VIRY.CZ

Dobrý večer, mám problém u NB, pozoruji zpomalení PC a nemožnost spuštění Defendera.

Zkoušel jsem spustit RSIT nebo MBAM , ale programy jakoby zamrznou, RSIT error přikládám.

FRST proběhl ok
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:27-12-2015
Ran by Uzivatel (administrator) on MARES-HP (27-12-2015 21:34:29)
Running from C:\Users\Uzivatel\Desktop
Loaded Profiles: Uzivatel (Available Profiles: Uzivatel)
Platform: Windows 8 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 10 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.16384_none_622908ad510eb05b\TiWorker.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6548112 2012-06-12] (Realtek Semiconductor)
HKLM\...\Run: [BtPreLoad] => C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe [65152 2012-08-07] ()
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-28] (Synaptics Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5617432 2013-08-19] (ESET)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491320 2012-07-26] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [580512 2012-07-09] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2014-05-22] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-499196328-2034053931-3112587965-1001\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2014-09-08] (Google Inc.)
HKU\S-1-5-21-499196328-2034053931-3112587965-1001\...\Run: [XitaJjon] => regsvr32.exe "C:\ProgramData\XitaJjon\KuzerVapim.pzk"
HKU\S-1-5-21-499196328-2034053931-3112587965-1001\...\MountPoints2: {6d00aff5-6b82-11e5-be96-74e543efc5fe} - "F:\AutoRun.exe"
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{FE2DCAD6-9C4D-4BD7-B3D5-F3817E810F5E}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=CMNTDFJS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=CMNTDFJS
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
HKU\S-1-5-21-499196328-2034053931-3112587965-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF
SearchScopes: HKLM -> {AB4DD9CA-A27E-4E15-8FE0-D9DFA51CEE3C} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF
SearchScopes: HKLM-x32 -> {AB4DD9CA-A27E-4E15-8FE0-D9DFA51CEE3C} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-499196328-2034053931-3112587965-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-499196328-2034053931-3112587965-1001 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL =
SearchScopes: HKU\S-1-5-21-499196328-2034053931-3112587965-1001 -> {AB4DD9CA-A27E-4E15-8FE0-D9DFA51CEE3C} URL =
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-27] (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-04-20] (IvoSoft)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-07-21] (Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-27] (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-21] (Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-27] (Google Inc.)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-27] (Google Inc.)
Toolbar: HKU\S-1-5-21-499196328-2034053931-3112587965-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-27] (Google Inc.)
DPF: HKLM-x32 {87D48502-D1FF-4D25-B66C-9DA4F7CB2722} hxxp://79.98.155.147:7000/classes/CamV_H264.cab

FireFox:
========
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw.dll [2012-02-08] (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-21] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2013-09-28] [not signed]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

