Prosím o kontrolu - Podezdření viru, pomalé PC

FoGgyCz · Příspěvekod **FoGgyCz** » 07 kvě 2015 14:40

Zdravím.

Chtěl bych poprosit o kontrolu logu. Dost se počítač loudá.

# AdwCleaner v4.203 - Log vytvořen 09/05/2015 v 19:01:18
# Aktualizováno 30/04/2015 by Xplode
# Databáze : 2015-05-05.1 [Server]
# Operační system : Windows 8.1 Pro (x64)
# Uživatelské jméno : FoGGy - FOGGY
# Spuštěno z : C:\Users\FoGGy\Downloads\adwcleaner_4.203.exe
# Nastavení : Sken

***** [ Služby ] *****

***** [ Soubory / Složky ] *****

Složka Nalezeno : C:\Users\FoGGy\AppData\Local\eSupport.com
Složka Nalezeno : C:\Users\FoGGy\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Složka Nalezeno : C:\Users\FoGGy\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Složka Nalezeno : C:\Users\FoGGy\AppData\Roaming\OpenCandy

***** [ Naplánované úlohy ] *****

***** [ Zástupci ] *****

***** [ Registry ] *****

Klíč Nalezeno : HKCU\Software\eSupport.com
Klíč Nalezeno : HKCU\Software\Headlight
Klíč Nalezeno : [x64] HKCU\Software\eSupport.com
Klíč Nalezeno : [x64] HKCU\Software\Headlight
Klíč Nalezeno : HKLM\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Klíč Nalezeno : HKLM\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck

***** [ Prohlížeče ] *****

-\\ Internet Explorer v11.0.9600.17416

-\\ Google Chrome v42.0.2311.135

[C:\Users\FoGGy\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Nalezeno [Extension] : eofcbnmajmjmplflapaojjnihcjkigck
[C:\Users\FoGGy\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Nalezeno [Extension] : eofcbnmajmjmplflapaojjnihcjkigck

*************************

AdwCleaner[R0].txt - [298 bytů] - [07/05/2015 14:57:16]
AdwCleaner[R1].txt - [298 bytů] - [07/05/2015 14:58:59]
AdwCleaner[R2].txt - [1865 bytů] - [07/05/2015 14:59:26]
AdwCleaner[R3].txt - [1779 bytů] - [07/05/2015 15:01:18]

########## EOF - C:\AdwCleaner\AdwCleaner[R3].txt - [1837 bytů] ##########

Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by FoGGy on źt 09. 05. 2015 at 19:11:45,34.
Microsoft Windows 8.1 Pro 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\FoGGy\Downloads\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

7. 5. 2015 15:03:04 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\COMMON~1\Blizzard Entertainment deleted successfully
C:\Users\FoGGy\AppData\Roaming\Opera Software deleted successfully
C:\Users\FoGGy\AppData\Local\eSupport.com deleted successfully
C:\Users\FoGGy\AppData\Local\Opera Software deleted successfully
C:\Users\FoGGy\AppData\Local\PackageStaging deleted successfully

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== Deleting Files \ Folders ======================

C:\Users\FoGGy\.android deleted
C:\Users\FoGGy\AppData\Roaming\GetRightToGo deleted
C:\Users\FoGGy\AppData\Roaming\OpenCandy deleted
C:\PROGRA~3\Package Cache deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [05. 04. 2015 23:22]

==== Chromium Look ======================

Google Chrome Version: 42.0.2311.135

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
eofcbnmajmjmplflapaojjnihcjkigck - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx[05. 04. 2015 23:20]
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[05. 04. 2015 23:20]

Avast SafePrice - FoGGy\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Bookmark Manager - FoGGy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik
Avast Online Security - FoGGy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki

==== Chromium Startpages ======================

C:\Users\FoGGy\AppData\Local\Google\Chrome\User Data\Default\Preferences
"startup_urls": [ "https://www.facebook.com/", "http://www.youtube.com/", "http://pc-help.cz/" ]

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02"

==== Reset Google Chrome ======================

C:\Users\FoGGy\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\FoGGy\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\FoGGy\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\FoGGy\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\FoGGy\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\FoGGy\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\FoGGy\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\FoGGy\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\FoGGy\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=44 folders=48 42912730 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\FoGGy\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\FoGGy\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on źt 07. 05. 2015 at 15:17:41,34 ======================

Předem děkuji. Za případnou pomoc. Je to už hrozné. Mám takové zdání jestli není i něco s diskem. Jelikož jsem musel aktualizovat plochu abych viděl dva soubory co jsem si přenesl na plochu. Ale nevím. Hry se mi při kliknutí hned spustili. A teď musím počkat tak 5-10s než vůbec se hra dá do spouštění.

Reklama

mople71 · Příspěvekod **mople71** » 07 kvě 2015 14:54

Ahoj!

Rád Ti pomohu s tvým problémem. Čti prosím mé instrukce pozorně a pokud si něčím nebudeš jist, vždy se raději zeptej.

Některé kroky mohou být časově náročné, měj tedy trpělivost - je to v tvém zájmu. Zůstaň se mnou prosím, dokud Ti neřeknu, že Tvé logy jsou kompletně čisté. Pokud přerušíš čištění v polovině, problémy se mohou velmi rychle vrátit...

Po dobu čištění si prosím vypni antivirus a nedělej zásadní změny v OS bez mého vědomí!
V rámci čištění Ti budou vyprázdněny dočasné adresáře včetně Koše.

1) Odstranění malware:

Stáhni si AdwCleaner: http://www.bleepingcomputer.com/download/adwcleaner/

Ulož na Plochu, spusť jako správce, klikni na Scan a poté Logfile, vyjede na tebe log, ten sem prosím přilož. AdwCleaner na chvíli zavři.

Po vložení logu sem si znovu otevři AdwCleaner, kde klikni na Scan a poté tentokrát na Clean. Po restartu PC na tebe vyjede další log, ten sem prosím vlož.

---------------------------------------------------------------------------

Stáhni si Zoek: http://download.bleepingcomputer.com/smeenk/zoek.exe

Ulož na Plochu, otevři jako správce, do otevřeného okna vlož tento kód:

Kód: Vybrat vše

autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;

A klikni na Run script, chvíli to potrvá. Po restartu PC prosím přilož jeho log.

---------------------------------------------------------------------------

Stáhni si MBAM (verzi zadarmo, trial nechceme): http://www.malwarebytes.org/mwb-download/

Nainstaluj, na poslední stránce instalátoru nezapomeň odškrtnout možnost: Povolit bezplatnou zkušební verzi...

Po spuštění se aplikace aktualizuje, poté zvol v horní liště Sken -> vyber Vlastní sken a klikni na Skenovat nyní

Objeví se okno Konfigurace vlastního skenu - vyber všechny disky/diskové oddíly (kromě mechaniky, čtečky,...), v levé liště zatrhni Hledat rootkity a klikni na Spustit sken

Po dokončení skenu klikni na tlačítko Exportovat záznam, log ulož a jeho obsah vlož sem.

Všechny nálezy dej mezitím do karantény.

2) Nová várka logů:

Stáhni si prosím FRST:

Pro 32-bit OS: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Pro 64-bit OS: http://www.bleepingcomputer.com/downloa ... ool/dl/82/

Ulož na Plochu, spusť jako Správce, potvrď licenci a klikni na tlačítko Scan. Vše ponech v základním nastavení, nic navíc nezatrhávej.

