Windows 8 x64 - explorer.exe - High CPU usage - kontrola logu

_Alex_ · Příspěvekod **_Alex_** » 09 zář 2015 17:18

Dobrý den mám Windows 8 64-bit, můj problém se týká vysokého využití procesoru u explorer.exe (průzkumník windows) které se pohybuje kolem 40-60% i při nulové aktivitě uživatele. Zakládal jsem již jedno téma zde na fóru ( viewtopic.php?f=46&t=160783 ) ,kde mi bylo doporučeno směřovat svůj dotaz do této sekce.... zde přikládám log a prosím o kontrolu.
Děkuji, _Alex_

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:13:06, on 9. 9. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.17377)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Opera\31.0.1889.174\opera_autoupdate.exe
C:\Users\Alex\Desktop\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe
O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
O4 - HKLM\..\Run: [RIM PeerManager] "C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe"
O4 - HKCU\..\Run: [Steam] "X:\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Alex\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - Startup: HDDlife.lnk = C:\Program Files (x86)\BinarySense\HDDlife 4\HDDlifePro.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: BlackBerry Device Manager - BlackBerry Limited - C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: RIM MDNS - Apple Inc. - C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe
O23 - Service: BlackBerry Link Communication Manager (RIM Tunnel Service) - Research In Motion Limited - C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9106 bytes

Reklama

Příspěvekod **jerabina** » 09 zář 2015 17:37

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.

===================================================

Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

===================================================

Stáhni AdwCleaner (by Xplode)

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

===================================================

Stáhni si Malwarebytes' Anti-Malware
- Při instalaci odeber zatržítko u „Povolit bezplatnou zkušební verzi Malwarebytes' Anti-Malware Premium“
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a klikni na Skenovat nyní a
- po proběhnutí programu se ti objeví hláška vpravo dole tak klikni na Kopírovat do schránky a a vlož sem celý log.

- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).

Pokud budou problémy , spusť v nouz. režimu.

_Alex_ · Příspěvekod **_Alex_** » 11 zář 2015 18:16

Adw Cleaner

# AdwCleaner v5.007 - Logfile created 11/09/2015 at 17:59:36
# Updated 08/09/2015 by Xplode
# Database : 2015-09-10.1 [Server]
# Operating system : Windows 8 Pro (x64)
# Username : Alex - SHADOW
# Running from : C:\Users\Alex\Desktop\AdwCleaner.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

***** [ Folders ] *****

[-] Folder Deleted : C:\ProgramData\TweakBit
[-] Folder Deleted : C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[-] Folder Deleted : C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[-] Folder Deleted : C:\Windows\Sysnative\Tasks\TweakBit

***** [ Files ] *****

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

[-] Task Deleted : BrowserProtect

***** [ Registry ] *****

***** [ Web browsers ] *****

*************************

:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [885 bytes] ##########

Malwarebytes' Anti-Malware

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 11. 9. 2015
Čas skenování: 18:02
Protokol:
Správce: Ano

Verze: 2.1.8.1057
Databáze malwaru: v2015.09.11.05
Databáze rootkitů: v2015.08.16.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto

OS: Windows 8
CPU: x64
Souborový systém: NTFS
Uživatel: Alex

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 366173
Uplynulý čas: 9 min, 8 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 0
(Nenalezeny žádné škodlivé položky)

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)

(end)

Příspěvekod **jerabina** » 11 zář 2015 23:53

Stáhni si Junkware Removal Tool by Thisisu

na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

_Alex_ · Příspěvekod **_Alex_** » 12 zář 2015 19:02

JRT

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.1 (09.08.2015:1)
OS: Windows 8 Pro x64
Ran by Alex on so 12. 09. 2015 at 18:43:17,48
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Tasks

~~~ Registry Values

~~~ Registry Keys

~~~ Files

~~~ Folders

~~~ FireFox

Emptied folder: C:\Users\Alex\AppData\Roaming\mozilla\firefox\profiles\pkwim54r.default\minidumps [2 files]

~~~ Chrome

[C:\Users\Alex\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\Alex\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\Alex\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\Alex\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on so 12. 09. 2015 at 18:46:06,11
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

RogueKiller

RogueKiller V10.10.4.0 (x64) [Sep 4 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/software/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 8 (6.2.9200) 64 bits version
Spuštěno : Normální režim
Uživatel : Alex [Práva správce]
Started from : C:\Users\Alex\Desktop\RogueKillerX64.exe
Mód : Prohledat -- Datum : 09/12/2015 18:58:36

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 2 ¤¤¤
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Nalezeno
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Nalezeno

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: ST3000DM001-9YN166 ATA Device +++++
--- User ---
[MBR] de0ecef50e04cf07d1e7e5ddb4e64d22
[BSP] 14f8ecb27787c735fd93ad04e5de4268 : Empty|VT.Unknown MBR Code
Partition table:
0 - Microsoft reserved partition | Offset (sectors): 34 | Size: 128 MB
1 - Basic data partition | Offset (sectors): 264192 | Size: 2861459 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: ST31000528AS ATA Device +++++
--- User ---
[MBR] 0abb1221a1b305fa8f5fb1aa8577cc13
[BSP] a16df67371d0cd6f1c841c52766bcbdc : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 953867 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive2: INTEL SSDSC2CW120A3 ATA Device +++++
--- User ---
[MBR] ca7c10543b5ea6e0482c3144ab5627a5
[BSP] f0cdb237a5b9ea4dc25701723002c0cc : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 114471 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive3: Generic USB SD Reader USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )

+++++ PhysicalDrive4: Generic USB CF Reader USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )

+++++ PhysicalDrive5: Generic USB SM Reader USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )

+++++ PhysicalDrive6: Generic USB MS Reader USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )

Příspěvekod **Orcus** » 12 zář 2015 23:06

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.
Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "
- V záložkách (Registry , Tasks , Web Browser apod.) vše zatrhni (dej zatržítka).
- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje " Mazání dokončeno "
- Klikni na "Zpráva" a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

====================================================

Stáhni
Zoek.exe

a ulož si ho na plochu.
Zavři všechny ostatní programy, okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
- pozor, náběh programu může trvat déle.

Do okna programu vlož skript níže:

Kód: Vybrat vše

autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;

Klikni na Run Script
Program provede sken, opravu, sken i oprava může trvat i více minut, je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .

Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů, jinak se sám ukládá do:
C:\zoek-results.log
Zkopíruj sem celý obsah toho logu.

====================================================

Co problémy? + nový log z HJT

_Alex_ · Příspěvekod **_Alex_** » 13 zář 2015 13:03

RougeKiller

RogueKiller V10.10.4.0 (x64) [Sep 4 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/software/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 8 (6.2.9200) 64 bits version
Spuštěno : Normální režim
Uživatel : Alex [Práva správce]
Started from : C:\Users\Alex\Desktop\RogueKillerX64.exe
Mód : Prohledat -- Datum : 09/13/2015 12:33:07

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 0 ¤¤¤

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: INTEL SSDSC2CW120A3 ATA Device +++++
--- User ---
[MBR] ca7c10543b5ea6e0482c3144ab5627a5
[BSP] f0cdb237a5b9ea4dc25701723002c0cc : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 114471 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: ST3000DM001-9YN166 ATA Device +++++
--- User ---
[MBR] de0ecef50e04cf07d1e7e5ddb4e64d22
[BSP] 14f8ecb27787c735fd93ad04e5de4268 : Empty|VT.Unknown MBR Code
Partition table:
0 - Microsoft reserved partition | Offset (sectors): 34 | Size: 128 MB
1 - Basic data partition | Offset (sectors): 264192 | Size: 2861459 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive2: ST31000528AS ATA Device +++++
--- User ---
[MBR] 0abb1221a1b305fa8f5fb1aa8577cc13
[BSP] a16df67371d0cd6f1c841c52766bcbdc : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 953867 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive3: Generic USB SD Reader USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )

+++++ PhysicalDrive4: Generic USB CF Reader USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )

+++++ PhysicalDrive5: Generic USB SM Reader USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )

+++++ PhysicalDrive6: Generic USB MS Reader USB Device +++++
Error reading User MBR! ([15] Za?ízení není p?ipraveno. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Po?adavek není podporován. )

Zoek

Zoek.exe v5.0.0.0 Updated 08-September-2015
Tool run by Alex on ne 13. 09. 2015 at 12:35:37,22.
Microsoft Windows 8 Pro 6.2.9200 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Alex\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

13. 9. 2015 12:36:02 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\AGEIA Technologies deleted successfully
C:\PROGRA~2\COMMON~1\PDF Architect deleted successfully
C:\PROGRA~3\ALM deleted successfully
C:\PROGRA~3\goodasnew deleted successfully
C:\Users\Alex\AppData\Roaming\XCPCSync.OEM deleted successfully
C:\Users\Alex\AppData\Local\Doctor Entertainment AB deleted successfully
C:\Users\Alex\AppData\Local\PACE Anti-Piracy deleted successfully
C:\Users\Alex\AppData\Local\Solid State Networks deleted successfully
C:\Users\Alex\AppData\Local\YNKdzgjKF2g deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3015261777-2400075649-929973636-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5C0D11B8-C5F6-4be3-AD2C-2B1A3EB94AB6} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== FireFox Fix ======================

Deleted from C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\pkwim54r.default\prefs.js:

Added to C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\pkwim54r.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Deleted from C:\Users\Alex\AppData\Roaming\Thunderbird\Profiles\uznazb9i.default\prefs.js:

Added to C:\Users\Alex\AppData\Roaming\Thunderbird\Profiles\uznazb9i.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Deleting Files \ Folders ======================

C:\PROGRA~2\AGEIA Technologies not found
C:\PROGRA~2\Red Giant deleted
C:\Users\Alex\AppData\Roaming\Rim.Desktop.Exception.log deleted
C:\Users\Alex\AppData\Roaming\Rim.Desktop.HttpServerSetup.log deleted
C:\Users\Alex\AppData\Roaming\Rim.DesktopHelper.Exception.log deleted
C:\PROGRA~3\Package Cache deleted
C:\Windows\SysWow64\searchplugins deleted
C:\Windows\SysWow64\Extensions deleted
"C:\Users\Alex\AppData\Roaming\Tunngle\Local.key" deleted
"C:\Users\Alex\AppData\Roaming\Tunngle\Local.pub" deleted
"C:\Users\Alex\AppData\Roaming\Tunngle" deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\pkwim54r.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\Alex\AppData\Roaming\Thunderbird\Profiles\uznazb9i.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions ======================

