Prosím o pomoc.Problém se vším.
Napsal: 30 čer 2016 20:27
Dobrý den,
čerpám z tohoto tématu (http://forum.viry.cz/viewtopic.php?f=13&t=149180) .
Jelikož se mi nelíbí stav mého notebooku a k přeinstalaci systému by mě donutilo akorát absolutní zhroucení systému, rozhodl jsem se hledat pomoc. Hlavní problém bych viděl v chromu, nevím jak, prostě se to stalo nejspíš mou chybou, se mi dostalo do notebooku spoustu "modifikací" chromu. Když si zapnu normálně chrome ze složky C:\Program Files (x86)\Google\Chrome\Application, tak se mi otevře chrome z jiné složky, ne jen jedny, je jich více(v přiloženém screenu jsou vypsány složky, obsahově jsou stejné jako chrome, ale nevěřím tomu.. ) https://s32.postimg.org/9a8p9x2at/chrome.png
Po vlastním "šetrném" odstranění těchto složek jsem dostal BSOD a musel jsem obnovovat systém pomocí předchozího bodu obnovení.
Zkusil jsem zapnout FRST a dostal jsem 2 logy.
První log je FRST.txt
A druhý log Auddition.txt
Děkuji.
František
čerpám z tohoto tématu (http://forum.viry.cz/viewtopic.php?f=13&t=149180) .
Jelikož se mi nelíbí stav mého notebooku a k přeinstalaci systému by mě donutilo akorát absolutní zhroucení systému, rozhodl jsem se hledat pomoc. Hlavní problém bych viděl v chromu, nevím jak, prostě se to stalo nejspíš mou chybou, se mi dostalo do notebooku spoustu "modifikací" chromu. Když si zapnu normálně chrome ze složky C:\Program Files (x86)\Google\Chrome\Application, tak se mi otevře chrome z jiné složky, ne jen jedny, je jich více(v přiloženém screenu jsou vypsány složky, obsahově jsou stejné jako chrome, ale nevěřím tomu.. ) https://s32.postimg.org/9a8p9x2at/chrome.png
Po vlastním "šetrném" odstranění těchto složek jsem dostal BSOD a musel jsem obnovovat systém pomocí předchozího bodu obnovení.
Zkusil jsem zapnout FRST a dostal jsem 2 logy.
První log je FRST.txt
- Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-06-2016
Ran by Frantisek (administrator) on EFÍNO (30-06-2016 21:18:58)
Running from C:\Users\František\Downloads
Loaded Profiles: Frantisek (Available Profiles: Frantisek & UpdatusUser)
Platform: Windows 8.1 Pro (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: "C:\Program Files (x86)\Lefttoe\Application\chrome.exe" "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\avp.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\avpui.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(A-Volute) C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
() C:\ProgramData\Lefttoe\Lefttoe.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(forum.viry.cz) C:\Users\František\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13192848 2015-10-12] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1804432 2015-11-17] (NVIDIA Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [591512 2015-11-19] (Razer Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-09-25] (Qualcomm®Atheros®)
HKU\S-1-5-21-2228869958-1158791612-544417561-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8721624 2016-05-13] (Piriform Ltd)
HKU\S-1-5-21-2228869958-1158791612-544417561-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3077712 2016-04-30] (Valve Corporation)
HKU\S-1-5-21-2228869958-1158791612-544417561-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [26424448 2016-06-15] (Skype Technologies S.A.)
HKU\S-1-5-21-2228869958-1158791612-544417561-1001\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [153136 2007-05-16] (Nero AG)
HKU\S-1-5-21-2228869958-1158791612-544417561-1001\...\Run: [f.lux] => C:\Users\František\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC)
HKU\S-1-5-18\...\Run: [Epson Stylus SX125] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGGE.EXE [224768 2009-09-14] (SEIKO EPSON CORPORATION)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [186136 2016-04-21] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [164696 2016-04-21] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
Startup: C:\Users\František\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Odeslat do OneNote.lnk [2016-06-23]
ShortcutTarget: Odeslat do OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (No File)
BootExecute: autocheck autochk * aswBoot.exe /M:21c8a5d5 /wow /dir:"C:\Program Files\AVAST Software\Avast"
GroupPolicyScripts\User: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 147.32.127.214 195.113.144.194
Tcpip\..\Interfaces\{2D0FD136-626C-43DF-8860-EA2294905AD2}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{2D0FD136-626C-43DF-8860-EA2294905AD2}: [DhcpNameServer] 147.32.127.214 195.113.144.194
Tcpip\..\Interfaces\{3952C3F0-84E1-4E08-A7C6-23CFD541C04D}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{F091098C-4F7A-4AA7-8925-4382EE96DD04}: [DhcpNameServer] 192.168.42.129
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.nuesearch.com/?type=hp&ts=146669332 ... 2510827725
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.nuesearch.com/?type=hp&ts=146669332 ... 2510827725
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nuesearch.com/search/?type=ds&ts=14 ... earchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nuesearch.com/search/?type=ds&ts=14 ... earchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nuesearch.com/?type=hp&ts=146669332 ... 2510827725
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nuesearch.com/?type=hp&ts=146669332 ... 2510827725
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nuesearch.com/search/?type=ds&ts=14 ... earchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nuesearch.com/search/?type=ds&ts=14 ... earchTerms}
HKU\S-1-5-21-2228869958-1158791612-544417561-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nuesearch.com/?type=hp&ts=146669332 ... 2510827725
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
BHO: Kaspersky Protection -> {03993315-5CE9-4F00-8790-D14A94F1D91A} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-06-28] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-06-28] (Microsoft Corporation)
BHO-x32: Kaspersky Protection -> {03993315-5CE9-4F00-8790-D14A94F1D91A} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-06-28] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-06-02] (Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-06-28] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-06-02] (Oracle Corporation)
Toolbar: HKLM - Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-28] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-28] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-28] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-28] (Microsoft Corporation)
Handler: touchenex - {74f917de-707e-11e5-80c3-005056c00008} - No File
FireFox:
========
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-06-02] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-06-02] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-06-28] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-06-28] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin-x32: @wolfram.com/Mathematica -> C:\Program Files (x86)\Common Files\Wolfram Research\Browser\10.0.1.5157423\npmathplugin.dll [2014-09-09] (Wolfram Research, Inc.)