Chrome:
=======
CHR Profile: C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Docs) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-08]
CHR Extension: (Google Drive) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-08]
CHR Extension: (YouTube) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-08]
CHR Extension: (Google Search) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-08]
CHR Extension: (Google Wallet) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-08]
CHR Extension: (Gmail) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-08]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [211072 2012-08-07] (Qualcomm Atheros Commnucations) [File not signed]
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1337240 2013-08-19] (ESET)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2451456 2012-07-14] (Realsil Microelectronics Inc.) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6889232 2015-12-14] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [15440 2012-07-26] (Microsoft Corporation)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-08-07] (Atheros) [File not signed]
S2 Winmgmt; C:\PROGRA~3\17BB26.dot [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-08-07] (Qualcomm Atheros)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [239320 2013-08-20] (ESET)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3295984 2012-07-26] (Broadcom Corporation)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [239296 2013-08-26] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [168256 2013-08-20] (ESET)
R2 epfw; C:\Windows\system32\DRIVERS\epfw.sys [220232 2013-08-20] (ESET)
R1 EpfwLWF; C:\Windows\system32\DRIVERS\EpfwLWF.sys [44120 2013-08-20] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [62136 2013-08-20] (ESET)
S3 lehidmini; C:\Windows\System32\drivers\leath_hid.sys [39704 2012-08-07] (Atheros)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
S3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [269968 2012-07-03] (Realtek Semiconductor Corp.)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-11] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-11] (Synaptics Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [34216 2012-07-26] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [258288 2012-07-26] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20288 2012-08-03] (Hewlett-Packard Development Company, L.P.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-27 21:34 - 2015-12-27 21:35 - 00017730 _____ C:\Users\Uzivatel\Desktop\FRST.txt
2015-12-27 21:33 - 2015-12-27 21:33 - 02370560 _____ (Farbar) C:\Users\Uzivatel\Desktop\FRST64.exe
2015-12-27 21:32 - 2015-12-27 21:34 - 00000000 ____D C:\FRST
2015-12-27 21:18 - 2015-12-27 21:19 - 00000000 ____D C:\Program Files\trend micro
2015-12-27 21:14 - 2015-12-27 21:30 - 00000000 ____D C:\rsit
2015-12-27 20:53 - 2015-12-27 21:14 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-12-27 20:40 - 2015-12-27 20:40 - 00001102 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-12-27 20:40 - 2015-12-27 20:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-12-27 20:40 - 2015-12-27 20:40 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-12-27 20:40 - 2015-12-27 20:40 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-12-27 20:40 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-12-27 20:40 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-12-27 20:40 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-12-27 20:02 - 2014-05-15 02:02 - 00059424 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-12-27 20:02 - 2014-05-14 23:43 - 03286528 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-12-27 20:02 - 2014-05-14 23:43 - 01623040 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-12-27 20:02 - 2014-05-14 23:43 - 00253440 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-12-27 20:02 - 2014-05-14 23:42 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2015-12-27 20:01 - 2013-08-16 06:21 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-12-27 20:01 - 2012-11-06 05:20 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wuaext.dll
2015-12-27 20:01 - 2012-11-06 05:00 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\wushareduxresources.dll
2015-12-27 19:56 - 2015-12-27 19:56 - 00001043 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2015-12-27 19:28 - 2015-12-27 19:28 - 00000000 ___RD C:\Users\Uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2015-12-27 15:02 - 2015-12-27 15:07 - 00000000 ___HD C:\Windows\AxInstSV
2015-12-22 14:39 - 2015-12-22 14:39 - 00088689 _____ C:\Users\Uzivatel\Downloads\FS@x0541548@ntctxxa41021@39842d20-86c7-47d5-90bc-79957bab6ea4-0.zip
2015-12-02 06:58 - 2015-12-27 21:03 - 00000978 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d12cc6853e79f8.job
2015-12-02 06:58 - 2015-12-02 06:58 - 00003950 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1d12cc6853e79f8
2015-11-28 19:38 - 2015-11-28 19:38 - 00000000 ____D C:\Users\Uzivatel\AppData\Roaming\WebApp
2015-11-28 16:28 - 2015-11-28 19:08 - 00000000 ____D C:\Users\Public\CyberLink
2015-11-28 16:28 - 2015-11-28 16:28 - 00000000 ____D C:\Users\Uzivatel\Documents\CyberLink

