Corporation
2015-01-12 14:44:13 ----D---- C:\Windows\Help
2015-01-12 14:44:13 ----D---- C:\ProgramData\NVIDIA
2015-01-10 22:23:12 ----D---- C:\ProgramData\AVG2015
2015-01-02 15:54:10 ----D---- C:\ProgramData\Skype
2015-01-02 15:54:09 ----RD---- C:\Program Files (x86)\Skype
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2014-11-18 203544]
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2014-07-18 313624]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2014-10-05 124184]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2014-06-18 31512]
R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2014-06-18 153368]
R1 Avgfwfd;@oem11.inf,%AvgfwfdService_Desc%;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6a.sys [2013-09-26 57144]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2014-12-08 260888]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2014-08-28 243480]
R1 Avgwfpa;AVG Firewall Driver; C:\Windows\system32\DRIVERS\avgwfpa.sys [2014-09-24 277784]
R1 dtsoftbus01;@oem14.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\Windows\System32\drivers\dtsoftbus01.sys [2014-10-18 283064]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\system32\drivers\HWiNFO64A.SYS [2014-10-06 27552]
R2 amdacpksd;ACP Kernel Service Driver; \??\C:\Windows\system32\drivers\amdacpksd.sys [2014-11-21 294600]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2014-11-21 18959360]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2014-11-21 589312]
R3 AtiHDAudioService;@oem29.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdWB6.sys [2014-06-21 223232]
R3 busenum;@oem18.inf,%SvcDesc%;SteelBusSvc; C:\Windows\System32\drivers\SteelBus64.sys [2014-10-08 146944]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-07-15 4012632]
R3 iwdbus;@oem5.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\Windows\System32\drivers\iwdbus.sys [2014-07-28 27000]
R3 MBfilt;MBfilt; C:\Windows\system32\drivers\MBfilt64.sys [2009-11-18 32344]
R3 MEIx64;@oem8.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2014-04-03 118272]
R3 RTCore64;RTCore64; \??\C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [2013-03-11 13368]
R3 RTL8168;@oem10.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2013-11-26 838872]
R3 SAlphamHid;@oem26.inf,%SvcDesc%;SteelHIDSvc; C:\Windows\System32\drivers\SAlpham64.sys [2014-10-08 39168]
R3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;USB Audio Driver (WDM); C:\Windows\system32\drivers\usbaudio.sys [2013-12-13 121088]
R3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\Windows\System32\drivers\usbscan.sys [2014-10-29 44544]
S0 amdkmafd;@oem25.inf,%AMDKMAFD_svcdesc%;AMD Audio Bus Lower Filter; C:\Windows\System32\drivers\amdkmafd.sys [2012-09-23 21160]
S0 Avgboota;AVG Early Launch Anti-Malware Driver; C:\Windows\system32\DRIVERS\avgboota.sys [2013-09-04 20496]
S3 DIRECTIO;DIRECTIO; \??\C:\Program Files\PerformanceTest\DirectIo64.sys []
S3 GPU-Z;GPU-Z; \??\E:\AppData\Local\Temp\GPU-Z.sys []
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-08-13 4786544]
S3 intaud_WaveExtensible;@oem4.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2014-07-28 38264]
S3 SANDRA;SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014.SP3e\WNt600x64\Sandra.sys []
S3 USBAAPL64;@oem15.inf,%USBAAPL64.SvcDesc%;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2014-07-28 54784]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2014-11-24 141440]
S3 VBoxNetFlt;@oem34.inf,%VBoxNetFltService_Desc%;VirtualBox Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys []
S3 VBoxUSB;@oem32.inf,%VBoxUSB.SvcDesc%;VirtualBox USB; C:\Windows\System32\Drivers\VBoxUSB.sys [2014-11-24 115208]
S4 NVHDA;@oem22.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys []
S4 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys []
S4 nvvad_WaveExtensible;@oem28.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2014-11-21 244736]
R2 amdacpusrsvc;ACP User Service; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [2014-11-20 116224]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-10-07 60744]
R2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG2015\avgfws.exe [2014-12-18 1486664]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [2014-12-18 3432976]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [2014-12-18 298080]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-04-03 154584]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2014-04-03 398296]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2015-01-21 75064]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-01-23 834752]
S2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2014-08-13 324424]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-08-13 276808]
S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater; D:\Hry\Steam Hry\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [2014-11-23 25832]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2014-01-31 887232]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-10-15 643880]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-01-23 178760]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Preventivka (RSIT)
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Preventivka (RSIT)
Zdravim 
Operacni system je legalni?
Operacni system je legalni?Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Preventivka (RSIT)
Zdravím, 
ano.
ano.
Re: Preventivka (RSIT)
O4 - Startup: TEMP.bat
mate schvalne?
V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).
Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )
mate schvalne?
V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose). Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )
- ukoncete vsechny programy
- kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
- kliknete na Scan, pote na Clean
- po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner [Sx].txt), jehoz obsah mi zkopirujte do pristi odpovedi
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Preventivka (RSIT)
Temp.bat mám schválně, po každém spuštění vymaže obsah složky TEMP...
Re: Preventivka (RSIT)
ADW hotovo:
# AdwCleaner v4.109 - Report created 31/01/2015 at 09:13:34
# Updated 24/01/2015 by Xplode
# Database : 2015-01-26.1 [Live]
# Operating System : Windows 8.1 Pro (64 bits)
# Username : Petr - I5-PETR
# Running from : E:\Hlavní složky\Stažené soubory\adwcleaner_4.109.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\AVG Security Toolbar
Folder Deleted : C:\ProgramData\ytd video downloader
File Deleted : C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
File Deleted : C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal
File Deleted : C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.lyricsfreak.com_0.localstorage
File Deleted : C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.lyricsfreak.com_0.localstorage-journal
File Deleted : C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.lyricsmode.com_0.localstorage
File Deleted : C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.lyricsmode.com_0.localstorage-journal
File Deleted : C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage
File Deleted : C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage-journal
File Deleted : C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage-journal
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
Shortcut Disinfected : C:\Users\Public\Desktop\Wolfenstein New Order.lnk
Shortcut Disinfected : E:\Hlavní složky\Plocha\WolfNewOrder_x64 – zástupce.lnk
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A1CCCE0D-AE21-42A2-BE58-8E6109410995}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD4D7B0F-45C6-4bb2-A1E7-54D1754E7FC5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17416
-\\ Google Chrome v
*************************
AdwCleaner[R0].txt - [2992 octets] - [31/01/2015 09:11:43]
AdwCleaner[S0].txt - [3097 octets] - [31/01/2015 09:13:34]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3157 octets] ##########
# AdwCleaner v4.109 - Report created 31/01/2015 at 09:13:34
# Updated 24/01/2015 by Xplode
# Database : 2015-01-26.1 [Live]
# Operating System : Windows 8.1 Pro (64 bits)
# Username : Petr - I5-PETR
# Running from : E:\Hlavní složky\Stažené soubory\adwcleaner_4.109.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\AVG Security Toolbar
Folder Deleted : C:\ProgramData\ytd video downloader
File Deleted : C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
File Deleted : C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal
File Deleted : C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.lyricsfreak.com_0.localstorage
File Deleted : C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.lyricsfreak.com_0.localstorage-journal
File Deleted : C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.lyricsmode.com_0.localstorage
File Deleted : C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.lyricsmode.com_0.localstorage-journal
File Deleted : C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage
File Deleted : C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage-journal
File Deleted : C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage-journal
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
Shortcut Disinfected : C:\Users\Public\Desktop\Wolfenstein New Order.lnk
Shortcut Disinfected : E:\Hlavní složky\Plocha\WolfNewOrder_x64 – zástupce.lnk
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A1CCCE0D-AE21-42A2-BE58-8E6109410995}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD4D7B0F-45C6-4bb2-A1E7-54D1754E7FC5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17416
-\\ Google Chrome v
*************************
AdwCleaner[R0].txt - [2992 octets] - [31/01/2015 09:11:43]
AdwCleaner[S0].txt - [3097 octets] - [31/01/2015 09:13:34]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3157 octets] ##########
Re: Preventivka (RSIT)
Jsou s PC nejake konkretni problemy? Dejte log FRST.txt, prilozte i Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Preventivka (RSIT)
Žádné problémy.
Musel jsem spustit přes FRST64.exe, nikoli přes launcher. Má to nějaký vliv?
Launcher totiž nemohl najít FRST64 na ploše, kde zcela jistě byl.
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-01-2015
Ran by Petr (administrator) on I5-PETR on 31-01-2015 12:56:47
Running from E:\Hlavní složky\Plocha
Loaded Profiles: Petr (Available profiles: Petr)
Platform: Windows 8.1 Pro (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices) C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe
(Google Inc.) C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe
(Samsung Electronics.) C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\MSOSYNC.EXE
(BitTorrent, Inc.) C:\Users\Petr\AppData\Roaming\uTorrent\utorrent.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Gretech Corporation) C:\Program Files (x86)\GRETECH\GomAudio\Goma.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Google Inc.) C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcfgex.exe
(Google Inc.) C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-09-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe [1087960 2014-04-03] (Intel Corporation)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3667472 2014-12-18] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\Run: [Google Update] => C:\Users\Petr\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-10-06] (Google Inc.)