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\pkwim54r.default
EC55112EDB2CE5BC2BFCACDB9C2150F4 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll - Shockwave Flash

==== Chromium Look ======================

APK Downloader - Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgihflhdpokeobcfimliamffejfnmfii
BB10 / PlayBook App Manager - Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmbaalodpmjjhpobkgljnelbpblnikkp
APK Downloader - Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\lnbkiaddgodnooflghhbdpbdheanmpjp
AdBlock - Alex\AppData\Roaming\Opera Software\Opera Stable\Extensions\aobdicepooefnbaeokijohmhjlleamfj
Twitter Notifications - Alex\AppData\Roaming\Opera Software\Opera Stable\Extensions\kkgebkpedfmelmhohaphicmmoahkplgp
APK Downloader - Alex\AppData\Roaming\Opera Software\Opera Stable\Extensions\lnbkiaddgodnooflghhbdpbdheanmpjp

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR"

==== Reset Google Chrome ======================

C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Alex\AppData\Roaming\Opera Software\Opera Stable\Preferences was reset successfully
C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Alex\AppData\Roaming\Opera Software\Opera Stable\Web Data was reset successfully
C:\Users\Alex\AppData\Roaming\Opera Software\Opera Stable\Web Data-journal was reset successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Alex\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Alex\AppData\Local\Mozilla\Firefox\Profiles\pkwim54r.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Alex\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=30 folders=28 23190263 bytes)

==== Empty Temp Folders ======================

C:\Users\Alex\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Alex\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on ne 13. 09. 2015 at 12:54:31,18 ======================

Vzhledem k tomu, že problém stále přetrvává přikládám nový log z hijackthis!

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:58:07, on 13. 9. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.17377)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\Alex\Desktop\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ::1 localhost
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe
O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
O4 - HKLM\..\Run: [RIM PeerManager] "C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe"
O4 - HKCU\..\Run: [Steam] "X:\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Alex\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - Startup: HDDlife.lnk = C:\Program Files (x86)\BinarySense\HDDlife 4\HDDlifePro.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: BlackBerry Device Manager - BlackBerry Limited - C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: RIM MDNS - Apple Inc. - C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe
O23 - Service: BlackBerry Link Communication Manager (RIM Tunnel Service) - Research In Motion Limited - C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9099 bytes

Příspěvekod **jerabina** » 13 zář 2015 13:15

Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit Farbar Recovery Scan Tool (FRST)
32bit.:
http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
64bit.:
http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
a ulož jej na plochu. ,pak spusť FRST jako správce
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

_Alex_ · Příspěvekod **_Alex_** » 13 zář 2015 13:48

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:12-09-2015
Ran by Alex (administrator) on SHADOW (13-09-2015 13:42:04)
Running from C:\Users\Alex\Downloads
Loaded Profiles: Alex (Available Profiles: Alex)
Platform: Windows 8 Pro (X64) Language: Angličtina (Spojené státy)
Internet Explorer Version 10 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Research in Motion\Tunnel Manager\mDNSResponder.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research in Motion\Tunnel Manager\tunmgr.exe
(BlackBerry Limited) C:\Program Files (x86)\Common Files\Research in Motion\USB Drivers\BbDevMgr.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.17280_none_6224eed751126779\TiWorker.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.174\opera.exe
(BitTorrent Inc.) C:\Users\Alex\AppData\Roaming\uTorrent\uTorrent.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472992 2013-03-21] (Adobe Systems Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [6330568 2013-03-21] (ESET)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1794704 2015-02-20] (NVIDIA Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-04-23] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2010-09-08] (Apple Inc.)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [807696 2013-12-20] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [443408 2014-02-07] (BlackBerry Limited)
HKLM-x32\...\Run: [RIM PeerManager] => C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe [4493824 2014-05-07] (Research In Motion Limited)
HKU\S-1-5-21-3015261777-2400075649-929973636-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3015261777-2400075649-929973636-1001\...\Run: [Steam] => X:\Steam\Steam.exe [2899136 2015-08-19] (Valve Corporation)
HKU\S-1-5-21-3015261777-2400075649-929973636-1001\...\Run: [uTorrent] => C:\Users\Alex\AppData\Roaming\uTorrent\uTorrent.exe [1696096 2015-09-09] (BitTorrent Inc.)
HKU\S-1-5-21-3015261777-2400075649-929973636-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53736048 2015-08-07] (Skype Technologies S.A.)
Startup: C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HDDlife.lnk [2014-10-20]
ShortcutTarget: HDDlife.lnk -> C:\Program Files (x86)\BinarySense\HDDlife 4\HDDlifePro.exe (No File)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{D02D1F41-832C-49A2-9DFD-75950322C456}: [DhcpNameServer] 192.168.13.254 8.8.8.8

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-3015261777-2400075649-929973636-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2013-12-28] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-12-28] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-21] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-21] (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\pkwim54r.default
FF NewTab: about:newtab
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-13] ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-12-28] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-12-28] (Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2013-03-21] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-13] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-10-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-10-21] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-07] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-07] (NVIDIA Corporation)
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll [2014-05-07] ()
FF Plugin-x32: @t.garena.com/garenatalk -> X:\Games\Garena\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll [No File]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2013-03-21] (Adobe Systems)
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2013-04-15]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: No Name - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\pkwim54r.default\extensions\battlefieldheroespatcher@ea.com [not found]