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-27 21:32 - 2012-07-26 06:37 - 00000000 ____D C:\Windows
2015-12-27 21:30 - 2014-08-16 22:09 - 00000000 ____D C:\Users\Uzivatel\AppData\Roaming\ClassicShell
2015-12-27 21:07 - 2015-07-18 09:52 - 00000978 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0c1371d55fff8.job
2015-12-27 21:03 - 2015-09-17 18:02 - 00000978 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0f16aa754c22a.job
2015-12-27 20:54 - 2013-09-28 07:37 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-499196328-2034053931-3112587965-1001
2015-12-27 20:51 - 2014-09-08 10:17 - 00000978 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-27 20:40 - 2012-07-26 08:59 - 00000000 ____D C:\Windows\CbsTemp
2015-12-27 20:34 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\rescache
2015-12-27 19:56 - 2014-08-17 09:01 - 00000000 ____D C:\Users\Uzivatel\AppData\Roaming\TeamViewer
2015-12-27 19:56 - 2014-08-17 09:01 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-12-27 19:29 - 2014-09-08 10:17 - 00000974 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-27 19:20 - 2014-02-16 16:51 - 00000362 _____ C:\Windows\Tasks\HPCeeScheduleForUzivatel.job
2015-12-27 19:20 - 2012-07-26 08:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-27 19:19 - 2012-07-26 06:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-12-27 15:48 - 2013-10-03 01:35 - 00003982 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{20839C32-24CA-43A1-A942-FDFB4A477661}
2015-12-27 15:06 - 2014-06-04 06:00 - 00000000 ____D C:\Windows\Minidump
2015-12-27 15:06 - 2013-10-26 15:56 - 00000000 ____D C:\Users\Uzivatel\AppData\Local\CrashDumps
2015-12-27 15:06 - 2012-07-26 06:37 - 00000000 ____D C:\Windows\Inf
2015-12-26 16:17 - 2012-07-26 09:12 - 00000000 ___HD C:\Program Files\WindowsApps
2015-12-26 16:17 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\AUInstallAgent
2015-12-21 14:38 - 2015-10-17 20:29 - 00003348 _____ C:\Windows\System32\Tasks\ESET Windows 10 upgrade – Refresh settings
2015-12-03 16:53 - 2014-02-16 16:51 - 00003182 _____ C:\Windows\System32\Tasks\HPCeeScheduleForUzivatel
2015-12-03 16:53 - 2013-09-28 07:27 - 00000000 ____D C:\Users\Uzivatel
2015-12-02 06:58 - 2015-09-17 18:02 - 00003950 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1d0f16aa754c22a
2015-12-02 06:58 - 2015-09-02 12:55 - 00003714 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1d0e57639a6a08d
2015-12-02 06:58 - 2015-09-02 12:55 - 00000974 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0e57639a6a08d.job
2015-11-28 16:28 - 2013-09-29 11:40 - 00000000 ____D C:\Users\Uzivatel\AppData\Roaming\CyberLink

==================== Files in the root of some directories =======

2014-07-31 17:06 - 2014-07-31 17:07 - 0000116 _____ () C:\ProgramData\RUNDLL32.EXE-2092-F.txt
2014-07-31 17:00 - 2014-07-31 17:00 - 0000823 _____ () C:\ProgramData\RUNDLL32.EXE-3464-F.txt
2014-07-31 16:54 - 2014-07-31 16:54 - 0000120 _____ () C:\ProgramData\RUNDLL32.EXE-5188-F.txt
2014-07-31 16:33 - 2014-07-31 16:52 - 0046749 _____ () C:\ProgramData\RUNDLL32.EXE-6056-F.txt
2014-07-31 18:04 - 2014-07-31 18:15 - 0008943 _____ () C:\ProgramData\RUNDLL32.EXE-6588-F.txt
2014-07-31 17:08 - 2014-07-31 17:10 - 0001212 _____ () C:\ProgramData\RUNDLL32.EXE-8600-F.txt
2014-07-31 17:19 - 2014-07-31 17:20 - 0001160 _____ () C:\ProgramData\RUNDLL32.EXE-8732-F.txt

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


ATTENTION: ==> Could not access BCD.


LastRegBack: 2015-12-13 16:02

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version:27-12-2015
Ran by Uzivatel (2015-12-27 21:36:50)
Running from C:\Users\Uzivatel\Desktop
Windows 8 (X64) (2013-09-28 06:27:54)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-499196328-2034053931-3112587965-500 - Administrator - Disabled)
Guest (S-1-5-21-499196328-2034053931-3112587965-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-499196328-2034053931-3112587965-1003 - Limited - Enabled)
Uzivatel (S-1-5-21-499196328-2034053931-3112587965-1001 - Administrator - Enabled) => C:\Users\Uzivatel

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)


