problem, imperia online

[k33p]

zdravim mam problem s nejakym softwarom stiahnutym pravdepodobne cez torrent, imperia online, ale nevylucujem ze sa moze tej havede nachadzat v pocitaci viacej, vkladam log dakujem.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:09-05-2016
Ran by Katuska (administrator) on KATARINAPC (09-05-2016 22:18:51)
Running from C:\Users\Katuska\Desktop
Loaded Profiles: Katuska & UpdatusUser (Available Profiles: Katuska & UpdatusUser)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) Language: Angličtina (USA)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Nullsoft, Inc.) C:\Program Files\Winamp\winampa.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Nero AG) C:\Program Files\Nero\Nero 7\Nero BackItUp\NBKeyScan.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDGesture.exe
(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
() C:\Program Files\OLBPre\OLBPre.exe
(Realsil Microelectronics Inc.) C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(forum.viry.cz) C:\Users\Katuska\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [USB3MON] => C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-12-08] (Intel Corporation)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [978520 2015-01-30] (Microsoft Corporation)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2038568 2012-12-08] (ELAN Microelectronics Corp.)
HKLM\...\Run: [WinampAgent] => C:\Program Files\Winamp\winampa.exe [74752 2012-06-28] (Nullsoft, Inc.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM\...\Run: [Nvtmru] => C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-08-27] (NVIDIA Corporation)
HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [153136 2007-03-01] (Nero AG)
HKLM\...\Run: [NBKeyScan] => C:\Program Files\Nero\Nero 7\Nero BackItUp\NBKeyScan.exe [1373480 2007-06-29] (Nero AG)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM\...\Run: [ArcSoft Connection Service] => C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
HKLM\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-03-30] (LogMeIn Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)
HKU\S-1-5-21-3338003536-3836655406-3577229235-1000\...\Run: [Facebook Update] => C:\Users\Katuska\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-12-30] (Facebook Inc.)
HKU\S-1-5-21-3338003536-3836655406-3577229235-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3673728 2012-11-06] (DT Soft Ltd)
HKU\S-1-5-21-3338003536-3836655406-3577229235-1000\...\Run: [icq] => C:\Users\Katuska\AppData\Roaming\ICQM\icq.exe [35225096 2014-09-09] (ICQ)
HKU\S-1-5-21-3338003536-3836655406-3577229235-1000\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [152872 2007-06-27] (Nero AG)
HKU\S-1-5-21-3338003536-3836655406-3577229235-1000\...\Run: [iCloudServices] => C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-08-08] (Apple Inc.)
HKU\S-1-5-21-3338003536-3836655406-3577229235-1000\...\Run: [ApplePhotoStreams] => C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-08-14] (Apple Inc.)
HKU\S-1-5-21-3338003536-3836655406-3577229235-1000\...\Run: [OfficeSyncProcess] => C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [720064 2014-10-14] (Microsoft Corporation)
HKU\S-1-5-21-3338003536-3836655406-3577229235-1000\...\MountPoints2: {37974018-7a1c-11e5-9a7b-dc85de93fd82} - F:\Autorun.exe
HKU\S-1-5-21-3338003536-3836655406-3577229235-1000\...\MountPoints2: {4a29fb71-55db-11e2-b785-dc85de93fd82} - E:\autorun.exe
HKU\S-1-5-21-3338003536-3836655406-3577229235-1000\...\MountPoints2: {97db9772-01ac-11e3-917b-dc85de93fd82} - F:\NokiaPCIA_Autorun.exe
HKU\S-1-5-21-3338003536-3836655406-3577229235-1000\...\MountPoints2: {e61bd873-7215-11e2-b7b2-dc85de93fd82} - F:\setup.exe
HKU\S-1-5-21-3338003536-3836655406-3577229235-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [10240 2009-07-14] (Microsoft Corporation)
AppInit_DLLs: C:\Windows\system32\nvinit.dll => C:\Windows\system32\nvinit.dll [141336 2013-09-12] (NVIDIA Corporation)
Startup: C:\Users\Katuska\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk [2016-05-08]
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files\OLBPre\OLBPre.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2271F06A-1D39-4CAE-8636-E5C998BD88D6}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{5E87290D-B3DC-43A2-A1FB-F532402B098F}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{DC6631FF-F9EB-45EC-9B61-333BD1BD7290}: [DhcpNameServer] 195.91.0.17 194.154.227.17

Internet Explorer:
==================
HKU\S-1-5-21-3338003536-3836655406-3577229235-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.sk/
URLSearchHook: HKU\S-1-5-21-3338003536-3836655406-3577229235-1000 - (No Name) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - No File
SearchScopes: HKU\S-1-5-21-3338003536-3836655406-3577229235-1000 -> DefaultScope {5527D773-4644-40B4-8403-1CE6CADFF280} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3338003536-3836655406-3577229235-1000 -> {5527D773-4644-40B4-8403-1CE6CADFF280} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_73\bin\ssv.dll [2016-02-08] (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-04-29] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-08] (Oracle Corporation)
DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} hxxp://support.asus.com/select/asusTek_sys_ctrl3.cab
DPF: {70022607-8F7B-4968-90B1-37E1EC9D9F11} hxxps://cns.allianzsp.sk/cvpn/i1bJruqz6qpTg7_Fl1NCU7K5MIvFiyhRCivz6jx9VTU/portal/web/navigw.nsf/shpages/navigator_swt.htm/$FILE/amccontrol.cab
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.11.0.cab
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-04-29] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Katuska\AppData\Roaming\Mozilla\Firefox\Profiles\y7tj7crn.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-12] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-08] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-08] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3338003536-3836655406-3577229235-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Katuska\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-3338003536-3836655406-3577229235-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Katuska\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2012-12-07] (Unity Technologies ApS)
FF user.js: detected! => C:\Users\Katuska\AppData\Roaming\Mozilla\Firefox\Profiles\y7tj7crn.default\user.js [2013-01-13]
FF Extension: VideoFileDownload - Download YouTube Videos - C:\Users\Katuska\AppData\Roaming\Mozilla\Firefox\Profiles\y7tj7crn.default\extensions\plugin@videofiledownload.com [2013-01-13] [not signed]
FF Extension: Refundo Toolbar - C:\Users\Katuska\AppData\Roaming\Mozilla\Firefox\Profiles\y7tj7crn.default\Extensions\toolbar@refundo.cz.xpi [2016-02-17]
FF Extension: Adblock Plus - C:\Users\Katuska\AppData\Roaming\Mozilla\Firefox\Profiles\y7tj7crn.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-10-14]
FF Extension: Skype - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-04-29]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2014-10-08]

Chrome:
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\50.0.2661.94\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\50.0.2661.94\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\50.0.2661.94\pdf.dll => No File
CHR Plugin: (Nero Kwik Media Helper) - C:\PROGRA~1\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL => No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll => No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll => No File
CHR Plugin: (McAfee Security Scanner +) - C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll => No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll => No File
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll => No File
CHR Plugin: (Nokia Suite Enabler Plugin) - C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll => No File
CHR Plugin: (Unity Player) - C:\Users\Katuska\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Katuska\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll => No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll => No File
CHR Profile: C:\Users\Katuska\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\Katuska\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-08]
CHR Extension: (Disk Google) - C:\Users\Katuska\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-02]
CHR Extension: (Počasie (rozšírenie)) - C:\Users\Katuska\AppData\Local\Google\Chrome\User Data\Default\Extensions\beapnbfmjmjhhfpaoajfhjbbfnnlfpnc [2016-01-28]
CHR Extension: (YouTube) - C:\Users\Katuska\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Google Search) - C:\Users\Katuska\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-02]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Katuska\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-01-08]
CHR Extension: (Skype) - C:\Users\Katuska\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-01-08]
CHR Extension: (Hodiny) - C:\Users\Katuska\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjocghlclkpgheifflemilcnblodjohg [2013-09-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Katuska\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-17]
CHR Extension: (Gmail) - C:\Users\Katuska\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-23]
CHR HKLM\...\Chrome\Extension: [kincjchfokkeneeofpeefomkikfkiedl] - C:\Program Files\OpenApp\chromeaddon.crx <not found>
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-04-29]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-04-29] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-04-29] (Microsoft Corporation)
S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [277616 2012-12-14] (Intel Corporation)
R2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1848168 2015-03-30] (LogMeIn Inc.)
R2 IconMan_R; C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe [1822352 2012-12-08] (Realsil Microelectronics Inc.)
R2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [411920 2015-03-30] (LogMeIn, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22184 2015-01-30] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [284472 2015-01-30] (Microsoft Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14573856 2013-08-27] (NVIDIA Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
S2 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [X]
S2 Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\Windows\System32\DRIVERS\athr.sys [2987520 2012-07-24] (Qualcomm Atheros Communications, Inc.)
S3 DxVGrb; C:\Windows\System32\drivers\DxVGrb.sys [179200 2012-01-10] (Dexetek )
R3 ETD; C:\Windows\System32\DRIVERS\ETD.sys [172328 2012-12-08] (ELAN Microelectronics Corp.)
R3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R0 iusb3hcs; C:\Windows\System32\DRIVERS\iusb3hcs.sys [16440 2012-12-08] (Intel Corporation)
R3 iusb3hub; C:\Windows\System32\DRIVERS\iusb3hub.sys [351288 2012-12-08] (Intel Corporation)
R3 iusb3xhc; C:\Windows\System32\DRIVERS\iusb3xhc.sys [796216 2012-12-08] (Intel Corporation)
R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [55104 2012-07-17] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [239224 2014-11-15] (Microsoft Corporation)
R0 nvpciflt; C:\Windows\System32\DRIVERS\nvpciflt.sys [27424 2013-09-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [33568 2013-08-20] (NVIDIA Corporation)
R3 RSBASTOR; C:\Windows\System32\DRIVERS\RtsBaStor.sys [214016 2012-12-08] (Realtek Semiconductor Corp.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [466008 2013-01-03] (Duplex Secure Ltd.)
S3 zte_cdc_acm; C:\Windows\System32\DRIVERS\zte_cdc_acm.sys [66432 2015-10-24] (ZTE) [File not signed]
U3 aubh9wm6; C:\Windows\system32\Drivers\aubh9wm6.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
S3 ASUSProcObsrv; \??\D:\I386\AsProcOb.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-05-09 22:17 - 2016-05-09 22:18 - 00021413 _____ C:\Users\Katuska\Desktop\FRST.txt
2016-05-09 22:17 - 2016-05-09 22:18 - 00000000 ____D C:\FRST
2016-05-09 22:16 - 2016-05-09 22:13 - 00112640 _____ (forum.viry.cz) C:\Users\Katuska\Desktop\FRSTLauncher.exe
2016-05-09 22:16 - 2016-05-09 22:09 - 01732096 _____ (Farbar) C:\Users\Katuska\Desktop\FRST.exe
2016-05-09 22:13 - 2016-05-09 22:13 - 00112640 _____ (forum.viry.cz) C:\Users\Katuska\Downloads\FRSTLauncher.exe
2016-05-09 22:09 - 2016-05-09 22:09 - 01732096 _____ (Farbar) C:\Users\Katuska\Downloads\FRST.exe
2016-05-09 19:59 - 2016-05-09 19:59 - 00146134 _____ C:\Users\Katuska\Downloads\1610012461.zip
2016-05-08 15:42 - 2016-05-08 16:58 - 00000000 ____D C:\Users\Katuska\AppData\Local\Free YouTube Downloader
2016-05-08 15:42 - 2016-05-08 15:42 - 00002041 _____ C:\Users\Public\Desktop\Free YouTube Downloader.lnk
2016-05-08 15:42 - 2016-05-08 15:42 - 00001813 _____ C:\Users\Katuska\Desktop\MyPC Backup.lnk
2016-05-08 15:42 - 2016-05-08 15:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free YouTube Downloader
2016-05-08 15:41 - 2016-05-08 15:42 - 00000000 ____D C:\Program Files\OLBPre
2016-05-08 15:41 - 2016-05-08 15:42 - 00000000 ____D C:\Program Files\Free YouTube Downloader
2016-05-08 15:41 - 2016-05-08 15:41 - 00969937 _____ (Kicudar ) C:\Users\Katuska\Downloads\FYD_Setup.exe
2016-05-08 15:41 - 2016-05-08 15:41 - 00002274 _____ C:\Users\Katuska\Desktop\Imperia Online.lnk
2016-05-08 15:41 - 2016-05-08 15:41 - 00000000 ____D C:\Users\Katuska\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Imperia Online
2016-05-08 15:41 - 2016-05-08 15:41 - 00000000 ____D C:\Users\Katuska\AppData\Roaming\ImperiaOnline
2016-04-25 18:52 - 2016-04-28 19:53 - 00000000 ____D C:\Users\Katuska\AppData\Local\Viber
2016-04-25 18:50 - 2016-04-25 18:50 - 00217849 _____ C:\Users\Katuska\Desktop\vykaz_LS_smigova.PDF
2016-04-19 08:27 - 2016-04-19 08:33 - 106840528 _____ C:\Users\Katuska\Downloads\4D---4-(2014).zip
2016-04-10 09:06 - 2016-04-25 18:41 - 00000000 ____D C:\Users\Katuska\Documents\ViberDownloads
2016-04-10 09:04 - 2016-04-10 09:04 - 105661736 _____ (Viber Media Inc.) C:\Users\Katuska\Downloads\ViberSetup.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-05-09 21:55 - 2009-07-14 06:34 - 00026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-05-09 21:55 - 2009-07-14 06:34 - 00026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-05-09 21:51 - 2013-08-17 17:28 - 00000924 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-09 21:47 - 2014-01-02 18:03 - 00000000 ____D C:\Users\Katuska\AppData\Local\LogMeIn Hamachi
2016-05-09 21:46 - 2013-08-17 17:28 - 00000920 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-09 21:46 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-05-09 20:19 - 2010-11-20 23:01 - 00786558 _____ C:\Windows\system32\PerfStringBackup.INI
2016-05-09 20:19 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\inf
2016-05-09 08:45 - 2012-12-30 23:28 - 00000936 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3338003536-3836655406-3577229235-1000UA.job
2016-05-08 22:33 - 2012-12-30 23:28 - 00000914 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3338003536-3836655406-3577229235-1000Core.job
2016-05-08 17:13 - 2012-12-25 21:53 - 00000000 ___RD C:\Users\Katuska\Documents\Vuze Downloads
2016-05-08 17:12 - 2012-12-25 21:42 - 00000000 ____D C:\Users\Katuska\AppData\Roaming\Azureus
2016-05-08 16:34 - 2012-12-25 21:42 - 00000000 ____D C:\Program Files\Vuze
2016-05-08 15:41 - 2016-01-12 19:35 - 00000000 ____D C:\Users\Katuska\Desktop\stahovanie, napalovanie, konvertovanie
2016-05-08 15:22 - 2012-12-25 20:48 - 00000000 ___RD C:\Program Files\Skype
2016-05-06 21:05 - 2013-09-16 14:41 - 00002153 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-05-06 21:03 - 2013-10-07 17:26 - 00000284 _____ C:\Windows\Tasks\AppleSoftwareUpdate.job
2016-04-22 09:57 - 2012-12-09 01:01 - 00374944 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Files in the root of some directories =======