Po dokončení skenu na tebe vyjedou dva logy, oba sem prosím zkopíruj.

Příspěvekod **Orcus** » 09 kvě 2015 20:32

OT promázano. Tazatel prosím nechť netopuje téma, dokud nebude mít připraveny všechny logy. Fórum není chat a HJT sekce není určena pro honění příspěvků.

Dále logy bude vkládat sem a né do přílohy a archivů.

Děkuji za pochopení.

FoGgyCz · Příspěvekod **FoGgyCz** » 09 kvě 2015 23:01

Omlouvám se.

Konečně už mám vše.

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-05-2015
Ran by FoGGy at 2015-05-09 20:04:03
Running from C:\Users\FoGGy\Downloads
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-1276816273-3082912571-1758191642-500 - Administrator - Disabled)
FoGGy (S-1-5-21-1276816273-3082912571-1758191642-1001 - Administrator - Enabled) => C:\Users\FoGGy
Guest (S-1-5-21-1276816273-3082912571-1758191642-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1276816273-3082912571-1758191642-1003 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ACP Application (Version: 2.15.10.0003 - Advanced Micro Devices, Inc.) Hidden
Adobe Reader XI (11.0.10) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{F88356F5-1AA4-BBE9-E6CF-5B1CF179D052}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2215 - AVAST Software)
Avencast (HKLM-x32\...\Steam App 46410) (Version: - ClockStone Studios)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB)
CCleaner (HKLM\...\CCleaner) (Version: 5.03 - Piriform)
Counter-Strike 1.6 v36 protokol 48 (HKLM-x32\...\Counter-Strike 1.6 v36 protokol 48) (Version: - )
Counter-Strike: Global Offensive - SDK (HKLM-x32\...\Steam App 745) (Version: - )
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
CPUID HWMonitor 1.25 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
CrystalDiskInfo 6.3.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.3.0 - Crystal Dew World)
DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive)
Deadbreed® (HKLM-x32\...\Steam App 277950) (Version: - Deadbreed AB)
DiRT 3 Complete Edition (HKLM-x32\...\Steam App 321040) (Version: - Codemasters Racing Studio)
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
Dropbox (HKU\S-1-5-21-1276816273-3082912571-1758191642-1001\...\Dropbox) (Version: 3.4.3 - Dropbox, Inc.)
Dropbox (HKU\S-1-5-21-1276816273-3082912571-1758191642-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Dropbox) (Version: 3.4.3 - Dropbox, Inc.)
Dxtory version 2.0.119 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.119 - Dxtory Software)
EA SPORTS™ FIFA World (HKLM-x32\...\{8F9AC744-EEF6-43DB-A4B6-FA1A18F1C640}) (Version: 9.5.0.61021 - Electronic Arts, Inc.)
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version: - SCS Software)
Euro Truck Simulator 2 Multiplayer 0.1.5 R5 Alpha (HKLM-x32\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 0.1.5 R5 Alpha - ETS2MP Team)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Geeks3D FurMark 1.15.1.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: - Geeks3D)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.135 - Google Inc.)
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\Steam App 271590) (Version: - Rockstar North)
Gyazo 2.3 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: - Nota Inc.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Heaven Benchmark version 4.0 (HKLM-x32\...\Unigine Heaven Benchmark (Basic Edition)_is1) (Version: 4.0 - Unigine Corp.)
Hitman: Absolution (HKLM-x32\...\Steam App 203140) (Version: - IO Interactive)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version: - Cheat Engine)
Java 7 Update 80 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417080FF}) (Version: 7.0.800 - Oracle)
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.328 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.328 - LogMeIn, Inc.) Hidden
Mafia II (HKLM-x32\...\Steam App 50130) (Version: - 2K Czech)
Malwarebytes Anti-Malware verze 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Media-Tech Camera (0031.2010.1013.1047) (HKLM-x32\...\{B2920232-19DA-44FC-835F-68E427EAE2CE}) (Version: 0031.2010.1013.1047 - PixArt)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Minecraft1.8 (HKLM-x32\...\Minecraft1.

(Version: - )
MSI Afterburner 4.1.0 (HKLM-x32\...\Afterburner) (Version: 4.1.0 - MSI Co., LTD)
MSI Kombustor 3.5.1 (HKLM\...\{9598DA62-2AE8-426D-9C86-BEA96AC6721E}_is1) (Version: - MSI Co., LTD)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.6 - F.J. Wechselberger)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 9.5.11.2855 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office - Français (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Pixel Puzzles: Japan (HKLM-x32\...\Steam App 284950) (Version: - Decaying Logic)
Project CARS (HKLM-x32\...\Project CARS_is1) (Version: 1.0.1.1 - Релиз от R.G. Steamgames)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Racer (HKLM-x32\...\Racer) (Version: - )
RADical ROACH Deluxe Edition (HKLM-x32\...\Steam App 301750) (Version: - Decaying Logic)
Raptr (HKLM-x32\...\Raptr) (Version: - )
Rapture3D 2.4.8 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version: - Blue Ripple Sound)
Robocraft (HKLM-x32\...\Steam App 301520) (Version: - Freejam)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
Skype™ 7.2 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.2.103 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
System Requirements Lab Detection (HKLM-x32\...\{44A3C3E3-1346-4D78-98B7-C0B1788EFFF2}) (Version: 6.1.4.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
The Hat Man: Shadow Ward (HKLM-x32\...\Steam App 291010) (Version: - Game Mechanics)
Unigine Valley Benchmark version 1.0 (HKLM-x32\...\Unigine Valley Benchmark_is1) (Version: 1.0 - Unigine Corp.)
WinRAR 5.21 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1276816273-3082912571-1758191642-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\FoGGy\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1276816273-3082912571-1758191642-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\FoGGy\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1276816273-3082912571-1758191642-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\FoGGy\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1276816273-3082912571-1758191642-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\FoGGy\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1276816273-3082912571-1758191642-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\FoGGy\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1276816273-3082912571-1758191642-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\FoGGy\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1276816273-3082912571-1758191642-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\FoGGy\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1276816273-3082912571-1758191642-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\FoGGy\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1276816273-3082912571-1758191642-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\FoGGy\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1276816273-3082912571-1758191642-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\FoGGy\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1276816273-3082912571-1758191642-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\FoGGy\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1276816273-3082912571-1758191642-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\FoGGy\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1276816273-3082912571-1758191642-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\FoGGy\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1276816273-3082912571-1758191642-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\FoGGy\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1276816273-3082912571-1758191642-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\FoGGy\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1276816273-3082912571-1758191642-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\FoGGy\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1276816273-3082912571-1758191642-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\FoGGy\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1276816273-3082912571-1758191642-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\FoGGy\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1276816273-3082912571-1758191642-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\FoGGy\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1276816273-3082912571-1758191642-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\FoGGy\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)

==================== Restore Points =========================

22-04-2015 22:17:16 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
25-04-2015 16:08:27 Nainstalováno rozhraní DirectX
02-05-2015 17:25:17 Nainstalováno: Microsoft Visual C++ 2005 Redistributable
05-05-2015 16:46:54 Installed ASUS GPU Tweak
07-05-2015 15:02:40 zoek.exe restore point