==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.4.634 - Adobe Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brother MFL-Pro Suite DCP-1610W series (HKLM-x32\...\{75E38F04-1BAF-4054-A059-57F831688943}) (Version: 1.0.2.0 - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1.5407 - CyberLink Corp.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.1916 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.1.1926 - CyberLink Corp.)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.6.4319 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.4.5527 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Energy Star (HKLM\...\{0FA995CC-C849-4755-B14B-5404CC75DC24}) (Version: 1.0.8 - Hewlett-Packard)
EPSON Copy Utility 3 (HKLM-x32\...\{67EDD823-135A-4D59-87BD-950616D6E857}) (Version: 3.3.0.0 - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - )
EPSON Stylus CX7300_CX8300_DX7400_DX8400 Manuál (HKLM-x32\...\EPSON Stylus CX7300_CX8300_DX7400_DX8400 Uživatelská příručka) (Version: - )
ESET Smart Security (HKLM\...\{4A14DD4A-906A-4B04-A80C-6C589CDBE253}) (Version: 7.0.207.9 - ESET, spol s r. o.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7210.1528 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Honeyview (HKLM\...\Honeyview) (Version: 5.02 - Bandisoft.com)
HP Documentation (HKLM-x32\...\{8E7CB625-076C-4812-87B9-A2695C2CFABF}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Quick Launch (HKLM-x32\...\{4ED7050C-9332-4FB2-AB07-E94F25A53D39}) (Version: 3.0.3 - Hewlett-Packard Company)
HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{A3B77E0C-B157-4521-BAF1-C0E69F3D3204}) (Version: 4.6.8.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Utility Center (HKLM-x32\...\{0C57987A-A03A-4B95-A309-D23F78F406CA}) (Version: 1.0.7 - Hewlett-Packard)
HP Wireless Button Driver (HKLM-x32\...\{941DE69D-6CEE-4171-8F1F-3D7E352AA498}) (Version: 1.0.5.1 - Hewlett-Packard Company)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2828 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
Malwarebytes Anti-Malware verze 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft Office 2010 pro studenty a domácnosti (HKLM\...\Office14.SingleImage) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.206 - Název společnosti:)
Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.29029 - Realtek Semiconductor Corp.)
Software tiskárny EPSON (HKLM\...\EPSON Printer and Utilities) (Version: - )
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.10.12 - Synaptics Incorporated)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.53254 - TeamViewer)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
XP Skin Pack 1.0-Win8X64 (HKLM-x32\...\XP Skin Pack) (Version: 1.0-Win8X64 - SkinPack)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-499196328-2034053931-3112587965-1001_Classes\CLSID\{9B6D38F3-8EF4-48A5-AD30-FFFFFFFFFFFF}\InprocServer32 -> C:\Program Files\Honeyview\HVShell64.dll (Bandisoft.com)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1A41C239-0A74-44C8-8EFE-398FF0192641} - System32\Tasks\ESET Windows 10 upgrade – Refresh settings => C:\Program Files\Common Files\AV\ESET Smart Security 7.0\upgrade.exe [2015-11-23] (ESET)
Task: {24ECFBBF-D000-46E2-A5C4-AD8B088F3B7C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
Task: {4C86A3D1-A80B-4188-892C-4784840929AD} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2013-09-28] ()
Task: {58415D40-E845-4D7B-A8A4-1F48A0A2026F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-02] (Google Inc.)
Task: {5E7705A7-D27D-49FB-A2A5-8818D965E089} - System32\Tasks\HPCeeScheduleForUzivatel => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard)
Task: {7FB29C97-572F-4475-A151-6CF7331DF593} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-02] (Google Inc.)
Task: {875F29B4-CAE0-4716-A438-7FA8A04727C9} - System32\Tasks\GoogleUpdateTaskMachineCore1d0e57639a6a08d => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-02] (Google Inc.)
Task: {88F30FCA-5DF1-49E3-B293-C7DE3D866190} - System32\Tasks\GoogleUpdateTaskMachineUA1d0f16aa754c22a => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-02] (Google Inc.)
Task: {9A444491-6EAF-45ED-8B80-727C17AA731D} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-08] (CyberLink)
Task: {ACFD06EB-6AA6-4FBC-927B-F0E9D1C49A04} - System32\Tasks\GoogleUpdateTaskMachineUA1d0907dfa7784ed => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-02] (Google Inc.)
Task: {B77D8BDE-8C42-4B1E-B7ED-13EF45596AF8} - System32\Tasks\GoogleUpdateTaskMachineUA1d0c1371d55fff8 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-02] (Google Inc.)
Task: {EF612DB0-D4DF-4B66-B57A-9F0C39C9439B} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-07-27] (CyberLink)
Task: {FE197AAE-E698-4266-881F-BBFDA0C5CE2D} - System32\Tasks\GoogleUpdateTaskMachineUA1d12cc6853e79f8 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-02] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0e57639a6a08d.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0907dfa7784ed.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0c1371d55fff8.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0f16aa754c22a.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d12cc6853e79f8.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForUzivatel.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2012-08-08 21:17 - 2012-08-08 21:17 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-08-07 17:15 - 2012-08-07 17:15 - 00384128 _____ () C:\Program Files (x86)\Bluetooth Suite\ContactsApi.dll
2012-08-07 17:10 - 2012-08-07 17:10 - 00021504 _____ () C:\Program Files (x86)\Bluetooth Suite\L10n\cs-CZ\BtTray.cs-CZ.dll
2014-12-23 09:04 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2012-09-18 11:11 - 2012-06-26 10:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2012-09-18 11:28 - 2012-06-08 04:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 10:34 - 2012-06-08 10:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-499196328-2034053931-3112587965-1001\...\mojebanka.cz -> hxxps://etrading.mojebanka.cz