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6482200 2014-09-26] (Piriform Ltd)
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\Run: [DAEMON Tools Lite] => E:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\Run: [SteelSeries Engine] => C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe [87040 2014-10-09] (SteelSeries ApS)
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\Run: [GarenaPlus] => "C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe" -autolaunch
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\MountPoints2: {75d6cbb7-5699-11e4-826c-d43d7eecfa0b} - "G:\setup.exe"
Startup: C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TEMP.bat ()
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1292206800-3816184836-4294836885-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=10.72.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.72.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @t.garena.com/garenatalk -> C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll No File
FF Plugin HKU\S-1-5-21-1292206800-3816184836-4294836885-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Petr\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-1292206800-3816184836-4294836885-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Petr\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
Chrome:
=======
CHR HomePage: Default ->
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-06]
CHR Extension: (Dokumenty Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-06]
CHR Extension: (Disk Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-06]
CHR Extension: (YouTube) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-06]
CHR Extension: (Vyhledávání Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-06]
CHR Extension: (ZenMate) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2014-10-06]
CHR Extension: (Tabulky Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-06]
CHR Extension: (AdBlock) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-10-06]
CHR Extension: (Peněženka Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-06]
CHR Extension: (Gmail) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-06]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [116224 2014-11-20] (Advanced Micro Devices) [File not signed]
R2 avgfws; C:\Program Files (x86)\AVG\AVG2015\avgfws.exe [1486664 2014-12-18] (AVG Technologies CZ, s.r.o.)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3432976 2014-12-18] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [298080 2014-12-18] (AVG Technologies CZ, s.r.o.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
S3 DAUpdaterSvc; D:\Hry\Steam Hry\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [25832 2014-11-23] (BioWare)
S2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [324424 2014-08-13] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-04-03] (Intel Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75064 2015-01-21] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [294600 2014-11-21] (Advanced Micro Devices)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [223232 2014-06-21] (Advanced Micro Devices)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-04] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\system32\DRIVERS\avgfwd6a.sys [57144 2013-09-26] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [260888 2014-12-08] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [203544 2014-11-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [313624 2014-07-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [124184 2014-10-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [277784 2014-09-24] (AVG Technologies CZ, s.r.o.)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-10-18] (Disc Soft Ltd)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [27552 2014-10-06] (REALiX(tm))
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [118272 2014-04-03] (Intel Corporation)
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13368 2013-03-11] ()
R3 SAlphamHid; C:\Windows\System32\drivers\SAlpham64.sys [39168 2014-10-08] (SteelSeries Corporation)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [115208 2014-11-24] (Oracle Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S3 DIRECTIO; \??\C:\Program Files\PerformanceTest\DirectIo64.sys [X]
S3 GPU-Z; \??\E:\AppData\Local\Temp\GPU-Z.sys [X]
S4 NVHDA; \SystemRoot\system32\drivers\nvhda64v.sys [X]
S4 nvlddmkm; \SystemRoot\system32\DRIVERS\nvlddmkm.sys [X]
S4 nvvad_WaveExtensible; \SystemRoot\system32\drivers\nvvad64v.sys [X]
S3 SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014.SP3e\WNt600x64\Sandra.sys [X]
S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-31 12:56 - 2015-01-31 12:56 - 00000000 ____D () C:\FRST
2015-01-31 11:27 - 2015-01-31 11:27 - 00001157 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\GOM Audio.lnk
2015-01-31 11:27 - 2015-01-31 11:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM
2015-01-31 11:27 - 2015-01-31 11:27 - 00000000 ____D () C:\Program Files (x86)\GRETECH
2015-01-31 09:14 - 2015-01-31 09:14 - 00000306 _____ () C:\Windows\PFRO.log
2015-01-31 09:11 - 2015-01-31 09:13 - 00000000 ____D () C:\AdwCleaner
2015-01-29 20:43 - 2015-01-29 20:45 - 00000000 ____D () C:\rsit
2015-01-29 20:43 - 2015-01-29 20:45 - 00000000 ____D () C:\Program Files\trend micro
2015-01-29 13:27 - 2015-01-31 09:14 - 00000232 _____ () C:\Windows\setupact.log
2015-01-29 13:27 - 2015-01-29 13:27 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-28 18:20 - 2015-01-31 12:47 - 00776795 _____ () C:\Windows\WindowsUpdate.log
2015-01-28 15:38 - 2015-01-28 15:38 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2015-01-25 14:33 - 2015-01-25 14:33 - 00000000 ____D () C:\ProgramData\BioWare
2015-01-21 22:36 - 2015-01-21 22:44 - 00218496 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2015-01-21 22:34 - 2015-01-21 22:44 - 00218496 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2015-01-21 22:34 - 2015-01-21 22:34 - 00075064 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-01-21 22:34 - 2015-01-21 22:16 - 02601752 _____ () C:\Windows\SysWOW64\pbsvc_moh.exe
2015-01-21 22:19 - 2015-01-21 22:19 - 00000000 ____D () C:\Windows\1C4551A64743409391E41477CD655043.TMP
2015-01-20 16:19 - 2015-01-20 16:19 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SirGarnon on Skyrim Nexus
2015-01-18 17:52 - 2015-01-18 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2015-01-18 12:35 - 2015-01-21 09:41 - 00000000 ____D () C:\Textures Backup
2015-01-16 22:21 - 2015-01-16 22:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\S.T.A.L.K.E.R. Call of Pripyat [GOG.com]
2015-01-16 22:09 - 2015-01-16 22:09 - 00000000 ____D () C:\ProgramData\VS Revo Group
2015-01-15 06:36 - 2015-01-18 18:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hry
2015-01-14 20:27 - 2015-01-14 20:27 - 00002658 _____ () C:\Users\Petr\Unigine_Valley_Benchmark_1.0_20150114_2027.html
2015-01-14 20:15 - 2015-01-14 20:15 - 00000000 ____D () C:\Program Files (x86)\Unigine
2015-01-14 18:53 - 2015-01-14 18:53 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\Orbit
2015-01-14 15:20 - 2014-12-19 07:26 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 15:20 - 2014-12-12 03:04 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 15:20 - 2014-12-12 01:51 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
2015-01-14 15:20 - 2014-12-09 02:50 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 15:20 - 2014-12-08 20:42 - 00535640 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-01-14 15:20 - 2014-12-08 20:42 - 00531616 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-01-14 15:20 - 2014-12-08 20:42 - 00448792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2015-01-14 15:20 - 2014-12-08 20:42 - 00413248 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2015-01-14 15:20 - 2014-12-08 20:42 - 00372408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2015-01-14 15:20 - 2014-12-08 20:42 - 00108944 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-01-14 15:20 - 2014-12-08 20:42 - 00038264 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2015-01-14 15:20 - 2014-12-08 20:42 - 00033584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2015-01-14 15:20 - 2014-12-06 04:17 - 00360448 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-01-14 15:20 - 2014-12-06 02:41 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 15:20 - 2014-12-06 02:35 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2015-01-12 18:26 - 2015-01-12 18:26 - 00002832 _____ () C:\Users\Petr\Unigine_Heaven_Benchmark_4.0_20150112_1826.html
2015-01-12 18:12 - 2015-01-13 18:27 - 00000000 ____D () C:\Users\Petr\Heaven
2015-01-12 17:47 - 2015-01-14 20:20 - 00000000 ____D () C:\Users\Petr\Valley
2015-01-12 17:47 - 2015-01-13 18:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unigine
2015-01-12 15:10 - 2015-01-12 15:10 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\AMD
2015-01-12 15:05 - 2015-01-17 10:58 - 00000000 ____D () C:\Fraps
2015-01-12 15:05 - 2015-01-12 15:05 - 00000000 ____D () C:\Windows\Downloaded Installations
2015-01-12 15:05 - 2015-01-12 15:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2015-01-12 15:01 - 2015-01-12 15:01 - 00000000 ____D () C:\ProgramData\ATI
2015-01-12 15:00 - 2015-01-12 15:00 - 00053392 _____ () C:\Windows\SysWOW64\CCCInstall_201501121500204325.log
2015-01-12 15:00 - 2015-01-12 15:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-01-12 15:00 - 2015-01-12 15:00 - 00000000 ____D () C:\ProgramData\AMD
2015-01-12 15:00 - 2015-01-12 15:00 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2015-01-12 15:00 - 2015-01-12 15:00 - 00000000 ____D () C:\Program Files (x86)\AMD
2015-01-12 14:59 - 2015-01-12 14:59 - 00059540 _____ () C:\Windows\SysWOW64\CCCInstall_201501121459330991.log
2015-01-12 14:59 - 2015-01-12 14:59 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\ATI
2015-01-12 14:55 - 2015-01-12 14:55 - 00060385 _____ () C:\Windows\SysWOW64\CCCInstall_201501121455055204.log
2015-01-12 14:54 - 2015-01-31 09:13 - 00065536 _____ () C:\Windows\system32\spu_storage.bin
2015-01-12 14:54 - 2015-01-12 15:00 - 00000000 ____D () C:\Program Files\AMD
2015-01-12 14:54 - 2015-01-12 14:54 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2015-01-12 14:54 - 2015-01-12 14:54 - 00000000 _____ () C:\Windows\ativpsrm.bin
2015-01-09 22:59 - 2015-01-12 15:04 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\TeamViewer
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-31 12:57 - 2014-10-06 17:43 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\uTorrent
2015-01-31 12:29 - 2014-10-07 18:52 - 00000000 ____D () C:\ProgramData\MFAData
2015-01-31 12:18 - 2014-10-31 15:48 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-01-31 12:16 - 2014-10-07 18:38 - 00063773 _____ () C:\Windows\SysWOW64\Gms.log
2015-01-31 12:09 - 2014-10-06 17:44 - 00000974 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1292206800-3816184836-4294836885-1001UA.job
2015-01-31 11:30 - 2014-10-06 17:44 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1292206800-3816184836-4294836885-1001
2015-01-31 11:27 - 2014-10-06 18:20 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\GRETECH
2015-01-31 11:27 - 2014-10-06 18:20 - 00000000 ____D () C:\ProgramData\GRETECH
2015-01-31 11:25 - 2014-10-06 17:45 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\ClassicShell
2015-01-31 11:08 - 2013-09-30 05:20 - 01745984 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-31 11:08 - 2013-09-30 04:57 - 00738682 _____ () C:\Windows\system32\perfh005.dat
2015-01-31 11:08 - 2013-09-30 04:57 - 00151404 _____ () C:\Windows\system32\perfc005.dat
2015-01-31 11:00 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sru
2015-01-31 09:31 - 2014-10-06 17:42 - 00003962 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{E6DBB309-B6A9-48F5-A5BA-80A513F846F4}
2015-01-31 09:21 - 2014-10-09 20:00 - 00004950 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for i5-Petr-Petr i5-Petr
2015-01-31 09:14 - 2013-08-22 15:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-31 09:13 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-01-31 03:18 - 2014-10-31 20:25 - 00003018 _____ () C:\Windows\System32\Tasks\MSIAfterburner
2015-01-31 03:00 - 2014-10-07 18:36 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\Skype
2015-01-30 15:39 - 2014-10-06 17:39 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\Adobe
2015-01-30 15:09 - 2014-10-06 17:44 - 00000922 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1292206800-3816184836-4294836885-1001Core.job
2015-01-29 20:41 - 2014-10-31 18:22 - 00000000 ____D () C:\Program Files (x86)\MSI Afterburner
2015-01-28 15:38 - 2014-10-31 18:08 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-01-28 07:46 - 2013-08-22 16:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-01-25 21:39 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-01-24 21:20 - 2013-08-22 16:38 - 00714720 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-24 21:20 - 2013-08-22 16:38 - 00106976 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-24 10:58 - 2014-10-06 18:19 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-24 10:56 - 2014-10-06 18:19 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-22 15:32 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-01-19 02:38 - 2014-10-06 17:39 - 00000000 ____D () C:\Users\Petr
2015-01-16 22:16 - 2014-12-24 12:09 - 00000000 ____D () C:\hry
2015-01-16 21:17 - 2014-11-26 18:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REPACKY BY TOMI2K9
2015-01-14 20:55 - 2014-10-31 20:55 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\MAXON
2015-01-12 18:21 - 2014-10-06 17:47 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-01-12 15:04 - 2014-10-18 13:07 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\DAEMON Tools Lite
2015-01-12 14:54 - 2014-11-23 00:30 - 00000000 ____D () C:\ProgramData\Package Cache
2015-01-12 14:47 - 2014-10-07 18:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-01-12 14:45 - 2014-10-31 18:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-01-12 14:45 - 2014-10-31 18:08 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2015-01-12 14:45 - 2014-10-31 18:08 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-01-12 14:44 - 2014-10-31 18:08 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-01-12 14:44 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Help
2015-01-10 22:23 - 2014-10-07 18:56 - 00000000 ____D () C:\ProgramData\AVG2015
2015-01-02 15:54 - 2014-10-07 18:36 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-01-02 15:54 - 2014-10-06 18:39 - 00000000 ____D () C:\ProgramData\Skype
==================== Files in the root of some directories =======
2014-11-03 15:01 - 2014-11-03 15:06 - 0000127 _____ () C:\Users\Petr\AppData\Roaming\Camdata.ini
2014-11-03 15:01 - 2014-11-03 15:06 - 0000408 _____ () C:\Users\Petr\AppData\Roaming\CamLayout.ini
2014-11-03 15:01 - 2014-11-03 15:06 - 0000408 _____ () C:\Users\Petr\AppData\Roaming\CamShapes.ini
2014-11-03 15:01 - 2014-11-03 15:06 - 0004547 _____ () C:\Users\Petr\AppData\Roaming\CamStudio.cfg
2014-12-22 21:04 - 2014-12-22 21:04 - 0000044 _____ () C:\Users\Petr\AppData\Roaming\twow_sysprepdt.dat
2014-11-03 15:00 - 2014-11-03 15:01 - 0000096 _____ () C:\Users\Petr\AppData\Roaming\version2.xml
2014-10-27 17:54 - 2014-10-27 17:54 - 0000600 _____ () C:\Users\Petr\AppData\Roaming\winscp.rnd
2014-10-31 20:25 - 2015-01-14 20:22 - 2128896 _____ () C:\Users\Petr\AppData\Local\file__0.localstorage
2015-01-31 12:54 - 2015-01-31 12:56 - 0029696 _____ () C:\Users\Petr\AppData\Local\MSGBOX.EXE
2014-10-06 17:55 - 2014-11-12 20:41 - 0007606 _____ () C:\Users\Petr\AppData\Local\resmon.resmoncfg
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-01-31 09:05
==================== End Of Log ============================
Musel jsem spustit přes FRST64.exe, nikoli přes launcher. Má to nějaký vliv?
