Prosím o preventivní kontrolu

[hanysek99]

Dobrý den, prosím o preventivní kontrolu mého NTB.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Honza at 2016-03-13 14:55:01
Microsoft Windows 8.1
System drive C: has 47 GB (23%) free of 201 GB
Total RAM: 8104 MB (68% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:55:06, on 13. 3. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvTrayLoad.exe
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE
C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvController.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Honza.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file)
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file)
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel Bluetooth Service (ibtsiva) - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Update Manager (iumsvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: LenovoSetSvr - Lenovo(beijing) Limited - C:\Program Files (x86)\Lenovo\Lenovo Settings\LenovoSetSvr.exe
O23 - Service: Lenovo WiFiHotspot Service (LenovoWiFiHotspotSvr) - Unknown owner - C:\Windows\System32\LenovoWiFiHotspotSvr.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: LsvUIService - Lenovo - C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe
O23 - Service: LUService - Lenovo(beijing) Limited - C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe
O23 - Service: Maxthon Core Update Service (MaxthonUpdateSvc) - Maxthon - C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: PGService - PointGrab LTD - C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe
O23 - Service: PG_Service_Launcher - PointGrab LTD - C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe
O23 - Service: Lenovo PhoneCompanionPusher Service (PhoneCompanionPusher) - Lenovo - C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
O23 - Service: Lenovo PhoneCompanionVap Service (PhoneCompanionVap) - Lenovo - C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe
O23 - Service: PnkBstrA - Unknown owner - C:\windows\system32\PnkBstrA.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TESHelper - Lenovo - c:\Program Files\Common Files\Lenovo\Magic Transfer\x64\MagicTransferTESHelper.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: VeriFaceSrv - Unknown owner - C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 12068 bytes

======Listing Processes======





wininit.exe


C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
winlogon.exe
"dwm.exe"
"C:\windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\windows\system32\nvvsvc.exe -session -first
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\igfxCUIService.exe
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\System32\svchost.exe -k utcsvc
"C:\Program Files\Elantech\ETDService.exe"
dashost.exe {5b51b674-db4b-4a95-aa2698a02d7d0c06}
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe"
"C:\Program Files (x86)\Lenovo\Lenovo Settings\LenovoSetSvr.exe"
C:\Windows\System32\LenovoWiFiHotspotSvr.exe
"C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe"
"C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe"
"C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe"
"C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe"
"C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe"
C:\windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Lenovo\Motion Control\WebcamSplitterServer.exe" -Embedding
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
"C:\Program Files\CyberLink\Shared files\RichVideo64.exe"
"C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe"
C:\windows\system32\svchost.exe -k imgsvc

"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\system32\wbem\wmiprvse.exe

C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-0e19a9a7-77d5-4e15-852d-a089d958a426 -SystemEventPortName:HostProcess-908466e0-a0e1-4116-8957-880a08603efe -IoCancelEventPortName:HostProcess-1f593e46-687d-4123-aa80-139fc09c963d -NonStateChangingEventPortName:HostProcess-bd9e2ff1-680d-4c75-b220-0f11983330cf -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:0ca97f84-771c-439f-8b4f-7481c7f5d4c7 -DeviceGroupId:WudfDefaultDevicePool
"C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe"
C:\windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Elantech\ETDCtrl.exe"
taskhostex.exe
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe" serviceapp
\??\C:\windows\system32\conhost.exe 0x4
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\windows\Explorer.EXE
C:\windows\system32\SearchIndexer.exe /Embedding
igfxHK.exe
igfxTray.exe
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files\Elantech\ETDIntelligent.exe"
"C:\windows\system32\igfxEM.exe" -Embedding
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\FMAPP.exe"
"C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe" -start
"C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe"
"C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\windows\system32\GWX\GWX.exe"
"C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvTrayLoad.exe" /AutoRun
"C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE"
"C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvController.exe" -run
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\windows\system32\wuauclt.exe"
C:\windows\system32\DllHost.exe /Processid:{BA126F01-2166-11D1-B1D0-00805FC1270E}
C:\windows\system32\WLANExt.exe 365901833392
\??\C:\windows\system32\conhost.exe 0x4
adb fork-server server
C:\windows\system32\DllHost.exe /Processid:{478B41E6-3257-4519-BDA8-E971F9843849}
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4156.0.763687320\908134200" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,24,52 --gpu-vendor-id=0x8086 --gpu-device-id=0x0416 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.3540 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Disabled/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/14DaySingleProfile/*DataReductionProxyConfigService/Control_Enabled/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/*SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="4156.12.1927550559\441817979" --font-cache-shared-handle=720 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Disabled/*AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/14DaySingleProfile/*DataReductionProxyConfigService/Control_Enabled/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/*SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="4156.22.449477039\285375411" --font-cache-shared-handle=4992 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Disabled/*AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/14DaySingleProfile/*DataReductionProxyConfigService/Control_Enabled/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/*SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="4156.23.1022979878\1088178156" --font-cache-shared-handle=5452 /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Disabled/*AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/14DaySingleProfile/*DataReductionProxyConfigService/Control_Enabled/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/*SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="4156.27.1861355744\90469409" --font-cache-shared-handle=5392 /prefetch:673131151
"C:\Program Files\Windows Defender\MpCmdRun.exe" SpyNetServiceDss -RestrictPrivileges -AccessKey 0DD68A3C-F288-7D72-DC96-3071DBB8E40F -Reinvoke

C:\windows\system32\wbem\wmiprvse.exe
C:\windows\System32\svchost.exe -k WerSvcGroup
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe19_ Global\UsGthrCtrlFltPipeMssGthrPipe19 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 576 580 588 65536 584
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Disabled/*AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/14DaySingleProfile/*DataReductionProxyConfigService/Control_Enabled/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/*SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="4156.36.1971757296\1565896198" --font-cache-shared-handle=4248 /prefetch:673131151
"C:\Users\Honza\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskMachineCore1cfe9669b600e6.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\windows\tasks\GoogleUpdateTaskMachineUA1cfe9669d8832d.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-01-12 228552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL [2016-01-12 2348336]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files (x86)\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [2001-04-16 37808]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-01-12 163016]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2016-01-12 1741104]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-12-09 2771576]
"ShadowPlay"=C:\windows\system32\nvspcap64.dll [2015-12-09 1846016]
"RtsFT"=C:\windows\RTFTrack.exe [2014-01-21 6340312]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2014-03-12 3276104]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-02-24 13667032]
"OnekeyStudio"=C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [2012-09-14 4196432]
"PhoneCompanion"=C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [2014-06-14 836592]
"Energy Manager"=C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [2014-06-14 16094704]
"Lenovo Utility"=C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [2014-06-14 10841584]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-12-12 7394584]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0
"NoFolderOptions"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-03-13 14:51:06 ----D---- C:\Program Files\trend micro
2016-03-13 14:51:05 ----D---- C:\rsit
2016-03-05 21:54:56 ----D---- C:\Program Files (x86)\Microsoft Games
2016-02-26 17:24:33 ----D---- C:\BDS
2016-02-16 20:29:26 ----D---- C:\Program Files (x86)\GameSpy Arcade
2016-02-16 17:30:28 ----D---- C:\AdwCleaner

======List of files/folders modified in the last 1 month======

2016-03-13 14:51:18 ----D---- C:\windows\Prefetch
2016-03-13 14:51:06 ----RD---- C:\Program Files
2016-03-13 14:50:47 ----D---- C:\windows\Temp
2016-03-13 14:34:58 ----D---- C:\windows\Microsoft.NET
2016-03-13 14:34:57 ----D---- C:\windows\debug
2016-03-13 14:00:00 ----D---- C:\windows\system32\sru
2016-03-13 13:58:08 ----D---- C:\Users\Honza\AppData\Roaming\DAEMON Tools Lite
2016-03-13 13:58:08 ----D---- C:\Program Files (x86)\Steam
2016-03-13 13:58:04 ----RAD---- C:\windows\System32
2016-03-13 13:58:04 ----D---- C:\windows\Inf
2016-03-13 13:58:04 ----AD---- C:\Windows
2016-03-13 13:56:24 ----D---- C:\windows\system32\NDF
2016-03-13 10:36:04 ----A---- C:\windows\system32\PerfStringBackup.INI
2016-03-13 10:32:28 ----D---- C:\ProgramData\NVIDIA
2016-03-11 21:06:00 ----D---- C:\Users\Honza\AppData\Roaming\Skype
2016-03-11 17:04:53 ----D---- C:\windows\AppReadiness
2016-03-09 18:48:15 ----D---- C:\Users\Honza\AppData\Roaming\Tropico 4
2016-03-09 16:38:02 ----HD---- C:\Program Files\WindowsApps
2016-03-09 16:32:31 ----D---- C:\windows\system32\config
2016-03-06 18:11:31 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2016-03-06 18:11:30 ----SHD---- C:\System Volume Information
2016-03-06 18:08:30 ----RD---- C:\Program Files (x86)
2016-03-06 18:07:44 ----D---- C:\windows\system32\Tasks
2016-03-05 21:53:55 ----SD---- C:\Users\Honza\AppData\Roaming\Microsoft
2016-03-05 17:25:34 ----D---- C:\windows\SoftwareDistribution
2016-03-05 16:34:47 ----D---- C:\windows\Logs
2016-03-05 16:07:29 ----SHD---- C:\windows\Installer
2016-03-05 15:32:28 ----D---- C:\Games
2016-03-01 19:31:22 ----D---- C:\ProgramData\NVIDIA Corporation
2016-02-28 09:27:13 ----D---- C:\windows\WinSxS
2016-02-26 17:27:07 ----RSD---- C:\windows\assembly
2016-02-26 17:24:51 ----D---- C:\windows\system32\catroot2
2016-02-20 15:32:54 ----D---- C:\Program Files (x86)\AGEIA Technologies
2016-02-20 15:32:50 ----D---- C:\windows\SysWOW64
2016-02-17 20:17:27 ----D---- C:\ProgramData\Skype
2016-02-16 17:31:26 ----HD---- C:\ProgramData
2016-02-16 17:31:26 ----D---- C:\windows\system32\log
2016-02-16 17:27:44 ----D---- C:\windows\ModemLogs
2016-02-16 11:48:51 ----D---- C:\windows\system32\DriverStore