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-26 06:26 - 2012-07-26 06:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-499196328-2034053931-3112587965-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-499196328-2034053931-3112587965-1001\...\StartupApproved\Run: => "swg"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{DF694C70-8B15-4C04-9D0C-73AC6B6E46E6}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{DF967FDE-567D-4D5E-BF12-AC161B454570}] => (Allow) LPort=2869
FirewallRules: [{6B295F2C-6CE5-4FCB-9081-0C3244F41891}] => (Allow) LPort=1900
FirewallRules: [{A3B33414-C4C8-4B2C-97A2-0968C824A44A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{9255A262-1DD6-448E-A834-612D98E7F9EB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{52C1B457-7809-44C3-8848-932CC73FFB32}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E69C1899-E637-4C42-93D7-57824072CC3A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{CFD2ADFC-09E3-46C0-A583-657FFCE1EBCC}] => (Allow) C:\Program Files (x86)\Bluetooth Suite\Btvstack.exe
FirewallRules: [{EDE75C16-A939-4279-A881-F59B6BC97B46}] => (Allow) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
FirewallRules: [{D54249C1-9495-4B1E-B3CE-B71D6658C179}] => (Allow) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
FirewallRules: [{4142A87E-F1CC-455C-A351-4AA06B8CDA3B}] => (Allow) C:\Program Files (x86)\Bluetooth Suite\Win7Ui.exe
FirewallRules: [{5D46112A-D5E3-44D5-80C8-FBA6F65212E9}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{1B5476D4-2762-42D6-83B6-0441A8FF5948}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{EA76FF8B-F88C-4A94-958C-EC6E080E23D2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{7698A8F2-D971-4916-A4EB-8AAD741DA59C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{0DB404C8-B2E8-4F44-B923-E3BE5DA89E2C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{0AE475DD-2B12-40EB-ADDD-7D0C684043A3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

==================== Restore Points =========================

Could not list restore points
Check "winmgmt" service or repair WMI.


