VIRY.CZ

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:06:45, on 8.11.2015
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\Adobe\Acrobat DC\Acrobat\acrotray.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskmgr.exe
C:\Users\Petr\Downloads\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O3 - Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrotray.exe"
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: *.dell.com
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\Windows\System32\ati2sgag.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe

--
End of file - 4327 bytes

Zdravím!
Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 , HJT je již za zenitem.

Additional scan result of Farbar Recovery Scan Tool (x86) Version:07-11-2015
Ran by Petr (2015-11-08 21:24:26)
Running from C:\Users\Petr\Downloads
Microsoft Windows 7 Home Premium Service Pack 1 (X86) (2014-05-28 18:35:15)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-3889512373-4177981502-685953998-500 - Administrator - Disabled)
Guest (S-1-5-21-3889512373-4177981502-685953998-501 - Limited - Disabled)
Petr (S-1-5-21-3889512373-4177981502-685953998-1000 - Administrator - Enabled) => C:\Users\Petr

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.22beta (HKLM\...\7-Zip) (Version: - )
Adobe Acrobat 4.0, 5.0 (HKLM\...\Adobe Acrobat 5.0) (Version: 5.0 - Adobe Systems, Inc.)
Adobe Acrobat DC (HKLM\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.009.20077 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe MPEG Encoder (HKLM\...\{9811A185-3D3D-11D6-9E14-00036D172B00}) (Version: 1.03.0000 - Adobe Systems Incorporated / MainConcept GmbH)
Adobe Photoshop CS (HKLM\...\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}) (Version: CS - Adobe Systems, Inc.)
Adobe Premiere 6.5 (HKLM\...\Adobe Premiere 6.5) (Version: 6.5 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.13) - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Advanced RealMedia Export Plug-in for Premiere 6.0 (HKLM\...\RNCompiler 6.0) (Version: - )
Altap Salamander 2.5 (HKLM\...\Altap Salamander 2.5) (Version: 2.5 - ALTAP)
ATI - Software Uninstall Utility (HKLM\...\All ATI Software) (Version: 6.14.10.1012 - )
ATI Catalyst Install Manager (HKLM\...\{08E264F0-E675-8E6D-0042-8741FD41E654}) (Version: 3.0.715.0 - ATI Technologies, Inc.)
ATI Display Driver (HKLM\...\ATI Display Driver) (Version: 8.131.1.2-050706a-025030C-Dell - )
Avery DesignPro 2000 (HKLM\...\{2CC982C0-7EAE-11D4-ACC3-0050568AD318}) (Version: - )
AVS Update Manager 1.0 (HKLM\...\AVS Update Manager_is1) (Version: - Online Media Technologies Ltd.)
AVS Video Converter 7 (HKLM\...\AVS4YOU Video Converter 7_is1) (Version: - Online Media Technologies Ltd.)
AVS4YOU Software Navigator 1.4 (HKLM\...\AVS4YOU Software Navigator_is1) (Version: - Online Media Technologies Ltd.)
Boris Graffiti (HKLM\...\{262BF2CD-601D-4F43-919C-4B00B1D1F338}) (Version: 5.20.200 - Boris FX, Inc.)
Canon Easy-PhotoPrint EX (HKLM\...\Easy-PhotoPrint EX) (Version: - )
Canon My Printer (HKLM\...\CanonMyPrinter) (Version: - )
ccc-core-static (Version: 2009.0929.2222.38284 - Název společnosti:) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.11 - Piriform)
C-Major Audio (HKLM\...\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}) (Version: 42xx - SigmaTel)
CursorFX (HKLM\...\CursorFX) (Version: - Stardock Corporation)
CursorFX (Version: 2.00 - Stardock Corporation) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.46.1.0328 - DT Soft Ltd)
Dell System Detect (HKU\S-1-5-21-3889512373-4177981502-685953998-1000\...\73f463568823ebbe) (Version: 6.3.0.6 - Dell)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1.102.7 - Alps Electric)
EDIUS 6.01 (HKLM\...\{B91A1230-C199-421e-8F63-7235731D925E}) (Version: 6.01 - Thomson Canopus Co., Ltd.)
Google Chrome (HKLM\...\Google Chrome) (Version: 46.0.2490.80 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6904.2028 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.28.15 - Google Inc.) Hidden
Magic Bullet Looks Studio (HKLM\...\Magic Bullet Looks Studio) (Version: - )
Microsoft .NET Framework 4.5.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{90110405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
MPC-HC 1.7.6 (HKLM\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.6 - MPC-HC Team)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
O2 (HKLM\...\O2CZ) (Version: - O2)
Ovladače videa společnosti Pinnacle (HKLM\...\{5EB90C06-964F-4195-B83E-BD7E55C88415}) (Version: 12.00.0017 - Pinnacle Systems)
Pinnacle Studio 12 (HKLM\...\{D041EB9E-890A-4098-8F94-51DA194AC72A}) (Version: 12.0.0.6163 - Pinnacle Systems)
Pinnacle Studio 12 Ultimate Plugins (HKLM\...\{D1860E6E-520E-4380-8433-E58E8F88B473}) (Version: 12.0.0.0 - Pinnacle Systems)
Sada Compatibility Pack pro systém Office 2007 (HKLM\...\{90120000-0020-0405-0000-0000000FF1CE}) (Version: 12.0.6514.5001 - Microsoft Corporation)
Skins (Version: 2009.0929.2222.38284 - ATI) Hidden
Skype™ 7.6 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.)
Sony PC Companion 2.10.289 (HKLM\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.289 - Sony)
Spotify (HKU\S-1-5-21-3889512373-4177981502-685953998-1000\...\Spotify) (Version: 1.0.12.161.g64b0797c - Spotify AB)
Studio Content CD (HKLM\...\{4C643986-DE3C-4737-8472-CCEC36CCC267}) (Version: 1.00.000 - )
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: - )
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows 7 Manager (HKLM\...\{D86B6C32-49BD-4A02-9C43-14E497018498}) (Version: 1.1.1 - Yamicsoft)
WinRAR 5.21 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Wise Disk Cleaner 7.81 (HKLM\...\Wise Disk Cleaner_is1) (Version: 7.81 - WiseCleaner.com, Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3889512373-4177981502-685953998-1000_Classes\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3889512373-4177981502-685953998-1000_Classes\CLSID\{1299CF18-C4F5-4B6A-BB0F-2299F0398E27}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3889512373-4177981502-685953998-1000_Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3889512373-4177981502-685953998-1000_Classes\CLSID\{8856F961-340A-11D0-A96B-00C04FD705A2}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3889512373-4177981502-685953998-1000_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3889512373-4177981502-685953998-1000_Classes\CLSID\{C39EE728-D419-4BD4-A3EF-EDA059DBD935}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3889512373-4177981502-685953998-1000_Classes\CLSID\{CD773740-B187-4974-A1D5-E0FF91372277}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3889512373-4177981502-685953998-1000_Classes\CLSID\{DCB00C01-570F-4A9B-8D69-199FDBA5723B}\InprocServer32 -> no filepath