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStorA;iaStorA; C:\windows\System32\drivers\iaStorA.sys [2014-03-26 645992]
R1 dtsoftbus01;@oem40.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\windows\System32\drivers\dtsoftbus01.sys [2014-08-06 283064]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\windows\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R3 ACPIVPC;@oem37.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\windows\System32\drivers\AcpiVpc.sys [2014-06-14 35576]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2015-06-09 81920]
R3 ETD;@oem31.inf,%PS2DeviceDesc%;ELAN PS/2 Port Input Device; C:\windows\system32\DRIVERS\ETD.sys [2014-03-12 401160]
R3 ETDSMBus;ETDSMBus; C:\windows\system32\DRIVERS\ETDSMBus.sys [2014-03-11 24904]
R3 ibtusb;@oem15.inf,%ibtusb.SVCDESC_IBT%;Intel(R) Wireless Bluetooth(R); C:\windows\system32\DRIVERS\ibtusb.sys [2014-12-12 231152]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2014-04-16 3785216]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2014-03-11 3891800]
R3 IntcDAud;@oem7.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2014-04-16 450520]
R3 iwdbus;@oem10.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\windows\System32\drivers\iwdbus.sys [2014-03-26 27032]
R3 MBAMProtector;MBAMProtector; \??\C:\windows\system32\drivers\mbam.sys [2015-10-05 25816]
R3 MEIx64;@oem5.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\windows\system32\DRIVERS\TeeDriverx64.sys [2013-09-16 99288]
R3 NETwNb64;@oem51.inf,%NIC_Service_DispName_WINB_64%;Ovladač adaptéru Intel(R) Wireless pro systém Windows 8.1 64 Bit; C:\windows\system32\DRIVERS\Netwbw02.sys [2015-03-09 3494680]
R3 nvlddmkm;nvlddmkm; C:\windows\system32\DRIVERS\nvlddmkm.sys [2015-11-16 11105936]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-12-09 19576]
R3 nvvad_WaveExtensible;@oem52.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\windows\system32\drivers\nvvad64v.sys [2015-08-11 50472]
R3 RTL8168;@oem13.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\windows\system32\DRIVERS\Rt630x64.sys [2013-08-15 830680]
R3 RTSPER;@oem14.inf,%Rts5227PER%;Realtek PCIE Card Reader - PER; C:\windows\system32\DRIVERS\RtsPer.sys [2013-10-24 444632]
R3 rtsuvc;@oem21.inf,%rtsuvc.DeviceDesc%;Lenovo EasyCamera; C:\windows\system32\DRIVERS\rtsuvc.sys [2014-01-21 9105624]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\windows\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\windows\System32\drivers\BthEnum.sys [2015-06-09 53248]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\windows\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Zařízení Bluetooth (síť PAN); C:\windows\System32\drivers\bthpan.sys [2015-07-10 118272]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2015-06-09 1201664]
S3 dg_ssudbus;@oem44.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudbus.sys [2015-05-21 110720]
S3 e1iexpress;@net1ic64.inf,%e1iExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\windows\system32\DRIVERS\e1i63x64.sys [2013-06-18 460288]
S3 intaud_WaveExtensible;@oem9.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\windows\system32\drivers\intelaud.sys [2014-03-26 38296]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\windows\system32\drivers\mwac.sys [2015-10-05 64216]
S3 NETwNe64;@netwew02.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit; C:\windows\system32\DRIVERS\NETwew02.sys [2013-06-18 4649440]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Zařízení Bluetooth (RFCOMM protokol TDI); C:\windows\System32\drivers\rfcomm.sys [2015-01-30 167424]
S3 ssudmdm;@oem45.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudmdm.sys [2015-05-21 206080]
S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\windows\System32\Drivers\usbvideo.sys [2014-06-21 212736]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\windows\System32\svchost.exe [2014-10-29 38792]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2013-10-15 101680]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2014-11-19 638368]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-12-09 1156216]
R2 ibtsiva;Intel Bluetooth Service; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [2014-12-12 125168]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\windows\system32\igfxCUIService.exe [2014-04-16 296432]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-09-16 131544]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-09-16 169432]
R2 LenovoSetSvr;LenovoSetSvr; C:\Program Files (x86)\Lenovo\Lenovo Settings\LenovoSetSvr.exe [2014-06-14 389680]
R2 LenovoWiFiHotspotSvr;Lenovo WiFiHotspot Service; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [2014-06-14 198192]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-09-16 390616]
R2 LsvUIService;LsvUIService; C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe [2014-06-14 70416]
R2 MaxthonUpdateSvc;Maxthon Core Update Service; C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [2015-11-27 1872808]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-12-09 1872504]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2015-12-09 6477432]
R2 nvsvc;NVIDIA Display Driver Service; C:\windows\system32\nvvsvc.exe [2015-10-15 1255544]
R2 PG_Service_Launcher;PG_Service_Launcher; C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe [2014-02-26 512776]
R2 PGService;PGService; C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [2014-02-26 167176]
R2 PhoneCompanionPusher;Lenovo PhoneCompanionPusher Service; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [2014-06-14 288240]
R2 PnkBstrA;PnkBstrA; C:\windows\syswow64\PnkBstrA.exe [2015-11-30 75064]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2014-11-19 157088]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2012-04-24 390632]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [2015-05-21 743688]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-10-15 417400]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-03-18 43696]
R3 NvStreamNetworkSvc;NVIDIA Streamer Network Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [2015-12-09 8185464]
R3 VeriFaceSrv;VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe [2014-06-14 68880]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S2 LUService;LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [2014-04-21 37624]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-10-05 1135416]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\windows\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\windows\SysWow64\IntelCpHeciSvc.exe [2014-04-16 279024]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 iumsvc;Intel(R) Update Manager; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25 178312]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2014-11-19 268192]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 178760]
S3 PhoneCompanionVap;Lenovo PhoneCompanionVap Service; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [2014-06-14 308720]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-03-10 835152]
S3 TESHelper;TESHelper; c:\Program Files\Common Files\Lenovo\Magic Transfer\x64\MagicTransferTESHelper.exe [2014-06-14 104696]
S4 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-10-05 1513784]

-----------------EOF-----------------

[Márty84]

Zdravim

Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\Program Files (x86)\AdwCleaner\AdwCleaner[C?].txt ). Ten mi sem zkopirujte.

[hanysek99]

# AdwCleaner v5.102 - Logfile created 13/03/2016 at 21:09:51
# Updated 13/03/2016 by Xplode
# Database : 2016-03-13.2 [Server]
# Operating system : Windows 8.1 (x64)
# Username : Honza - HANYSEK99
# Running from : C:\Users\Honza\Desktop\adwcleaner_5.102.exe
# Option : Clean
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****

[-] Folder Deleted : C:\Program Files (x86)\SaaleiPlus
[-] Folder Deleted : C:\Users\Honza\AppData\Local\Steam\htmlcache

***** [ Files ] *****


***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Key Deleted : HKCU\Software\SprgFiles
[-] Key Deleted : HKLM\SOFTWARE\Trymedia Systems
[-] Key Deleted : HKLM\SOFTWARE\SprgFiles
[-] Value Deleted : HKU\S-1-5-21-2855615511-2488479924-1671497579-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [Pokki]

***** [ Web browsers ] *****


*************************

:: "Tracing" keys removed
:: Winsock settings cleared

*************************

C:\Program Files (x86)\AdwCleaner\AdwCleaner[C1].txt - [1094 bytes] - [13/03/2016 21:09:51]
C:\Program Files (x86)\AdwCleaner\AdwCleaner[S1].txt - [1244 bytes] - [13/03/2016 21:09:21]

########## EOF - C:\Program Files (x86)\AdwCleaner\AdwCleaner[C1].txt - [1280 bytes] ##########

[Márty84]

Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

[hanysek99]

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 13. 3. 2016
Čas skenování: 22:38
Protokol: MBAB-scan.txt
Správce: Ano

Verze: 2.2.0.1024
Databáze malwaru: v2016.03.13.04
Databáze rootkitů: v2016.03.12.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: Honza

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 361063
Uplynulý čas: 5 min, 30 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 0
(Nenalezeny žádné škodlivé položky)

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

[Márty84]

Tohle byl jen sken hrozeb, ten nekontroluje cely pocitac. Ja chtel vlastni sken vsech disku

[hanysek99]

Omlouvám se, teď by to mělo být v pořádku

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 14. 3. 2016
Čas skenování: 12:47
Protokol: Scan.txt
Správce: Ano

Verze: 2.2.0.1024
Databáze malwaru: v2016.03.14.03
Databáze rootkitů: v2016.03.12.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: Honza

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 634834
Uplynulý čas: 59 min, 10 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 0
(Nenalezeny žádné škodlivé položky)

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

[Márty84]

Super, MBAM muzete odinstalovat.