Launcher totiž nemohl najít FRST64 na ploše, kde zcela jistě byl.
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-01-2015
Ran by Petr (administrator) on I5-PETR on 31-01-2015 12:56:47
Running from E:\Hlavní složky\Plocha
Loaded Profiles: Petr (Available profiles: Petr)
Platform: Windows 8.1 Pro (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices) C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe
(Google Inc.) C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe
(Samsung Electronics.) C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\MSOSYNC.EXE
(BitTorrent, Inc.) C:\Users\Petr\AppData\Roaming\uTorrent\utorrent.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Gretech Corporation) C:\Program Files (x86)\GRETECH\GomAudio\Goma.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Google Inc.) C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcfgex.exe
(Google Inc.) C:\Users\Petr\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-09-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe [1087960 2014-04-03] (Intel Corporation)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3667472 2014-12-18] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\Run: [Google Update] => C:\Users\Petr\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-10-06] (Google Inc.)
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6482200 2014-09-26] (Piriform Ltd)
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\Run: [DAEMON Tools Lite] => E:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\Run: [SteelSeries Engine] => C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe [87040 2014-10-09] (SteelSeries ApS)
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\Run: [GarenaPlus] => "C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe" -autolaunch
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\MountPoints2: {75d6cbb7-5699-11e4-826c-d43d7eecfa0b} - "G:\setup.exe"
Startup: C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TEMP.bat ()
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1292206800-3816184836-4294836885-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=10.72.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.72.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @t.garena.com/garenatalk -> C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll No File
FF Plugin HKU\S-1-5-21-1292206800-3816184836-4294836885-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Petr\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-1292206800-3816184836-4294836885-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Petr\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
Chrome:
=======
CHR HomePage: Default ->
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-06]
CHR Extension: (Dokumenty Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-06]
CHR Extension: (Disk Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-06]
CHR Extension: (YouTube) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-06]
CHR Extension: (Vyhledávání Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-06]
CHR Extension: (ZenMate) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2014-10-06]
CHR Extension: (Tabulky Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-06]
CHR Extension: (AdBlock) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-10-06]
CHR Extension: (Peněženka Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-06]
CHR Extension: (Gmail) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-06]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [116224 2014-11-20] (Advanced Micro Devices) [File not signed]
R2 avgfws; C:\Program Files (x86)\AVG\AVG2015\avgfws.exe [1486664 2014-12-18] (AVG Technologies CZ, s.r.o.)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3432976 2014-12-18] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [298080 2014-12-18] (AVG Technologies CZ, s.r.o.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
S3 DAUpdaterSvc; D:\Hry\Steam Hry\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [25832 2014-11-23] (BioWare)
S2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [324424 2014-08-13] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-04-03] (Intel Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75064 2015-01-21] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [294600 2014-11-21] (Advanced Micro Devices)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [223232 2014-06-21] (Advanced Micro Devices)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-04] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\system32\DRIVERS\avgfwd6a.sys [57144 2013-09-26] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [260888 2014-12-08] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [203544 2014-11-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [313624 2014-07-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [124184 2014-10-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [277784 2014-09-24] (AVG Technologies CZ, s.r.o.)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-10-18] (Disc Soft Ltd)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [27552 2014-10-06] (REALiX(tm))
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [118272 2014-04-03] (Intel Corporation)
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13368 2013-03-11] ()
R3 SAlphamHid; C:\Windows\System32\drivers\SAlpham64.sys [39168 2014-10-08] (SteelSeries Corporation)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [115208 2014-11-24] (Oracle Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S3 DIRECTIO; \??\C:\Program Files\PerformanceTest\DirectIo64.sys [X]
S3 GPU-Z; \??\E:\AppData\Local\Temp\GPU-Z.sys [X]
S4 NVHDA; \SystemRoot\system32\drivers\nvhda64v.sys [X]
S4 nvlddmkm; \SystemRoot\system32\DRIVERS\nvlddmkm.sys [X]
S4 nvvad_WaveExtensible; \SystemRoot\system32\drivers\nvvad64v.sys [X]
S3 SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014.SP3e\WNt600x64\Sandra.sys [X]
S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-31 12:56 - 2015-01-31 12:56 - 00000000 ____D () C:\FRST
2015-01-31 11:27 - 2015-01-31 11:27 - 00001157 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\GOM Audio.lnk
2015-01-31 11:27 - 2015-01-31 11:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM
2015-01-31 11:27 - 2015-01-31 11:27 - 00000000 ____D () C:\Program Files (x86)\GRETECH
2015-01-31 09:14 - 2015-01-31 09:14 - 00000306 _____ () C:\Windows\PFRO.log
2015-01-31 09:11 - 2015-01-31 09:13 - 00000000 ____D () C:\AdwCleaner
2015-01-29 20:43 - 2015-01-29 20:45 - 00000000 ____D () C:\rsit
2015-01-29 20:43 - 2015-01-29 20:45 - 00000000 ____D () C:\Program Files\trend micro
2015-01-29 13:27 - 2015-01-31 09:14 - 00000232 _____ () C:\Windows\setupact.log
2015-01-29 13:27 - 2015-01-29 13:27 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-28 18:20 - 2015-01-31 12:47 - 00776795 _____ () C:\Windows\WindowsUpdate.log
2015-01-28 15:38 - 2015-01-28 15:38 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2015-01-25 14:33 - 2015-01-25 14:33 - 00000000 ____D () C:\ProgramData\BioWare
2015-01-21 22:36 - 2015-01-21 22:44 - 00218496 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2015-01-21 22:34 - 2015-01-21 22:44 - 00218496 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2015-01-21 22:34 - 2015-01-21 22:34 - 00075064 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-01-21 22:34 - 2015-01-21 22:16 - 02601752 _____ () C:\Windows\SysWOW64\pbsvc_moh.exe
2015-01-21 22:19 - 2015-01-21 22:19 - 00000000 ____D () C:\Windows\1C4551A64743409391E41477CD655043.TMP
2015-01-20 16:19 - 2015-01-20 16:19 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SirGarnon on Skyrim Nexus
2015-01-18 17:52 - 2015-01-18 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2015-01-18 12:35 - 2015-01-21 09:41 - 00000000 ____D () C:\Textures Backup
2015-01-16 22:21 - 2015-01-16 22:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\S.T.A.L.K.E.R. Call of Pripyat [GOG.com]
2015-01-16 22:09 - 2015-01-16 22:09 - 00000000 ____D () C:\ProgramData\VS Revo Group
2015-01-15 06:36 - 2015-01-18 18:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hry
2015-01-14 20:27 - 2015-01-14 20:27 - 00002658 _____ () C:\Users\Petr\Unigine_Valley_Benchmark_1.0_20150114_2027.html
2015-01-14 20:15 - 2015-01-14 20:15 - 00000000 ____D () C:\Program Files (x86)\Unigine
2015-01-14 18:53 - 2015-01-14 18:53 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\Orbit
2015-01-14 15:20 - 2014-12-19 07:26 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 15:20 - 2014-12-12 03:04 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 15:20 - 2014-12-12 01:51 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
2015-01-14 15:20 - 2014-12-09 02:50 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 15:20 - 2014-12-08 20:42 - 00535640 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-01-14 15:20 - 2014-12-08 20:42 - 00531616 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-01-14 15:20 - 2014-12-08 20:42 - 00448792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2015-01-14 15:20 - 2014-12-08 20:42 - 00413248 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2015-01-14 15:20 - 2014-12-08 20:42 - 00372408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2015-01-14 15:20 - 2014-12-08 20:42 - 00108944 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-01-14 15:20 - 2014-12-08 20:42 - 00038264 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2015-01-14 15:20 - 2014-12-08 20:42 - 00033584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2015-01-14 15:20 - 2014-12-06 04:17 - 00360448 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-01-14 15:20 - 2014-12-06 02:41 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 15:20 - 2014-12-06 02:35 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2015-01-12 18:26 - 2015-01-12 18:26 - 00002832 _____ () C:\Users\Petr\Unigine_Heaven_Benchmark_4.0_20150112_1826.html
2015-01-12 18:12 - 2015-01-13 18:27 - 00000000 ____D () C:\Users\Petr\Heaven
2015-01-12 17:47 - 2015-01-14 20:20 - 00000000 ____D () C:\Users\Petr\Valley
2015-01-12 17:47 - 2015-01-13 18:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unigine
2015-01-12 15:10 - 2015-01-12 15:10 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\AMD
2015-01-12 15:05 - 2015-01-17 10:58 - 00000000 ____D () C:\Fraps
2015-01-12 15:05 - 2015-01-12 15:05 - 00000000 ____D () C:\Windows\Downloaded Installations
2015-01-12 15:05 - 2015-01-12 15:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2015-01-12 15:01 - 2015-01-12 15:01 - 00000000 ____D () C:\ProgramData\ATI
2015-01-12 15:00 - 2015-01-12 15:00 - 00053392 _____ () C:\Windows\SysWOW64\CCCInstall_201501121500204325.log
2015-01-12 15:00 - 2015-01-12 15:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-01-12 15:00 - 2015-01-12 15:00 - 00000000 ____D () C:\ProgramData\AMD
2015-01-12 15:00 - 2015-01-12 15:00 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2015-01-12 15:00 - 2015-01-12 15:00 - 00000000 ____D () C:\Program Files (x86)\AMD
2015-01-12 14:59 - 2015-01-12 14:59 - 00059540 _____ () C:\Windows\SysWOW64\CCCInstall_201501121459330991.log
2015-01-12 14:59 - 2015-01-12 14:59 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\ATI
2015-01-12 14:55 - 2015-01-12 14:55 - 00060385 _____ () C:\Windows\SysWOW64\CCCInstall_201501121455055204.log
2015-01-12 14:54 - 2015-01-31 09:13 - 00065536 _____ () C:\Windows\system32\spu_storage.bin
2015-01-12 14:54 - 2015-01-12 15:00 - 00000000 ____D () C:\Program Files\AMD
2015-01-12 14:54 - 2015-01-12 14:54 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2015-01-12 14:54 - 2015-01-12 14:54 - 00000000 _____ () C:\Windows\ativpsrm.bin
2015-01-09 22:59 - 2015-01-12 15:04 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\TeamViewer
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-31 12:57 - 2014-10-06 17:43 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\uTorrent
2015-01-31 12:29 - 2014-10-07 18:52 - 00000000 ____D () C:\ProgramData\MFAData
2015-01-31 12:18 - 2014-10-31 15:48 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-01-31 12:16 - 2014-10-07 18:38 - 00063773 _____ () C:\Windows\SysWOW64\Gms.log
2015-01-31 12:09 - 2014-10-06 17:44 - 00000974 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1292206800-3816184836-4294836885-1001UA.job
2015-01-31 11:30 - 2014-10-06 17:44 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1292206800-3816184836-4294836885-1001