==================== Restore Points =========================

29-08-2015 09:46:55 Instalace balíčku ovladače zařízení: Xerox Tiskárny
29-08-2015 09:50:08 Instalace balíčku ovladače zařízení: Xerox Tiskárny
09-09-2015 06:47:48 Naplánovaný kontrolní bod
24-09-2015 15:32:39 Naplánovaný kontrolní bod
09-10-2015 08:28:25 Naplánovaný kontrolní bod
17-10-2015 18:49:14 Sony PC Companion
25-10-2015 22:59:36 Naplánovaný kontrolní bod
28-10-2015 17:20:15 Removed Apple Software Update
28-10-2015 17:24:48 Removed Apple Application Support
28-10-2015 17:32:44 Removed QuickTime 7
08-11-2015 13:39:32 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:04 - 2015-08-16 15:12 - 00000233 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {04766488-6491-4883-87A5-75279CB788CA} - System32\Tasks\{F8F3F16C-29E2-4F79-A210-5672978148BC} => C:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe [2008-05-13] (Pinnacle Systems)
Task: {11894101-B3DC-46EB-84FD-513859656CA6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {28B2F536-0B76-436C-9A68-A6F82560A779} - System32\Tasks\{8D1ADB96-1C99-40A7-88F3-E75AA639545C} => C:\Users\Petr\Desktop\Microsoft security esentials\Microsoft security esentials.exe
Task: {291CBAAD-7D03-4A42-AA1F-BFA3B6C50BD1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {3B8B6318-E946-451B-97DE-48FC30A60A8D} - System32\Tasks\{72ABF656-46AA-4CCD-A23A-1BF3F9695C85} => Chrome.exe hxxp://ui.skype.com/ui/0/7.2.0.103/cs/abandoninstall?page=tsBing
Task: {49BC9F8D-DBA0-46D8-AE2B-02EF11B5B83C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-15] (Adobe Systems Incorporated)
Task: {519BFE6C-95FE-4377-9AE1-D68C34FE8014} - System32\Tasks\{5DAC1BC3-7485-423B-9A2A-EF10FA28F319} => C:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe [2008-05-13] (Pinnacle Systems)
Task: {5E17D9C3-A9EA-4D78-BC42-5DA9E2D7F1F9} - System32\Tasks\{A6FC4100-12C0-4B03-8FA2-DBD522BFEF36} => C:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe [2008-05-13] (Pinnacle Systems)
Task: {5F74A21D-E7FE-498A-8C8A-16561FE1B237} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {8AAC8AA3-0F92-4A42-B5B8-C8AEB3CA0DC3} - System32\Tasks\{42DF1C60-DC63-4781-B470-10AEE9F03222} => C:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe [2008-05-13] (Pinnacle Systems)
Task: {8F2DCE65-8152-48AA-B189-72132412454F} - System32\Tasks\{5782A427-6ABD-4D66-866C-3122667A4639} => C:\Users\Petr\Desktop\Microsoft security esentials\Microsoft security esentials.exe
Task: {9C733B09-5813-4DAA-AF95-0EC065E879E6} - System32\Tasks\{8D371351-BA4E-44BB-A4BC-7520B7B9F55F} => C:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe [2008-05-13] (Pinnacle Systems)
Task: {A68E8A7A-5175-4BCD-B5D3-EF5BEBDFED4A} - System32\Tasks\{ED748AD0-B585-4F08-BE7C-2C11DEEF20CD} => C:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe [2008-05-13] (Pinnacle Systems)
Task: {B7171FF9-FCDE-4803-A186-FEB8287F272B} - System32\Tasks\{5A57C7BA-E13F-4A28-93DA-D60B966005E0} => pcalua.exe -a C:\Users\Petr\Downloads\cursorfx-2.exe
Task: {F3A2CBC5-DA83-4351-A5F5-A6A0DECAE6D2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-10-19] (Piriform Ltd)
Task: {F55133B3-82E3-443A-B40A-53C7BE479C4A} - System32\Tasks\{2379441D-8340-42D5-9588-DEEA99C18D43} => pcalua.exe -a C:\dell\drivers\R114079\Setup.exe -d C:\dell\drivers\R114079
Task: {F8C06E81-31AF-447B-AFA9-2EDCD8CE5056} - System32\Tasks\{CD1038E5-DE57-441E-BE3A-19DDB2532321} => C:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe [2008-05-13] (Pinnacle Systems)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2015-03-17 00:34 - 2015-03-17 00:34 - 00010240 _____ () C:\Program Files\Adobe\Acrobat DC\Acrobat\locale\cs_cz\acrotray.cze