Dame si jeste jeden sken a budem mazat

Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach

[hanysek99]

FRST log:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
Ran by Honza (administrator) on HANYSEK99 (15-03-2016 20:20:39)
Running from C:\Users\Honza\Desktop
Loaded Profiles: Honza (Available Profiles: Honza)
Platform: Windows 8.1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: "C:\Program Files (x86)\Maxthon\bin\maxthon.exe" "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo Settings\LenovoSetSvr.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe
(Maxthon) C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\WebcamSplitterServer.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Lenovo) C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvTrayLoad.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvController.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files\Lenovo PhoneCompanion\adb.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2771576 2015-12-09] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\windows\system32\rundll32.exe C:\windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RtsFT] => C:\windows\RTFTrack.exe [6340312 2014-01-21] (Realtek semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3276104 2014-03-12] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-02-24] (Realtek Semiconductor)
HKLM\...\Run: [OnekeyStudio] => C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [4196432 2012-09-14] (Lenovo)
HKLM\...\Run: [PhoneCompanion] => C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [836592 2014-06-14] (Lenovo)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [16094704 2014-06-14] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [10841584 2014-06-14] (Lenovo(beijing) Limited)
HKU\S-1-5-21-2855615511-2488479924-1671497579-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2855615511-2488479924-1671497579-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-2855615511-2488479924-1671497579-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7B85B6C8-5304-427E-873E-D4420AF09EFA}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{AB9B9F25-BB73-46C7-A011-4FCCC7B022F0}: [DhcpNameServer] 169.254.235.164

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-01-12] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2016-01-12] (Microsoft Corporation)
BHO-x32: AcroIEHlprObj Class -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [2001-04-16] ()
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-01-12] (Microsoft Corporation)
BHO-x32: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-01-12] (Microsoft Corporation)
BHO-x32: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-04-01] (Microsoft Corporation)

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [No File]
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-18] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-10-15] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-10-15] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin HKU\S-1-5-21-2855615511-2488479924-1671497579-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [No File]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-11-18] (Microsoft Corporation)

Chrome:
=======
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Disk Google) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Vyhledávání Google) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Dokumenty Google offline) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-26]
CHR Extension: (Gmail) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ETDService; C:\Program Files\Elantech\ETDService.exe [101680 2013-10-15] (ELAN Microelectronics Corp.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156216 2015-12-09] (NVIDIA Corporation)
R2 ibtsiva; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [125168 2014-12-12] (Intel Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [296432 2014-04-16] (Intel Corporation)
S3 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-16] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 LenovoSetSvr; C:\Program Files (x86)\Lenovo\Lenovo Settings\LenovoSetSvr.exe [389680 2014-06-14] (Lenovo(beijing) Limited)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-06-14] (Lenovo(beijing) Limited)
R2 LsvUIService; C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe [70416 2014-06-14] (Lenovo)
S2 LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [37624 2014-04-21] (Lenovo(beijing) Limited)
R2 MaxthonUpdateSvc; C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [1872808 2015-11-27] (Maxthon)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2014-11-19] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-12-09] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [8185464 2015-12-09] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [6477432 2015-12-09] (NVIDIA Corporation)
R2 PGService; C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [167176 2014-02-26] (PointGrab LTD)
R2 PG_Service_Launcher; C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe [512776 2014-02-26] (PointGrab LTD)
R2 PhoneCompanionPusher; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [288240 2014-06-14] (Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [308720 2014-06-14] (Lenovo)
R2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [75064 2015-11-30] ()
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-21] (DEVGURU Co., LTD.)
S3 TESHelper; c:\Program Files\Common Files\Lenovo\Magic Transfer\x64\MagicTransferTESHelper.exe [104696 2014-06-14] (Lenovo)
R3 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe [68880 2014-06-14] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3820960 2014-11-19] (Intel® Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-08-06] (Disc Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 ETDSMBus; C:\Windows\system32\DRIVERS\ETDSMBus.sys [24904 2014-03-11] (ELAN Microelectronic Corp.)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [231152 2014-12-12] (Intel Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\Netwbw02.sys [3494680 2015-03-09] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-12-09] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [444632 2013-10-24] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [9105624 2014-01-21] (Realtek Semiconductor Corp.)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [11376 2015-11-02] () [File not signed]
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
S3 MBAMSwissArmy; \??\C:\windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-15 20:20 - 2016-03-15 20:20 - 00019174 _____ C:\Users\Honza\Desktop\FRST.txt
2016-03-15 20:13 - 2016-03-15 20:20 - 00000000 ____D C:\FRST
2016-03-15 20:12 - 2016-03-15 20:13 - 00112640 _____ (forum.viry.cz) C:\Users\Honza\Desktop\FRSTLauncher.exe
2016-03-15 19:15 - 2016-03-15 19:15 - 02374144 _____ (Farbar) C:\Users\Honza\Desktop\FRST64.exe
2016-03-14 13:58 - 2016-03-14 13:58 - 00001139 _____ C:\Users\Honza\Desktop\Scan.txt
2016-03-14 13:55 - 2016-03-14 14:00 - 00037376 _____ C:\Users\Honza\Desktop\Dodávka vody-faktura_Kubesa.xls
2016-03-14 12:21 - 2016-03-14 12:22 - 00017082 _____ C:\Users\Honza\Desktop\TEPLOTY.xlsx
2016-03-14 12:02 - 2016-03-14 12:02 - 00015154 _____ C:\Users\Honza\Downloads\kdyz_teploty.xlsx
2016-03-14 10:34 - 2016-03-14 10:34 - 00025088 _____ C:\Users\Honza\Downloads\17-kdyz2.xls
2016-03-14 10:03 - 2016-03-14 10:08 - 00000000 ____D C:\folder
2016-03-13 22:45 - 2016-03-13 22:45 - 00001142 _____ C:\Users\Honza\Desktop\MBAB-scan.txt
2016-03-13 22:34 - 2016-03-13 22:35 - 22908888 _____ (Malwarebytes ) C:\Users\Honza\Downloads\mbam-setup-2.2.0.1024.exe
2016-03-13 21:10 - 2016-03-13 21:10 - 00488632 _____ C:\windows\system32\FNTCACHE.DAT
2016-03-13 21:09 - 2016-03-13 21:09 - 00000000 ____D C:\Program Files (x86)\AdwCleaner
2016-03-13 21:06 - 2016-03-13 21:06 - 01527296 _____ C:\Users\Honza\Desktop\adwcleaner_5.102.exe
2016-03-13 14:51 - 2016-03-13 14:55 - 00000000 ____D C:\Program Files\trend micro
2016-03-13 14:51 - 2016-03-13 14:54 - 00000000 ____D C:\rsit
2016-03-13 14:50 - 2016-03-13 14:50 - 01222144 _____ C:\Users\Honza\Downloads\RSITx64.exe
2016-03-09 17:41 - 2016-03-09 17:41 - 00007368 _____ C:\Users\Honza\Downloads\Romantismus - shrnutí (1).odt
2016-03-08 20:33 - 2016-03-08 20:33 - 00475628 _____ C:\Users\Honza\Downloads\WindowedBorderlessGaming_2.1.0.1.zip
2016-03-07 17:05 - 2016-03-11 08:48 - 00000000 ____D C:\Users\Honza\Desktop\Povinná četba-dokončeno
2016-03-06 21:17 - 2016-03-06 21:17 - 00122782 _____ C:\Users\Honza\Downloads\229863
2016-03-06 18:13 - 2016-03-09 17:06 - 00002507 _____ C:\Users\Public\Desktop\Launch DS2 Broken World.lnk
2016-03-06 18:07 - 2016-03-06 18:07 - 00003340 _____ C:\windows\System32\Tasks\{FA8B76B2-3D5D-43D4-9778-C885A71CFA98}
2016-03-06 10:04 - 2016-03-13 20:03 - 00113664 ___SH C:\Users\Honza\Desktop\Thumbs.db
2016-03-05 23:56 - 2016-03-05 23:56 - 06198072 _____ C:\Users\Honza\Downloads\Patch-2.1.exe
2016-03-05 23:54 - 2016-03-05 23:55 - 11109450 _____ C:\Users\Honza\Downloads\SETUPENU.rar
2016-03-05 21:54 - 2016-03-05 21:54 - 00000000 ____D C:\Program Files (x86)\Microsoft Games
2016-03-05 15:19 - 2016-03-05 15:19 - 00056262 _____ C:\Users\Honza\Downloads\prilohy_607.zip
2016-03-01 17:02 - 2016-03-01 17:02 - 00025864 _____ C:\Users\Honza\Downloads\IMG_64379668213093.jpeg
2016-02-29 11:07 - 2016-02-29 12:11 - 00039694 _____ C:\Users\Honza\Downloads\16-KDYZ.xlsx
2016-02-26 17:24 - 2016-02-26 17:26 - 00000000 ____D C:\BDS
2016-02-26 15:30 - 2016-02-26 17:27 - 00000000 ____D C:\Users\Honza\Downloads\Instagram_files
2016-02-26 15:30 - 2016-02-26 15:30 - 00271029 _____ C:\Users\Honza\Downloads\Instagram.html
2016-02-26 07:59 - 2016-02-26 07:59 - 00000014 _____ C:\Users\Honza\Desktop\Nový textový dokument.txt
2016-02-22 20:50 - 2016-03-06 18:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2K Games
2016-02-22 13:48 - 2016-02-22 13:48 - 00415928 _____ (Kastner software s.r.o. ) C:\Users\Honza\Downloads\FORMstudio-nu_03DodList.exe
2016-02-21 20:13 - 2016-02-21 20:13 - 00003242 _____ C:\windows\System32\Tasks\{EE00342E-E394-4127-A872-E6C442843A4E}
2016-02-21 20:12 - 2016-02-21 20:12 - 00069843 _____ C:\Users\Honza\Downloads\04_winderlands8.bl2.v1.1.3.win32.win64_7c529.rar
2016-02-21 20:05 - 2016-02-21 20:05 - 00000000 ____D C:\Users\Public\Documents\My Games
2016-02-21 20:05 - 2016-02-21 20:05 - 00000000 ____D C:\Users\Honza\AppData\Local\SKIDROW
2016-02-21 20:01 - 2016-02-21 20:01 - 00000005 _____ C:\Users\Honza\Downloads\steam_appid.txt
2016-02-20 15:10 - 2016-02-20 15:10 - 00000000 ____D C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\KaM - The Peasants Rebellion
2016-02-20 15:02 - 2016-02-20 15:02 - 00003096 _____ C:\windows\System32\Tasks\{3CD93877-9FF4-4237-910F-CA6454C14D28}
2016-02-20 14:50 - 2016-03-05 16:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KaM - The Peasants Rebellion
2016-02-16 20:29 - 2016-02-16 20:29 - 00000000 ____D C:\Program Files (x86)\GameSpy Arcade
2016-02-16 17:30 - 2016-02-16 17:31 - 00000000 ____D C:\AdwCleaner
2016-02-16 17:30 - 2016-02-16 17:30 - 01508352 _____ C:\Users\Honza\Downloads\adwcleaner_5.033.exe
2016-02-14 23:32 - 2016-02-14 23:32 - 00000000 ____D C:\Users\Honza\AppData\Local\FalloutNV

