VIRY.CZ

Pred tydnem jsem zacal na svem pc pozorovat pretezovani ramek na 99% pomaly boot (35 s s ssd).
Po procteni nekolika for jsem si usmyslel ze by to mohl byt vir. Pc jsem projel antivirem (esetem) ktery ale nic nenasel, pote jsem stahl CCLEANER ktery neco promazal. Tak na 1 den pc fungoval bez problemu boot za 8 s zadne pretezovani proste nic. Ale druhy den to zase cele zaclo odznova. Jsem bezradny tak doufam ze mi poradite Necky

Zdravím!
Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .

Additional scan result of Farbar Recovery Scan Tool (x64) Version:15-09-2015
Ran by Petr (2015-09-22 21:48:33)
Running from C:\Users\Petr\Downloads
Windows 10 Home (X64) (2015-08-05 20:08:15)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-445612871-1141213351-4147861920-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-445612871-1141213351-4147861920-503 - Limited - Disabled)
Guest (S-1-5-21-445612871-1141213351-4147861920-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-445612871-1141213351-4147861920-1003 - Limited - Enabled)
Petr (S-1-5-21-445612871-1141213351-4147861920-1001 - Administrator - Enabled) => C:\Users\Petr

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AIDA64 Extreme v5.00 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.00 - FinalWire Ltd.)
Akamai NetSession Interface (HKU\S-1-5-21-445612871-1141213351-4147861920-1001\...\Akamai) (Version: - Akamai Technologies, Inc)
Aktualizace NVIDIA 2.5.14.5 (Version: 2.5.14.5 - NVIDIA Corporation) Hidden
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_SMALLBUSINESS_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_SMALLBUSINESS_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_SMALLBUSINESS_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Amnesia: The Dark Descent (HKLM-x32\...\Steam App 57300) (Version: - Frictional Games)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.4.2.30944 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB)
BitTorrent (HKU\S-1-5-21-445612871-1141213351-4147861920-1001\...\BitTorrent) (Version: 7.9.3.40299 - BitTorrent Inc.)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Dying Light / RePack by Baracuda (HKLM-x32\...\Dying Light_is1) (Version: 1.4.0.0 - )
ESET NOD32 Antivirus (HKLM\...\{1D4A236B-9CC3-4387-86F8-DB5EE3A5D33A}) (Version: 8.0.319.1 - ESET, spol s r. o.)
Far Cry 4. Gold Edition, âĺđńč˙ 1.9.0.0 (HKLM-x32\...\Far Cry 4. Gold Edition_is1) (Version: 1.9.0.0 - RePack by SEYTER)
Google Drive (HKLM-x32\...\{12ADFB82-D5A3-43E4-B2F4-FCD9B690315B}) (Version: 1.24.9931.5480 - Google, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.152 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6710.2136 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.21.115 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Chivalry: Medieval Warfare (HKLM-x32\...\Steam App 219640) (Version: - Torn Banner Studios)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.1.1000 - Intel Corporation)
Intel(R) Smart Connect Technology (HKLM\...\{C763E38D-6102-4581-807B-46E42A749212}) (Version: 5.0.10.2832 - Intel Corporation)
Intel® Chipset Device Software (x32 Version: 10.0.20 - Intel(R) Corporation) Hidden
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Small Business 2007 (HKLM-x32\...\SMALLBUSINESS) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x64 8.0.61000 (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{51adbf11-493f-431c-a862-967a0fae2944}) (Version: 12.0.21005.1 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{2af972c7-13b0-4978-92a8-fee26a4fb4e9}) (Version: 12.0.21005.1 - Корпорация Майкрософт)
MSI Super Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.026 - MSI)
NVIDIA GeForce Experience 2.5.14.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.14.5 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 355.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 355.82 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 355.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 355.82 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
NVIDIA Virtuální audio Miracast 353.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 353.62 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 9.5.12.2862 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{3bff9e3b-b9c6-4ae5-a2b7-ef8f73bdc057}) (Version: latest - ppy Pty Ltd)
Ovládací panel NVIDIA 355.82 (Version: 355.82 - NVIDIA Corporation) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Qualcomm Atheros Bandwidth Control Filter Driver (Version: 1.1.42.1045 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer E220x Drivers (Version: 1.1.42.1045 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer Network Manager Suite (HKLM-x32\...\{E70DB50B-10B4-46BC-9DE2-AB8B49E061EE}) (Version: 1.1.42.1045 - Qualcomm Atheros)
Qualcomm Atheros Network Manager (Version: 1.1.42.1045 - Qualcomm Atheros) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Rocket League (HKLM-x32\...\Steam App 252950) (Version: - Psyonix)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.6.5 - Rockstar Games)
Seznam Lištička (Všichni uživatelé tohoto počítače.) (HKLM-x32\...\szn-software-listicka) (Version: - )
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.14.5 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.)
Sound Blaster Cinema (HKLM-x32\...\{8801CA65-921A-4CCC-9D63-879D1D0BAA97}) (Version: 1.00.05 - Creative Technology Limited)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteelSeries Engine 3.4.3 (HKLM\...\SteelSeries Engine 3) (Version: 3.4.3 - SteelSeries ApS)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VGA Boost (HKLM-x32\...\{809ACFAE-9A4D-4C60-9223-D8B615CD8CBA}}_is1) (Version: 1.0.0.8 - MSI)
War Thunder (HKLM-x32\...\Steam App 236390) (Version: - Gaijin Entertainment)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Wolfenstein. The New Order, âĺđńč˙ 1.0.0.0 (HKLM-x32\...\Wolfenstein. The New Order_is1) (Version: 1.0.0.0 - RePack by SEYTER)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {13F9E17C-1453-4FE1-893E-AF14CE54EEFD} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {34914640-98E4-449E-9D7D-8B500AC592D1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {34F9B3B0-A539-4A11-BBB0-8F3D8EECF2BB} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {43BBFB6B-A824-4B1F-9F12-EF99BBD98970} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {4C0FBBC0-24E8-4221-BCC8-A452A2046D6A} - System32\Tasks\GoogleUpdateTaskMachineUA1d08efa5e2abc71 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {4F723441-CAC3-4C70-BB92-28F659481CB0} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {639F8D40-A69B-445A-B618-46F22EC6EA21} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {64420EC3-A0CA-4C45-A00A-6F505FD3AA91} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {73AEF3D8-AC7E-4A28-9A92-A4E4A7C3F915} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {8E78B6F5-31F5-46CC-8A3D-4CB433350A64} - System32\Tasks\{A5C93952-EC2F-44CE-9590-D633FD23095A} => pcalua.exe -a C:\LOL\lol.launcher.exe -d C:\LOL\
Task: {901AA6D1-7040-429F-B7B8-BE9D8F854469} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {C979AC91-A882-4FD3-BF63-87BD250476D5} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {CD22E81B-6C96-4465-BCC0-AE94D235A19F} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {F1616210-2C75-44DA-A2AF-6E3ED19D831B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {F6A55C04-A6C9-4A35-8919-9FDB63B0B746} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {F9E6DF31-E49B-44E6-A58E-CAB0065D76A6} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-26] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d08efa5e2abc71.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2015-08-05 22:56 - 2015-08-05 22:56 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2014-04-24 13:24 - 2014-04-24 13:24 - 00209712 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2014-04-24 13:24 - 2014-04-24 13:24 - 00057648 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2014-04-24 13:24 - 2014-04-24 13:24 - 00057648 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTEncryptionCheck.dll
2014-04-24 13:24 - 2014-04-24 13:24 - 00037168 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetMon.dll
2015-08-20 08:51 - 2015-08-11 11:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-03-13 23:17 - 2015-03-13 23:17 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2015-08-27 22:51 - 2015-08-18 09:56 - 02498808 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-27 22:51 - 2015-08-18 09:56 - 02498808 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-07-10 12:59 - 2015-07-10 12:59 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-03-05 15:31 - 2015-08-25 17:57 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-08-11 20:59 - 2015-08-03 03:11 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-07-10 13:00 - 2015-07-10 18:05 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-08-20 08:51 - 2015-08-11 10:58 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-08-11 20:59 - 2015-08-03 03:09 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-03-05 15:21 - 2012-11-01 12:23 - 00089600 _____ () C:\Windows\SYSTEM32\CmdRtr64.DLL
2015-03-05 15:21 - 2012-11-01 12:21 - 00325120 _____ () C:\Windows\SYSTEM32\APOMgr64.DLL
2014-04-17 12:02 - 2014-04-17 12:02 - 00300544 _____ () C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
2015-03-05 18:44 - 2015-03-05 18:44 - 00047616 _____ () C:\Program Files\SteelSeries\SteelSeries Engine 3\x2api.dll
2015-09-19 12:50 - 2015-09-19 12:50 - 00012288 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.915.17170.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2015-09-19 12:50 - 2015-09-19 12:50 - 10712576 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.915.17170.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2015-09-19 12:50 - 2015-09-19 12:50 - 00500224 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.915.17170.0_x64__8wekyb3d8bbwe\Lumia.SequencePlayer.UAP.dll
2015-09-18 12:56 - 2015-09-18 12:56 - 03495936 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1509.14010.0_x64__8wekyb3d8bbwe\Calculator.exe
2015-09-21 15:39 - 2015-09-21 15:39 - 00103424 _____ () D:\Medieval Warfare\steamapps\common\Counter-Strike Global Offensive\csgo.exe
2014-04-03 17:48 - 2014-04-03 17:48 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-03-31 19:42 - 2015-08-27 02:37 - 00011896 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-03-07 12:41 - 2015-07-03 18:12 - 00778240 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-03-07 12:41 - 2015-07-03 18:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-03-07 12:41 - 2015-08-19 22:39 - 02413248 _____ () C:\Program Files (x86)\Steam\video.dll
2015-03-07 12:41 - 2014-12-01 23:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-03-07 12:41 - 2014-12-01 23:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-03-07 12:41 - 2014-12-01 23:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-03-07 12:41 - 2014-12-01 23:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-03-07 12:41 - 2014-12-01 23:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-03-07 12:41 - 2015-07-03 18:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-03-07 12:41 - 2015-07-03 18:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-03-07 12:41 - 2015-08-19 22:39 - 00704192 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-07-22 08:55 - 2015-07-27 03:13 - 00171008 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll
2015-09-22 21:15 - 2015-09-22 21:15 - 00155232 ___HT () C:\Users\Petr\AppData\Local\Temp\~DD97.tmp
2015-05-19 13:56 - 2015-05-05 06:06 - 01252680 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.152\libglesv2.dll
2015-05-19 13:56 - 2015-05-05 06:06 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.152\libegl.dll
2015-03-07 12:41 - 2015-07-03 18:12 - 39553928 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-07-18 09:11 - 2015-07-13 10:14 - 16307888 _____ () C:\Users\Petr\AppData\Local\Google\Chrome\User Data\PepperFlash\18.0.0.209\pepflashplayer.dll
2015-09-21 15:39 - 2015-09-21 15:39 - 00198144 _____ () D:\Medieval Warfare\steamapps\common\Counter-Strike Global Offensive\bin\launcher.dll
2015-09-21 15:39 - 2015-09-21 15:39 - 00317440 _____ () D:\Medieval Warfare\steamapps\common\Counter-Strike Global Offensive\bin\tier0.dll
2015-09-21 15:39 - 2015-09-21 15:39 - 00203776 _____ () D:\Medieval Warfare\steamapps\common\Counter-Strike Global Offensive\bin\vstdlib.dll
2015-09-21 15:39 - 2015-09-21 15:39 - 00389120 _____ () D:\Medieval Warfare\steamapps\common\Counter-Strike Global Offensive\bin\filesystem_stdio.dll
2015-09-21 15:39 - 2015-09-21 15:39 - 06686208 _____ () d:\medieval warfare\steamapps\common\counter-strike global offensive\bin\engine.dll
2015-09-21 15:39 - 2015-09-21 15:39 - 00156160 _____ () d:\medieval warfare\steamapps\common\counter-strike global offensive\bin\inputsystem.dll
2015-09-21 15:39 - 2015-09-21 15:39 - 01174016 _____ () d:\medieval warfare\steamapps\common\counter-strike global offensive\bin\vphysics.dll
2015-09-21 15:39 - 2015-09-21 15:39 - 01240064 _____ () d:\medieval warfare\steamapps\common\counter-strike global offensive\bin\materialsystem.dll
2015-09-21 15:39 - 2015-09-21 15:39 - 00351744 _____ () d:\medieval warfare\steamapps\common\counter-strike global offensive\bin\datacache.dll
2015-09-21 15:39 - 2015-09-21 15:39 - 00607744 _____ () d:\medieval warfare\steamapps\common\counter-strike global offensive\bin\studiorender.dll
2015-09-21 15:39 - 2015-09-21 15:39 - 00164864 _____ () d:\medieval warfare\steamapps\common\counter-strike global offensive\bin\soundemittersystem.dll
2015-09-21 15:39 - 2015-09-21 15:39 - 00708096 _____ () d:\medieval warfare\steamapps\common\counter-strike global offensive\bin\vscript.dll
2015-09-21 15:39 - 2015-09-21 15:39 - 00134656 _____ () d:\medieval warfare\steamapps\common\counter-strike global offensive\bin\valve_avi.dll
2015-09-21 15:39 - 2015-09-21 15:39 - 01336320 _____ () d:\medieval warfare\steamapps\common\counter-strike global offensive\bin\vguimatsurface.dll
2015-09-21 15:39 - 2015-09-21 15:39 - 00394752 _____ () d:\medieval warfare\steamapps\common\counter-strike global offensive\bin\vgui2.dll
2015-09-21 15:39 - 2015-09-21 15:39 - 03192320 _____ () d:\medieval warfare\steamapps\common\counter-strike global offensive\bin\scaleformui.dll
2015-09-21 15:39 - 2015-09-21 15:39 - 01762816 _____ () D:\Medieval Warfare\steamapps\common\Counter-Strike Global Offensive\bin\shaderapidx9.dll
2015-09-21 15:39 - 2015-09-21 15:39 - 00143360 _____ () d:\medieval warfare\steamapps\common\counter-strike global offensive\bin\localize.dll
2015-09-21 15:39 - 2015-09-21 15:39 - 00230912 _____ () d:\medieval warfare\steamapps\common\counter-strike global offensive\bin\stdshader_dbg.dll
2015-09-21 15:39 - 2015-09-21 15:39 - 00996864 _____ () d:\medieval warfare\steamapps\common\counter-strike global offensive\bin\stdshader_dx9.dll
2015-09-21 15:39 - 2015-09-21 15:39 - 00582144 _____ () d:\medieval warfare\steamapps\common\counter-strike global offensive\csgo\bin\matchmaking.dll
2015-09-21 15:39 - 2015-09-21 15:39 - 12464640 _____ () d:\medieval warfare\steamapps\common\counter-strike global offensive\csgo\bin\client.dll
2015-09-21 15:39 - 2015-09-21 15:39 - 09998336 _____ () d:\medieval warfare\steamapps\common\counter-strike global offensive\csgo\bin\server.dll
2015-09-21 15:39 - 2015-09-21 15:39 - 00094208 _____ () D:\Medieval Warfare\steamapps\common\Counter-Strike Global Offensive\bin\scenefilecache.dll
2015-09-21 15:39 - 2015-09-21 15:39 - 00084992 _____ () d:\medieval warfare\steamapps\common\counter-strike global offensive\bin\vaudio_miles.dll
2015-09-21 15:39 - 2015-09-21 15:39 - 00071680 _____ () d:\medieval warfare\steamapps\common\counter-strike global offensive\bin\mssmp3.asi
2015-09-21 15:39 - 2015-09-21 15:39 - 00012800 _____ () d:\medieval warfare\steamapps\common\counter-strike global offensive\bin\mssds3d.flt
2015-09-21 15:39 - 2015-09-21 15:39 - 00055808 _____ () d:\medieval warfare\steamapps\common\counter-strike global offensive\bin\msseax.flt
2015-09-21 15:39 - 2015-09-21 15:39 - 00972800 _____ () d:\medieval warfare\steamapps\common\counter-strike global offensive\bin\serverbrowser.dll
2015-09-21 15:39 - 2015-09-21 15:39 - 00173568 _____ () d:\medieval warfare\steamapps\common\counter-strike global offensive\bin\vaudio_celt.dll
2014-02-28 15:33 - 2015-08-19 10:37 - 00153576 _____ () D:\TeamSpeak\quazip.dll
2014-08-04 15:43 - 2015-08-19 10:37 - 00090088 _____ () D:\TeamSpeak\soundbackends\directsound_win32.dll
2014-08-04 15:43 - 2015-08-19 10:37 - 00103400 _____ () D:\TeamSpeak\soundbackends\windowsaudiosession_win32.dll
2014-08-04 15:45 - 2015-08-19 10:37 - 00260072 _____ () D:\TeamSpeak\plugins\clientquery_plugin.dll
2014-08-04 15:45 - 2015-08-19 10:37 - 00369640 _____ () D:\TeamSpeak\plugins\teamspeak_control_plugin.dll
2014-06-05 15:35 - 2015-08-19 10:37 - 00271360 _____ () D:\TeamSpeak\ssleay32.dll
2014-06-05 15:35 - 2015-08-19 10:37 - 01300992 _____ () D:\TeamSpeak\LIBEAY32.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Petr\OneDrive:ms-properties