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3889512373-4177981502-685953998-1000\...\dell.com -> dell.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3889512373-4177981502-685953998-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 77.242.95.3 - 81.200.55.34
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: defragsvc => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: gusvc => 3
MSCONFIG\Services: IJPLMSVC => 2
MSCONFIG\Services: LiveUpdateSvc => 2
MSCONFIG\Services: SCardSvr => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: SysMain => 2
MSCONFIG\Services: TeamViewer9 => 2
MSCONFIG\Services: WSearch => 2
MSCONFIG\Services: wuauserv => 2
MSCONFIG\startupfolder: C:^Users^Petr^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: Dropbox Update => "C:\Users\Petr\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
MSCONFIG\startupreg: mncgbwlesSrv => C:\Windows\inf\mncgbwles.vbe
MSCONFIG\startupreg: MSC => "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
MSCONFIG\startupreg: Sony PC Companion => "C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe" /Background
MSCONFIG\startupreg: Spotify => "C:\Users\Petr\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Petr\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: StartCCC => "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{76FE1A05-1606-4312-94AD-90246B4D58A6}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{6CB05E35-8739-46E2-AF6D-44C15332234A}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{B41C0A77-2400-4CEE-976D-513F6956794B}] => (Allow) C:\Program Files\Pinnacle\Studio 12\Programs\RM.exe
FirewallRules: [{EAB6B532-3292-4E4A-8F9C-A63CA54E1856}] => (Allow) C:\Program Files\Pinnacle\Studio 12\Programs\RM.exe
FirewallRules: [{EB61B966-9112-4C18-8216-C7B9B63B378C}] => (Allow) C:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe
FirewallRules: [{74C824E3-A7D1-467C-9291-6A77B4D72D85}] => (Allow) C:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe
FirewallRules: [{E0FD30F5-CF78-4270-AA74-D77527B42731}] => (Allow) C:\Program Files\Pinnacle\Studio 12\Programs\umi.exe
FirewallRules: [{A7D3A6F2-F1B7-4428-AD07-E412FC006A31}] => (Allow) C:\Program Files\Pinnacle\Studio 12\Programs\umi.exe
FirewallRules: [TCP Query User{58695193-61A9-444B-B3B1-7F8408E0CB38}C:\program files\pinnacle\studio 12\programs\studio.exe] => (Allow) C:\program files\pinnacle\studio 12\programs\studio.exe
FirewallRules: [UDP Query User{F3BF9343-3E0E-4F6C-995C-F747551CD757}C:\program files\pinnacle\studio 12\programs\studio.exe] => (Allow) C:\program files\pinnacle\studio 12\programs\studio.exe
FirewallRules: [TCP Query User{96C03A25-6ABE-4833-89F1-E9CD660B30AB}C:\users\petr\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\petr\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{EF6290EC-DEDD-4903-908F-98D113A33A0C}C:\users\petr\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\petr\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{126785A3-ED69-4DD0-BF30-DA1DC50E4A74}C:\users\petr\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\petr\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{4DF38100-3680-4C6B-BD91-15162F5990D5}C:\users\petr\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\petr\appdata\roaming\spotify\spotify.exe
FirewallRules: [{A13E027F-054E-4550-A5BE-57E6DAB521EB}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Teredo Tunneling Pseudo-Interface
Description: Adaptér tunelového režimu Microsoft Teredo
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

==================== Event log errors: =========================

Application errors:
==================
Error: (11/08/2015 08:51:01 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program chrome.exe verze 46.0.2490.80 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 550

Čas spuštění: 01d11a4c907a7d49

Čas ukončení: 284

Cesta k aplikaci: C:\Program Files\Google\Chrome\Application\chrome.exe

ID hlášení: f097a5c1-8651-11e5-a516-0016410b3e80

Error: (11/08/2015 07:03:07 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program HijackThis.exe verze 2.0.0.2 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 124

Čas spuštění: 01d11a4edfb823e1

Čas ukončení: 550

Cesta k aplikaci: C:\Users\Petr\Downloads\HijackThis.exe

ID hlášení: 7711dcc9-8642-11e5-a516-0016410b3e80

Error: (11/08/2015 01:32:09 PM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhost (1732) WebCacheLocal: Při otevírání souboru protokolu C:\Users\Petr\AppData\Local\Microsoft\Windows\WebCache\V0100060.log došlo k chybě -1811.

Error: (11/07/2015 02:42:57 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Acrobat.exe verze 15.9.20069.28170 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: b60

Čas spuštění: 01d1196225429aa6

Čas ukončení: 79

Cesta k aplikaci: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe

ID hlášení: 6b17b279-8555-11e5-b8fe-0016410b3e80

Error: (10/28/2015 05:33:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: MsiExec.exe, verze: 5.0.7601.17514, časové razítko: 0x4ce792c4
Název chybujícího modulu: QuickTime.qts_unloaded, verze: 0.0.0.0, časové razítko: 0x542dbdf4
Kód výjimky: 0xc0000005
Posun chyby: 0x6011ccf9
ID chybujícího procesu: 0x1580
Čas spuštění chybující aplikace: 0xMsiExec.exe0
Cesta k chybující aplikaci: MsiExec.exe1
Cesta k chybujícímu modulu: MsiExec.exe2
ID zprávy: MsiExec.exe3

Error: (10/25/2015 11:05:02 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1 se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (10/17/2015 09:07:37 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1 se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (10/16/2015 06:50:33 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Explorer.EXE verze 6.1.7601.17567 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 628

Čas spuštění: 01d0ed326f1095d0

Čas ukončení: 0

Cesta k aplikaci: C:\Windows\Explorer.EXE

ID hlášení: 59d61a4e-742e-11e5-8df7-0016410b3e80

Error: (10/07/2015 02:55:02 PM) (Source: System Restore) (EventID: 8211) (User: )
Description: Naplánovaný bod obnovení nebylo možné vytvořit. Další informace: (0x81000101).

