Podezřelé chování PC

[Wayshan]

Omlouvám se za delší časovou prodlevu,

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:15:22, on 30.4.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17728)


Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Gaming Keyboard\Monitor.EXE
C:\Program Files\Hp\HP Software Update\hpwuschd2.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\Gaming Keyboard\OSD.exe
C:\Windows\system32\RunDll32.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Winamp\winamp.exe
C:\Users\uzivatel\Desktop\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [ShadowPlay] C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
O4 - HKLM\..\Run: [NvBackend] "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [VICTORY Gaming Keyboard] "C:\Program Files\Gaming Keyboard\Monitor.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - Startup: Sledovat výstrahy inkoustu - HP Deskjet 1510 series.lnk = ?
O4 - Global Startup: TP-LINK Wireless Configuration Utility.lnk = C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Active File Monitor V9 (AdobeActiveFileMonitor9.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Application Driver Auto Removal Service (01) (appdrvrem01) - Protection Technology - C:\Windows\System32\appdrvrem01.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: BlueSoleilCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe (file missing)
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files\BlueStacks\HD-Service.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files\BlueStacks\HD-LogRotatorService.exe
O23 - Service: BlueStacks Updater Service;gadgetDataDir=C:\ProgramData\BlueStacks\UserData\Gadget" (BstHdUpdaterSvc) - BlueStack Systems, Inc. - C:\Program Files\BlueStacks\HD-UpdaterService.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate1ca646f683b9d3e) (gupdate1ca646f683b9d3e) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files\Origin\OriginClientService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files\Tunngle\TnglCtrl.exe

--
End of file - 7905 bytes


aswMBR version 1.0.1.2290 Copyright(c) 2014 AVAST Software
Run date: 2015-04-30 15:59:06
-----------------------------
15:59:06.708 OS Version: Windows 6.1.7601 Service Pack 1
15:59:06.708 Number of processors: 2 586 0x170A
15:59:06.708 ComputerName: UZIVATEL-PC UserName: uzivatel
15:59:13.089 Initialize success
15:59:13.229 VM: initialized successfully
15:59:13.229 VM: Intel CPU supported
15:59:24.524 VM: supported disk I/O ataport.SYS
15:59:28.299 AVAST engine defs: 15043000
15:59:49.484 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
15:59:49.484 Disk 0 Vendor: SAMSUNG_HD753LJ 1AA01118 Size: 715403MB BusType: 3
15:59:49.624 Disk 0 MBR read successfully
15:59:49.640 Disk 0 MBR scan
15:59:49.640 Disk 0 Windows 7 default MBR code
15:59:49.640 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 707397 MB offset 2048
15:59:49.656 Disk 0 default boot code
15:59:49.687 Disk 0 Partition 2 00 27 Hidden NTFS WinRE NTFS 8000 MB offset 1448751104
15:59:49.702 Disk 0 scanning sectors +1465135104
15:59:49.749 Disk 0 scanning C:\Windows\system32\drivers
16:00:00.794 Service scanning
16:00:23.211 Modules scanning
16:00:23.211 Disk 0 trace - called modules:
16:00:23.227 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS intelide.sys PCIIDEX.SYS atapi.sys
16:00:23.242 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86f38030]
16:00:23.242 3 CLASSPNP.SYS[8ccbf59e] -> nt!IofCallDriver -> [0x861b8608]
16:00:23.258 5 ACPI.sys[8c5543d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x861b4610]
16:00:24.303 AVAST engine scan C:\Windows
16:00:26.487 AVAST engine scan C:\Windows\system32
16:02:32.613 AVAST engine scan C:\Windows\system32\drivers
16:02:44.719 AVAST engine scan C:\Users\uzivatel
16:05:21.265 Disk 0 MBR has been saved successfully to "C:\Users\uzivatel\Desktop\MBR.dat"
16:05:21.265 The log file has been saved successfully to "C:\Users\uzivatel\Desktop\aswMBR.txt"

Jinak s PC žádné problémy nepozoruji. Maximálně tak to, že se čím dál tím víc zpomaluje, zejména při startu. To bude nejspíš ale starším hardwarem... Mít tak v kapse dvacet tisíc

[Reklama]

[mople71]

Hm, můžeš udělat ještě jeden sken? Bylo tam toho hodně... Boot zrychlíme potom.


Stáhni si prosím FRST: http://www.bleepingcomputer.com/downloa ... ool/dl/81/

Ulož na Plochu, spusť jako Správce, potvrď licenci a klikni na tlačítko Scan. Vše ponech v základním nastavení, nic nezatrhávej.

Po dokončení skenu na tebe vyjedou dva logy, oba sem prosím zkopíruj.