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-445612871-1141213351-4147861920-1001\...\aeriagames.com -> hxxps://aeriagames.com
IE trusted site: HKU\S-1-5-21-445612871-1141213351-4147861920-1001\...\aeriagames.com -> hxxp://aeriagames.com


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-445612871-1141213351-4147861920-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Petr\Pictures\vp.png
DNS Servers: 192.168.98.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-445612871-1141213351-4147861920-1001\...\StartupApproved\StartupFolder: => "FIFA 15 Ultimate Team Edition+DLC-MULTi15-SG.lnk"
HKU\S-1-5-21-445612871-1141213351-4147861920-1001\...\StartupApproved\Run: => "DAEMON Tools Lite"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [UDP Query User{49E0FB00-3A5E-4F0C-87C2-58AA023E06DC}D:\medieval warfare\steamapps\common\war thunder\aces.exe] => (Allow) D:\medieval warfare\steamapps\common\war thunder\aces.exe
FirewallRules: [TCP Query User{3005C4B8-18F3-4F88-A21E-27F213E265FF}D:\medieval warfare\steamapps\common\war thunder\aces.exe] => (Allow) D:\medieval warfare\steamapps\common\war thunder\aces.exe
FirewallRules: [{52CAA57E-6735-44CC-BD2D-EAFB0868E024}] => (Allow) D:\Medieval Warfare\steamapps\common\War Thunder\launcher.exe
FirewallRules: [{129A495E-3CB9-4B0A-883D-CCC18A38E5B1}] => (Allow) D:\Medieval Warfare\steamapps\common\War Thunder\launcher.exe
FirewallRules: [UDP Query User{09B5EBCA-BB72-49D7-AC7B-4BA970D68E7C}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{FEB5331E-3554-43C3-884A-F8A9E4F7D936}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{CC4823B1-C0AC-431D-BACD-998AD999662B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B4A5F418-BED2-49F9-816D-57394248B233}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E99906AA-91CD-4841-9661-8811FD4747AC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{D480FE31-1C68-4117-8645-382878B2E717}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{493122D4-7996-4B89-8E9B-9F7CA2DDD619}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{84377D77-3856-4BBC-A31C-17340F7311AE}] => (Allow) D:\Medieval Warfare\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{C91675CB-8842-4F16-A691-EF18431D2B20}] => (Allow) D:\Medieval Warfare\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{810BD7C9-9421-4678-9F8C-D3B3B44295F9}] => (Allow) D:\Medieval Warfare\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{7E1D8F00-7A99-46C0-AC12-641623D60B53}] => (Allow) D:\Medieval Warfare\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{65BB544C-DD2B-40A4-B051-CED36279801C}] => (Allow) D:\Medieval Warfare\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{87EF6E42-127A-4419-A7AF-4C5DA847983A}] => (Allow) D:\Medieval Warfare\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{9CCE1884-CC3F-485E-A2B5-7E3335513898}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{DEB189A1-41FA-4ECF-BBF8-409F08891F8E}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{B1C8BF1B-60C0-4E19-B1F9-8020773E4622}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{775A840B-0497-4F38-B088-1B2E299678C9}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{2ED64617-EDBF-4263-A610-518BAEF175A8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [UDP Query User{828DCF7F-3E36-4F90-8729-C450D2E146E2}E:\gta\gta5.exe] => (Allow) E:\gta\gta5.exe
FirewallRules: [TCP Query User{1CD74BBF-E627-4F54-8293-D829C68615BF}E:\gta\gta5.exe] => (Allow) E:\gta\gta5.exe
FirewallRules: [{F0797156-4BA8-414E-8EB0-E794C054320F}] => (Allow) D:\Hearthstone\Hearthstone\Hearthstone.exe
FirewallRules: [{C3C8C13C-754D-44CE-9182-8050BE027D7F}] => (Allow) D:\Hearthstone\Hearthstone\Hearthstone.exe
FirewallRules: [{02A66E30-CD31-4CAC-838E-7735333FD2EB}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{80D84541-DE18-4B98-9AA3-D48047265C57}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [UDP Query User{7211C18F-BD4F-48BD-86B8-9F58EAA4FD82}D:\goat simulator\goat simulator\binaries\win32\goatgame-win32-shipping.exe] => (Allow) D:\goat simulator\goat simulator\binaries\win32\goatgame-win32-shipping.exe
FirewallRules: [TCP Query User{202A6266-1526-4699-A139-069B901A8A67}D:\goat simulator\goat simulator\binaries\win32\goatgame-win32-shipping.exe] => (Allow) D:\goat simulator\goat simulator\binaries\win32\goatgame-win32-shipping.exe
FirewallRules: [UDP Query User{0209E191-1A92-49F6-BDC2-105D10A0989D}C:\users\petr\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\petr\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{9BA5E365-2686-4113-BCF3-064928703D98}C:\users\petr\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\petr\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{3A44092E-400E-41BB-AE16-876600972DF3}D:\wolfenstein\wolfenstein. the new order\wolfneworder_x64.exe] => (Allow) D:\wolfenstein\wolfenstein. the new order\wolfneworder_x64.exe
FirewallRules: [TCP Query User{DEE70ACF-714A-444A-9F99-B22D5BC969CA}D:\wolfenstein\wolfenstein. the new order\wolfneworder_x64.exe] => (Allow) D:\wolfenstein\wolfenstein. the new order\wolfneworder_x64.exe
FirewallRules: [UDP Query User{00CC87CB-B5CA-46F1-B215-69173FC4E66E}D:\dying light\dying light\dyinglightgame.exe] => (Allow) D:\dying light\dying light\dyinglightgame.exe
FirewallRules: [TCP Query User{6B97B3DD-2BD1-4EBA-8A65-128A59405E80}D:\dying light\dying light\dyinglightgame.exe] => (Allow) D:\dying light\dying light\dyinglightgame.exe
FirewallRules: [UDP Query User{AFBB1F37-6376-46E4-8097-AF5AF2BC44D5}D:\far cry 4. gold edition\bin\farcry4.exe] => (Allow) D:\far cry 4. gold edition\bin\farcry4.exe
FirewallRules: [TCP Query User{44E8EE2A-1490-42DF-9C53-93DF10E64267}D:\far cry 4. gold edition\bin\farcry4.exe] => (Allow) D:\far cry 4. gold edition\bin\farcry4.exe
FirewallRules: [{DD641525-886B-4824-83CC-328DC942CC04}] => (Allow) C:\Users\Petr\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{1C0722EC-9F97-4042-ACDC-2D99D76CD577}] => (Allow) C:\Users\Petr\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{E2FA303D-12C6-42A3-A7D6-0ED9C5D63A49}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{66E9EBFB-1CA5-4FA9-AEA4-2E77CD957ACB}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{3D415A33-F48B-486A-983D-A9A8D6182732}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{A9E9C957-BE20-40D7-B82E-C9F2F787F82F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{B5A8B3DD-44FA-45C1-948B-134BCC491F0F}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{57643A56-B5B3-4433-B681-BEC8A8814CF9}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{50ED5B76-8193-4650-BAD9-7BA3DB4A7196}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{D82DB735-0C65-452C-B78A-76503CEE07C0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{80CB8804-2431-4553-A2F2-0FEDD1557269}] => (Allow) C:\Users\Administrator\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{381FBE05-FDDB-4341-9A5C-625040E9AB59}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{8EA55D95-B910-4033-B130-BC88F5F1E4BE}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{04F95360-3CCC-45EF-9CDA-68701D37A5D3}] => (Allow) E:\Rocket League\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{C34090A1-C79A-48CC-B78D-F2F9D50A53B4}] => (Allow) E:\Rocket League\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{9AFD080D-7065-470C-8A86-661B027ED736}] => (Allow) D:\Medieval Warfare\steamapps\common\Amnesia The Dark Descent\Amnesia.exe
FirewallRules: [{60F11B07-1D65-4E9C-ADBC-85C873756E9A}] => (Allow) D:\Medieval Warfare\steamapps\common\Amnesia The Dark Descent\Amnesia.exe
FirewallRules: [{CF2E5744-6337-4710-8D98-212ACD3C90EC}] => (Allow) D:\Medieval Warfare\steamapps\common\Amnesia The Dark Descent\Launcher.exe
FirewallRules: [{46B3F847-F600-4438-BE39-F91BA9B89130}] => (Allow) D:\Medieval Warfare\steamapps\common\Amnesia The Dark Descent\Launcher.exe
FirewallRules: [{1FA5392E-F615-44EF-A5B4-8A481E5511F7}] => (Allow) D:\Medieval Warfare\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{4DAA97B5-239F-4B41-92B2-C074EF404FD7}] => (Allow) D:\Medieval Warfare\steamapps\common\Counter-Strike Global Offensive\csgo.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/22/2015 02:16:40 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program chrome.exe verze 42.0.2311.152 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: 22fc