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-15 19:35 - 2014-10-16 18:24 - 00000980 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA1cfe9669d8832d.job
2016-03-15 19:29 - 2014-08-05 15:18 - 00000980 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-15 19:29 - 2014-08-05 15:18 - 00000976 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-15 16:40 - 2014-08-05 15:20 - 00003600 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2855615511-2488479924-1671497579-1001
2016-03-15 15:29 - 2014-08-05 15:19 - 00002226 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-03-15 15:29 - 2014-08-05 15:17 - 00003974 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{1AA7B55F-6B38-4342-AA87-30E2EAA46ED9}
2016-03-15 15:25 - 2014-06-14 21:07 - 00739924 _____ C:\windows\system32\perfh005.dat
2016-03-15 15:25 - 2014-06-14 21:07 - 00151610 _____ C:\windows\system32\perfc005.dat
2016-03-15 15:25 - 2014-03-18 10:53 - 01745984 _____ C:\windows\system32\PerfStringBackup.INI
2016-03-15 15:25 - 2013-08-22 14:36 - 00000000 ____D C:\windows\Inf
2016-03-15 15:22 - 2014-10-16 18:24 - 00000976 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore1cfe9669b600e6.job
2016-03-15 15:21 - 2014-06-14 20:15 - 00000000 ____D C:\ProgramData\NVIDIA
2016-03-15 15:21 - 2013-08-22 15:45 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-03-14 22:30 - 2014-11-07 22:38 - 00000000 ____D C:\Program Files (x86)\Steam
2016-03-14 22:30 - 2014-06-14 20:30 - 00018944 _____ C:\windows\system32\VfService.trf
2016-03-14 14:03 - 2014-08-05 15:15 - 00000000 ____D C:\Users\Honza\AppData\Local\Packages
2016-03-14 12:05 - 2014-09-16 07:54 - 00000000 ____D C:\Users\Honza\Desktop\Škola
2016-03-14 10:16 - 2014-08-05 15:15 - 00000000 ____D C:\Users\Honza
2016-03-13 21:47 - 2015-02-19 15:26 - 00000000 ____D C:\Users\Honza\AppData\Local\Steam
2016-03-13 13:58 - 2014-08-06 15:18 - 00000000 ____D C:\Users\Honza\AppData\Roaming\DAEMON Tools Lite
2016-03-13 13:56 - 2013-08-22 16:36 - 00000000 ____D C:\windows\system32\NDF
2016-03-13 00:38 - 2013-08-22 14:25 - 00262144 ___SH C:\windows\system32\config\BBI
2016-03-11 21:06 - 2015-07-10 18:57 - 00000000 ____D C:\Users\Honza\AppData\Roaming\Skype
2016-03-11 17:04 - 2013-08-22 16:36 - 00000000 ____D C:\windows\AppReadiness
2016-03-11 16:16 - 2015-11-29 15:25 - 00710144 ___SH C:\Users\Honza\Downloads\Thumbs.db
2016-03-11 08:48 - 2015-10-19 13:04 - 00000000 ____D C:\Users\Honza\Desktop\Škola-PEK
2016-03-09 18:48 - 2014-12-19 15:11 - 00000000 ____D C:\Users\Honza\AppData\Roaming\Tropico 4
2016-03-09 16:38 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-03-07 13:35 - 2014-08-14 18:32 - 00000000 ____D C:\Users\Honza\Desktop\Honza
2016-03-07 12:30 - 2014-09-09 15:16 - 00000000 ____D C:\Users\Honza\AppData\Local\Microsoft Help
2016-03-06 18:11 - 2014-06-14 20:13 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-03-06 18:07 - 2014-08-06 07:19 - 00000000 ____D C:\Users\Honza\Documents\My Games
2016-03-05 16:34 - 2015-12-26 11:09 - 00000000 ____D C:\Users\Honza\AppData\Local\CrashDumps
2016-03-05 16:34 - 2015-12-03 20:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-03-05 15:32 - 2014-08-05 15:27 - 00000000 ____D C:\Games
2016-03-01 19:31 - 2014-06-14 20:15 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-02-29 18:13 - 2014-08-05 15:40 - 00000000 ____D C:\Users\Honza\Desktop\Hry
2016-02-27 11:52 - 2014-08-05 15:34 - 00000000 ____D C:\Users\Honza\Desktop\Tapety
2016-02-20 15:32 - 2015-11-30 17:33 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2016-02-20 15:32 - 2014-06-14 20:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-02-17 20:17 - 2015-07-10 18:57 - 00000000 ____D C:\ProgramData\Skype
2016-02-16 17:31 - 2015-01-16 13:54 - 00000000 ____D C:\windows\system32\log
2016-02-16 17:31 - 2014-08-05 15:15 - 00000992 _____ C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-02-16 17:31 - 2014-06-14 20:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maxthon Cloud Browser
2016-02-16 17:27 - 2015-12-03 20:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GEONExT
2016-02-16 17:27 - 2013-08-22 16:36 - 00000000 ____D C:\windows\ModemLogs

==================== Files in the root of some directories =======

2015-11-22 21:22 - 2014-05-24 20:09 - 0603763 ___SH () C:\Users\Honza\AppData\Roaming\libcurl-4.dll
2015-11-22 21:22 - 2014-05-24 20:09 - 0042496 ___SH (Open Source Software community project) C:\Users\Honza\AppData\Roaming\pthreadGC2-w64.dll
2015-06-14 12:55 - 2015-11-22 01:35 - 0007602 _____ () C:\Users\Honza\AppData\Local\Resmon.ResmonCfg
2015-08-12 16:14 - 2015-08-12 16:14 - 0000000 _____ () C:\Users\Honza\AppData\Local\{1934E746-5B44-40F5-92CC-B02784187B5A}
2015-08-12 16:14 - 2015-08-12 16:14 - 0000000 _____ () C:\Users\Honza\AppData\Local\{36AB6CCA-5045-4B2C-A006-EDFE17FB159A}
2014-06-14 20:20 - 2014-06-14 20:20 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-03-11 14:31

==================== End of FRST.txt ============================





A tady je ten druhý:

Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
Ran by Honza (2016-03-15 20:21:02)
Running from C:\Users\Honza\Desktop
Windows 8.1 (X64) (2014-08-05 14:15:03)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2855615511-2488479924-1671497579-500 - Administrator - Disabled)
Guest (S-1-5-21-2855615511-2488479924-1671497579-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2855615511-2488479924-1671497579-1005 - Limited - Enabled)
Honza (S-1-5-21-2855615511-2488479924-1671497579-1001 - Administrator - Enabled) => C:\Users\Honza