[Wayshan]

Ahoj, díky za to, že i Tobě za ochotu a tvůj čas, vážím si toho
Jinak já se v tom tolik nevyznám, ale bootování je proces, který probíhá těsně po spuštění PC, ne? Protože PC se nastartuje (=nabootuje?) relativně rychle, pomalejší část je přihlášení se do libovolného uživatelského profilu a startování prvních programů. Např. když poprvé zapínám prohlížeš nebo Skype. (Já vím, že ze začátku je to vždycky pomalejší, ale poslední dobou je to pomalejší než dřív)

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 29-04-2015 01
Ran by uzivatel (administrator) on UZIVATEL-PC on 01-05-2015 16:10:33
Running from C:\Users\uzivatel\Desktop
Loaded Profiles: uzivatel (Available profiles: uzivatel & Madlenka & Rodina)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
(BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-UpdaterService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hewlett-Packard Company) C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Program Files\Gaming Keyboard\Monitor.EXE
(Hewlett-Packard) C:\Program Files\Hp\HP Software Update\hpwuschd2.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Program Files\Gaming Keyboard\OSD.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(BitTorrent Inc.) C:\Users\uzivatel\AppData\Roaming\uTorrent\uTorrent.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7739936 2009-09-11] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM\...\Run: [SwitchBoard] => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS6ServiceManager] => C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5512912 2015-04-09] (Avast Software s.r.o.)
HKLM\...\Run: [VICTORY Gaming Keyboard] => C:\Program Files\Gaming Keyboard\Monitor.exe [270336 2013-04-09] ()
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM\...\Run: [] => [X]
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-21-3545453532-2280684333-2720647477-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6278424 2015-04-23] (Piriform Ltd)
HKU\S-1-5-21-3545453532-2280684333-2720647477-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [293888 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk [2012-12-20]
ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe ()
Startup: C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sledovat výstrahy inkoustu - HP Deskjet 1510 series.lnk [2015-04-22]
ShortcutTarget: Sledovat výstrahy inkoustu - HP Deskjet 1510 series.lnk -> C:\Program Files\Hp\HP Deskjet 1510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-04-09] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-02-19] (Google)
ShellIconOverlayIdentifiers: [GDriveSharedEditOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-02-19] (Google)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-02-19] (Google)
ShellIconOverlayIdentifiers: [GDriveSharedViewOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-02-19] (Google)
ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-02-19] (Google)
ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-02-19] (Google)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3545453532-2280684333-2720647477-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-3545453532-2280684333-2720647477-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3545453532-2280684333-2720647477-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09] (Skype Technologies S.A.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
FF Plugin: @esn/npbattlelog,version=2.4.0 -> C:\Program Files\Battlelog Web Plugins\2.4.0\npbattlelog.dll [2014-05-26] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-12-28] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-12-28] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-05-20] (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-05-20] (NVIDIA Corporation)
FF Plugin: @pack.google.com/Google Updater;version=14 -> C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll No File
FF Plugin: @t.garena.com/garenatalk -> C:\Program Files\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll No File
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-04-11] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [2013-12-03] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3545453532-2280684333-2720647477-1000: ubisoft.com/uplaypc -> C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2014-07-12] ()
FF Extension: No Name - C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\profiles\extensions\extensions [2013-05-26]
FF Extension: No Name - C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\profiles\extensions\searchplugins [2013-11-27]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-02-27]