Čas spuštění: 01d0f52c029e2b34

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

ID hlášení: c6f3bbaf-6123-11e5-8283-d8cb8a1c034a

Úplný název balíčku s chybou:

ID aplikace související s balíčkem s chybou:

Error: (09/21/2015 03:33:40 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PETRPC)
Description: Aplikaci Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (09/21/2015 01:57:43 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (4136) Nový soubor protokolu se nedá vytvořit, protože databáze nemůže zapisovat na jednotku protokolu. Jednotka může být jen pro čtení, špatně nakonfigurovaná nebo poškozená nebo na ní nemusí být dost místa. Chyba: -1032

Error: (09/21/2015 01:57:43 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (4136) Pokus o vytvoření souboru C:\WINDOWS\system32\edbtmp.log selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace vytvoření souboru selže a dojde k chybě -1032 (0xfffffbf8).

Error: (09/21/2015 01:57:33 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (4136) Nový soubor protokolu se nedá vytvořit, protože databáze nemůže zapisovat na jednotku protokolu. Jednotka může být jen pro čtení, špatně nakonfigurovaná nebo poškozená nebo na ní nemusí být dost místa. Chyba: -1032

Error: (09/21/2015 01:57:33 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (4136) Pokus o vytvoření souboru C:\WINDOWS\system32\edbtmp.log selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace vytvoření souboru selže a dojde k chybě -1032 (0xfffffbf8).

Error: (09/21/2015 01:57:23 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (4136) Nový soubor protokolu se nedá vytvořit, protože databáze nemůže zapisovat na jednotku protokolu. Jednotka může být jen pro čtení, špatně nakonfigurovaná nebo poškozená nebo na ní nemusí být dost místa. Chyba: -1032

Error: (09/21/2015 01:57:23 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (4136) Pokus o vytvoření souboru C:\WINDOWS\system32\edbtmp.log selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace vytvoření souboru selže a dojde k chybě -1032 (0xfffffbf8).

Error: (09/21/2015 01:57:13 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (4136) Nový soubor protokolu se nedá vytvořit, protože databáze nemůže zapisovat na jednotku protokolu. Jednotka může být jen pro čtení, špatně nakonfigurovaná nebo poškozená nebo na ní nemusí být dost místa. Chyba: -1032

Error: (09/21/2015 01:57:13 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (4136) Pokus o vytvoření souboru C:\WINDOWS\system32\edbtmp.log selhal. Došlo k systémové chybě 5 (0x00000005): Přístup byl odepřen. . Operace vytvoření souboru selže a dojde k chybě -1032 (0xfffffbf8).


System errors:
=============
Error: (09/22/2015 07:08:21 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}

Error: (09/22/2015 04:13:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Přístup k uživatelským datům_Session1 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (09/22/2015 04:13:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Úložiště uživatelských dat_Session1 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (09/22/2015 04:13:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Data kontaktů_Session1 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (09/22/2015 04:13:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Hostitel synchronizace_Session1 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (09/22/2015 01:47:00 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}

Error: (09/21/2015 10:11:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Přístup k uživatelským datům_Session3 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (09/21/2015 10:11:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Úložiště uživatelských dat_Session3 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (09/21/2015 10:11:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Data kontaktů_Session3 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (09/21/2015 10:11:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Hostitel synchronizace_Session3 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.


==================== Memory info ===========================

Processor: Intel(R) Xeon(R) CPU E3-1231 v3 @ 3.40GHz
Percentage of memory in use: 64%
Total physical RAM: 16311.93 MB
Available physical RAM: 5774.77 MB
Total Virtual: 18999.93 MB
Available Virtual: 5706.56 MB

==================== Drives ================================

Drive c: (SSD) (Fixed) (Total:110.83 GB) (Free:53.57 GB) NTFS
Drive d: () (Fixed) (Total:310.55 GB) (Free:77.45 GB) NTFS
Drive e: () (Fixed) (Total:310.16 GB) (Free:160.59 GB) NTFS
Drive f: () (Fixed) (Total:310.68 GB) (Free:310.55 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================

Teď spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

# AdwCleaner v5.008 - Logfile created 22/09/2015 at 22:47:26
# Updated 18/09/2015 by Xplode
# Database : 2015-09-22.3 [Server]
# Operating system : Windows 10 Home (x64)
# Username : Petr - PETRPC
# Running from : C:\Users\Petr\Downloads\adwcleaner_5.008.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****

[-] Folder Deleted : C:\ProgramData\14196104498157475577
[-] Folder Deleted : C:\ProgramData\{a31138c9-72f2-8ce3-a311-138c972fe325}
[-] Folder Deleted : C:\ProgramData\hahmckggcdddgmaembnpjndopocoaeii

***** [ Files ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
[-] Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
[-] Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{ea614400-e918-4741-9a97-7a972ff7c30b}]
[-] Key Deleted : HKCU\Software\WEBAPP
[!] Key Not Deleted : [x64] HKCU\Software\WEBAPP
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\464AA55239C100F32AF2D438EDDC0F47
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5652BA3D5FB98AE31B337BF0AF939856
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EB95E1AFCBABE3DB9ECCC669B99494