Error: (10/07/2015 02:55:02 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation; Popis = Naplánovaný kontrolní bod; Chyba = 0x81000101).

System errors:
=============
Error: (11/08/2015 09:24:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Windows Update byla neočekávaně ukončena. Tento stav nastal již 2krát.

Error: (11/08/2015 09:24:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba WMI byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 300000 milisekund: Restartovat službu.

Error: (11/08/2015 09:24:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Motivy byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (11/08/2015 09:24:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba oznamování událostí systému byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 300000 milisekund: Restartovat službu.

Error: (11/08/2015 09:24:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Sekundární přihlašování byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 300000 milisekund: Restartovat službu.

Error: (11/08/2015 09:24:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Plánovač úloh byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (11/08/2015 09:24:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Správce vzdáleného přístupu byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 300000 milisekund: Restartovat službu.

Error: (11/08/2015 09:24:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Profil uživatele byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 300000 milisekund: Restartovat službu.

Error: (11/08/2015 09:24:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Server byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.

Error: (11/08/2015 09:24:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Pomocná služba protokolu IP byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 300000 milisekund: Restartovat službu.

==================== Memory info ===========================

Processor: Intel(R) Pentium(R) M processor 2.13GHz
Percentage of memory in use: 55%
Total physical RAM: 2047.46 MB
Available physical RAM: 911.63 MB
Total Virtual: 2247.46 MB
Available Virtual: 966.58 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.79 GB) (Free:186.8 GB) NTFS ==>[drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 67B7830B)
Partition 1: (Not Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=232.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Teď spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

# AdwCleaner v5.019 - Logfile created 08/11/2015 at 21:38:55
# Updated 08/11/2015 by Xplode
# Database : 2015-11-08.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x86)
# Username : Petr - PETR-NTB
# Running from : C:\Users\Petr\Desktop\adwcleaner_5.019.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

***** [ Folders ] *****

***** [ Files ] *****

***** [ DLLs ] *****

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

***** [ Registry ] *****

***** [ Web browsers ] *****

[-] [C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : babylon.com
[-] [C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : askws
[-] [C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : delta-search.com
[-] [C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : websearch.ask.com
[-] [C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : websearch
[-] [C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : search.speedbit.com
[-] [C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Deleted : hxxp://start.mysearchdial.com/?f=1&a=coolmsd&cd=2XzuyEtN2Y1L1QzutDyCtBtAyE0D0EyEyD0ByDtB0E0D0FyCtN0D0Tzu0CyDtCyDtN1L2XzutBtFtBtFtCtFyDyByEtN1L1Czu1R1F1F1I1H1B1Q&cr=1370237239&ir=
[-] [C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Deleted : hxxp://www2.delta-search.com/?babsrc=HP_ss&mntrId=4886162F68E51DBB&affID=124180&tt=160913_c3&tsp=5011
[-] [C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Deleted : hxxp://www.mystartsearch.com/?type=hp&ts=14142 ... JD0S303356
[-] [C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : ljefoakgfhcoeobgicjgejglnpfpemgb

*************************

:: "Tracing" keys removed
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [2236 bytes] ##########

Dejte nový log FRST.

Additional scan result of Farbar Recovery Scan Tool (x86) Version:07-11-2015
Ran by Petr (2015-11-09 06:05:31)
Running from C:\Users\Petr\Downloads
Microsoft Windows 7 Home Premium Service Pack 1 (X86) (2014-05-28 18:35:15)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-3889512373-4177981502-685953998-500 - Administrator - Disabled)
Guest (S-1-5-21-3889512373-4177981502-685953998-501 - Limited - Disabled)
Petr (S-1-5-21-3889512373-4177981502-685953998-1000 - Administrator - Enabled) => C:\Users\Petr