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat 5.0 (HKLM-x32\...\Adobe Acrobat 5.0) (Version: 5.0 - Adobe Systems, Inc.)
Age of Empires III - The Asian Dynasties (HKLM-x32\...\InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}) (Version: 1.00.0000 - Microsoft)
Age of Empires III - The Asian Dynasties (x32 Version: 1.00.0000 - Microsoft) Hidden
Age of Empires III - The WarChiefs (HKLM-x32\...\InstallShield_{1C08A24C-B168-407E-A826-68FAF5F20710}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III - The WarChiefs (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires III (HKLM-x32\...\InstallShield_{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Mythology (HKLM-x32\...\Age of Mythology 1.0) (Version: - )
Aktualizace NVIDIA 2.8.1.21 (Version: 2.8.1.21 - NVIDIA Corporation) Hidden
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{313c06de-4aa7-4a1f-930a-f10f80380426}) (Version: 17.14.0 - Intel Corporation)
Ashampoo Burning Studio 6 FREE v.6.84 (HKLM-x32\...\{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1) (Version: 6.8.4 - Ashampoo GmbH & Co. KG)
Borderlands (HKLM-x32\...\{1F61E0B1-1AB8-F15E-07C4-46D100A1D3F7}) (Version: 1.0 - )
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
CyberLink MediaStory (HKLM-x32\...\InstallShield_{55762F9A-FCE3-45d5-817B-051218658423}) (Version: 1.0.1314 - CyberLink Corp.)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4107 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
Dungeon Siege 2 (HKLM-x32\...\Steam App 39200) (Version: - Gas Powered Games)
Dungeon Siege 2 Broken World (HKLM-x32\...\{A563C4F4-BE36-4956-BA0B-E02BDD9F70D5}) (Version: 1.00.0000 - Gas Powered Games)
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.20 - Lenovo)
Energy Manager (x32 Version: 1.5.0.20 - Lenovo) Hidden
Fallout 4 (HKLM-x32\...\Fallout 4_is1) (Version: - )
Folder Size (64-bit) (HKLM\...\{F24FF688-7138-4CCF-A83F-71E9FB01170E}) (Version: 2.6 - Brio)
GeoGebra 5 (HKLM-x32\...\GeoGebra 5) (Version: 5.0.177.0 - International GeoGebra Institute)
GEONExT 1.74 (HKLM-x32\...\GEONExT_is1) (Version: 1.74 - GEONExT Group)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Heroes & Generals (HKLM-x32\...\Steam App 227940) (Version: - Reto-Moto)
Indeo® software (HKLM-x32\...\Indeo® software) (Version: - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3540 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.2.1000 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{F519CBBC-B049-4117-AF94-63F08E719CA5}) (Version: 17.1.1450.0402 - Intel Corporation)
Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Lemmings Revolution (HKLM-x32\...\Lemmings Revolution) (Version: - )
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10260 - Realtek Semiconductor Corp.)
Lenovo Motion Control (HKLM-x32\...\InstallShield_{A60E1DE0-2AD1-4BD3-BBCC-4FBB22FB6F85}) (Version: 2.5.1.0225 - PointGrab)
Lenovo Motion Control (x32 Version: 2.5.1.0225 - PointGrab) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2619 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.1.0.2619 - CyberLink Corp.) Hidden
Lenovo PhoneCompanion (HKLM-x32\...\InstallShield_{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.2.0.2 - Lenovo)
Lenovo PhoneCompanion (x32 Version: 1.2.0.2 - Lenovo) Hidden
Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.39.1 - ELAN Microelectronic Corp.)
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.5630.52 - CyberLink Corp.) Hidden
Lenovo Settings (HKLM-x32\...\InstallShield_{42F8AFC3-7944-46CC-9689-94FF9869D0A7}) (Version: 1.0.0.46 - Lenovo)
Lenovo Settings (x32 Version: 1.0.0.46 - Lenovo) Hidden
Lenovo Smart Voice (HKLM\...\Lenovo SmartVoice) (Version: 1.0.2.2 - Lenovo)
Lenovo Updates (HKLM-x32\...\InstallShield_{A2E1E9F0-0B68-4166-8C7F-85B563B84DF4}) (Version: 1.3.0.6 - Lenovo)
Lenovo Updates (x32 Version: 1.3.0.6 - Lenovo) Hidden
Lenovo VeriFace Pro (HKLM\...\Lenovo VeriFace) (Version: 5.1.14.3211 - Lenovo)
Magic Transfer (HKLM\...\{AD2B2BD1-A1D7-4798-8FDD-B2A58FD94E68}) (Version: 1.1.1.11 - )
Magic Transfer (HKLM-x32\...\InstallShield_{AD2B2BD1-A1D7-4798-8FDD-B2A58FD94E68}) (Version: 1.1.1.11 - Lenovo)
Magic Transfer (x32 Version: 1.1.1.11 - Lenovo) Hidden
Maxthon Cloud Browser (HKLM-x32\...\Maxthon3) (Version: 4.1.3.5000 - Maxthon International Limited)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.0.0 - Microsoft Corporation)
Microsoft Office Language Pack 2013 - Czech/čeština (HKLM\...\Office15.OMUI.cs-cz) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mount Blue - verze 1.0.10.0 (HKLM-x32\...\{0217f2cc-bb5c-4cea-8a90-47ab8b7b8c7f}_is1) (Version: 1.0.10.0 - HYL)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
NVIDIA GeForce Experience 2.8.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.8.1.21 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 354.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 354.35 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 354.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 354.35 - NVIDIA Corporation)
NVIDIA PhysX v8.10.29 (HKLM-x32\...\{D56B0E27-4A3E-46C9-B5C1-D93D580C099C}) (Version: 8.10.29 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Onekey Theater (HKLM-x32\...\{91CC5BAE-A098-40D3-A43B-C0DC7CE263FE}) (Version: 3.0.1.2 - Lenovo)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Ovládací panel NVIDIA 354.35 (Version: 354.35 - NVIDIA Corporation) Hidden
Plague Inc: Evolved (HKLM-x32\...\Steam App 246620) (Version: - Ndemic Creations)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.10525 - CyberLink Corp.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.987 - Even Balance, Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.21243 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7195 - Realtek Semiconductor Corp.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.55.0 - Samsung Electronics Co., Ltd.)
Serious Sam The Second Encounter (HKLM-x32\...\1207658877_is1) (Version: 2.1.0.8 - GOG.com)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0100-0405-1000-0000000FF1CE}_Office15.OMUI.cs-cz_{010BF41A-4D78-40C3-90BA-117DF64A0AE2}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
SHIELD Streaming (Version: 4.1.0250 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.8.1.21 - NVIDIA Corporation) Hidden
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
StageLight (HKLM\...\StageLight) (Version: 1.3.0.4350 - Open Labs, LLC.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
Titan Quest (HKLM-x32\...\{412B69AF-C352-4F6F-A318-B92B3CB9ACC6}) (Version: 1.00.0000 - Iron Lore)
Titan Quest Immortal Throne (HKLM-x32\...\{B5C5C17E-FEF6-4062-8151-A427AE8AF9D7}) (Version: 1.00.0000 - Iron Lore)
Tropico 4 (HKLM-x32\...\Steam App 57690) (Version: - Haemimont Games)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0405-1000-0000000FF1CE}_Office15.OMUI.cs-cz_{C224EEBF-D40A-4056-9DD3-EE74666F74AB}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{0FA8AE0C-69AE-4F60-A1AB-F79C6BA5A999}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3114732) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{AD89B6F9-C98A-4506-ABDE-782B0959CC84}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3114732) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{AD89B6F9-C98A-4506-ABDE-782B0959CC84}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3114732) 64-Bit Edition (HKLM\...\{90150000-012B-0405-1000-0000000FF1CE}_Office15.OMUI.cs-cz_{AD89B6F9-C98A-4506-ABDE-782B0959CC84}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3114732) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{AD89B6F9-C98A-4506-ABDE-782B0959CC84}) (Version: - Microsoft)
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
User Manuals (x32 Version: 3.0.0.3 - Lenovo) Hidden
Windows Driver Package - Lenovo (ACPIVPC) System (09/24/2013 19.29.2.34) (HKLM\...\EE9B1F2037C580F36D92FA431CC02BFF04C31F15) (Version: 09/24/2013 19.29.2.34 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
WinRAR 5.10 beta 4 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.10.4 - win.rar GmbH)
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2855615511-2488479924-1671497579-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\windows\system32\igfxEM.exe (Intel Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {13E4A631-D7CC-4E3D-BCDE-926AAF2489E6} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_ERROR_HB => C:\windows\system32\MRT.exe [2016-02-10] (Microsoft Corporation)
Task: {1A50AC22-4412-4648-86D6-A232C2DFF8B9} - System32\Tasks\{D4350867-1A62-44DC-9EE2-3803BB1AE88B} => pcalua.exe -a "C:\Program Files (x86)\Electronic Arts\The Sims 3\Game\Bin\Sims3Launcher.exe" -d "C:\Program Files (x86)\Electronic Arts\The Sims 3"
Task: {1E735332-7761-4013-8224-0B95A2743CDB} - System32\Tasks\{1E87B7B7-92DC-4A8A-B730-B7CEB5B61241} => pcalua.exe -a C:\Users\Honza\Downloads\MsiZap.exe -d C:\Users\Honza\Downloads
