Prosím o kontrolu logu. Vyřešeno

[Sefr123Czech]

Vypadá vše v pořádku. Jen se mi ve správci úloh nelíbí to, že tam je 2x dllhost.exe s popisem COM SURROGATE.

[Reklama]

[Orcus]

Ke com surrogate si přeči tento článek:
https://blogs.msdn.microsoft.com/oldnew ... 0/?p=19173

Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu, pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

[Sefr123Czech]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03-08-2016
Ran by Muficek (administrator) on DELL (08-08-2016 15:47:40)
Running from C:\Users\Muficek\Desktop
Loaded Profiles: Muficek (Available Profiles: Muficek)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Windows\System32\nvwmi64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Windows\System32\nvwmi64.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
() C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2727568 2015-02-04] ()
HKU\S-1-5-21-3991950865-606828374-3014643882-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8891608 2016-07-13] (Piriform Ltd)
HKU\S-1-5-21-3991950865-606828374-3014643882-1001\...\Policies\Explorer: []
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Vyhledat aktualizace.lnk [2016-06-08]
ShortcutTarget: Vyhledat aktualizace.lnk -> C:\Program Files (x86)\Common Files\PCTV Systems\WebUpdater\WebUpdater.exe (PCTV Systems)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{12BA1678-1F11-4187-83DC-E5EE1C4E417A}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{94826666-C5FA-4CEB-AF9C-B9675B06EDF0}: [DhcpNameServer] 192.168.42.129

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3991950865-606828374-3014643882-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-3991950865-606828374-3014643882-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3991950865-606828374-3014643882-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-12-28] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-12-28] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-12-28] (Oracle Corporation)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-12-28] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Muficek\AppData\Roaming\Mozilla\Firefox\Profiles\ri2nv9j4.default-1444402832460
FF NewTab: about:newtab
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-10-09] ()
FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-12-28] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-12-28] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-05] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-10-09] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-12-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-12-28] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-05] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-04] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-04] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3991950865-606828374-3014643882-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Muficek\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [No File]