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2015-05-07 15:03 - 00000753 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {078112B3-175D-4BED-A26D-A73E176EF819} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {1C1C76E1-1B44-4D65-A146-82E73D0CA873} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2014-07-04] ()
Task: {22F371FA-394C-41A6-A11E-1F5E7DF42381} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {54741182-39E2-431E-8FC6-2C686365026E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-17] (Google Inc.)
Task: {5855F9FF-D5A0-4452-90F3-F669C3E14B3D} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {600300EC-A98C-4D4F-AAA5-CD1822A717CA} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)
Task: {A99A611C-CC36-4A8F-8DC1-C7C08E32094A} - \AutoKMS No Task File <==== ATTENTION
Task: {C0072431-33F7-44EA-92CA-2FCD741F2836} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {CE73C19E-45E9-43CD-88E3-38CD488CBEAA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-17] (Google Inc.)
Task: {E8DC6B0A-9957-4FCC-869C-F80C9289BB6C} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-04-05] (Avast Software s.r.o.)
Task: {F1644674-FB0B-46C7-8658-3AA9DF4CA29C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {F6E35742-2A10-4EC5-A6B0-50E73532A9C2} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-04-16] (Microsoft Corporation)
Task: {F6ECFE31-C061-40BA-B9A1-AB14AFB4677B} - System32\Tasks\PCMeter\Startup => C:\Users\FoGGy\AppData\Local\Temp\Rar$EXa0.517\PCMeterV4\PCMeterV0.4.exe <==== ATTENTION
Task: {F8391FAC-C852-401F-AEB6-BD40FBBB7E4D} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2012-10-01 21:34 - 2012-10-01 21:34 - 06522480 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2015-03-31 16:24 - 2015-03-31 16:24 - 00127488 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2015-04-05 19:59 - 2015-04-05 20:09 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-03-31 16:24 - 2015-03-31 16:24 - 00102400 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2015-04-05 23:21 - 2015-04-05 23:21 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-04-05 23:20 - 2015-04-05 23:20 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-05-08 21:40 - 2015-05-08 21:40 - 02926592 _____ () C:\Program Files\AVAST Software\Avast\defs\15050801\algo.dll
2015-05-09 12:17 - 2015-05-09 12:17 - 02926592 _____ () C:\Program Files\AVAST Software\Avast\defs\15050900\algo.dll
2015-04-05 23:21 - 2015-04-05 23:21 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-05-08 19:12 - 2015-05-06 22:15 - 01110020 _____ () C:\Program Files (x86)\Project CARS\steam_api.dll
2015-05-01 11:45 - 2015-04-28 04:07 - 01252680 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\libglesv2.dll
2015-05-01 11:45 - 2015-04-28 04:07 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\libegl.dll
2015-05-01 11:45 - 2015-04-28 04:07 - 14980424 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\PepperFlash\pepflashplayer.dll
2012-10-01 21:33 - 2012-10-01 21:33 - 06522480 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2015-03-17 22:38 - 2015-03-10 08:37 - 00775680 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-03-17 22:38 - 2014-12-02 02:29 - 05002752 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-03-17 22:38 - 2015-04-14 01:44 - 02371776 _____ () C:\Program Files (x86)\Steam\video.dll
2015-03-17 22:38 - 2014-12-02 02:29 - 01612800 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-03-17 22:38 - 2014-12-02 02:29 - 01210368 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-03-17 22:38 - 2014-12-01 23:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-03-17 22:38 - 2014-12-01 23:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-03-17 22:38 - 2014-12-01 23:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-03-17 22:38 - 2014-12-01 23:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-03-17 22:38 - 2014-12-01 23:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-03-17 22:38 - 2015-04-14 01:44 - 00702656 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-03-17 22:38 - 2015-02-25 03:58 - 34641288 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-03-17 22:38 - 2015-02-25 03:58 - 01709960 _____ () C:\Program Files (x86)\Steam\bin\ffmpegsumo.dll
2015-03-20 18:58 - 2014-07-04 00:26 - 05083820 _____ () C:\Program Files (x86)\Gyazo\GyazoUpdate.exe

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\FoGGy\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1276816273-3082912571-1758191642-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\FoGGy\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
HKU\S-1-5-21-1276816273-3082912571-1758191642-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\FoGGy\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
DNS Servers: 10.0.0.138

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "PAC7302_Monitor"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKU\S-1-5-21-1276816273-3082912571-1758191642-1001\...\StartupApproved\Run: => "Gyazo"
HKU\S-1-5-21-1276816273-3082912571-1758191642-1001\...\StartupApproved\Run: => "Dxtory Update Checker 2.0"
HKU\S-1-5-21-1276816273-3082912571-1758191642-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1276816273-3082912571-1758191642-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Gyazo"
HKU\S-1-5-21-1276816273-3082912571-1758191642-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Dxtory Update Checker 2.0"
HKU\S-1-5-21-1276816273-3082912571-1758191642-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "CCleaner Monitoring"