Chrome:
=======
CHR Profile: C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-09]
CHR Extension: (Google Docs) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-09]
CHR Extension: (Google Drive) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-09]
CHR Extension: (YouTube) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-09]
CHR Extension: (Google Search) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-09]
CHR Extension: (Google Sheets) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-09]
CHR Extension: (BetaFish Adblocker) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-04-10]
CHR Extension: (Bookmark Manager) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-17]
CHR Extension: (Avast Online Security) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-11-09]
CHR Extension: (Skype Click to Call) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-04-09]
CHR Extension: (Google Wallet) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-09]
CHR Extension: (Gmail) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-09]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-09]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-10-09]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeActiveFileMonitor9.0; C:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [169408 2010-09-30] (Adobe Systems Incorporated)
S2 appdrvrem01; C:\Windows\System32\appdrvrem01.exe [316816 2010-09-28] (Protection Technology)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-09] (Avast Software s.r.o.)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3205216 2015-04-09] (Avast Software)
S2 BstHdAndroidSvc; C:\Program Files\BlueStacks\HD-Service.exe [429784 2015-03-10] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files\BlueStacks\HD-LogRotatorService.exe [388824 2015-03-10] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files\BlueStacks\HD-UpdaterService.exe [794328 2015-03-10] (BlueStack Systems, Inc.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [915600 2014-12-13] (NVIDIA Corporation)
S2 gupdate1ca646f683b9d3e; C:\Program Files\Google\Update\GoogleUpdate.exe [107912 2014-11-09] (Google Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe [89840 2015-03-28] (Hewlett-Packard Company)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
S3 npggsvc; C:\Windows\system32\GameMon.des [3852792 2010-09-08] (INCA Internet Co., Ltd.) [File not signed]
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18186896 2014-12-13] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files\Origin\OriginClientService.exe [1910640 2015-03-04] (Electronic Arts)
S3 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [575488 2008-09-08] (Nokia.) [File not signed]
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 TunngleService; C:\Program Files\Tunngle\TnglCtrl.exe [792016 2015-02-09] (Tunngle.net GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
S2 BlueSoleilCS; C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 appdrv01; C:\Windows\System32\Drivers\appdrv01.sys [3033200 2010-09-28] (Protection Technology)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24144 2015-04-09] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [73440 2015-04-09] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-04-09] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49904 2015-04-09] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [788272 2015-04-09] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427736 2015-04-09] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [106912 2015-04-09] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [208024 2015-04-09] ()
R3 athur; C:\Windows\System32\DRIVERS\athur.sys [1500160 2010-01-05] (Atheros Communications, Inc.)
R2 BstHdDrv; C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys [131800 2015-03-10] (BlueStack Systems)
R0 BtHidBus; C:\Windows\System32\Drivers\BtHidBus.sys [19592 2009-09-24] (IVT Corporation.)
S3 btnetBUs; C:\Windows\System32\Drivers\btnetBus.sys [22528 2009-09-24] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2014-05-03] (Disc Soft Ltd)
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
S3 Huawei; C:\Windows\System32\DRIVERS\ewdcsc.sys [23424 2009-12-15] (Huawei Tech. Co., Ltd.)
S3 IvtBtBUs; C:\Windows\System32\Drivers\IvtBtBus.sys [25480 2009-08-26] (IVT Corporation.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-03-17] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2015-03-26] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-03-17] (Malwarebytes Corporation)
R3 NCHSSVAD; C:\Windows\System32\drivers\nchssvad.sys [21120 2011-10-02] (NCH Swift Sound) [File not signed]
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [18576 2014-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [32912 2014-11-22] (NVIDIA Corporation)
S1 prodrv06; C:\Windows\System32\drivers\prodrv06.sys [53920 2004-08-09] (Protection Technology) [File not signed]
S0 prohlp02; C:\Windows\System32\drivers\prohlp02.sys [114016 2004-08-09] (Protection Technology) [File not signed]
S0 prosync1; C:\Windows\System32\drivers\prosync1.sys [7040 2004-07-19] (Protection Technology) [File not signed]
S3 RTCore32; C:\Program Files\MSI Afterburner\RTCore32.sys [5632 2013-03-11] () [File not signed]
S0 sfhlp01; C:\Windows\System32\drivers\sfhlp01.sys [4832 2003-12-01] (Protection Technology) [File not signed]
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [685816 2011-05-31] (Duplex Secure Ltd.)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [27136 2009-09-16] (Tunngle.net)