Task: {2119266E-6394-4258-9019-E13FE23B3858} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {23798373-5479-454D-8400-CB9ECFBB363F} - System32\Tasks\{2A8012AC-51FF-4B3B-918F-CBC7F34F0120} => pcalua.exe -a "C:\Games\FlatOut 2\FlatOut2.exe" -d "C:\Games\FlatOut 2"
Task: {312F9018-D4F6-49F3-884D-947C7BF2C772} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\windows\system32\MRT.exe [2016-02-10] (Microsoft Corporation)
Task: {3CCB2943-BB0B-40D6-B744-FEAAAF0D67EB} - System32\Tasks\{3CD93877-9FF4-4237-910F-CA6454C14D28} => pcalua.exe -a F:\Čeština\KaM-TPR_CZ_Full_v1.00.exe -d F:\Čeština
Task: {4285B9C0-487F-41F2-9972-2150383A00CB} - System32\Tasks\GoogleUpdateTaskMachineCore1cfe9669b600e6 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {446813C8-62D4-4422-8525-41E4B030786B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {45982546-F3DF-45FA-BD9E-0BFB0188F25D} - System32\Tasks\{06061D70-14B2-4519-A18E-38A4B6C4E067} => pcalua.exe -a C:\Games\Age_of_Mythology\aom.exe -d C:\Games\Age_of_Mythology -c
Task: {45C374A5-DC9A-451B-B7C9-FE8335BA449F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {48030B7A-2A14-4C99-8211-4C98B7D2A545} - System32\Tasks\{79C13495-0841-4928-8C2D-757E22D89969} => pcalua.exe -a "C:\Games\Serious Sam 2\Bin\Sam2.exe" -d "C:\Games\Serious Sam 2\Bin"
Task: {4CDA1BF9-ADF7-459C-BBE2-38035B567329} - System32\Tasks\{4DF24A2B-4593-411D-9B1D-0190AE74BA72} => pcalua.exe -a "C:\Games\The_Elder_Scrolls_V_Skyrim\Elder_Scrolls_V_Skyrim\The Elder Scrolls V - Skyrim\SkyrimLauncher.exe" -d "C:\Games\The_Elder_Scrolls_V_Skyrim\Elder_Scrolls_V_Skyrim\The Elder Scrolls V - Skyrim"
Task: {5B8C2258-A2A3-43D7-BC18-2ED04AAAE949} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {5F83426B-4E91-4E55-B2A5-D505A25D45AF} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [2013-03-08] (CyberLink Corp.)
Task: {63905062-3B50-44ED-BFF2-562CF0037D0B} - System32\Tasks\FRAPS => C:\Fraps\fraps.exe
Task: {6BA06AFB-16E4-4A52-995A-7D7D502BBFF7} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe
Task: {6BF65EA1-483F-4949-8385-93893FCD39CF} - System32\Tasks\{69AB8690-58A9-4485-816E-39B50EDAA856} => pcalua.exe -a C:\Games\AoM\aom.exe -d C:\Games\AoM -c
Task: {75335F3A-1BF6-4601-B891-A5C1FC219254} - System32\Tasks\Lenovo Smart Voice => C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvTrayLoad.exe [2014-06-14] (Lenovo)
Task: {779AD93D-7882-4277-B652-908E5B99E190} - System32\Tasks\{EE00342E-E394-4127-A872-E6C442843A4E} => pcalua.exe -a "C:\Games\Borderlands_2\Borderlands 2\Binaries\Win32\Launcher.exe" -d "C:\Games\Borderlands_2\Borderlands 2\Binaries\Win32"
Task: {79269BCF-A027-483A-ACFF-CAB2F9D597AE} - System32\Tasks\GoogleUpdateTaskMachineUA1cfe9669d8832d => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {7C5C5BE3-3001-4A56-BB74-1D219C48009F} - System32\Tasks\{8487D80C-69B4-4C34-9EB9-34FAF02E770A} => pcalua.exe -a "C:\Program Files (x86)\EA GAMES\Need for Speed Underground 2\speed2.exe" -d "C:\Program Files (x86)\EA GAMES\Need for Speed Underground 2"
Task: {8DEBC88C-6FCD-47B7-AFE3-BAD1324160BB} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {9AE32B08-B78B-4FF4-A5BC-5C3E52E8BD90} - System32\Tasks\{364D527D-334B-4280-B19F-D7BA4BCF7832} => pcalua.exe -a "C:\Games\Serious_Sam_2nd encounter\Serious_Sam_II_HD\Bin\SamHD_TSE.exe" -d "C:\Games\Serious_Sam_2nd encounter\Serious_Sam_II_HD\Bin"
Task: {9F9D679D-9C4A-4B23-ACFD-6A2FF7DE4179} - System32\Tasks\{1FE31177-2BE6-4E0D-92E9-91E78A5EA294} => pcalua.exe -a C:\Games\Dungeon_Siege_2\DungeonSiege2.exe -d C:\Games\Dungeon_Siege_2\
Task: {A800429E-5F96-4DDD-8658-54B161785AFD} - System32\Tasks\{8926363F-F49F-4670-932E-DE6B1FCE0614} => pcalua.exe -a C:\Games\Zaklínač_2\launcher.exe -d C:\Games\Zaklínač_2
Task: {A88990C2-6CC8-445A-BF38-5BDAFA11B28A} - System32\Tasks\{44F0BEEF-B615-42E5-859A-E12884127ABB} => pcalua.exe -a F:\autorun.exe -d F:\
Task: {BC6B4152-68BE-4856-847A-8F66EA7261EE} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe
Task: {C6342235-74AB-45EA-8833-15F4529A3CC6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {CBF01367-754E-4832-81F0-72BBA764986C} - System32\Tasks\{FA8B76B2-3D5D-43D4-9778-C885A71CFA98} => pcalua.exe -a "C:\Program Files (x86)\2K Games\Dungeon Siege 2 Broken World\DungeonSiege2.exe" -d "C:\Program Files (x86)\2K Games\Dungeon Siege 2 Broken World" -c width=1920 height=1080
Task: {DCD20478-967F-4DD8-B43B-AF8F3FBCABB6} - System32\Tasks\{04E39B4B-BF3A-4D54-AD05-5135C96E4384} => pcalua.exe -a C:\Games\Age_of_Mythology\aom.exe -d C:\Games\Age_of_Mythology
Task: {DCEE753C-3B90-462A-A1F7-8018275BACBB} - System32\Tasks\Maxthon Update => C:\Program Files (x86)\Maxthon\Bin\mxup.exe [2013-10-14] (Maxthon International ltd.)
Task: {DD20883D-B56C-4DD2-8487-36C6AF06F449} - System32\Tasks\{83F6CAB1-D160-431F-BAAB-567A928466F2} => pcalua.exe -a C:\Games\NFSU_2\speed2.exe -d C:\Games\NFSU_2
Task: {E3F45E81-9501-496D-9956-C5AECD799E42} - System32\Tasks\{F11750B4-1B29-4A97-935C-ABC0CE13067B} => pcalua.exe -a "C:\Games\The_Elder_Scrolls_V_Skyrim\Elder_Scrolls_V_Skyrim\The Elder Scrolls V - Skyrim\The Elder Scrolls V - Skyrim\TESV.exe" -d "C:\Games\The_Elder_Scrolls_V_Skyrim\Elder_Scrolls_V_Skyrim\The Elder Scrolls V - Skyrim\The Elder Scrolls V - Skyrim"
Task: {EB491906-E4BC-4A83-A7CD-BE8514DBA8C8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {EFE58169-7257-4F2F-842A-245757153C0C} - System32\Tasks\{4A31C636-BA59-4F76-AADE-F04422C31E5F} => pcalua.exe -a G:\SETUP.EXE -d G:\
Task: {F0E7733D-210B-45D8-A84C-C4A86AF2E6A3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore1cfe9669b600e6.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA1cfe9669d8832d.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2014-06-14 20:15 - 2015-10-15 04:59 - 00126256 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-12-24 15:42 - 2015-12-09 02:52 - 00217720 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2015-11-27 19:08 - 2015-11-30 17:34 - 00075064 _____ () C:\windows\SysWOW64\PnkBstrA.exe
2014-06-14 20:33 - 2012-04-24 11:43 - 00390632 ____N () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2014-06-14 20:30 - 2014-06-14 20:30 - 00068880 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
2014-06-14 20:30 - 2014-06-14 20:30 - 00672016 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfDataStorageInterface.dll
2014-03-26 20:50 - 2014-06-14 20:35 - 00058864 _____ () C:\Program Files (x86)\Lenovo\Energy Manager\kbdhook.dll
2014-06-14 20:34 - 2014-06-14 20:34 - 00815104 _____ () C:\Program Files\Lenovo PhoneCompanion\adb.exe
2014-06-14 20:20 - 2013-10-01 10:09 - 00078880 _____ () C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
2014-02-26 00:42 - 2014-02-26 00:42 - 00013576 _____ () C:\Program Files (x86)\Lenovo\Motion Control\PointGrabDeviceAPI.dll
2015-06-14 21:33 - 2015-12-09 02:53 - 00011896 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2014-06-14 20:34 - 2014-06-14 20:34 - 00101648 _____ () C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LUpdatePackage.dll
2014-06-14 20:13 - 2013-09-16 20:17 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-03-15 15:29 - 2016-03-08 03:48 - 01676440 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.87\libglesv2.dll
2016-03-15 15:29 - 2016-03-08 03:48 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.87\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Honza:Heroes & Generals [38]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2855615511-2488479924-1671497579-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Honza\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "ETDCtrl"
HKLM\...\StartupApproved\Run: => "Energy Manager"
HKLM\...\StartupApproved\Run: => "RtsFT"
HKU\S-1-5-21-2855615511-2488479924-1671497579-1001\...\StartupApproved\StartupFolder: => "the sims 3 1.0.631 crack.lnk"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{82AA6BFA-6967-4782-BD00-79E5ECD95FCD}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{AB7BA098-BA2F-4D93-A344-E03951AD282E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{5079E719-E6A2-40C9-BFB6-CB079EF2C393}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
FirewallRules: [{B5AF8EB3-BD93-45CF-9FF0-31F80F4335DB}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
FirewallRules: [{5B87D600-FFE6-44C0-9133-BB0C1CB5C6B4}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
FirewallRules: [{3CB4862A-1D89-4A0E-A09C-50F5AD2042B2}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
FirewallRules: [{D4573AC7-97B4-407C-9762-445121E83843}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{A6D3DD7F-2BE4-4466-9DE7-1E1902684559}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{3CFC092C-6DD8-4469-AE8C-E809FFF6E482}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{F333F5D4-4E14-4D80-BE78-E2694FD82282}] => (Allow) C:\Games\AoE_III\age3x.exe