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_ACF0E80077C511E59DED005056C00008@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\FFExt\light_plugin_firefox\addon.xpi
FF Extension: Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\FFExt\light_plugin_firefox\addon.xpi [2016-05-05]
Chrome:
=======
CHR HomePage: ChromeDefaultData -> hxxp://www.nicesearches.com?type=hp&ts=1466408 ... 2e0b7bao9b
CHR StartupUrls: ChromeDefaultData -> "hxxp://www.nicesearches.com?type=hp&ts=1466408 ... 2e0b7bao9b"
CHR Profile: C:\Users\František\AppData\Local\Google\Chrome\User Data\ChromeDefaultData
CHR Extension: (Prezentace Google) - C:\Users\František\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-12]
CHR Extension: (IELTS zkouška - slovní zásoba) - C:\Users\František\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\akogeldcmhecjaglcbmpaanbjjmdnbdn [2015-10-12]
CHR Extension: (Dokumenty Google) - C:\Users\František\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-12]
CHR Extension: (Disk Google) - C:\Users\František\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\František\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-12]
CHR Extension: (Vyhledávání Google) - C:\Users\František\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-30]
CHR Extension: (LE Learn English Cloud) - C:\Users\František\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\enchfibknakkckielldbocdhhioohhig [2015-10-12]
CHR Extension: (Tabulky Google) - C:\Users\František\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-12]
CHR Extension: (Dokumenty Google offline) - C:\Users\František\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-17]
CHR Extension: (Free Texas Holdem Poker) - C:\Users\František\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\hpefcbpnjnanfacddfaaommfheilhkdb [2015-10-12]
CHR Extension: (Little Alchemy) - C:\Users\František\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\knkapnclbofjjgicpkfoagdjohlfjhpd [2016-02-09]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\František\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-05]
CHR Extension: (Gmail) - C:\Users\František\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-12]
CHR HKLM\...\Chrome\Extension: [lpeeaghdjmhlakojjcgfdhgcejdaefmi] - hxxps://chrome.google.com/webstore/detail/lpeeaghdjmhlakojjcgfdhgcejdaefmi
CHR HKLM-x32\...\Chrome\Extension: [lpeeaghdjmhlakojjcgfdhgcejdaefmi] - hxxps://chrome.google.com/webstore/detail/lpeeaghdjmhlakojjcgfdhgcejdaefmi
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-09-25] (Windows (R) Win 7 DDK provider) [File not signed]
R2 AVP16.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\avp.exe [236928 2015-12-22] (AO Kaspersky Lab)
S2 BirdsarahU; C:\Program Files (x86)\Birdsarah\Update\BirdsarahUpdate.exe [591744 2016-06-23] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2855152 2016-06-05] (Microsoft Corporation)
S2 GunshipP; C:\ProgramData\Gunship\Gunship.exe [426880 2016-06-17] ()
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\x64\vssbridge64.exe [152488 2015-12-22] (AO Kaspersky Lab)
R2 LefttoeP; C:\ProgramData\Lefttoe\Lefttoe.exe [424832 2016-06-30] ()
S2 LefttoeU; C:\Program Files (x86)\Lefttoe\Update\LefttoeUpdate.exe [590208 2016-06-30] ()
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [271920 2007-05-16] (Nero AG)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [188072 2015-11-05] ()
R2 RzSurroundVADStreamingService; C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe [4254720 2015-07-29] (A-Volute) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6942480 2016-03-02] (TeamViewer GmbH)
S2 ToolrainP; C:\ProgramData\Toolrain\Toolrain.exe [424832 2016-06-28] ()
S2 ToolrainU; C:\Program Files (x86)\Toolrain\Update\ToolrainUpdate.exe [590208 2016-06-28] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-09-25] (Atheros) [File not signed]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3859968 2013-08-15] (Qualcomm Atheros Communications, Inc.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [61824 2012-10-31] (ASUS Corporation)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-25] (Qualcomm Atheros)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-11-12] (LogMeIn Inc.)
S3 JRSUKD25; C:\Windows\system32\JRSUKD25.SYS [20560 2016-06-23] (RaonSecure Co., Ltd.)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2015-10-14] ( )
S3 kck64; C:\Windows\system32\kck64.sys [101152 2016-06-23] (Kings Information & Network)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-09-11] (Kaspersky Lab ZAO)
S0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
S1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [79752 2015-12-01] (AO Kaspersky Lab)
R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [78200 2015-12-02] (AO Kaspersky Lab)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [30328 2015-06-24] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [182664 2015-12-11] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\drivers\klhk.sys [237488 2016-05-05] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [987568 2016-05-05] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [51288 2016-05-05] (AO Kaspersky Lab)
S3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [52608 2015-11-11] (AO Kaspersky Lab)
S3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [45960 2015-12-07] (AO Kaspersky Lab)
S4 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [87944 2015-10-06] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [112520 2015-12-03] (AO Kaspersky Lab)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [194440 2015-12-03] (AO Kaspersky Lab)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-09-23] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [130880 2015-12-15] (Razer, Inc.)
R3 RZSURROUNDVADService; C:\Windows\system32\drivers\RzSurroundVAD.sys [40640 2015-07-29] (Windows (R) Win 7 DDK provider)
S1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [117768 2015-12-18] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [194976 2015-12-18] (Oracle Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [34760 2013-08-22] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [265056 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
S3 JRSKD24; \??\C:\Windows\system32\JRSKD24.SYS [X]
R4 klkbdflt2; \SystemRoot\system32\DRIVERS\klkbdflt2.sys [X]
S3 vmci; \SystemRoot\System32\drivers\vmci.sys [X]
S3 VMnetAdapter; \SystemRoot\system32\DRIVERS\vmnetadapter.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-06-30 21:03 - 2016-06-30 21:03 - 00029696 _____ C:\Users\František\AppData\Local\MSGBOX.EXE
2016-06-30 21:03 - 2016-06-30 21:03 - 00015327 _____ C:\Users\František\AppData\Local\LM.bat
2016-06-30 20:58 - 2016-06-30 21:19 - 00020698 _____ C:\Users\František\Downloads\FRST.txt
2016-06-30 20:58 - 2016-06-30 20:58 - 00112640 _____ (forum.viry.cz) C:\Users\František\Desktop\FRSTLauncher.exe
2016-06-30 20:57 - 2016-06-30 20:57 - 00112640 _____ (forum.viry.cz) C:\Users\František\Downloads\FRSTLauncher.exe.dcn0xi9.partial
2016-06-30 20:56 - 2016-06-30 20:56 - 02390016 _____ (Farbar) C:\Users\František\Downloads\FRST64.exe
2016-06-30 20:53 - 2016-06-30 21:18 - 00000000 ____D C:\FRST
2016-06-30 20:53 - 2016-06-30 20:53 - 00112640 _____ C:\Users\František\Downloads\FRSTLauncher.exe