S3 trustms; C:\Windows\System32\drivers\trustms.sys [9600 2010-11-15] ()
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220240 2015-04-09] (Avast Software)
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 BT; system32\DRIVERS\btnetdrv.sys [X]
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [198656 2009-12-15] (Huawei Technologies Co., Ltd.)
S3 GGSAFERDriver; \??\C:\Program Files\Garena Plus\Room\safedrv.sys [X]
S3 upperdev; system32\DRIVERS\usbser_lowerflt.sys [X]
S3 VComm; system32\DRIVERS\VComm.sys [X]
S3 VcommMgr; System32\Drivers\VcommMgr.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-01 16:10 - 2015-05-01 16:10 - 00020738 _____ () C:\Users\uzivatel\Desktop\FRST.txt
2015-05-01 16:10 - 2015-05-01 16:10 - 00000000 ____D () C:\FRST
2015-05-01 16:09 - 2015-05-01 16:09 - 02101248 _____ (Farbar) C:\Users\uzivatel\Desktop\FRST64.exe
2015-05-01 16:09 - 2015-05-01 16:09 - 01140736 _____ (Farbar) C:\Users\uzivatel\Desktop\FRST.exe
2015-05-01 12:51 - 2015-05-01 12:51 - 00046479 _____ () C:\Users\uzivatel\Desktop\the.flash.2014.s01e20.hdtv.x264-lol.srt
2015-05-01 12:46 - 2015-05-01 12:46 - 00020201 _____ () C:\Users\uzivatel\Desktop\[kickass.to]the.flash.1x20.hdtv.x264.lol.vtv.torrent
2015-05-01 12:45 - 2015-05-01 12:45 - 00020201 _____ () C:\Users\uzivatel\Desktop\[androidromdev.com]The Flash 1x20 (HDTV-x264-LOL)[VTV].torrent
2015-05-01 00:11 - 2015-05-01 00:11 - 00055090 _____ () C:\Users\uzivatel\Desktop\Arrow - 03x21 - Al Sah-Him.LOL.colored.English.HI.C.updated.Addic7ed.com.srt
2015-04-30 23:32 - 2015-04-30 23:32 - 00021432 _____ () C:\Users\uzivatel\Desktop\[kickass.to]arrow.3x21.hdtv.x264.lol.vtv.torrent
2015-04-30 20:06 - 2015-04-30 20:06 - 00002169 _____ () C:\Users\uzivatel\Desktop\Settlers Expansion.lnk
2015-04-30 20:06 - 2015-04-30 20:06 - 00002030 _____ () C:\Users\uzivatel\Desktop\Settlers.lnk
2015-04-30 17:16 - 2015-04-30 17:19 - 00000000 ____D () C:\Users\uzivatel\Desktop\Posudky
2015-04-30 16:05 - 2015-04-30 16:05 - 00002078 _____ () C:\Users\uzivatel\Desktop\aswMBR.txt
2015-04-30 16:05 - 2015-04-30 16:05 - 00000512 _____ () C:\Users\uzivatel\Desktop\MBR.dat
2015-04-30 15:58 - 2015-04-30 15:58 - 05200384 _____ (AVAST Software) C:\Users\uzivatel\Desktop\aswmbr.exe
2015-04-30 15:26 - 2015-04-30 15:26 - 00014394 _____ () C:\Windows\DPINST.LOG
2015-04-30 15:13 - 2015-05-01 14:15 - 00000616 _____ () C:\Windows\setupact.log
2015-04-30 15:13 - 2015-04-30 15:13 - 00000000 _____ () C:\Windows\setuperr.log
2015-04-30 15:07 - 2015-04-30 15:07 - 00000000 ____D () C:\Users\uzivatel\Documents\Záloha registrů
2015-04-30 14:45 - 2015-04-30 14:45 - 00000935 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-04-30 14:45 - 2015-04-30 14:45 - 00000000 ____D () C:\Program Files\CCleaner
2015-04-30 14:42 - 2015-04-30 14:43 - 06484352 _____ (Piriform Ltd) C:\Users\uzivatel\Desktop\ccsetup505.exe
2015-04-29 18:40 - 2015-04-29 19:12 - 00000000 ____D () C:\Users\uzivatel\Desktop\Zlo & Dobro
2015-04-29 17:52 - 2015-04-29 17:52 - 00000329 _____ () C:\Users\uzivatel\Desktop\Diagnostické nástroje pro tiskárny HP.url
2015-04-29 01:12 - 2015-04-29 21:12 - 00000000 ____D () C:\War2Combat
2015-04-29 01:12 - 2015-04-29 01:12 - 00001567 _____ () C:\Users\uzivatel\Desktop\War2Combat.lnk
2015-04-29 01:12 - 2015-04-29 01:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Warcraft 2 Combat Edition
2015-04-29 01:06 - 2015-04-29 01:07 - 24081761 _____ (War2 Combat RU ) C:\Users\uzivatel\Desktop\War2Combat401.exe
2015-04-25 14:50 - 2015-04-25 14:50 - 00032615 _____ () C:\Users\uzivatel\Desktop\arrow.s03e20.hdtv.x264-lol.srt
2015-04-25 14:41 - 2015-04-25 14:41 - 00019092 _____ () C:\Users\uzivatel\Desktop\[kickass.to]arrow.3x20.hdtv.x264.lol.vtv.torrent
2015-04-23 09:16 - 2015-04-23 09:46 - 00000000 ____D () C:\Users\uzivatel\Desktop\Deprotect
2015-04-23 09:15 - 2015-04-23 09:15 - 01615177 _____ () C:\Users\uzivatel\Desktop\Deprotect-final.zip
2015-04-23 01:06 - 2015-04-30 14:53 - 00000000 ____D () C:\Users\uzivatel\AppData\Local\CrashDumps
2015-04-22 15:33 - 2015-04-29 18:21 - 00000000 ____D () C:\Users\uzivatel\AppData\Roaming\HpUpdate
2015-04-22 15:33 - 2015-04-22 15:33 - 00002178 _____ () C:\Users\Public\Desktop\HP Deskjet 1510 series.lnk
2015-04-22 15:33 - 2015-04-22 15:33 - 00000000 ____D () C:\ProgramData\Visan
2015-04-22 15:33 - 2015-04-22 15:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2015-04-22 15:33 - 2015-04-22 15:33 - 00000000 ____D () C:\ProgramData\HP Photo Creations
2015-04-22 15:33 - 2015-04-22 15:33 - 00000000 ____D () C:\Program Files\HP Photo Creations
2015-04-22 15:32 - 2015-04-22 15:32 - 00000000 ____D () C:\ProgramData\HP
2015-04-22 15:31 - 2015-04-22 15:55 - 00000000 ____D () C:\Users\uzivatel\AppData\Local\HP
2015-04-22 15:31 - 2015-04-22 15:31 - 00000057 _____ () C:\ProgramData\Ament.ini
2015-04-20 16:50 - 2015-04-20 16:50 - 00000947 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2015-04-20 16:50 - 2015-04-20 16:50 - 00000935 _____ () C:\Users\Public\Desktop\Audacity.lnk
2015-04-20 16:50 - 2015-04-20 16:50 - 00000000 ____D () C:\Program Files\Audacity
2015-04-18 19:07 - 2015-04-30 15:18 - 00000000 ____D () C:\Program Files\BlueStacks
2015-04-18 19:07 - 2015-04-18 19:07 - 00000000 ____D () C:\Users\uzivatel\AppData\Local\Bluestacks
2015-04-18 19:07 - 2015-04-18 19:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
2015-04-18 19:07 - 2015-04-18 19:07 - 00000000 ____D () C:\ProgramData\BlueStacks
2015-04-18 19:04 - 2015-04-18 19:05 - 13611736 _____ (BlueStack Systems Inc.) C:\Users\uzivatel\Desktop\BlueStacks-ThinInstaller.exe