2013-09-03 15:26 - 2015-06-08 03:10 - 0008192 _____ () C:\Users\Katuska\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-05 00:07 - 2015-01-29 22:09 - 0007597 _____ () C:\Users\Katuska\AppData\Local\Resmon.ResmonCfg
2015-01-06 13:37 - 2015-05-22 09:52 - 0000575 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

Some files in TEMP:
====================
C:\Users\Katuska\AppData\Local\Temp\FreemakeVideoConverter_4.1.4.14.exe
C:\Users\Katuska\AppData\Local\Temp\FYDSetup.exe
C:\Users\Katuska\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Katuska\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\Katuska\AppData\Local\Temp\jre-8u66-windows-au.exe
C:\Users\Katuska\AppData\Local\Temp\jre-8u71-windows-au.exe
C:\Users\Katuska\AppData\Local\Temp\jre-8u73-windows-au.exe
C:\Users\Katuska\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Katuska\AppData\Local\Temp\TMCCSetup_3.68.05.14_1.exe
C:\Users\Katuska\AppData\Local\Temp\vlc-2.2.1-win32.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-05-08 17:46

==================== End of FRST.txt ============================



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:698.54 GB) (Free:397.69 GB) NTFS
Drive e: (TRC) (CDROM) (Total:0.55 GB) (Free:0 GB) CDFS

Available physical RAM: 1587.09 MB
Total physical RAM: 3227.48 MB
Percentage of memory in use: 50%

==================== MBR and Partition Table ==================

Task: {3AADC44B-F2AC-48B5-8EA7-EC35703FF42E} - System32\Tasks\Imperia Online W4 => Chrome.exe \C:\Program Files\Google\Chrome\Application\chrome.exe\" --app=hxxp://www.imperiaonline.org/?ref_ad=src123 --app-window-size=1366,768"
Task: {4210E4D6-46A4-4AE2-ADBD-025ADB9A5EF0} - System32\Tasks\Imperia Online W1 => Chrome.exe \C:\Program Files\Google\Chrome\Application\chrome.exe\" --app=hxxp://www.imperiaonline.org/?ref_ad=src123 --app-window-size=1366,768"
Task: {8EE7F6AB-E1CD-448C-8529-0084F68EE81F} - System32\Tasks\Imperia Online W2 => Chrome.exe \C:\Program Files\Google\Chrome\Application\chrome.exe\" --app=hxxp://www.imperiaonline.org/?ref_ad=src123 --app-window-size=1366,768"
Task: {D1AAE7BA-1832-4347-A331-B3DA6AD7AD79} - System32\Tasks\Imperia Online W3 => Chrome.exe \C:\Program Files\Google\Chrome\Application\chrome.exe\" --app=hxxp://www.imperiaonline.org/?ref_ad=src123 --app-window-size=1366,768"
ShortcutWithArgument: C:\Users\Katuska\Desktop\Imperia Online.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --app=hxxp://www.imperiaonline.org/?ref_ad=src123 --app-window-size=1366,768
ShortcutWithArgument: C:\Users\Katuska\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Imperia Online\Imperia Online.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --app=hxxp://www.imperiaonline.org/?ref_ad=src123 --app-window-size=1366,768
ShortcutWithArgument: C:\Users\Katuska\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Imperia Online.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --app=hxxp://www.imperiaonline.org/?ref_ad=src123 --app-window-size=1366,768
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 7C12E647)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=698.5 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3338003536-3836655406-3577229235-1000Core.job => C:\Users\Katuska\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3338003536-3836655406-3577229235-1000UA.job => C:\Users\Katuska\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Microsoft Security Essentials (Disabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Disabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Katuska\Desktop" je 2496 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

[k33p]

Kód: Vybrat vše

# AdwCleaner v5.119 - Logfile created 12/06/2016 at 13:27:11
# Updated 30/05/2016 by Xplode
# Database : 2016-06-10.1 [Server]
# Operating system : Windows 7 Ultimate Service Pack 1 (X86)
# Username : Katuska - KATARINAPC
# Running from : C:\Users\Katuska\Downloads\adwcleaner_5.119.exe
# Option : Clean
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****

[-] Folder Deleted : C:\ProgramData\ytd video downloader
[-] Folder Deleted : C:\ProgramData\Free Youtube Downloader
[#] Folder Deleted : C:\ProgramData\Application Data\ytd video downloader
[#] Folder Deleted : C:\ProgramData\Application Data\Free Youtube Downloader
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Youtube Downloader
[-] Folder Deleted : C:\Program Files\Conduit
[-] Folder Deleted : C:\Program Files\GreenTree Applications
[-] Folder Deleted : C:\Program Files\Smartdl
[-] Folder Deleted : C:\Program Files\TSearch
[-] Folder Deleted : C:\Program Files\Free Youtube Downloader
[-] Folder Deleted : C:\Users\Katuska\AppData\Local\Conduit
[-] Folder Deleted : C:\Users\Katuska\AppData\Local\Free Youtube Downloader
[-] Folder Deleted : C:\Users\Katuska\AppData\LocalLow\Conduit

***** [ Files ] *****

[-] File Deleted : C:\END
[-] File Deleted : C:\Users\Public\Desktop\Free Youtube Downloader.lnk
[-] File Deleted : C:\Users\Katuska\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Free Youtube Downloader.lnk
[-] File Deleted : C:\Users\Katuska\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_download.icq.com_0.localstorage
[-] File Deleted : C:\Users\Katuska\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_download.icq.com_0.localstorage-journal
[-] File Deleted : C:\Users\Katuska\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage
[-] File Deleted : C:\Users\Katuska\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage-journal
[-] File Deleted : C:\Users\Katuska\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.icq.com_0.localstorage
[-] File Deleted : C:\Users\Katuska\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.icq.com_0.localstorage-journal

***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****

[-] Task Deleted : LaunchPreSignup

***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2504091
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kincjchfokkeneeofpeefomkikfkiedl
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{186E19A3-B909-4F48-B687-BB81EB8BC7CE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{649CCF8F-C1C9-4275-88B7-31CA8B31154C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F44DC845-F9E1-4907-8D9C-1472F72E8326}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
[-] Key Deleted : HKCU\Software\APN PIP
[-] Key Deleted : HKCU\Software\Conduit
[-] Key Deleted : HKCU\Software\PIP
[-] Key Deleted : HKCU\Software\PRODUCTSETUP
[-] Key Deleted : HKCU\Software\UpdateStar
[-] Key Deleted : HKCU\Software\Mail.Ru
[-] Key Deleted : HKCU\Software\csastats
[-] Key Deleted : HKCU\Software\GreenTree Applications\YTD
[-] Key Deleted : HKCU\Software\AppDataLow\Software\Mail.Ru
[-] Key Deleted : HKLM\SOFTWARE\Conduit
[-] Key Deleted : HKLM\SOFTWARE\PIP
[-] Key Deleted : HKLM\SOFTWARE\Speedchecker Limited
[-] Key Deleted : HKLM\SOFTWARE\Mail.Ru
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}

***** [ Web browsers ] *****

[-] [C:\Users\Katuska\AppData\Roaming\Mozilla\Firefox\Profiles\y7tj7crn.default\prefs.js] Deleted : user_pref("CT1750559_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1394135620016,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
[-] [C:\Users\Katuska\AppData\Roaming\Mozilla\Firefox\Profiles\y7tj7crn.default\prefs.js] Deleted : user_pref("CT2504091_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1356464824647,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
[-] [C:\Users\Katuska\AppData\Roaming\Mozilla\Firefox\Profiles\y7tj7crn.default\prefs.js] Deleted : user_pref("plugin.state.npconduitfirefoxplugin", 2);
[-] [C:\Users\Katuska\AppData\Roaming\Mozilla\Firefox\Profiles\y7tj7crn.default\prefs.js] Deleted : user_pref("smartbar.machineId", "ZLGFXQOMKFXKUTD2FUAIXSIQSITYYFNUHL3MIA+EJ3RX1ATMZTDA/GYIXO1DXALNDC1Q33EF4Z17T7LHPSEATW");
[-] [C:\Users\Katuska\AppData\Roaming\Mozilla\Firefox\Profiles\y7tj7crn.default\prefs.js] Deleted : user_pref("valueApps.storage.mam_gk_userId", "65333638653262302D363336312D343239612D383035652D396164653537343235373034");

*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [5574 bytes] - [12/06/2016 13:27:11]
C:\AdwCleaner\AdwCleaner[S1].txt - [6139 bytes] - [12/06/2016 13:23:34]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [5720 bytes] ##########

[Rudy]

Dejte nový log FRST.

[k33p]

Kód: Vybrat vše

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 02-07-2016
Ran by Katuska (2016-07-03 12:35:41)
Running from C:\Users\Katuska\Desktop
Microsoft Windows 7 Ultimate  Service Pack 1 (X86) (2012-12-08 22:42:36)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3338003536-3836655406-3577229235-500 - Administrator - Disabled)
Guest (S-1-5-21-3338003536-3836655406-3577229235-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3338003536-3836655406-3577229235-1006 - Limited - Enabled)
Katuska (S-1-5-21-3338003536-3836655406-3577229235-1000 - Administrator - Enabled) => C:\Users\Katuska
UpdatusUser (S-1-5-21-3338003536-3836655406-3577229235-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Absolute Uninstaller 2.9.0.722 (HKLM\...\Absolute Uninstaller_is1) (Version:  - Glarysoft.com)
Activision(R) (Version: 1.0 - Activision) Hidden
Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Aktualizácie NVIDIA 8.3.14 (Version: 8.3.14 - NVIDIA Corporation) Hidden
AlbumMaker (HKLM\...\TiskProRadost_AlbumMaker) (Version:  - )
Apple Application Support (HKLM\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{235EBB33-3DA1-46DF-AADE-9955123409CB}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft ShowBiz (HKLM\...\{9D41D2EF-2D33-4CFD-8A3E-C7E6FCC3303B}) (Version:  - ArcSoft)
ASUS LifeFrame3 (HKLM\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.7 - ASUS)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
BS.Player FREE (HKLM\...\BSPlayerf) (Version: 2.66.1075 - AB Team, d.o.o.)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5143 - CDBurnerXP)
Conexant Polaris Unused CIR Function (HKLM\...\Uninstaller50d99d520) (Version: 1.0.0.0 - Conexant Systems)
Conexant Polaris Unused CIR Function (HKLM\...\Uninstaller54fd70370) (Version: 1.0.0.0 - Conexant Systems)
Conexant Polaris Unused CIR Function (HKLM\...\VID_1D19&PID_6109&MI_00) (Version: 1.0.0.0 - Conexant Systems)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.46.1.0327 - DT Soft Ltd)
ETDWare PS/2-X86 10.5.9.0 (HKLM\...\Elantech) (Version: 10.5.9.0 - ELAN Microelectronic Corp.)
Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Free Mp3 Wma Converter V 2.2 (HKLM\...\Free Mp3 Wma Converter_is1) (Version: 2.2.0.0 - Koyote Soft)
Free YouTube Downloader 4.1.507 (HKLM\...\{A7E19604-93AF-4611-8C9F-CE509C2B286F}_is1) (Version:  - HOW Inc.)
Freemake Video Converter verzia 4.1.5 (HKLM\...\Freemake Video Converter_is1) (Version: 4.1.5 - Ellora Assets Corporation)
GeForce Experience NvStream Client Components (Version: 0.1.87 - NVIDIA Corporation) Hidden
Google Earth Plug-in (HKLM\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Chrome (HKLM\...\Google Chrome) (Version: 51.0.2704.103 - Spoločnosť Google Inc.)
Google Update Helper (Version: 1.3.30.3 - Google Inc.) Hidden
Half-Life (HKLM\...\Half-Life_is1) (Version: Half-Life - Non Steam - KingSOFT DVD)
iCloud (HKLM\...\{8D9592B4-7E22-4D1F-B2CB-B5F0F2F619CB}) (Version: 4.0.3.56 - Apple Inc.)
ICQ 8.2 (verze 7135) (HKU\S-1-5-21-3338003536-3836655406-3577229235-1000\...\ICQ) (Version: 8.2.7135.0 - ICQ)
Intel(R) Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2932 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.6.245 - Intel Corporation)
IrfanView (remove only) (HKLM\...\IrfanView) (Version:  - )
iTunes (HKLM\...\{5D928931-D1D2-4A93-A82D-BF60D0E7CFA5}) (Version: 12.0.1.26 - Apple Inc.)
Java 8 Update 91 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.15 - Oracle Corporation)
LogMeIn Hamachi (HKLM\...\LogMeIn Hamachi) (Version: 2.2.0.328 - LogMeIn, Inc.)
LogMeIn Hamachi (Version: 2.2.0.328 - LogMeIn, Inc.) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.7.205.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Moj CEWE FOTOSVET (HKLM\...\Moj CEWE FOTOSVET) (Version: 6.0.5 - CEWE Stiftung u Co. KGaA)
Mozilla Firefox 40.0.3 (x86 sk) (HKLM\...\Mozilla Firefox 40.0.3 (x86 sk)) (Version: 40.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 40.0.3 - Mozilla)
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Nero 7 Ultra Edition (HKLM\...\{CF097717-F174-4144-954A-FBC4BF301033}) (Version: 7.02.9753 - Nero AG)
Nero 9 Essentials (HKLM\...\{f712da53-ef3e-41a8-9fc0-2c0f828bc41e}) (Version:  - Nero AG)
Nokia Connectivity Cable Driver (HKLM\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
NVIDIA GeForce Experience 1.6.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.6.1 - NVIDIA Corporation)
NVIDIA Grafický ovládač 327.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.23 - NVIDIA Corporation)
NVIDIA Ovládač zvuku HD 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA Softvér systému s podporou technológie PhysX 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.5 - NVIDIA Corporation)
Ovládací panel NVIDIA 327.23 (Version: 327.23 - NVIDIA Corporation) Hidden
PC Connectivity Solution (HKLM\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek PCIE Card Reader (HKLM\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.27028 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
SHIELD Streaming (Version: 1.05.28 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.3.0.9150 - Microsoft Corporation)
Skype™ 7.10 (HKLM\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.10.101 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-3338003536-3836655406-3577229235-1000\...\Spotify) (Version: 1.0.29.92.g67727800 - Spotify AB)
System Requirements Lab for Intel (HKLM\...\{63B7AC7E-0178-4F4F-A79B-08D97ADD02D7}) (Version: 4.5.11.0 - Husdawg, LLC)
The Godfather™ The Game (HKLM\...\{1D2CF076-A63F-41A5-00A1-5924FADFAD9D}) (Version:  - )
The Sims™ 3 (HKLM\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.0.632 - Electronic Arts)
Tomb Raider (HKLM\...\Tomb Raider_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
Tomb Raider Chronicles (HKLM\...\Tomb Raider Chronicles) (Version:  - )
Transformers(TM) - War for Cybertron(TM) (HKLM\...\InstallShield_{2A96D655-4FEF-4512-9468-0AABA70CD389}) (Version: 1.0 - Activision)
Unity Web Player (HKU\S-1-5-21-3338003536-3836655406-3577229235-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Video Grabber (HKLM\...\Uninstaller50d99d500) (Version: 1.0.0.0 - Conexant Systems)
Video Grabber (HKLM\...\Uninstaller54fd70350) (Version: 1.0.0.0 - Conexant Systems)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 4.8.1.0 - Azureus Software, Inc.)
Winamp (HKLM\...\Winamp) (Version: 5.63  - Nullsoft, Inc)
Windows Driver Package - Nokia pccsmcfd “LegacyDriver”  (05/31/2012 7.1.2.0) (HKLM\...\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382) (Version: 05/31/2012 7.1.2.0 - Nokia)
Windows Phone app for desktop (HKLM\...\{F0752A78-37C4-4C76-8B97-EFF334BF5298}) (Version: 1.1.2726.0 - Microsoft Corporation)
WinRAR 4.20 (32-bitová verzia) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3338003536-3836655406-3577229235-1000_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\Katuska\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-3338003536-3836655406-3577229235-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Katuska\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-3338003536-3836655406-3577229235-1000_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\Katuska\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-3338003536-3836655406-3577229235-1000_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Users\Katuska\AppData\Local\Facebook\Video\Skype\FacebookVideoCallingProxy.exe (Skype Limited)
CustomCLSID: HKU\S-1-5-21-3338003536-3836655406-3577229235-1000_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\Katuska\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CustomCLSID: HKU\S-1-5-21-3338003536-3836655406-3577229235-1001_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\Katuska\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-3338003536-3836655406-3577229235-1001_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\UpdatusUser\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx => No File
CustomCLSID: HKU\S-1-5-21-3338003536-3836655406-3577229235-1001_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll => No File
CustomCLSID: HKU\S-1-5-21-3338003536-3836655406-3577229235-1001_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Users\UpdatusUser\AppData\Local\Facebook\Video\Skype\FacebookVideoCallingProxy.exe => No File
CustomCLSID: HKU\S-1-5-21-3338003536-3836655406-3577229235-1001_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll => No File