Chrome:
=======
CHR Profile: C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-25]
CHR Extension: (Google Drive) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-25]
CHR Extension: (YouTube) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-25]
CHR Extension: (APK Downloader) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgihflhdpokeobcfimliamffejfnmfii [2014-11-24]
CHR Extension: (Google Search) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-25]
CHR Extension: (BB10 / PlayBook App Manager) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmbaalodpmjjhpobkgljnelbpblnikkp [2013-12-25]
CHR Extension: (APK Downloader) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\lnbkiaddgodnooflghhbdpbdheanmpjp [2014-01-11]
CHR Extension: (Google Wallet) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-25]
CHR Extension: (Gmail) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-25]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 BlackBerry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [585728 2014-01-21] (BlackBerry Limited) [File not signed]
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2013-12-20] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2013-12-20] (BlueStack Systems, Inc.)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1341664 2013-03-21] (ESET)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-01-25] ()
R2 RIM MDNS; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe [389632 2014-05-07] (Apple Inc.) [File not signed]
R2 RIM Tunnel Service; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe [1324544 2014-05-07] (Research In Motion Limited) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2015-07-06] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AtcL001; C:\Windows\system32\DRIVERS\l160x64.sys [65024 2012-06-02] (Atheros Communications, Inc.)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2014-01-26] ()
S3 blackberryncm; C:\Windows\system32\DRIVERS\blackberryncm6_AMD64.sys [24576 2014-02-20] (BlackBerry)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [114448 2013-12-20] (BlueStack Systems)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [213416 2013-02-14] (ESET)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3265256 2012-09-20] (Broadcom Corporation)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [150616 2013-01-10] (ESET)
R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [139768 2013-01-10] (ESET)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2014-01-26] ()
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] ()
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [79872 2013-12-02] (BlackBerry Limited)
R3 rimvndis; C:\Windows\System32\Drivers\rimvndis6_AMD64.sys [17920 2014-05-07] (Research in Motion Limited)
R3 RimVSerPort; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2014-08-18] (Duplex Secure Ltd.)
S3 usbrndis6; C:\Windows\system32\DRIVERS\usb80236.sys [20992 2013-02-12] (Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-06] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [281944 2015-07-06] (Microsoft Corporation)
S3 zebrbus; C:\Windows\System32\drivers\zebrbus.sys [107784 2007-04-13] (MCCI)
S3 zebrmdfl; C:\Windows\system32\DRIVERS\zebrmdfl.sys [19208 2007-04-13] (MCCI Corporation)
S3 zebrmdm; C:\Windows\system32\DRIVERS\zebrmdm.sys [144136 2007-04-13] (MCCI)
S3 zebrmdmc; C:\Windows\System32\drivers\zebrmdmc.sys [144136 2007-04-13] (MCCI)
S3 GGSAFERDriver; \??\X:\Games\Garena\Garena Plus\Room\safedrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-13 13:42 - 2015-09-13 13:42 - 00014602 _____ C:\Users\Alex\Downloads\FRST.txt
2015-09-13 13:41 - 2015-09-13 13:42 - 00000000 ____D C:\FRST
2015-09-13 13:40 - 2015-09-13 13:41 - 02190848 _____ (Farbar) C:\Users\Alex\Downloads\FRST64.exe
2015-09-13 12:57 - 2015-09-13 12:57 - 00008115 _____ C:\Users\Alex\Desktop\zoek-results.txt
2015-09-13 12:49 - 2015-09-13 12:35 - 00024064 _____ C:\Windows\zoek-delete.exe
2015-09-13 12:36 - 2015-09-13 12:54 - 00008115 _____ C:\zoek-results.log
2015-09-13 12:35 - 2015-09-13 12:46 - 00000000 ____D C:\zoek_backup
2015-09-13 12:34 - 2015-09-13 12:34 - 00005396 _____ C:\Users\Alex\Desktop\00000011111D.tmp.txt
2015-09-13 12:14 - 2015-09-13 12:14 - 01308672 _____ C:\Users\Alex\Desktop\zoek.exe
2015-09-12 18:46 - 2015-09-13 12:15 - 00037624 _____ C:\Windows\system32\Drivers\TrueSight.sys
2015-09-12 18:46 - 2015-09-12 19:03 - 00000000 ____D C:\ProgramData\RogueKiller
2015-09-12 18:46 - 2015-09-12 18:46 - 00001189 _____ C:\Users\Alex\Desktop\JRT.txt
2015-09-12 16:43 - 2015-09-12 16:44 - 22727240 _____ C:\Users\Alex\Desktop\RogueKillerX64.exe
2015-09-12 16:43 - 2015-09-12 16:43 - 01800104 _____ (Malwarebytes Corporation) C:\Users\Alex\Desktop\JRT.exe
2015-09-12 16:35 - 2015-09-13 02:00 - 00000000 ____D C:\Users\Alex\AppData\Local\Adobe
2015-09-11 18:12 - 2015-09-11 18:12 - 00001144 _____ C:\Users\Alex\Desktop\aaaaaaaaaaaaaaaa.txt
2015-09-11 18:01 - 2015-09-11 18:01 - 00000963 _____ C:\Users\Alex\Desktop\AdwCleaner[C2].txt
2015-09-11 17:58 - 2015-09-11 17:58 - 01660416 _____ C:\Users\Alex\Desktop\AdwCleaner.exe
2015-09-11 17:54 - 2015-09-11 17:54 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Alex\Desktop\mbam-setup-2.1.8.1057.exe
2015-09-10 19:50 - 2015-09-10 19:50 - 00001163 _____ C:\Users\Alex\Desktop\Prison Architect – zástupce.lnk
2015-09-10 02:55 - 2015-09-10 02:55 - 00000000 ____D C:\Users\Alex\AppData\Local\Introversion
2015-09-09 23:53 - 2015-09-09 23:53 - 00448512 _____ (OldTimer Tools) C:\Users\Alex\Desktop\TFC.exe
2015-09-09 23:51 - 2015-09-09 23:51 - 00050688 _____ (Atribune.org) C:\Users\Alex\Desktop\ATF-Cleaner.exe
2015-09-09 14:52 - 2015-09-13 12:54 - 00002620 _____ C:\Windows\PFRO.log
2015-09-09 14:35 - 2015-09-09 14:35 - 00002061 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2015-09-09 14:35 - 2015-09-09 14:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-09-09 14:34 - 2015-08-07 02:04 - 00572024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-09-09 14:31 - 2015-09-09 14:35 - 00000103 _____ C:\Windows\setupact.log
2015-09-09 14:31 - 2015-09-09 14:31 - 00000000 _____ C:\Windows\setuperr.log
2015-09-09 14:20 - 2015-04-30 22:20 - 05331968 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2015-09-09 14:20 - 2015-04-30 22:20 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2015-09-09 14:20 - 2015-04-30 22:20 - 00368640 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2015-09-09 12:42 - 2015-09-02 15:49 - 02341376 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-09-09 12:42 - 2015-09-02 15:49 - 01850880 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-09-09 12:42 - 2015-09-02 15:48 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-09-09 12:42 - 2015-09-02 15:38 - 01744384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-09-09 12:42 - 2015-09-02 15:38 - 01422336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-09-09 12:42 - 2015-09-02 15:38 - 00035328 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-09-09 12:42 - 2015-09-02 01:25 - 04065280 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-09-09 12:42 - 2015-08-28 23:59 - 00304128 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-09-09 12:42 - 2015-08-27 20:41 - 00366592 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-09-09 12:42 - 2015-08-22 16:40 - 14383616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-09-09 12:42 - 2015-08-22 16:40 - 13774848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-09-09 12:42 - 2015-08-22 16:40 - 02865664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-09-09 12:42 - 2015-08-22 16:40 - 02056704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-09-09 12:42 - 2015-08-22 16:40 - 01763328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-09-09 12:42 - 2015-08-22 16:40 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-09-09 12:42 - 2015-08-22 16:40 - 00737280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-09-09 12:42 - 2015-08-22 16:40 - 00718848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-09-09 12:42 - 2015-08-22 16:40 - 00525312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-09-09 12:42 - 2015-08-22 16:40 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-09-09 12:42 - 2015-08-22 16:40 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-09-09 12:42 - 2015-08-22 16:40 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-09-09 12:42 - 2015-08-22 15:51 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-09-09 12:42 - 2015-08-22 15:51 - 01409024 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-09-09 12:42 - 2015-08-22 15:51 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-09-09 12:42 - 2015-08-22 15:50 - 19291648 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-09-09 12:42 - 2015-08-22 15:50 - 15415808 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-09-09 12:42 - 2015-08-22 15:50 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-09-09 12:42 - 2015-08-22 15:50 - 02657280 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-09-09 12:42 - 2015-08-22 15:50 - 00949760 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-09-09 12:42 - 2015-08-22 15:50 - 00857600 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-09-09 12:42 - 2015-08-22 15:50 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-09-09 12:42 - 2015-08-05 15:52 - 01287680 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-09-09 12:42 - 2015-08-04 16:42 - 08858112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2015-09-09 12:42 - 2015-08-04 16:42 - 02038784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-09-09 12:42 - 2015-08-04 16:42 - 01229824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2015-09-09 12:42 - 2015-08-04 16:42 - 00356352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2015-09-09 12:42 - 2015-08-04 16:42 - 00100864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncInfo.dll
2015-09-09 12:42 - 2015-08-04 15:54 - 10116608 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2015-09-09 12:42 - 2015-08-04 15:54 - 01399808 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2015-09-09 12:42 - 2015-08-04 15:53 - 02307584 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-09-09 12:42 - 2015-08-04 15:53 - 00449024 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2015-09-09 12:42 - 2015-08-04 15:53 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncInfo.dll
2015-09-09 12:42 - 2015-08-01 18:21 - 00073352 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-09-09 12:42 - 2015-08-01 17:22 - 00063992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-09-09 12:42 - 2015-08-01 15:56 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-09-09 12:42 - 2015-08-01 15:56 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-09-09 12:42 - 2015-08-01 15:56 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-09-09 12:42 - 2015-07-18 21:30 - 00411455 _____ C:\Windows\system32\ApnDatabase.xml
2015-09-09 12:42 - 2015-07-03 15:33 - 01303040 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-09-09 12:42 - 2015-07-03 15:23 - 01024000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-09-05 14:14 - 2015-09-13 12:54 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-09-05 14:14 - 2015-09-11 17:55 - 00001102 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-09-05 14:14 - 2015-09-11 17:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-09-05 14:14 - 2015-09-11 17:55 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-09-05 14:14 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-09-05 14:14 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-09-05 14:14 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-09-05 14:13 - 2015-09-05 14:13 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Alex\Desktop\mbam-setup-2.1.8.1057 (1).exe
2015-09-04 17:16 - 2015-09-13 12:58 - 00009100 _____ C:\Users\Alex\Desktop\hijackthis.log
2015-09-04 17:16 - 2015-09-04 17:16 - 00388608 _____ (Trend Micro Inc.) C:\Users\Alex\Desktop\hijackthis.exe
2015-09-04 13:15 - 2015-09-04 13:15 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-09-04 04:09 - 2015-09-04 04:09 - 00411792 _____ (TweakBit) C:\Users\Alex\Downloads\fix_Explorer-setup.exe
2015-09-04 04:09 - 2015-09-04 04:09 - 00411792 _____ (TweakBit) C:\Users\Alex\Downloads\fix_Explorer-setup(1).exe
2015-09-04 03:26 - 2015-09-11 17:59 - 00000000 ____D C:\AdwCleaner
2015-09-04 03:23 - 2015-09-04 03:24 - 01654272 _____ C:\Users\Alex\Downloads\AdwCleaner.exe
2015-09-04 03:07 - 2015-09-04 03:07 - 01186640 _____ C:\Users\Alex\Downloads\ProcessExplorer.zip
2015-09-04 03:07 - 2015-09-04 03:07 - 00000000 ____D C:\Users\Alex\Downloads\ProcessExplorer
2015-09-03 21:33 - 2015-09-03 21:33 - 00000000 ____D C:\Users\Alex\Tracing
2015-09-03 19:02 - 2015-09-03 19:02 - 00000080 _____ C:\Users\Alex\Desktop\uTorrent.lnk
2015-09-03 19:02 - 2015-09-03 19:02 - 00000080 _____ C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\uTorrent.lnk
2015-09-03 18:42 - 2015-09-03 18:42 - 00718956 _____ C:\Users\Alex\Desktop\ESETPoweliksCleaner.exe_20150903.184219.9036.log
2015-09-03 18:42 - 2015-09-03 18:42 - 00000022 _____ C:\Users\Alex\Desktop\ESETPoweliksCleaner.exe_20150903.184219.9036.zip
2015-09-03 18:38 - 2015-09-03 18:38 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-09-03 18:33 - 2015-09-03 18:38 - 00719022 _____ C:\Users\Alex\Desktop\ESETPoweliksCleaner.exe_20150903.183356.1628.log
2015-09-03 18:33 - 2015-09-03 18:33 - 00000022 _____ C:\Users\Alex\Desktop\ESETPoweliksCleaner.exe_20150903.183356.1628.zip
2015-09-03 18:32 - 2015-09-03 18:33 - 00719022 _____ C:\Users\Alex\Desktop\ESETPoweliksCleaner.exe_20150903.183224.7668.log
2015-09-03 18:32 - 2015-09-03 18:32 - 00000022 _____ C:\Users\Alex\Desktop\ESETPoweliksCleaner.exe_20150903.183224.7668.zip
2015-09-03 18:31 - 2015-09-03 18:31 - 00719022 _____ C:\Users\Alex\Desktop\ESETPoweliksCleaner.exe_20150903.183100.6256.log
2015-09-03 18:31 - 2015-09-03 18:31 - 00000022 _____ C:\Users\Alex\Desktop\ESETPoweliksCleaner.exe_20150903.183100.6256.zip
2015-09-03 18:30 - 2015-09-03 18:30 - 00224968 _____ (ESET) C:\Users\Alex\Desktop\ESETPoweliksCleaner.exe
2015-09-02 18:27 - 2015-09-02 18:27 - 03696400 _____ C:\Users\Alex\Desktop\MVI_6804.MOV.Still001.tif
2015-09-02 16:59 - 2015-09-02 16:59 - 00008619 _____ C:\Users\Alex\Desktop\3743-4019_problem.lxf
2015-09-01 23:19 - 2015-09-13 13:11 - 01087386 _____ C:\Windows\WindowsUpdate.log
2015-08-31 19:45 - 2015-08-31 19:46 - 206059143 _____ C:\Users\Alex\Desktop\stella artois - 3rd floor production.mp4
2015-08-31 18:41 - 2015-08-31 18:42 - 19717688 _____ C:\Users\Alex\Desktop\Sequence 01.wav
2015-08-31 14:44 - 2015-08-31 14:44 - 08307280 _____ C:\Users\Alex\Desktop\MVI_6753.MOV.Still001.tif
2015-08-31 14:16 - 2015-08-31 14:20 - 00000000 ____D C:\Users\Alex\Documents\PluralEyes
2015-08-31 14:16 - 2015-08-31 14:16 - 00000000 ____D C:\Users\Alex\AppData\Local\Red_Giant
2015-08-31 14:16 - 2015-08-31 14:16 - 00000000 ____D C:\Users\Alex\AppData\Local\PluralEyes 3
2015-08-31 14:14 - 2015-08-31 14:15 - 00003634 _____ C:\Windows\System32\Tasks\Red Giant Link
2015-08-31 13:48 - 2015-08-31 13:48 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Red Giant
2015-08-31 13:47 - 2015-08-31 14:16 - 00000000 ____D C:\Program Files (x86)\Red Giant Link
2015-08-31 13:47 - 2015-08-31 13:48 - 00000000 ____D C:\ProgramData\Red Giant
2015-08-31 13:47 - 2015-08-31 13:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Red Giant
2015-08-31 13:47 - 2015-08-31 13:47 - 00000000 ____D C:\ProgramData\Sony
2015-08-31 13:47 - 2015-08-31 13:47 - 00000000 ____D C:\Program Files\Common Files\Red Giant
2015-08-31 13:46 - 2015-08-31 13:46 - 00000000 ____D C:\ProgramData\RedGiant
2015-08-31 13:46 - 2015-08-31 13:46 - 00000000 ____D C:\Program Files\Red Giant
2015-08-31 13:24 - 2015-08-31 13:24 - 00000000 _____ C:\autoexec.bat
2015-08-31 13:19 - 2015-08-31 13:21 - 209130268 _____ C:\Users\Alex\Desktop\SSuite_Win_Full.zip
2015-08-31 13:16 - 2015-08-31 13:18 - 168530831 _____ C:\Users\Alex\Desktop\SSuite_Mac_Full.zip
2015-08-31 13:13 - 2015-08-31 13:13 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-08-30 03:31 - 2015-08-30 03:31 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Warcraft Classic
2015-08-21 13:47 - 2015-08-21 13:47 - 00000000 ____D C:\Users\Alex\Desktop\camera
2015-08-21 12:43 - 2015-08-13 12:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-08-21 12:43 - 2015-08-13 12:44 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-08-20 17:46 - 2015-08-20 18:01 - 00000000 ____D C:\Users\Alex\Documents\TmForever
2015-08-20 17:46 - 2015-08-20 17:49 - 00000000 ____D C:\ProgramData\TmForever
2015-08-17 15:33 - 2015-09-04 13:26 - 00000000 ____D C:\Users\Alex\Desktop\stp
2015-08-17 15:33 - 2015-08-17 15:33 - 00232342 _____ C:\Users\Alex\Desktop\stp.zip