==================== FirewallRules (whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [{45C97713-4BE1-4240-8DE9-BDE9DBA23950}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{10A85EDE-E1EE-4057-A935-B8B7CB18AD85}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{ECA1E6B9-686A-4A28-A874-78238E6ED4F0}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{3FA11AE1-4178-4FF9-869B-741AECB21F0F}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{CAC27B30-3AA7-4DA9-9502-BB292358DAC5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{E5EDF574-6F1A-478D-83E5-D8595DE8BDAA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{696725FE-32A3-4702-9530-E7657C7DD370}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{8E34279C-9315-4105-8B0C-187DF441D88C}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{CC6BA7DA-2D15-476B-9E37-A3EB510B413A}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{FFA055D1-F232-4B36-84AD-28DF6A172DB9}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [TCP Query User{27FBC013-E16F-41AC-BCE9-98CBA1CC1A18}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{B685B44C-2581-4FEA-A866-7BFD16568DB1}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{CEED7678-210A-46C4-8B87-0FF1A5F4C095}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{C2F71BC5-BEC9-4632-8581-F707A4EF4094}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{0A0A0257-EC0C-4158-B685-2BC607397D9C}] => (Allow) LPort=25555
FirewallRules: [TCP Query User{C468F5F0-16B5-4F90-8094-ABC3C9AC84F5}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [UDP Query User{F038D1DC-0EC7-4B85-B43F-A3652F486CE4}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [{FBD4ACF4-6B7C-4D9A-9BCC-824A73DD47A0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{0310AD55-87AD-470D-AFF1-28C8F4DFA747}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{FBB55675-27E6-4F65-9255-45FE9AB129B6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia II\pc\mafia2.exe
FirewallRules: [{C2ACDB88-6AB0-4285-BED2-FDD403683395}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mafia II\pc\mafia2.exe
FirewallRules: [TCP Query User{8685D8D6-F3D4-4028-906C-02D23B48EE1D}C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [UDP Query User{AED528FE-465E-45E7-AE9B-221790A1376B}C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [TCP Query User{51B6376E-F73E-4C80-90D4-5CCE5329EEB5}C:\program files (x86)\counter-strike 1.6\hl.exe] => (Allow) C:\program files (x86)\counter-strike 1.6\hl.exe
FirewallRules: [UDP Query User{65A7E5EA-BC32-419B-9B60-24E7B4A176DD}C:\program files (x86)\counter-strike 1.6\hl.exe] => (Allow) C:\program files (x86)\counter-strike 1.6\hl.exe
FirewallRules: [{A28CAE25-002D-47B1-BEDF-9F6A70420DA7}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{DBD2E301-8379-4A66-86DE-2B25AB410A05}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{D3CD0E4B-A045-4A56-9FC4-E6B0C7D099AC}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{A14B052B-FA4B-4DA3-B243-360FCBAE71AF}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{3486DA79-9E0F-4FA1-93CB-B834F8A64314}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DiRT 3 Complete Edition\dirt3_game.exe
FirewallRules: [{85C7CDE8-051B-47AA-985B-80C9AEFAB4E2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DiRT 3 Complete Edition\dirt3_game.exe
FirewallRules: [{3AEDED72-1455-4598-BD44-331850198817}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{3A94F87D-B3F9-44D8-96A4-5BF7F29B95C9}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{85B4FD82-EC74-447B-9977-534310B183DE}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{0F05D5F3-C6BA-44E0-A8B4-31C4A1A93848}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{55A1E755-E578-4159-AC87-276B33339F1F}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{6E0D1D23-9789-4AF3-8CCA-503F66397E69}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{A8FBD773-31B5-4D0C-A141-ADD674A4AB90}] => (Allow) C:\Users\FoGGy\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{B0775D51-C69D-401B-8845-0818FB010032}] => (Allow) C:\Users\FoGGy\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{813DCA5F-4E2F-4DA7-A186-8E0A08F25265}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{22FD34B9-252C-41C4-963B-FD6FDE4EC476}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [TCP Query User{43F354B9-957F-4A17-91AE-7A77D20BF2E0}C:\program files (x86)\origin games\fifa world\fifaworld.exe] => (Allow) C:\program files (x86)\origin games\fifa world\fifaworld.exe
FirewallRules: [UDP Query User{A751CA77-A8BB-4AD7-869D-487A4C150C3B}C:\program files (x86)\origin games\fifa world\fifaworld.exe] => (Allow) C:\program files (x86)\origin games\fifa world\fifaworld.exe
FirewallRules: [{8D266ECF-6C8E-46EB-8EC9-2045FE7014F4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{6391BDD8-F8A2-40F8-8394-A08E104D0421}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{7BB5153D-BA4F-4A58-94B8-478FD20A3FBA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{B8CED1F3-7992-48A2-9E76-271896360858}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [TCP Query User{4A318770-D991-4968-9241-C33B99D82867}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{FBA4467C-6F98-47F0-8553-E62BC84315B3}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{04ECFE3B-3C16-428E-8C36-9250556482D4}C:\users\foggy\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\foggy\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{69BC0B1E-9921-4541-B291-0663B30F9775}C:\users\foggy\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\foggy\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{683AAC2A-9E2C-46E8-B151-214FFE6F7B31}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{99572143-2F36-4CDA-9F7E-09C6FC0BF9BF}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{28AF306A-3DBA-4731-92B0-5A8D2BCBB1C3}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{D0A76E26-4304-4071-94FB-ECBDBE02B8CA}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{C471DB54-9B53-4415-812E-9B61D7CA59B3}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{9025C069-9EBD-483C-B5A2-448F9698B6FD}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{38A8C59E-9EA7-496A-AE9D-C81432EDD229}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{D9DB74AB-2CA4-4384-9E46-6D8FF8AA1A64}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{648581A4-8776-4DF5-93F6-37456EA26343}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Avencast\Avencast.exe
FirewallRules: [{7337FF96-17CD-4CA6-B3A1-54404313A09F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Avencast\Avencast.exe
FirewallRules: [{FFB16ACD-A702-43D1-8609-B9710BEBC67B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Avencast\Options.exe
FirewallRules: [{43236955-6459-48F5-B621-A999A3DDEEEC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Avencast\Options.exe
FirewallRules: [{406A43C2-4632-448F-93C9-09E567D05381}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe
FirewallRules: [{9B20C78B-C08E-49D0-AC9E-04E00289B75F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe
FirewallRules: [{8472CD95-3B98-479C-AADF-32A80986B128}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{58A45811-3021-46A1-B7F5-5A0355EB0E77}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{AA7C8E1F-0123-4478-B0B1-648657630665}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{0D8C84D8-C954-4F36-B660-9D2EA6C5595D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{581821BD-CBAB-4518-9A0E-03A7085C3929}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{06B39934-A0EC-4D82-A448-AD4B6D42DB55}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Hat Man Shadow Ward\The Hat Man.exe
FirewallRules: [{66F0545C-9FAA-44A8-8140-762390D30E2C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Hat Man Shadow Ward\The Hat Man.exe
FirewallRules: [{E85BCB54-8A98-4446-B7EC-86F912CEA40D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pixel Puzzles Japan\Pixel Puzzles - Japan.exe
FirewallRules: [{08706A57-92BA-4E11-A483-6DD16CD6ADC3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pixel Puzzles Japan\Pixel Puzzles - Japan.exe
FirewallRules: [{445516A2-23BA-41B7-9172-C4A8BB74BE07}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deadbreed\Deadbreed.exe
FirewallRules: [{DB41E21C-EA0D-498D-AB72-355E0098A6A9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deadbreed\Deadbreed.exe
FirewallRules: [TCP Query User{751B21F1-E68E-439F-A738-82E8D03F6AB2}C:\sims\racer\racer.exe] => (Allow) C:\sims\racer\racer.exe
FirewallRules: [UDP Query User{6A567E8B-4ECF-46E3-A791-C9EFB9AFF4A7}C:\sims\racer\racer.exe] => (Allow) C:\sims\racer\racer.exe
FirewallRules: [{03CFF878-A1C1-4CE2-A9FC-790DADAC0361}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RADical ROACH\RADical ROACH.exe
FirewallRules: [{D6946FE4-3BC4-4D29-ACB1-4BE7499E4901}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\RADical ROACH\RADical ROACH.exe
FirewallRules: [{5A9F0365-F979-4393-BA83-C2363466AD0A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Robocraft\Robocraft.exe
FirewallRules: [{A8D36623-BAF6-46E1-B506-763003285CF9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Robocraft\Robocraft.exe
FirewallRules: [{4CA579D2-DC58-455C-9AF5-029E000B2E19}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{925C3950-6F55-4B48-9912-8FD0A069661A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{E5836EEA-768C-4C22-8F37-5972974925D4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{2CE3C4BF-83E7-4F93-9AAF-0C77CE6AD0A5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (05/09/2015 06:31:17 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: FOGGY)
Description: Aplikaci Microsoft.BingFinance_8wekyb3d8bbwe!AppexFinance se nepovedlo aktivovat, protože došlo k chybě: -2144927148. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (05/09/2015 05:47:03 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Steam.exe verze 2.70.82.9 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 12f0

Čas spuštění: 01d08a1fd9fb8a44

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files (x86)\Steam\Steam.exe

ID hlášení: a1a1eb14-f662-11e4-827e-bc5ff4012585

Úplný název chybujícího balíčku:

ID aplikace související s chybujícím balíčkem:

Error: (05/09/2015 04:31:17 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: FOGGY)
Description: Aplikaci Microsoft.BingFinance_8wekyb3d8bbwe!AppexFinance se nepovedlo aktivovat, protože došlo k chybě: -2144927148. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (05/09/2015 02:37:02 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0xC004F074
Argument příkazového řádku:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (05/09/2015 02:29:50 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: FOGGY)
Description: Aplikaci Microsoft.BingFinance_8wekyb3d8bbwe!AppexFinance se nepovedlo aktivovat, protože došlo k chybě: -2144927148. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (05/09/2015 02:29:05 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0xC004F074
Argument příkazového řádku:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (05/09/2015 02:28:34 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0xC004F074
Argument příkazového řádku:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (05/09/2015 01:00:34 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0xC004F074
Argument příkazového řádku:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (05/09/2015 00:31:16 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: FOGGY)
Description: Aplikaci Microsoft.BingFinance_8wekyb3d8bbwe!AppexFinance se nepovedlo aktivovat, protože došlo k chybě: -2144927148. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (05/09/2015 00:07:48 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0xC004F074
Argument příkazového řádku:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable

System errors:
=============
Error: (05/09/2015 08:16:47 AM) (Source: NetBT) (EventID: 4307) (User: )
Description: Inicializace se nezdařila, protože přenos odmítl otevřít počáteční adresy.