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {25E40646-69D1-43F5-9FEC-82303A330DCF} - System32\Tasks\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {2B5FC332-CB4E-450E-8E5E-1CFBCAD27F08} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {2EA0B424-221F-4102-B368-150573B8A0C2} - System32\Tasks\{25FE605D-C0EF-4A0E-8C96-99093EEED441} => pcalua.exe -a "C:\Users\Katuska\Documents\Vuze Downloads\The Sims 3 - Razor1911 Final MAXSPEED\Final Version Patch\Sims3_1.0.632.00002_from_1.0.631.00002.exe" -d "C:\Users\Katuska\Documents\Vuze Downloads\The Sims 3 - Razor1911 Final MAXSPEED\Final Version Patch"
Task: {3203B7C4-FF9F-43BB-82C1-0BD5EC9ABDA2} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3338003536-3836655406-3577229235-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {3A4711F1-F7A7-4015-9907-9B80FDF02BB9} - System32\Tasks\{71A8FC45-EB15-447E-9ED5-BB3447FC3428} => pcalua.exe -a "C:\Program Files\Nero\Nero 7\Nero Toolkit\NeroBurnRights.cpl" -c Nero BurnRights
Task: {4E6F6BC2-B6B0-43F6-8069-55AD020D7D2C} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3338003536-3836655406-3577229235-1000Core => C:\Users\Katuska\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-12-30] (Facebook Inc.)
Task: {65B737FD-53C2-4A4F-83BB-DCE4622D4BD2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {8319D0A5-E245-4801-9508-80E65787BEED} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3338003536-3836655406-3577229235-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {A703D6D5-08DB-4D09-8F74-1A25BAE5D817} - System32\Tasks\{1E5DCC4A-0DD9-44C9-8094-626ADA1F4F7C} => pcalua.exe -a E:\OriginInstaller.exe -d E:\
Task: {A850C99B-716D-4BDE-837B-59F3B5BD5DE9} - System32\Tasks\{A6E33918-3C93-41A8-A31E-D6759CA3E55C} => pcalua.exe -a C:\Users\Katuska\Documents\WinFlash_Win8_64_Z2411\Setup.exe -d C:\Users\Katuska\Documents\WinFlash_Win8_64_Z2411
Task: {CC492EA3-B33F-4D33-AB78-324A3539D3A5} - System32\Tasks\{36EB49AA-86D3-46E6-AD6D-72CA8F46EFB5} => pcalua.exe -a C:\Users\Katuska\Desktop\NFS_RUN\OriginInstaller.exe -d C:\Users\Katuska\Desktop\NFS_RUN
Task: {D53C87E9-5E6B-4723-AA52-341F90CB0210} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {D8902289-9B80-429E-8A15-4EA3C40EC492} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3338003536-3836655406-3577229235-1000UA => C:\Users\Katuska\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-12-30] (Facebook Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3338003536-3836655406-3577229235-1000Core.job => C:\Users\Katuska\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3338003536-3836655406-3577229235-1000UA.job => C:\Users\Katuska\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Katuska\AppData\Local\Microsoft\Windows\GameExplorer\{89BC1607-2304-44D5-8B7B-DA6A04BDBE19}\SupportTasks\0\Technická podpora.lnk -> hxxp://support.ea.com/ (No File)
Shortcut: C:\Users\Katuska\AppData\Local\Microsoft\Windows\GameExplorer\{778B8601-EFF5-4F9E-A2B4-3F7F463BB419}\SupportTasks\1\Technická podpora.lnk -> hxxp://www.eidosinteractive.com/support/index.html/ (No File)
Shortcut: C:\Users\Katuska\AppData\Local\Microsoft\Windows\GameExplorer\{778B8601-EFF5-4F9E-A2B4-3F7F463BB419}\SupportTasks\0\Ďalšie hry od spoločnosti Microsoft.lnk -> hxxp://www.eidosinteractive.com/games/embed.html (No File)
Shortcut: C:\Users\Katuska\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ\icq.com.lnk -> hxxp://www.icq.com/ (No File)

==================== Loaded Modules (Whitelisted) ==============

2012-12-09 01:16 - 2013-09-12 08:28 - 00088864 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2014-07-03 13:20 - 2014-07-03 13:20 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 14:05 - 2014-10-11 14:05 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-10-15 21:07 - 2013-09-12 10:51 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2012-10-10 06:32 - 2012-10-10 06:32 - 00094208 _____ () C:\Windows\System32\IccLibDll.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3338003536-3836655406-3577229235-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Katuska\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 217.23.254.124 - 217.23.254.125
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{A8981784-3CEE-473A-834A-008ED6485E9D}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe
FirewallRules: [UDP Query User{B09148EF-1081-4A91-9429-ECAC67D6786C}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe
FirewallRules: [TCP Query User{78D161DB-4431-4802-9704-030B75B46C8F}C:\program files\winamp\winamp.exe] => (Allow) C:\program files\winamp\winamp.exe
FirewallRules: [UDP Query User{A6C26F9B-35D1-4BBD-BC9A-BB22957F142A}C:\program files\winamp\winamp.exe] => (Allow) C:\program files\winamp\winamp.exe
FirewallRules: [TCP Query User{810BF34A-5389-4F31-A488-6D6494B9E28B}C:\program files\winamp\winamp.exe] => (Allow) C:\program files\winamp\winamp.exe
FirewallRules: [UDP Query User{A1E6ECA2-0071-400F-B20B-28BC624CD5A5}C:\program files\winamp\winamp.exe] => (Allow) C:\program files\winamp\winamp.exe
FirewallRules: [{A4EF0A9C-5F54-4461-ADEB-92B6EB49992A}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{E6C07553-050B-4F16-A460-F5E1F37F2921}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [{CD70B1F4-F8B8-4346-8BF8-CDE564E8102B}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [{DC83F61C-80DD-4FE6-9818-86FC69C20C46}] => (Allow) C:\Program Files\Raptr\raptr.exe
FirewallRules: [{3DA92672-7CB6-4596-978C-4405582ECA7C}] => (Allow) C:\Program Files\Raptr\raptr.exe
FirewallRules: [{54506ED3-1A03-4C56-B4B9-CAE7762FBDF1}] => (Allow) C:\Program Files\Raptr\raptr_im.exe
FirewallRules: [{DBFEDCF7-56BD-4811-B7E1-2F273EB64BC9}] => (Allow) C:\Program Files\Raptr\raptr_im.exe
FirewallRules: [TCP Query User{9102F3FC-9C16-44A5-90C5-12BD3D1F72F1}C:\program files\vuze\azureus.exe] => (Block) C:\program files\vuze\azureus.exe
FirewallRules: [UDP Query User{EA311B7B-34FF-409E-882C-06D904AD3940}C:\program files\vuze\azureus.exe] => (Block) C:\program files\vuze\azureus.exe
FirewallRules: [TCP Query User{97D1CE7F-51DE-478B-9539-49AFCC3CB266}C:\program files\microsoft office\office14\groove.exe] => (Block) C:\program files\microsoft office\office14\groove.exe
FirewallRules: [UDP Query User{173CC808-1398-4BBF-8913-EFCB362B9E72}C:\program files\microsoft office\office14\groove.exe] => (Block) C:\program files\microsoft office\office14\groove.exe
FirewallRules: [{795EB42C-B545-4662-B005-B282085FF832}] => (Allow) C:\Program Files\Activision\Transformers - War for Cybertron\Binaries\TWFC.exe
FirewallRules: [{05722E59-8B17-4F63-A3C3-7FC3FC73DA1E}] => (Allow) C:\Program Files\Activision\Transformers - War for Cybertron\Binaries\TWFC.exe
FirewallRules: [TCP Query User{DE157424-C334-4634-BD95-2EFD750B84ED}C:\users\katuska\desktop\nfs_run\game\need for speed the run.exe] => (Block) C:\users\katuska\desktop\nfs_run\game\need for speed the run.exe
FirewallRules: [UDP Query User{A4991026-F7C2-4AB2-8177-59943E15EF37}C:\users\katuska\desktop\nfs_run\game\need for speed the run.exe] => (Block) C:\users\katuska\desktop\nfs_run\game\need for speed the run.exe
FirewallRules: [TCP Query User{FD48225C-5480-4A38-8C54-A61703352AFA}C:\program files\activision\transformers - war for cybertron\binaries\twfc.exe] => (Allow) C:\program files\activision\transformers - war for cybertron\binaries\twfc.exe
FirewallRules: [UDP Query User{6E3E10C7-0172-4275-B1BE-702722A7427F}C:\program files\activision\transformers - war for cybertron\binaries\twfc.exe] => (Allow) C:\program files\activision\transformers - war for cybertron\binaries\twfc.exe
FirewallRules: [TCP Query User{ADA0B264-1E35-49E8-A32A-CF3F22663A29}C:\program files\tsearch\easydownload.exe] => (Block) C:\program files\tsearch\easydownload.exe
FirewallRules: [UDP Query User{D72422B8-6B61-4CF1-BDCD-7F290D339ED7}C:\program files\tsearch\easydownload.exe] => (Block) C:\program files\tsearch\easydownload.exe
FirewallRules: [TCP Query User{ABCD733D-1055-49D1-A6E9-A076EAA24892}C:\program files\nero\km\kwikmedia.exe] => (Allow) C:\program files\nero\km\kwikmedia.exe
FirewallRules: [UDP Query User{31EE8FA6-C458-489B-8452-25EAD73062C5}C:\program files\nero\km\kwikmedia.exe] => (Allow) C:\program files\nero\km\kwikmedia.exe
FirewallRules: [{16E9185A-A590-456B-9A1B-C156CA73D330}] => (Allow) C:\Users\Katuska\AppData\Roaming\ICQM\icq.exe
FirewallRules: [{0F6BC324-3EB2-4DA4-A566-085CFF769B8B}] => (Allow) C:\Users\Katuska\AppData\Roaming\ICQM\icq.exe
FirewallRules: [{6E491179-903A-4CD9-82A3-50B6EFBBBF7B}] => (Allow) C:\Program Files\nokia\nokia suite\nokiasuite.exe
FirewallRules: [{7A5D342E-FE93-47EF-88D5-D3CB7C2DC332}] => (Allow) C:\Program Files\Common Files\nokia\service layer\a\nsl_host_process.exe
FirewallRules: [{29758D1F-52AA-48D3-92B1-2BEA94A187E0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{EA15E156-3239-44A1-AA20-2E93FF1EC960}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{7E2588EC-C49A-4F02-8A58-064F9663A098}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{8CE8CCB0-A6C7-47C8-BEFF-E829EFC4AD63}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{44B3483D-AC81-44ED-9BBC-5A4B1CFBE1E3}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{96901664-1CF2-4FB6-BC14-CA4A802C4595}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{23577DAB-2B92-42F5-AAA0-DB11F20F05BF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{8D2232A3-2162-439E-B023-27F17348259A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{5D797F82-1E2D-4CD0-A743-91970F174E35}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{C2274220-708C-4752-9EAC-53525ACE158A}D:\easysetupassistant\easysetupassistant.exe] => (Allow) D:\easysetupassistant\easysetupassistant.exe
FirewallRules: [UDP Query User{F65D9DC5-E129-42A9-B17A-F3B9CD5CC225}D:\easysetupassistant\easysetupassistant.exe] => (Allow) D:\easysetupassistant\easysetupassistant.exe
FirewallRules: [{CEDCE2F6-307F-4B18-BDAF-8260F6E97074}] => (Block) D:\easysetupassistant\easysetupassistant.exe
FirewallRules: [{E04CD8AA-921B-4D8D-A57C-17C36CF717A1}] => (Block) D:\easysetupassistant\easysetupassistant.exe
FirewallRules: [TCP Query User{461F8C46-9397-46FE-A343-04BB6F21EB50}C:\program files\valve\half-life\hl.exe] => (Allow) C:\program files\valve\half-life\hl.exe
FirewallRules: [UDP Query User{E7C45487-1C4B-40DC-B7DE-111A4A8CD730}C:\program files\valve\half-life\hl.exe] => (Allow) C:\program files\valve\half-life\hl.exe
FirewallRules: [TCP Query User{9D204DDF-E79B-40B2-A468-F4F00F3F3987}C:\users\katuska\desktop\cossacls\dmcr.exe] => (Allow) C:\users\katuska\desktop\cossacls\dmcr.exe
FirewallRules: [UDP Query User{599AF51A-FA4F-40D7-A470-49D23418E1AF}C:\users\katuska\desktop\cossacls\dmcr.exe] => (Allow) C:\users\katuska\desktop\cossacls\dmcr.exe
FirewallRules: [TCP Query User{F8C00C76-047B-4C1D-AB68-A7888D767125}C:\windows\system32\dplaysvr.exe] => (Block) C:\windows\system32\dplaysvr.exe
FirewallRules: [UDP Query User{56B9A6DE-1A82-406F-8414-C698EE718CA8}C:\windows\system32\dplaysvr.exe] => (Block) C:\windows\system32\dplaysvr.exe
FirewallRules: [TCP Query User{AFE26FDC-01F4-4813-B838-C74EDE019116}C:\program files\nero\nero 7\nero showtime\showtime.exe] => (Block) C:\program files\nero\nero 7\nero showtime\showtime.exe
FirewallRules: [UDP Query User{6F0AE96B-23F3-4D82-A5F3-7CF1A0CA0D5D}C:\program files\nero\nero 7\nero showtime\showtime.exe] => (Block) C:\program files\nero\nero 7\nero showtime\showtime.exe
FirewallRules: [{28E112C1-0631-4099-A34B-9E8EFF76EF29}] => (Allow) C:\Users\Katuska\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{BC6B65CE-7540-42E9-9E49-560A0873205E}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{66F9D6AC-7F28-4B43-A002-7DA783EFFD0E}] => (Allow) c:\amcBaseDir\jre\bin\javaw.exe
FirewallRules: [{D6074C24-8A41-4293-8E17-09EC931C75A8}] => (Allow) c:\AMM\Kalkulacka\jre\bin\javaw.exe
FirewallRules: [{84739D71-8CD6-4798-9D32-3082AF61AF2D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{A169DFC3-6F89-40FF-B65D-3BD9E5ABE24D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{055805C5-97D5-4B90-8B28-5D85F18667F7}] => (Allow) c:\amcBaseDir\jre\bin\javaw.exe
FirewallRules: [{F175D703-03CD-43B2-BB8A-601AEEC385E6}] => (Allow) c:\amcBaseDir\jre\bin\javaw.exe
FirewallRules: [{F184DD5E-D4DE-46FC-8AD9-8F393B9E9567}] => (Allow) c:\amc\amcshared\jre\bin\javaw.exe
FirewallRules: [TCP Query User{597EBF98-6CEB-4C66-A3DC-AE340FBCB93D}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{F5297F47-80FC-454B-AF66-0CAAF8CF9D94}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{A713660B-D6D6-4ABD-B8B9-5ACA6403B758}] => (Allow) c:\amcBaseDir\jre\bin\javaw.exe
FirewallRules: [TCP Query User{2635E92F-3D14-4A26-820B-2A16EEF0B663}C:\users\katuska\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\katuska\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{2688072E-BC50-4CD8-B0B6-8F5AB548E88B}C:\users\katuska\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\katuska\appdata\roaming\spotify\spotify.exe
FirewallRules: [{1A908A1F-BFE6-4482-89A5-55AB4DFEA7F4}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