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-13 13:44 - 2013-03-16 02:55 - 00000000 ____D C:\Users\Alex\AppData\Roaming\uTorrent
2015-09-13 13:09 - 2013-03-19 22:10 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Skype
2015-09-13 13:01 - 2013-03-15 19:07 - 00726230 _____ C:\Windows\system32\perfh005.dat
2015-09-13 13:01 - 2013-03-15 19:07 - 00147804 _____ C:\Windows\system32\perfc005.dat
2015-09-13 13:01 - 2012-07-26 09:28 - 01714430 _____ C:\Windows\system32\PerfStringBackup.INI
2015-09-13 13:00 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru
2015-09-13 12:59 - 2013-03-15 19:03 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3015261777-2400075649-929973636-1001
2015-09-13 12:58 - 2013-03-15 19:23 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-09-13 12:55 - 2012-07-26 09:59 - 00000000 ____D C:\Windows\CbsTemp
2015-09-13 12:54 - 2013-03-15 19:03 - 00000000 ____D C:\ProgramData\NVIDIA
2015-09-13 12:54 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-13 04:15 - 2014-11-17 21:31 - 00000000 ____D C:\Users\Alex\AppData\Local\Battle.net
2015-09-13 00:12 - 2014-11-22 00:07 - 00000000 ___HD C:\$Windows.~BT
2015-09-13 00:05 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2015-09-12 23:36 - 2013-06-09 21:07 - 00104960 ___SH C:\Users\Alex\Downloads\Thumbs.db
2015-09-11 17:51 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-09-10 06:34 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\rescache
2015-09-09 14:52 - 2015-03-17 17:12 - 04941648 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-09 14:51 - 2012-07-26 10:12 - 00000000 ___RD C:\Windows\ToastData
2015-09-09 14:51 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-09-09 14:40 - 2013-08-14 15:55 - 00000000 ____D C:\Windows\system32\MRT
2015-09-09 14:33 - 2013-03-15 19:02 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-09-09 14:33 - 2013-03-15 19:02 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-09-09 13:26 - 2015-08-04 15:00 - 00003350 _____ C:\Windows\System32\Tasks\ESET Windows 10 upgrade – Refresh settings
2015-09-08 22:36 - 2013-03-19 19:23 - 07680512 ___SH C:\Users\Alex\Desktop\Thumbs.db
2015-09-04 17:16 - 2013-03-15 18:57 - 00000000 ____D C:\Users\Alex\AppData\Local\VirtualStore
2015-09-04 13:15 - 2014-03-10 23:19 - 00002731 _____ C:\Users\Public\Desktop\Skype.lnk
2015-09-04 13:15 - 2013-03-19 22:10 - 00000000 ____D C:\ProgramData\Skype
2015-09-04 13:15 - 2013-03-19 22:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-09-04 03:35 - 2013-05-29 23:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-09-03 21:58 - 2013-05-29 23:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-09-03 21:33 - 2013-03-15 18:57 - 00000000 ____D C:\Users\Alex
2015-09-03 19:04 - 2012-07-26 10:12 - 00000000 ___RD C:\Windows\DesktopTileResources
2015-09-03 19:03 - 2015-01-30 03:30 - 00000926 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2015-09-03 19:03 - 2014-03-26 01:06 - 00001070 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Audition CC.lnk
2015-09-03 19:03 - 2013-09-09 19:54 - 00001380 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk
2015-09-03 19:03 - 2013-07-04 20:26 - 00001111 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-09-03 19:03 - 2013-06-11 11:38 - 00002507 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-09-03 19:03 - 2013-05-29 23:02 - 00001147 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-09-03 19:03 - 2013-03-28 22:33 - 00000780 _____ C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PlanetSide 2 PSG.lnk
2015-09-03 19:03 - 2013-03-28 21:54 - 00002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-09-03 19:03 - 2013-03-19 21:30 - 00001638 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator CS6 (32 Bit).lnk
2015-09-03 19:03 - 2013-03-19 21:30 - 00001550 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator CS6.lnk
2015-09-03 19:03 - 2013-03-19 21:29 - 00001157 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6.lnk
2015-09-03 19:03 - 2013-03-19 21:29 - 00001069 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk
2015-09-03 19:03 - 2013-03-19 21:28 - 00001507 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
2015-09-03 19:03 - 2013-03-19 21:28 - 00001341 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk
2015-09-03 19:03 - 2013-03-19 14:48 - 00000985 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
2015-09-03 19:03 - 2013-03-15 18:57 - 00001406 _____ C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-09-03 19:02 - 2015-06-03 19:21 - 00001070 _____ C:\Users\Alex\Desktop\Adobe Audition CC.lnk
2015-09-03 19:02 - 2015-03-31 00:49 - 00000721 _____ C:\Users\Alex\Desktop\Suunto Dive Manager.lnk
2015-09-03 19:02 - 2014-12-12 21:49 - 00000523 _____ C:\Users\Alex\Desktop\Steam.lnk
2015-09-03 19:02 - 2014-11-24 16:56 - 00002219 _____ C:\Users\Public\Desktop\BlackBerry Link.lnk
2015-09-03 19:02 - 2014-11-17 21:31 - 00000888 _____ C:\Users\Public\Desktop\Battle.net.lnk
2015-09-03 19:02 - 2014-10-10 17:31 - 00001216 _____ C:\Users\Public\Desktop\Goat Simulator.lnk
2015-09-03 19:02 - 2014-04-15 21:38 - 00001039 _____ C:\Users\Public\Desktop\Windows Media Player.lnk
2015-09-03 19:02 - 2014-03-13 08:43 - 00001450 _____ C:\Users\Alex\Desktop\Play South Park The Stick of Truth.lnk
2015-09-03 19:02 - 2014-02-10 16:05 - 00000813 _____ C:\Users\Public\Desktop\Fable - The Lost Chapters.lnk
2015-09-03 19:02 - 2014-01-11 22:17 - 00001801 _____ C:\Users\Public\Desktop\Start BlueStacks.lnk
2015-09-03 19:02 - 2013-09-12 01:02 - 00001110 _____ C:\Users\Alex\Desktop\Adobe Premiere Pro CS6.lnk
2015-09-03 19:02 - 2013-07-04 23:42 - 00001037 _____ C:\Users\Public\Desktop\MediaMonkey.lnk
2015-09-03 19:02 - 2013-07-04 20:26 - 00001105 _____ C:\Users\Public\Desktop\Opera.lnk
2015-09-03 19:02 - 2013-05-29 23:02 - 00001141 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-09-03 19:02 - 2013-04-07 23:48 - 00001550 _____ C:\Users\Alex\Desktop\Adobe Illustrator CS6.lnk
2015-09-03 19:02 - 2013-03-19 22:22 - 00001011 _____ C:\Users\Alex\Desktop\Vector Magic.lnk
2015-09-03 19:02 - 2013-03-19 19:06 - 00001143 _____ C:\Users\Alex\Desktop\Adobe Flash Professional CS6.lnk
2015-09-03 19:02 - 2013-03-16 16:04 - 00001037 _____ C:\Users\Alex\Desktop\CINEMA 4D.lnk
2015-09-02 06:14 - 2013-03-16 02:50 - 00000000 ____D C:\Users\Alex\AppData\Roaming\MediaMonkey
2015-09-01 23:21 - 2013-03-17 21:10 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-09-01 23:20 - 2014-11-24 16:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlackBerry
2015-09-01 23:20 - 2014-11-24 16:55 - 00000000 ____D C:\Program Files (x86)\Research In Motion
2015-09-01 23:20 - 2013-04-13 13:34 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Research In Motion
2015-09-01 23:20 - 2013-04-13 13:34 - 00000000 ____D C:\Users\Alex\AppData\Local\Research In Motion
2015-09-01 23:20 - 2013-04-13 13:34 - 00000000 ____D C:\ProgramData\Research In Motion
2015-09-01 23:19 - 2013-03-15 18:57 - 00000000 ____D C:\Windows\softwaredistribution.bak
2015-08-31 13:47 - 2013-03-19 14:46 - 00000000 ____D C:\ProgramData\Adobe
2015-08-31 13:47 - 2013-03-15 18:57 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Adobe
2015-08-31 13:18 - 2015-05-04 13:10 - 00000000 ____D C:\Users\Alex\Desktop\Heartstone
2015-08-31 13:12 - 2015-03-18 23:13 - 00000000 ____D C:\Users\Alex\AppData\Roaming\GameRanger
2015-08-26 18:37 - 2013-03-17 21:01 - 134753440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-19 16:24 - 2014-06-10 21:47 - 00003826 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1372962362
2015-08-19 16:24 - 2013-03-15 19:02 - 00000000 ____D C:\Program Files (x86)\Opera
2015-08-14 03:22 - 2015-04-16 00:49 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-14 03:22 - 2015-04-16 00:49 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-14 03:22 - 2012-07-26 10:12 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-14 03:22 - 2012-07-26 10:12 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-14 03:22 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-14 03:22 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Defender