2016-06-30 20:41 - 2016-06-30 20:43 - 00000000 ____D C:\AdwCleaner
2016-06-30 20:41 - 2016-06-30 20:41 - 03703360 _____ C:\Users\František\Downloads\adwcleaner_5.200.exe
2016-06-30 20:39 - 2016-06-30 20:39 - 30303344 _____ C:\Users\František\Downloads\mbam-setup-2.2.1.1043.exe
2016-06-30 20:20 - 2016-06-30 20:20 - 00000000 _____ C:\Recovery.txt
2016-06-30 19:27 - 2016-06-30 19:27 - 00002125 _____ C:\Users\Public\Desktop\Kaspersky Anti-Virus.lnk
2016-06-30 19:27 - 2016-06-30 19:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus
2016-06-30 19:27 - 2016-05-05 03:43 - 00987568 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2016-06-30 19:27 - 2016-05-05 03:43 - 00237488 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys
2016-06-30 19:27 - 2015-12-11 17:31 - 00182664 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys
2016-06-30 19:27 - 2013-05-06 08:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2016-06-30 19:24 - 2016-06-30 19:24 - 01927008 _____ (Kaspersky Lab) C:\Users\František\Downloads\kav16.0.0.614abcdcs_9606.exe
2016-06-30 19:23 - 2016-06-30 19:23 - 00000000 ____D C:\Program Files (x86)\Lefttoe
2016-06-30 19:22 - 2016-06-30 19:22 - 761187499 _____ C:\Windows\MEMORY.DMP
2016-06-30 19:22 - 2016-06-30 19:22 - 00353136 _____ C:\Windows\Minidump\063016-12625-01.dmp
2016-06-30 19:14 - 2016-06-30 19:28 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-06-30 19:14 - 2016-06-30 19:27 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2016-06-30 19:12 - 2016-06-30 19:28 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2016-06-30 18:56 - 2016-06-30 19:23 - 00000000 ____D C:\ProgramData\Lefttoe
2016-06-30 18:55 - 2016-06-30 19:23 - 00003564 _____ C:\Windows\System32\Tasks\LefttoeUpdateTaskMachineCore
2016-06-30 18:55 - 2016-06-30 19:23 - 00003470 _____ C:\Windows\System32\Tasks\LefttoeUpdateTaskMachineUA
2016-06-30 18:55 - 2016-06-30 18:55 - 00000000 ____D C:\Users\František\AppData\Local\Lefttoe
2016-06-30 18:51 - 2016-06-30 18:51 - 00002081 _____ C:\Users\Public\Desktop\Facebook.lnk
2016-06-30 18:51 - 2016-06-30 18:51 - 00002073 _____ C:\Users\Public\Desktop\Youtube.lnk
2016-06-30 18:51 - 2016-06-30 18:51 - 00002073 _____ C:\Users\Public\Desktop\Twitter.lnk
2016-06-30 18:51 - 2016-06-30 18:51 - 00002065 _____ C:\Users\Public\Desktop\Google.lnk
2016-06-30 18:51 - 2016-06-30 18:51 - 00000000 ____D C:\ProgramData\W
2016-06-29 23:57 - 2016-06-29 23:57 - 00002334 _____ C:\Users\František\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive pro firmy.lnk
2016-06-29 19:23 - 2016-06-29 19:23 - 50716384 _____ (Microsoft Corporation) C:\Users\František\Downloads\Windows-KB890830-x64-V5.37.exe
2016-06-29 19:20 - 2016-06-29 19:20 - 00000000 ____D C:\Users\František\AppData\Local\Toolrain
2016-06-29 19:20 - 2016-06-29 19:20 - 00000000 ____D C:\ProgramData\Toolrain
2016-06-29 19:19 - 2016-06-30 20:21 - 00000000 ____D C:\Program Files (x86)\Toolrain
2016-06-29 19:19 - 2016-06-30 19:22 - 00000000 ____D C:\Program Files (x86)\qksee
2016-06-29 19:19 - 2016-06-29 19:19 - 00003568 _____ C:\Windows\System32\Tasks\ToolrainUpdateTaskMachineCore
2016-06-29 19:19 - 2016-06-29 19:19 - 00003474 _____ C:\Windows\System32\Tasks\ToolrainUpdateTaskMachineUA
2016-06-28 17:20 - 2016-06-29 23:57 - 00003182 _____ C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2228869958-1158791612-544417561-1001
2016-06-28 17:20 - 2016-06-28 17:20 - 00000000 ___RD C:\Users\František\OneDrive
2016-06-28 17:20 - 2016-06-28 17:20 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-06-28 17:19 - 2016-06-28 17:19 - 00002502 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2016-06-28 17:19 - 2016-06-28 17:19 - 00002501 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive pro firmy.lnk
2016-06-28 17:19 - 2016-06-28 17:19 - 00002496 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2016-06-28 17:19 - 2016-06-28 17:19 - 00002473 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2016-06-28 17:19 - 2016-06-28 17:19 - 00002468 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2016-06-28 17:19 - 2016-06-28 17:19 - 00002461 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype pro firmy 2016.lnk
2016-06-28 17:19 - 2016-06-28 17:19 - 00002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2016-06-28 17:19 - 2016-06-28 17:19 - 00002394 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2016-06-28 17:19 - 2016-06-28 17:19 - 00002390 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2016-06-28 17:19 - 2016-06-28 17:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office 2016
2016-06-28 17:19 - 2016-06-28 17:19 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-06-28 17:17 - 2016-06-28 19:24 - 00012419 _____ C:\Users\František\Desktop\Rozvrh.xlsx
2016-06-23 22:28 - 2016-06-23 22:28 - 00340100 _____ (RaonSecure Corporation) C:\Windows\SysWOW64\keysharpcrypto.dll
2016-06-23 22:28 - 2016-06-23 22:28 - 00101152 _____ (Kings Information & Network) C:\Windows\system32\kck64.sys
2016-06-23 22:28 - 2016-06-23 22:28 - 00020560 ____R (RaonSecure Co., Ltd.) C:\Windows\system32\JRSUKD25.SYS
2016-06-23 19:53 - 2016-06-23 19:53 - 00000000 ____D C:\Users\František\AppData\Roaming\RIOTGames
2016-06-23 16:49 - 2016-06-30 20:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qksee
2016-06-23 16:49 - 2016-06-30 19:29 - 00000000 ____D C:\Users\František\AppData\Roaming\qksee
2016-06-23 16:49 - 2016-06-30 19:29 - 00000000 ____D C:\Program Files (x86)\WinZipper
2016-06-23 16:49 - 2016-06-23 16:49 - 00000072 _____ C:\Windows\SysWOW64\EN_88718.html
2016-06-23 16:49 - 2016-06-23 16:49 - 00000072 _____ C:\Windows\SysWOW64\EN_88500.html
2016-06-23 16:49 - 2016-06-23 16:49 - 00000072 _____ C:\Windows\SysWOW64\EN_113109.html
2016-06-23 16:48 - 2016-06-23 16:48 - 00000072 _____ C:\Windows\SysWOW64\EN_51343.html
2016-06-23 16:48 - 2016-06-23 16:48 - 00000072 _____ C:\Windows\SysWOW64\EN_51156.html
2016-06-23 16:48 - 2016-06-23 16:48 - 00000072 _____ C:\Windows\SysWOW64\EN_47406.html
2016-06-23 16:48 - 2016-06-23 16:48 - 00000072 _____ C:\Windows\SysWOW64\EN_47218.html
2016-06-23 16:48 - 2016-06-23 16:48 - 00000072 _____ C:\Windows\SysWOW64\EN_44453.html
2016-06-23 16:48 - 2016-06-23 16:48 - 00000072 _____ C:\Windows\SysWOW64\EN_44171.html
2016-06-23 16:48 - 2016-06-23 16:48 - 00000072 _____ C:\Windows\SysWOW64\EN_43296.html
2016-06-23 16:48 - 2016-06-23 16:48 - 00000072 _____ C:\Windows\SysWOW64\EN_43078.html
2016-06-23 16:48 - 2016-06-23 16:48 - 00000072 _____ C:\Windows\SysWOW64\EN_32906.html
2016-06-23 16:48 - 2016-06-23 16:48 - 00000072 _____ C:\Windows\SysWOW64\en_32500.html
2016-06-23 16:48 - 2016-06-23 16:48 - 00000000 ____D C:\Windows\SysWOW64\_TSpm
2016-06-23 12:16 - 2016-06-23 12:16 - 00000000 ____D C:\ProgramData\McAfee
2016-06-23 11:42 - 2016-06-30 21:19 - 00002169 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-06-23 11:42 - 2016-06-30 20:21 - 00000000 ____D C:\Program Files (x86)\Birdsarah
2016-06-23 11:42 - 2016-06-30 19:25 - 00000000 ____D C:\ProgramData\Birdsarah
2016-06-23 11:42 - 2016-06-23 11:42 - 00003572 _____ C:\Windows\System32\Tasks\BirdsarahUpdateTaskMachineCore
2016-06-23 11:42 - 2016-06-23 11:42 - 00003478 _____ C:\Windows\System32\Tasks\BirdsarahUpdateTaskMachineUA