27-05-2016 21:48:45 Windows Update
04-06-2016 18:04:02 Scheduled Checkpoint
07-06-2016 21:38:40 Windows Update
07-06-2016 21:46:51 Chrome Cleanup Tool
11-06-2016 15:09:17 Windows Update
15-06-2016 20:15:03 Windows Update
19-06-2016 22:55:00 Windows Update
25-06-2016 13:41:18 Windows Update
28-06-2016 20:43:21 Windows Update
03-07-2016 09:44:40 Windows Update

==================== Faulty Device Manager Devices =============

Name: MpKslaf7ad901
Description: MpKslaf7ad901
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: MpKslaf7ad901
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Lexmark X422
Description: Lexmark X422
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Lexmark
Service: usbscan
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/03/2016 12:59:20 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2012

Error: (07/03/2016 12:59:20 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2012

Error: (07/03/2016 12:59:20 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/03/2016 12:59:19 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1014

Error: (07/03/2016 12:59:19 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1014

Error: (07/03/2016 12:59:19 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/02/2016 06:59:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5023

Error: (07/02/2016 06:59:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5023

Error: (07/02/2016 06:59:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/02/2016 06:59:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4009


System errors:
=============
Error: (07/02/2016 06:32:42 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Nero BackItUp Scheduler 4.0 zlyhalo kvôli nasledujúcej chybe: 
%%2 = Systém nemôže nájsť zadaný súbor.


Error: (07/01/2016 09:23:23 PM) (Source: BROWSER) (EventID: 8032) (User: )
Description: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{2271F06A-1D39-4CAE-8636-E5C998BD88D6}.
The backup browser is stopping.

Error: (06/27/2016 07:54:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Nero BackItUp Scheduler 4.0 zlyhalo kvôli nasledujúcej chybe: 
%%2 = Systém nemôže nájsť zadaný súbor.


Error: (06/25/2016 01:30:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Nero BackItUp Scheduler 4.0 zlyhalo kvôli nasledujúcej chybe: 
%%2 = Systém nemôže nájsť zadaný súbor.


Error: (06/23/2016 09:40:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Nero BackItUp Scheduler 4.0 zlyhalo kvôli nasledujúcej chybe: 
%%2 = Systém nemôže nájsť zadaný súbor.


Error: (06/12/2016 01:28:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Nero BackItUp Scheduler 4.0 zlyhalo kvôli nasledujúcej chybe: 
%%2 = Systém nemôže nájsť zadaný súbor.


Error: (06/12/2016 01:27:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Windows Media Player Network Sharing Service zlyhalo kvôli nasledujúcej chybe: 
%%3 = Systém nemôže nájsť zadanú cestu.


Error: (06/12/2016 01:27:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Windows Search zlyhalo kvôli nasledujúcej chybe: 
%%3 = Systém nemôže nájsť zadanú cestu.


Error: (06/12/2016 01:27:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba IconMan_R sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 60000 ms bude vykonaná nasledujúca opravná akcia: Restart the service.

Error: (06/12/2016 01:27:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba NMIndexingService sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
Percentage of memory in use: 46%
Total physical RAM: 3227.48 MB
Available physical RAM: 1723.18 MB
Total Virtual: 6453.26 MB
Available Virtual: 4842.44 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:698.54 GB) (Free:396.02 GB) NTFS
Drive e: (TRC) (CDROM) (Total:0.55 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 7C12E647)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=698.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

[Rudy]

Toto je pouze Additional. Potřebuji vidět oba logy, i FRST.

[k33p]

frst

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 02-07-2016
Ran by Katuska (administrator) on KATARINAPC (06-07-2016 20:54:15)
Running from C:\Users\Katuska\Desktop
Loaded Profiles: Katuska & UpdatusUser (Available Profiles: Katuska & UpdatusUser)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) Language: Angličtina (USA)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(LogMeIn, Inc.) C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Nullsoft, Inc.) C:\Program Files\Winamp\winampa.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(LogMeIn Inc.) C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Nero AG) C:\Program Files\Nero\Nero 7\Nero BackItUp\NBKeyScan.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDGesture.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
(Spotify Ltd) C:\Users\Katuska\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Realsil Microelectronics Inc.) C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreamsDownloader.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\WINWORD.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\WINWORD.EXE
(Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [USB3MON] => C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-12-08] (Intel Corporation)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [978520 2015-01-30] (Microsoft Corporation)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2038568 2012-12-08] (ELAN Microelectronics Corp.)
HKLM\...\Run: [WinampAgent] => C:\Program Files\Winamp\winampa.exe [74752 2012-06-28] (Nullsoft, Inc.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM\...\Run: [Nvtmru] => C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-08-27] (NVIDIA Corporation)
HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [153136 2007-03-01] (Nero AG)
HKLM\...\Run: [NBKeyScan] => C:\Program Files\Nero\Nero 7\Nero BackItUp\NBKeyScan.exe [1373480 2007-06-29] (Nero AG)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM\...\Run: [ArcSoft Connection Service] => C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
HKLM\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-03-30] (LogMeIn Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [595992 2016-05-20] (Oracle Corporation)
HKU\S-1-5-21-3338003536-3836655406-3577229235-1000\...\Run: [Facebook Update] => C:\Users\Katuska\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-12-30] (Facebook Inc.)
HKU\S-1-5-21-3338003536-3836655406-3577229235-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3673728 2012-11-06] (DT Soft Ltd)
HKU\S-1-5-21-3338003536-3836655406-3577229235-1000\...\Run: [icq] => C:\Users\Katuska\AppData\Roaming\ICQM\icq.exe [35225096 2014-09-09] (ICQ)
HKU\S-1-5-21-3338003536-3836655406-3577229235-1000\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [152872 2007-06-27] (Nero AG)
HKU\S-1-5-21-3338003536-3836655406-3577229235-1000\...\Run: [iCloudServices] => C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-08-08] (Apple Inc.)
HKU\S-1-5-21-3338003536-3836655406-3577229235-1000\...\Run: [ApplePhotoStreams] => C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-08-14] (Apple Inc.)
HKU\S-1-5-21-3338003536-3836655406-3577229235-1000\...\Run: [OfficeSyncProcess] => C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [720064 2014-10-14] (Microsoft Corporation)
HKU\S-1-5-21-3338003536-3836655406-3577229235-1000\...\Run: [Spotify Web Helper] => C:\Users\Katuska\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1554032 2016-05-28] (Spotify Ltd)
HKU\S-1-5-21-3338003536-3836655406-3577229235-1000\...\MountPoints2: {37974018-7a1c-11e5-9a7b-dc85de93fd82} - F:\Autorun.exe
HKU\S-1-5-21-3338003536-3836655406-3577229235-1000\...\MountPoints2: {4a29fb71-55db-11e2-b785-dc85de93fd82} - E:\autorun.exe
HKU\S-1-5-21-3338003536-3836655406-3577229235-1000\...\MountPoints2: {97db9772-01ac-11e3-917b-dc85de93fd82} - F:\NokiaPCIA_Autorun.exe
HKU\S-1-5-21-3338003536-3836655406-3577229235-1000\...\MountPoints2: {e61bd873-7215-11e2-b7b2-dc85de93fd82} - F:\setup.exe
HKU\S-1-5-21-3338003536-3836655406-3577229235-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [10240 2009-07-14] (Microsoft Corporation)
AppInit_DLLs: C:\Windows\system32\nvinit.dll => C:\Windows\system32\nvinit.dll [141336 2013-09-12] (NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Tcpip\..\Interfaces\{2271F06A-1D39-4CAE-8636-E5C998BD88D6}: [DhcpNameServer] 217.23.254.124 217.23.254.125
Tcpip\..\Interfaces\{DC6631FF-F9EB-45EC-9B61-333BD1BD7290}: [DhcpNameServer] 195.91.0.17 194.154.227.17

Internet Explorer:
==================
HKU\S-1-5-21-3338003536-3836655406-3577229235-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.sk/
SearchScopes: HKU\S-1-5-21-3338003536-3836655406-3577229235-1000 -> DefaultScope {5527D773-4644-40B4-8403-1CE6CADFF280} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3338003536-3836655406-3577229235-1000 -> {5527D773-4644-40B4-8403-1CE6CADFF280} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-07-02] (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-07-02] (Oracle Corporation)
DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} hxxp://support.asus.com/select/asusTek_sys_ctrl3.cab
DPF: {70022607-8F7B-4968-90B1-37E1EC9D9F11} hxxps://cns.allianzsp.sk/cvpn/i1bJruqz6qpTg7_Fl1NCU7K5MIvFiyhRCivz6jx9VTU/portal/web/navigw.nsf/shpages/navigator_swt.htm/$FILE/amccontrol.cab
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.11.0.cab
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Katuska\AppData\Roaming\Mozilla\Firefox\Profiles\y7tj7crn.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-12] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-07-02] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-07-02] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-13] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-13] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3338003536-3836655406-3577229235-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Katuska\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-3338003536-3836655406-3577229235-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Katuska\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2012-12-07] (Unity Technologies ApS)
FF user.js: detected! => C:\Users\Katuska\AppData\Roaming\Mozilla\Firefox\Profiles\y7tj7crn.default\user.js [2013-01-13]
FF Extension: VideoFileDownload - Download YouTube Videos - C:\Users\Katuska\AppData\Roaming\Mozilla\Firefox\Profiles\y7tj7crn.default\extensions\plugin@videofiledownload.com [2013-01-13] [not signed]
FF Extension: Refundo Toolbar - C:\Users\Katuska\AppData\Roaming\Mozilla\Firefox\Profiles\y7tj7crn.default\Extensions\toolbar@refundo.cz.xpi [2016-02-17]
FF Extension: Adblock Plus - C:\Users\Katuska\AppData\Roaming\Mozilla\Firefox\Profiles\y7tj7crn.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-07-03]
FF Extension: Skype - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-05-25]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2014-10-08]