==================== Files in the root of some directories =======

2014-10-20 21:26 - 2003-04-09 05:28 - 0233472 ____R () C:\Users\Alex\AppData\Roaming\MafiaSetup.exe
2013-03-30 03:37 - 2014-05-19 22:15 - 0045270 _____ () C:\Users\Alex\AppData\Roaming\room_v3.dat
2013-10-07 01:08 - 2013-10-07 01:08 - 0003584 _____ () C:\Users\Alex\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-06-15 21:05 - 2015-06-15 21:05 - 0007226 _____ () C:\Users\Alex\AppData\Local\recently-used.xbel
2014-05-11 00:35 - 2014-05-11 00:35 - 0000017 _____ () C:\Users\Alex\AppData\Local\resmon.resmoncfg

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-09-07 15:27

==================== End of FRST.txt ============================

_Alex_ · Příspěvekod **_Alex_** » 13 zář 2015 13:48

Additional scan result of Farbar Recovery Scan Tool (x64) Version:12-09-2015
Ran by Alex (2015-09-13 13:44:37)
Running from C:\Users\Alex\Downloads
Windows 8 Pro (X64) (2013-03-15 16:57:29)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-3015261777-2400075649-929973636-500 - Administrator - Disabled)
Alex (S-1-5-21-3015261777-2400075649-929973636-1001 - Administrator - Enabled) => C:\Users\Alex
Guest (S-1-5-21-3015261777-2400075649-929973636-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3015261777-2400075649-929973636-1003 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET NOD32 Antivirus 6.0 (Enabled - Up to date) {77DEAFED-8149-104B-25A1-21771CA47CD1}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET NOD32 Antivirus 6.0 (Enabled - Up to date) {CCBF4E09-A773-1FC5-1F11-1A056723366C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3015261777-2400075649-929973636-1001\...\uTorrent) (Version: 3.4.4.40911 - BitTorrent Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Audition CC (HKLM-x32\...\{DE1E055B-679C-42F8-B114-7B6ED0B8ED95}) (Version: 6.0 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Flash Player 18 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Flash Professional CS6 (HKLM-x32\...\{BD5669B5-49FF-4490-B956-E9D7CB9B0ADC}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Illustrator CS6 (HKLM-x32\...\{4869414E-7AEA-4C8E-BE1C-8D40977FD517}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CS6 (HKLM-x32\...\{7176B973-6011-43C1-AEBC-2D73FE7C6982}) (Version: 6.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
ANNO 1404 (HKLM-x32\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 1.02.0000 - Ubisoft)
Anno 1404 (x32 Version: 1.00.0000 - Ubisoft) Hidden
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Awesomium Redistributable (HKLM-x32\...\{5BCB064B-9F65-4E15-BAFB-669E72E54FD9}) (Version: 1.7.4.2 - SIX Networks GmbH)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
BlackBerry Link (HKLM-x32\...\BlackBerry_10_Desktop) (Version: 1.2.3.48 - BlackBerry Ltd.)
BlackBerry Link (x32 Version: 1.2.3.48 - BlackBerry Ltd.) Hidden
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.8.4.3036 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{44181DF6-2751-48C7-B918-72F14508F127}) (Version: 0.8.4.3036 - BlueStack Systems, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 3.28 - Piriform)
CINEMA 4D 13.061 (HKLM\...\MAXONFB05E576) (Version: 13.061 - MAXON Computer GmbH) <==== ATTENTION
Counter-Strike: Source (HKLM-x32\...\{9580813D-94B1-4C28-9426-A441E2BB29A5}) (Version: 1.0.0.0 - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
ESET NOD32 Antivirus (HKLM\...\{792A453A-EB3B-48C7-BAEA-14E38B04D278}) (Version: 6.0.316.2 - ESET, spol s r. o.)
Fable - The Lost Chapters (HKLM-x32\...\InstallShield_{C3C9EB3D-24FA-4462-B784-0EC6AAFCD2DD}) (Version: 1.00.0000 - Název společnosti:)
Fable - The Lost Chapters (x32 Version: 1.00.0000 - Název společnosti:) Hidden
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Java 7 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417045FF}) (Version: 7.0.450 - Oracle)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle)
Java SE Development Kit 7 Update 25 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170250}) (Version: 1.7.0.250 - Oracle)
Java SE Development Kit 7 Update 45 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170450}) (Version: 1.7.0.450 - Oracle)
LEGO Digital Designer (HKLM-x32\...\New LEGO Digital Designer) (Version: - LEGO A/S)
Malwarebytes Anti-Malware verze 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
MediaMonkey 4.0 (HKLM-x32\...\MediaMonkey_is1) (Version: 4.0 - Ventis Media Inc.)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox 40.0.3 (x86 cs) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 cs)) (Version: 40.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3.5716 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.7 - Notepad++ Team)
NVIDIA 3D Vision Controller Driver 314.07 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 314.07 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 353.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.82 - NVIDIA Corporation)
NVIDIA Graphics Driver 353.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.82 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Opera Stable 31.0.1889.174 (HKLM-x32\...\Opera 31.0.1889.174) (Version: 31.0.1889.174 - Opera Software)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
QuickTime (HKLM-x32\...\{E7004147-2CCA-431C-AA05-2AB166B9785D}) (Version: 7.68.75.0 - Apple Inc.)
Red Giant Link (HKLM-x32\...\{10F82E5B-B611-4C65-8F29-666A9EC5680A}_is1) (Version: 1.9.6.0 - Red Giant, LLC)
Shooter Suite v12.7.2 (HKLM-x32\...\{7DFC5E36-8CC9-4EC5-9C24-A3770A669E3F}_is1) (Version: 12.7.2 - Red Giant, LLC)
Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Suunto Dive Manager 3.0.0 (HKLM-x32\...\Suunto Dive Manager_is1) (Version: 3.0.0 - Suunto Oy)
Suunto USB Driver (HKLM\...\SuuntoUSBFTDIVista_is1) (Version: 2.4.6 - Suunto Oy)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.5.0.77 - KMP Media co., Ltd)
The Mighty Quest For Epic Loot verze 1.210183 (HKLM-x32\...\The Mighty Quest For Epic Loot_is1) (Version: 1.210183 - )
Theme Hospital (HKLM-x32\...\{5118A4C2-C8A4-4CE5-AC37-F3E51C25402F}) (Version: 3.0.0.2 - Electronic Arts)
Unturned (HKLM-x32\...\Steam App 304930) (Version: - Nelson Sexton)
Vector Magic (HKLM-x32\...\Vector Magic) (Version: 1.14 - Vector Magic, Inc.)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
World of Warcraft Classic (HKU\S-1-5-21-3015261777-2400075649-929973636-1001\...\{D55ED80F-FAFD-40E1-99FC-89AF8614A9B5}_is1) (Version: 1.12.1.5875 - Blizzard Entertainment)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== Restore Points =========================

08-09-2015 23:14:10 Windows Update
10-09-2015 11:57:45 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
10-09-2015 11:57:57 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
12-09-2015 18:43:18 JRT Pre-Junkware Removal

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-09-13 12:36 - 2015-09-13 12:36 - 00000841 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost
::1 localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {037711DF-4BAB-410D-9E5E-32C5974306C3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-13] (Adobe Systems Incorporated)
Task: {1456C379-A8E0-45F9-B3AE-E8661FB6D0DB} - System32\Tasks\GoogleUpdateTaskMachineCore1d0458030e09181 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {1FD9FDDA-4BC8-46E0-BB0A-7EF64E0D9AD6} - System32\Tasks\Opera scheduled Autoupdate 1372962362 => C:\Program Files (x86)\Opera\launcher.exe [2015-08-17] (Opera Software)
Task: {6E27F078-D066-4F07-A6A1-E3C2D864AB3F} - System32\Tasks\GoogleUpdateTaskMachineCore1d08f2baf801e57 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {6F611659-813E-425C-B46F-99BAF3C404D8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-02-25] (Piriform Ltd)
Task: {840D9DA4-D3B0-4C74-AB96-E84BCE562E6D} - System32\Tasks\AdobeAAMUpdater-1.0-Shadow-Alex => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-03-21] (Adobe Systems Incorporated)
Task: {983A88E0-F886-47B2-8350-B6464EB00224} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {9D41CBF3-C8F7-4E2D-A9F1-F88FB002F389} - \TweakBit\FixMyPC\Start FixMyPC оn logon -> No File <==== ATTENTION
Task: {AB56BF77-E3AB-415A-9677-65563035E934} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {B6EC63CC-D1ED-47ED-8C8F-34BC30114735} - System32\Tasks\ESET Windows 10 upgrade – Refresh settings => C:\Program Files\Common Files\AV\ESET NOD32 Antivirus 6.0\upgrade.exe [2015-09-09] (ESET)
Task: {C2584237-C864-4278-86DC-A591C9DB62BE} - System32\Tasks\Red Giant Link => C:\Program Files\Red Giant Link\Red Giant Link.exe
Task: {EC742FEF-B541-4D3C-9024-8D3EEE794739} - System32\Tasks\{A2A8282A-64E7-4902-AF1A-41D769061147} => pcalua.exe -a "X:\Games\Stunt Rally CZ\StuntRally.exe" -d "X:\Games\Stunt Rally CZ\"
Task: {FB43FDB4-A2E5-4E42-92AF-96DB9FB1ADEF} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-08-26] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (Whitelisted) ==============