==================== Faulty Device Manager Devices =============

Could not list Devices. Check "winmgmt" service or repair WMI.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/27/2015 07:27:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: HPWMISVC.exe, verze: 3.0.1.0, časové razítko: 0x4ffa6477
Název chybujícího modulu: HPWMISVC.exe, verze: 3.0.1.0, časové razítko: 0x4ffa6477
Kód výjimky: 0xc0000005
Posun chyby: 0x000018ae
ID chybujícího procesu: 0x7fc
Čas spuštění chybující aplikace: 0xHPWMISVC.exe0
Cesta k chybující aplikaci: HPWMISVC.exe1
Cesta k chybujícímu modulu: HPWMISVC.exe2
ID zprávy: HPWMISVC.exe3
Úplný název chybujícího balíčku: HPWMISVC.exe4
ID aplikace související s chybujícím balíčkem: HPWMISVC.exe5

Error: (12/27/2015 07:20:13 PM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhostex (1728) WebCacheLocal: Při otevírání souboru protokolu C:\Users\Uzivatel\AppData\Local\Microsoft\Windows\WebCache\V0102DD0.log došlo k chybě -1811 (0xfffff8ed).

Error: (12/24/2015 10:30:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: iexplore.exe, verze: 10.0.9200.16384, časové razítko: 0x50107ebe
Název chybujícího modulu: MSHTML.dll, verze: 10.0.9200.16390, časové razítko: 0x501b50ab
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000ae00e
ID chybujícího procesu: 0x1b60
Čas spuštění chybující aplikace: 0xiexplore.exe0
Cesta k chybující aplikaci: iexplore.exe1
Cesta k chybujícímu modulu: iexplore.exe2
ID zprávy: iexplore.exe3
Úplný název chybujícího balíčku: iexplore.exe4
ID aplikace související s chybujícím balíčkem: iexplore.exe5

Error: (12/24/2015 10:29:31 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: iexplore.exe, verze: 10.0.9200.16384, časové razítko: 0x50107ebe
Název chybujícího modulu: ntdll.dll, verze: 6.2.9200.16384, časové razítko: 0x5010acd2
Kód výjimky: 0xc0000374
Posun chyby: 0x00000000000ea2b9
ID chybujícího procesu: 0x1cb0
Čas spuštění chybující aplikace: 0xiexplore.exe0
Cesta k chybující aplikaci: iexplore.exe1
Cesta k chybujícímu modulu: iexplore.exe2
ID zprávy: iexplore.exe3
Úplný název chybujícího balíčku: iexplore.exe4
ID aplikace související s chybujícím balíčkem: iexplore.exe5

Error: (12/21/2015 11:24:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: iexplore.exe, verze: 10.0.9200.16384, časové razítko: 0x50107ebe
Název chybujícího modulu: igd10umd64.dll, verze: 9.17.10.2828, časové razítko: 0x501854b5
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000073561
ID chybujícího procesu: 0x1638
Čas spuštění chybující aplikace: 0xiexplore.exe0
Cesta k chybující aplikaci: iexplore.exe1
Cesta k chybujícímu modulu: iexplore.exe2
ID zprávy: iexplore.exe3
Úplný název chybujícího balíčku: iexplore.exe4
ID aplikace související s chybujícím balíčkem: iexplore.exe5

Error: (12/16/2015 06:27:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: iexplore.exe, verze: 10.0.9200.16384, časové razítko: 0x50107ebe
Název chybujícího modulu: igd10umd64.dll, verze: 9.17.10.2828, časové razítko: 0x501854b5
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000073561
ID chybujícího procesu: 0x13a4
Čas spuštění chybující aplikace: 0xiexplore.exe0
Cesta k chybující aplikaci: iexplore.exe1
Cesta k chybujícímu modulu: iexplore.exe2
ID zprávy: iexplore.exe3
Úplný název chybujícího balíčku: iexplore.exe4
ID aplikace související s chybujícím balíčkem: iexplore.exe5

Error: (12/15/2015 04:41:20 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (12/14/2015 07:05:56 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (12/14/2015 10:07:24 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: iexplore.exe, verze: 10.0.9200.16384, časové razítko: 0x50107ebe
Název chybujícího modulu: igd10umd64.dll, verze: 9.17.10.2828, časové razítko: 0x501854b5
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000073561
ID chybujícího procesu: 0x1508
Čas spuštění chybující aplikace: 0xiexplore.exe0
Cesta k chybující aplikaci: iexplore.exe1
Cesta k chybujícímu modulu: iexplore.exe2
ID zprávy: iexplore.exe3
Úplný název chybujícího balíčku: iexplore.exe4
ID aplikace související s chybujícím balíčkem: iexplore.exe5