Chrome:
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\51.0.2704.103\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\51.0.2704.103\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\51.0.2704.103\pdf.dll => No File
CHR Plugin: (Nero Kwik Media Helper) - C:\PROGRA~1\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL => No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll => No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll => No File
CHR Plugin: (McAfee Security Scanner +) - C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll => No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll => No File
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll => No File
CHR Plugin: (Nokia Suite Enabler Plugin) - C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll => No File
CHR Plugin: (Unity Player) - C:\Users\Katuska\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Katuska\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll => No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll => No File
CHR Profile: C:\Users\Katuska\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\Katuska\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-08]
CHR Extension: (Disk Google) - C:\Users\Katuska\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-02]
CHR Extension: (Počasie (rozšírenie)) - C:\Users\Katuska\AppData\Local\Google\Chrome\User Data\Default\Extensions\beapnbfmjmjhhfpaoajfhjbbfnnlfpnc [2016-01-28]
CHR Extension: (YouTube) - C:\Users\Katuska\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Google Search) - C:\Users\Katuska\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-02]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Katuska\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-20]
CHR Extension: (Skype) - C:\Users\Katuska\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-06-20]
CHR Extension: (Hodiny) - C:\Users\Katuska\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjocghlclkpgheifflemilcnblodjohg [2013-09-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Katuska\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-20]
CHR Extension: (Gmail) - C:\Users\Katuska\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-23]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-05-25]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [277616 2012-12-14] (Intel Corporation)
R2 Hamachi2Svc; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [1848168 2015-03-30] (LogMeIn Inc.)
R2 IconMan_R; C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe [1822352 2012-12-08] (Realsil Microelectronics Inc.)
R2 LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [411920 2015-03-30] (LogMeIn, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22184 2015-01-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [284472 2015-01-30] (Microsoft Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14573856 2013-08-27] (NVIDIA Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
S2 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [X]
S2 Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\Windows\System32\DRIVERS\athr.sys [2987520 2012-07-24] (Qualcomm Atheros Communications, Inc.)
S3 DxVGrb; C:\Windows\System32\drivers\DxVGrb.sys [179200 2012-01-10] (Dexetek )
R3 ETD; C:\Windows\System32\DRIVERS\ETD.sys [172328 2012-12-08] (ELAN Microelectronics Corp.)
R3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R0 iusb3hcs; C:\Windows\System32\DRIVERS\iusb3hcs.sys [16440 2012-12-08] (Intel Corporation)
R3 iusb3hub; C:\Windows\System32\DRIVERS\iusb3hub.sys [351288 2012-12-08] (Intel Corporation)
R3 iusb3xhc; C:\Windows\System32\DRIVERS\iusb3xhc.sys [796216 2012-12-08] (Intel Corporation)
R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [55104 2012-07-17] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [239224 2014-11-15] (Microsoft Corporation)
R0 nvpciflt; C:\Windows\System32\DRIVERS\nvpciflt.sys [27424 2013-09-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [33568 2013-08-20] (NVIDIA Corporation)
R3 RSBASTOR; C:\Windows\System32\DRIVERS\RtsBaStor.sys [214016 2012-12-08] (Realtek Semiconductor Corp.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [466008 2013-01-03] (Duplex Secure Ltd.)
S3 zte_cdc_acm; C:\Windows\System32\DRIVERS\zte_cdc_acm.sys [66432 2015-10-24] (ZTE) [File not signed]
U3 ay7dzhke; C:\Windows\system32\Drivers\ay7dzhke.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
S3 ASUSProcObsrv; \??\D:\I386\AsProcOb.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-06 19:13 - 2016-07-06 19:13 - 00155122 _____ C:\Users\Katuska\Downloads\2014_mala ziadost II.pdf
2016-07-05 07:19 - 2016-07-05 07:19 - 00000000 ____D C:\Users\Katuska\Desktop\TRICKO LOGO
2016-07-03 12:36 - 2016-07-03 12:36 - 00030046 _____ C:\Users\Katuska\Desktop\FRST3.txt
2016-07-03 12:35 - 2016-07-06 20:54 - 00021738 _____ C:\Users\Katuska\Desktop\FRST.txt
2016-07-03 12:35 - 2016-07-03 12:36 - 00037391 _____ C:\Users\Katuska\Desktop\Addition.txt
2016-07-03 12:34 - 2016-07-03 12:34 - 00000000 ____D C:\Users\Katuska\Desktop\FRST-OlderVersion
2016-07-02 07:09 - 2016-07-02 07:09 - 00000000 ____D C:\Program Files\Common Files\Java
2016-07-02 07:07 - 2016-07-02 07:07 - 00738368 _____ (Oracle Corporation) C:\Users\Katuska\Downloads\jre-8u91-windows-i586-iftw.exe
2016-06-26 19:23 - 2016-06-26 19:23 - 00056673 _____ C:\Users\Katuska\Downloads\predpis_168083.pdf
2016-06-25 14:49 - 2016-06-28 20:22 - 00063520 _____ C:\Users\Katuska\Desktop\BMW ROADSHOW JUL 2016.xlsx
2016-06-12 13:23 - 2016-06-12 13:27 - 00000000 ____D C:\AdwCleaner
2016-06-12 13:22 - 2016-06-12 13:22 - 03677248 _____ C:\Users\Katuska\Downloads\adwcleaner_5.119.exe
2016-06-07 22:04 - 2016-06-07 22:05 - 00000000 ____D C:\Users\Katuska\Documents\DAN Z PRIJMU

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-06 20:54 - 2016-05-09 22:17 - 00000000 ____D C:\FRST
2016-07-06 20:51 - 2014-01-02 18:03 - 00000000 ____D C:\Users\Katuska\AppData\Local\LogMeIn Hamachi
2016-07-06 19:57 - 2013-08-17 17:28 - 00000924 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-06 19:33 - 2012-12-30 23:28 - 00000936 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3338003536-3836655406-3577229235-1000UA.job
2016-07-06 07:44 - 2013-08-17 17:28 - 00000920 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-06 07:35 - 2012-12-30 23:28 - 00000914 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3338003536-3836655406-3577229235-1000Core.job
2016-07-04 19:10 - 2013-10-07 17:26 - 00000284 _____ C:\Windows\Tasks\AppleSoftwareUpdate.job
2016-07-03 12:34 - 2016-05-09 22:16 - 01740288 _____ (Farbar) C:\Users\Katuska\Desktop\FRST.exe
2016-07-03 09:48 - 2009-07-14 06:34 - 00026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-07-03 09:48 - 2009-07-14 06:34 - 00026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-07-02 07:49 - 2014-04-16 13:27 - 00000000 ____D C:\ProgramData\Oracle
2016-07-02 07:39 - 2014-10-25 14:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-07-02 07:39 - 2014-10-25 14:44 - 00000000 ____D C:\Program Files\Java
2016-07-02 07:09 - 2015-11-08 21:14 - 00000000 ____D C:\Users\Katuska\.oracle_jre_usage
2016-07-02 07:08 - 2015-02-02 21:11 - 00095808 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2016-07-02 06:32 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-25 16:26 - 2013-11-10 10:44 - 00000000 ____D C:\Users\Katuska\Documents\Súbory programu Outlook
2016-06-19 22:39 - 2013-09-16 14:41 - 00002153 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-15 22:40 - 2012-12-09 01:01 - 00400040 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-06-11 21:35 - 2016-05-10 20:35 - 00000000 ____D C:\Users\Katuska\AppData\Local\Spotify
2016-06-11 19:47 - 2016-05-10 20:35 - 00000000 ____D C:\Users\Katuska\AppData\Roaming\Spotify
2016-06-11 15:11 - 2015-11-27 23:22 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-06-07 22:10 - 2012-12-25 20:48 - 00000000 ___RD C:\Program Files\Skype
2016-06-07 22:07 - 2014-09-28 09:41 - 00000000 ___RD C:\Users\Katuska\Desktop\SKOLA

==================== Files in the root of some directories =======

2013-09-03 15:26 - 2015-06-08 03:10 - 0008192 _____ () C:\Users\Katuska\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-05 00:07 - 2015-01-29 22:09 - 0007597 _____ () C:\Users\Katuska\AppData\Local\Resmon.ResmonCfg
2015-01-06 13:37 - 2015-05-22 09:52 - 0000575 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

Some files in TEMP:
====================
C:\Users\Katuska\AppData\Local\Temp\FreemakeVideoConverter_4.1.4.14.exe
C:\Users\Katuska\AppData\Local\Temp\FYDSetup.exe
C:\Users\Katuska\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Katuska\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\Katuska\AppData\Local\Temp\jre-8u66-windows-au.exe
C:\Users\Katuska\AppData\Local\Temp\jre-8u71-windows-au.exe
C:\Users\Katuska\AppData\Local\Temp\jre-8u73-windows-au.exe
C:\Users\Katuska\AppData\Local\Temp\libeay32.dll
C:\Users\Katuska\AppData\Local\Temp\msvcr120.dll
C:\Users\Katuska\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Katuska\AppData\Local\Temp\sqlite3.dll
C:\Users\Katuska\AppData\Local\Temp\TMCCSetup_3.68.05.14_1.exe
C:\Users\Katuska\AppData\Local\Temp\vlc-2.2.1-win32.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-06-27 21:07