Chrome:
=======
CHR Profile: C:\Users\Muficek\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Muficek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-08-01]
CHR Extension: (Dokumenty Google) - C:\Users\Muficek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-01]
CHR Extension: (Disk Google) - C:\Users\Muficek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-01]
CHR Extension: (YouTube) - C:\Users\Muficek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-01]
CHR Extension: (Tabulky Google) - C:\Users\Muficek\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-01]
CHR Extension: (Dokumenty Google offline) - C:\Users\Muficek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Muficek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-01]
CHR Extension: (Gmail) - C:\Users\Muficek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-01]
CHR Extension: (Chrome Media Router) - C:\Users\Muficek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-02]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [31160 2015-02-05] (Autodesk, Inc.)
R2 HuaweiHiSuiteService64.exe; C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe [192304 2016-02-16] ()
R2 NVWMI; C:\Windows\system32\nvwmi64.exe [2692296 2015-02-04] ()
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AbilisT; C:\Windows\System32\Drivers\AbilisBdaTuner.sys [128264 2010-03-18] (ABILIS Systems)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R3 azvusb; C:\Windows\System32\DRIVERS\azvusb.sys [54784 2009-08-24] (AzureWave Technologies, Inc.)
S3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30352 2015-05-12] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 qcusbser; C:\Windows\System32\DRIVERS\qcusbser.sys [242688 2013-04-24] (QUALCOMM Incorporated) [File not signed]
R0 sfdrv01; C:\Windows\System32\drivers\sfdrv01.sys [75384 2009-02-03] (Protection Technology (StarForce))
R0 sfvfs02; C:\Windows\System32\drivers\sfvfs02.sys [107384 2007-02-08] (Protection Technology (StarForce))
S3 ss_bserd; C:\Windows\System32\DRIVERS\ss_bserd.sys [128000 2016-01-08] (MCCI Corporation)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2016-08-01] ()
S1 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [119712 2016-04-28] (Oracle Corporation)
S3 HWHandSet; system32\DRIVERS\hw_quusbmdm.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-08-08 15:47 - 2016-08-08 15:47 - 00012510 _____ C:\Users\Muficek\Desktop\FRST.txt
2016-08-08 15:47 - 2016-08-08 15:47 - 00000000 ____D C:\FRST
2016-08-08 15:46 - 2016-08-08 15:47 - 02393600 _____ (Farbar) C:\Users\Muficek\Desktop\FRST64.exe
2016-08-07 14:48 - 2016-08-07 14:49 - 00000000 ____D C:\Users\Muficek\Downloads\tModLoader Windows v0.8.3.2
2016-08-07 14:47 - 2016-08-07 14:47 - 10332258 _____ C:\Users\Muficek\Downloads\tModLoader Windows v0.8.3.2.zip
2016-08-06 19:17 - 2016-06-02 20:55 - 11134973 _____ C:\Users\Muficek\Desktop\mrkew retard vzpominka.mp4
2016-08-04 17:55 - 2016-08-04 17:55 - 00000000 ____D C:\Users\Muficek\AppData\Local\Microsoft Games
2016-08-04 10:44 - 2016-08-04 10:44 - 00797760 _____ C:\Users\Muficek\Downloads\delfix_1.013.exe
2016-08-04 10:42 - 2016-08-04 10:42 - 00327236 _____ C:\Users\Muficek\Documents\cc_20160804_104154_backup_reg.reg
2016-08-04 10:37 - 2016-08-04 10:37 - 08136664 _____ (Piriform Ltd) C:\Users\Muficek\Downloads\ccsetup520.exe
2016-08-04 10:37 - 2016-08-04 10:37 - 08136664 _____ (Piriform Ltd) C:\Users\Muficek\Downloads\ccsetup520 (1).exe
2016-08-04 10:37 - 2016-08-04 10:37 - 00002786 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2016-08-04 10:37 - 2016-08-04 10:37 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-08-04 10:37 - 2016-08-04 10:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-08-04 10:37 - 2016-08-04 10:37 - 00000000 ____D C:\Program Files\CCleaner
2016-08-04 10:36 - 2016-08-04 10:36 - 00000000 ____D C:\Users\Muficek\Downloads\backups
2016-08-03 12:12 - 2016-08-03 12:32 - 504604161 _____ C:\Users\Muficek\Downloads\foto final.zip
2016-08-03 11:07 - 2016-08-03 11:07 - 00000000 _____ C:\Users\Muficek\Desktop\Nový textový dokument (2).txt
2016-08-02 20:40 - 2016-08-04 10:38 - 00000000 ____D C:\Windows\erdnt
2016-08-02 13:32 - 2016-08-02 13:33 - 00000000 ____D C:\Users\Muficek\Downloads\TerrariaPatcher.v1.2.0.21.public
2016-08-02 13:31 - 2016-08-02 13:31 - 00200938 _____ C:\Users\Muficek\Downloads\TerrariaPatcher.v1.2.0.21.public.zip
2016-08-02 13:05 - 2016-08-02 13:06 - 00000000 ____D C:\Users\Muficek\Downloads\tshock_release
2016-08-02 13:03 - 2016-08-02 13:03 - 08049196 _____ C:\Users\Muficek\Downloads\tshock_release.zip
2016-08-01 21:47 - 2016-08-01 21:30 - 00024064 _____ C:\Windows\zoek-delete.exe
2016-08-01 21:29 - 2016-08-01 21:29 - 00001233 _____ C:\Users\Muficek\Desktop\,m,.txt
2016-08-01 21:12 - 2016-08-01 21:12 - 00000819 _____ C:\Users\Muficek\Desktop\fff.txt
2016-08-01 19:36 - 2016-08-01 19:36 - 09898677 _____ C:\Users\Muficek\Desktop\RIP LUSTR.mp4
2016-08-01 18:50 - 2016-08-01 18:50 - 00037289 _____ C:\Users\Muficek\Desktop\dT_KnnYH.jpeg
2016-08-01 12:38 - 2016-08-01 12:38 - 00003444 _____ C:\Users\Muficek\Desktop\rgk.txt
2016-07-31 19:13 - 2016-08-08 10:33 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-07-31 19:12 - 2016-07-31 19:12 - 00001102 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-07-31 19:12 - 2016-07-31 19:12 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-07-31 19:12 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-07-31 19:12 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-07-31 19:12 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-07-27 09:26 - 2016-07-27 09:26 - 02059846 _____ C:\Users\Muficek\Downloads\FlawHUD-master.zip
2016-07-26 18:23 - 2016-07-26 18:24 - 00000600 _____ C:\Users\Muficek\AppData\Local\PUTTY.RND
2016-07-23 18:07 - 2016-07-23 18:07 - 00001084 _____ C:\Users\Muficek\Desktop\VLC media player.lnk
2016-07-22 11:02 - 2016-07-22 11:02 - 00000617 _____ C:\Users\Muficek\Desktop\Scribblenauts.lnk
2016-07-22 11:02 - 2016-07-22 11:02 - 00000222 _____ C:\Users\Muficek\Desktop\Terraria.url
2016-07-22 10:55 - 2016-07-22 10:57 - 364320042 _____ C:\Users\Muficek\Desktop\Vtipne momenty.rar
2016-07-16 12:39 - 2016-07-16 12:39 - 273366919 _____ C:\Users\Muficek\Downloads\IGG-Fallout.Shelter.rar