2016-06-23 11:42 - 2016-06-23 11:42 - 00000000 ____D C:\Users\František\AppData\Roaming\eCyber
2016-06-23 11:42 - 2016-06-23 11:42 - 00000000 ____D C:\Users\František\AppData\Local\Birdsarah
2016-06-22 16:44 - 2016-06-22 16:44 - 00000218 _____ C:\Users\František\.gitconfig
2016-06-21 22:29 - 2016-06-21 22:29 - 00000000 ____D C:\Users\František\Documents\Poznámkové bloky aplikace OneNote
2016-06-20 14:38 - 2016-06-20 20:25 - 3109810307 _____ C:\Users\František\Downloads\Warcraft---První-střet-(2016)-Cz-Dabing-[Move-MAG]-Avi.mkv
2016-06-20 10:10 - 2016-06-20 10:10 - 00000000 ____D C:\Users\František\.vim
2016-06-19 01:40 - 2016-06-19 01:40 - 00000000 ____D C:\Users\Public\Documents\chrome
2016-06-19 00:55 - 2016-06-19 00:55 - 00000000 ____D C:\Windows\SysWOW64\vbox
2016-06-19 00:55 - 2016-06-19 00:55 - 00000000 ____D C:\Windows\system32\vbox
2016-06-17 17:40 - 2016-06-17 17:40 - 00000000 ____D C:\Users\František\AppData\Local\Gunship
2016-06-17 17:40 - 2016-06-17 17:40 - 00000000 ____D C:\ProgramData\Gunship
2016-06-17 17:39 - 2016-06-30 21:19 - 00000000 _____ C:\Users\Public\Documents\report.dat
2016-06-17 17:39 - 2016-06-30 20:21 - 00000000 ____D C:\Program Files (x86)\Gunship
2016-06-17 17:39 - 2016-06-17 17:39 - 00000000 ____D C:\Windows\system32\log
2016-06-16 20:41 - 2016-06-16 20:41 - 00000028 _____ C:\Users\František\.lesshst
2016-06-16 20:08 - 2016-06-22 16:06 - 00000000 ____D C:\Program Files (x86)\Git
2016-06-16 20:08 - 2016-06-16 20:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git
2016-06-16 19:51 - 2016-06-16 19:51 - 00000000 ____D C:\Users\František\.subversion
2016-06-16 12:37 - 2016-06-30 19:23 - 00000000 ____D C:\Users\František\AppData\Roaming\WinZiper
2016-06-16 12:37 - 2016-06-16 12:37 - 00000000 ____D C:\Program Files (x86)\TData
2016-06-14 23:44 - 2016-05-16 23:13 - 00563016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-06-14 23:44 - 2016-05-16 23:13 - 00397224 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2016-06-14 23:44 - 2016-05-16 23:13 - 00340872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2016-06-14 23:44 - 2016-05-16 23:13 - 00178008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-06-14 23:44 - 2016-05-14 01:07 - 00675328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-06-14 23:44 - 2016-05-14 01:07 - 00416768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-06-14 23:44 - 2016-05-14 01:06 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-06-14 23:44 - 2016-05-14 00:34 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-06-14 23:44 - 2016-05-13 23:58 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-06-14 23:43 - 2016-06-03 19:11 - 00472576 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2016-06-14 23:43 - 2016-06-03 15:38 - 01413120 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-06-14 23:43 - 2016-06-02 19:51 - 00050352 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-06-14 23:43 - 2016-05-29 17:04 - 01204224 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-06-14 23:43 - 2016-05-29 17:04 - 00569856 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-06-14 23:43 - 2016-05-29 17:04 - 00544256 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-06-14 23:43 - 2016-05-29 17:04 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-06-14 23:43 - 2016-05-29 17:04 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-06-14 23:43 - 2016-05-29 17:04 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-06-14 23:43 - 2016-05-21 19:28 - 25802752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-06-14 23:43 - 2016-05-21 18:57 - 20341248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-06-14 23:43 - 2016-05-21 00:09 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-06-14 23:43 - 2016-05-21 00:08 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-06-14 23:43 - 2016-05-21 00:02 - 06051328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-06-14 23:43 - 2016-05-20 23:57 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-06-14 23:43 - 2016-05-20 23:55 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-06-14 23:43 - 2016-05-20 23:54 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-06-14 23:43 - 2016-05-20 23:50 - 02287104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-06-14 23:43 - 2016-05-20 23:44 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-06-14 23:43 - 2016-05-20 23:29 - 13815808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-06-14 23:43 - 2016-05-20 23:27 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-06-14 23:43 - 2016-05-20 23:25 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-06-14 23:43 - 2016-05-20 23:25 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2016-06-14 23:43 - 2016-05-20 23:21 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-06-14 23:43 - 2016-05-20 23:21 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2016-06-14 23:43 - 2016-05-20 23:19 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-06-14 23:43 - 2016-05-20 23:16 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-06-14 23:43 - 2016-05-20 23:14 - 04610048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-06-14 23:43 - 2016-05-20 23:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-06-14 23:43 - 2016-05-20 23:11 - 15420928 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-06-14 23:43 - 2016-05-20 23:11 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-06-14 23:43 - 2016-05-20 23:09 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-06-14 23:43 - 2016-05-20 23:09 - 00379392 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-06-14 23:43 - 2016-05-20 23:08 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-06-14 23:43 - 2016-05-20 23:08 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-06-14 23:43 - 2016-05-20 23:06 - 02131968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-06-14 23:43 - 2016-05-20 22:46 - 02597888 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-06-14 23:43 - 2016-05-20 22:42 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-06-14 23:43 - 2016-05-20 22:38 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-06-14 23:43 - 2016-05-20 22:38 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-06-14 23:43 - 2016-05-20 22:34 - 01544192 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-06-14 23:43 - 2016-05-20 22:23 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-06-14 23:43 - 2016-05-18 07:31 - 00372568 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-06-14 23:43 - 2016-05-18 07:31 - 00315224 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-06-14 23:43 - 2016-05-14 01:09 - 04169216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-06-14 23:43 - 2016-05-14 01:04 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-06-14 23:43 - 2016-05-14 00:19 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-06-14 23:43 - 2016-05-12 20:38 - 00135336 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2016-06-14 23:43 - 2016-05-12 19:43 - 00115704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2016-06-14 23:43 - 2016-05-12 18:24 - 00678912 _____ (Microsoft Corporation) C:\Windows\system32\gpprefcl.dll
2016-06-14 23:43 - 2016-05-12 18:17 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2016-06-14 23:43 - 2016-05-12 18:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\gpscript.dll