***** [ Web browsers ] *****


*************************

:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1555 bytes] ##########

Dejte nový log FRST.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:23-09-2015
Ran by Petr (administrator) on PETRPC (23-09-2015 19:46:15)
Running from C:\Users\Petr\Downloads
Loaded Profiles: Petr (Available Profiles: Petr)
Platform: Windows 10 Home (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(MICRO-STAR INTERNATIONAL CO., LTD.) C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(MSI) C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
() C:\Windows\System32\PnkBstrA.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Akamai Technologies, Inc.) C:\Users\Petr\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Petr\AppData\Local\Akamai\netsession_win.exe
(© 2015 Microsoft Corporation) C:\Users\Petr\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
(SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe
(MSI) C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [MBCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64
HKLM\...\Run: [ISCT Tray] => C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe [5860656 2014-04-24] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-27] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5595848 2015-07-08] (ESET)
HKLM-x32\...\Run: [Sound Blaster Cinema] => C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe [711680 2013-08-16] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [Super Charger] => C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe [1014736 2014-07-22] (MSI)
HKU\S-1-5-21-445612871-1141213351-4147861920-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2899136 2015-08-19] (Valve Corporation)
HKU\S-1-5-21-445612871-1141213351-4147861920-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Petr\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-445612871-1141213351-4147861920-1001\...\Run: [BingSvc] => C:\Users\Petr\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-04-07] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-445612871-1141213351-4147861920-1001\...\Run: [GoogleChromeAutoLaunch_795A6C1EC44E0A41F3030B5EF87A210A] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [812872 2015-05-05] (Google Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Petr\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64\FileSyncShell64.dll [2015-09-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Petr\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64\FileSyncShell64.dll [2015-09-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Petr\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64\FileSyncShell64.dll [2015-09-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Petr\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\FileSyncShell.dll [2015-09-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Petr\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\FileSyncShell.dll [2015-09-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Petr\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\FileSyncShell.dll [2015-09-15] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2015-03-05]
ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{4692B750-DE88-4DCF-9163-745AF5604B24}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2015-08-25]
ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.98.1
Tcpip\..\Interfaces\{4afffb08-0cd9-44fd-a1f4-dcd805bb1cec}: [DhcpNameServer] 192.168.98.1

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-445612871-1141213351-4147861920-1001 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-445612871-1141213351-4147861920-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SK2MDF&PC=SK2M ... -SearchBox
SearchScopes: HKU\S-1-5-21-445612871-1141213351-4147861920-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-23] (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-18] (Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-23] (Google Inc.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-18] (Oracle Corporation)
BHO-x32: Lištička -> {EA837F48-5AD1-443E-AE34-FFE03CBF3099} -> C:\Program Files (x86)\Seznam.cz\bin\listicka.dll [2012-04-16] ()
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-23] (Google Inc.)
Toolbar: HKLM-x32 - Nástroje Lištičky - {1EA00BE1-6E54-4E2A-8099-680300BF23E1} - C:\Program Files (x86)\Seznam.cz\bin\toolbar\toolbar.dll [2012-04-16] ()
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-23] (Google Inc.)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)