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-08-08 15:30 - 2015-05-01 13:58 - 00000000 ____D C:\Program Files (x86)\Steam
2016-08-08 14:28 - 2015-05-02 21:04 - 00000000 ____D C:\Users\Muficek\AppData\Roaming\vlc
2016-08-08 10:54 - 2015-05-01 13:55 - 00000000 ____D C:\Users\Muficek\AppData\Roaming\Skype
2016-08-08 10:44 - 2009-07-14 06:45 - 00018240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-08-08 10:44 - 2009-07-14 06:45 - 00018240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-08-08 10:43 - 2015-05-01 14:19 - 00000000 ____D C:\Users\Muficek\AppData\Local\Adobe
2016-08-08 10:39 - 2009-07-14 17:18 - 00668792 _____ C:\Windows\system32\perfh005.dat
2016-08-08 10:39 - 2009-07-14 17:18 - 00141420 _____ C:\Windows\system32\perfc005.dat
2016-08-08 10:39 - 2009-07-14 07:13 - 01583226 _____ C:\Windows\system32\PerfStringBackup.INI
2016-08-08 10:39 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-08-08 10:33 - 2015-05-01 13:51 - 00000000 ____D C:\ProgramData\NVIDIA
2016-08-08 10:33 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-08-04 21:30 - 2015-05-30 19:53 - 00000000 ____D C:\Users\Muficek\AppData\Local\Apps\2.0
2016-08-04 10:45 - 2015-07-17 13:33 - 00001308 _____ C:\DelFix.txt
2016-08-04 10:39 - 2015-07-19 18:09 - 00000000 ____D C:\Users\Muficek\AppData\Local\CrashDumps
2016-08-04 10:39 - 2015-05-01 16:02 - 00000000 ____D C:\Windows\Minidump
2016-08-04 10:39 - 2015-05-01 14:33 - 00000000 ____D C:\Windows\Panther
2016-08-03 20:33 - 2015-05-04 19:14 - 00000000 ____D C:\Users\Muficek\AppData\Local\ElevatedDiagnostics
2016-08-03 20:33 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2016-08-03 11:16 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2016-08-03 11:15 - 2009-07-14 04:34 - 75497472 _____ C:\Windows\system32\config\SOFTWARE.bak
2016-08-03 11:15 - 2009-07-14 04:34 - 18350080 _____ C:\Windows\system32\config\SYSTEM.bak
2016-08-03 11:15 - 2009-07-14 04:34 - 00524288 _____ C:\Windows\system32\config\DEFAULT.bak
2016-08-03 11:15 - 2009-07-14 04:34 - 00262144 _____ C:\Windows\system32\config\SECURITY.bak
2016-08-03 11:15 - 2009-07-14 04:34 - 00262144 _____ C:\Windows\system32\config\SAM.bak
2016-08-03 11:14 - 2016-03-28 11:51 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-08-01 21:44 - 2015-05-01 13:40 - 00000000 ____D C:\Users\Muficek
2016-08-01 21:08 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Globalization
2016-08-01 12:24 - 2015-07-13 09:18 - 00028272 _____ C:\Windows\system32\Drivers\TrueSight.sys
2016-07-30 20:25 - 2015-05-06 21:06 - 00000000 ____D C:\Users\Muficek\AppData\Roaming\Audacity
2016-07-29 09:43 - 2015-11-30 20:18 - 00003948 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-07-29 09:43 - 2015-11-30 20:18 - 00003696 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-07-28 10:47 - 2015-08-26 19:17 - 00000000 ____D C:\Users\Muficek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-07-26 15:26 - 2015-05-01 13:54 - 00000000 ____D C:\ProgramData\Skype
2016-07-23 18:51 - 2016-07-03 20:27 - 00000000 ____D C:\Users\Muficek\Downloads\Half-Life
2016-07-23 18:06 - 2015-06-14 20:03 - 00000000 ____D C:\Users\Muficek\Programy
2016-07-22 10:51 - 2016-02-20 19:44 - 00000000 ____D C:\ProgramData\TechSmith
2016-07-22 10:44 - 2016-05-14 08:53 - 00000000 ____D C:\adb
2016-07-22 10:42 - 2015-11-24 21:54 - 00000000 ____D C:\Games
2016-07-22 10:40 - 2016-04-28 18:38 - 00000000 ____D C:\Program Files (x86)\Sudowin
2016-07-22 10:38 - 2015-12-31 12:22 - 00000000 ____D C:\Users\Muficek\AppData\Roaming\AnkhHeart
2016-07-18 13:07 - 2015-05-12 21:28 - 00000000 ____D C:\Users\Muficek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2016-07-16 12:40 - 2015-07-12 11:15 - 00000000 ____D C:\Users\Muficek\Documents\My Games

==================== Files in the root of some directories =======

2016-07-26 18:23 - 2016-07-26 18:24 - 0000600 _____ () C:\Users\Muficek\AppData\Local\PUTTY.RND
2016-05-16 12:34 - 2016-05-16 12:34 - 0000017 _____ () C:\Users\Muficek\AppData\Local\resmon.resmoncfg
2015-05-01 19:38 - 2015-05-01 19:38 - 0000133 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-07-28 19:29

==================== End of FRST.txt ============================

[Sefr123Czech]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-08-2016
Ran by Muficek (2016-08-08 15:48:16)
Running from C:\Users\Muficek\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2015-05-01 11:39:52)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3991950865-606828374-3014643882-500 - Administrator - Disabled)
Guest (S-1-5-21-3991950865-606828374-3014643882-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3991950865-606828374-3014643882-1002 - Limited - Enabled)
Muficek (S-1-5-21-3991950865-606828374-3014643882-1001 - Administrator - Enabled) => C:\Users\Muficek