Error: (05/09/2015 08:16:15 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (23:39:19, ‎8. ‎5. ‎2015) bylo neočekávané.

Error: (05/07/2015 03:13:58 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (05/07/2015 03:13:58 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (05/07/2015 03:13:57 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (05/07/2015 03:13:57 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (05/07/2015 03:13:57 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (05/05/2015 05:02:03 PM) (Source: DCOM) (EventID: 10001) (User: FOGGY)
Description: C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe -Embedding740{B3EDE298-AE75-4A1C-AB7E-1B9229B77BBE}Není k dispoziciNení k dispozici

Error: (05/05/2015 05:00:43 PM) (Source: DCOM) (EventID: 10016) (User: FOGGY)
Description: specifické pro aplikaciMístníSpuštění{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}FoGGyFoGGyS-1-5-21-1276816273-3082912571-1758191642-1001LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici

Error: (05/05/2015 05:00:43 PM) (Source: DCOM) (EventID: 10016) (User: FOGGY)
Description: specifické pro aplikaciMístníSpuštění{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}FoGGyFoGGyS-1-5-21-1276816273-3082912571-1758191642-1001LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici

Microsoft Office Sessions:
=========================
Error: (05/09/2015 06:31:17 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: FOGGY)
Description: Microsoft.BingFinance_8wekyb3d8bbwe!AppexFinance-2144927148

Error: (05/09/2015 05:47:03 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Steam.exe2.70.82.912f001d08a1fd9fb8a444294967295C:\Program Files (x86)\Steam\Steam.exea1a1eb14-f662-11e4-827e-bc5ff4012585

Error: (05/09/2015 04:31:17 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: FOGGY)
Description: Microsoft.BingFinance_8wekyb3d8bbwe!AppexFinance-2144927148

Error: (05/09/2015 02:37:02 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: hr=0xC004F074RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (05/09/2015 02:29:50 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: FOGGY)
Description: Microsoft.BingFinance_8wekyb3d8bbwe!AppexFinance-2144927148

Error: (05/09/2015 02:29:05 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: hr=0xC004F074RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (05/09/2015 02:28:34 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: hr=0xC004F074RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (05/09/2015 01:00:34 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: hr=0xC004F074RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (05/09/2015 00:31:16 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: FOGGY)
Description: Microsoft.BingFinance_8wekyb3d8bbwe!AppexFinance-2144927148

Error: (05/09/2015 00:07:48 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: hr=0xC004F074RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable

==================== Memory info ===========================

Processor: AMD Phenom(tm) II X6 1045T Processor
Percentage of memory in use: 75%
Total physical RAM: 4095.3 MB
Available physical RAM: 1005.71 MB
Total Pagefile: 6662.7 MB
Available Pagefile: 1005.5 MB
Total Virtual: 131072 MB
Available Virtual: 131071.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:181.91 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or

(Size: 465.8 GB) (Disk ID: 25F1671C)
Partition 1: (Active) - (Size=465.7 GB) - (Type=07 NTFS)

==================== End Of Log ============================

FoGgyCz · Příspěvekod **FoGgyCz** » 09 kvě 2015 23:03

Malwarebytes Anti-Malware
http://www.malwarebytes.org

Datum skenování: 9. 5. 2015
Čas skenování: 19:58:22
Protokol: dokončeno.txt
Správce: Ano

Verze: 2.01.6.1022
Databáze malwaru: v2015.04.05.02
Databáze rootkitů: v2015.04.21.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: FoGGy

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 562108
Uplynulý čas: 3 hod, 1 min, 55 sek

Paměť: Vypnuto
Po spuštění: Vypnuto
Souborový systém: Zapnuto
Archivy: Vypnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 0
(Nenalezeny žádné škodlivé položky)

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)

(end)

Příspěvekod **jerabina** » 09 kvě 2015 23:10

Dávej si pozor na ty různé hry z torrentů, většinou mají přibalený dáreček :lol:

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
klikni na „Prohledat-Scan“, po prohledání klikni na „ Vymazat-Clean“

Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.

===================================================

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CloseProcesses:

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-03-30] (LogMeIn Inc.)
HKU\S-1-5-21-1276816273-3082912571-1758191642-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2889408 2015-04-14] (Valve Corporation)
HKU\S-1-5-21-1276816273-3082912571-1758191642-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [3095840 2014-10-27] (Nota Inc.)
HKU\S-1-5-21-1276816273-3082912571-1758191642-1001\...\Run: [Dxtory Update Checker 2.0] => C:\Program Files (x86)\Dxtory Software\Dxtory2.0\UpdateChecker.exe [93696 2010-10-17] (Dxtory Software)
HKU\S-1-5-21-1276816273-3082912571-1758191642-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7416088 2015-02-19] (Piriform Ltd)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-17] (Google Inc.)

S3 WinRing0_1_2_0; \??\C:\Users\FoGGy\AppData\Local\Temp\tmpB35.tmp [X]
S3 GPU-Z; \??\C:\Users\FoGGy\AppData\Local\Temp\GPU-Z.sys [X]

C:\Users\FoGGy\AppData\Local\Temp\tmpB35.tmp
C:\Users\FoGGy\AppData\Local\Temp\GPU-Z.sys

C:\Windows\Tasks\*.job
Task: {1C1C76E1-1B44-4D65-A146-82E73D0CA873} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2014-07-04] ()
Task: {54741182-39E2-431E-8FC6-2C686365026E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-17] (Google Inc.)
Task: {A99A611C-CC36-4A8F-8DC1-C7C08E32094A} - \AutoKMS No Task File <==== ATTENTION
Task: {CE73C19E-45E9-43CD-88E3-38CD488CBEAA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-17] (Google Inc.)
Task: {F6ECFE31-C061-40BA-B9A1-AB14AFB4677B} - System32\Tasks\PCMeter\Startup => C:\Users\FoGGy\AppData\Local\Temp\Rar$EXa0.517\PCMeterV4\PCMeterV0.4.exe <==== ATTENTION

CMD: bitsadmin /reset /allusers

EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt

Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

===================================================

Stáhni si Junkware Removal Tool by Thisisu

na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

===================================================

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

FoGgyCz · Příspěvekod **FoGgyCz** » 09 kvě 2015 23:43

# AdwCleaner v4.203 - Log vytvořen 09/05/2015 v 23:15:32
# Aktualizováno 30/04/2015 by Xplode
# Databáze : 2015-05-09.1 [Server]
# Operační system : Windows 8.1 Pro (x64)
# Uživatelské jméno : FoGGy - FOGGY
# Spuštěno z : C:\Users\FoGGy\Downloads\adwcleaner_4.203.exe
# Nastavení : Čištění

***** [ Služby ] *****

***** [ Soubory / Složky ] *****

Složka Smazáno : C:\Users\FoGGy\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
[/!\] Ne Smazáno ( Junction ) : C:\Users\FoGGy\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck

***** [ Naplánované úlohy ] *****

***** [ Zástupci ] *****

***** [ Registry ] *****

Klíč Smazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Klíč Smazáno : HKCU\Software\eSupport.com
Klíč Smazáno : HKCU\Software\Headlight

***** [ Prohlížeče ] *****

-\\ Internet Explorer v11.0.9600.17416

-\\ Google Chrome v42.0.2311.135

[C:\Users\FoGGy\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Extension] : eofcbnmajmjmplflapaojjnihcjkigck
[C:\Users\FoGGy\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Extension] : eofcbnmajmjmplflapaojjnihcjkigck

*************************

AdwCleaner[R0].txt - [298 bytů] - [07/05/2015 14:57:16]
AdwCleaner[R1].txt - [298 bytů] - [07/05/2015 14:58:59]
AdwCleaner[R2].txt - [1865 bytů] - [07/05/2015 14:59:26]
AdwCleaner[R3].txt - [1923 bytů] - [07/05/2015 15:01:18]
AdwCleaner[R4].txt - [1860 bytů] - [09/05/2015 23:13:43]
AdwCleaner[S0].txt - [1607 bytů] - [09/05/2015 23:15:32]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1665 bytů] ##########

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 09-05-2015
Ran by FoGGy at 2015-05-09 23:24:47 Run:1
Running from C:\Users\FoGGy\Desktop
Loaded Profiles: FoGGy (Available profiles: FoGGy)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-03-30] (LogMeIn Inc.)
HKU\S-1-5-21-1276816273-3082912571-1758191642-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2889408 2015-04-14] (Valve Corporation)
HKU\S-1-5-21-1276816273-3082912571-1758191642-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [3095840 2014-10-27] (Nota Inc.)
HKU\S-1-5-21-1276816273-3082912571-1758191642-1001\...\Run: [Dxtory Update Checker 2.0] => C:\Program Files (x86)\Dxtory Software\Dxtory2.0\UpdateChecker.exe [93696 2010-10-17] (Dxtory Software)
HKU\S-1-5-21-1276816273-3082912571-1758191642-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7416088 2015-02-19] (Piriform Ltd)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-17] (Google Inc.)

S3 WinRing0_1_2_0; \??\C:\Users\FoGGy\AppData\Local\Temp\tmpB35.tmp [X]
S3 GPU-Z; \??\C:\Users\FoGGy\AppData\Local\Temp\GPU-Z.sys [X]

C:\Users\FoGGy\AppData\Local\Temp\tmpB35.tmp
C:\Users\FoGGy\AppData\Local\Temp\GPU-Z.sys

C:\Windows\Tasks\*.job
Task: {1C1C76E1-1B44-4D65-A146-82E73D0CA873} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2014-07-04] ()
Task: {54741182-39E2-431E-8FC6-2C686365026E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-17] (Google Inc.)
Task: {A99A611C-CC36-4A8F-8DC1-C7C08E32094A} - \AutoKMS No Task File <==== ATTENTION
Task: {CE73C19E-45E9-43CD-88E3-38CD488CBEAA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-17] (Google Inc.)
Task: {F6ECFE31-C061-40BA-B9A1-AB14AFB4677B} - System32\Tasks\PCMeter\Startup => C:\Users\FoGGy\AppData\Local\Temp\Rar$EXa0.517\PCMeterV4\PCMeterV0.4.exe <==== ATTENTION

CMD: bitsadmin /reset /allusers

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\LogMeIn Hamachi Ui => value deleted successfully.
HKU\S-1-5-21-1276816273-3082912571-1758191642-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Steam => value deleted successfully.
HKU\S-1-5-21-1276816273-3082912571-1758191642-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Gyazo => value deleted successfully.
HKU\S-1-5-21-1276816273-3082912571-1758191642-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Dxtory Update Checker 2.0 => value deleted successfully.
HKU\S-1-5-21-1276816273-3082912571-1758191642-1001\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => value deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3" => Key deleted successfully.
C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll => Moved successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9" => Key deleted successfully.
C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll not found.
WinRing0_1_2_0 => Service deleted successfully.
GPU-Z => Service deleted successfully.
"C:\Users\FoGGy\AppData\Local\Temp\tmpB35.tmp" => File/Directory not found.
"C:\Users\FoGGy\AppData\Local\Temp\GPU-Z.sys" => File/Directory not found.
C:\Windows\Tasks\*.job => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1C1C76E1-1B44-4D65-A146-82E73D0CA873}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1C1C76E1-1B44-4D65-A146-82E73D0CA873}" => Key deleted successfully.
C:\Windows\System32\Tasks\GyazoUpdateTaskMachine => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GyazoUpdateTaskMachine" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{54741182-39E2-431E-8FC6-2C686365026E}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{54741182-39E2-431E-8FC6-2C686365026E}" => Key deleted successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{A99A611C-CC36-4A8F-8DC1-C7C08E32094A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A99A611C-CC36-4A8F-8DC1-C7C08E32094A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{CE73C19E-45E9-43CD-88E3-38CD488CBEAA}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CE73C19E-45E9-43CD-88E3-38CD488CBEAA}" => Key deleted successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F6ECFE31-C061-40BA-B9A1-AB14AFB4677B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F6ECFE31-C061-40BA-B9A1-AB14AFB4677B}" => Key deleted successfully.
C:\Windows\System32\Tasks\PCMeter\Startup => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PCMeter\Startup" => Key deleted successfully.

========= bitsadmin /reset /allusers =========

BITSADMIN version 3.0 [ 7.7.9600 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

{8516EB26-7EE9-4363-AEF0-71E59A0AE646} canceled.
{C0BB1371-8CED-48A6-BE11-8015FB8EDE2B} canceled.
2 out of 2 jobs canceled.

========= End of CMD: =========

EmptyTemp: => Removed 566.3 MB temporary data.

The system needed a reboot.

==== End of Fixlog 23:25:07 ====

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.7.0 (05.09.2015:1)
OS: Windows 8.1 Pro x64
Ran by FoGGy on so 09. 05. 2015 at 23:30:25,26
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Tasks

Successfully deleted: [Task] C:\Windows\system32\tasks\Optimize Start Menu Cache Files-S-1-5-21-1276816273-3082912571-1758191642-1001

~~~ Registry Values

~~~ Registry Keys

~~~ Files

Successfully deleted: [File] C:\Windows\prefetch\SPEEDFAN.EXE-B8689DB0.pf

~~~ Folders

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on so 09. 05. 2015 at 23:33:27,37
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

RogueKiller V10.6.2.0 (x64) [May 4 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 8.1 (6.3.9200 ) 64 bits version
Spuštěno : Normální režim
Uživatel : FoGGy [Práva správce]
Started from : C:\Users\FoGGy\Downloads\RogueKillerX64.exe
Mód : Prohledat -- Datum : 05/09/2015 23:42:08

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 9 ¤¤¤
[Suspicious.Path] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce | VCRedist : "C:\Users\FoGGy\AppData\Local\Microsoft\Redist\VCRedist.exe" [-] -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{411808BF-9AD0-41E7-9395-93E9976DBEF7} | DhcpNameServer : 10.0.0.138 10.0.0.138 [(Private Address) (XX)][(Private Address) (XX)] -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{4673624E-3227-4D6C-B6E1-620DFCCBF66F} | DhcpNameServer : 10.0.0.138 10.0.0.138 [(Private Address) (XX)][(Private Address) (XX)] -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{411808BF-9AD0-41E7-9395-93E9976DBEF7} | DhcpNameServer : 10.0.0.138 10.0.0.138 [(Private Address) (XX)][(Private Address) (XX)] -> Nalezeno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{4673624E-3227-4D6C-B6E1-620DFCCBF66F} | DhcpNameServer : 10.0.0.138 10.0.0.138 [(Private Address) (XX)][(Private Address) (XX)] -> Nalezeno
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nalezeno
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nalezeno
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nalezeno
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nalezeno

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 1 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD50 00AAKX-001CA SCSI Disk Device +++++
--- User ---
[MBR] 11643060087f96e675cfdf2dc5ecb535
[BSP] 6c0c92f2dc44d110f55a4f0b935895d5 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 476838 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
Error reading LL2 MBR! ([1] Nesprávná funkce. )

Příspěvekod **jerabina** » 09 kvě 2015 23:49

Proveď prosím AdwCleaner ještě jednou, můžeš rovnou Sken a následně Clean, poté sem prosím vlož log.