==================== End of FRST.txt ============================

addition

Kód: Vybrat vše

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 02-07-2016
Ran by Katuska (2016-07-06 20:55:02)
Running from C:\Users\Katuska\Desktop
Microsoft Windows 7 Ultimate  Service Pack 1 (X86) (2012-12-08 22:42:36)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3338003536-3836655406-3577229235-500 - Administrator - Disabled)
Guest (S-1-5-21-3338003536-3836655406-3577229235-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3338003536-3836655406-3577229235-1006 - Limited - Enabled)
Katuska (S-1-5-21-3338003536-3836655406-3577229235-1000 - Administrator - Enabled) => C:\Users\Katuska
UpdatusUser (S-1-5-21-3338003536-3836655406-3577229235-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Absolute Uninstaller 2.9.0.722 (HKLM\...\Absolute Uninstaller_is1) (Version:  - Glarysoft.com)
Activision(R) (Version: 1.0 - Activision) Hidden
Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Aktualizácie NVIDIA 8.3.14 (Version: 8.3.14 - NVIDIA Corporation) Hidden
AlbumMaker (HKLM\...\TiskProRadost_AlbumMaker) (Version:  - )
Apple Application Support (HKLM\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{235EBB33-3DA1-46DF-AADE-9955123409CB}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft ShowBiz (HKLM\...\{9D41D2EF-2D33-4CFD-8A3E-C7E6FCC3303B}) (Version:  - ArcSoft)
ASUS LifeFrame3 (HKLM\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.7 - ASUS)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
BS.Player FREE (HKLM\...\BSPlayerf) (Version: 2.66.1075 - AB Team, d.o.o.)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5143 - CDBurnerXP)
Conexant Polaris Unused CIR Function (HKLM\...\Uninstaller50d99d520) (Version: 1.0.0.0 - Conexant Systems)
Conexant Polaris Unused CIR Function (HKLM\...\Uninstaller54fd70370) (Version: 1.0.0.0 - Conexant Systems)
Conexant Polaris Unused CIR Function (HKLM\...\VID_1D19&PID_6109&MI_00) (Version: 1.0.0.0 - Conexant Systems)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.46.1.0327 - DT Soft Ltd)
ETDWare PS/2-X86 10.5.9.0 (HKLM\...\Elantech) (Version: 10.5.9.0 - ELAN Microelectronic Corp.)
Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Free Mp3 Wma Converter V 2.2 (HKLM\...\Free Mp3 Wma Converter_is1) (Version: 2.2.0.0 - Koyote Soft)
Free YouTube Downloader 4.1.507 (HKLM\...\{A7E19604-93AF-4611-8C9F-CE509C2B286F}_is1) (Version:  - HOW Inc.)
Freemake Video Converter verzia 4.1.5 (HKLM\...\Freemake Video Converter_is1) (Version: 4.1.5 - Ellora Assets Corporation)
GeForce Experience NvStream Client Components (Version: 0.1.87 - NVIDIA Corporation) Hidden
Google Earth Plug-in (HKLM\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Chrome (HKLM\...\Google Chrome) (Version: 51.0.2704.103 - Spoločnosť Google Inc.)
Google Update Helper (Version: 1.3.30.3 - Google Inc.) Hidden
Half-Life (HKLM\...\Half-Life_is1) (Version: Half-Life - Non Steam - KingSOFT DVD)
iCloud (HKLM\...\{8D9592B4-7E22-4D1F-B2CB-B5F0F2F619CB}) (Version: 4.0.3.56 - Apple Inc.)
ICQ 8.2 (verze 7135) (HKU\S-1-5-21-3338003536-3836655406-3577229235-1000\...\ICQ) (Version: 8.2.7135.0 - ICQ)
Intel(R) Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2932 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.6.245 - Intel Corporation)
IrfanView (remove only) (HKLM\...\IrfanView) (Version:  - )
iTunes (HKLM\...\{5D928931-D1D2-4A93-A82D-BF60D0E7CFA5}) (Version: 12.0.1.26 - Apple Inc.)
Java 8 Update 91 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.15 - Oracle Corporation)
LogMeIn Hamachi (HKLM\...\LogMeIn Hamachi) (Version: 2.2.0.328 - LogMeIn, Inc.)
LogMeIn Hamachi (Version: 2.2.0.328 - LogMeIn, Inc.) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.7.205.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Moj CEWE FOTOSVET (HKLM\...\Moj CEWE FOTOSVET) (Version: 6.0.5 - CEWE Stiftung u Co. KGaA)
Mozilla Firefox 40.0.3 (x86 sk) (HKLM\...\Mozilla Firefox 40.0.3 (x86 sk)) (Version: 40.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 40.0.3 - Mozilla)
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Nero 7 Ultra Edition (HKLM\...\{CF097717-F174-4144-954A-FBC4BF301033}) (Version: 7.02.9753 - Nero AG)
Nero 9 Essentials (HKLM\...\{f712da53-ef3e-41a8-9fc0-2c0f828bc41e}) (Version:  - Nero AG)
Nokia Connectivity Cable Driver (HKLM\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
NVIDIA GeForce Experience 1.6.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.6.1 - NVIDIA Corporation)
NVIDIA Grafický ovládač 327.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.23 - NVIDIA Corporation)
NVIDIA Ovládač zvuku HD 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA Softvér systému s podporou technológie PhysX 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.5 - NVIDIA Corporation)
Ovládací panel NVIDIA 327.23 (Version: 327.23 - NVIDIA Corporation) Hidden
PC Connectivity Solution (HKLM\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek PCIE Card Reader (HKLM\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.27028 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
SHIELD Streaming (Version: 1.05.28 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.3.0.9150 - Microsoft Corporation)
Skype™ 7.10 (HKLM\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.10.101 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-3338003536-3836655406-3577229235-1000\...\Spotify) (Version: 1.0.29.92.g67727800 - Spotify AB)
System Requirements Lab for Intel (HKLM\...\{63B7AC7E-0178-4F4F-A79B-08D97ADD02D7}) (Version: 4.5.11.0 - Husdawg, LLC)
The Godfather™ The Game (HKLM\...\{1D2CF076-A63F-41A5-00A1-5924FADFAD9D}) (Version:  - )
The Sims™ 3 (HKLM\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.0.632 - Electronic Arts)
Tomb Raider (HKLM\...\Tomb Raider_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
Tomb Raider Chronicles (HKLM\...\Tomb Raider Chronicles) (Version:  - )
Transformers(TM) - War for Cybertron(TM) (HKLM\...\InstallShield_{2A96D655-4FEF-4512-9468-0AABA70CD389}) (Version: 1.0 - Activision)
Unity Web Player (HKU\S-1-5-21-3338003536-3836655406-3577229235-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Video Grabber (HKLM\...\Uninstaller50d99d500) (Version: 1.0.0.0 - Conexant Systems)
Video Grabber (HKLM\...\Uninstaller54fd70350) (Version: 1.0.0.0 - Conexant Systems)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 4.8.1.0 - Azureus Software, Inc.)
Winamp (HKLM\...\Winamp) (Version: 5.63  - Nullsoft, Inc)
Windows Driver Package - Nokia pccsmcfd “LegacyDriver”  (05/31/2012 7.1.2.0) (HKLM\...\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382) (Version: 05/31/2012 7.1.2.0 - Nokia)
Windows Phone app for desktop (HKLM\...\{F0752A78-37C4-4C76-8B97-EFF334BF5298}) (Version: 1.1.2726.0 - Microsoft Corporation)
WinRAR 4.20 (32-bitová verzia) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3338003536-3836655406-3577229235-1000_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\Katuska\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-3338003536-3836655406-3577229235-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Katuska\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-3338003536-3836655406-3577229235-1000_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\Katuska\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-3338003536-3836655406-3577229235-1000_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Users\Katuska\AppData\Local\Facebook\Video\Skype\FacebookVideoCallingProxy.exe (Skype Limited)
CustomCLSID: HKU\S-1-5-21-3338003536-3836655406-3577229235-1000_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\Katuska\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CustomCLSID: HKU\S-1-5-21-3338003536-3836655406-3577229235-1001_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\Katuska\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-3338003536-3836655406-3577229235-1001_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\UpdatusUser\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx => No File
CustomCLSID: HKU\S-1-5-21-3338003536-3836655406-3577229235-1001_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll => No File
CustomCLSID: HKU\S-1-5-21-3338003536-3836655406-3577229235-1001_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Users\UpdatusUser\AppData\Local\Facebook\Video\Skype\FacebookVideoCallingProxy.exe => No File
CustomCLSID: HKU\S-1-5-21-3338003536-3836655406-3577229235-1001_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll => No File

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {25E40646-69D1-43F5-9FEC-82303A330DCF} - System32\Tasks\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {2B5FC332-CB4E-450E-8E5E-1CFBCAD27F08} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {2EA0B424-221F-4102-B368-150573B8A0C2} - System32\Tasks\{25FE605D-C0EF-4A0E-8C96-99093EEED441} => pcalua.exe -a "C:\Users\Katuska\Documents\Vuze Downloads\The Sims 3 - Razor1911 Final MAXSPEED\Final Version Patch\Sims3_1.0.632.00002_from_1.0.631.00002.exe" -d "C:\Users\Katuska\Documents\Vuze Downloads\The Sims 3 - Razor1911 Final MAXSPEED\Final Version Patch"
Task: {3203B7C4-FF9F-43BB-82C1-0BD5EC9ABDA2} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3338003536-3836655406-3577229235-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {3A4711F1-F7A7-4015-9907-9B80FDF02BB9} - System32\Tasks\{71A8FC45-EB15-447E-9ED5-BB3447FC3428} => pcalua.exe -a "C:\Program Files\Nero\Nero 7\Nero Toolkit\NeroBurnRights.cpl" -c Nero BurnRights
Task: {4E6F6BC2-B6B0-43F6-8069-55AD020D7D2C} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3338003536-3836655406-3577229235-1000Core => C:\Users\Katuska\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-12-30] (Facebook Inc.)
Task: {65B737FD-53C2-4A4F-83BB-DCE4622D4BD2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {8319D0A5-E245-4801-9508-80E65787BEED} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3338003536-3836655406-3577229235-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {A703D6D5-08DB-4D09-8F74-1A25BAE5D817} - System32\Tasks\{1E5DCC4A-0DD9-44C9-8094-626ADA1F4F7C} => pcalua.exe -a E:\OriginInstaller.exe -d E:\
Task: {A850C99B-716D-4BDE-837B-59F3B5BD5DE9} - System32\Tasks\{A6E33918-3C93-41A8-A31E-D6759CA3E55C} => pcalua.exe -a C:\Users\Katuska\Documents\WinFlash_Win8_64_Z2411\Setup.exe -d C:\Users\Katuska\Documents\WinFlash_Win8_64_Z2411
Task: {CC492EA3-B33F-4D33-AB78-324A3539D3A5} - System32\Tasks\{36EB49AA-86D3-46E6-AD6D-72CA8F46EFB5} => pcalua.exe -a C:\Users\Katuska\Desktop\NFS_RUN\OriginInstaller.exe -d C:\Users\Katuska\Desktop\NFS_RUN
Task: {D53C87E9-5E6B-4723-AA52-341F90CB0210} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {D8902289-9B80-429E-8A15-4EA3C40EC492} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3338003536-3836655406-3577229235-1000UA => C:\Users\Katuska\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-12-30] (Facebook Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3338003536-3836655406-3577229235-1000Core.job => C:\Users\Katuska\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3338003536-3836655406-3577229235-1000UA.job => C:\Users\Katuska\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Katuska\AppData\Local\Microsoft\Windows\GameExplorer\{89BC1607-2304-44D5-8B7B-DA6A04BDBE19}\SupportTasks\0\Technická podpora.lnk -> hxxp://support.ea.com/ (No File)
Shortcut: C:\Users\Katuska\AppData\Local\Microsoft\Windows\GameExplorer\{778B8601-EFF5-4F9E-A2B4-3F7F463BB419}\SupportTasks\1\Technická podpora.lnk -> hxxp://www.eidosinteractive.com/support/index.html/ (No File)
Shortcut: C:\Users\Katuska\AppData\Local\Microsoft\Windows\GameExplorer\{778B8601-EFF5-4F9E-A2B4-3F7F463BB419}\SupportTasks\0\Ďalšie hry od spoločnosti Microsoft.lnk -> hxxp://www.eidosinteractive.com/games/embed.html (No File)
Shortcut: C:\Users\Katuska\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ\icq.com.lnk -> hxxp://www.icq.com/ (No File)