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Disabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Disabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.22beta (HKLM\...\7-Zip) (Version: - )
Adobe Acrobat 4.0, 5.0 (HKLM\...\Adobe Acrobat 5.0) (Version: 5.0 - Adobe Systems, Inc.)
Adobe Acrobat DC (HKLM\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.009.20077 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe MPEG Encoder (HKLM\...\{9811A185-3D3D-11D6-9E14-00036D172B00}) (Version: 1.03.0000 - Adobe Systems Incorporated / MainConcept GmbH)
Adobe Photoshop CS (HKLM\...\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}) (Version: CS - Adobe Systems, Inc.)
Adobe Premiere 6.5 (HKLM\...\Adobe Premiere 6.5) (Version: 6.5 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.13) - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Advanced RealMedia Export Plug-in for Premiere 6.0 (HKLM\...\RNCompiler 6.0) (Version: - )
Altap Salamander 2.5 (HKLM\...\Altap Salamander 2.5) (Version: 2.5 - ALTAP)
ATI - Software Uninstall Utility (HKLM\...\All ATI Software) (Version: 6.14.10.1012 - )
ATI Catalyst Install Manager (HKLM\...\{08E264F0-E675-8E6D-0042-8741FD41E654}) (Version: 3.0.715.0 - ATI Technologies, Inc.)
ATI Display Driver (HKLM\...\ATI Display Driver) (Version: 8.131.1.2-050706a-025030C-Dell - )
Avery DesignPro 2000 (HKLM\...\{2CC982C0-7EAE-11D4-ACC3-0050568AD318}) (Version: - )
AVS Update Manager 1.0 (HKLM\...\AVS Update Manager_is1) (Version: - Online Media Technologies Ltd.)
AVS Video Converter 7 (HKLM\...\AVS4YOU Video Converter 7_is1) (Version: - Online Media Technologies Ltd.)
AVS4YOU Software Navigator 1.4 (HKLM\...\AVS4YOU Software Navigator_is1) (Version: - Online Media Technologies Ltd.)
Boris Graffiti (HKLM\...\{262BF2CD-601D-4F43-919C-4B00B1D1F338}) (Version: 5.20.200 - Boris FX, Inc.)
Canon Easy-PhotoPrint EX (HKLM\...\Easy-PhotoPrint EX) (Version: - )
Canon My Printer (HKLM\...\CanonMyPrinter) (Version: - )
ccc-core-static (Version: 2009.0929.2222.38284 - Název společnosti:) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.11 - Piriform)
C-Major Audio (HKLM\...\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}) (Version: 42xx - SigmaTel)
CursorFX (HKLM\...\CursorFX) (Version: - Stardock Corporation)
CursorFX (Version: 2.00 - Stardock Corporation) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.46.1.0328 - DT Soft Ltd)
Dell System Detect (HKU\S-1-5-21-3889512373-4177981502-685953998-1000\...\73f463568823ebbe) (Version: 6.3.0.6 - Dell)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1.102.7 - Alps Electric)
EDIUS 6.01 (HKLM\...\{B91A1230-C199-421e-8F63-7235731D925E}) (Version: 6.01 - Thomson Canopus Co., Ltd.)
Google Chrome (HKLM\...\Google Chrome) (Version: 46.0.2490.80 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6904.2028 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.28.15 - Google Inc.) Hidden
Magic Bullet Looks Studio (HKLM\...\Magic Bullet Looks Studio) (Version: - )
Microsoft .NET Framework 4.5.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{90110405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
MPC-HC 1.7.6 (HKLM\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.6 - MPC-HC Team)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
O2 (HKLM\...\O2CZ) (Version: - O2)
Ovladače videa společnosti Pinnacle (HKLM\...\{5EB90C06-964F-4195-B83E-BD7E55C88415}) (Version: 12.00.0017 - Pinnacle Systems)
Pinnacle Studio 12 (HKLM\...\{D041EB9E-890A-4098-8F94-51DA194AC72A}) (Version: 12.0.0.6163 - Pinnacle Systems)
Pinnacle Studio 12 Ultimate Plugins (HKLM\...\{D1860E6E-520E-4380-8433-E58E8F88B473}) (Version: 12.0.0.0 - Pinnacle Systems)
Sada Compatibility Pack pro systém Office 2007 (HKLM\...\{90120000-0020-0405-0000-0000000FF1CE}) (Version: 12.0.6514.5001 - Microsoft Corporation)
Skins (Version: 2009.0929.2222.38284 - ATI) Hidden
Skype™ 7.6 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.)
Sony PC Companion 2.10.289 (HKLM\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.289 - Sony)
Spotify (HKU\S-1-5-21-3889512373-4177981502-685953998-1000\...\Spotify) (Version: 1.0.12.161.g64b0797c - Spotify AB)
Studio Content CD (HKLM\...\{4C643986-DE3C-4737-8472-CCEC36CCC267}) (Version: 1.00.000 - )
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: - )
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows 7 Manager (HKLM\...\{D86B6C32-49BD-4A02-9C43-14E497018498}) (Version: 1.1.1 - Yamicsoft)
WinRAR 5.21 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Wise Disk Cleaner 7.81 (HKLM\...\Wise Disk Cleaner_is1) (Version: 7.81 - WiseCleaner.com, Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3889512373-4177981502-685953998-1000_Classes\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3889512373-4177981502-685953998-1000_Classes\CLSID\{1299CF18-C4F5-4B6A-BB0F-2299F0398E27}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3889512373-4177981502-685953998-1000_Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3889512373-4177981502-685953998-1000_Classes\CLSID\{8856F961-340A-11D0-A96B-00C04FD705A2}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3889512373-4177981502-685953998-1000_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3889512373-4177981502-685953998-1000_Classes\CLSID\{C39EE728-D419-4BD4-A3EF-EDA059DBD935}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3889512373-4177981502-685953998-1000_Classes\CLSID\{CD773740-B187-4974-A1D5-E0FF91372277}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3889512373-4177981502-685953998-1000_Classes\CLSID\{DCB00C01-570F-4A9B-8D69-199FDBA5723B}\InprocServer32 -> no filepath