FirewallRules: [{0619FB6A-1C25-49D1-9E22-434136AB8161}] => (Allow) C:\Games\AoE_III\age3x.exe
FirewallRules: [{27E063BC-F63D-477D-9F4D-7042DAFF69B1}] => (Allow) C:\Games\AoE_III\age3y.exe
FirewallRules: [{597B7431-2D70-4CA2-9440-5BF7F5C10FA0}] => (Allow) C:\Games\AoE_III\age3y.exe
FirewallRules: [TCP Query User{7EC7B8A3-D559-4B11-926C-2E95B0670CD3}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{5FD18040-2357-4600-8853-5FB841D16AC5}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [{961B173C-DC14-496F-84D0-BAD4922DEAA5}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{7D82DAA4-CA79-49EE-953E-71B93942C328}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{73443D12-C563-493A-8F1D-F826BA3C5A6F}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{470E3505-5E28-4A99-9E71-582B99985E8D}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{2110D9AC-19D9-49D6-AA13-10CDC414F66A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{00B2FA0C-E773-425C-9FD7-DA49A630C494}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{AFB298BB-9223-4A05-948F-FFF200A3053E}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{CCE5ECB6-9FDF-4744-B0FE-88561BCE9E50}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{D0A1F722-4A0F-493C-BD4A-039434144E0C}] => (Allow) LPort=16990
FirewallRules: [{5D4745E7-9628-4689-9428-0BB5A58F173F}] => (Allow) LPort=16990
FirewallRules: [{DBD1C37A-D08B-4EB0-A485-ACA4687DB962}] => (Allow) C:\Program Files\Lenovo\Magic Transfer\MagicTransfer.exe
FirewallRules: [{BB8B9976-F360-4B59-BA58-966AF83CA192}] => (Allow) C:\Program Files\Lenovo\Magic Transfer\MagicTransfer.exe
FirewallRules: [TCP Query User{A12E9098-8706-4249-BE79-9B943C8ECDBE}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{793BE674-6DFE-4566-BEC6-FC10AE238E9D}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{A8DA400E-4143-42B8-8025-39F018156AE0}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{6E27D3F1-2F29-403C-A391-E52DD2FC9189}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [{94331EA0-9206-40CC-90D0-2C3C1FA0DDB5}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{DA3CE3A3-5AF2-49DE-8E92-272702CE352F}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{97B0EA3F-BEC1-4A02-A78F-4960B60097E5}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{DC70F90C-0BCA-4E37-AEB6-D298FE2E8A55}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{736FCEA0-D857-4AD6-8FD0-8357640C1E2A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tropico 4\Tropico4.exe
FirewallRules: [{294DF6A9-A15E-4B9E-81C7-63919EE51F68}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tropico 4\Tropico4.exe
FirewallRules: [{3F93B5AA-824A-46B7-A731-58A306166383}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{6EFE96B0-3033-4DE7-A3FD-A9A2C04BB62D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [TCP Query User{850D7911-C142-484C-8E25-8C2084E39583}C:\games\titan_quest\tqit.exe] => (Allow) C:\games\titan_quest\tqit.exe
FirewallRules: [UDP Query User{339BAAB3-E7C9-49D2-A163-33E3A4B4C7E3}C:\games\titan_quest\tqit.exe] => (Allow) C:\games\titan_quest\tqit.exe
FirewallRules: [TCP Query User{A1B2E98C-4118-4AB8-897B-717F5104BC80}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{AD03D453-46E1-4B3F-A77F-A79585216A4D}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [{8E12584F-A7F4-492D-8047-636AF1C8F556}] => (Allow) C:\Games\AoE_III\age3y.exe
FirewallRules: [{0B94071D-B8D5-484B-8ADE-24F76B9FE2D6}] => (Allow) C:\Games\AoE_III\age3y.exe
FirewallRules: [{A54CB3E9-252E-46A4-B26B-A35DC7574A89}] => (Allow) C:\Games\AoE_III\age3x.exe
FirewallRules: [{3A085331-AFC0-4D44-ACEE-95AC12F997E3}] => (Allow) C:\Games\AoE_III\age3x.exe
FirewallRules: [{E60089D6-7B1A-4FFB-A457-5ED33DA4DD38}] => (Allow) C:\Games\AoE_III\age3x.exe
FirewallRules: [{37E69469-3286-4982-A193-77BB0B9122D1}] => (Allow) C:\Games\AoE_III\age3x.exe
FirewallRules: [TCP Query User{A5099DDA-51DE-42E9-B0AA-25599D734F63}C:\games\titan_quest\tqit.exe] => (Allow) C:\games\titan_quest\tqit.exe
FirewallRules: [UDP Query User{F9CAF932-F74B-4C38-A86F-6500B219B0F8}C:\games\titan_quest\tqit.exe] => (Allow) C:\games\titan_quest\tqit.exe
FirewallRules: [TCP Query User{CDE4CE5D-5434-411C-BC51-5E1926BBDCE8}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{BFEC4C09-55AC-45ED-82AE-9B9159A0B9F8}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{42742B9E-A01E-4D6A-90CA-B1B50AE1A473}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{A5E72A96-649F-4794-BDA7-A8D74F53F077}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PlagueInc\PlagueIncEvolved.exe
FirewallRules: [{0788232A-867B-4329-B673-1A35DB268ABF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PlagueInc\PlagueIncEvolved.exe
FirewallRules: [TCP Query User{AAE15C3D-B18B-442C-97FB-1B46A0B11181}C:\games\aom\aom.exe] => (Allow) C:\games\aom\aom.exe
FirewallRules: [UDP Query User{51020A19-1F5D-446D-98D3-20A3265F62FF}C:\games\aom\aom.exe] => (Allow) C:\games\aom\aom.exe
FirewallRules: [TCP Query User{CB7307A1-BB74-4D5E-A51A-02AB7A5C9EAE}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{B22E0C6C-F4E7-4104-BA29-5606297AD327}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{BCD40CE1-3B8D-4689-BD23-4A5327638489}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{3FC3A1AB-58C6-4658-A248-9568098AFE62}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{FE75F7E2-8F74-4BC1-B3F3-787A233C76EF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{94E6AF65-53A9-4887-846D-A96804265F37}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{F6334EDB-A051-46A7-9F6D-5D69EDA8DBDB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{7CAEFD5A-4E78-41BE-8EB4-9939013AEFC1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{7A993F34-B137-4B84-AFDB-DDACA0FF9F9C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{FD48E3EB-6214-497C-9B57-99E05A50AA47}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{148C8EF8-ED46-4E5D-A1E5-C5D1288D7B11}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{0C7DF269-0549-4066-9565-C0CBB8320ED3}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{5C974EDF-88FE-4BA9-92EA-426BD7D865F4}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{6F31A1E9-798A-4109-AEF5-B9ADBA74BD6B}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{C74FFE83-F199-49B0-A6C0-45952019C474}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [TCP Query User{9BBB0376-A705-408F-AE19-FDDB299F12B4}C:\games\fallout_4\fallout 4\fallout4.exe] => (Allow) C:\games\fallout_4\fallout 4\fallout4.exe
FirewallRules: [UDP Query User{B0B28D1E-E92E-440B-BD8B-8369A73EE32B}C:\games\fallout_4\fallout 4\fallout4.exe] => (Allow) C:\games\fallout_4\fallout 4\fallout4.exe
FirewallRules: [TCP Query User{45A202A1-30D8-404D-B7D2-5C5CBF72C8B7}C:\games\fallout_4\fallout 4\fallout4.exe] => (Allow) C:\games\fallout_4\fallout 4\fallout4.exe
FirewallRules: [UDP Query User{98103086-0581-4317-91B3-28D431AE1D39}C:\games\fallout_4\fallout 4\fallout4.exe] => (Allow) C:\games\fallout_4\fallout 4\fallout4.exe
FirewallRules: [TCP Query User{6317F038-D9AF-4929-9238-3D0EAC05EC57}C:\games\serious sam the second encounter\bin\serioussam.exe] => (Allow) C:\games\serious sam the second encounter\bin\serioussam.exe
FirewallRules: [UDP Query User{FE2C99B4-D17D-425C-AFD0-301B7B5108E0}C:\games\serious sam the second encounter\bin\serioussam.exe] => (Allow) C:\games\serious sam the second encounter\bin\serioussam.exe
FirewallRules: [TCP Query User{51F1DE66-A192-4A6E-BB48-2E867338CE25}C:\games\serious_sam_2\bin\sam2.exe] => (Allow) C:\games\serious_sam_2\bin\sam2.exe
FirewallRules: [UDP Query User{B39F6713-9F31-45E5-8B76-0C9A0B559FAC}C:\games\serious_sam_2\bin\sam2.exe] => (Allow) C:\games\serious_sam_2\bin\sam2.exe
FirewallRules: [TCP Query User{F0A1603A-29BA-46DC-8C73-80F20EE32D95}C:\games\borderlands\binaries\borderlands.exe] => (Allow) C:\games\borderlands\binaries\borderlands.exe
FirewallRules: [UDP Query User{7FDB8388-15BC-4F23-B50D-3AD09CE998CF}C:\games\borderlands\binaries\borderlands.exe] => (Allow) C:\games\borderlands\binaries\borderlands.exe
FirewallRules: [TCP Query User{C793D495-A3EB-41DC-9FF8-557718998BAE}C:\games\borderlands\binaries\borderlands.exe] => (Block) C:\games\borderlands\binaries\borderlands.exe
FirewallRules: [UDP Query User{998062F7-B0C1-44AF-BD0B-D10686C37EBF}C:\games\borderlands\binaries\borderlands.exe] => (Block) C:\games\borderlands\binaries\borderlands.exe
FirewallRules: [{E7AC4088-AC84-4F6C-837E-3AF61E6F5BB1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dungeon Siege 2\DungeonSiege2.exe
FirewallRules: [{2C732A8E-7B6E-4DBF-8CC6-73095BAC9934}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dungeon Siege 2\DungeonSiege2.exe
FirewallRules: [{10903ACE-02CB-41C6-AC3D-8A72BF4253A3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