2013-03-15 19:03 - 2015-08-07 02:44 - 00116528 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-01-21 22:26 - 2015-01-25 19:25 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-04-23 16:05 - 2014-04-23 16:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-04-23 16:04 - 2014-04-23 16:04 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Alex\Cookies:QjtoGGLGou5Z50pCKxKF30jC3
AlternateDataStreams: C:\Users\Alex\AppData\Local\Temporary Internet Files:ATfKycFIf5Adr5ymesrbUmD

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3015261777-2400075649-929973636-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Alex\Desktop\Z2-1_infarction_of_myocardium_infarkt_myokardu4x.jpg
DNS Servers: 192.168.13.254 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "RIMBBLaunchAgent.exe"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "RIM PeerManager"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKLM\...\StartupApproved\Run32: => "EaseUS EPM tray"
HKLM\...\StartupApproved\Run32: => "ioCentre"
HKU\S-1-5-21-3015261777-2400075649-929973636-1001\...\StartupApproved\StartupFolder: => "HDDlife.lnk"
HKU\S-1-5-21-3015261777-2400075649-929973636-1001\...\StartupApproved\Run: => "GarenaPlus"
HKU\S-1-5-21-3015261777-2400075649-929973636-1001\...\StartupApproved\Run: => "RGSC"
HKU\S-1-5-21-3015261777-2400075649-929973636-1001\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-3015261777-2400075649-929973636-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3015261777-2400075649-929973636-1001\...\StartupApproved\Run: => "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"
HKU\S-1-5-21-3015261777-2400075649-929973636-1001\...\StartupApproved\Run: => "uTorrent"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [{6FDEB339-EB03-466C-9366-E8526E000094}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{12DF3432-82E5-4B03-BD0F-DDC95FC43302}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{197C14CD-AD14-463A-BF15-927E60D7EE7A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{FCDFDA1E-3F96-40E0-B15A-43C547D5740B}X:\games\warcraft iii\war3.exe] => (Allow) X:\games\warcraft iii\war3.exe
FirewallRules: [UDP Query User{1E913347-A245-442D-B188-6C210CAE0C25}X:\games\warcraft iii\war3.exe] => (Allow) X:\games\warcraft iii\war3.exe
FirewallRules: [TCP Query User{266BA31E-A408-44BE-9DCA-7891663D8BAE}C:\program files (x86)\mediamonkey\mediamonkey.exe] => (Allow) C:\program files (x86)\mediamonkey\mediamonkey.exe
FirewallRules: [UDP Query User{26FBA2D0-EFCD-4CA1-8C38-274F29813F5D}C:\program files (x86)\mediamonkey\mediamonkey.exe] => (Allow) C:\program files (x86)\mediamonkey\mediamonkey.exe
FirewallRules: [{EFEF2751-B7A6-44D6-86E9-CA24B28885FC}] => (Allow) X:\Games\GTA SA\The Game\GTA San Andreas\samp.exe
FirewallRules: [{778ED777-E1B4-4D3F-9CF7-95F777106736}] => (Allow) X:\Games\GTA SA\The Game\GTA San Andreas\samp.exe
FirewallRules: [{C77A9C13-57D6-47C9-B259-3B27A47AC164}] => (Allow) X:\Games\GTA SA\The Game\GTA San Andreas\samp.exe
FirewallRules: [{FD9BB209-5FFE-4590-B33D-ED1699240E30}] => (Allow) X:\Games\GTA SA\The Game\GTA San Andreas\samp.exe
FirewallRules: [TCP Query User{A2EA3440-22F7-4A46-989C-A22E1468A499}C:\windows\system32\javaw.exe] => (Allow) C:\windows\system32\javaw.exe
FirewallRules: [UDP Query User{D8F6DA9A-BC5C-4F17-8E56-F568ABF8C12A}C:\windows\system32\javaw.exe] => (Allow) C:\windows\system32\javaw.exe
FirewallRules: [TCP Query User{DC8CC885-F03B-47B7-ADF2-19000CAC1809}X:\games\guild wars 2\gw2.exe] => (Allow) X:\games\guild wars 2\gw2.exe
FirewallRules: [UDP Query User{46ADF5A0-6F22-494E-81EF-954712129C7C}X:\games\guild wars 2\gw2.exe] => (Allow) X:\games\guild wars 2\gw2.exe
FirewallRules: [{5811C8DE-C15C-476A-B54D-24BBB9F484E4}] => (Allow) X:\Games\Garena\Garena Plus\ggdllhost.exe
FirewallRules: [{1E860155-1DBC-4424-97E9-342DCAF20063}] => (Allow) X:\Steam\Steam.exe
FirewallRules: [{DE6E5262-A2E4-4EBF-A7D9-F48EC5B42524}] => (Allow) X:\Steam\Steam.exe
FirewallRules: [{67527848-4347-433B-94AE-470C33FD9899}] => (Allow) X:\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{4B7F4E19-4CA6-4FEA-B3F3-432BCA69635F}] => (Allow) X:\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{3437722B-B52B-44F4-9C01-4CA3A9176858}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2581\Agent.exe
FirewallRules: [{C4C61FF8-942B-47FB-99F8-EB15B70BD76F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2581\Agent.exe
FirewallRules: [{6E27A70D-978B-4BDC-84FD-16DC6423AB99}] => (Allow) X:\Games\Anno 1404 whit Venice\The Game\Anno4.exe
FirewallRules: [{45EC5C3B-A48D-4816-B2C1-BA56BD232E9D}] => (Allow) X:\Games\Anno 1404 whit Venice\The Game\Anno4.exe
FirewallRules: [{DB4E1968-D261-4C69-BD10-4D1178A7C25D}] => (Allow) X:\Games\Anno 1404 whit Venice\The Game\tools\Anno4Web.exe
FirewallRules: [{F8D243AC-E878-4A55-A8E4-128FE07991A1}] => (Allow) X:\Games\Anno 1404 whit Venice\The Game\tools\Anno4Web.exe
FirewallRules: [{69D993EE-1270-457C-9761-8D0E4F199030}] => (Allow) X:\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{BD6B0D8E-3208-427A-9CF7-79C762C9B55C}] => (Allow) X:\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [TCP Query User{619CBE57-9C53-434F-AFCD-27C2D7E2E703}X:\games\anno 1404 whit venice\the game\tools\anno4web.exe] => (Block) X:\games\anno 1404 whit venice\the game\tools\anno4web.exe
FirewallRules: [UDP Query User{164CC726-0000-4092-AD1B-C1870A3F0E59}X:\games\anno 1404 whit venice\the game\tools\anno4web.exe] => (Block) X:\games\anno 1404 whit venice\the game\tools\anno4web.exe
FirewallRules: [TCP Query User{D4AB6AE2-EE1C-43C4-A180-AD15E4FBC28F}X:\games\guild wars 2\gw2.exe] => (Allow) X:\games\guild wars 2\gw2.exe
FirewallRules: [UDP Query User{483F86F8-EEF2-405B-9869-C9692A7BE031}X:\games\guild wars 2\gw2.exe] => (Allow) X:\games\guild wars 2\gw2.exe
FirewallRules: [{D346AC5D-AE7B-4F5B-86F8-A1CFBEB7D002}] => (Allow) X:\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{6C017312-3810-416F-85B1-BF6F49C07F0C}] => (Allow) X:\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{489C6263-83C5-43E8-8330-13859A8EA521}] => (Allow) X:\Steam\bin\steamwebhelper.exe
FirewallRules: [{97D4D681-DAE6-4044-97AB-332BA4056436}] => (Allow) X:\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{608A94AB-A9D4-4AAA-AB29-0665C89374E3}X:\games\warcraft iii\war3.exe] => (Allow) X:\games\warcraft iii\war3.exe
FirewallRules: [UDP Query User{7B1BC6DF-DC4C-4A9A-9886-39B5721ABB93}X:\games\warcraft iii\war3.exe] => (Allow) X:\games\warcraft iii\war3.exe
FirewallRules: [TCP Query User{B32A854E-7A4E-4500-B2CC-D0805DF0799B}X:\games\godus\godus.beta.v2.1.cracked-3dm\godus\windows\godus.exe] => (Block) X:\games\godus\godus.beta.v2.1.cracked-3dm\godus\windows\godus.exe
FirewallRules: [UDP Query User{598C0CE2-A80D-4945-BD9A-F3C018663B50}X:\games\godus\godus.beta.v2.1.cracked-3dm\godus\windows\godus.exe] => (Block) X:\games\godus\godus.beta.v2.1.cracked-3dm\godus\windows\godus.exe
FirewallRules: [{6F340A66-DA92-47A4-B178-63D09B8A8D09}] => (Allow) C:\Users\Alex\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{38707671-EA6D-472B-8407-34405B39973F}] => (Allow) C:\Users\Alex\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{A20220B6-25B6-4C13-99E9-0B8DA0387464}X:\games\goat simulator\the game\binaries\win32\goatgame-win32-shipping.exe] => (Block) X:\games\goat simulator\the game\binaries\win32\goatgame-win32-shipping.exe
FirewallRules: [UDP Query User{DF4E90C5-AC18-4942-AA89-C526D6EC5220}X:\games\goat simulator\the game\binaries\win32\goatgame-win32-shipping.exe] => (Block) X:\games\goat simulator\the game\binaries\win32\goatgame-win32-shipping.exe
FirewallRules: [{08F5E6E5-9FF9-494D-B67D-BF6F958FDE7D}] => (Allow) X:\Games\battlenet\Battle.net\Battle.net.exe
FirewallRules: [{165994E1-2306-49A0-87B3-D5621B234839}] => (Allow) X:\Games\battlenet\Battle.net\Battle.net.exe
FirewallRules: [{BABA7391-CE52-47C1-8210-E1BD1604CF7F}] => (Allow) X:\Games\battlenet\HeartStone\Hearthstone\Hearthstone.exe
FirewallRules: [{6FBA9ED8-7830-4140-B38F-5F464FFC6FCD}] => (Allow) X:\Games\battlenet\HeartStone\Hearthstone\Hearthstone.exe
FirewallRules: [{F452D9F7-7D5D-4F19-8974-7FF948166BCA}] => (Allow) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe
FirewallRules: [{DC743D8C-1B29-4C32-B9C9-365485A4DFC4}] => (Allow) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe
FirewallRules: [{3543F496-6981-45B7-A912-DF07EA57FC49}] => (Allow) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe
FirewallRules: [{20814CE4-F22D-4524-9B6E-113F38A61399}] => (Allow) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe
FirewallRules: [{E9276B08-2EE3-4B5E-A88D-27E64F853144}] => (Allow) C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe
FirewallRules: [{3D6402FF-E0E9-473C-9222-6D90352AC1EF}] => (Allow) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe
FirewallRules: [{FD09E372-E5D3-431B-BAF8-63903630AA9E}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{DA9E50E8-A054-48DE-83AA-00A82FF45716}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{4B51E3C5-6F11-4305-947F-DFCC0CC39508}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{3D52386A-43F9-4826-8BA3-462060269A0B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{C8749BEB-5E6C-4D4F-B764-B2313FF8E1DE}X:\games\dayz\dayz standalone v0_46\dayz standalone v0.46 final\dayz standalone v0.46\dayz.exe] => (Allow) X:\games\dayz\dayz standalone v0_46\dayz standalone v0.46 final\dayz standalone v0.46\dayz.exe
FirewallRules: [UDP Query User{80B9BC95-B1A8-4B60-91F1-C2F255E33101}X:\games\dayz\dayz standalone v0_46\dayz standalone v0.46 final\dayz standalone v0.46\dayz.exe] => (Allow) X:\games\dayz\dayz standalone v0_46\dayz standalone v0.46 final\dayz standalone v0.46\dayz.exe
FirewallRules: [TCP Query User{AC47268D-836B-4A43-9042-CE8655E635E5}X:\games\dayz\arma 2 armored operations 1.62 update + dayz + server\arma 2\arma 2\arma2oaserver.exe] => (Allow) X:\games\dayz\arma 2 armored operations 1.62 update + dayz + server\arma 2\arma 2\arma2oaserver.exe
FirewallRules: [UDP Query User{C9B9EF86-9364-4661-B53A-E90673BDAACB}X:\games\dayz\arma 2 armored operations 1.62 update + dayz + server\arma 2\arma 2\arma2oaserver.exe] => (Allow) X:\games\dayz\arma 2 armored operations 1.62 update + dayz + server\arma 2\arma 2\arma2oaserver.exe
FirewallRules: [TCP Query User{0608E3C3-6927-4F19-922C-4A7262AC189D}X:\games\dayz\dayz standalone v0_46\dayz standalone v0.46 final\dayz standalone v0.46\dayzserver.exe] => (Allow) X:\games\dayz\dayz standalone v0_46\dayz standalone v0.46 final\dayz standalone v0.46\dayzserver.exe
FirewallRules: [UDP Query User{A11D46BF-D2BC-49E8-83E3-DA01389E1F09}X:\games\dayz\dayz standalone v0_46\dayz standalone v0.46 final\dayz standalone v0.46\dayzserver.exe] => (Allow) X:\games\dayz\dayz standalone v0_46\dayz standalone v0.46 final\dayz standalone v0.46\dayzserver.exe
FirewallRules: [TCP Query User{31EE4590-274C-4935-B443-2538A25E7526}X:\games\dayz\dayz standalone cz\dayz standalone v0.46\dayz.exe] => (Block) X:\games\dayz\dayz standalone cz\dayz standalone v0.46\dayz.exe
FirewallRules: [UDP Query User{2B9FFD62-CA33-4F1E-B03F-17B44B51B968}X:\games\dayz\dayz standalone cz\dayz standalone v0.46\dayz.exe] => (Block) X:\games\dayz\dayz standalone cz\dayz standalone v0.46\dayz.exe
FirewallRules: [TCP Query User{411D92A1-47DE-4517-9585-7BCF89F7767D}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{B98CCC1D-3399-4F28-891A-7D71DF99A03D}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{C9E16AD2-814C-4D7D-8A15-B3CD77E1D607}] => (Allow) X:\Steam\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{B24FDE50-11F7-4A9F-AFDA-ED27F0027DD4}] => (Allow) X:\Steam\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{2AE81DB7-56B4-4CAD-BD63-711403BCEFB1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2B615140-CC27-4293-9EC8-7657F6FAADE6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{C6F1E8FA-6EF9-47CF-881D-263D48265BE3}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{B73FB633-747A-4825-B41C-53DBD14BACED}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe

==================== Faulty Device Manager Devices =============

Name: Multimediální zvukový adaptér
Description: Multimediální zvukový adaptér
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Standardní klávesnice PS/2
Description: Standardní klávesnice PS/2
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardní klávesnice)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

==================== Event log errors: =========================

Application errors:
==================
Error: (09/13/2015 12:54:23 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (09/13/2015 11:39:25 AM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: 492: ERROR: read_msg errno 0 (The operation completed successfully.)

Error: (09/13/2015 11:39:25 AM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053

Error: (09/13/2015 11:39:25 AM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: 644: ERROR: read_msg errno 0 (The operation completed successfully.)

Error: (09/13/2015 11:39:25 AM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053

Error: (09/13/2015 11:38:42 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: Shadow)
Description: Aplikace windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel se nespustila ve stanovenou dobu.

Error: (09/13/2015 04:32:26 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (09/13/2015 02:46:06 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: Shadow)
Description: Aplikace windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel se nespustila ve stanovenou dobu.

Error: (09/13/2015 12:40:53 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Hearthstone.exe verze 3.0.0.9786 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: e44

Čas spuštění: 01d0edabe5d21782

Čas ukončení: 4294967295

Cesta k aplikaci: X:\Games\battlenet\HeartStone\Hearthstone\Hearthstone.exe

ID hlášení: 51ffbcee-599f-11e5-bf02-001d60db73fe

Úplný název chybujícího balíčku:

ID aplikace související s chybujícím balíčkem:

Error: (09/13/2015 12:22:54 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program opera.exe verze 31.0.1889.174 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 1b74

Čas spuštění: 01d0eda960a2ae07

Čas ukončení: 324

Cesta k aplikaci: C:\Program Files (x86)\Opera\31.0.1889.174\opera.exe

ID hlášení: cbb73933-599c-11e5-bf02-001d60db73fe

Úplný název chybujícího balíčku:

ID aplikace související s chybujícím balíčkem:

System errors:
=============
Error: (09/13/2015 12:54:23 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba BlueStacks Android Service byla ukončena s následující chybou:
%%1064

Error: (09/13/2015 12:54:09 PM) (Source: sptd) (EventID: 4) (User: )
Description: Ovladač zjistil interní chybu ve vlastní struktuře dat u .

Error: (09/13/2015 12:46:23 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (09/13/2015 12:46:22 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (09/13/2015 12:46:22 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (09/13/2015 12:46:22 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (09/13/2015 12:46:22 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (09/13/2015 11:38:27 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error: (09/13/2015 11:38:22 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Error: (09/13/2015 11:38:19 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.

Microsoft Office:
=========================
Error: (03/31/2015 04:36:36 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 6 seconds with 0 seconds of active time. This session ended with a crash.

Error: (10/02/2014 10:59:36 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 4 seconds with 0 seconds of active time. This session ended with a crash.

Error: (10/02/2014 10:59:24 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 5 seconds with 0 seconds of active time. This session ended with a crash.

==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz
Percentage of memory in use: 25%
Total physical RAM: 8191.11 MB
Available physical RAM: 6070.36 MB
Total Virtual: 9407.11 MB
Available Virtual: 7600.25 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.79 GB) (Free:9.21 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive w: (Nový svazek) (Fixed) (Total:2794.39 GB) (Free:1951.89 GB) NTFS
Drive x: (Nový svazek) (Fixed) (Total:931.51 GB) (Free:449.34 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or

(Size: 111.8 GB) (Disk ID: 55CFB930)
Partition 1: (Active) - (Size=111.8 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 2794.5 GB) (Disk ID: CF49ED65)

Partition: GPT.

========================================================
Disk: 2 (MBR Code: Windows 7 or

(Size: 931.5 GB) (Disk ID: 30700721)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Příspěvekod **jerabina** » 13 zář 2015 20:55

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CloseProcesses:

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472992 2013-03-21] (Adobe Systems Incorporated)
HKU\S-1-5-21-3015261777-2400075649-929973636-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3015261777-2400075649-929973636-1001\...\Run: [Steam] => X:\Steam\Steam.exe [2899136 2015-08-19] (Valve Corporation)
HKU\S-1-5-21-3015261777-2400075649-929973636-1001\...\Run: [uTorrent] => C:\Users\Alex\AppData\Roaming\uTorrent\uTorrent.exe [1696096 2015-09-09] (BitTorrent Inc.)
HKU\S-1-5-21-3015261777-2400075649-929973636-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53736048 2015-08-07] (Skype Technologies S.A.)
Startup: C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HDDlife.lnk [2014-10-20]
ShortcutTarget: HDDlife.lnk -> C:\Program Files (x86)\BinarySense\HDDlife 4\HDDlifePro.exe (No File)

FF NewTab: about:newtab
FF Homepage: about:home
FF Plugin-x32: @t.garena.com/garenatalk -> X:\Games\Garena\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll [No File]
FF Extension: No Name - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\pkwim54r.default\extensions\battlefieldheroespatcher@ea.com [not found]

C:\ProgramData\RogueKiller
C:\Users\Alex\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Users\Alex\AppData\Roaming\room_v3.dat