==================== Restore Points =========================

29-08-2015 09:46:55 Instalace balíčku ovladače zařízení: Xerox Tiskárny
29-08-2015 09:50:08 Instalace balíčku ovladače zařízení: Xerox Tiskárny
09-09-2015 06:47:48 Naplánovaný kontrolní bod
24-09-2015 15:32:39 Naplánovaný kontrolní bod
09-10-2015 08:28:25 Naplánovaný kontrolní bod
17-10-2015 18:49:14 Sony PC Companion
25-10-2015 22:59:36 Naplánovaný kontrolní bod
28-10-2015 17:20:15 Removed Apple Software Update
28-10-2015 17:24:48 Removed Apple Application Support
28-10-2015 17:32:44 Removed QuickTime 7
08-11-2015 13:39:32 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:04 - 2015-08-16 15:12 - 00000233 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {04766488-6491-4883-87A5-75279CB788CA} - System32\Tasks\{F8F3F16C-29E2-4F79-A210-5672978148BC} => C:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe [2008-05-13] (Pinnacle Systems)
Task: {11894101-B3DC-46EB-84FD-513859656CA6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {28B2F536-0B76-436C-9A68-A6F82560A779} - System32\Tasks\{8D1ADB96-1C99-40A7-88F3-E75AA639545C} => C:\Users\Petr\Desktop\Microsoft security esentials\Microsoft security esentials.exe
Task: {291CBAAD-7D03-4A42-AA1F-BFA3B6C50BD1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {3B8B6318-E946-451B-97DE-48FC30A60A8D} - System32\Tasks\{72ABF656-46AA-4CCD-A23A-1BF3F9695C85} => Chrome.exe hxxp://ui.skype.com/ui/0/7.2.0.103/cs/abandoninstall?page=tsBing
Task: {49BC9F8D-DBA0-46D8-AE2B-02EF11B5B83C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-15] (Adobe Systems Incorporated)
Task: {519BFE6C-95FE-4377-9AE1-D68C34FE8014} - System32\Tasks\{5DAC1BC3-7485-423B-9A2A-EF10FA28F319} => C:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe [2008-05-13] (Pinnacle Systems)
Task: {5E17D9C3-A9EA-4D78-BC42-5DA9E2D7F1F9} - System32\Tasks\{A6FC4100-12C0-4B03-8FA2-DBD522BFEF36} => C:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe [2008-05-13] (Pinnacle Systems)
Task: {5F74A21D-E7FE-498A-8C8A-16561FE1B237} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {8AAC8AA3-0F92-4A42-B5B8-C8AEB3CA0DC3} - System32\Tasks\{42DF1C60-DC63-4781-B470-10AEE9F03222} => C:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe [2008-05-13] (Pinnacle Systems)
Task: {8F2DCE65-8152-48AA-B189-72132412454F} - System32\Tasks\{5782A427-6ABD-4D66-866C-3122667A4639} => C:\Users\Petr\Desktop\Microsoft security esentials\Microsoft security esentials.exe
Task: {9C733B09-5813-4DAA-AF95-0EC065E879E6} - System32\Tasks\{8D371351-BA4E-44BB-A4BC-7520B7B9F55F} => C:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe [2008-05-13] (Pinnacle Systems)
Task: {A68E8A7A-5175-4BCD-B5D3-EF5BEBDFED4A} - System32\Tasks\{ED748AD0-B585-4F08-BE7C-2C11DEEF20CD} => C:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe [2008-05-13] (Pinnacle Systems)
Task: {B7171FF9-FCDE-4803-A186-FEB8287F272B} - System32\Tasks\{5A57C7BA-E13F-4A28-93DA-D60B966005E0} => pcalua.exe -a C:\Users\Petr\Downloads\cursorfx-2.exe
Task: {F3A2CBC5-DA83-4351-A5F5-A6A0DECAE6D2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-10-19] (Piriform Ltd)
Task: {F55133B3-82E3-443A-B40A-53C7BE479C4A} - System32\Tasks\{2379441D-8340-42D5-9588-DEEA99C18D43} => pcalua.exe -a C:\dell\drivers\R114079\Setup.exe -d C:\dell\drivers\R114079
Task: {F8C06E81-31AF-447B-AFA9-2EDCD8CE5056} - System32\Tasks\{CD1038E5-DE57-441E-BE3A-19DDB2532321} => C:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe [2008-05-13] (Pinnacle Systems)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2015-03-17 00:34 - 2015-03-17 00:34 - 00010240 _____ () C:\Program Files\Adobe\Acrobat DC\Acrobat\locale\cs_cz\acrotray.cze

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3889512373-4177981502-685953998-1000\...\dell.com -> dell.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3889512373-4177981502-685953998-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 77.242.95.3 - 81.200.55.34
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: defragsvc => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: gusvc => 3
MSCONFIG\Services: IJPLMSVC => 2
MSCONFIG\Services: LiveUpdateSvc => 2
MSCONFIG\Services: SCardSvr => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: SysMain => 2
MSCONFIG\Services: TeamViewer9 => 2
MSCONFIG\Services: WSearch => 2
MSCONFIG\Services: wuauserv => 2
MSCONFIG\startupfolder: C:^Users^Petr^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: Dropbox Update => "C:\Users\Petr\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
MSCONFIG\startupreg: mncgbwlesSrv => C:\Windows\inf\mncgbwles.vbe
MSCONFIG\startupreg: MSC => "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
MSCONFIG\startupreg: Sony PC Companion => "C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe" /Background
MSCONFIG\startupreg: Spotify => "C:\Users\Petr\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Petr\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: StartCCC => "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{76FE1A05-1606-4312-94AD-90246B4D58A6}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{6CB05E35-8739-46E2-AF6D-44C15332234A}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{B41C0A77-2400-4CEE-976D-513F6956794B}] => (Allow) C:\Program Files\Pinnacle\Studio 12\Programs\RM.exe
FirewallRules: [{EAB6B532-3292-4E4A-8F9C-A63CA54E1856}] => (Allow) C:\Program Files\Pinnacle\Studio 12\Programs\RM.exe
FirewallRules: [{EB61B966-9112-4C18-8216-C7B9B63B378C}] => (Allow) C:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe
FirewallRules: [{74C824E3-A7D1-467C-9291-6A77B4D72D85}] => (Allow) C:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe
FirewallRules: [{E0FD30F5-CF78-4270-AA74-D77527B42731}] => (Allow) C:\Program Files\Pinnacle\Studio 12\Programs\umi.exe
FirewallRules: [{A7D3A6F2-F1B7-4428-AD07-E412FC006A31}] => (Allow) C:\Program Files\Pinnacle\Studio 12\Programs\umi.exe
FirewallRules: [TCP Query User{58695193-61A9-444B-B3B1-7F8408E0CB38}C:\program files\pinnacle\studio 12\programs\studio.exe] => (Allow) C:\program files\pinnacle\studio 12\programs\studio.exe
FirewallRules: [UDP Query User{F3BF9343-3E0E-4F6C-995C-F747551CD757}C:\program files\pinnacle\studio 12\programs\studio.exe] => (Allow) C:\program files\pinnacle\studio 12\programs\studio.exe
FirewallRules: [TCP Query User{96C03A25-6ABE-4833-89F1-E9CD660B30AB}C:\users\petr\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\petr\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{EF6290EC-DEDD-4903-908F-98D113A33A0C}C:\users\petr\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\petr\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{126785A3-ED69-4DD0-BF30-DA1DC50E4A74}C:\users\petr\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\petr\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{4DF38100-3680-4C6B-BD91-15162F5990D5}C:\users\petr\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\petr\appdata\roaming\spotify\spotify.exe
FirewallRules: [{A13E027F-054E-4550-A5BE-57E6DAB521EB}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Teredo Tunneling Pseudo-Interface
Description: Adaptér tunelového režimu Microsoft Teredo
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