2015-01-31 11:27 - 2014-10-06 18:20 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\GRETECH
2015-01-31 11:27 - 2014-10-06 18:20 - 00000000 ____D () C:\ProgramData\GRETECH
2015-01-31 11:25 - 2014-10-06 17:45 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\ClassicShell
2015-01-31 11:08 - 2013-09-30 05:20 - 01745984 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-31 11:08 - 2013-09-30 04:57 - 00738682 _____ () C:\Windows\system32\perfh005.dat
2015-01-31 11:08 - 2013-09-30 04:57 - 00151404 _____ () C:\Windows\system32\perfc005.dat
2015-01-31 11:00 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sru
2015-01-31 09:31 - 2014-10-06 17:42 - 00003962 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{E6DBB309-B6A9-48F5-A5BA-80A513F846F4}
2015-01-31 09:21 - 2014-10-09 20:00 - 00004950 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for i5-Petr-Petr i5-Petr
2015-01-31 09:14 - 2013-08-22 15:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-31 09:13 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-01-31 03:18 - 2014-10-31 20:25 - 00003018 _____ () C:\Windows\System32\Tasks\MSIAfterburner
2015-01-31 03:00 - 2014-10-07 18:36 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\Skype
2015-01-30 15:39 - 2014-10-06 17:39 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\Adobe
2015-01-30 15:09 - 2014-10-06 17:44 - 00000922 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1292206800-3816184836-4294836885-1001Core.job
2015-01-29 20:41 - 2014-10-31 18:22 - 00000000 ____D () C:\Program Files (x86)\MSI Afterburner
2015-01-28 15:38 - 2014-10-31 18:08 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-01-28 07:46 - 2013-08-22 16:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-01-25 21:39 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-01-24 21:20 - 2013-08-22 16:38 - 00714720 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-24 21:20 - 2013-08-22 16:38 - 00106976 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-24 10:58 - 2014-10-06 18:19 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-24 10:56 - 2014-10-06 18:19 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-22 15:32 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-01-19 02:38 - 2014-10-06 17:39 - 00000000 ____D () C:\Users\Petr
2015-01-16 22:16 - 2014-12-24 12:09 - 00000000 ____D () C:\hry
2015-01-16 21:17 - 2014-11-26 18:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REPACKY BY TOMI2K9
2015-01-14 20:55 - 2014-10-31 20:55 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\MAXON
2015-01-12 18:21 - 2014-10-06 17:47 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-01-12 15:04 - 2014-10-18 13:07 - 00000000 ____D () C:\Users\Petr\AppData\Roaming\DAEMON Tools Lite
2015-01-12 14:54 - 2014-11-23 00:30 - 00000000 ____D () C:\ProgramData\Package Cache
2015-01-12 14:47 - 2014-10-07 18:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-01-12 14:45 - 2014-10-31 18:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-01-12 14:45 - 2014-10-31 18:08 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2015-01-12 14:45 - 2014-10-31 18:08 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-01-12 14:44 - 2014-10-31 18:08 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-01-12 14:44 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Help
2015-01-10 22:23 - 2014-10-07 18:56 - 00000000 ____D () C:\ProgramData\AVG2015
2015-01-02 15:54 - 2014-10-07 18:36 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-01-02 15:54 - 2014-10-06 18:39 - 00000000 ____D () C:\ProgramData\Skype
==================== Files in the root of some directories =======
2014-11-03 15:01 - 2014-11-03 15:06 - 0000127 _____ () C:\Users\Petr\AppData\Roaming\Camdata.ini
2014-11-03 15:01 - 2014-11-03 15:06 - 0000408 _____ () C:\Users\Petr\AppData\Roaming\CamLayout.ini
2014-11-03 15:01 - 2014-11-03 15:06 - 0000408 _____ () C:\Users\Petr\AppData\Roaming\CamShapes.ini
2014-11-03 15:01 - 2014-11-03 15:06 - 0004547 _____ () C:\Users\Petr\AppData\Roaming\CamStudio.cfg
2014-12-22 21:04 - 2014-12-22 21:04 - 0000044 _____ () C:\Users\Petr\AppData\Roaming\twow_sysprepdt.dat
2014-11-03 15:00 - 2014-11-03 15:01 - 0000096 _____ () C:\Users\Petr\AppData\Roaming\version2.xml
2014-10-27 17:54 - 2014-10-27 17:54 - 0000600 _____ () C:\Users\Petr\AppData\Roaming\winscp.rnd
2014-10-31 20:25 - 2015-01-14 20:22 - 2128896 _____ () C:\Users\Petr\AppData\Local\file__0.localstorage
2015-01-31 12:54 - 2015-01-31 12:56 - 0029696 _____ () C:\Users\Petr\AppData\Local\MSGBOX.EXE
2014-10-06 17:55 - 2014-11-12 20:41 - 0007606 _____ () C:\Users\Petr\AppData\Local\resmon.resmoncfg
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-01-31 09:05
==================== End Of Log ============================
Naposledy upravil(a) Clorky dne 31 led 2015 13:00, celkem upraveno 1 x.
Re: Preventivka (RSIT)
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-01-2015
Ran by Petr at 2015-01-31 12:57:04
Running from E:\Hlavní složky\Plocha
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: AVG Internet Security 2015 (Disabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Internet Security 2015 (Disabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG Internet Security 2015 (Enabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
ACP Application (Version: 2.15.10.0003 - Advanced Micro Devices, Inc.) Hidden
Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.2 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5645 - AVG Technologies CZ, s.r.o.)
AVG 2015 (Version: 15.0.4273 - AVG Technologies CZ, s.r.o.) Hidden
AVG 2015 (Version: 15.0.5645 - AVG Technologies CZ, s.r.o.) Hidden
AVS Audio Converter 7 (HKLM-x32\...\AVS Audio Converter_is1) (Version: 7.2.1.528 - Online Media Technologies Ltd.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
CCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform)
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
Counter Strike version 1.6 Clean (HKLM-x32\...\{1E6B7E37-1A30-4922-A023-0D5FDA64C054}_is1) (Version: 1.6 Clean - Cs Neverland)
CPUID CPU-Z 1.70 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dead State (HKLM-x32\...\Dead State (v1.0.0.0134)_is1) (Version: - )
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
Dragon Age Awakening Redesigned (HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\Dragon Age Awakening Redesigned) (Version: - )
Dragon Age Redesigned © Morrigan (HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\Dragon Age Redesigned © Morrigan) (Version: - )
Dragon Age Redesigned- Leliana's Song (HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\Dragon Age Redesigned- Leliana's Song) (Version: - )
Dragon Age Redesigned Oghren© (HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\Dragon Age Redesigned Oghren©) (Version: - )
Dragon Age Redesigned© Zevran (HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\Dragon Age Redesigned© Zevran) (Version: - )
Dragon Age Redesigned© (HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\Dragon Age Redesigned©) (Version: - )
Dragon Age Redesigned© Leliana (HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\Dragon Age Redesigned© Leliana) (Version: - )
Dragon Age Redesigned© Sten (HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\Dragon Age Redesigned© Sten) (Version: - )
Dragon Age Redesigned© Wynne (HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\Dragon Age Redesigned© Wynne) (Version: - )
Dragon Age: Origins - Ultimate Edition (HKLM-x32\...\Steam App 47810) (Version: - BioWare)
DTS+AC3 ÇĘĹÍ (HKLM-x32\...\DtsFilter) (Version: - )
Eurobattle.net (HKLM-x32\...\Eurobattle.net) (Version: - Eurobattle.net) <==== ATTENTION!
EVGA OC Scanner X 3.6.1.2 (64-bit) (HKLM\...\{CC520CF6-B02E-49AA-8192-C1DDC159E0AA}}_is1) (Version: - EVGA)
Far Cry 4 (HKLM-x32\...\Far Cry 4_is1) (Version: 1.4.0 - Ubisoft)
Fraps (HKLM-x32\...\Fraps) (Version: - )
GOM Audio (HKLM-x32\...\GomAudio) (Version: 2.0.7.1108 - Gretech Corporation)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.2.62.5209 - Gretech Corporation)
Google Chrome (HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\Google Chrome) (Version: 40.0.2214.93 - Google Inc.)
Gothic 3 (HKLM-x32\...\Gothic 3_is1) (Version: - GOG.com)
HWiNFO64 Version 4.44 (HKLM\...\HWiNFO64_is1) (Version: 4.44 - Martin Malík - REALiX)
Chameleon Shutdown 1.0 (HKLM-x32\...\Chameleon Shutdown) (Version: 1.0 - NeoSoft Tools)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.1.1000 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3907 - Intel Corporation)
Intel® Chipset Device Software (x32 Version: 10.0.20 - Intel(R) Corporation) Hidden
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 72 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417072FF}) (Version: 7.0.720 - Oracle)
KMSpico v9.3.3 (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: 9.3.2 - )
Lichdom: Battlemage (HKLM-x32\...\Steam App 261760) (Version: - Xaviant)
Medal of Honor(TM) Multiplayer (HKLM-x32\...\Steam App 47830) (Version: - Electronic Arts)
Medal of Honor(TM) Single Player (HKLM-x32\...\Steam App 47790) (Version: - Electronic Arts)
Media Player Codec Pack 4.3.3 (HKLM-x32\...\Media Player - Codec Pack) (Version: 4.3.3 - Media Player Codec Pack)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Minimum (HKLM-x32\...\Steam App 214190) (Version: - Human Head Studios)
MISERY version 2.1.1 (HKLM-x32\...\MISERY_is1) (Version: 2.1.1 - MISERY Development Team)
MSI Afterburner 4.1.0 (HKLM-x32\...\Afterburner) (Version: 4.1.0 - MSI Co., LTD)
Nosgoth (HKLM-x32\...\Steam App 200110) (Version: - Psyonix)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Patch (HKLM-x32\...\Patch) (Version: - )
PlanetSide 2 (HKLM-x32\...\Steam App 218230) (Version: - Sony Online Entertainment)
PlanetSide 2 (HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\SOE-PlanetSide 2) (Version: - Sony Online Entertainment)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.989 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.23.1126.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7293 - Realtek Semiconductor Corp.)
S.T.A.L.K.E.R. Call of Pripyat (HKLM-x32\...\GOGPACKSTALKERCOP_is1) (Version: 2.0.0.12 - GOG.com)
Samsung Data Migration (HKLM-x32\...\{D4DE3DB4-7734-47E5-8D92-B80146311406}) (Version: 2.7 - Samsung)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.5.1 - Samsung Electronics)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Skyrim Performance Monitor (HKLM-x32\...\{84AEB93A-ECBB-4568-8F59-D4516EF59079}) (Version: 3.66 - SirGarnon on Skyrim Nexus)
SlimDX Runtime .NET 2.0 (January 2012) (HKLM-x32\...\{014A2868-BE56-4888-A16C-693989B8F153}) (Version: 2.0.13.43 - SlimDX Group)
Southpark Stick of Truth (HKLM-x32\...\U291dGhwYXJrU3RpY2tvZlRydXRo_is1) (Version: 1 - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteelSeries Engine (HKLM\...\SteelSeries Engine) (Version: 2.9.2014.1 - SteelSeries)
System Shock 2 (HKLM-x32\...\Steam App 238210) (Version: - Irrational Games)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
The Elder Scrolls V Skyrim - Legendary Edition (HKLM-x32\...\{EAABE756-8A47-440F-AAC7-2F6BFF589169}) (Version: 6.0 - Black Box)
The Vanishing of Ethan Carter verze UPDATE 3 (HKLM-x32\...\{152496AE-605C-43F0-83EA-9211E5215E28}_is1) (Version: UPDATE 3 - Astronauts Game)
Unigine Valley Benchmark version 1.0 (HKLM-x32\...\Unigine Valley Benchmark_is1) (Version: 1.0 - Unigine Corp.)
Wasteland 2 (HKLM-x32\...\1207665783_is1) (Version: 2.0.0.8 - GOG.com)
Watch_Dogs (HKLM-x32\...\{9L5FE86L-0D8I-4HJ7-HKY5-DRTKE3G6QG2X}_is1) (Version: 1.05.324 - Ubisoft)
WinRAR 5.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
Wolfenstein New Order version 1.1.0 (HKLM-x32\...\Wolfenstein New Order_is1) (Version: 1.1.0 - REPACKY BY TOMI2K9)
Wrye Bash (HKLM-x32\...\Wrye Bash) (Version: 0.3.0.5 - Wrye & Wrye Bash Development Team)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-1292206800-3816184836-4294836885-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-1292206800-3816184836-4294836885-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Petr\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1292206800-3816184836-4294836885-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Petr\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
==================== Restore Points =========================
20-01-2015 16:18:58 Installed Skyrim Performance Monitor.