FireFox:
========
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [No File]
FF Plugin: @esn/npbattlelog,version=2.7.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelogx64.dll [2015-04-23] (EA Digital Illusions CE AB)
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [No File]
FF Plugin-x32: @esn/npbattlelog,version=2.7.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelog.dll [2015-04-23] (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-04-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-04-03] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-18] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-25] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-25] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Steam inventory helper) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2015-06-21]
CHR Extension: (LoungeDestroyer) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghahcnmfjfckcedfajbhekgknjdplfcl [2015-05-19]
CHR Extension: (AdBlock) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-05-19]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-07]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1353720 2015-07-08] (ESET)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-27] (NVIDIA Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [209712 2014-04-24] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-04-03] (Intel Corporation)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [162800 2014-03-17] (MSI)
R2 MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [30240 2013-09-26] (MICRO-STAR INTERNATIONAL CO., LTD.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-27] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-27] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2004488 2015-07-18] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-03-13] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-03-13] ()
R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [344576 2014-04-17] (Qualcomm Atheros) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 BfLwf; C:\Windows\system32\DRIVERS\bwcW8x64.sys [82608 2014-04-10] (Qualcomm Atheros, Inc.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [246000 2015-03-10] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [251632 2015-07-14] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [169792 2015-03-10] (ESET)
R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [159480 2015-03-10] (ESET)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [22216 2014-02-03] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [22728 2014-02-03] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [25800 2014-04-03] ()
R3 ISCT; C:\Windows\System32\drivers\ISCTD.sys [44744 2014-02-03] ()
R3 Ke2200; C:\Windows\System32\drivers\e22w8x64.sys [130224 2014-03-27] (Qualcomm Atheros, Inc.)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [118272 2014-04-03] (Intel Corporation)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-08-27] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R3 ssdevfactory; C:\Windows\System32\drivers\ssdevfactory.sys [32792 2015-06-01] (SteelSeries ApS)
R3 sshid; C:\Windows\System32\drivers\sshid.sys [43616 2015-06-01] (SteelSeries ApS)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-23 19:46 - 2015-09-23 19:46 - 00019147 _____ C:\Users\Petr\Downloads\FRST.txt
2015-09-23 19:45 - 2015-09-23 19:46 - 02192384 _____ (Farbar) C:\Users\Petr\Downloads\FRST64.exe
2015-09-23 19:08 - 2015-09-23 19:08 - 00000000 ___HD C:\OneDriveTemp
2015-09-23 19:07 - 2015-09-23 19:07 - 00016148 _____ C:\WINDOWS\system32\PETRPC_Petr_HistoryPrediction.bin
2015-09-22 22:48 - 2015-09-22 22:48 - 00000141 _____ C:\WINDOWS\setupact.log
2015-09-22 22:48 - 2015-09-22 22:48 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-09-22 22:46 - 2015-09-22 22:47 - 00000000 ____D C:\AdwCleaner
2015-09-22 21:47 - 2015-09-23 19:46 - 00000000 ____D C:\FRST
2015-09-21 17:06 - 2015-09-23 19:08 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-09-21 15:51 - 2015-09-21 15:51 - 00018435 _____ C:\WINDOWS\DirectX.log
2015-09-21 15:39 - 2015-09-21 15:39 - 00000219 _____ C:\Users\Petr\Desktop\Counter-Strike Global Offensive.url
2015-09-21 15:26 - 2015-09-21 15:26 - 06666544 _____ (Piriform Ltd) C:\Users\Petr\Downloads\ccsetup509pro.exe
2015-09-15 23:05 - 2015-09-15 23:05 - 00000000 ____D C:\Users\Petr\Documents\Amnesia
2015-09-15 23:02 - 2015-09-15 23:02 - 00000221 _____ C:\Users\Petr\Desktop\Amnesia The Dark Descent.url
2015-09-10 14:15 - 2015-09-10 14:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2015-09-10 14:15 - 2015-09-10 14:15 - 00000000 ____D C:\ProgramData\ESET
2015-09-09 13:59 - 2015-09-02 03:20 - 00077400 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-09-09 13:59 - 2015-09-02 02:25 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-09-09 13:59 - 2015-09-02 02:25 - 01382912 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-09-09 13:59 - 2015-08-27 08:36 - 03620736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-09-09 13:59 - 2015-08-27 08:32 - 00608936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-09-09 13:59 - 2015-08-27 08:04 - 21874688 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-09-09 13:59 - 2015-08-27 07:59 - 02880032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-09-09 13:59 - 2015-08-27 07:55 - 24594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-09-09 13:59 - 2015-08-27 07:54 - 00541248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-09-09 13:59 - 2015-08-27 07:54 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-09-09 13:59 - 2015-08-27 07:51 - 02350592 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-09-09 13:59 - 2015-08-27 07:51 - 01774592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-09-09 13:59 - 2015-08-27 07:49 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2015-09-09 13:59 - 2015-08-27 07:47 - 12503552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-09-09 13:59 - 2015-08-27 07:43 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-09-09 13:59 - 2015-08-27 07:43 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-09-09 13:59 - 2015-08-27 07:42 - 00596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2015-09-09 13:59 - 2015-08-27 07:42 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-09-09 13:59 - 2015-08-27 07:42 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.PicturePassword.dll
2015-09-09 13:59 - 2015-08-27 07:42 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2015-09-09 13:59 - 2015-08-27 07:39 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-09-09 13:59 - 2015-08-27 07:23 - 19324416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-09-09 13:59 - 2015-08-27 07:23 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-09-09 13:59 - 2015-08-27 07:16 - 18806272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-09-09 13:59 - 2015-08-27 07:16 - 02153472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-09-09 13:59 - 2015-08-27 07:16 - 01612288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2015-09-09 13:59 - 2015-08-27 07:12 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-09-09 13:59 - 2015-08-27 07:12 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-09-09 13:59 - 2015-08-27 07:11 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2015-09-09 13:59 - 2015-08-27 07:11 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2015-09-09 13:59 - 2015-08-27 07:09 - 11262464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-09-09 13:59 - 2015-08-27 07:08 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-09-07 21:35 - 2015-08-25 16:18 - 00574072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2015-09-07 21:33 - 2015-09-07 21:34 - 304583336 _____ (NVIDIA Corporation) C:\Users\Petr\Downloads\355.82-desktop-win10-64bit-international-whql.exe
2015-08-31 21:59 - 2015-08-25 20:38 - 42840184 _____ C:\WINDOWS\system32\nvcompiler.dll
2015-08-31 21:59 - 2015-08-25 20:38 - 37819184 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-08-31 21:59 - 2015-08-25 20:38 - 22559352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-08-31 21:59 - 2015-08-25 20:38 - 18569336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-08-31 21:59 - 2015-08-25 20:38 - 16646624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-08-31 21:59 - 2015-08-25 20:38 - 15630616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-08-31 21:59 - 2015-08-25 20:38 - 14945552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-08-31 21:59 - 2015-08-25 20:38 - 13667032 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-08-31 21:59 - 2015-08-25 20:38 - 12192048 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-08-31 21:59 - 2015-08-25 20:38 - 02354808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-08-31 21:59 - 2015-08-25 20:38 - 02105976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-08-31 21:59 - 2015-08-25 20:38 - 01898104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435582.dll
2015-08-31 21:59 - 2015-08-25 20:38 - 01558648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435582.dll
2015-08-31 21:59 - 2015-08-25 20:38 - 01178576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2015-08-31 21:59 - 2015-08-25 20:38 - 01075320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-08-31 21:59 - 2015-08-25 20:38 - 01064752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-08-31 21:59 - 2015-08-25 20:38 - 01001440 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2015-08-31 21:59 - 2015-08-25 20:38 - 00986232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-08-31 21:59 - 2015-08-25 20:38 - 00945272 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-08-31 21:59 - 2015-08-25 20:38 - 00787200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2015-08-31 21:59 - 2015-08-25 20:38 - 00785152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2015-08-31 21:59 - 2015-08-25 20:38 - 00632848 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2015-08-31 21:59 - 2015-08-25 20:38 - 00631312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2015-08-31 21:59 - 2015-08-25 20:38 - 00601240 _____ C:\WINDOWS\system32\nvmcumd.dll
2015-08-31 21:59 - 2015-08-25 20:38 - 00408368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2015-08-31 21:59 - 2015-08-25 20:38 - 00387536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2015-08-31 21:59 - 2015-08-25 20:38 - 00376440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2015-08-31 21:59 - 2015-08-25 20:38 - 00364152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2015-08-31 21:59 - 2015-08-25 20:38 - 00339576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2015-08-31 21:59 - 2015-08-25 20:38 - 00316120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2015-08-31 21:59 - 2015-08-25 20:38 - 00176904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-08-31 21:59 - 2015-08-25 20:38 - 00155976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-08-31 21:59 - 2015-08-25 20:38 - 00150648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-08-31 21:59 - 2015-08-25 20:38 - 00128512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2015-08-31 21:58 - 2015-08-11 06:52 - 00069416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2015-08-31 10:00 - 2015-09-13 03:15 - 00007604 _____ C:\Users\Petr\AppData\Local\Resmon.ResmonCfg