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 19 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Adobe Flash Player 19 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated)
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Autodesk AutoCAD Performance Feedback Tool 1.2.4 (HKLM-x32\...\{4E20873D-BC20-495C-AFD9-B18877B7F9BB}) (Version: 1.2.4.0 - Autodesk)
Autodesk BIM 360 Glue AutoCAD 2016 Add-in 64 bit (HKLM\...\{4BEE127E-95C4-434D-ABAC-65155192BB24}) (Version: 4.35.1742 - Autodesk)
Autodesk Content Service (HKLM\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk)
Autodesk Content Service (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Material Library 2016 (HKLM-x32\...\{29A7D6EC-63C2-42FD-8143-5812ABD2923F}) (Version: 6.3.0.15 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2016 (HKLM-x32\...\{6B4CFC6E-ECB0-47FE-95D3-65C680ED0687}) (Version: 6.3.0.15 - Autodesk)
AutoUpdate (HKLM-x32\...\{18D10072035C4515918F7E37EAFAACFC}) (Version: 1.1 - )
Balíček ovladače systému Windows - Google, Inc. (WinUSB) AndroidUsbDeviceClass (08/28/2014 11.0.0000.00000) (HKLM\...\092555911492C6959D2596D612F52DCA71881CA2) (Version: 08/28/2014 11.0.0000.00000 - Google, Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon MX420 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX420_series) (Version: - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.20 - Piriform)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
CPUID HWMonitor 1.27 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
CrystalDiskInfo 6.3.1 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.3.1 - Crystal Dew World)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DivX Codec (HKLM-x32\...\{7B63B2922B174135AFC0E1377DD81EC2}) (Version: 6.6.1 - DivX, Inc.)
FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version: - Image-Line)
FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version: - )
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
GTA San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 1.0 - Huawei Technologies Co.,Ltd)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version: - Cheat Engine)
IdleMaster (HKU\S-1-5-21-3991950865-606828374-3014643882-1001\...\1d85483b1c982d8c) (Version: 1.4.0.0 - IdleMaster)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line)
IL Shared Libraries (HKLM-x32\...\IL Shared Libraries) (Version: - Image-Line)
Import souborů SketchUp 2016 (HKLM-x32\...\{C769FB7C-1F55-4B31-9A2A-21CEC50F4F92}) (Version: 2.0.0 - Autodesk)
Java 8 Update 66 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Java SE Development Kit 8 Update 66 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180660}) (Version: 8.0.660.18 - Oracle Corporation)
Left 4 Dead 2 (HKLM\...\Steam App 550) (Version: - Valve)
LibreOffice 5.0.1.2 (HKLM-x32\...\{927AE35D-72BC-437D-BAC7-EE47D03DEE54}) (Version: 5.0.1.2 - The Document Foundation)
Malwarebytes Anti-Malware verze 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
MeinPlatz (HKLM-x32\...\MeinPlatz) (Version: - )
Microsoft .NET Framework 4.5 CSY Language Pack (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package - SE (x64) (HKLM\...\Microsoft Visual J# 2.0 Redistributable Package - SE (x64)) (Version: - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
NetBeans IDE 8.1 (HKLM\...\nbi-nb-base-8.1.0.0.201510222201) (Version: 8.1 - NetBeans.org)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.9 - Notepad++ Team)
NVIDIA nView 141.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 141.36 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.44 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.44 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{64467D47-FFE4-4FBC-ABBA-A0DB829A17EB}) (Version: 9.12.0613 - NVIDIA Corporation)
NVIDIA WMI 2.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVWMI) (Version: 2.18.0 - NVIDIA Corporation)
Ovládací panel NVIDIA 341.44 (Version: 341.44 - NVIDIA Corporation) Hidden
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 3.3 r2519 - )
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RICOH R5C83x/84x Media Driver x86 Ver.3.34.03 (HKLM-x32\...\{59F6A514-9813-47A3-948C-8A155460CC2A}) (Version: 3.34.03 - )
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.16061.19 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.4.16061.19 - Samsung Electronics Co., Ltd.) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)
Scribblenauts Unlimited (HKLM-x32\...\Scribblenauts Unlimited_is1) (Version: - )
SketchUp 2015 (HKLM\...\{350488A4-1540-4103-8F01-B27503891EB0}) (Version: 15.3.331 - Trimble Navigation Limited)
Skype™ 7.25 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.25.106 - Skype Technologies S.A.)
Speciální aplikace Autodesk 2016 (HKLM-x32\...\{D42F37CD-9AF9-4435-A474-B387C5BB6B47}) (Version: 2.0.0 - Autodesk)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Sylenth1 Demo v2.20 (HKLM\...\Sylenth1Demo_is1) (Version: - )
Team Fortress 2 (HKLM\...\Steam App 440) (Version: - Valve)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKU\S-1-5-21-3991950865-606828374-3014643882-1001\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TEdit 3 (HKLM-x32\...\{81AD2B41-110A-4A0A-9DB7-A03285E2620F}) (Version: 3.5.15047.30 - BinaryConstruct)
Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)
Torchlight II version 1.25.5.2 (HKLM-x32\...\Torchlight II_is1) (Version: 1.25.5.2 - )
TVCenter (HKLM\...\{B32267A7-4B02-4C03-A69C-61247B3A3A2C}) (Version: 6.4.9.1033 - PCTV Systems)
Vegas Pro 13.0 (64-bit) (HKLM\...\{1EEE0BEE-0BC8-11E5-A19E-F04DA23A5C58}) (Version: 13.0.453 - Sony)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Zachranari (HKLM-x32\...\Zachranari_is1) (Version: 1.0 - US-ACTION, s.r.o.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3991950865-606828374-3014643882-1001_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> F:\AutoCad\AutoCAD 2016\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-3991950865-606828374-3014643882-1001_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> F:\AutoCad\AutoCAD 2016\acad.exe => No File
CustomCLSID: HKU\S-1-5-21-3991950865-606828374-3014643882-1001_Classes\CLSID\{5370C727-1451-4700-A960-77630950AF6D}\localserver32 -> F:\AutoCad\AutoCAD 2016\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-3991950865-606828374-3014643882-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> F:\AutoCad\AutoCAD 2016\cs-CZ\acadficn.dll => No File