==================== Event log errors: =========================

Application errors:
==================
Error: (11/08/2015 08:51:01 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program chrome.exe verze 46.0.2490.80 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 550

Čas spuštění: 01d11a4c907a7d49

Čas ukončení: 284

Cesta k aplikaci: C:\Program Files\Google\Chrome\Application\chrome.exe

ID hlášení: f097a5c1-8651-11e5-a516-0016410b3e80

Error: (11/08/2015 07:03:07 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program HijackThis.exe verze 2.0.0.2 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 124

Čas spuštění: 01d11a4edfb823e1

Čas ukončení: 550

Cesta k aplikaci: C:\Users\Petr\Downloads\HijackThis.exe

ID hlášení: 7711dcc9-8642-11e5-a516-0016410b3e80

Error: (11/08/2015 01:32:09 PM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhost (1732) WebCacheLocal: Při otevírání souboru protokolu C:\Users\Petr\AppData\Local\Microsoft\Windows\WebCache\V0100060.log došlo k chybě -1811.

Error: (11/07/2015 02:42:57 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Acrobat.exe verze 15.9.20069.28170 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: b60

Čas spuštění: 01d1196225429aa6

Čas ukončení: 79

Cesta k aplikaci: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe

ID hlášení: 6b17b279-8555-11e5-b8fe-0016410b3e80

Error: (10/28/2015 05:33:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: MsiExec.exe, verze: 5.0.7601.17514, časové razítko: 0x4ce792c4
Název chybujícího modulu: QuickTime.qts_unloaded, verze: 0.0.0.0, časové razítko: 0x542dbdf4
Kód výjimky: 0xc0000005
Posun chyby: 0x6011ccf9
ID chybujícího procesu: 0x1580
Čas spuštění chybující aplikace: 0xMsiExec.exe0
Cesta k chybující aplikaci: MsiExec.exe1
Cesta k chybujícímu modulu: MsiExec.exe2
ID zprávy: MsiExec.exe3

Error: (10/25/2015 11:05:02 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1 se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (10/17/2015 09:07:37 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1 se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (10/16/2015 06:50:33 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Explorer.EXE verze 6.1.7601.17567 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 628

Čas spuštění: 01d0ed326f1095d0

Čas ukončení: 0

Cesta k aplikaci: C:\Windows\Explorer.EXE

ID hlášení: 59d61a4e-742e-11e5-8df7-0016410b3e80

Error: (10/07/2015 02:55:02 PM) (Source: System Restore) (EventID: 8211) (User: )
Description: Naplánovaný bod obnovení nebylo možné vytvořit. Další informace: (0x81000101).

Error: (10/07/2015 02:55:02 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation; Popis = Naplánovaný kontrolní bod; Chyba = 0x81000101).

System errors:
=============
Error: (11/09/2015 06:05:23 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Správce služeb se pokusil o opravnou akci (Restartovat službu) po nečekaném ukončení služby Služba WMI, ale tato akce selhala kvůli následující chybě:
%%1056

Error: (11/09/2015 06:03:23 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Update byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (11/09/2015 06:03:23 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba WMI byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.

Error: (11/09/2015 06:03:23 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Motivy byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (11/09/2015 06:03:23 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Rozpoznávání hardwaru byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (11/09/2015 06:03:23 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba oznamování událostí systému byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.

Error: (11/09/2015 06:03:23 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Sekundární přihlašování byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.

Error: (11/09/2015 06:03:23 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Plánovač úloh byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (11/09/2015 06:03:23 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Správce vzdáleného přístupu byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.

Error: (11/09/2015 06:03:23 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Profil uživatele byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.