2015-08-30 13:19 - 2015-08-30 13:19 - 00000000 ____H C:\Users\Petr\Documents\Default.rdp
2015-08-29 16:45 - 2015-08-29 16:45 - 00000222 _____ C:\Users\Petr\Desktop\Rocket League.url
2015-08-27 22:51 - 2015-08-20 08:07 - 08019296 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-08-27 22:51 - 2015-08-20 08:06 - 00609592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-08-27 22:51 - 2015-08-20 08:02 - 22324656 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-08-27 22:51 - 2015-08-20 07:26 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2015-08-27 22:51 - 2015-08-20 07:21 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2015-08-27 22:51 - 2015-08-20 07:16 - 20857848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-08-27 22:51 - 2015-08-20 07:13 - 02235904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-08-27 22:51 - 2015-08-18 09:56 - 02498808 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-27 22:51 - 2015-08-18 09:55 - 00373072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2015-08-27 22:51 - 2015-08-18 09:54 - 01396064 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-08-27 22:51 - 2015-08-18 09:27 - 01771592 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-08-27 22:51 - 2015-08-18 09:24 - 00963920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-08-27 22:51 - 2015-08-18 09:13 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2015-08-27 22:51 - 2015-08-18 09:13 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2015-08-27 22:51 - 2015-08-18 09:12 - 02225664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-08-27 22:51 - 2015-08-18 09:07 - 02226688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2015-08-27 22:51 - 2015-08-18 09:04 - 01234944 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2015-08-27 22:51 - 2015-08-18 09:04 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-08-27 22:51 - 2015-08-18 08:59 - 01294336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcnwiz.dll
2015-08-27 22:51 - 2015-08-18 08:59 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnApi.dll
2015-08-27 22:51 - 2015-08-18 08:58 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2015-08-27 22:51 - 2015-08-18 08:58 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWCN.dll
2015-08-27 22:51 - 2015-08-18 08:58 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWCN.dll
2015-08-27 22:51 - 2015-08-18 08:58 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnNetsh.dll
2015-08-27 22:51 - 2015-08-18 08:57 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2015-08-27 22:51 - 2015-08-18 08:56 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2015-08-27 22:51 - 2015-08-18 08:55 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-08-27 22:51 - 2015-08-18 08:54 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2015-08-27 22:51 - 2015-08-18 08:54 - 00247296 _____ C:\WINDOWS\system32\facecredentialprovider.dll
2015-08-27 22:51 - 2015-08-18 08:52 - 01888768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-08-27 22:51 - 2015-08-18 08:50 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-08-27 22:51 - 2015-08-18 08:49 - 01061888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2015-08-27 22:51 - 2015-08-18 08:49 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2015-08-27 22:51 - 2015-08-18 08:49 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2015-08-27 22:51 - 2015-08-18 08:36 - 01226752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcnwiz.dll
2015-08-27 22:51 - 2015-08-18 08:35 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WcnApi.dll
2015-08-27 22:51 - 2015-08-18 08:35 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWCN.dll
2015-08-27 22:51 - 2015-08-18 08:34 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2015-08-27 22:51 - 2015-08-18 08:29 - 01593344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-08-27 22:51 - 2015-08-18 08:26 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2015-08-27 22:51 - 2015-08-18 06:44 - 00008847 _____ C:\WINDOWS\system32\ResPriHMImageList
2015-08-27 12:04 - 2015-08-27 12:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-08-25 22:48 - 2015-08-25 22:48 - 81920992 _____ C:\Users\Petr\Downloads\SteelSeriesEngine3.4.3Setup.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-23 19:41 - 2015-05-15 12:31 - 00000974 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d08efa5e2abc71.job
2015-09-23 19:38 - 2015-03-05 15:21 - 00000974 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-23 19:11 - 2015-03-23 19:43 - 00004190 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{8D7607D7-2A7E-4093-B135-4ACC521F7AF7}
2015-09-23 19:08 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-09-23 19:08 - 2015-03-07 12:18 - 00000000 ___DO C:\Users\Petr\OneDrive
2015-09-23 19:07 - 2015-03-07 12:40 - 00000000 ____D C:\Program Files (x86)\Steam
2015-09-23 19:07 - 2015-03-05 15:21 - 00000970 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-23 13:53 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-09-22 22:54 - 2015-08-05 22:12 - 01762290 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-09-22 22:54 - 2015-07-10 18:02 - 00745406 _____ C:\WINDOWS\system32\perfh005.dat
2015-09-22 22:54 - 2015-07-10 18:02 - 00149344 _____ C:\WINDOWS\system32\perfc005.dat
2015-09-22 22:50 - 2015-03-07 12:15 - 00126929 _____ C:\WINDOWS\SysWOW64\Gms.log
2015-09-22 22:48 - 2015-07-10 14:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-09-22 22:48 - 2015-03-05 15:31 - 00000000 ____D C:\ProgramData\NVIDIA
2015-09-22 22:47 - 2015-07-10 11:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-09-22 22:07 - 2015-04-01 14:09 - 00000000 ____D C:\Users\Petr\AppData\Roaming\TS3Client
2015-09-22 21:13 - 2015-04-09 16:59 - 00000000 ____D C:\Program Files\WinRAR
2015-09-22 21:09 - 2015-04-15 14:46 - 00000080 _____ C:\Users\Petr\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦
2015-09-22 19:05 - 2015-04-03 18:38 - 00000000 ____D C:\Users\Petr\AppData\Local\Akamai
2015-09-22 14:31 - 2015-07-10 12:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-09-21 15:57 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-09-21 15:33 - 2015-08-05 22:03 - 00000000 ____D C:\Users\Petr
2015-09-21 15:28 - 2015-08-05 22:58 - 00000000 ___DC C:\WINDOWS\Panther
2015-09-21 15:28 - 2015-03-16 22:28 - 00000000 ____D C:\Users\Petr\AppData\Roaming\BitTorrent
2015-09-21 15:28 - 2015-03-11 17:21 - 00000000 ____D C:\Users\Petr\AppData\Roaming\DAEMON Tools Lite
2015-09-21 15:21 - 2015-03-07 12:45 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-09-20 21:05 - 2015-07-20 11:13 - 00000000 ____D C:\Users\Petr\AppData\Local\SteelSeries Engine 3 Client
2015-09-19 23:38 - 2015-07-19 21:25 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Skype
2015-09-16 11:36 - 2015-05-15 12:31 - 00004062 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1d08efa5e2abc71
2015-09-16 11:36 - 2015-03-05 15:21 - 00003800 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-16 10:52 - 2015-03-07 12:18 - 00000000 ____D C:\Users\Petr\AppData\Local\Packages
2015-09-15 21:20 - 2015-08-05 22:10 - 00002395 _____ C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-09-13 16:54 - 2015-03-15 22:35 - 00000000 ____D C:\LOL
2015-09-12 05:53 - 2015-04-06 11:39 - 00000000 ____D C:\Users\Petr\AppData\Local\Battle.net
2015-09-10 14:20 - 2015-03-13 01:07 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-09-10 14:17 - 2015-07-10 14:20 - 00360936 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-09-10 14:16 - 2015-07-10 18:05 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-10 14:16 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-09-10 12:59 - 2015-03-07 12:18 - 00000000 ____D C:\Users\Petr\AppData\Local\Google
2015-09-09 21:03 - 2015-03-11 16:49 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-09-07 21:36 - 2015-08-05 21:59 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-09-07 21:36 - 2015-03-05 15:32 - 00001453 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2015-09-07 21:36 - 2015-03-05 15:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-09-02 14:02 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\rescache
2015-09-01 14:34 - 2015-04-06 11:39 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-08-31 10:02 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-08-31 00:47 - 2015-07-23 04:02 - 11188880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-08-29 16:48 - 2015-03-18 22:56 - 00000000 ____D C:\Users\Petr\Documents\My Games
2015-08-27 12:04 - 2015-07-19 21:25 - 00002658 _____ C:\Users\Public\Desktop\Skype.lnk
2015-08-27 12:04 - 2015-07-19 21:25 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-08-27 12:04 - 2015-07-19 21:25 - 00000000 ____D C:\ProgramData\Skype
2015-08-27 02:37 - 2015-03-05 15:31 - 01423120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2015-08-27 02:37 - 2015-03-05 15:31 - 01316000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2015-08-27 02:36 - 2015-03-05 15:31 - 01756424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2015-08-27 02:36 - 2015-03-05 15:31 - 01710568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2015-08-26 18:37 - 2015-03-13 01:07 - 134753440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-08-25 22:48 - 2015-07-20 11:13 - 00000000 ____D C:\Program Files\SteelSeries
2015-08-25 21:51 - 2015-06-24 08:09 - 00000000 ____D C:\Users\Petr\AppData\Roaming\OBS
2015-08-25 21:19 - 2015-06-24 08:09 - 00000950 _____ C:\Users\Petr\Desktop\Open Broadcaster Software.lnk
2015-08-25 20:38 - 2015-07-23 04:02 - 17932648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-08-25 20:38 - 2015-07-23 04:02 - 15334976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-08-25 20:38 - 2015-07-23 04:02 - 12611824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-08-25 20:38 - 2015-07-23 04:02 - 03480792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-08-25 20:38 - 2015-07-23 04:02 - 03074776 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-08-25 20:38 - 2015-07-23 04:02 - 00034044 _____ C:\WINDOWS\system32\nvinfo.pb
2015-08-25 20:38 - 2015-03-05 15:31 - 00112760 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2015-08-25 20:38 - 2015-03-05 15:31 - 00105080 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2015-08-25 17:57 - 2015-03-05 15:31 - 06884984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-08-25 17:57 - 2015-03-05 15:31 - 03496752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-08-25 17:57 - 2015-03-05 15:31 - 02558584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-08-25 17:57 - 2015-03-05 15:31 - 00937592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-08-25 17:57 - 2015-03-05 15:31 - 00385144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-08-25 17:57 - 2015-03-05 15:31 - 00062584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-08-25 15:02 - 2015-03-05 15:31 - 05165808 _____ C:\WINDOWS\system32\nvcoproc.bin