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0FA910BF-34A1-4BAF-8454-6F26047DA401} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {14AC2A8F-9BA4-4088-A786-A1AC647F89F0} - System32\Tasks\{04E41C9D-7AA1-4E0C-901A-250B072988A7} => C:\Users\Muficek\Downloads\-Getintopc.com-air-nexus2 (1)\Nexus 2 Setup.exe
Task: {9EDA6889-9917-4053-8915-DE81C1836508} - System32\Tasks\{1632E9BC-73D9-4ED2-9786-3BE8BDF2F342} => C:\Users\Muficek\Downloads\-Getintopc.com-air-nexus2 (1)\Nexus 2 Setup.exe
Task: {ABBCB50F-E4EC-48B2-A00C-38A2B89B8DDC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-07-13] (Piriform Ltd)
Task: {B7772B21-4360-4375-9BFF-1D57625B2977} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {D4C45875-EE19-4078-B109-88967345906D} - System32\Tasks\AdobeAAMUpdater-1.0-DELL-Muficek => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-05-26] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Muficek\AppData\Local\Microsoft\Windows\GameExplorer\{3E42A221-FB32-46F4-B07D-6F8BD12D4B79}\SupportTasks\1\Podpora.lnk -> hxxp://www.activision.com/support/
Shortcut: C:\Users\Muficek\AppData\Local\Microsoft\Windows\GameExplorer\{3E42A221-FB32-46F4-B07D-6F8BD12D4B79}\SupportTasks\0\Další hry od společnosti Microsoft.lnk -> hxxp://www.activision.com/games/wolfenstein/
Shortcut: C:\Users\Muficek\AppData\Local\Microsoft\Windows\GameExplorer\{35359753-A943-479C-A4A2-00A66BCAB79F}\SupportTasks\1\Podpora.lnk -> hxxp://www.activision.com/support/
Shortcut: C:\Users\Muficek\AppData\Local\Microsoft\Windows\GameExplorer\{35359753-A943-479C-A4A2-00A66BCAB79F}\SupportTasks\0\Další hry od společnosti Microsoft.lnk -> hxxp://www.activision.com/games/wolfenstein/