20-01-2015 16:19:30 Installed SlimDX Runtime .NET 2.0 (January 2012)
21-01-2015 22:19:01 Nainstalováno: Microsoft Visual C++ 2005 Redistributable
28-01-2015 07:45:52 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2014-11-22 16:32 - 00000753 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {01ADB9A2-C2F9-4B05-9E8E-8269E96FF3AD} - System32\Tasks\{04266EFC-5BB2-479D-A1BC-2D70E926B677} => Chrome.exe http://ui.skype.com/ui/0/6.20.0.104/cs/ ... Error=1603
Task: {17F9B78C-C1D2-4CB1-B644-76E3F20243A5} - System32\Tasks\{0A03B37D-8A84-4E7C-A29C-700FD16EDFE3} => Chrome.exe http://ui.skype.com/ui/0/6.21.59.104/cs ... Error=1603
Task: {1BB38BF2-E722-43F3-A045-A7FBDC0BC061} - System32\Tasks\AdobeAAMUpdater-1.0-i5-Petr-Petr => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-09-19] (Adobe Systems Incorporated)
Task: {2C1ED59D-85F5-40DD-864A-76C96B68709B} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [2014-12-06] ()
Task: {2FF3AF3E-F750-441E-9013-2A8374FA18A9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-09-26] (Piriform Ltd)
Task: {4467FA47-CB84-4823-8CA0-EC50DDC5BBF6} - System32\Tasks\{DBAEFEB3-6ABB-49D6-A18C-201301AC427E} => Chrome.exe http://ui.skype.com/ui/0/6.21.0.104/cs/ ... Error=1603
Task: {4491EA1E-3C63-448D-B7F9-D420282DFFFA} - System32\Tasks\{A17716E6-3791-4337-886D-73BC3D44C12A} => Chrome.exe http://ui.skype.com/ui/0/6.20.0.104/cs/ ... Error=1603
Task: {54D7D9D8-E9CB-44E7-B27D-C07D8F794D3E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {55039598-0995-44F4-8870-29D4A12383B9} - System32\Tasks\{F243475E-1CC9-4A04-BAEF-3015EEF02FAD} => Chrome.exe http://ui.skype.com/ui/0/6.21.0.104/cs/ ... age=tsMain
Task: {5602D040-740C-44BD-8221-59A9E15CBFC5} - System32\Tasks\{6657CC10-E0AA-49E7-B395-0B0C22CAE24A} => pcalua.exe -a C:\Hry\Bioshock\Builds\Release\Bioshock.exe -d C:\Hry\Bioshock\Builds\Release
Task: {77116FCC-8EE7-43B6-BEF3-5F11A365A912} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1292206800-3816184836-4294836885-1001Core => C:\Users\Petr\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-06] (Google Inc.)
Task: {A13843AF-B2C2-439E-9939-0B6C57A9BCAA} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-01-24] (Microsoft Corporation)
Task: {A3C0AA21-0210-4D1C-B4A3-AA2F693F1CC1} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2014-09-28] (Samsung Electronics.)
Task: {A4F81120-079A-412A-A35B-8BD4D1D6BA6E} - System32\Tasks\AutoPico Daily Restart => E:\KMSpico\AutoPico.exe [2014-08-25] (@ByELDI)
Task: {A9063117-C94D-4CC3-AE22-A22C2EE004C2} - System32\Tasks\{121A26B9-85DE-4D45-80BB-3E6DA6A20FFB} => Chrome.exe http://ui.skype.com/ui/0/6.21.0.104/cs/ ... Error=1603
Task: {B2A957E3-C513-44FD-A0DA-50A207E4C888} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {B6570340-F721-4A5D-B7A9-1DCF0141A9F4} - System32\Tasks\Microsoft Office 15 Sync Maintenance for i5-Petr-Petr i5-Petr => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2014-11-12] (Microsoft Corporation)
Task: {B8AAF045-C266-44E7-9AD3-3600BC3CDCDA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1292206800-3816184836-4294836885-1001UA => C:\Users\Petr\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-06] (Google Inc.)
Task: {BC46826A-F1D8-47D9-87A1-03ABC819C506} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {CF9A773A-DEBE-4E61-AF98-1F63F495138A} - System32\Tasks\{C7B6F82C-45E4-40A7-8483-2D75F8222C5D} => Chrome.exe http://ui.skype.com/ui/0/6.20.0.104/cs/ ... Error=1603
Task: {D341D636-9465-40EB-A6BC-510297575EB0} - System32\Tasks\{32FA096E-4D15-4567-8A70-B047A49211B1} => Chrome.exe http://ui.skype.com/ui/0/6.20.0.104/cs/ ... Error=1603
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1292206800-3816184836-4294836885-1001Core.job => C:\Users\Petr\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1292206800-3816184836-4294836885-1001UA.job => C:\Users\Petr\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2015-01-21 22:34 - 2015-01-21 22:34 - 00075064 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-12-06 08:03 - 2014-12-06 08:03 - 00565760 _____ () C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
2014-10-14 23:27 - 2014-10-14 23:27 - 08897696 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 00504832 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SSEngineLib.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 09315328 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SSEngineWinGui.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 00015872 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\Localization.dll
2014-10-09 20:43 - 2014-10-09 20:43 - 00011264 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\ISSPlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 00011264 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\Utilities.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 00115200 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\DriverCommunication.dll
2014-10-08 16:30 - 2014-10-08 16:30 - 00047616 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesDrivers\x2api.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 00034304 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\DBUtils.dll
2014-10-08 16:30 - 2014-10-08 16:30 - 01102336 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\System.Data.SQLite.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 00189440 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\MousePlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 00030720 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\D3MousePlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 00031744 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\KKMousePlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 00030720 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SRawPlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 00159744 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\MLGSenseiPlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 00020992 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\WoWGoldPlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 00030720 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\GW2MousePlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 00029696 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\CSGOMousePlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 00030208 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\DOTA2MousePlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 00023040 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\WoWWirelessPlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 00030720 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\CODMousePlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 00030208 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\WoTMousePlugin.dll
2014-07-31 11:16 - 2014-07-31 11:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-04-03 15:48 - 2014-04-03 15:48 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-12-06 08:01 - 2014-12-06 08:01 - 00071680 _____ () C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
2014-12-06 08:01 - 2014-12-06 08:01 - 00056832 _____ () C:\Program Files (x86)\MSI Afterburner\RTFC.dll
2014-12-06 08:02 - 2014-12-06 08:02 - 00217600 _____ () C:\Program Files (x86)\MSI Afterburner\RTCore.dll
2014-12-06 08:01 - 2014-12-06 08:01 - 00353792 _____ () C:\Program Files (x86)\MSI Afterburner\RTUI.dll
2014-12-06 08:02 - 2014-12-06 08:02 - 00649216 _____ () C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
2015-01-31 09:24 - 2014-04-18 10:48 - 00070656 _____ () E:\AppData\Local\Temp\ShellHook.dll
2015-01-27 09:17 - 2015-01-25 07:08 - 01117512 _____ () C:\Users\Petr\AppData\Local\Google\Chrome\Application\40.0.2214.93\libglesv2.dll
2015-01-27 09:17 - 2015-01-25 07:08 - 00211272 _____ () C:\Users\Petr\AppData\Local\Google\Chrome\Application\40.0.2214.93\libegl.dll
2015-01-27 09:17 - 2015-01-25 07:08 - 09170760 _____ () C:\Users\Petr\AppData\Local\Google\Chrome\Application\40.0.2214.93\pdf.dll
2014-10-06 17:56 - 2014-09-28 17:59 - 00019872 _____ () C:\Program Files (x86)\Samsung\Samsung Magician\SAMSUNG_SSD.dll
2014-10-31 16:07 - 2014-12-01 22:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-10-31 16:07 - 2014-12-01 22:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-10-31 16:07 - 2014-12-01 22:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-10-31 16:07 - 2014-12-01 22:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-10-31 16:07 - 2014-11-11 19:47 - 00774656 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-21 13:46 - 2014-12-02 01:29 - 05002752 _____ () C:\Program Files (x86)\Steam\v8.dll
2014-10-31 16:07 - 2015-01-23 23:34 - 02227904 _____ () C:\Program Files (x86)\Steam\video.dll
2015-01-21 13:46 - 2014-12-02 01:29 - 01612800 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-21 13:46 - 2014-12-02 01:29 - 01210368 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-10-31 16:07 - 2014-12-01 22:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2014-10-31 16:07 - 2015-01-23 23:33 - 00696512 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2014-10-31 16:07 - 2015-01-16 00:42 - 34641288 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2014-10-31 16:07 - 2015-01-16 00:42 - 01709960 _____ () C:\Program Files (x86)\Steam\bin\ffmpegsumo.dll
2014-04-18 10:48 - 2014-04-18 10:48 - 00134656 _____ () C:\Program Files (x86)\GRETECH\GomAudio\MultiLangEx.dll
2014-04-18 10:46 - 2014-04-18 10:46 - 00133120 _____ () C:\Program Files (x86)\GRETECH\GomAudio\unalz.dll
2014-04-18 10:46 - 2014-04-18 10:46 - 00231424 _____ () C:\Program Files (x86)\GRETECH\GomAudio\unrar.dll
2014-04-18 10:45 - 2014-04-18 10:45 - 00118272 _____ () C:\Program Files (x86)\GRETECH\GomAudio\zlib.dll
2014-04-18 10:46 - 2014-04-18 10:46 - 00290816 _____ () C:\Program Files (x86)\GRETECH\GomAudio\PLUGINS\mzin_ape.dll
2014-04-18 10:47 - 2014-04-18 10:47 - 00232960 _____ () C:\Program Files (x86)\GRETECH\GomAudio\PLUGINS\mzin_cdda.dll
2014-04-18 10:47 - 2014-04-18 10:47 - 00275456 _____ () C:\Program Files (x86)\GRETECH\GomAudio\PLUGINS\mzin_flac.dll
2014-05-16 03:18 - 2014-05-16 03:18 - 00467968 _____ () C:\Program Files (x86)\GRETECH\GomAudio\PLUGINS\mzin_m4a.dll
2014-04-18 10:47 - 2014-04-18 10:47 - 00195072 _____ () C:\Program Files (x86)\GRETECH\GomAudio\PLUGINS\mzin_midi.dll
2014-05-13 10:57 - 2014-05-13 10:57 - 01053184 _____ () C:\Program Files (x86)\GRETECH\GomAudio\PLUGINS\mzin_mp3.dll
2014-04-18 10:47 - 2014-04-18 10:47 - 00246784 _____ () C:\Program Files (x86)\GRETECH\GomAudio\PLUGINS\mzin_mpc.dll
2014-04-18 10:47 - 2014-04-18 10:47 - 00465920 _____ () C:\Program Files (x86)\GRETECH\GomAudio\PLUGINS\mzin_ogg.dll
2014-04-18 10:48 - 2014-04-18 10:48 - 00204800 _____ () C:\Program Files (x86)\GRETECH\GomAudio\PLUGINS\mzin_wav.dll
2014-04-18 10:48 - 2014-04-18 10:48 - 00211968 _____ () C:\Program Files (x86)\GRETECH\GomAudio\PLUGINS\mzin_wm.dll
2014-05-15 08:40 - 2014-05-15 08:40 - 00147968 _____ () C:\Program Files (x86)\GRETECH\GomAudio\PLUGINS\mzout_ds.dll
2014-04-18 10:48 - 2014-04-18 10:48 - 00096256 _____ () C:\Program Files (x86)\GRETECH\GomAudio\PLUGINS\mzout_wave.dll
2015-01-27 09:17 - 2015-01-25 07:08 - 14913864 _____ () C:\Users\Petr\AppData\Local\Google\Chrome\Application\40.0.2214.93\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "IMSS"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\StartupApproved\StartupFolder: => "Samsung Magician.lnk"
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\StartupApproved\Run: => "Google Update"
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\StartupApproved\Run: => "DAEMON Tools Lite"
========================= Accounts: ==========================
Administrator (S-1-5-21-1292206800-3816184836-4294836885-500 - Administrator - Disabled)
Guest (S-1-5-21-1292206800-3816184836-4294836885-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1292206800-3816184836-4294836885-1003 - Limited - Enabled)
Petr (S-1-5-21-1292206800-3816184836-4294836885-1001 - Administrator - Enabled) => C:\Users\Petr
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (01/31/2015 09:14:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: igfxCUIService.exe, verze: 6.15.10.3907, časové razítko: 0x53e0fb5e
Název chybujícího modulu: igfxCUIService.exe, verze: 6.15.10.3907, časové razítko: 0x53e0fb5e
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000012798
ID chybujícího procesu: 0x530
Čas spuštění chybující aplikace: 0xigfxCUIService.exe0
Cesta k chybující aplikaci: igfxCUIService.exe1
Cesta k chybujícímu modulu: igfxCUIService.exe2
ID zprávy: igfxCUIService.exe3
Úplný název chybujícího balíčku: igfxCUIService.exe4
ID aplikace související s chybujícím balíčkem: igfxCUIService.exe5
Error: (01/29/2015 08:45:12 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program RSITx64.exe verze 0.0.0.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID procesu: 14dc
Čas spuštění: 01d03bfbe5de87e8
Čas ukončení: 4294967295
Cesta k aplikaci: E:\Hlavní složky\Stažené soubory\RSITx64.exe
ID hlášení: 5577593a-a7ef-11e4-82d0-d43d7eecfa0b
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (01/29/2015 01:27:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: igfxCUIService.exe, verze: 6.15.10.3907, časové razítko: 0x53e0fb5e
Název chybujícího modulu: igfxCUIService.exe, verze: 6.15.10.3907, časové razítko: 0x53e0fb5e
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000012798
ID chybujícího procesu: 0x564
Čas spuštění chybující aplikace: 0xigfxCUIService.exe0
Cesta k chybující aplikaci: igfxCUIService.exe1
Cesta k chybujícímu modulu: igfxCUIService.exe2
ID zprávy: igfxCUIService.exe3
Úplný název chybujícího balíčku: igfxCUIService.exe4
ID aplikace související s chybujícím balíčkem: igfxCUIService.exe5
Error: (01/28/2015 07:45:53 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).