==================== Files in the root of some directories =======

2015-08-31 10:00 - 2015-09-13 03:15 - 0007604 _____ () C:\Users\Petr\AppData\Local\Resmon.ResmonCfg
2015-03-05 15:41 - 2015-03-05 15:41 - 0010418 _____ () C:\ProgramData\xml453A.tmp
2015-03-05 15:41 - 2015-03-05 15:41 - 0015404 _____ () C:\ProgramData\xml4589.tmp
2015-03-05 15:41 - 2015-03-05 15:41 - 0000000 _____ () C:\ProgramData\xml45B9.tmp
2015-03-05 15:41 - 2015-03-05 15:41 - 0000000 _____ () C:\ProgramData\xml4608.tmp

Some files in TEMP:
====================
C:\Users\Petr\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-09-17 19:40

==================== End of FRST.txt ============================

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKU\S-1-5-21-445612871-1141213351-4147861920-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Petr\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
c:\Users\Petr\AppData\Local\Akamai
HKU\S-1-5-21-445612871-1141213351-4147861920-1001\...\Run: [BingSvc] => C:\Users\Petr\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-04-07] (© 2015 Microsoft Corporation)
C:\Users\Petr\AppData\Local\Microsoft\BingSvc
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-21-445612871-1141213351-4147861920-1001 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-445612871-1141213351-4147861920-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SK2MDF&PC=SK2M ... -SearchBox
SearchScopes: HKU\S-1-5-21-445612871-1141213351-4147861920-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-23] (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
C:\Program Files (x86)\Google\Google Toolbar
C:\Program Files (x86)\Skype\Toolbars
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-23] (Google Inc.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-23] (Google Inc.)
Toolbar: HKLM-x32 - Nástroje Lištičky - {1EA00BE1-6E54-4E2A-8099-680300BF23E1} - C:\Program Files (x86)\Seznam.cz\bin\toolbar\toolbar.dll [2012-04-16] ()
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-23] (Google Inc.)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d08efa5e2abc71.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\Users\Petr\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1d08efa5e2abc71
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\ProgramData\xml453A.tmp
C:\ProgramData\xml4589.tmp
C:\ProgramData\xml45B9.tmp
C:\ProgramData\xml4608.tmp
C:\Users\Petr\AppData\Local\Temp
End

Uložte do C:\Users\Petr\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Ulozil jsem to do te slozky dal fix a pise to ze to tam nemuze najit. Udelal jsem vsechno podle vasich rad.