2015-04-16 21:00 - 2015-04-22 15:33 - 00000000 ____D () C:\Program Files\Hp
2015-04-16 21:00 - 2015-04-22 15:33 - 00000000 ____D () C:\Program Files\Hewlett-Packard
2015-04-16 20:25 - 2015-04-29 19:47 - 00000000 ____D () C:\Users\uzivatel\Desktop\MATURITA OTÁZKY
2015-04-15 22:43 - 2015-04-15 23:29 - 818932358 _____ () C:\Users\uzivatel\Desktop\v-srdci-boure-churchill-ve-valce-2009-dvdrip-cz-by-pablos33_PC.avi
2015-04-15 21:24 - 2015-04-15 21:24 - 00025600 _____ () C:\Users\uzivatel\Desktop\329E.tmp
2015-04-15 14:55 - 2015-04-02 01:49 - 00342704 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-04-15 14:55 - 2015-03-23 05:06 - 00860160 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-15 14:55 - 2015-03-23 05:06 - 00630784 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-15 14:55 - 2015-03-23 05:06 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-15 14:55 - 2015-03-23 05:06 - 00331264 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-15 14:55 - 2015-03-23 05:06 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-15 14:55 - 2015-03-23 05:06 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-15 14:55 - 2015-03-23 05:06 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-15 14:55 - 2015-03-23 04:59 - 00896000 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-15 14:55 - 2015-03-17 07:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-04-15 14:55 - 2015-03-17 07:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-15 14:55 - 2015-03-17 07:01 - 00137656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-15 14:55 - 2015-03-17 07:01 - 00067512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-04-15 14:55 - 2015-03-17 06:59 - 01306112 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-15 14:55 - 2015-03-17 06:57 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-15 14:55 - 2015-03-17 06:57 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-15 14:55 - 2015-03-17 06:57 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-04-15 14:55 - 2015-03-17 06:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-04-15 14:55 - 2015-03-17 06:57 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-15 14:55 - 2015-03-17 06:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-04-15 14:55 - 2015-03-17 06:57 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-04-15 14:55 - 2015-03-17 06:57 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-04-15 14:55 - 2015-03-17 06:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-04-15 14:55 - 2015-03-17 06:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-04-15 14:55 - 2015-03-17 06:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-04-15 14:55 - 2015-03-17 06:57 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-04-15 14:55 - 2015-03-17 06:56 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-04-15 14:55 - 2015-03-17 06:56 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-04-15 14:55 - 2015-03-17 06:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-04-15 14:55 - 2015-03-17 06:56 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-04-15 14:55 - 2015-03-17 06:56 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-04-15 14:55 - 2015-03-17 06:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-04-15 14:55 - 2015-03-17 06:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-15 14:55 - 2015-03-17 06:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-04-15 14:55 - 2015-03-17 06:50 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-15 14:55 - 2015-03-17 06:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-04-15 14:55 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-15 14:55 - 2015-03-13 05:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-15 14:55 - 2015-03-13 05:42 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-04-15 14:55 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-15 14:55 - 2015-03-13 05:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-04-15 14:55 - 2015-03-13 05:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-15 14:55 - 2015-03-13 05:27 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-04-15 14:55 - 2015-03-13 05:26 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-04-15 14:55 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-15 14:55 - 2015-03-13 05:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-15 14:55 - 2015-03-13 05:20 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-04-15 14:55 - 2015-03-13 05:17 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-15 14:55 - 2015-03-13 05:16 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-15 14:55 - 2015-03-13 05:16 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-04-15 14:55 - 2015-03-13 05:15 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-04-15 14:55 - 2015-03-13 05:09 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-15 14:55 - 2015-03-13 05:06 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-15 14:55 - 2015-03-13 05:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-15 14:55 - 2015-03-13 04:57 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-04-15 14:55 - 2015-03-13 04:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-15 14:55 - 2015-03-13 04:54 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-15 14:55 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-15 14:55 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-15 14:55 - 2015-03-13 04:43 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-15 14:55 - 2015-03-13 04:43 