System Error:
Přístup byl odepřen.
.
Error: (01/21/2015 10:19:21 PM) (Source: MsiInstaller) (EventID: 1013) (User: i5-Petr)
Description: Produkt: NVIDIA PhysX -- Installation terminated
Error: (01/21/2015 10:19:02 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).
System Error:
Přístup byl odepřen.
.
Error: (01/21/2015 09:26:54 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1 se nezdařilo. Chyba v souboru manifestu nebo zásad C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2 na řádku C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.
Error: (01/20/2015 05:01:18 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
Description: There was an error with the Windows Location Provider database
Error: (01/20/2015 04:34:26 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\Windows\system32\wbem\wmiaprpl.dll4
Error: (01/20/2015 04:34:26 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4
System errors:
=============
Error: (01/31/2015 00:56:27 PM) (Source: DCOM) (EventID: 10010) (User: i5-Petr)
Description: {33BA60A0-0EF7-49E8-A193-58173CCCD001}
Error: (01/31/2015 10:52:19 AM) (Source: DCOM) (EventID: 10010) (User: i5-Petr)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (01/31/2015 09:14:16 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Intel(R) HD Graphics Control Panel Service byla ukončena s následující chybou:
%%2147500037
Error: (01/31/2015 09:06:27 AM) (Source: DCOM) (EventID: 10010) (User: i5-Petr)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (01/31/2015 09:05:57 AM) (Source: DCOM) (EventID: 10010) (User: i5-Petr)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (01/30/2015 02:53:51 PM) (Source: DCOM) (EventID: 10010) (User: i5-Petr)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (01/30/2015 02:53:21 PM) (Source: DCOM) (EventID: 10010) (User: i5-Petr)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (01/29/2015 02:54:13 PM) (Source: DCOM) (EventID: 10010) (User: i5-Petr)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (01/29/2015 02:53:43 PM) (Source: DCOM) (EventID: 10010) (User: i5-Petr)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (01/29/2015 02:05:17 PM) (Source: DCOM) (EventID: 10010) (User: i5-Petr)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Microsoft Office Sessions:
=========================
Error: (01/31/2015 09:14:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: igfxCUIService.exe6.15.10.390753e0fb5eigfxCUIService.exe6.15.10.390753e0fb5ec0000005000000000001279853001d03d2de6d1b9a6C:\Windows\system32\igfxCUIService.exeC:\Windows\system32\igfxCUIService.exe258268d4-a921-11e4-82d1-d43d7eecfa0b
Error: (01/29/2015 08:45:12 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: RSITx64.exe0.0.0.014dc01d03bfbe5de87e84294967295E:\Hlavní složky\Stažené soubory\RSITx64.exe5577593a-a7ef-11e4-82d0-d43d7eecfa0b
Error: (01/29/2015 01:27:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: igfxCUIService.exe6.15.10.390753e0fb5eigfxCUIService.exe6.15.10.390753e0fb5ec0000005000000000001279856401d03bbef805d9f6C:\Windows\system32\igfxCUIService.exeC:\Windows\system32\igfxCUIService.exe36ef8520-a7b2-11e4-82d0-d43d7eecfa0b
Error: (01/28/2015 07:45:53 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).
System Error:
Přístup byl odepřen.
Error: (01/21/2015 10:19:21 PM) (Source: MsiInstaller) (EventID: 1013) (User: i5-Petr)
Description: Produkt: NVIDIA PhysX -- Installation terminated(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (01/21/2015 10:19:02 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).
System Error:
Přístup byl odepřen.
Error: (01/21/2015 09:26:54 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestD:\Hry\The Elder Scrolls V Skyrim - Legendary Edition\programs\ddsopt\DDSopt x32.exe
Error: (01/20/2015 05:01:18 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
Description: -2147024883
Error: (01/20/2015 04:34:26 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\Windows\system32\wbem\wmiaprpl.dll4
Error: (01/20/2015 04:34:26 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-4570S CPU @ 2.90GHz
Percentage of memory in use: 32%
Total physical RAM: 8120.07 MB
Available physical RAM: 5455.32 MB
Total Pagefile: 12216.07 MB
Available Pagefile: 8705.91 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB
==================== Drives ================================
Drive c: (Systém) (Fixed) (Total:111.45 GB) (Free:46.16 GB) NTFS
Drive d: (Data) (Fixed) (Total:732.42 GB) (Free:173.1 GB) NTFS
Drive e: (Programy) (Fixed) (Total:199.09 GB) (Free:74.02 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: E5572F99)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.4 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 0008C0E8)
Partition 1: (Not Active) - (Size=732.4 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=199.1 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Ran by Petr at 2015-01-31 12:57:04
Running from E:\Hlavní složky\Plocha
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: AVG Internet Security 2015 (Disabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Internet Security 2015 (Disabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG Internet Security 2015 (Enabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
ACP Application (Version: 2.15.10.0003 - Advanced Micro Devices, Inc.) Hidden
Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.2 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5645 - AVG Technologies CZ, s.r.o.)
AVG 2015 (Version: 15.0.4273 - AVG Technologies CZ, s.r.o.) Hidden
AVG 2015 (Version: 15.0.5645 - AVG Technologies CZ, s.r.o.) Hidden
AVS Audio Converter 7 (HKLM-x32\...\AVS Audio Converter_is1) (Version: 7.2.1.528 - Online Media Technologies Ltd.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
CCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform)
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
Counter Strike version 1.6 Clean (HKLM-x32\...\{1E6B7E37-1A30-4922-A023-0D5FDA64C054}_is1) (Version: 1.6 Clean - Cs Neverland)
CPUID CPU-Z 1.70 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dead State (HKLM-x32\...\Dead State (v1.0.0.0134)_is1) (Version: - )
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
Dragon Age Awakening Redesigned (HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\Dragon Age Awakening Redesigned) (Version: - )
Dragon Age Redesigned © Morrigan (HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\Dragon Age Redesigned © Morrigan) (Version: - )
Dragon Age Redesigned- Leliana's Song (HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\Dragon Age Redesigned- Leliana's Song) (Version: - )
Dragon Age Redesigned Oghren© (HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\Dragon Age Redesigned Oghren©) (Version: - )
Dragon Age Redesigned© Zevran (HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\Dragon Age Redesigned© Zevran) (Version: - )
Dragon Age Redesigned© (HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\Dragon Age Redesigned©) (Version: - )
Dragon Age Redesigned© Leliana (HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\Dragon Age Redesigned© Leliana) (Version: - )
Dragon Age Redesigned© Sten (HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\Dragon Age Redesigned© Sten) (Version: - )
Dragon Age Redesigned© Wynne (HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\Dragon Age Redesigned© Wynne) (Version: - )
Dragon Age: Origins - Ultimate Edition (HKLM-x32\...\Steam App 47810) (Version: - BioWare)
DTS+AC3 ÇĘĹÍ (HKLM-x32\...\DtsFilter) (Version: - )
Eurobattle.net (HKLM-x32\...\Eurobattle.net) (Version: - Eurobattle.net) <==== ATTENTION!
EVGA OC Scanner X 3.6.1.2 (64-bit) (HKLM\...\{CC520CF6-B02E-49AA-8192-C1DDC159E0AA}}_is1) (Version: - EVGA)
Far Cry 4 (HKLM-x32\...\Far Cry 4_is1) (Version: 1.4.0 - Ubisoft)
Fraps (HKLM-x32\...\Fraps) (Version: - )
GOM Audio (HKLM-x32\...\GomAudio) (Version: 2.0.7.1108 - Gretech Corporation)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.2.62.5209 - Gretech Corporation)
Google Chrome (HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\Google Chrome) (Version: 40.0.2214.93 - Google Inc.)
Gothic 3 (HKLM-x32\...\Gothic 3_is1) (Version: - GOG.com)
HWiNFO64 Version 4.44 (HKLM\...\HWiNFO64_is1) (Version: 4.44 - Martin Malík - REALiX)
Chameleon Shutdown 1.0 (HKLM-x32\...\Chameleon Shutdown) (Version: 1.0 - NeoSoft Tools)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.1.1000 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3907 - Intel Corporation)
Intel® Chipset Device Software (x32 Version: 10.0.20 - Intel(R) Corporation) Hidden
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 72 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417072FF}) (Version: 7.0.720 - Oracle)
KMSpico v9.3.3 (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: 9.3.2 - )
Lichdom: Battlemage (HKLM-x32\...\Steam App 261760) (Version: - Xaviant)
Medal of Honor(TM) Multiplayer (HKLM-x32\...\Steam App 47830) (Version: - Electronic Arts)
Medal of Honor(TM) Single Player (HKLM-x32\...\Steam App 47790) (Version: - Electronic Arts)
Media Player Codec Pack 4.3.3 (HKLM-x32\...\Media Player - Codec Pack) (Version: 4.3.3 - Media Player Codec Pack)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Minimum (HKLM-x32\...\Steam App 214190) (Version: - Human Head Studios)
MISERY version 2.1.1 (HKLM-x32\...\MISERY_is1) (Version: 2.1.1 - MISERY Development Team)
MSI Afterburner 4.1.0 (HKLM-x32\...\Afterburner) (Version: 4.1.0 - MSI Co., LTD)
Nosgoth (HKLM-x32\...\Steam App 200110) (Version: - Psyonix)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Patch (HKLM-x32\...\Patch) (Version: - )
PlanetSide 2 (HKLM-x32\...\Steam App 218230) (Version: - Sony Online Entertainment)
PlanetSide 2 (HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\SOE-PlanetSide 2) (Version: - Sony Online Entertainment)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.989 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.23.1126.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7293 - Realtek Semiconductor Corp.)