Tak jsem to zvladl. Dal jsem to tam bez toho start a end na zacatku a na konci.


Fix result of Farbar Recovery Scan Tool (x64) Version:23-09-2015
Ran by Petr (2015-09-23 20:23:26) Run:1
Running from C:\Users\Petr\Downloads
Loaded Profiles: Petr (Available Profiles: Petr)
Boot Mode: Normal
==============================================

fixlist content:
*****************
HKU\S-1-5-21-445612871-1141213351-4147861920-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Petr\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
c:\Users\Petr\AppData\Local\Akamai
HKU\S-1-5-21-445612871-1141213351-4147861920-1001\...\Run: [BingSvc] => C:\Users\Petr\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-04-07] (© 2015 Microsoft Corporation)
C:\Users\Petr\AppData\Local\Microsoft\BingSvc
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-21-445612871-1141213351-4147861920-1001 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-445612871-1141213351-4147861920-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SK2MDF&PC=SK2M ... -SearchBox
SearchScopes: HKU\S-1-5-21-445612871-1141213351-4147861920-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-23] (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
C:\Program Files (x86)\Google\Google Toolbar
C:\Program Files (x86)\Skype\Toolbars
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-23] (Google Inc.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-23] (Google Inc.)
Toolbar: HKLM-x32 - Nástroje Lištičky - {1EA00BE1-6E54-4E2A-8099-680300BF23E1} - C:\Program Files (x86)\Seznam.cz\bin\toolbar\toolbar.dll [2012-04-16] ()
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-23] (Google Inc.)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d08efa5e2abc71.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\Users\Petr\AppData\Local???????????????????
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1d08efa5e2abc71
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\ProgramData\xml453A.tmp
C:\ProgramData\xml4589.tmp
C:\ProgramData\xml45B9.tmp
C:\ProgramData\xml4608.tmp
C:\Users\Petr\AppData\Local\Temp
*****************

HKU\S-1-5-21-445612871-1141213351-4147861920-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Akamai NetSession Interface => value removed successfully

"c:\Users\Petr\AppData\Local\Akamai" folder move:

Could not move "c:\Users\Petr\AppData\Local\Akamai" => Scheduled to move on reboot.

HKU\S-1-5-21-445612871-1141213351-4147861920-1001\Software\Microsoft\Windows\CurrentVersion\Run\\BingSvc => value removed successfully
C:\Users\Petr\AppData\Local\Microsoft\BingSvc => moved successfully
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
HKU\S-1-5-21-445612871-1141213351-4147861920-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-445612871-1141213351-4147861920-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
"HKU\S-1-5-21-445612871-1141213351-4147861920-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" => key removed successfully
HKCR\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => key removed successfully
"HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKCR\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
C:\Program Files (x86)\Google\Google Toolbar => moved successfully
C:\Program Files (x86)\Skype\Toolbars => moved successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => value removed successfully
"HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => key removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{1EA00BE1-6E54-4E2A-8099-680300BF23E1} => value removed successfully
"HKCR\Wow6432Node\CLSID\{1EA00BE1-6E54-4E2A-8099-680300BF23E1}" => key removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => value removed successfully
"HKCR\Wow6432Node\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => key removed successfully
"HKCR\PROTOCOLS\Handler\skypec2c" => key removed successfully
"HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => key removed successfully
HKCR\Wow6432Node\PROTOCOLS\Handler\skypec2c => key not found.
"HKCR\Wow6432Node\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => key removed successfully
c2cautoupdatesvc => Unable to stop service.
c2cautoupdatesvc => service removed successfully
c2cpnrsvc => Unable to stop service.
c2cpnrsvc => service removed successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d08efa5e2abc71.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully

"C:\Users\Petr\AppData\Local???????????????????" folder move:

Could not move "C:\Users\Petr\AppData\Local???????????????????" => Scheduled to move on reboot.

C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1d08efa5e2abc71 => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
C:\ProgramData\xml453A.tmp => moved successfully
C:\ProgramData\xml4589.tmp => moved successfully
C:\ProgramData\xml45B9.tmp => moved successfully
C:\ProgramData\xml4608.tmp => moved successfully
C:\Users\Petr\AppData\Local\Temp => moved successfully

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-09-23 20:24:12)<=

c:\Users\Petr\AppData\Local\Akamai => Is moved successfully

Smazáno. Nastala nějaká změna?

Tak problem se dnes vratil.

Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

Sken to udela ale nemuzu najit zadny log.

Malwarebytes Anti-Malware
www.malwarebytes.org


Protection, 08.10.2015 18:49, SYSTEM, PETRPC, Protection, Malware Protection, Starting,
Protection, 08.10.2015 18:49, SYSTEM, PETRPC, Protection, Malware Protection, Started,
Protection, 08.10.2015 18:49, SYSTEM, PETRPC, Protection, Malicious Website Protection, Starting,
Protection, 08.10.2015 18:49, SYSTEM, PETRPC, Protection, Malicious Website Protection, Started,
Error, 08.10.2015 18:51, SYSTEM, PETRPC, Update, Bad md5 or size: akadomains, 11,
Error, 08.10.2015 18:51, SYSTEM, PETRPC, Update, Bad md5 or size: akaips, 11,
Update, 08.10.2015 18:51, SYSTEM, PETRPC, Manual, IP Database, 0.0.0.0, 2015.10.8.2,
Update, 08.10.2015 18:51, SYSTEM, PETRPC, Manual, Rootkit Database, 2015.6.2.1, 2015.10.6.1,
Update, 08.10.2015 18:51, SYSTEM, PETRPC, Manual, Remediation Database, 2015.5.13.1, 2015.10.7.3,
Update, 08.10.2015 18:51, SYSTEM, PETRPC, Manual, AKA Domain Database, 0.0.0.0, 2015.9.11.2,
Update, 08.10.2015 18:51, SYSTEM, PETRPC, Manual, AKA IP Database, 0.0.0.0, 2015.9.11.2,
Update, 08.10.2015 18:51, SYSTEM, PETRPC, Manual, Domain Database, 0.0.0.0, 2015.10.8.4,
Update, 08.10.2015 18:51, SYSTEM, PETRPC, Manual, Malware Database, 2015.6.3.3, 2015.10.8.4,
Protection, 08.10.2015 18:51, SYSTEM, PETRPC, Protection, Refresh, Starting,
Protection, 08.10.2015 18:51, SYSTEM, PETRPC, Protection, Malicious Website Protection, Stopping,
Protection, 08.10.2015 18:51, SYSTEM, PETRPC, Protection, Malicious Website Protection, Stopped,
Protection, 08.10.2015 18:51, SYSTEM, PETRPC, Protection, Refresh, Success,
Protection, 08.10.2015 18:51, SYSTEM, PETRPC, Protection, Malicious Website Protection, Starting,
Protection, 08.10.2015 18:51, SYSTEM, PETRPC, Protection, Malicious Website Protection, Started,
Scan, 08.10.2015 18:56, SYSTEM, PETRPC, Manual, Začátek: 08.10.2015 18:51, Doba trvání: 4 min 30 sekund, Sken hrozeb, Dokončeno, Detekce malwaru 0, Detekce jiných hrozeb 2,
Scan, 08.10.2015 19:00, SYSTEM, PETRPC, Manual, Začátek: 08.10.2015 18:56, Doba trvání: 3 min 50 sekund, Sken hrozeb, Dokončeno, Detekce malwaru 0, Detekce jiných hrozeb 0,

(end)