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-15 14:55 - 2015-03-13 04:42 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-04-15 14:55 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-15 14:55 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-15 14:55 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-15 14:55 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-15 14:55 - 2015-03-05 06:06 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-15 14:55 - 2015-03-04 06:16 - 00249784 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-15 14:55 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-15 14:54 - 2015-03-25 05:00 - 03088384 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-15 14:54 - 2015-03-25 05:00 - 02020864 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-15 14:54 - 2015-03-25 05:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-15 14:54 - 2015-03-25 05:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-15 14:54 - 2015-03-25 05:00 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-15 14:54 - 2015-03-25 05:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-15 14:54 - 2015-03-25 05:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-15 14:54 - 2015-03-25 05:00 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-15 14:54 - 2015-03-25 05:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-15 14:54 - 2015-03-25 05:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-15 14:54 - 2015-03-25 05:00 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 14:54 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-15 14:54 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-15 14:54 - 2015-02-25 05:03 - 00514560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-13 18:39 - 2015-04-13 18:39 - 00045174 _____ () C:\Users\uzivatel\Desktop\Game.of.Thrones.S05E01.HDTV.x264-Xclusive.srt
2015-04-13 18:33 - 2015-04-13 18:33 - 00050506 _____ () C:\Users\uzivatel\Desktop\Game.of.Thrones.S05E02.HDTV.x264-Xclusive.srt
2015-04-13 16:58 - 2011-11-06 20:35 - 15542577 _____ () C:\Users\uzivatel\Downloads\OpenTTD_music_part3.zip
2015-04-13 16:58 - 2011-11-06 20:34 - 18615993 _____ () C:\Users\uzivatel\Downloads\OpenTTD_music_part2.zip
2015-04-13 16:58 - 2011-11-06 20:33 - 24018093 _____ () C:\Users\uzivatel\Downloads\OpenTTD_music_part1.zip
2015-04-13 16:50 - 2015-04-13 16:58 - 116783001 _____ () C:\Users\uzivatel\Downloads\OpenTTD music by imuh3.zip
2015-04-13 16:40 - 2015-04-13 16:40 - 00012467 _____ () C:\Users\uzivatel\Desktop\[kickass.hid.im]game.of.thrones.s05e01.hdtv.x264.xclusive.mp4.torrent
2015-04-12 18:32 - 2015-04-21 23:25 - 00000000 ____D () C:\Users\uzivatel\Documents\OpenTTD
2015-04-12 18:31 - 2015-04-12 18:31 - 00000919 _____ () C:\Users\Public\Desktop\OpenTTD.lnk
2015-04-12 18:31 - 2015-04-12 18:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenTTD
2015-04-12 18:31 - 2015-04-12 18:31 - 00000000 ____D () C:\Program Files\OpenTTD
2015-04-12 18:30 - 2015-04-12 18:31 - 07494165 _____ (OpenTTD Developers) C:\Users\uzivatel\Downloads\openttd-1.5.0-windows-win32.exe
2015-04-11 20:35 - 2015-04-11 20:35 - 00001547 _____ () C:\Users\uzivatel\Desktop\OS WE.exe – zástupce.lnk
2015-04-11 17:59 - 2015-04-11 17:59 - 00049230 _____ () C:\Users\uzivatel\Downloads\Rostliny z pouste.zip
2015-04-11 17:58 - 2015-04-11 17:59 - 00252752 _____ () C:\Users\uzivatel\Downloads\Portal sukub.zip
2015-04-11 17:56 - 2015-04-11 17:56 - 00239677 _____ () C:\Users\uzivatel\Downloads\5142_HG.rar
2015-04-11 17:56 - 2015-04-11 17:56 - 00051842 _____ () C:\Users\uzivatel\Downloads\5141_Orlean.rar
2015-04-10 17:23 - 2015-04-10 17:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gaming Keyboard
2015-04-10 16:27 - 2015-04-30 14:40 - 00000000 ____D () C:\Windows\erdnt
2015-04-09 23:21 - 2015-04-09 22:49 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-04-09 22:56 - 2015-04-09 23:24 - 00016032 _____ () C:\zoek-results.log
2015-04-09 22:49 - 2015-04-09 23:18 - 00000000 ____D () C:\zoek_backup
2015-04-09 22:48 - 2015-04-09 22:48 - 01305600 _____ () C:\Users\uzivatel\Desktop\zoek.exe
2015-04-09 22:37 - 2015-04-09 22:37 - 00000000 ____D () C:\Windows\system32\vbox
2015-04-09 22:35 - 2015-04-10 16:15 - 00035064 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2015-04-09 22:35 - 2015-04-09 22:38 - 00000000 ____D () C:\ProgramData\RogueKiller
2015-04-09 22:29 - 2015-04-09 22:30 - 00122168 _____ (SuperAdBlocker.com) C:\Users\uzivatel\Desktop\BootSafe.exe
2015-04-09 21:05 - 2015-04-09 21:35 - 00000127 _____ () C:\Users\uzivatel\Desktop\Song.txt
2015-04-09 20:52 - 2015-04-09 20:51 - 00291312 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-04-09 20:51 - 2015-04-09 20:51 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-04-08 16:05 - 2015-04-09 22:02 - 00000115 _____ () C:\Users\uzivatel\Desktop\Wizard101CRAFTING.txt
2015-04-05 19:59 - 2015-04-05 21:26 - 00000000 ____D () C:\ProgramData\Tunngle
2015-04-05 19:59 - 2015-04-05 20:00 - 00000000 ____D () C:\Program Files\Tunngle
2015-04-05 19:59 - 2015-04-05 19:59 - 00000919 _____ () C:\Users\Public\Desktop\Tunngle.lnk
2015-04-05 19:59 - 2015-04-05 19:59 - 00000000 ____D () C:\Users\Public\Documents\Tunngle
2015-04-05 19:59 - 2015-04-05 19:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tunngle
2015-04-05 19:46 - 2015-04-05 19:47 - 04800816 _____ (Tunngle.net GmbH ) C:\Users\uzivatel\Desktop\Tunngle_Setup_v5.2.exe
2015-04-05 01:57 - 2015-04-05 01:58 - 00000000 ___SD () C:\Windows\system32\GWX
2015-04-04 20:16 - 2015-04-04 20:16 - 00001396 _____ () C:\Users\uzivatel\Desktop\Skype.lnk