S.T.A.L.K.E.R. Call of Pripyat (HKLM-x32\...\GOGPACKSTALKERCOP_is1) (Version: 2.0.0.12 - GOG.com)
Samsung Data Migration (HKLM-x32\...\{D4DE3DB4-7734-47E5-8D92-B80146311406}) (Version: 2.7 - Samsung)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.5.1 - Samsung Electronics)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Skyrim Performance Monitor (HKLM-x32\...\{84AEB93A-ECBB-4568-8F59-D4516EF59079}) (Version: 3.66 - SirGarnon on Skyrim Nexus)
SlimDX Runtime .NET 2.0 (January 2012) (HKLM-x32\...\{014A2868-BE56-4888-A16C-693989B8F153}) (Version: 2.0.13.43 - SlimDX Group)
Southpark Stick of Truth (HKLM-x32\...\U291dGhwYXJrU3RpY2tvZlRydXRo_is1) (Version: 1 - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteelSeries Engine (HKLM\...\SteelSeries Engine) (Version: 2.9.2014.1 - SteelSeries)
System Shock 2 (HKLM-x32\...\Steam App 238210) (Version: - Irrational Games)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
The Elder Scrolls V Skyrim - Legendary Edition (HKLM-x32\...\{EAABE756-8A47-440F-AAC7-2F6BFF589169}) (Version: 6.0 - Black Box)
The Vanishing of Ethan Carter verze UPDATE 3 (HKLM-x32\...\{152496AE-605C-43F0-83EA-9211E5215E28}_is1) (Version: UPDATE 3 - Astronauts Game)
Unigine Valley Benchmark version 1.0 (HKLM-x32\...\Unigine Valley Benchmark_is1) (Version: 1.0 - Unigine Corp.)
Wasteland 2 (HKLM-x32\...\1207665783_is1) (Version: 2.0.0.8 - GOG.com)
Watch_Dogs (HKLM-x32\...\{9L5FE86L-0D8I-4HJ7-HKY5-DRTKE3G6QG2X}_is1) (Version: 1.05.324 - Ubisoft)
WinRAR 5.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
Wolfenstein New Order version 1.1.0 (HKLM-x32\...\Wolfenstein New Order_is1) (Version: 1.1.0 - REPACKY BY TOMI2K9)
Wrye Bash (HKLM-x32\...\Wrye Bash) (Version: 0.3.0.5 - Wrye & Wrye Bash Development Team)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-1292206800-3816184836-4294836885-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-1292206800-3816184836-4294836885-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Petr\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1292206800-3816184836-4294836885-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Petr\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
==================== Restore Points =========================
20-01-2015 16:18:58 Installed Skyrim Performance Monitor.
20-01-2015 16:19:30 Installed SlimDX Runtime .NET 2.0 (January 2012)
21-01-2015 22:19:01 Nainstalováno: Microsoft Visual C++ 2005 Redistributable
28-01-2015 07:45:52 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2014-11-22 16:32 - 00000753 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {01ADB9A2-C2F9-4B05-9E8E-8269E96FF3AD} - System32\Tasks\{04266EFC-5BB2-479D-A1BC-2D70E926B677} => Chrome.exe http://ui.skype.com/ui/0/6.20.0.104/cs/ ... Error=1603
Task: {17F9B78C-C1D2-4CB1-B644-76E3F20243A5} - System32\Tasks\{0A03B37D-8A84-4E7C-A29C-700FD16EDFE3} => Chrome.exe http://ui.skype.com/ui/0/6.21.59.104/cs ... Error=1603
Task: {1BB38BF2-E722-43F3-A045-A7FBDC0BC061} - System32\Tasks\AdobeAAMUpdater-1.0-i5-Petr-Petr => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-09-19] (Adobe Systems Incorporated)
Task: {2C1ED59D-85F5-40DD-864A-76C96B68709B} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [2014-12-06] ()
Task: {2FF3AF3E-F750-441E-9013-2A8374FA18A9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-09-26] (Piriform Ltd)
Task: {4467FA47-CB84-4823-8CA0-EC50DDC5BBF6} - System32\Tasks\{DBAEFEB3-6ABB-49D6-A18C-201301AC427E} => Chrome.exe http://ui.skype.com/ui/0/6.21.0.104/cs/ ... Error=1603
Task: {4491EA1E-3C63-448D-B7F9-D420282DFFFA} - System32\Tasks\{A17716E6-3791-4337-886D-73BC3D44C12A} => Chrome.exe http://ui.skype.com/ui/0/6.20.0.104/cs/ ... Error=1603
Task: {54D7D9D8-E9CB-44E7-B27D-C07D8F794D3E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {55039598-0995-44F4-8870-29D4A12383B9} - System32\Tasks\{F243475E-1CC9-4A04-BAEF-3015EEF02FAD} => Chrome.exe http://ui.skype.com/ui/0/6.21.0.104/cs/ ... age=tsMain
Task: {5602D040-740C-44BD-8221-59A9E15CBFC5} - System32\Tasks\{6657CC10-E0AA-49E7-B395-0B0C22CAE24A} => pcalua.exe -a C:\Hry\Bioshock\Builds\Release\Bioshock.exe -d C:\Hry\Bioshock\Builds\Release
Task: {77116FCC-8EE7-43B6-BEF3-5F11A365A912} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1292206800-3816184836-4294836885-1001Core => C:\Users\Petr\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-06] (Google Inc.)
Task: {A13843AF-B2C2-439E-9939-0B6C57A9BCAA} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-01-24] (Microsoft Corporation)
Task: {A3C0AA21-0210-4D1C-B4A3-AA2F693F1CC1} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2014-09-28] (Samsung Electronics.)
Task: {A4F81120-079A-412A-A35B-8BD4D1D6BA6E} - System32\Tasks\AutoPico Daily Restart => E:\KMSpico\AutoPico.exe [2014-08-25] (@ByELDI)
Task: {A9063117-C94D-4CC3-AE22-A22C2EE004C2} - System32\Tasks\{121A26B9-85DE-4D45-80BB-3E6DA6A20FFB} => Chrome.exe http://ui.skype.com/ui/0/6.21.0.104/cs/ ... Error=1603
Task: {B2A957E3-C513-44FD-A0DA-50A207E4C888} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {B6570340-F721-4A5D-B7A9-1DCF0141A9F4} - System32\Tasks\Microsoft Office 15 Sync Maintenance for i5-Petr-Petr i5-Petr => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2014-11-12] (Microsoft Corporation)
Task: {B8AAF045-C266-44E7-9AD3-3600BC3CDCDA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1292206800-3816184836-4294836885-1001UA => C:\Users\Petr\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-06] (Google Inc.)
Task: {BC46826A-F1D8-47D9-87A1-03ABC819C506} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {CF9A773A-DEBE-4E61-AF98-1F63F495138A} - System32\Tasks\{C7B6F82C-45E4-40A7-8483-2D75F8222C5D} => Chrome.exe http://ui.skype.com/ui/0/6.20.0.104/cs/ ... Error=1603
Task: {D341D636-9465-40EB-A6BC-510297575EB0} - System32\Tasks\{32FA096E-4D15-4567-8A70-B047A49211B1} => Chrome.exe http://ui.skype.com/ui/0/6.20.0.104/cs/ ... Error=1603
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1292206800-3816184836-4294836885-1001Core.job => C:\Users\Petr\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1292206800-3816184836-4294836885-1001UA.job => C:\Users\Petr\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2015-01-21 22:34 - 2015-01-21 22:34 - 00075064 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-12-06 08:03 - 2014-12-06 08:03 - 00565760 _____ () C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
2014-10-14 23:27 - 2014-10-14 23:27 - 08897696 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 00504832 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SSEngineLib.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 09315328 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SSEngineWinGui.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 00015872 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\Localization.dll
2014-10-09 20:43 - 2014-10-09 20:43 - 00011264 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\ISSPlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 00011264 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\Utilities.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 00115200 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\DriverCommunication.dll
2014-10-08 16:30 - 2014-10-08 16:30 - 00047616 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesDrivers\x2api.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 00034304 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\DBUtils.dll
2014-10-08 16:30 - 2014-10-08 16:30 - 01102336 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\System.Data.SQLite.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 00189440 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\MousePlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 00030720 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\D3MousePlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 00031744 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\KKMousePlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 00030720 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SRawPlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 00159744 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\MLGSenseiPlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 00020992 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\WoWGoldPlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 00030720 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\GW2MousePlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 00029696 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\CSGOMousePlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 00030208 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\DOTA2MousePlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 00023040 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\WoWWirelessPlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 00030720 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\CODMousePlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 00030208 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\WoTMousePlugin.dll
2014-07-31 11:16 - 2014-07-31 11:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-04-03 15:48 - 2014-04-03 15:48 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-12-06 08:01 - 2014-12-06 08:01 - 00071680 _____ () C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
2014-12-06 08:01 - 2014-12-06 08:01 - 00056832 _____ () C:\Program Files (x86)\MSI Afterburner\RTFC.dll
2014-12-06 08:02 - 2014-12-06 08:02 - 00217600 _____ () C:\Program Files (x86)\MSI Afterburner\RTCore.dll
2014-12-06 08:01 - 2014-12-06 08:01 - 00353792 _____ () C:\Program Files (x86)\MSI Afterburner\RTUI.dll
2014-12-06 08:02 - 2014-12-06 08:02 - 00649216 _____ () C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
2015-01-31 09:24 - 2014-04-18 10:48 - 00070656 _____ () E:\AppData\Local\Temp\ShellHook.dll
2015-01-27 09:17 - 2015-01-25 07:08 - 01117512 _____ () C:\Users\Petr\AppData\Local\Google\Chrome\Application\40.0.2214.93\libglesv2.dll
2015-01-27 09:17 - 2015-01-25 07:08 - 00211272 _____ () C:\Users\Petr\AppData\Local\Google\Chrome\Application\40.0.2214.93\libegl.dll
2015-01-27 09:17 - 2015-01-25 07:08 - 09170760 _____ () C:\Users\Petr\AppData\Local\Google\Chrome\Application\40.0.2214.93\pdf.dll
2014-10-06 17:56 - 2014-09-28 17:59 - 00019872 _____ () C:\Program Files (x86)\Samsung\Samsung Magician\SAMSUNG_SSD.dll
2014-10-31 16:07 - 2014-12-01 22:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-10-31 16:07 - 2014-12-01 22:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-10-31 16:07 - 2014-12-01 22:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-10-31 16:07 - 2014-12-01 22:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-10-31 16:07 - 2014-11-11 19:47 - 00774656 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-21 13:46 - 2014-12-02 01:29 - 05002752 _____ () C:\Program Files (x86)\Steam\v8.dll
2014-10-31 16:07 - 2015-01-23 23:34 - 02227904 _____ () C:\Program Files (x86)\Steam\video.dll
2015-01-21 13:46 - 2014-12-02 01:29 - 01612800 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-21 13:46 - 2014-12-02 01:29 - 01210368 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-10-31 16:07 - 2014-12-01 22:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2014-10-31 16:07 - 2015-01-23 23:33 - 00696512 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2014-10-31 16:07 - 2015-01-16 00:42 - 34641288 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2014-10-31 16:07 - 2015-01-16 00:42 - 01709960 _____ () C:\Program Files (x86)\Steam\bin\ffmpegsumo.dll
2014-04-18 10:48 - 2014-04-18 10:48 - 00134656 _____ () C:\Program Files (x86)\GRETECH\GomAudio\MultiLangEx.dll
2014-04-18 10:46 - 2014-04-18 10:46 - 00133120 _____ () C:\Program Files (x86)\GRETECH\GomAudio\unalz.dll