==================== Loaded Modules (Whitelisted) ==============

2012-12-09 01:16 - 2013-09-12 08:28 - 00088864 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2014-07-03 13:20 - 2014-07-03 13:20 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 14:05 - 2014-10-11 14:05 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-10-15 21:07 - 2013-09-12 10:51 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2012-10-10 06:32 - 2012-10-10 06:32 - 00094208 _____ () C:\Windows\System32\IccLibDll.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\office14\Cultures\office.odf
2016-05-27 21:19 - 2016-05-27 21:19 - 22345912 _____ () C:\Program Files\Adobe\Acrobat Reader DC\Reader\AcroRd32.dll
2016-05-16 18:44 - 2016-05-16 18:44 - 00322232 _____ () C:\Program Files\Adobe\Acrobat Reader DC\Reader\sqlite.dll
2016-05-16 18:44 - 2016-05-16 18:44 - 46476472 _____ () C:\Program Files\Adobe\Acrobat Reader DC\Reader\AcroCEF\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3338003536-3836655406-3577229235-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Katuska\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 217.23.254.124 - 217.23.254.125
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{A8981784-3CEE-473A-834A-008ED6485E9D}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe
FirewallRules: [UDP Query User{B09148EF-1081-4A91-9429-ECAC67D6786C}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe
FirewallRules: [TCP Query User{78D161DB-4431-4802-9704-030B75B46C8F}C:\program files\winamp\winamp.exe] => (Allow) C:\program files\winamp\winamp.exe
FirewallRules: [UDP Query User{A6C26F9B-35D1-4BBD-BC9A-BB22957F142A}C:\program files\winamp\winamp.exe] => (Allow) C:\program files\winamp\winamp.exe
FirewallRules: [TCP Query User{810BF34A-5389-4F31-A488-6D6494B9E28B}C:\program files\winamp\winamp.exe] => (Allow) C:\program files\winamp\winamp.exe
FirewallRules: [UDP Query User{A1E6ECA2-0071-400F-B20B-28BC624CD5A5}C:\program files\winamp\winamp.exe] => (Allow) C:\program files\winamp\winamp.exe
FirewallRules: [{A4EF0A9C-5F54-4461-ADEB-92B6EB49992A}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{E6C07553-050B-4F16-A460-F5E1F37F2921}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [{CD70B1F4-F8B8-4346-8BF8-CDE564E8102B}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [{DC83F61C-80DD-4FE6-9818-86FC69C20C46}] => (Allow) C:\Program Files\Raptr\raptr.exe
FirewallRules: [{3DA92672-7CB6-4596-978C-4405582ECA7C}] => (Allow) C:\Program Files\Raptr\raptr.exe
FirewallRules: [{54506ED3-1A03-4C56-B4B9-CAE7762FBDF1}] => (Allow) C:\Program Files\Raptr\raptr_im.exe
FirewallRules: [{DBFEDCF7-56BD-4811-B7E1-2F273EB64BC9}] => (Allow) C:\Program Files\Raptr\raptr_im.exe
FirewallRules: [TCP Query User{9102F3FC-9C16-44A5-90C5-12BD3D1F72F1}C:\program files\vuze\azureus.exe] => (Block) C:\program files\vuze\azureus.exe
FirewallRules: [UDP Query User{EA311B7B-34FF-409E-882C-06D904AD3940}C:\program files\vuze\azureus.exe] => (Block) C:\program files\vuze\azureus.exe
FirewallRules: [TCP Query User{97D1CE7F-51DE-478B-9539-49AFCC3CB266}C:\program files\microsoft office\office14\groove.exe] => (Block) C:\program files\microsoft office\office14\groove.exe
FirewallRules: [UDP Query User{173CC808-1398-4BBF-8913-EFCB362B9E72}C:\program files\microsoft office\office14\groove.exe] => (Block) C:\program files\microsoft office\office14\groove.exe
FirewallRules: [{795EB42C-B545-4662-B005-B282085FF832}] => (Allow) C:\Program Files\Activision\Transformers - War for Cybertron\Binaries\TWFC.exe
FirewallRules: [{05722E59-8B17-4F63-A3C3-7FC3FC73DA1E}] => (Allow) C:\Program Files\Activision\Transformers - War for Cybertron\Binaries\TWFC.exe
FirewallRules: [TCP Query User{DE157424-C334-4634-BD95-2EFD750B84ED}C:\users\katuska\desktop\nfs_run\game\need for speed the run.exe] => (Block) C:\users\katuska\desktop\nfs_run\game\need for speed the run.exe
FirewallRules: [UDP Query User{A4991026-F7C2-4AB2-8177-59943E15EF37}C:\users\katuska\desktop\nfs_run\game\need for speed the run.exe] => (Block) C:\users\katuska\desktop\nfs_run\game\need for speed the run.exe
FirewallRules: [TCP Query User{FD48225C-5480-4A38-8C54-A61703352AFA}C:\program files\activision\transformers - war for cybertron\binaries\twfc.exe] => (Allow) C:\program files\activision\transformers - war for cybertron\binaries\twfc.exe
FirewallRules: [UDP Query User{6E3E10C7-0172-4275-B1BE-702722A7427F}C:\program files\activision\transformers - war for cybertron\binaries\twfc.exe] => (Allow) C:\program files\activision\transformers - war for cybertron\binaries\twfc.exe
FirewallRules: [TCP Query User{ADA0B264-1E35-49E8-A32A-CF3F22663A29}C:\program files\tsearch\easydownload.exe] => (Block) C:\program files\tsearch\easydownload.exe
FirewallRules: [UDP Query User{D72422B8-6B61-4CF1-BDCD-7F290D339ED7}C:\program files\tsearch\easydownload.exe] => (Block) C:\program files\tsearch\easydownload.exe
FirewallRules: [TCP Query User{ABCD733D-1055-49D1-A6E9-A076EAA24892}C:\program files\nero\km\kwikmedia.exe] => (Allow) C:\program files\nero\km\kwikmedia.exe
FirewallRules: [UDP Query User{31EE8FA6-C458-489B-8452-25EAD73062C5}C:\program files\nero\km\kwikmedia.exe] => (Allow) C:\program files\nero\km\kwikmedia.exe
FirewallRules: [{16E9185A-A590-456B-9A1B-C156CA73D330}] => (Allow) C:\Users\Katuska\AppData\Roaming\ICQM\icq.exe
FirewallRules: [{0F6BC324-3EB2-4DA4-A566-085CFF769B8B}] => (Allow) C:\Users\Katuska\AppData\Roaming\ICQM\icq.exe
FirewallRules: [{6E491179-903A-4CD9-82A3-50B6EFBBBF7B}] => (Allow) C:\Program Files\nokia\nokia suite\nokiasuite.exe
FirewallRules: [{7A5D342E-FE93-47EF-88D5-D3CB7C2DC332}] => (Allow) C:\Program Files\Common Files\nokia\service layer\a\nsl_host_process.exe
FirewallRules: [{29758D1F-52AA-48D3-92B1-2BEA94A187E0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{EA15E156-3239-44A1-AA20-2E93FF1EC960}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{7E2588EC-C49A-4F02-8A58-064F9663A098}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{8CE8CCB0-A6C7-47C8-BEFF-E829EFC4AD63}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{44B3483D-AC81-44ED-9BBC-5A4B1CFBE1E3}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{96901664-1CF2-4FB6-BC14-CA4A802C4595}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{23577DAB-2B92-42F5-AAA0-DB11F20F05BF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{8D2232A3-2162-439E-B023-27F17348259A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{5D797F82-1E2D-4CD0-A743-91970F174E35}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{C2274220-708C-4752-9EAC-53525ACE158A}D:\easysetupassistant\easysetupassistant.exe] => (Allow) D:\easysetupassistant\easysetupassistant.exe
FirewallRules: [UDP Query User{F65D9DC5-E129-42A9-B17A-F3B9CD5CC225}D:\easysetupassistant\easysetupassistant.exe] => (Allow) D:\easysetupassistant\easysetupassistant.exe
FirewallRules: [{CEDCE2F6-307F-4B18-BDAF-8260F6E97074}] => (Block) D:\easysetupassistant\easysetupassistant.exe
FirewallRules: [{E04CD8AA-921B-4D8D-A57C-17C36CF717A1}] => (Block) D:\easysetupassistant\easysetupassistant.exe
FirewallRules: [TCP Query User{461F8C46-9397-46FE-A343-04BB6F21EB50}C:\program files\valve\half-life\hl.exe] => (Allow) C:\program files\valve\half-life\hl.exe
FirewallRules: [UDP Query User{E7C45487-1C4B-40DC-B7DE-111A4A8CD730}C:\program files\valve\half-life\hl.exe] => (Allow) C:\program files\valve\half-life\hl.exe
FirewallRules: [TCP Query User{9D204DDF-E79B-40B2-A468-F4F00F3F3987}C:\users\katuska\desktop\cossacls\dmcr.exe] => (Allow) C:\users\katuska\desktop\cossacls\dmcr.exe
FirewallRules: [UDP Query User{599AF51A-FA4F-40D7-A470-49D23418E1AF}C:\users\katuska\desktop\cossacls\dmcr.exe] => (Allow) C:\users\katuska\desktop\cossacls\dmcr.exe
FirewallRules: [TCP Query User{F8C00C76-047B-4C1D-AB68-A7888D767125}C:\windows\system32\dplaysvr.exe] => (Block) C:\windows\system32\dplaysvr.exe
FirewallRules: [UDP Query User{56B9A6DE-1A82-406F-8414-C698EE718CA8}C:\windows\system32\dplaysvr.exe] => (Block) C:\windows\system32\dplaysvr.exe
FirewallRules: [TCP Query User{AFE26FDC-01F4-4813-B838-C74EDE019116}C:\program files\nero\nero 7\nero showtime\showtime.exe] => (Block) C:\program files\nero\nero 7\nero showtime\showtime.exe
FirewallRules: [UDP Query User{6F0AE96B-23F3-4D82-A5F3-7CF1A0CA0D5D}C:\program files\nero\nero 7\nero showtime\showtime.exe] => (Block) C:\program files\nero\nero 7\nero showtime\showtime.exe
FirewallRules: [{28E112C1-0631-4099-A34B-9E8EFF76EF29}] => (Allow) C:\Users\Katuska\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{BC6B65CE-7540-42E9-9E49-560A0873205E}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{66F9D6AC-7F28-4B43-A002-7DA783EFFD0E}] => (Allow) c:\amcBaseDir\jre\bin\javaw.exe
FirewallRules: [{D6074C24-8A41-4293-8E17-09EC931C75A8}] => (Allow) c:\AMM\Kalkulacka\jre\bin\javaw.exe
FirewallRules: [{84739D71-8CD6-4798-9D32-3082AF61AF2D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{A169DFC3-6F89-40FF-B65D-3BD9E5ABE24D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{055805C5-97D5-4B90-8B28-5D85F18667F7}] => (Allow) c:\amcBaseDir\jre\bin\javaw.exe
FirewallRules: [{F175D703-03CD-43B2-BB8A-601AEEC385E6}] => (Allow) c:\amcBaseDir\jre\bin\javaw.exe
FirewallRules: [{F184DD5E-D4DE-46FC-8AD9-8F393B9E9567}] => (Allow) c:\amc\amcshared\jre\bin\javaw.exe
FirewallRules: [TCP Query User{597EBF98-6CEB-4C66-A3DC-AE340FBCB93D}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{F5297F47-80FC-454B-AF66-0CAAF8CF9D94}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{A713660B-D6D6-4ABD-B8B9-5ACA6403B758}] => (Allow) c:\amcBaseDir\jre\bin\javaw.exe
FirewallRules: [TCP Query User{2635E92F-3D14-4A26-820B-2A16EEF0B663}C:\users\katuska\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\katuska\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{2688072E-BC50-4CD8-B0B6-8F5AB548E88B}C:\users\katuska\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\katuska\appdata\roaming\spotify\spotify.exe
FirewallRules: [{1A908A1F-BFE6-4482-89A5-55AB4DFEA7F4}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

04-06-2016 18:04:02 Scheduled Checkpoint
07-06-2016 21:38:40 Windows Update
07-06-2016 21:46:51 Chrome Cleanup Tool
11-06-2016 15:09:17 Windows Update
15-06-2016 20:15:03 Windows Update
19-06-2016 22:55:00 Windows Update
25-06-2016 13:41:18 Windows Update
28-06-2016 20:43:21 Windows Update
03-07-2016 09:44:40 Windows Update
06-07-2016 19:17:58 Windows Update

==================== Faulty Device Manager Devices =============

Name: MpKslaf7ad901
Description: MpKslaf7ad901
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: MpKslaf7ad901
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Lexmark X422
Description: Lexmark X422
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Lexmark
Service: usbscan
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/05/2016 04:00:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 11294

Error: (07/05/2016 04:00:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 11294

Error: (07/05/2016 04:00:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/05/2016 04:00:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10202

Error: (07/05/2016 04:00:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10202

Error: (07/05/2016 04:00:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/05/2016 04:00:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9204

Error: (07/05/2016 04:00:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9204

Error: (07/05/2016 04:00:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/05/2016 04:00:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8206


System errors:
=============
Error: (07/02/2016 06:32:42 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Nero BackItUp Scheduler 4.0 zlyhalo kvôli nasledujúcej chybe: 
%%2 = Systém nemôže nájsť zadaný súbor.


Error: (07/01/2016 09:23:23 PM) (Source: BROWSER) (EventID: 8032) (User: )
Description: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{2271F06A-1D39-4CAE-8636-E5C998BD88D6}.
The backup browser is stopping.

Error: (06/27/2016 07:54:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Nero BackItUp Scheduler 4.0 zlyhalo kvôli nasledujúcej chybe: 
%%2 = Systém nemôže nájsť zadaný súbor.


Error: (06/25/2016 01:30:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Nero BackItUp Scheduler 4.0 zlyhalo kvôli nasledujúcej chybe: 
%%2 = Systém nemôže nájsť zadaný súbor.


Error: (06/23/2016 09:40:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Nero BackItUp Scheduler 4.0 zlyhalo kvôli nasledujúcej chybe: 
%%2 = Systém nemôže nájsť zadaný súbor.


Error: (06/12/2016 01:28:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Nero BackItUp Scheduler 4.0 zlyhalo kvôli nasledujúcej chybe: 
%%2 = Systém nemôže nájsť zadaný súbor.


Error: (06/12/2016 01:27:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Windows Media Player Network Sharing Service zlyhalo kvôli nasledujúcej chybe: 
%%3 = Systém nemôže nájsť zadanú cestu.


Error: (06/12/2016 01:27:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Windows Search zlyhalo kvôli nasledujúcej chybe: 
%%3 = Systém nemôže nájsť zadanú cestu.


Error: (06/12/2016 01:27:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba IconMan_R sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 60000 ms bude vykonaná nasledujúca opravná akcia: Restart the service.

Error: (06/12/2016 01:27:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba NMIndexingService sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
Percentage of memory in use: 70%
Total physical RAM: 3227.48 MB
Available physical RAM: 964.45 MB
Total Virtual: 6453.26 MB
Available Virtual: 3788.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:698.54 GB) (Free:397.16 GB) NTFS
Drive e: (TRC) (CDROM) (Total:0.55 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 7C12E647)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=698.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [153136 2007-03-01] (Nero AG)
HKLM\...\Run: [NBKeyScan] => C:\Program Files\Nero\Nero 7\Nero BackItUp\NBKeyScan.exe [1373480 2007-06-29] (Nero AG)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [595992 2016-05-20] (Oracle Corporation)
HKU\S-1-5-21-3338003536-3836655406-3577229235-1000\...\Run: [Facebook Update] => C:\Users\Katuska\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-12-30] (Facebook Inc.)
C:\Users\Katuska\AppData\Local\Facebook\Update
HKU\S-1-5-21-3338003536-3836655406-3577229235-1000\...\MountPoints2: {37974018-7a1c-11e5-9a7b-dc85de93fd82} - F:\Autorun.exe
HKU\S-1-5-21-3338003536-3836655406-3577229235-1000\...\MountPoints2: {4a29fb71-55db-11e2-b785-dc85de93fd82} - E:\autorun.exe
HKU\S-1-5-21-3338003536-3836655406-3577229235-1000\...\MountPoints2: {97db9772-01ac-11e3-917b-dc85de93fd82} - F:\NokiaPCIA_Autorun.exe
HKU\S-1-5-21-3338003536-3836655406-3577229235-1000\...\MountPoints2: {e61bd873-7215-11e2-b7b2-dc85de93fd82} - F:\setup.exe
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
C:\Program Files\Skype\Toolbars
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\51.0.2704.103\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\51.0.2704.103\pdf.dll => No File
CHR Plugin: (Nero Kwik Media Helper) - C:\PROGRA~1\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll => No File
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll => No File
CHR Plugin: (McAfee Security Scanner +) - C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll => No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll => No File
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll => No File
CHR Plugin: (Nokia Suite Enabler Plugin) - C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll => No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll => No File
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
S2 Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [X]
U3 ay7dzhke; C:\Windows\system32\Drivers\ay7dzhke.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3338003536-3836655406-3577229235-1000UA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3338003536-3836655406-3577229235-1000Core.job
C:\Users\Katuska\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Users\Katuska\AppData\Local\Temp
CustomCLSID: HKU\S-1-5-21-3338003536-3836655406-3577229235-1001_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\UpdatusUser\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx => No File
CustomCLSID: HKU\S-1-5-21-3338003536-3836655406-3577229235-1001_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll => No File
CustomCLSID: HKU\S-1-5-21-3338003536-3836655406-3577229235-1001_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Users\UpdatusUser\AppData\Local\Facebook\Video\Skype\FacebookVideoCallingProxy.exe => No File
CustomCLSID: HKU\S-1-5-21-3338003536-3836655406-3577229235-1001_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll => No File
Shortcut: C:\Users\Katuska\AppData\Local\Microsoft\Windows\GameExplorer\{89BC1607-2304-44D5-8B7B-DA6A04BDBE19}\SupportTasks\0\Technická podpora.lnk -> hxxp://support.ea.com/ (No File)
Shortcut: C:\Users\Katuska\AppData\Local\Microsoft\Windows\GameExplorer\{778B8601-EFF5-4F9E-A2B4-3F7F463BB419}\SupportTasks\1\Technická podpora.lnk -> hxxp://www.eidosinteractive.com/support/index.html/ (No File)
Shortcut: C:\Users\Katuska\AppData\Local\Microsoft\Windows\GameExplorer\{778B8601-EFF5-4F9E-A2B4-3F7F463BB419}\SupportTasks\0\Ďalšie hry od spoločnosti Microsoft.lnk -> hxxp://www.eidosinteractive.com/games/embed.html (No File)
Shortcut: C:\Users\Katuska\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ\icq.com.lnk -> hxxp://www.icq.com/ (No File)
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[k33p]