==================== Loaded Modules (Whitelisted) ==============

2015-05-01 13:51 - 2015-02-04 05:56 - 02692296 _____ () C:\Windows\system32\nvwmi64.exe
2015-05-01 13:51 - 2015-02-04 04:21 - 00115400 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-06-02 16:11 - 2016-02-16 11:04 - 00192304 _____ () C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe
2016-06-18 11:37 - 2016-06-15 11:15 - 01745560 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libglesv2.dll
2016-06-18 11:37 - 2016-06-15 11:15 - 00091288 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libegl.dll
2015-05-01 13:59 - 2016-03-23 22:11 - 00785920 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-05-01 13:59 - 2015-07-02 00:06 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-05-01 13:59 - 2015-07-02 00:06 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-05-01 13:59 - 2015-07-02 00:06 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-05-01 13:59 - 2016-07-30 06:22 - 02321184 _____ () C:\Program Files (x86)\Steam\video.dll
2015-05-01 13:59 - 2016-01-27 09:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-05-01 13:59 - 2016-01-27 09:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-05-01 13:59 - 2016-01-27 09:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-05-01 13:59 - 2016-01-27 09:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-05-01 13:59 - 2016-01-27 09:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-05-01 13:59 - 2016-07-30 06:22 - 00835360 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-02-19 17:29 - 2016-07-05 00:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2015-05-01 13:59 - 2016-07-12 00:23 - 49825568 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-05-01 13:59 - 2015-09-25 01:52 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll
2016-07-15 18:14 - 2016-07-06 18:01 - 17602240 _____ () C:\Users\Muficek\AppData\Local\Google\Chrome\User Data\PepperFlash\22.0.0.209\pepflashplayer.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-3991950865-606828374-3014643882-1001\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2016-08-03 11:16 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3991950865-606828374-3014643882-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Users^Muficek^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Rainmeter.lnk => C:\Windows\pss\Rainmeter.lnk.Startup
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: IJNetworkScannerSelectorEX => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{C76FDA6F-FF13-4754-B7BE-EA4B6730542C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{EEA88A8A-E453-4869-98F8-DCB7EC312FB3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{8B385D71-3A90-4104-A8DE-09C05DA92006}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{514E3C7B-CCA9-47D7-A50A-BAFE5814A6CC}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{95B8EAB2-1DA7-43E9-B397-CDEDD9B4D4D8}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{B6D7B076-05EC-4F7E-9328-8982F356032E}] => (Allow) LPort=49316
FirewallRules: [{117780D6-43C0-4BB2-9681-A7679DA74989}] => (Allow) LPort=5000
FirewallRules: [TCP Query User{7FCC1EB6-ACEC-4D45-A848-3A111D75DE54}E:\csko\csko.exe] => (Allow) E:\csko\csko.exe
FirewallRules: [UDP Query User{1B620612-0373-42EA-890F-6A0A12D753E1}E:\csko\csko.exe] => (Allow) E:\csko\csko.exe
FirewallRules: [{B8FD79E2-7007-4237-8509-109760B91551}] => (Allow) LPort=50248
FirewallRules: [TCP Query User{4FD0BC4B-6769-4661-83F4-6E62835DA591}D:\steamlibrary\steamapps\common\team fortress 2\hl2.exe] => (Allow) D:\steamlibrary\steamapps\common\team fortress 2\hl2.exe
FirewallRules: [UDP Query User{74AB5649-00F2-4AE4-A6EC-988DA6B9EDEF}D:\steamlibrary\steamapps\common\team fortress 2\hl2.exe] => (Allow) D:\steamlibrary\steamapps\common\team fortress 2\hl2.exe
FirewallRules: [TCP Query User{EBD847B7-426B-4A52-9CE4-0474B939343B}D:\csko\csko.exe] => (Allow) D:\csko\csko.exe
FirewallRules: [UDP Query User{AE0F51DC-85B9-40BA-957B-F26EA6BAC0F1}D:\csko\csko.exe] => (Allow) D:\csko\csko.exe
FirewallRules: [{6D6BDEC1-75C5-48F3-B50B-D829A72496A8}] => (Allow) D:\SteamLibrary\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{4F6F6214-B809-498E-BD81-4D9BFACACB3D}] => (Allow) D:\SteamLibrary\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{147E0323-6347-4A98-8CCC-CF50EA040C3B}] => (Allow) D:\SteamLibrary\steamapps\common\Lambda Wars\lambdawars.exe
FirewallRules: [{051D9D7C-21E9-4FBB-BBDE-8CDECA7F53E6}] => (Allow) D:\SteamLibrary\steamapps\common\Lambda Wars\lambdawars.exe
FirewallRules: [TCP Query User{092A622E-79B9-4FB9-8049-22B39850315A}D:\program files (x86)\return to castle wolfenstein\wolfmp.exe] => (Allow) D:\program files (x86)\return to castle wolfenstein\wolfmp.exe
FirewallRules: [UDP Query User{26803B79-6F09-4224-8650-C394C63004D9}D:\program files (x86)\return to castle wolfenstein\wolfmp.exe] => (Allow) D:\program files (x86)\return to castle wolfenstein\wolfmp.exe
FirewallRules: [{864C7A0E-DA07-47EA-986E-E661618301A9}] => (Allow) D:\SteamLibrary\steamapps\common\Clicker Heroes\Clicker Heroes.exe
FirewallRules: [{3A5A120A-B619-4919-A148-697903B0BC32}] => (Allow) D:\SteamLibrary\steamapps\common\Clicker Heroes\Clicker Heroes.exe
FirewallRules: [TCP Query User{3373DB71-69CF-4688-B6DF-9AB4479DAEE5}C:0\steamlibrary\steamapps\common\counter-strike global offensive\csgo.exe] => (Allow) C:0\steamlibrary\steamapps\common\counter-strike global offensive\csgo.exe
FirewallRules: [UDP Query User{BA8DC58D-6D95-40A4-9560-B166AE1B0661}C:0\steamlibrary\steamapps\common\counter-strike global offensive\csgo.exe] => (Allow) C:0\steamlibrary\steamapps\common\counter-strike global offensive\csgo.exe
FirewallRules: [TCP Query User{59907201-0404-40AF-93BD-652021E84B41}C:0\steamlibrary\steamapps\common\team fortress 2\hl2.exe] => (Allow) C:0\steamlibrary\steamapps\common\team fortress 2\hl2.exe
FirewallRules: [UDP Query User{974F1BFC-B6FD-40A1-A610-39A9F4F269BA}C:0\steamlibrary\steamapps\common\team fortress 2\hl2.exe] => (Allow) C:0\steamlibrary\steamapps\common\team fortress 2\hl2.exe
FirewallRules: [{96DC8597-8639-48F3-9576-06A6B7C507B0}] => (Allow) D:\SteamLibrary\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{771893B7-1425-47CD-AD3D-0915F8384C00}] => (Allow) D:\SteamLibrary\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [TCP Query User{7F1A8F23-B394-425D-A8A0-9BE413CF12B3}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{901245E4-CE46-4596-B0AC-02C2795A1E8E}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [{96583C54-B087-4553-87FB-3940DB379BCD}] => (Allow) LPort=1900
FirewallRules: [{96949F9E-AA27-410A-9B6A-3B72A9BCE0B4}] => (Allow) LPort=2869
FirewallRules: [{B113D2A4-0F00-4014-BC87-27DC87260B64}] => (Allow) LPort=1900
FirewallRules: [{CBD116C7-2B8D-406A-B454-3934A1664DFC}] => (Allow) LPort=2869
FirewallRules: [TCP Query User{22723343-BFC5-47AD-BE52-78A960D7AC06}D:\hl1\half-life\hl.exe] => (Allow) D:\hl1\half-life\hl.exe
FirewallRules: [UDP Query User{372359AE-AF75-4EB5-8B7A-87D086E0BBD2}D:\hl1\half-life\hl.exe] => (Allow) D:\hl1\half-life\hl.exe
FirewallRules: [{A23113C9-4D70-471D-A3A1-2FAC21ABA2C0}] => (Allow) D:\SteamLibrary\steamapps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [{7ED35BC3-2C52-488C-8220-F1CF738F522E}] => (Allow) D:\SteamLibrary\steamapps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [TCP Query User{4720A48E-2684-4FC4-A19E-DB494B111DE2}E:\steamlibrary\steamapps\common\garrysmod\hl2.exe] => (Allow) E:\steamlibrary\steamapps\common\garrysmod\hl2.exe
FirewallRules: [UDP Query User{C282E04A-B032-4F31-B14B-3BFCC0A05D36}E:\steamlibrary\steamapps\common\garrysmod\hl2.exe] => (Allow) E:\steamlibrary\steamapps\common\garrysmod\hl2.exe
FirewallRules: [TCP Query User{8776A685-53A6-412C-9B67-83BB2F6F62A3}C:1\steamlibrary\steamapps\common\trackmania nations forever\tmforever.exe] => (Allow) C:1\steamlibrary\steamapps\common\trackmania nations forever\tmforever.exe
FirewallRules: [UDP Query User{E61152DD-E596-4DBC-B5CF-4C4C77468027}C:1\steamlibrary\steamapps\common\trackmania nations forever\tmforever.exe] => (Allow) C:1\steamlibrary\steamapps\common\trackmania nations forever\tmforever.exe
FirewallRules: [TCP Query User{ADD7553B-C5E2-42D8-BCD9-4E2FB4AC525F}C:1\steamlibrary\steamapps\common\team fortress 2\hl2.exe] => (Allow) C:1\steamlibrary\steamapps\common\team fortress 2\hl2.exe
FirewallRules: [UDP Query User{51583662-BBCA-4882-844B-35FC194388FB}C:1\steamlibrary\steamapps\common\team fortress 2\hl2.exe] => (Allow) C:1\steamlibrary\steamapps\common\team fortress 2\hl2.exe
FirewallRules: [{4EDB23B2-73B2-455B-8D40-9AEF7F370AB2}] => (Allow) LPort=8317
FirewallRules: [{02863335-018D-45B3-8EC3-549C1DAF0970}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{FC54493F-3873-4764-B5F3-3F0E46BE2A10}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [TCP Query User{018588BD-42B3-483F-B9F6-F5CAE3BF39D3}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [UDP Query User{5579C607-5D65-492F-86DB-854CF99FCF42}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [{4360A9BE-FDF9-4E9C-A4A8-1EF787B2649F}] => (Allow) E:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{3A7FA63A-968F-4B35-9429-C1F4AF36DB9A}] => (Allow) E:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{80E2C36E-7C62-4B04-B86C-FBA150446256}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{AF641200-C32B-4782-B801-8AE372C84321}] => (Allow) E:\SteamLibrary\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{8F13B80D-06EC-4CFD-9DE8-33EAA1F17A1F}] => (Allow) E:\SteamLibrary\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{E5507D8B-8B50-4F18-9342-C074B787D784}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{9BE98134-C44F-4C8C-A2E5-7C930CFD3424}] => (Allow) LPort=2869
FirewallRules: [{6E9F857E-F8A7-4726-B678-AD4EA98C917F}] => (Allow) LPort=1900
FirewallRules: [{C31A337F-7501-468F-9CDA-9E208B816A66}] => (Allow) E:\SteamLibrary\steamapps\common\AVA\NWZLauncher.exe
FirewallRules: [{55B0CBDA-35BB-4CC4-AECE-6F95495F38B7}] => (Allow) E:\SteamLibrary\steamapps\common\AVA\NWZLauncher.exe
FirewallRules: [{1CEED842-41EA-487D-B118-1DA1530DC6C5}] => (Allow) G:\SteamLibrary\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{4C6028AB-75FC-4F54-9B2C-986D8B7CB85E}] => (Allow) G:\SteamLibrary\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{DFBCDBC5-206E-4683-A7FC-A5C4D6103621}] => (Allow) G:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{53A9D97E-C8D7-4BC4-9471-93019C21E1AB}] => (Allow) G:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe

==================== Restore Points =========================

04-08-2016 10:45:17 End of disinfection

==================== Faulty Device Manager Devices =============

Name: Základní systémové zařízení
Description: Základní systémové zařízení
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Adaptér miniportu Microsoft Virtual WiFi
Description: Adaptér miniportu Microsoft Virtual WiFi
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/07/2016 01:37:22 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program hl2.exe verze 0.0.0.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: b40

Čas spuštění: 01d1f09346b81471

Čas ukončení: 2290

Cesta k aplikaci: G:\SteamLibrary\steamapps\common\Team Fortress 2\hl2.exe

ID hlášení: 4511d4bd-5c93-11e6-9588-001c2320d43a

Error: (08/04/2016 05:58:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program hl2.exe verze 0.0.0.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 1068

Čas spuštění: 01d1ee68f097ff0d

Čas ukončení: 52

Cesta k aplikaci: G:\SteamLibrary\steamapps\common\Team Fortress 2\hl2.exe

ID hlášení: 393b4cd5-5a5c-11e6-bc31-001c2320d43a

Error: (08/02/2016 08:24:58 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\bin\steamwebhelper.exe

Error: (08/02/2016 08:24:58 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\steam.exe

Error: (08/02/2016 06:43:58 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\bin\steamwebhelper.exe

Error: (08/02/2016 06:43:58 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\steam.exe

Error: (08/02/2016 05:41:12 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\bin\steamwebhelper.exe

Error: (08/02/2016 05:41:12 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\steam.exe

Error: (08/02/2016 01:04:32 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\bin\steamwebhelper.exe

Error: (08/02/2016 01:04:32 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\steam.exe


System errors:
=============
Error: (08/08/2016 10:59:11 AM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Služba Sada qWave (Quality Windows Audio Video Experience) závisí na následující službě: lltdio. Tato služba pravděpodobně není nainstalována.

Error: (08/08/2016 10:59:11 AM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Služba Sada qWave (Quality Windows Audio Video Experience) závisí na následující službě: lltdio. Tato služba pravděpodobně není nainstalována.

Error: (08/08/2016 10:59:11 AM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Služba Sada qWave (Quality Windows Audio Video Experience) závisí na následující službě: lltdio. Tato služba pravděpodobně není nainstalována.

Error: (08/08/2016 10:59:11 AM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Služba Sada qWave (Quality Windows Audio Video Experience) závisí na následující službě: lltdio. Tato služba pravděpodobně není nainstalována.

Error: (08/08/2016 10:59:11 AM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Služba Sada qWave (Quality Windows Audio Video Experience) závisí na následující službě: lltdio. Tato služba pravděpodobně není nainstalována.

Error: (08/08/2016 10:59:11 AM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Služba Sada qWave (Quality Windows Audio Video Experience) závisí na následující službě: lltdio. Tato služba pravděpodobně není nainstalována.

Error: (08/08/2016 10:59:11 AM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Služba Sada qWave (Quality Windows Audio Video Experience) závisí na následující službě: lltdio. Tato služba pravděpodobně není nainstalována.

Error: (08/08/2016 10:59:11 AM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Služba Sada qWave (Quality Windows Audio Video Experience) závisí na následující službě: lltdio. Tato služba pravděpodobně není nainstalována.

Error: (08/08/2016 10:53:48 AM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Služba Sada qWave (Quality Windows Audio Video Experience) závisí na následující službě: lltdio. Tato služba pravděpodobně není nainstalována.