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB (kromě myši s klávesnice) nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Pak klikni na "Prohledat " ,po jeho skončení:
- V záložkách (Registry , Tasks , Web Browser apod.) vše zatrhni (dej zatržítka)
(musíš dát myší zatržítko do toho čtverečku vlevo od registru ap.)
- Klikni na "Smazat"
- Počkej, dokud Status box nezobrazí " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Vypni antivir
Stáhni
Zoek.exe

a uloz si ho na plochu.
Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
- pozor , náběh programu může trvat déle.

Do okna programu vlož skript níže:

Kód: Vybrat vše

autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;

klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .

Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log
Zkopíruj sem celý obsah toho logu.

Vlož nový log z HJT + informuj o problémech.

FoGgyCz · Příspěvekod **FoGgyCz** » 10 kvě 2015 00:34

# AdwCleaner v4.203 - Log vytvořen 09/05/2015 v 23:51:36
# Aktualizováno 30/04/2015 by Xplode
# Databáze : 2015-05-09.1 [Server]
# Operační system : Windows 8.1 Pro (x64)
# Uživatelské jméno : FoGGy - FOGGY
# Spuštěno z : C:\Users\FoGGy\Desktop\adwcleaner_4.203.exe
# Nastavení : Čištění

***** [ Služby ] *****

***** [ Soubory / Složky ] *****

***** [ Naplánované úlohy ] *****

***** [ Zástupci ] *****

***** [ Registry ] *****

***** [ Prohlížeče ] *****

-\\ Internet Explorer v11.0.9600.17416

-\\ Google Chrome v42.0.2311.135

*************************

AdwCleaner[R0].txt - [298 bytů] - [07/05/2015 14:57:16]
AdwCleaner[R1].txt - [298 bytů] - [07/05/2015 14:58:59]
AdwCleaner[R2].txt - [1865 bytů] - [07/05/2015 14:59:26]
AdwCleaner[R3].txt - [1923 bytů] - [07/05/2015 15:01:18]
AdwCleaner[R4].txt - [1860 bytů] - [09/05/2015 23:13:43]
AdwCleaner[R5].txt - [1083 bytů] - [09/05/2015 23:50:30]
AdwCleaner[S0].txt - [1744 bytů] - [09/05/2015 23:15:32]
AdwCleaner[S1].txt - [1009 bytů] - [09/05/2015 23:51:36]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1067 bytů] ##########

RogueKiller V10.6.2.0 (x64) [May 4 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 8.1 (6.3.9200 ) 64 bits version
Spuštěno : Normální režim
Uživatel : FoGGy [Práva správce]
Started from : C:\Users\FoGGy\Downloads\RogueKillerX64.exe
Mód : Prohledat -- Datum : 05/10/2015 00:13:51

¤¤¤ Procesy : 1 ¤¤¤
[VT.Packed.Win32.Zcrypt.3!O] zoek (1).exe(4400) -- C:\Users\FoGGy\Downloads\zoek (1).exe[-]VT(7) -> Zastaveno [TermProc]

¤¤¤ Registry : 0 ¤¤¤

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD50 00AAKX-001CA SCSI Disk Device +++++
--- User ---
[MBR] 11643060087f96e675cfdf2dc5ecb535
[BSP] 6c0c92f2dc44d110f55a4f0b935895d5 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 476838 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
Error reading LL2 MBR! ([1] Nesprávná funkce. )

============================================
RKreport_SCN_05092015_234208.log - RKreport_SCN_05102015_000322.log - RKreport_DEL_05102015_000442.log - RKreport_DEL_05102015_000522.log

Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by FoGGy on ne 10. 05. 2015 at 0:06:11,95.
Microsoft Windows 8.1 Pro 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\FoGGy\Downloads\zoek (1).exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2015-05-07-131741.log 6560 bytes

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== Deleting Files \ Folders ======================

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [05. 04. 2015 23:22]

==== Chromium Look ======================

Google Chrome Version: 42.0.2311.135

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[05. 04. 2015 23:20]

Bookmark Manager - FoGGy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik
Avast Online Security - FoGGy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

==== Reset Google Chrome ======================

C:\Users\FoGGy\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\FoGGy\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\FoGGy\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\FoGGy\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\FoGGy\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\FoGGy\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\FoGGy\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=44 folders=48 42912730 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\FoGGy\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\FoGGy\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on ne 10. 05. 2015 at 0:29:00,98 ======================

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:33:48, on 10. 5. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17416)

Boot mode: Normal

Running processes:
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\FoGGy\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O4 - HKLM\..\Run: [Raptr] C:\PROGRA~2\Raptr\raptrstub.exe --startup
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Windows\system32\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8723 bytes

Příspěvekod **jerabina** » 10 kvě 2015 08:07

Tak ještě dočistíme :-)

Zavři ostatní programy/prohlížeče, odpoj se od internetu a v HJT fixni:
NÁVOD

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe

Stáhni si zde DelFix
https://toolslib.net/downloads/viewdownload/2-delfix/

ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore) .
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci.

Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem. Jinak je zpráva zde:
v C: \ DelFix.txt

Co problémy?

FoGgyCz · Příspěvekod **FoGgyCz** » 10 kvě 2015 11:11

# DelFix v1.010 - Logfile created 10/05/2015 at 11:09:24
# Updated 26/04/2015 by Xplode
# Username : FoGGy - FOGGY
# Operating System : Windows 8.1 Pro (64 bits)

~ Removing disinfection tools ...

Deleted : C:\FRST
Deleted : C:\zoek_backup
Deleted : C:\AdwCleaner
Deleted : C:\RegBackup
Deleted : C:\Users\FoGGy\Downloads\FRST-OlderVersion
Deleted : C:\zoek-results.log
Deleted : C:\zoek-results2015-05-07-131741.log
Deleted : C:\Users\FoGGy\Desktop\AdwCleaner[R3].txt
Deleted : C:\Users\FoGGy\Desktop\AdwCleaner[S0].txt
Deleted : C:\Users\FoGGy\Desktop\AdwCleaner[S1].txt
Deleted : C:\Users\FoGGy\Desktop\adwcleaner_4.203.exe
Deleted : C:\Users\FoGGy\Desktop\Fixlog.txt
Deleted : C:\Users\FoGGy\Desktop\FRST64.exe
Deleted : C:\Users\FoGGy\Desktop\JRT.txt
Deleted : C:\Users\FoGGy\Desktop\RKreport_SCN_05102015_001351.log
Deleted : C:\Users\FoGGy\Desktop\zoek-results.txt
Deleted : C:\Users\FoGGy\Downloads\Addition.txt
Deleted : C:\Users\FoGGy\Downloads\FRST.txt
Deleted : C:\Users\FoGGy\Downloads\JRT.exe
Deleted : C:\Users\FoGGy\Downloads\HijackThis.exe
Deleted : C:\Users\FoGGy\Downloads\hijackthis.log
Deleted : C:\Users\FoGGy\Downloads\RogueKillerX64.exe
Deleted : C:\Users\FoGGy\Downloads\zoek (1).exe
Deleted : C:\Users\FoGGy\Downloads\zoek.exe
Deleted : HKLM\SOFTWARE\AdwCleaner

~ Cleaning system restore ...