2016-06-14 23:43 - 2016-05-12 18:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2016-06-14 23:43 - 2016-05-12 18:07 - 01360896 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2016-06-14 23:43 - 2016-05-12 17:59 - 00398848 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2016-06-14 23:43 - 2016-05-12 17:48 - 00580096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpprefcl.dll
2016-06-14 23:43 - 2016-05-12 17:43 - 00291328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\polstore.dll
2016-06-14 23:43 - 2016-05-12 17:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpscript.dll
2016-06-14 23:43 - 2016-05-12 17:37 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FwRemoteSvr.dll
2016-06-14 23:43 - 2016-05-09 23:35 - 07075328 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll
2016-06-14 23:43 - 2016-05-09 22:56 - 05270016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll
2016-06-14 23:43 - 2016-05-09 22:45 - 07793152 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2016-06-14 23:43 - 2016-05-09 22:23 - 05265920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2016-06-14 23:43 - 2016-05-06 17:45 - 00748544 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2016-06-14 23:43 - 2016-05-06 17:23 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2016-06-14 23:42 - 2016-05-19 01:15 - 01379040 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-06-14 23:42 - 2016-05-18 22:35 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-06-14 23:42 - 2016-05-14 22:01 - 00363104 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2016-06-14 23:42 - 2016-05-14 22:01 - 00320720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll
2016-06-14 23:42 - 2016-05-14 01:07 - 00281088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2016-06-14 23:42 - 2016-05-13 23:58 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2016-06-14 23:42 - 2016-05-13 23:45 - 00802816 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-06-14 23:42 - 2016-05-13 23:35 - 00286208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2016-06-14 23:42 - 2016-05-13 23:26 - 00631808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2016-06-07 17:56 - 2016-06-07 17:56 - 00000000 ____D C:\Users\František\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\League client alpha
2016-06-06 18:10 - 2016-06-06 18:11 - 00000000 ____D C:\Users\František\AppData\Roaming\BoL
2016-06-06 18:02 - 2016-06-06 18:02 - 04086564 _____ C:\Users\František\Downloads\video-1465228822.mp4
2016-06-05 11:08 - 2016-06-05 11:08 - 00635120 _____ (Microsoft Corporation) C:\Windows\system32\msvcp140.dll
2016-06-05 11:08 - 2016-06-05 11:08 - 00390408 _____ (Microsoft Corporation) C:\Windows\system32\vccorlib140.dll
2016-06-05 11:08 - 2016-06-05 11:08 - 00333080 _____ (Microsoft Corporation) C:\Windows\system32\concrt140.dll
2016-06-05 11:08 - 2016-06-05 11:08 - 00088816 _____ (Microsoft Corporation) C:\Windows\system32\vcruntime140.dll
2016-06-05 08:55 - 2016-06-05 08:55 - 00439536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp140.dll
2016-06-05 08:55 - 2016-06-05 08:55 - 00267008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vccorlib140.dll
2016-06-05 08:55 - 2016-06-05 08:55 - 00243480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\concrt140.dll
2016-06-05 08:55 - 2016-06-05 08:55 - 00085232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vcruntime140.dll
2016-06-02 23:46 - 2016-06-02 23:46 - 00001221 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2016-06-02 11:27 - 2016-06-02 11:27 - 00000000 ____D C:\Users\František\stack
2016-06-01 13:37 - 2016-06-01 13:37 - 00000000 ____D C:\Program Files (x86)\TXQQBrowser
2016-05-31 19:07 - 2016-06-26 16:58 - 00018926 _____ C:\Users\František\.viminfo
2016-05-31 17:19 - 2016-06-22 15:54 - 00000000 ____D C:\BI-GIT
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-06-30 21:19 - 2015-10-12 16:34 - 00002281 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-30 20:54 - 2015-10-12 16:33 - 00000972 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-30 20:50 - 2016-01-06 18:57 - 00000000 _____ C:\Windows\system32\RzSurroundVADAudioDeviceManager_log.txt
2016-06-30 20:43 - 2015-10-18 18:49 - 00000000 ____D C:\Users\František\AppData\Local\CrashDumps
2016-06-30 20:24 - 2015-10-12 16:33 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2228869958-1158791612-544417561-1001
2016-06-30 20:22 - 2016-05-18 20:31 - 00000000 ____D C:\Program Files (x86)\Stakuphcoemight
2016-06-30 20:22 - 2016-02-02 19:44 - 00000000 ____D C:\Program Files (x86)\GUM535E.tmp
2016-06-30 20:22 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-06-30 20:21 - 2016-05-20 10:21 - 00000000 ____D C:\Program Files (x86)\QQBrowser
2016-06-30 20:21 - 2015-10-12 19:52 - 00000000 ____D C:\Users\František\AppData\Roaming\Skype
2016-06-30 20:21 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\registration
2016-06-30 19:42 - 2015-10-15 20:37 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-06-30 19:33 - 2015-10-12 16:30 - 01745984 _____ C:\Windows\system32\PerfStringBackup.INI
2016-06-30 19:33 - 2013-08-23 00:08 - 00739924 _____ C:\Windows\system32\perfh005.dat
2016-06-30 19:33 - 2013-08-23 00:08 - 00151610 _____ C:\Windows\system32\perfc005.dat
2016-06-30 19:33 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf
2016-06-30 19:27 - 2015-10-12 16:35 - 00000000 ____D C:\ProgramData\AVAST Software
2016-06-30 19:27 - 2015-10-12 16:33 - 00000968 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-30 19:27 - 2013-08-22 17:36 - 00000000 ___HD C:\Windows\ELAMBKUP
2016-06-30 19:27 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-30 19:26 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-06-30 19:25 - 2015-10-12 19:43 - 00000000 ____D C:\Users\UpdatusUser
2016-06-30 19:23 - 2015-10-12 16:28 - 00000000 ____D C:\Users\František
2016-06-30 19:22 - 2016-02-26 14:41 - 00000000 ____D C:\Windows\Minidump
2016-06-30 19:14 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2016-06-29 19:23 - 2015-10-12 19:57 - 142482544 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-06-28 19:30 - 2015-10-26 22:46 - 00000000 ____D C:\Users\František\AppData\Roaming\TS3Client
2016-06-28 17:20 - 2013-08-22 17:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-06-28 10:23 - 2016-05-20 10:21 - 00009430 _____ C:\Windows\System32\Tasks\Browser Updater Task(Core)
2016-06-27 16:50 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2016-06-27 12:31 - 2015-11-03 18:45 - 00000000 ____D C:\Users\František\AppData\Roaming\CodeBlocks
2016-06-26 17:11 - 2016-05-29 11:26 - 00009564 _____ C:\Users\František\.bash_history
2016-06-24 14:31 - 2015-10-13 21:55 - 00000000 ____D C:\Users\František\AppData\Roaming\vlc
2016-06-23 22:48 - 2015-10-12 16:28 - 00000000 ____D C:\Users\František\AppData\Local\Packages
2016-06-23 19:40 - 2015-10-12 22:13 - 00000000 ____D C:\Riot Games
2016-06-23 19:39 - 2015-10-12 22:11 - 00000000 ____D C:\Users\František\AppData\Roaming\Riot Games
2016-06-23 12:12 - 2015-12-08 19:23 - 00000000 ____D C:\Program Files (x86)\Steam
2016-06-23 12:12 - 2015-11-02 16:58 - 00000000 ____D C:\Users\František\AppData\Roaming\TeamViewer