2014-04-18 10:46 - 2014-04-18 10:46 - 00231424 _____ () C:\Program Files (x86)\GRETECH\GomAudio\unrar.dll
2014-04-18 10:45 - 2014-04-18 10:45 - 00118272 _____ () C:\Program Files (x86)\GRETECH\GomAudio\zlib.dll
2014-04-18 10:46 - 2014-04-18 10:46 - 00290816 _____ () C:\Program Files (x86)\GRETECH\GomAudio\PLUGINS\mzin_ape.dll
2014-04-18 10:47 - 2014-04-18 10:47 - 00232960 _____ () C:\Program Files (x86)\GRETECH\GomAudio\PLUGINS\mzin_cdda.dll
2014-04-18 10:47 - 2014-04-18 10:47 - 00275456 _____ () C:\Program Files (x86)\GRETECH\GomAudio\PLUGINS\mzin_flac.dll
2014-05-16 03:18 - 2014-05-16 03:18 - 00467968 _____ () C:\Program Files (x86)\GRETECH\GomAudio\PLUGINS\mzin_m4a.dll
2014-04-18 10:47 - 2014-04-18 10:47 - 00195072 _____ () C:\Program Files (x86)\GRETECH\GomAudio\PLUGINS\mzin_midi.dll
2014-05-13 10:57 - 2014-05-13 10:57 - 01053184 _____ () C:\Program Files (x86)\GRETECH\GomAudio\PLUGINS\mzin_mp3.dll
2014-04-18 10:47 - 2014-04-18 10:47 - 00246784 _____ () C:\Program Files (x86)\GRETECH\GomAudio\PLUGINS\mzin_mpc.dll
2014-04-18 10:47 - 2014-04-18 10:47 - 00465920 _____ () C:\Program Files (x86)\GRETECH\GomAudio\PLUGINS\mzin_ogg.dll
2014-04-18 10:48 - 2014-04-18 10:48 - 00204800 _____ () C:\Program Files (x86)\GRETECH\GomAudio\PLUGINS\mzin_wav.dll
2014-04-18 10:48 - 2014-04-18 10:48 - 00211968 _____ () C:\Program Files (x86)\GRETECH\GomAudio\PLUGINS\mzin_wm.dll
2014-05-15 08:40 - 2014-05-15 08:40 - 00147968 _____ () C:\Program Files (x86)\GRETECH\GomAudio\PLUGINS\mzout_ds.dll
2014-04-18 10:48 - 2014-04-18 10:48 - 00096256 _____ () C:\Program Files (x86)\GRETECH\GomAudio\PLUGINS\mzout_wave.dll
2015-01-27 09:17 - 2015-01-25 07:08 - 14913864 _____ () C:\Users\Petr\AppData\Local\Google\Chrome\Application\40.0.2214.93\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "IMSS"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\StartupApproved\StartupFolder: => "Samsung Magician.lnk"
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\StartupApproved\Run: => "Google Update"
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\StartupApproved\Run: => "DAEMON Tools Lite"
========================= Accounts: ==========================
Administrator (S-1-5-21-1292206800-3816184836-4294836885-500 - Administrator - Disabled)
Guest (S-1-5-21-1292206800-3816184836-4294836885-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1292206800-3816184836-4294836885-1003 - Limited - Enabled)
Petr (S-1-5-21-1292206800-3816184836-4294836885-1001 - Administrator - Enabled) => C:\Users\Petr
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (01/31/2015 09:14:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: igfxCUIService.exe, verze: 6.15.10.3907, časové razítko: 0x53e0fb5e
Název chybujícího modulu: igfxCUIService.exe, verze: 6.15.10.3907, časové razítko: 0x53e0fb5e
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000012798
ID chybujícího procesu: 0x530
Čas spuštění chybující aplikace: 0xigfxCUIService.exe0
Cesta k chybující aplikaci: igfxCUIService.exe1
Cesta k chybujícímu modulu: igfxCUIService.exe2
ID zprávy: igfxCUIService.exe3
Úplný název chybujícího balíčku: igfxCUIService.exe4
ID aplikace související s chybujícím balíčkem: igfxCUIService.exe5
Error: (01/29/2015 08:45:12 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program RSITx64.exe verze 0.0.0.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID procesu: 14dc
Čas spuštění: 01d03bfbe5de87e8
Čas ukončení: 4294967295
Cesta k aplikaci: E:\Hlavní složky\Stažené soubory\RSITx64.exe
ID hlášení: 5577593a-a7ef-11e4-82d0-d43d7eecfa0b
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (01/29/2015 01:27:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: igfxCUIService.exe, verze: 6.15.10.3907, časové razítko: 0x53e0fb5e
Název chybujícího modulu: igfxCUIService.exe, verze: 6.15.10.3907, časové razítko: 0x53e0fb5e
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000012798
ID chybujícího procesu: 0x564
Čas spuštění chybující aplikace: 0xigfxCUIService.exe0
Cesta k chybující aplikaci: igfxCUIService.exe1
Cesta k chybujícímu modulu: igfxCUIService.exe2
ID zprávy: igfxCUIService.exe3
Úplný název chybujícího balíčku: igfxCUIService.exe4
ID aplikace související s chybujícím balíčkem: igfxCUIService.exe5
Error: (01/28/2015 07:45:53 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).
System Error:
Přístup byl odepřen.
.
Error: (01/21/2015 10:19:21 PM) (Source: MsiInstaller) (EventID: 1013) (User: i5-Petr)
Description: Produkt: NVIDIA PhysX -- Installation terminated
Error: (01/21/2015 10:19:02 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).
System Error:
Přístup byl odepřen.
.
Error: (01/21/2015 09:26:54 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1 se nezdařilo. Chyba v souboru manifestu nebo zásad C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2 na řádku C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.
Error: (01/20/2015 05:01:18 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
Description: There was an error with the Windows Location Provider database
Error: (01/20/2015 04:34:26 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\Windows\system32\wbem\wmiaprpl.dll4
Error: (01/20/2015 04:34:26 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4
System errors:
=============
Error: (01/31/2015 00:56:27 PM) (Source: DCOM) (EventID: 10010) (User: i5-Petr)
Description: {33BA60A0-0EF7-49E8-A193-58173CCCD001}
Error: (01/31/2015 10:52:19 AM) (Source: DCOM) (EventID: 10010) (User: i5-Petr)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (01/31/2015 09:14:16 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Intel(R) HD Graphics Control Panel Service byla ukončena s následující chybou:
%%2147500037
Error: (01/31/2015 09:06:27 AM) (Source: DCOM) (EventID: 10010) (User: i5-Petr)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (01/31/2015 09:05:57 AM) (Source: DCOM) (EventID: 10010) (User: i5-Petr)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (01/30/2015 02:53:51 PM) (Source: DCOM) (EventID: 10010) (User: i5-Petr)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (01/30/2015 02:53:21 PM) (Source: DCOM) (EventID: 10010) (User: i5-Petr)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (01/29/2015 02:54:13 PM) (Source: DCOM) (EventID: 10010) (User: i5-Petr)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (01/29/2015 02:53:43 PM) (Source: DCOM) (EventID: 10010) (User: i5-Petr)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (01/29/2015 02:05:17 PM) (Source: DCOM) (EventID: 10010) (User: i5-Petr)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Microsoft Office Sessions:
=========================
Error: (01/31/2015 09:14:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: igfxCUIService.exe6.15.10.390753e0fb5eigfxCUIService.exe6.15.10.390753e0fb5ec0000005000000000001279853001d03d2de6d1b9a6C:\Windows\system32\igfxCUIService.exeC:\Windows\system32\igfxCUIService.exe258268d4-a921-11e4-82d1-d43d7eecfa0b
Error: (01/29/2015 08:45:12 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: RSITx64.exe0.0.0.014dc01d03bfbe5de87e84294967295E:\Hlavní složky\Stažené soubory\RSITx64.exe5577593a-a7ef-11e4-82d0-d43d7eecfa0b
Error: (01/29/2015 01:27:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: igfxCUIService.exe6.15.10.390753e0fb5eigfxCUIService.exe6.15.10.390753e0fb5ec0000005000000000001279856401d03bbef805d9f6C:\Windows\system32\igfxCUIService.exeC:\Windows\system32\igfxCUIService.exe36ef8520-a7b2-11e4-82d0-d43d7eecfa0b
Error: (01/28/2015 07:45:53 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).
System Error:
Přístup byl odepřen.
Error: (01/21/2015 10:19:21 PM) (Source: MsiInstaller) (EventID: 1013) (User: i5-Petr)
Description: Produkt: NVIDIA PhysX -- Installation terminated(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (01/21/2015 10:19:02 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).
System Error:
Přístup byl odepřen.
Error: (01/21/2015 09:26:54 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestD:\Hry\The Elder Scrolls V Skyrim - Legendary Edition\programs\ddsopt\DDSopt x32.exe
Error: (01/20/2015 05:01:18 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
Description: -2147024883
Error: (01/20/2015 04:34:26 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\Windows\system32\wbem\wmiaprpl.dll4
Error: (01/20/2015 04:34:26 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-4570S CPU @ 2.90GHz
Percentage of memory in use: 32%
Total physical RAM: 8120.07 MB
Available physical RAM: 5455.32 MB
Total Pagefile: 12216.07 MB
Available Pagefile: 8705.91 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB
==================== Drives ================================
Drive c: (Systém) (Fixed) (Total:111.45 GB) (Free:46.16 GB) NTFS
Drive d: (Data) (Fixed) (Total:732.42 GB) (Free:173.1 GB) NTFS
Drive e: (Programy) (Fixed) (Total:199.09 GB) (Free:74.02 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: E5572F99)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.4 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 0008C0E8)
Partition 1: (Not Active) - (Size=732.4 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=199.1 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Re: Preventivka (RSIT)
FRSTLauncher obcas FRST nenajde... bugy, ktere se vyskytnou jen nekdy se nejhur fixuji. Chybi cast logu, ale zvladneme to i bez ni.- Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
- ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
- znovu spustte FRST a kliknete na Fix
- po restartu na Vas vyskoci fixlog (pripadne bude ulozen na Plose), jehoz obsah mi vlozte do pristi odpovedi
Kód: Vybrat vše
Start CloseProcesses: HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-09-19] (Adobe Systems Incorporated) HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\Run: [Google Update] => C:\Users\Petr\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-10-06] (Google Inc.) HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6482200 2014-09-26] (Piriform Ltd) HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\Run: [DAEMON Tools Lite] => E:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd) HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\MountPoints2: {75d6cbb7-5699-11e4-826c-d43d7eecfa0b} - "G:\setup.exe" SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = FF Plugin-x32: @t.garena.com/garenatalk -> C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll No File S3 DIRECTIO; \??\C:\Program Files\PerformanceTest\DirectIo64.sys [X] S3 GPU-Z; \??\E:\AppData\Local\Temp\GPU-Z.sys [X] S4 NVHDA; \SystemRoot\system32\drivers\nvhda64v.sys [X] S4 nvlddmkm; \SystemRoot\system32\DRIVERS\nvlddmkm.sys [X] S4 nvvad_WaveExtensible; \SystemRoot\system32\drivers\nvvad64v.sys [X] S3 SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014.SP3e\WNt600x64\Sandra.sys [X] S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X] 2015-01-31 09:11 - 2015-01-31 09:13 - 00000000 ____D () C:\AdwCleaner 2015-01-29 20:43 - 2015-01-29 20:45 - 00000000 ____D () C:\rsit 2015-01-29 20:43 - 2015-01-29 20:45 - 00000000 ____D () C:\Program Files\trend micro 2015-01-21 22:19 - 2015-01-21 22:19 - 00000000 ____D () C:\Windows\1C4551A64743409391E41477CD655043.TMP Task: {A4F81120-079A-412A-A35B-8BD4D1D6BA6E} - System32\Tasks\AutoPico Daily Restart => E:\KMSpico\AutoPico.exe [2014-08-25] (@ByELDI) Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1292206800-3816184836-4294836885-1001Core.job => C:\Users\Petr\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1292206800-3816184836-4294836885-1001UA.job => C:\Users\Petr\AppData\Local\Google\Update\GoogleUpdate.exe CMD: del "C:\Windows\*.tmp" Hosts: EmptyTemp: End
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Přispějete na provoz fóra?