==================== Memory info ===========================

Processor: Intel(R) Pentium(R) M processor 2.13GHz
Percentage of memory in use: 68%
Total physical RAM: 2047.46 MB
Available physical RAM: 645.13 MB
Total Virtual: 2277.46 MB
Available Virtual: 721.5 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.79 GB) (Free:186.55 GB) NTFS ==>[drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 67B7830B)
Partition 1: (Not Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=232.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Otevřte poznámkový blok a zkopírujte do něj:

Start
CustomCLSID: HKU\S-1-5-21-3889512373-4177981502-685953998-1000_Classes\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3889512373-4177981502-685953998-1000_Classes\CLSID\{1299CF18-C4F5-4B6A-BB0F-2299F0398E27}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3889512373-4177981502-685953998-1000_Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3889512373-4177981502-685953998-1000_Classes\CLSID\{8856F961-340A-11D0-A96B-00C04FD705A2}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3889512373-4177981502-685953998-1000_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3889512373-4177981502-685953998-1000_Classes\CLSID\{C39EE728-D419-4BD4-A3EF-EDA059DBD935}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3889512373-4177981502-685953998-1000_Classes\CLSID\{CD773740-B187-4974-A1D5-E0FF91372277}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3889512373-4177981502-685953998-1000_Classes\CLSID\{DCB00C01-570F-4A9B-8D69-199FDBA5723B}\InprocServer32 -> no filepath
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Když to udělám podle návodu, tak mi to po kliknuti na fix hodí tuhle hlášku:

No fixlist.txt found.
The fixlist.txt should be in the same folder/directory the tools is located

Blbec sem , měl sem na ploše zástupce ,proto to nešlo

Fix result of Farbar Recovery Scan Tool (x86) Version:07-11-2015
Ran by Petr (2015-11-09 20:24:28) Run:1
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr (Available Profiles: Petr)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
CustomCLSID: HKU\S-1-5-21-3889512373-4177981502-685953998-1000_Classes\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3889512373-4177981502-685953998-1000_Classes\CLSID\{1299CF18-C4F5-4B6A-BB0F-2299F0398E27}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3889512373-4177981502-685953998-1000_Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3889512373-4177981502-685953998-1000_Classes\CLSID\{8856F961-340A-11D0-A96B-00C04FD705A2}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3889512373-4177981502-685953998-1000_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3889512373-4177981502-685953998-1000_Classes\CLSID\{C39EE728-D419-4BD4-A3EF-EDA059DBD935}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3889512373-4177981502-685953998-1000_Classes\CLSID\{CD773740-B187-4974-A1D5-E0FF91372277}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3889512373-4177981502-685953998-1000_Classes\CLSID\{DCB00C01-570F-4A9B-8D69-199FDBA5723B}\InprocServer32 -> no filepath
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
End
*****************

"HKU\S-1-5-21-3889512373-4177981502-685953998-1000_Classes\CLSID\{057EEE47-2572-4AA1-88D7-60CE2149E33C}" => key removed successfully.
"HKU\S-1-5-21-3889512373-4177981502-685953998-1000_Classes\CLSID\{1299CF18-C4F5-4B6A-BB0F-2299F0398E27}" => key removed successfully.
"HKU\S-1-5-21-3889512373-4177981502-685953998-1000_Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}" => key removed successfully.
"HKU\S-1-5-21-3889512373-4177981502-685953998-1000_Classes\CLSID\{8856F961-340A-11D0-A96B-00C04FD705A2}" => key removed successfully.
"HKU\S-1-5-21-3889512373-4177981502-685953998-1000_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}" => key removed successfully.
"HKU\S-1-5-21-3889512373-4177981502-685953998-1000_Classes\CLSID\{C39EE728-D419-4BD4-A3EF-EDA059DBD935}" => key removed successfully.
"HKU\S-1-5-21-3889512373-4177981502-685953998-1000_Classes\CLSID\{CD773740-B187-4974-A1D5-E0FF91372277}" => key removed successfully.
"HKU\S-1-5-21-3889512373-4177981502-685953998-1000_Classes\CLSID\{DCB00C01-570F-4A9B-8D69-199FDBA5723B}" => key removed successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully

==== End of Fixlog 20:24:29 ====

Smazáno. Nastala nějaká změna?

je to o kapánek lepší ,ale vysledoval jsem že v procesech nejvíc žere:

Chrome a Windows Modules Installer, Host Process for Windows Services

Ještě proveďte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 9.11.2015
Čas skenování: 21:42
Protokol: kontrola.txt
Správce: Ano

Verze: 2.2.0.1024
Databáze malwaru: v2015.11.09.06
Databáze rootkitů: v2015.11.04.02
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x86
Souborový systém: NTFS
Uživatel: Petr

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 288667
Uplynulý čas: 42 min, 19 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 1
PUP.Optional.OffersWizard, C:\Program Files\Common Files\Config, , [f109b5c62269cd69ffc05a26e2218c74],

Soubory: 1
PUP.Optional.OffersWizard, C:\Program Files\Common Files\Config\ver.xml, , [f109b5c62269cd69ffc05a26e2218c74],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)

(end)

Nálezy smažte.

VIRY.CZ

Notebook Dell pomalý jak slimák, POMÓC

Notebook Dell pomalý jak slimák, POMÓC

Re: Notebook Dell pomalý jak slimák, POMÓC

Re: Notebook Dell pomalý jak slimák, POMÓC

Re: Notebook Dell pomalý jak slimák, POMÓC

Re: Notebook Dell pomalý jak slimák, POMÓC

Re: Notebook Dell pomalý jak slimák, POMÓC

Re: Notebook Dell pomalý jak slimák, POMÓC

Re: Notebook Dell pomalý jak slimák, POMÓC

Re: Notebook Dell pomalý jak slimák, POMÓC

Re: Notebook Dell pomalý jak slimák, POMÓC

Re: Notebook Dell pomalý jak slimák, POMÓC

Re: Notebook Dell pomalý jak slimák, POMÓC

Re: Notebook Dell pomalý jak slimák, POMÓC

Re: Notebook Dell pomalý jak slimák, POMÓC

Re: Notebook Dell pomalý jak slimák, POMÓC