2016-06-22 16:35 - 2016-01-06 18:04 - 00000000 ____D C:\Users\František\AppData\Roaming\OBS
2016-06-19 12:57 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2016-06-18 17:34 - 2013-08-22 16:44 - 00483048 _____ C:\Windows\system32\FNTCACHE.DAT
2016-06-18 17:33 - 2015-10-16 20:00 - 00000000 ____D C:\Windows\system32\appraiser
2016-06-18 17:29 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2016-06-18 17:24 - 2015-10-12 19:51 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-06-18 17:23 - 2015-10-12 19:51 - 00000000 ____D C:\ProgramData\Skype
2016-06-16 20:08 - 2016-05-29 11:15 - 00000000 ____D C:\ProgramData\Git
2016-06-14 23:46 - 2015-10-12 19:57 - 00000000 ____D C:\Windows\system32\MRT
2016-06-14 19:13 - 2013-08-22 17:38 - 00828408 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-06-14 19:13 - 2013-08-22 17:38 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-03 23:07 - 2016-05-18 20:31 - 00000000 ____D C:\Program Files (x86)\Ckigtsakile
2016-06-02 23:46 - 2016-05-30 12:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-06-02 23:46 - 2015-12-17 20:08 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-06-02 23:45 - 2015-10-15 20:42 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-06-02 23:45 - 2015-10-15 20:42 - 00000000 ____D C:\Users\František\.oracle_jre_usage
2016-06-02 23:45 - 2015-10-15 20:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-06-02 23:45 - 2015-10-15 20:41 - 00000000 ____D C:\Program Files (x86)\Java
2016-06-01 19:59 - 2016-05-24 15:20 - 00000000 ____D C:\Windows\SysWOW64\_tWm
2016-06-01 17:44 - 2015-11-12 18:16 - 00002792 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2016-06-01 17:44 - 2015-11-12 18:16 - 00000834 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-06-01 17:20 - 2015-10-12 19:42 - 00000000 ____D C:\temp
==================== Files in the root of some directories =======
2016-06-30 21:03 - 2016-06-30 21:03 - 0015327 _____ () C:\Users\František\AppData\Local\LM.bat
2016-06-30 21:03 - 2016-06-30 21:03 - 0029696 _____ () C:\Users\František\AppData\Local\MSGBOX.EXE
2015-10-31 00:44 - 2016-05-16 21:59 - 0000600 _____ () C:\Users\František\AppData\Local\PUTTY.RND
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-06-23 00:18
==================== End of FRST.txt ============================
A druhý log Auddition.txt
- Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-06-2016
Ran by Frantisek (2016-06-30 21:19:19)
Running from C:\Users\František\Downloads
Windows 8.1 Pro (Update) (X64) (2015-10-12 14:28:30)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2228869958-1158791612-544417561-500 - Administrator - Disabled)
Frantisek (S-1-5-21-2228869958-1158791612-544417561-1001 - Administrator - Enabled) => C:\Users\František
Guest (S-1-5-21-2228869958-1158791612-544417561-501 - Limited - Disabled)
UpdatusUser (S-1-5-21-2228869958-1158791612-544417561-1003 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Kaspersky Anti-Virus (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Anti-Virus (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Aktualizace NVIDIA 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.0.4 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 1.0.35 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0025 - ASUS)
AutoHotkey 1.1.23.01 (HKLM\...\AutoHotkey) (Version: 1.1.23.01 - Lexikos)
AVR Joystick Simulator (HKLM-x32\...\{BDCC77B1-5E26-4539-BDF9-8EFC42B8BE4A}) (Version: 1.0.0 - Msk)
AVR LCD Visualizer (HKLM-x32\...\{075C20B8-A09B-41AB-9B06-5BA7E103910F}) (Version: 1.1.37 - Atmel)
AVRStudio4 (HKLM-x32\...\{D5D88F8F-FDA4-4CF4-9F3E-3F40118C2120}) (Version: 4.12.490 - Atmel)
Balíček ovladače systému Windows - ASUS (ATP) Mouse (10/29/2012 1.0.0.148) (HKLM\...\C01F56FBD9B141017E63E2A1A141E59934D4DC67) (Version: 10/29/2012 1.0.0.148 - ASUS)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Canon MF3010 (HKLM\...\{A97F4E18-3053-4652-B763-9A40AE2B1EE5}) (Version: 3.9.0.1 - CANON INC.)
CCleaner (HKLM\...\CCleaner) (Version: 5.18 - Piriform)
CodeBlocks (HKU\S-1-5-21-2228869958-1158791612-544417561-1001\...\CodeBlocks) (Version: 13.12 - The Code::Blocks Team)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
EPSON SX125 Series Printer Uninstall (HKLM\...\EPSON SX125 Series) (Version: - SEIKO EPSON Corporation)
f.lux (HKU\S-1-5-21-2228869958-1158791612-544417561-1001\...\Flux) (Version: - )
Git version 2.9.0 (HKLM-x32\...\Git_is1) (Version: 2.9.0 - The Git Development Community)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Kaspersky Anti-Virus (HKLM-x32\...\InstallWIX_{F575F386-57EF-4943-B003-A13F13B05EEB}) (Version: 16.0.1.445 - Kaspersky Lab)
Kaspersky Anti-Virus (x32 Version: 16.0.1.445 - Kaspersky Lab) Hidden
League client alpha (HKU\S-1-5-21-2228869958-1158791612-544417561-1001\...\League client alpha 1.0) (Version: 1.0 - Riot Games, Inc)
League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games)
League of Legends (x32 Version: 4.1.2 - Riot Games) Hidden
Microsoft Office 365 ProPlus - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.6741.2048 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2228869958-1158791612-544417561-1001\...\OneDriveSetup.exe) (Version: 17.3.6390.0509 - Microsoft Corporation)
Microsoft SQL Server Database Publishing Wizard 1.3 (HKLM-x32\...\{9A33B83D-FFC4-44CF-BEEF-632DECEF2FCD}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.1.1 - Mozilla)
Mozilla Thunderbird 45.1.1 (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 45.1.1 (x86 cs)) (Version: 45.1.1 - Mozilla)
Nero 7 Premium (HKLM-x32\...\{D98C0C51-F9BB-4EE4-B791-22BF6EE31029}) (Version: 7.02.8633 - Nero AG)
NVIDIA Ovladač HD audia 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 359.46 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 359.46 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6701.1029 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6701.1029 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6701.1029 - Microsoft Corporation) Hidden
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
Oracle VM VirtualBox 5.0.12 (HKLM\...\{6F93731D-89E1-4A8F-BDA9-D104860DDB02}) (Version: 5.0.12 - Oracle Corporation)
Ovládací panel NVIDIA 359.46 (Version: 359.46 - NVIDIA Corporation) Hidden
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 4.6.0.2700 - Jan Fiala)
qksee (HKLM-x32\...\qksee) (Version: - Taiwan Shui Mu Chih Ching Technology Limited) <==== ATTENTION
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.306 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Razer Surround (HKLM-x32\...\Razer Surround) (Version: 1.05.18 - Razer Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.21.28188 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.21.909.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6716 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.8400.27023 - Realtek Semiconductor Corp.)
Skype™ 7.25 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.25.103 - Skype Technologies S.A.)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.56083 - TeamViewer)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.3 - VideoLAN)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Wolfram Extras 10.0 (5157423) (HKLM\...\A-WIN-Extras 10.0.1 5157423_is1) (Version: 10.0.1 - Wolfram Research, Inc.)