Deleted : RP #17 [Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 | 04/22/2015 20:17:16]
Deleted : RP #18 [Nainstalováno rozhraní DirectX | 04/25/2015 14:08:27]
Deleted : RP #19 [Nainstalováno: Microsoft Visual C++ 2005 Redistributable | 05/02/2015 15:25:17]
Deleted : RP #20 [Installed ASUS GPU Tweak | 05/05/2015 14:46:54]
Deleted : RP #21 [zoek.exe restore point | 05/07/2015 13:02:40]

New restore point created !

########## - EOF - ##########

Počítač už běží lépe. Jen když zapnu CS:GO tak steam na chvíli zamrzne. Tak 1-2s. Ale jinak zatím běží vše jak má.

EDIT : Počítač mi hodil BSOD. Nevím jestli to má s tím něco společného. Teď se mi stává, že musím čekat např. 10s než naběhne CDI nebo jiné programy.

Přidávám i log z CDI

----------------------------------------------------------------------------
CrystalDiskInfo 6.3.0 (C) 2008-2015 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 8.1 Pro [6.3 Build 9600] (x64)
Date : 2015/05/10 11:29:50

-- Controller Map ----------------------------------------------------------
- ATA Channel 0 (0) [ATA]
- ATA Channel 1 (1) [ATA]
+ PCI Standardní dvoukanálový řadič IDE [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
- Řadič prostorů úložišť [SCSI]
+ Řadič NVIDIA nForce s rozhraním Serial ATA [SCSI]
- WDC WD50 00AAKX-001CA SCSI Disk Device
- Řadič NVIDIA nForce s rozhraním Serial ATA [SCSI]

-- Disk List ---------------------------------------------------------------
(1) WDC WD5000AAKX-001CA0 : 500,1 GB [0/0/0, pd1] - wd

----------------------------------------------------------------------------
(1) WDC WD5000AAKX-001CA0
----------------------------------------------------------------------------
Model : WDC WD5000AAKX-001CA0
Firmware : 15.01H15
Serial Number : WD-WMAYU6616183
Disk Size : 500,1 GB (8,4/137,4/500,1/500,1)
Buffer Size : 16384 KB
Queue Depth : 32
# of Sectors : 976773168
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/300 | SATA/600
Power On Hours : 1830 hod.
Power On Count : 346 krát
Temperature : 32 C (89 F)
Health Status : Dobrý
Features : S.M.A.R.T., 48bit LBA, NCQ
APM Level : ----
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 142 141 _21 000000000F33 Čas na roztočení ploten
04 100 100 __0 00000000016E Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 200 200 __0 000000000000 Počet chybných hledání
09 _98 _98 __0 000000000726 Hodin v činnosti
0A 100 100 __0 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C 100 100 __0 00000000015A Počet cyklů zapnutí zařízení
C0 200 200 __0 000000000044 Počet vypnutí disku
C1 200 200 __0 000000000129 Počet cyklů načítání/vymazání
C2 111 _90 __0 000000000020 Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 200 200 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 200 200 __0 000000000000 Počet chyb při zápisu sektorů

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 574D 4159 5536 3631 3631 3833
020: 0000 8000 0032 3135 2E30 3148 3135 5744 4320 5744
030: 3530 3030 4141 4B58 2D30 3031 4341 3020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 170E 0004 0044 0040
080: 01FE 0000 746B 7D61 4123 7468 BC41 4123 407F 002B
090: 002B 0000 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 6030 3A38 0000 0000 0000 0000 0000 0000 5001 4EE0
110: AD9B 833D 0000 0000 0000 0000 0000 0000 0000 4018
120: 4018 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 16FE 0125 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 3037 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 103E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 BCA5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 C8 C8 00 00 00 00 00 00 00 03 27
010: 00 8E 8D 33 0F 00 00 00 00 00 04 32 00 64 64 6E
020: 01 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 2E 00 C8 C8 00 00 00 00 00 00 00 09 32
040: 00 62 62 26 07 00 00 00 00 00 0A 32 00 64 64 00
050: 00 00 00 00 00 00 0B 32 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 64 64 5A 01 00 00 00 00 00 C0 32
070: 00 C8 C8 44 00 00 00 00 00 00 C1 32 00 C8 C8 29
080: 01 00 00 00 00 00 C2 22 00 6F 5A 20 00 00 00 00
090: 00 00 C4 32 00 C8 C8 00 00 00 00 00 00 00 C5 32
0A0: 00 C8 C8 00 00 00 00 00 00 00 C6 30 00 C8 C8 00
0B0: 00 00 00 00 00 00 C7 32 00 C8 C8 00 00 00 00 00
0C0: 00 00 C8 08 00 C8 C8 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 84 00 0C 21 01 7B
170: 03 00 01 00 02 56 05 00 00 00 00 00 00 00 00 00
180: 00 00 01 02 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 CC

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 00 00 00 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 00 C8 C8 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 00 00 00 00 00
050: 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 C0 00
070: 00 00 00 00 00 00 00 00 00 00 C1 00 00 00 00 00
080: 00 00 00 00 00 00 C2 00 00 00 00 00 00 00 00 00
090: 00 00 C4 00 00 00 00 00 00 00 00 00 00 00 C5 00
0A0: 00 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00
0B0: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
0C0: 00 00 C8 00 C8 C8 00 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0D

Příspěvekod **jerabina** » 10 kvě 2015 15:27

Disk vypadá dobře.

S tím BSOD zajdi do sekce BSOD zde na fóru.

Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit Farbar Recovery Scan Tool (FRST)
32bit.:
http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
64bit.:
http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
a ulož jej na plochu. ,pak spusť FRST jako správce
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

Prosím o kontrolu - Podezdření viru, pomalé PC

Prosím o kontrolu - Podezdření viru, pomalé PC

Re: Prosím o kontrolu - Podezdření viru, pomalé PC

Re: Prosím o kontrolu - Podezdření viru, pomalé PC

Re: Prosím o kontrolu - Podezdření viru, pomalé PC

Re: Prosím o kontrolu - Podezdření viru, pomalé PC

Re: Prosím o kontrolu - Podezdření viru, pomalé PC

Re: Prosím o kontrolu - Podezdření viru, pomalé PC

Re: Prosím o kontrolu - Podezdření viru, pomalé PC

Re: Prosím o kontrolu - Podezdření viru, pomalé PC

Re: Prosím o kontrolu - Podezdření viru, pomalé PC

Re: Prosím o kontrolu - Podezdření viru, pomalé PC

Re: Prosím o kontrolu - Podezdření viru, pomalé PC

Kdo je online