Kód: Vybrat vše

Fix result of Farbar Recovery Scan Tool (x86) Version: 11-08-2016 01
Ran by Katuska (2016-08-14 19:53:11) Run:1
Running from C:\Users\Katuska\Desktop
Loaded Profiles: Katuska & UpdatusUser (Available Profiles: Katuska & UpdatusUser)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
HKLM...Run [NeroFilterCheck] = CProgram FilesCommon FilesAheadLibNeroCheck.exe [153136 2007-03-01] (Nero AG)
HKLM...Run [NBKeyScan] = CProgram FilesNeroNero 7Nero BackItUpNBKeyScan.exe [1373480 2007-06-29] (Nero AG)
HKLM...Run [SunJavaUpdateSched] = CProgram FilesCommon FilesJavaJava Updatejusched.exe [595992 2016-05-20] (Oracle Corporation)
HKUS-1-5-21-3338003536-3836655406-3577229235-1000...Run [Facebook Update] = CUsersKatuskaAppDataLocalFacebookUpdateFacebookUpdate.exe [138096 2012-12-30] (Facebook Inc.)
CUsersKatuskaAppDataLocalFacebookUpdate
HKUS-1-5-21-3338003536-3836655406-3577229235-1000...MountPoints2 {37974018-7a1c-11e5-9a7b-dc85de93fd82} - FAutorun.exe
HKUS-1-5-21-3338003536-3836655406-3577229235-1000...MountPoints2 {4a29fb71-55db-11e2-b785-dc85de93fd82} - Eautorun.exe
HKUS-1-5-21-3338003536-3836655406-3577229235-1000...MountPoints2 {97db9772-01ac-11e3-917b-dc85de93fd82} - FNokiaPCIA_Autorun.exe
HKUS-1-5-21-3338003536-3836655406-3577229235-1000...MountPoints2 {e61bd873-7215-11e2-b7b2-dc85de93fd82} - Fsetup.exe
BHO Skype Click to Call for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - CProgram FilesSkypeToolbarsInternet ExplorerSkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
CProgram FilesSkypeToolbars
Handler skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - CProgram FilesSkypeToolbarsInternet ExplorerSkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
FF Plugin @microsoft.comGENUINE - disabled [No File]
CHR Plugin (Native Client) - CProgram FilesGoogleChromeApplication51.0.2704.103ppGoogleNaClPluginChrome.dll = No File
CHR Plugin (Chrome PDF Viewer) - CProgram FilesGoogleChromeApplication51.0.2704.103pdf.dll = No File
CHR Plugin (Nero Kwik Media Helper) - CPROGRA~1COMMON~1NeroBROWSE~1NPBROW~1.DLL = No File
CHR Plugin (Adobe Acrobat) - CProgram FilesAdobeReader 11.0ReaderAIRnppdf32.dll = No File
CHR Plugin (Google Update) - CProgram FilesGoogleUpdate1.3.21.153npGoogleUpdate3.dll = No File
CHR Plugin (McAfee Security Scanner +) - CProgram FilesMcAfee Security Scan3.0.318npMcAfeeMss.dll = No File
CHR Plugin (NVIDIA 3D Vision) - CProgram FilesNVIDIA Corporation3D Visionnpnv3dv.dll = No File
CHR Plugin (NVIDIA 3D VISION) - CProgram FilesNVIDIA Corporation3D Visionnpnv3dvstreaming.dll = No File
CHR Plugin (Nokia Suite Enabler Plugin) - CProgram FilesNokiaNokia SuitenpNokiaSuiteEnabler.dll = No File
CHR Plugin (Shockwave Flash) - CWindowssystem32MacromedFlashNPSWF32_11_8_800_168.dll = No File
CHR Plugin (Silverlight Plug-In) - cProgram FilesMicrosoft Silverlight5.1.20513.0npctrl.dll = No File
R2 c2cautoupdatesvc; CProgram FilesSkypeToolbarsAutoUpdateSkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
R2 c2cpnrsvc; CProgram FilesSkypeToolbarsPNRSvcSkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
S2 Nero BackItUp Scheduler 4.0; CProgram FilesCommon FilesNeroNero BackItUp 4NBService.exe [X]
U3 ay7dzhke; CWindowssystem32Driversay7dzhke.sys [0 ] (Microsoft Corporation) ==== ATTENTION (zero byte FileFolder)
CWindowsTasksGoogleUpdateTaskMachineUA.job
CWindowsTasksFacebookUpdateTaskUserS-1-5-21-3338003536-3836655406-3577229235-1000UA.job
CWindowsTasksGoogleUpdateTaskMachineCore.job
CWindowsTasksFacebookUpdateTaskUserS-1-5-21-3338003536-3836655406-3577229235-1000Core.job
CUsersKatuskaAppDataLocalDCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
CUsersKatuskaAppDataLocalTemp
CustomCLSID HKUS-1-5-21-3338003536-3836655406-3577229235-1001_ClassesCLSID{444785F1-DE89-4295-863A-D46C3A781394}InprocServer32 - CUsersUpdatusUserAppDataLocalLowUnityWebPlayerloaderUnityWebPluginAX.ocx = No File
CustomCLSID HKUS-1-5-21-3338003536-3836655406-3577229235-1001_ClassesCLSID{5E71E4F3-E8C7-4906-9626-973E418762B6}InprocServer32 - CUsersUpdatusUserAppDataLocalFacebookUpdate1.2.205.0goopdate.dll = No File
CustomCLSID HKUS-1-5-21-3338003536-3836655406-3577229235-1001_ClassesCLSID{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}localserver32 - CUsersUpdatusUserAppDataLocalFacebookVideoSkypeFacebookVideoCallingProxy.exe = No File
CustomCLSID HKUS-1-5-21-3338003536-3836655406-3577229235-1001_ClassesCLSID{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}InprocServer32 - CUsersUpdatusUserAppDataLocalFacebookVideoSkypenpFacebookVideoCalling.dll = No File
Shortcut CUsersKatuskaAppDataLocalMicrosoftWindowsGameExplorer{89BC1607-2304-44D5-8B7B-DA6A04BDBE19}SupportTasks0Technická podpora.lnk - hxxpsupport.ea.com (No File)
Shortcut CUsersKatuskaAppDataLocalMicrosoftWindowsGameExplorer{778B8601-EFF5-4F9E-A2B4-3F7F463BB419}SupportTasks1Technická podpora.lnk - hxxpwww.eidosinteractive.comsupportindex.html (No File)
Shortcut CUsersKatuskaAppDataLocalMicrosoftWindowsGameExplorer{778B8601-EFF5-4F9E-A2B4-3F7F463BB419}SupportTasks0Ďalšie hry od spoločnosti Microsoft.lnk - hxxpwww.eidosinteractive.comgamesembed.html (No File)
Shortcut CUsersKatuskaAppDataRoamingMicrosoftWindowsStart MenuProgramsICQicq.com.lnk - hxxpwww.icq.com (No File)
End
*****************

HKLM...Run [NeroFilterCheck] = CProgram FilesCommon FilesAheadLibNeroCheck.exe [153136 2007-03-01] (Nero AG) => Error: No automatic fix found for this entry.
HKLM...Run [NBKeyScan] = CProgram FilesNeroNero 7Nero BackItUpNBKeyScan.exe [1373480 2007-06-29] (Nero AG) => Error: No automatic fix found for this entry.
HKLM...Run [SunJavaUpdateSched] = CProgram FilesCommon FilesJavaJava Updatejusched.exe [595992 2016-05-20] (Oracle Corporation) => Error: No automatic fix found for this entry.
HKUS-1-5-21-3338003536-3836655406-3577229235-1000...Run [Facebook Update] = CUsersKatuskaAppDataLocalFacebookUpdateFacebookUpdate.exe [138096 2012-12-30] (Facebook Inc.) => Error: No automatic fix found for this entry.
CUsersKatuskaAppDataLocalFacebookUpdate => Error: No automatic fix found for this entry.
HKUS-1-5-21-3338003536-3836655406-3577229235-1000...MountPoints2 {37974018-7a1c-11e5-9a7b-dc85de93fd82} - FAutorun.exe => Error: No automatic fix found for this entry.
HKUS-1-5-21-3338003536-3836655406-3577229235-1000...MountPoints2 {4a29fb71-55db-11e2-b785-dc85de93fd82} - Eautorun.exe => Error: No automatic fix found for this entry.
HKUS-1-5-21-3338003536-3836655406-3577229235-1000...MountPoints2 {97db9772-01ac-11e3-917b-dc85de93fd82} - FNokiaPCIA_Autorun.exe => Error: No automatic fix found for this entry.
HKUS-1-5-21-3338003536-3836655406-3577229235-1000...MountPoints2 {e61bd873-7215-11e2-b7b2-dc85de93fd82} - Fsetup.exe => Error: No automatic fix found for this entry.
BHO Skype Click to Call for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - CProgram FilesSkypeToolbarsInternet ExplorerSkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation) => Error: No automatic fix found for this entry.
CProgram FilesSkypeToolbars => Error: No automatic fix found for this entry.
Handler skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - CProgram FilesSkypeToolbarsInternet ExplorerSkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation) => Error: No automatic fix found for this entry.
FF Plugin @microsoft.comGENUINE - disabled [No File] => Error: No automatic fix found for this entry.
CHR Plugin (Native Client) - CProgram FilesGoogleChromeApplication51.0.2704.103ppGoogleNaClPluginChrome.dll = No File => Error: No automatic fix found for this entry.
CHR Plugin (Chrome PDF Viewer) - CProgram FilesGoogleChromeApplication51.0.2704.103pdf.dll = No File => Error: No automatic fix found for this entry.
CHR Plugin (Nero Kwik Media Helper) - CPROGRA~1COMMON~1NeroBROWSE~1NPBROW~1.DLL = No File => Error: No automatic fix found for this entry.
CHR Plugin (Adobe Acrobat) - CProgram FilesAdobeReader 11.0ReaderAIRnppdf32.dll = No File => Error: No automatic fix found for this entry.
CHR Plugin (Google Update) - CProgram FilesGoogleUpdate1.3.21.153npGoogleUpdate3.dll = No File => Error: No automatic fix found for this entry.
CHR Plugin (McAfee Security Scanner +) - CProgram FilesMcAfee Security Scan3.0.318npMcAfeeMss.dll = No File => Error: No automatic fix found for this entry.
CHR Plugin (NVIDIA 3D Vision) - CProgram FilesNVIDIA Corporation3D Visionnpnv3dv.dll = No File => Error: No automatic fix found for this entry.
CHR Plugin (NVIDIA 3D VISION) - CProgram FilesNVIDIA Corporation3D Visionnpnv3dvstreaming.dll = No File => Error: No automatic fix found for this entry.
CHR Plugin (Nokia Suite Enabler Plugin) - CProgram FilesNokiaNokia SuitenpNokiaSuiteEnabler.dll = No File => Error: No automatic fix found for this entry.
CHR Plugin (Shockwave Flash) - CWindowssystem32MacromedFlashNPSWF32_11_8_800_168.dll = No File => Error: No automatic fix found for this entry.
CHR Plugin (Silverlight Plug-In) - cProgram FilesMicrosoft Silverlight5.1.20513.0npctrl.dll = No File => Error: No automatic fix found for this entry.
c2cautoupdatesvc => Service stopped successfully.
c2cautoupdatesvc => service removed successfully.
c2cpnrsvc => Service stopped successfully.
c2cpnrsvc => service removed successfully.
Nero BackItUp Scheduler 4.0 => service removed successfully.
ay7dzhke => service not found.
CWindowsTasksGoogleUpdateTaskMachineUA.job => Error: No automatic fix found for this entry.
CWindowsTasksFacebookUpdateTaskUserS-1-5-21-3338003536-3836655406-3577229235-1000UA.job => Error: No automatic fix found for this entry.
CWindowsTasksGoogleUpdateTaskMachineCore.job => Error: No automatic fix found for this entry.
CWindowsTasksFacebookUpdateTaskUserS-1-5-21-3338003536-3836655406-3577229235-1000Core.job => Error: No automatic fix found for this entry.
CUsersKatuskaAppDataLocalDCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => Error: No automatic fix found for this entry.
CUsersKatuskaAppDataLocalTemp => Error: No automatic fix found for this entry.
CustomCLSID HKUS-1-5-21-3338003536-3836655406-3577229235-1001_ClassesCLSID{444785F1-DE89-4295-863A-D46C3A781394}InprocServer32 - CUsersUpdatusUserAppDataLocalLowUnityWebPlayerloaderUnityWebPluginAX.ocx = No File => Error: No automatic fix found for this entry.
CustomCLSID HKUS-1-5-21-3338003536-3836655406-3577229235-1001_ClassesCLSID{5E71E4F3-E8C7-4906-9626-973E418762B6}InprocServer32 - CUsersUpdatusUserAppDataLocalFacebookUpdate1.2.205.0goopdate.dll = No File => Error: No automatic fix found for this entry.
CustomCLSID HKUS-1-5-21-3338003536-3836655406-3577229235-1001_ClassesCLSID{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}localserver32 - CUsersUpdatusUserAppDataLocalFacebookVideoSkypeFacebookVideoCallingProxy.exe = No File => Error: No automatic fix found for this entry.
CustomCLSID HKUS-1-5-21-3338003536-3836655406-3577229235-1001_ClassesCLSID{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}InprocServer32 - CUsersUpdatusUserAppDataLocalFacebookVideoSkypenpFacebookVideoCalling.dll = No File => Error: No automatic fix found for this entry.
Shortcut CUsersKatuskaAppDataLocalMicrosoftWindowsGameExplorer{89BC1607-2304-44D5-8B7B-DA6A04BDBE19}SupportTasks0Technická podpora.lnk - hxxpsupport.ea.com (No File) => Error: No automatic fix found for this entry.
Shortcut CUsersKatuskaAppDataLocalMicrosoftWindowsGameExplorer{778B8601-EFF5-4F9E-A2B4-3F7F463BB419}SupportTasks1Technická podpora.lnk - hxxpwww.eidosinteractive.comsupportindex.html (No File) => Error: No automatic fix found for this entry.
Shortcut CUsersKatuskaAppDataLocalMicrosoftWindowsGameExplorer{778B8601-EFF5-4F9E-A2B4-3F7F463BB419}SupportTasks0Ďalšie hry od spoločnosti Microsoft.lnk - hxxpwww.eidosinteractive.comgamesembed.html (No File) => Error: No automatic fix found for this entry.
Shortcut CUsersKatuskaAppDataRoamingMicrosoftWindowsStart MenuProgramsICQicq.com.lnk - hxxpwww.icq.com (No File) => Error: No automatic fix found for this entry.

==== End of Fixlog 19:53:11 ====

[Rudy]

Pokrečovat po 6ti týdnech není zrovna košér. Do té doby se to mohlo více zaplevelit. Nastala nějaká změna?