Wolfram Mathematica 10 (M-WIN-L 10.0.1 5157734) (HKLM\...\M-WIN-L 10.0.1 5157734_is1) (Version: 10.0.1 - Wolfram Research, Inc.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2228869958-1158791612-544417561-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\František\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileCoAuthLib64.dll ()
CustomCLSID: HKU\S-1-5-21-2228869958-1158791612-544417561-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\František\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0B8D3AC2-1EB5-4FF1-B994-8938B951AF2E} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2228869958-1158791612-544417561-1001 => C:\Users\František\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-06-29] (Microsoft Corporation)
Task: {0F10F522-3C4B-468D-8820-8FE77B1975E4} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-06-29] (Microsoft Corporation)
Task: {1CAD9398-F51A-4F3D-9083-1F55DFD8D61C} - System32\Tasks\BirdsarahUpdateTaskMachineCore => C:\Program Files (x86)\Birdsarah\Update\BirdsarahUpdate.exe [2016-06-23] () <==== ATTENTION
Task: {2488808A-B607-4187-A0CD-E6AFEF466FD8} - System32\Tasks\ToolrainUpdateTaskMachineCore => C:\Program Files (x86)\Toolrain\Update\ToolrainUpdate.exe [2016-06-28] () <==== ATTENTION
Task: {25F0E623-F5B3-4806-AC60-035C7E03E557} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-06-28] (Microsoft Corporation)
Task: {4F8C41F2-132A-41F3-8F3C-0DD878AF66FB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-06-28] (Microsoft Corporation)
Task: {53D0DAE9-E308-49DB-9470-5F38E1A8AF11} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe
Task: {60B713A4-C4FD-439A-AC76-C5151ECB0E1B} - System32\Tasks\ToolrainUpdateTaskMachineUA => C:\Program Files (x86)\Toolrain\Update\ToolrainUpdate.exe [2016-06-28] () <==== ATTENTION
Task: {79EDCC4D-7E5E-4EFC-9B50-BAF1984BE2F5} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-08-24] (ASUS)
Task: {8987A0D7-0C15-4BE6-B8FC-17E1704DD57E} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-06-02] (AVAST Software)
Task: {96381BF2-E0C5-4375-A431-0ED7C30EEEFD} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-06-05] (Microsoft Corporation)
Task: {9DB27757-A254-451A-86E6-76EA2E6B6B8C} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-06-05] (Microsoft Corporation)
Task: {A8D98B70-EE9E-460D-82DF-41FFCC42D486} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-05-13] (Piriform Ltd)
Task: {B64E44A3-5365-41EA-A47F-1B5A69C17475} - System32\Tasks\LefttoeUpdateTaskMachineUA => C:\Program Files (x86)\Lefttoe\Update\LefttoeUpdate.exe [2016-06-30] () <==== ATTENTION
Task: {BFE2DB56-5E31-4751-8DD9-7ADE249B9FA8} - System32\Tasks\BirdsarahUpdateTaskMachineUA => C:\Program Files (x86)\Birdsarah\Update\BirdsarahUpdate.exe [2016-06-23] () <==== ATTENTION
Task: {C016C026-6B8E-405E-90F8-32DC45A023DE} - System32\Tasks\LefttoeUpdateTaskMachineCore => C:\Program Files (x86)\Lefttoe\Update\LefttoeUpdate.exe [2016-06-30] () <==== ATTENTION
Task: {C4EE1CAA-F63D-4065-90BA-1AB4B48EBF85} - System32\Tasks\Browser Updater Task(Core) => C:\Program Files (x86)\TXQQBrowser\Update\BB7EB06BAB7AF53B4C4F78FC777B111A\Update\BrowserUpdate.exe [2016-04-25] (Tencent) <==== ATTENTION
Task: {C522950B-308E-4213-9896-8AB874DC1941} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-12] (Google Inc.)
Task: {C83D1446-4494-4969-87B3-41764CD9CB86} - System32\Tasks\ASUS Touchpad Launcher (x64) => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2012-10-31] (AsusTek)
Task: {FED141F1-770B-423F-8E93-0BB74944866B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-12] (Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\František\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Toolrain\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\František\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Toolrain\Application\chrome.exe (Google Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Toolrain\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Toolrain\Application\chrome.exe (Google Inc.)
ShortcutWithArgument: C:\Users\František\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\360c22b137d62ce9\Google Chrome.lnk -> C:\Program Files (x86)\Toolrain\Application\chrome.exe (Google Inc.) -> --profile-directory=ChromeDefaultData
ShortcutWithArgument: C:\Users\František\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\2b661f83725b89f7\Gunship.lnk -> C:\Program Files (x86)\Toolrain\Application\chrome.exe (Google Inc.) -> --profile-directory=ChromeDefaultData
ShortcutWithArgument: C:\Users\František\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\1d47be3a79ae7ff7\Toolrain.lnk -> C:\Program Files (x86)\Toolrain\Application\chrome.exe (Google Inc.) -> --profile-directory=ChromeDefaultData
ShortcutWithArgument: C:\Users\Public\Desktop\Facebook.lnk -> C:\Program Files (x86)\Birdsarah\Application\Facebook.ico () -> http://www.facebook.com
ShortcutWithArgument: C:\Users\Public\Desktop\Google.lnk -> C:\Program Files (x86)\Birdsarah\Application\Google.ico () -> http://www.google.com
ShortcutWithArgument: C:\Users\Public\Desktop\Twitter.lnk -> C:\Program Files (x86)\Birdsarah\Application\Twitter.ico () -> http://www.twitter.com
ShortcutWithArgument: C:\Users\Public\Desktop\Youtube.lnk -> C:\Program Files (x86)\Birdsarah\Application\Youtube.ico () -> http://www.youtube.com
==================== Loaded Modules (Whitelisted) ==============
2016-05-08 14:26 - 2016-06-05 05:51 - 00173256 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll
2015-11-05 02:11 - 2015-11-05 02:12 - 00188072 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2016-06-30 18:55 - 2016-06-30 04:39 - 00424832 _____ () C:\ProgramData\Lefttoe\Lefttoe.exe
2015-12-22 02:47 - 2015-12-22 02:47 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.1\kpcengine.2.3.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:9A870F8B [962]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2016-06-23 12:17 - 00000826 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2228869958-1158791612-544417561-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-2228869958-1158791612-544417561-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_43CB9CD437118EE0C667FEB3C8557399"
HKU\S-1-5-21-2228869958-1158791612-544417561-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-2228869958-1158791612-544417561-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2228869958-1158791612-544417561-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{57D7D7D9-4AFD-4429-8148-C76F80DF4E0A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{C5B4AEF2-3EE4-42D5-83C2-EE7DA2994303}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [TCP Query User{832CD485-02D6-426F-B4C9-2C4AD25560D5}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{F02EDC06-6F7B-4745-BFB5-241932B81D06}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{E936A230-0EA3-4806-8C7F-DE462FCC3264}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\10.0\Mathematica.exe
FirewallRules: [{CD11F8BB-79F1-4A6C-B647-D01832F0EEB4}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\10.0\Mathematica.exe
FirewallRules: [{17A7E003-3A41-408E-900A-9FF9126C0820}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\10.0\MathKernel.exe
FirewallRules: [{F89BFAD5-FA1D-4158-A141-370B23C3CA0F}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\10.0\MathKernel.exe
FirewallRules: [{F42F2B49-AAFF-401C-8B31-586FA16E682E}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\10.0\math.exe
FirewallRules: [{A3F6439F-004E-4386-9F08-765EEF3717D0}] => (Allow) C:\Program Files\Wolfram Research\Mathematica\10.0\math.exe
FirewallRules: [TCP Query User{2F98D15C-1BAE-4056-A866-182389D175F2}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{9A6BCBCE-4101-45B4-8B46-80351F4176D5}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [{839CAA4E-9A70-4A3F-AD85-8507785039B7}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{477D8A67-D20B-4206-980C-22EECD3EBB61}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{771D7899-18DB-4BCB-ADA6-47F96E5518C6}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{FC7E8344-0C3F-4685-8E8A-E09642B4CEFB}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [TCP Query User{9598CB78-C741-4C67-BB48-146B96B7C269}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{5469CCAA-A6DB-4093-8140-B0358EC18F0D}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [{6D56FF30-71BC-42EA-B305-E8F1DC4F3538}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{578860B7-58B6-47F3-A60E-1A6B17437698}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{8ACC9537-DA76-467A-983B-84F51F0F0358}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{208BFEA0-2B58-460B-A9F1-DAE2DBE0B05D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{1124ABBB-25D9-4E8A-BDA8-38ACDDA21649}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A6F46322-7F79-4BF9-B91E-2C45FC669672}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{D4BB404D-5B89-4430-A91D-E150C8C1E193}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{855AF4B0-C052-49C0-89DC-B9C66980A334}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{E18C358F-B299-4C44-870E-C5BA06B54C63}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{950C86B9-4282-458B-B748-1E0D9CF8CFC0}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{6AD5E565-AABE-42BA-86B9-C15F3024D343}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{DD186EEC-310D-4A29-8BE9-74F81E615EC8}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [TCP Query User{8E76CAB8-6E0B-4AAD-B542-3DEE5714907A}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{739C4C29-1F9C-4F0E-B501-1C577AB02470}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{4C5DA6DE-BA3F-4E77-9AEC-15B550C8A2EF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{58D9E4B4-2307-482A-87C7-21ACB65F28D4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{A6334F2F-00C5-422C-AB02-E6D5F1D0C183}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{90511A03-1D54-4175-A08E-95D3EB8B6947}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{B8506A36-F223-40F2-85FD-DFD31CEFB8AE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{C466FD27-1C4C-45B5-8622-B026BC219669}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{72BCFD39-4CCE-4CD4-8C67-D752730B23F9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{5E7F501E-FC36-4411-A42C-A594132593EB}] => (Allow) C:\Users\František\AppData\Roaming\RIOTGames\rgDownload\rgDownload.exe