Error: (12/14/2015 09:57:06 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: iexplore.exe, verze: 10.0.9200.16384, časové razítko: 0x50107ebe
Název chybujícího modulu: igd10umd64.dll, verze: 9.17.10.2828, časové razítko: 0x501854b5
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000073561
ID chybujícího procesu: 0xc78
Čas spuštění chybující aplikace: 0xiexplore.exe0
Cesta k chybující aplikaci: iexplore.exe1
Cesta k chybujícímu modulu: iexplore.exe2
ID zprávy: iexplore.exe3
Úplný název chybujícího balíčku: iexplore.exe4
ID aplikace související s chybujícím balíčkem: iexplore.exe5


System errors:
=============
Error: (12/27/2015 09:50:59 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba WMI byla ukončena s následující chybou:
%%126

Error: (12/27/2015 09:50:59 PM) (Source: DCOM) (EventID: 10010) (User: MARES-HP)
Description: {8BC3F05E-D86B-11D0-A075-00C04FB68820}

Error: (12/27/2015 09:48:59 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba WMI byla ukončena s následující chybou:
%%126

Error: (12/27/2015 09:48:59 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {8BC3F05E-D86B-11D0-A075-00C04FB68820}

Error: (12/27/2015 09:46:59 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba WMI byla ukončena s následující chybou:
%%126

Error: (12/27/2015 09:46:59 PM) (Source: DCOM) (EventID: 10010) (User: MARES-HP)
Description: {8BC3F05E-D86B-11D0-A075-00C04FB68820}

Error: (12/27/2015 09:44:59 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba WMI byla ukončena s následující chybou:
%%126

Error: (12/27/2015 09:44:59 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {8BC3F05E-D86B-11D0-A075-00C04FB68820}

Error: (12/27/2015 09:42:59 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba WMI byla ukončena s následující chybou:
%%126

Error: (12/27/2015 09:42:51 PM) (Source: DCOM) (EventID: 10010) (User: MARES-HP)
Description: {8BC3F05E-D86B-11D0-A075-00C04FB68820}


==================== Memory info ===========================

Processor: Intel(R) Pentium(R) CPU B980 @ 2.40GHz
Percentage of memory in use: 69%
Total physical RAM: 3983.27 MB
Available physical RAM: 1227.39 MB
Total Virtual: 4687.27 MB
Available Virtual: 1628.17 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:451.39 GB) (Free:391.64 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (RECOVERY) (Fixed) (Total:13.6 GB) (Free:1.81 GB) NTFS ==>[system with boot components (obtained from drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 55E476F6)

Partition: GPT.

==================== End of Addition.txt ============================

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

Bohužel se mi to nedaří. Windows měl zakázané updaty, povolil jsem je a od té doby jsem k pc ztratil přístup - pracoval cca 6 hodin na updatech, ale při restartu u balíčku 112 z 180 se restartoval a již nenaběhl, reaguje pouze na tvrdé vypnutí, po zapnutí je vidět jen černá obrazovka a po cca 15 vteřinách začne blikat, systém ale nenaběhne. Dá se dostat do konzole, kde mám 4 body obnovy, bohužel všechny pokusy končí chybou Chybová zpráva 0x80070057. Zkoušel jsem ještě najet do nouzového režimu, ale opět systém zamrzne na černé obrazovce a je konec

Šlo by s tím něco udělat tím že vyndám disk z NB a připojím ho pomocí usb šuplíku do funkčního pc se systémem? Udělám si alespoň 1:1 zálohu a možná bych pak mohl udělat částečnou obnovu a nebo tovární nastavení.

Můžete zkusit opravu startu systému z instalačky. Pokud se to nepodaří, nezbude, než záloha a reinstal.