Error: (08/08/2016 10:53:48 AM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Služba Sada qWave (Quality Windows Audio Video Experience) závisí na následující službě: lltdio. Tato služba pravděpodobně není nainstalována.


CodeIntegrity:
===================================
Date: 2016-08-03 11:14:36.925
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-08-03 11:14:36.894
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-08-03 11:14:36.847
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-08-03 11:14:36.816
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-08-03 11:10:33.845
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-08-03 11:10:33.814
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-08-03 11:10:33.783
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-08-03 11:10:33.752
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-08-02 20:45:28.732
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-08-02 20:45:28.701
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Duo CPU T7700 @ 2.40GHz
Percentage of memory in use: 46%
Total physical RAM: 4094.13 MB
Available physical RAM: 2193.5 MB
Total Virtual: 8186.47 MB
Available Virtual: 5739.73 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.59 GB) (Free:66.52 GB) NTFS
Drive g: (Portable) (Fixed) (Total:116.45 GB) (Free:29.82 GB) NTFS
Drive i: (Portable2) (Fixed) (Total:28.6 GB) (Free:21.66 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or (Size: 111.8 GB) (Disk ID: 00062695)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.6 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 149.1 GB) (Disk ID: A1BB062C)
Partition 1: (Active) - (Size=116.4 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=32.6 GB) - (Type=05)

==================== End of Addition.txt ============================

[jaro3]

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CloseProcesses:
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3991950865-606828374-3014643882-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3991950865-606828374-3014643882-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [No File]
FF Plugin HKU\S-1-5-21-3991950865-606828374-3014643882-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Muficek\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [No File]
2016-07-29 09:43 - 2015-11-30 20:18 - 00003948 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-07-29 09:43 - 2015-11-30 20:18 - 00003696 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
CustomCLSID: HKU\S-1-5-21-3991950865-606828374-3014643882-1001_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> F:\AutoCad\AutoCAD 2016\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-3991950865-606828374-3014643882-1001_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> F:\AutoCad\AutoCAD 2016\acad.exe => No File
CustomCLSID: HKU\S-1-5-21-3991950865-606828374-3014643882-1001_Classes\CLSID\{5370C727-1451-4700-A960-77630950AF6D}\localserver32 -> F:\AutoCad\AutoCAD 2016\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-3991950865-606828374-3014643882-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> F:\AutoCad\AutoCAD 2016\cs-CZ\acadficn.dll => No File
Task: {0FA910BF-34A1-4BAF-8454-6F26047DA401} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0]

EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

[Sefr123Czech]

Fix result of Farbar Recovery Scan Tool (x64) Version: 03-08-2016
Ran by Muficek (2016-08-10 12:56:34) Run:1
Running from C:\Users\Muficek\Desktop
Loaded Profiles: Muficek (Available Profiles: Muficek)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3991950865-606828374-3014643882-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3991950865-606828374-3014643882-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [No File]
FF Plugin HKU\S-1-5-21-3991950865-606828374-3014643882-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Muficek\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [No File]
2016-07-29 09:43 - 2015-11-30 20:18 - 00003948 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-07-29 09:43 - 2015-11-30 20:18 - 00003696 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
CustomCLSID: HKU\S-1-5-21-3991950865-606828374-3014643882-1001_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> F:\AutoCad\AutoCAD 2016\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-3991950865-606828374-3014643882-1001_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> F:\AutoCad\AutoCAD 2016\acad.exe => No File
CustomCLSID: HKU\S-1-5-21-3991950865-606828374-3014643882-1001_Classes\CLSID\{5370C727-1451-4700-A960-77630950AF6D}\localserver32 -> F:\AutoCad\AutoCAD 2016\acad.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-3991950865-606828374-3014643882-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> F:\AutoCad\AutoCAD 2016\cs-CZ\acadficn.dll => No File
Task: {0FA910BF-34A1-4BAF-8454-6F26047DA401} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0]

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
"HKU\S-1-5-21-3991950865-606828374-3014643882-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-3991950865-606828374-3014643882-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}" => key removed successfully
HKCR\CLSID\{012E1000-F331-11DB-8314-0800200C9A66} => key not found.
"HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9" => key removed successfully
"HKU\S-1-5-21-3991950865-606828374-3014643882-1001\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0" => key removed successfully
C:\Users\Muficek\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll => not found.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKU\S-1-5-21-3991950865-606828374-3014643882-1001_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}" => key removed successfully
"HKU\S-1-5-21-3991950865-606828374-3014643882-1001_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}" => key removed successfully
"HKU\S-1-5-21-3991950865-606828374-3014643882-1001_Classes\CLSID\{5370C727-1451-4700-A960-77630950AF6D}" => key removed successfully
"HKU\S-1-5-21-3991950865-606828374-3014643882-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0FA910BF-34A1-4BAF-8454-6F26047DA401}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0FA910BF-34A1-4BAF-8454-6F26047DA401}" => key removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => key removed successfully
C:\ProgramData\Reprise => ":wupeogjxldtlfudivq`qsp`26hfm" ADS removed successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 2620158 B
Java, Flash, Steam htmlcache => 396517258 B
Windows/system/drivers => 0 B
Edge => 0 B
Chrome => 778096641 B
Firefox => 688128 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 33058 B
Public => 0 B
ProgramData => 0 B
systemprofile => 33186 B
systemprofile32 => 33058 B
LocalService => 33125 B
NetworkService => 33125 B
Muficek => 5057140 B

RecycleBin => 31072 B
EmptyTemp: => 1.1 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 12:56:40 ====

[jaro3]

Co problémy?

[Sefr123Czech]

Vše v pořádku, děkuji vám za pomoc.