FirewallRules: [{DE74F027-C95B-4542-9771-67075E67BA4F}] => (Allow) C:\Users\František\AppData\Roaming\RIOTGames\rgDownload\rgDownload.exe
FirewallRules: [TCP Query User{D1F369FD-2878-4C6D-A42E-C7305C2F5D86}C:\program files (x86)\gunship\application\chrome.exe] => (Allow) C:\program files (x86)\gunship\application\chrome.exe
FirewallRules: [UDP Query User{6268ACD7-32DB-4154-90B8-297603C7EA25}C:\program files (x86)\gunship\application\chrome.exe] => (Allow) C:\program files (x86)\gunship\application\chrome.exe
FirewallRules: [{8B6C16D0-FF00-4A6F-A782-E2F6AF6BCC6D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{97BC9905-23CD-48CC-A8CA-CAB78AC186C0}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{4CE91AAB-BD8B-4A62-BB22-DFE634DF3EEE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{5437E013-0FB6-4E22-9E58-63CB0B01C1C3}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{87EEC96C-AEA5-4D8C-BC9F-AC6E7FD1FEE5}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{37D578FD-5360-412D-A8AB-BC6CCF9B102C}] => (Allow) C:\Program Files (x86)\Lefttoe\Update\LefttoeUpdate.exe
FirewallRules: [{50AD94F2-D6D9-4056-8DB9-2692578AB3EF}] => (Allow) C:\Program Files (x86)\Lefttoe\Application\chrome.exe
FirewallRules: [{D0831C37-B0E9-435D-B7D7-0AC582C2076A}] => (Allow) C:\ProgramData\Lefttoe\Lefttoe.exe
==================== Restore Points =========================
30-06-2016 19:02:37 Chrome Cleanup Tool
30-06-2016 19:24:35 Chrome Cleanup Tool
==================== Faulty Device Manager Devices =============
Name: VirtualBox Host-Only Ethernet Adapter
Description: VirtualBox Host-Only Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Oracle Corporation
Service: VBoxNetAdp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (06/30/2016 09:12:08 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: eFíno)
Description: Aplikaci Microsoft.BingWeather_8wekyb3d8bbwe!App se nepovedlo aktivovat, protože došlo k chybě: -2144927148. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
Error: (06/30/2016 09:11:10 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program FRSTLauncher.exe verze 30.9.13.1 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID procesu: 554
Čas spuštění: 01d1d3020ad9188d
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Users\František\Desktop\FRSTLauncher.exe
ID hlášení: 653add0b-3ef6-11e6-8277-08606e00149f
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (06/30/2016 08:43:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: adwcleaner_5.200.exe, verze: 5.200.0.0, časové razítko: 0x57604e9c
Název chybujícího modulu: adwcleaner_5.200.exe, verze: 5.200.0.0, časové razítko: 0x57604e9c
Kód výjimky: 0xc0000005
Posun chyby: 0x00020fea
ID chybujícího procesu: 0xae8
Čas spuštění chybující aplikace: 0xadwcleaner_5.200.exe0
Cesta k chybující aplikaci: adwcleaner_5.200.exe1
Cesta k chybujícímu modulu: adwcleaner_5.200.exe2
ID zprávy: adwcleaner_5.200.exe3
Úplný název chybujícího balíčku: adwcleaner_5.200.exe4
ID aplikace související s chybujícím balíčkem: adwcleaner_5.200.exe5
Error: (06/30/2016 07:57:09 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: eFíno)
Description: Aplikaci Microsoft.BingSports_8wekyb3d8bbwe!AppexSports se nepovedlo aktivovat, protože došlo k chybě: -2144927148. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
Error: (06/30/2016 07:42:18 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: eFíno)
Description: Aplikaci Microsoft.BingFinance_8wekyb3d8bbwe!AppexFinance se nepovedlo aktivovat, protože došlo k chybě: -2144927148. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
Error: (06/30/2016 07:24:36 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).
System Error:
Přístup byl odepřen.
.
Error: (06/30/2016 07:04:15 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Generování kontextu aktivace pro 1 se nezdařilo. Chyba v souboru manifestu nebo zásady 2 na řádku 3.
Neplatná syntaxe XML.
Error: (06/30/2016 07:02:39 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddWin32ServiceFiles: Unable to back up image of service Update Service(GunshipU) since QueryServiceConfig API failed
System Error:
Systém nemůže nalézt uvedený soubor.
.
Error: (06/30/2016 07:02:39 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).
System Error:
Přístup byl odepřen.
.
Error: (06/30/2016 06:50:57 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: eFíno)
Description: Aplikaci Microsoft.BingFinance_8wekyb3d8bbwe!AppexFinance se nepovedlo aktivovat, protože došlo k chybě: -2144927148. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.
System errors:
=============
Error: (06/30/2016 08:43:34 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Správce služeb se pokusil o opravnou akci (Restartovat službu) po nečekaném ukončení služby Windows Search, ale tato akce selhala kvůli následující chybě:
%%1056 = Instance této služby je již spuštěna.
Error: (06/30/2016 08:43:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Protect Service(LefttoeP) byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 9000 milisekund: Restartovat službu.
Error: (06/30/2016 08:43:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba NVIDIA Update Service Daemon byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (06/30/2016 08:43:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba NMIndexingService byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (06/30/2016 08:43:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Integrated Clock Controller Service - Intel(R) ICCS byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (06/30/2016 08:43:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error: (06/30/2016 08:43:04 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba WFini WdMan Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (06/30/2016 08:43:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba RzSurroundVADStreamingService byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.
Error: (06/30/2016 08:43:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Razer Game Scanner byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.
Error: (06/30/2016 08:43:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Microsoft Office ClickToRun byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.
CodeIntegrity:
===================================
Date: 2016-06-20 15:58:43.026
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2016-06-20 13:41:23.932
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2016-06-20 11:21:05.280
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2016-06-20 08:49:41.352
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2016-06-19 20:03:46.107
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2016-06-19 16:42:01.001
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2016-06-19 12:53:38.717
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2016-06-19 12:39:43.392
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2016-06-18 17:34:27.863
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
Date: 2016-06-18 17:19:50.488
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
Percentage of memory in use: 27%
Total physical RAM: 8077.49 MB
Available physical RAM: 5889.86 MB
Total Virtual: 16269.49 MB
Available Virtual: 14234.57 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:232.37 GB) (Free:65.28 GB) NTFS
Drive d: () (Fixed) (Total:280.46 GB) (Free:279.97 GB) NTFS
Drive e: () (Fixed) (Total:418.18 GB) (Free:48.01 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 00000000)
Partition: GPT.
========================================================
Disk: 1 (Size: 698.6 GB) (Disk ID: B19F8D36)
Partition: GPT.
==================== End of Addition.txt ============================
Děkuji.
František