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-01 16:10 - 2009-11-13 16:31 - 01389657 _____ () C:\Windows\WindowsUpdate.log
2015-05-01 16:09 - 2014-05-01 22:22 - 00000000 ____D () C:\Users\uzivatel\AppData\Roaming\uTorrent
2015-05-01 16:07 - 2009-12-25 01:17 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-01 16:07 - 2009-12-25 01:17 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-01 15:37 - 2012-04-02 17:18 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-01 13:35 - 2012-06-12 00:26 - 00000000 ____D () C:\Users\uzivatel\AppData\Roaming\vlc
2015-05-01 12:46 - 2014-05-02 16:35 - 00000000 ____D () C:\Users\uzivatel\Desktop\Torenty
2015-05-01 10:45 - 2013-06-13 17:47 - 00000000 ____D () C:\Users\uzivatel\AppData\Local\Adobe
2015-05-01 10:44 - 2009-07-14 06:34 - 00018928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-01 10:44 - 2009-07-14 06:34 - 00018928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-01 10:35 - 2009-11-13 16:41 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-05-01 10:35 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-01 01:08 - 2010-05-11 18:03 - 00000000 ____D () C:\Users\uzivatel\AppData\Roaming\Skype
2015-05-01 00:16 - 2011-02-13 22:00 - 25527296 ___SH () C:\Users\uzivatel\Desktop\Thumbs.db
2015-05-01 00:03 - 2014-03-05 19:42 - 00000000 ____D () C:\Users\uzivatel\AppData\Local\Battle.net
2015-04-30 19:27 - 2011-05-31 15:15 - 00000000 ____D () C:\Users\uzivatel\AppData\Roaming\DAEMON Tools Lite
2015-04-30 19:21 - 2013-01-03 19:37 - 00000000 ___RD () C:\Users\uzivatel\Desktop\Soubory ISO
2015-04-30 17:03 - 2011-09-24 21:08 - 00000000 ____D () C:\Users\uzivatel\AppData\Roaming\Audacity
2015-04-30 16:15 - 2015-03-24 19:05 - 00007906 _____ () C:\Users\uzivatel\Desktop\hijackthis.log
2015-04-30 15:52 - 2009-11-13 16:34 - 01584626 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-30 15:33 - 2012-01-30 18:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PremiumSoft
2015-04-30 15:26 - 2014-05-27 17:35 - 00000000 ____D () C:\Program Files\HTC
2015-04-30 15:24 - 2010-12-10 23:57 - 00000000 ____D () C:\Fraps
2015-04-30 15:14 - 2012-02-18 22:46 - 00000000 ____D () C:\Program Files\Origin Games
2015-04-30 15:13 - 2009-07-14 06:52 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-04-30 15:09 - 2012-11-09 20:38 - 00000000 ____D () C:\Windows\pss
2015-04-30 14:56 - 2014-05-04 21:41 - 00000000 ____D () C:\Program Files\Steam
2015-04-30 14:56 - 2012-09-14 19:42 - 00000000 ____D () C:\Users\uzivatel\AppData\Roaming\Media Player Classic
2015-04-30 14:56 - 2012-01-02 19:43 - 00000000 ____D () C:\Users\uzivatel\AppData\Roaming\TeamViewer
2015-04-30 14:56 - 2010-12-16 17:55 - 00000000 ____D () C:\Users\uzivatel\Tracing
2015-04-30 14:53 - 2011-09-05 19:51 - 00000000 ____D () C:\Windows\Minidump
2015-04-30 14:53 - 2009-11-13 16:07 - 00000000 ____D () C:\Windows\Panther
2015-04-29 17:43 - 2009-07-14 06:53 - 00032634 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-04-29 10:33 - 2009-11-13 16:40 - 00000960 _____ () C:\Windows\Tasks\Google Software Updater.job
2015-04-29 01:12 - 2009-12-24 21:50 - 00000000 ____D () C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-04-28 22:16 - 2013-05-24 16:37 - 00000000 ____D () C:\Users\uzivatel\Desktop\Boxy Nerd
2015-04-26 13:51 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\NDF
2015-04-23 23:34 - 2014-03-05 19:54 - 00000000 ____D () C:\Program Files\Hearthstone
2015-04-23 23:30 - 2014-03-05 19:41 - 00000000 ____D () C:\Program Files\Battle.net
2015-04-23 13:02 - 2012-11-22 20:41 - 00000000 ____D () C:\Program Files\Warcraft III
2015-04-22 15:32 - 2009-07-14 06:52 - 00000000 ____D () C:\Windows\twain_32
2015-04-20 20:58 - 2014-05-15 22:00 - 00000000 ____D () C:\Users\uzivatel\Desktop\Modeling
2015-04-20 16:15 - 2014-05-03 13:43 - 00000000 ____D () C:\Users\uzivatel\Desktop\Ulduar
2015-04-18 19:35 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-04-18 19:08 - 2009-07-14 04:37 - 00000000 __RHD () C:\Users\Public\Libraries
2015-04-18 17:07 - 2011-11-08 20:02 - 00000000 ____D () C:\ProgramData\Wizard101(UK)
2015-04-18 13:16 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2015-04-18 13:08 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\AppCompat
2015-04-17 17:00 - 2009-12-01 19:15 - 00121960 _____ () C:\Users\uzivatel\AppData\Local\GDIPFONTCACHEV1.DAT
2015-04-17 14:23 - 2009-07-14 06:33 - 03850784 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-04-15 17:14 - 2014-12-11 04:28 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-15 17:14 - 2014-05-06 23:35 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-15 16:31 - 2013-07-19 03:01 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-15 16:23 - 2010-01-08 21:49 - 125832184 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-15 16:23 - 2009-11-13 16:38 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-15 15:37 - 2012-04-02 17:18 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-04-15 15:37 - 2011-05-29 00:18 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-04-12 14:05 - 2010-01-08 21:57 - 00000000 ____D () C:\Users\uzivatel\AppData\Local\DOSBox
2015-04-10 17:23 - 2014-11-20 18:39 - 00000000 ____D () C:\Program Files\Gaming Keyboard
2015-04-10 17:23 - 2009-12-12 16:29 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2015-04-10 16:44 - 2009-07-14 04:37 - 00000000 __RHD () C:\Users\Default
2015-04-10 16:44 - 2009-07-14 04:37 - 00000000 ___RD () C:\Users\Public
2015-04-10 16:42 - 2009-07-14 04:04 - 00000215 _____ () C:\Windows\system.ini
2015-04-09 23:17 - 2013-06-24 23:03 - 00000000 ____D () C:\Users\Default\AppData\Local\Google
2015-04-09 23:17 - 2013-06-24 23:03 - 00000000 ____D () C:\Users\Default User\AppData\Local\Google
2015-04-09 23:17 - 2009-12-01 16:31 - 00000000 ____D () C:\Users\uzivatel
2015-04-09 23:16 - 2011-06-05 12:27 - 00000000 ____D () C:\Users\Madlenka
2015-04-09 22:32 - 2009-12-01 16:31 - 00000000 ____D () C:\Users\uzivatel\AppData\Local\VirtualStore
2015-04-09 20:51 - 2014-10-03 13:54 - 00106912 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-04-09 20:51 - 2014-10-03 13:53 - 00024144 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-04-09 20:51 - 2013-03-22 04:35 - 00208024 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-04-09 20:51 - 2013-03-22 04:35 - 00049904 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-04-09 20:51 - 2013-01-17 16:49 - 00081728 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-04-09 20:51 - 2011-02-27 23:43 - 00788272 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-04-09 20:51 - 2009-12-24 20:02 - 00427736 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-04-09 20:51 - 2009-12-24 20:02 - 00073440 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-04-05 21:26 - 2012-04-16 14:56 - 00000000 ____D () C:\Users\uzivatel\AppData\Roaming\Tunngle
2015-04-05 20:14 - 2012-10-12 22:12 - 00000000 ____D () C:\Program Files\Common Files\Steam
2015-04-02 14:10 - 2011-11-10 19:23 - 00000000 ____D () C:\Users\uzivatel\Documents\Wizard101