Task: {037711DF-4BAB-410D-9E5E-32C5974306C3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-13] (Adobe Systems Incorporated)
Task: {1456C379-A8E0-45F9-B3AE-E8661FB6D0DB} - System32\Tasks\GoogleUpdateTaskMachineCore1d0458030e09181 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {1FD9FDDA-4BC8-46E0-BB0A-7EF64E0D9AD6} - System32\Tasks\Opera scheduled Autoupdate 1372962362 => C:\Program Files (x86)\Opera\launcher.exe [2015-08-17] (Opera Software)
Task: {6E27F078-D066-4F07-A6A1-E3C2D864AB3F} - System32\Tasks\GoogleUpdateTaskMachineCore1d08f2baf801e57 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {840D9DA4-D3B0-4C74-AB96-E84BCE562E6D} - System32\Tasks\AdobeAAMUpdater-1.0-Shadow-Alex => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-03-21] (Adobe Systems Incorporated)
Task: {983A88E0-F886-47B2-8350-B6464EB00224} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {9D41CBF3-C8F7-4E2D-A9F1-F88FB002F389} - \TweakBit\FixMyPC\Start FixMyPC ?n logon -> No File <==== ATTENTION
Task: {AB56BF77-E3AB-415A-9677-65563035E934} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {C2584237-C864-4278-86DC-A591C9DB62BE} - System32\Tasks\Red Giant Link => C:\Program Files\Red Giant Link\Red Giant Link.exe
Task: {EC742FEF-B541-4D3C-9024-8D3EEE794739} - System32\Tasks\{A2A8282A-64E7-4902-AF1A-41D769061147} => pcalua.exe -a "X:\Games\Stunt Rally CZ\StuntRally.exe" -d "X:\Games\Stunt Rally CZ\"
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

AlternateDataStreams: C:\Users\Alex\Cookies:QjtoGGLGou5Z50pCKxKF30jC3
AlternateDataStreams: C:\Users\Alex\AppData\Local\Temporary Internet Files:ATfKycFIf5Adr5ymesrbUmD

IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com

Hosts:
EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt

Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

_Alex_ · Příspěvekod **_Alex_** » 14 zář 2015 15:58

Fix result of Farbar Recovery Scan Tool (x64) Version:12-09-2015
Ran by Alex (2015-09-14 15:54:30) Run:1
Running from C:\Users\Alex\Desktop
Loaded Profiles: Alex (Available Profiles: Alex)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472992 2013-03-21] (Adobe Systems Incorporated)
HKU\S-1-5-21-3015261777-2400075649-929973636-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3015261777-2400075649-929973636-1001\...\Run: [Steam] => X:\Steam\Steam.exe [2899136 2015-08-19] (Valve Corporation)
HKU\S-1-5-21-3015261777-2400075649-929973636-1001\...\Run: [uTorrent] => C:\Users\Alex\AppData\Roaming\uTorrent\uTorrent.exe [1696096 2015-09-09] (BitTorrent Inc.)
HKU\S-1-5-21-3015261777-2400075649-929973636-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53736048 2015-08-07] (Skype Technologies S.A.)
Startup: C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HDDlife.lnk [2014-10-20]
ShortcutTarget: HDDlife.lnk -> C:\Program Files (x86)\BinarySense\HDDlife 4\HDDlifePro.exe (No File)

FF NewTab: about:newtab
FF Homepage: about:home
FF Plugin-x32: @t.garena.com/garenatalk -> X:\Games\Garena\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll [No File]
FF Extension: No Name - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\pkwim54r.default\extensions\battlefieldheroespatcher@ea.com [not found]

C:\ProgramData\RogueKiller
C:\Users\Alex\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Users\Alex\AppData\Roaming\room_v3.dat

Task: {037711DF-4BAB-410D-9E5E-32C5974306C3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-13] (Adobe Systems Incorporated)
Task: {1456C379-A8E0-45F9-B3AE-E8661FB6D0DB} - System32\Tasks\GoogleUpdateTaskMachineCore1d0458030e09181 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {1FD9FDDA-4BC8-46E0-BB0A-7EF64E0D9AD6} - System32\Tasks\Opera scheduled Autoupdate 1372962362 => C:\Program Files (x86)\Opera\launcher.exe [2015-08-17] (Opera Software)
Task: {6E27F078-D066-4F07-A6A1-E3C2D864AB3F} - System32\Tasks\GoogleUpdateTaskMachineCore1d08f2baf801e57 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {840D9DA4-D3B0-4C74-AB96-E84BCE562E6D} - System32\Tasks\AdobeAAMUpdater-1.0-Shadow-Alex => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-03-21] (Adobe Systems Incorporated)
Task: {983A88E0-F886-47B2-8350-B6464EB00224} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {9D41CBF3-C8F7-4E2D-A9F1-F88FB002F389} - \TweakBit\FixMyPC\Start FixMyPC ?n logon -> No File <==== ATTENTION
Task: {AB56BF77-E3AB-415A-9677-65563035E934} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {C2584237-C864-4278-86DC-A591C9DB62BE} - System32\Tasks\Red Giant Link => C:\Program Files\Red Giant Link\Red Giant Link.exe
Task: {EC742FEF-B541-4D3C-9024-8D3EEE794739} - System32\Tasks\{A2A8282A-64E7-4902-AF1A-41D769061147} => pcalua.exe -a "X:\Games\Stunt Rally CZ\StuntRally.exe" -d "X:\Games\Stunt Rally CZ\"
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

AlternateDataStreams: C:\Users\Alex\Cookies:QjtoGGLGou5Z50pCKxKF30jC3
AlternateDataStreams: C:\Users\Alex\AppData\Local\Temporary Internet Files:ATfKycFIf5Adr5ymesrbUmD

IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 => value removed successfully
HKU\S-1-5-21-3015261777-2400075649-929973636-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value removed successfully
HKU\S-1-5-21-3015261777-2400075649-929973636-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Steam => value removed successfully
HKU\S-1-5-21-3015261777-2400075649-929973636-1001\Software\Microsoft\Windows\CurrentVersion\Run\\uTorrent => value removed successfully
HKU\S-1-5-21-3015261777-2400075649-929973636-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Skype => value removed successfully
C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HDDlife.lnk => moved successfully
C:\Program Files (x86)\BinarySense\HDDlife 4\HDDlifePro.exe => not found.
Firefox "newtab" removed successfully
Firefox "homepage" removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@t.garena.com/garenatalk" => key removed successfully
C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\pkwim54r.default\extensions\battlefieldheroespatcher@ea.com => path removed successfully
C:\ProgramData\RogueKiller => moved successfully
C:\Users\Alex\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
C:\Users\Alex\AppData\Roaming\room_v3.dat => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{037711DF-4BAB-410D-9E5E-32C5974306C3}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{037711DF-4BAB-410D-9E5E-32C5974306C3}" => key removed successfully
C:\Windows\System32\Tasks\Adobe Flash Player Updater => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player Updater" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1456C379-A8E0-45F9-B3AE-E8661FB6D0DB}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1456C379-A8E0-45F9-B3AE-E8661FB6D0DB}" => key removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1d0458030e09181 => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore1d0458030e09181" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{1FD9FDDA-4BC8-46E0-BB0A-7EF64E0D9AD6}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1FD9FDDA-4BC8-46E0-BB0A-7EF64E0D9AD6}" => key removed successfully
C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1372962362 => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera scheduled Autoupdate 1372962362" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6E27F078-D066-4F07-A6A1-E3C2D864AB3F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6E27F078-D066-4F07-A6A1-E3C2D864AB3F}" => key removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1d08f2baf801e57 => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore1d08f2baf801e57" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{840D9DA4-D3B0-4C74-AB96-E84BCE562E6D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{840D9DA4-D3B0-4C74-AB96-E84BCE562E6D}" => key removed successfully
C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-Shadow-Alex => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AdobeAAMUpdater-1.0-Shadow-Alex" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{983A88E0-F886-47B2-8350-B6464EB00224}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{983A88E0-F886-47B2-8350-B6464EB00224}" => key removed successfully
C:\Windows\System32\Tasks\Adobe Acrobat Update Task => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Acrobat Update Task" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9D41CBF3-C8F7-4E2D-A9F1-F88FB002F389}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9D41CBF3-C8F7-4E2D-A9F1-F88FB002F389}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\TweakBit\FixMyPC\Start FixMyPC ?n logon => key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AB56BF77-E3AB-415A-9677-65563035E934}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AB56BF77-E3AB-415A-9677-65563035E934}" => key removed successfully
C:\Windows\System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Application Experience\ProgramDataUpdater" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C2584237-C864-4278-86DC-A591C9DB62BE}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C2584237-C864-4278-86DC-A591C9DB62BE}" => key removed successfully
C:\Windows\System32\Tasks\Red Giant Link => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Red Giant Link" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EC742FEF-B541-4D3C-9024-8D3EEE794739}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EC742FEF-B541-4D3C-9024-8D3EEE794739}" => key removed successfully
C:\Windows\System32\Tasks\{A2A8282A-64E7-4902-AF1A-41D769061147} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A2A8282A-64E7-4902-AF1A-41D769061147}" => key removed successfully
C:\Windows\Tasks\Adobe Flash Player Updater.job => moved successfully
"C:\Users\Alex\Cookies" => ":QjtoGGLGou5Z50pCKxKF30jC3" ADS not found.
"C:\Users\Alex\AppData\Local\Temporary Internet Files" => ":ATfKycFIf5Adr5ymesrbUmD" ADS not found.
"HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\clonewarsadventures.com" => key removed successfully
"HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\freerealms.com" => key removed successfully
"HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\soe.com" => key removed successfully
"HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sony.com" => key removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 291.7 MB temporary data Removed.

The system needed a reboot..

==== End of Fixlog 15:54:33 ====

Windows 8 x64 - explorer.exe - High CPU usage - kontrola logu

Windows 8 x64 - explorer.exe - High CPU usage - kontrola logu

Re: Windows 8 x64 - explorer.exe - High CPU usage - kontrola logu

Re: Windows 8 x64 - explorer.exe - High CPU usage - kontrola logu

Re: Windows 8 x64 - explorer.exe - High CPU usage - kontrola logu

Re: Windows 8 x64 - explorer.exe - High CPU usage - kontrola logu

Re: Windows 8 x64 - explorer.exe - High CPU usage - kontrola logu

Re: Windows 8 x64 - explorer.exe - High CPU usage - kontrola logu

Re: Windows 8 x64 - explorer.exe - High CPU usage - kontrola logu

Re: Windows 8 x64 - explorer.exe - High CPU usage - kontrola logu

Re: Windows 8 x64 - explorer.exe - High CPU usage - kontrola logu

Re: Windows 8 x64 - explorer.exe - High CPU usage - kontrola logu

Re: Windows 8 x64 - explorer.exe - High CPU usage - kontrola logu

Kdo je online