10-02-2016 22:09:52 Windows Update
20-02-2016 15:30:47 Installed Borderlands
20-02-2016 15:32:56 Nainstalováno rozhraní DirectX
22-02-2016 20:50:43 Nainstalováno: Microsoft Visual C++ 2005 Redistributable
26-02-2016 17:21:03 Removed Borderlands
26-02-2016 17:24:45 Installed Borderlands
26-02-2016 17:26:49 Nainstalováno rozhraní DirectX
05-03-2016 15:26:54 Nainstalováno Dungeon Siege 2.
06-03-2016 18:05:58 Installed Dungeon Siege 2 Broken World
06-03-2016 18:09:58 Removed Dungeon Siege 2 Broken World
06-03-2016 18:11:26 Installed Dungeon Siege 2 Broken World

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/15/2016 03:31:41 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154

Error: (03/14/2016 12:45:50 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program mbam.exe verze 2.3.125.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 1ae4

Čas spuštění: 01d17de6fcc80d5a

Čas ukončení: 31

Cesta k aplikaci: C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

ID hlášení: 486d1fa5-e9da-11e5-8392-f8a96333dedc

Úplný název chybujícího balíčku:

ID aplikace související s chybujícím balíčkem:

Error: (03/14/2016 09:53:07 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154

Error: (03/13/2016 06:46:17 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (03/13/2016 02:54:11 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program RSITx64.exe verze 0.0.0.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: a64

Čas spuštění: 01d17d2f58a47ccf

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Users\Honza\Downloads\RSITx64.exe

ID hlášení: 0f29e679-e923-11e5-838e-f8a96333dedc

Úplný název chybujícího balíčku:

ID aplikace související s chybujícím balíčkem:

Error: (03/13/2016 08:40:01 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154

Error: (03/12/2016 11:18:53 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154

Error: (03/11/2016 08:04:19 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154

Error: (03/10/2016 02:09:02 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418154

Error: (03/09/2016 05:06:36 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program DungeonSiege2.exe verze 2.30.0.4277 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: cf4

Čas spuštění: 01d17a1d8909512f

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files (x86)\Steam\SteamApps\common\Dungeon Siege 2\DungeonSiege2.exe

ID hlášení: e557dd5d-e610-11e5-8384-f8a96333dedc

Úplný název chybujícího balíčku:

ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (03/15/2016 07:36:41 PM) (Source: DCOM) (EventID: 10010) (User: Hanysek99)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (03/14/2016 05:36:36 PM) (Source: DCOM) (EventID: 10010) (User: Hanysek99)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (03/14/2016 05:36:06 PM) (Source: DCOM) (EventID: 10010) (User: Hanysek99)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (03/14/2016 10:16:02 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (9:43:05, ‎14. ‎3. ‎2016) bylo neočekávané.

Error: (03/13/2016 09:10:02 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\windows\System32\IWMSSvc.dll

Error: (03/13/2016 09:10:02 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\windows\System32\IWMSSvc.dll

Error: (03/13/2016 09:10:01 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\windows\System32\IWMSSvc.dll

Error: (03/13/2016 09:09:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Dynamic Application Loader Host Interface Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/13/2016 09:09:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) ME Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/13/2016 09:09:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.


CodeIntegrity:
===================================
Date: 2016-03-11 23:01:07.308
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-03-11 23:01:07.056
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-03-11 23:01:06.833
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-03-11 23:01:06.554
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-03-11 16:11:20.012
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-03-11 16:11:19.840
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-03-11 16:11:19.663
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-03-11 16:11:19.397
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-03-09 19:38:35.999
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2016-03-09 19:38:35.823
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-4710HQ CPU @ 2.50GHz
Percentage of memory in use: 30%
Total physical RAM: 8104.27 MB
Available physical RAM: 5607.7 MB
Total Virtual: 8504.27 MB
Available Virtual: 5914.24 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:196.27 GB) (Free:45.43 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:21.97 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 4C683889)

Partition: GPT.

==================== End of Addition.txt ============================

[Márty84]

Zkontrolujte velikost adresare plochy.


Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

HKU\S-1-5-21-2855615511-2488479924-1671497579-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2855615511-2488479924-1671497579-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL =
BHO-x32: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File
BHO-x32: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File

S3 MBAMSwissArmy; \??\C:\windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [X]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]

2016-03-13 22:45 - 2016-03-13 22:45 - 00001142 _____ C:\Users\Honza\Desktop\MBAB-scan.txt
2016-03-13 22:34 - 2016-03-13 22:35 - 22908888 _____ (Malwarebytes ) C:\Users\Honza\Downloads\mbam-setup-2.2.0.1024.exe

Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore1cfe9669b600e6.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA1cfe9669d8832d.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

AlternateDataStreams: C:\Users\Honza:Heroes & Generals [38]

Hosts:
EmptyTemp:
Reboot:
End

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.

[hanysek99]

Velikost adresáře plochy je 1,23 GB


Fix result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
Ran by Honza (2016-03-16 16:38:40) Run:1
Running from C:\Users\Honza\Desktop
Loaded Profiles: Honza (Available Profiles: Honza)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKU\S-1-5-21-2855615511-2488479924-1671497579-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2855615511-2488479924-1671497579-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL =
BHO-x32: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File
BHO-x32: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File

S3 MBAMSwissArmy; \??\C:\windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [X]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29 144200]

2016-03-13 22:45 - 2016-03-13 22:45 - 00001142 _____ C:\Users\Honza\Desktop\MBAB-scan.txt
2016-03-13 22:34 - 2016-03-13 22:35 - 22908888 _____ (Malwarebytes ) C:\Users\Honza\Downloads\mbam-setup-2.2.0.1024.exe

Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore1cfe9669b600e6.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA1cfe9669d8832d.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

AlternateDataStreams: C:\Users\Honza:Heroes & Generals [38]

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKU\S-1-5-21-2855615511-2488479924-1671497579-1001\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value removed successfully
HKU\S-1-5-21-2855615511-2488479924-1671497579-1001\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => value removed successfully
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}" => key removed successfully
HKCR\Wow6432Node\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => key removed successfully
HKCR\Wow6432Node\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => key not found.
MBAMSwissArmy => service removed successfully
WinRing0_1_2_0 => service removed successfully
gupdate => service removed successfully
SkypeUpdate => service removed successfully
gupdatem => service removed successfully
"C:\Users\Honza\Desktop\MBAB-scan.txt" => not found.
C:\Users\Honza\Downloads\mbam-setup-2.2.0.1024.exe => moved successfully
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\windows\Tasks\GoogleUpdateTaskMachineCore1cfe9669b600e6.job => moved successfully
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\windows\Tasks\GoogleUpdateTaskMachineUA1cfe9669d8832d.job => moved successfully
C:\Users\Honza => ":Heroes & Generals" ADS removed successfully.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 486.7 MB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 16:38:50 ====

[Márty84]

Velikost adresáře plochy je 1,23 GB

Velikost plochy by nemela presahovat 200 - 300 MB! Brzdi to chod pc. Cili ji trosku uklidte a na plochu dejte jen zastupce. Jen pozor na obcasnou chybu, ze uzivatele maji na plose slozku, v ni dalsi a v ni dalsi a do te to schovaji. To je sice hezke, ale plochu to nezmensi, jen je to v jinem supliku



Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

DelFix https://toolslib.net/downloads/finish/2/

• Stahnete a spustte
• Ponechte zatrzitkou pouze u volby Remove disinfection tools
• Kliknete na Run

Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)

Defragmentujte disk(y) (SSD Disky ne!)
Stahnete program Defraggler https://www.piriform.com/defraggler/download/standard
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.




Pak napiste, jak to s pc vypada.

[hanysek99]

Tak, velikost adresáře plochy jsem snížil na 192 MB, vše jsem vyčistil podle vašich pokynů a vypadá to v pořádku. Jen defragmentaci jsem neprovedl, jelikož mám SSD Disk.

[Márty84]

Pokud tedy vse jede jak ma, mame hotovo

[hanysek99]

Vše v pořádku, děkuji za Vaší pomoc