==================== Files in the root of some directories =======

2014-03-10 00:50 - 2014-10-14 18:19 - 0000132 _____ () C:\Users\uzivatel\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2013-03-23 22:29 - 2014-12-14 12:39 - 0000132 _____ () C:\Users\uzivatel\AppData\Roaming\Adobe Formát Targa CS6 – předvolby
2014-06-01 13:10 - 2014-06-01 13:10 - 0138056 _____ () C:\Users\uzivatel\AppData\Roaming\PnkBstrK.sys
2012-06-19 17:49 - 2014-04-24 18:31 - 0045270 _____ () C:\Users\uzivatel\AppData\Roaming\room_v3.dat
2010-08-28 14:41 - 2012-01-05 01:19 - 0004608 _____ () C:\Users\uzivatel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-09-27 15:58 - 2012-09-27 15:58 - 0001455 _____ () C:\Users\uzivatel\AppData\Local\RecConfig.xml
2015-04-22 15:31 - 2015-04-22 15:31 - 0000057 _____ () C:\ProgramData\Ament.ini
2010-05-11 18:09 - 2010-05-11 18:09 - 0000056 ____H () C:\ProgramData\ezsidmv.dat

Some content of TEMP:
====================
C:\Users\uzivatel\AppData\Local\Temp\catchme.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-04-24 21:58

==================== End Of Log ============================

[Wayshan]

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 29-04-2015 01
Ran by uzivatel at 2015-05-01 16:11:25
Running from C:\Users\uzivatel\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3545453532-2280684333-2720647477-500 - Administrator - Disabled)
Guest (S-1-5-21-3545453532-2280684333-2720647477-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3545453532-2280684333-2720647477-1002 - Limited - Enabled)
Madlenka (S-1-5-21-3545453532-2280684333-2720647477-1005 - Limited - Enabled) => C:\Users\Madlenka
Rodina (S-1-5-21-3545453532-2280684333-2720647477-1006 - Administrator - Enabled) => C:\Users\Rodina
uzivatel (S-1-5-21-3545453532-2280684333-2720647477-1000 - Administrator - Enabled) => C:\Users\uzivatel

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3545453532-2280684333-2720647477-1000\...\uTorrent) (Version: 3.4.2.37754 - BitTorrent Inc.)
2007 Microsoft Office system (HKLM\...\PROHYBRIDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
3D Object Converter for Windows 5.0 Gold Edition (HKLM\...\3D Object Converter for Windows 5.0 Gold Edition) (Version: - )
Acrobat.com (HKLM\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version: - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.7.0.1860 - Adobe Systems Incorporated)
Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.2.1.650 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.0.5 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 10.0.42.34 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 9 (HKLM\...\PremElem90) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Age of Mythology - The Titans Expansion (HKLM\...\Age of Mythology Expansion Pack 1.0) (Version: - )
Age of Mythology (HKLM\...\Age of Mythology 1.0) (Version: - )
AirDroid 3.0.4.0 (HKLM\...\AirDroid) (Version: 3.0.4.0 - Sand Studio)
Aktualizace NVIDIA 16.18.9 (Version: 16.18.9 - NVIDIA Corporation) Hidden
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0405-0000-0000000FF1CE}_HOMESTUDENTR_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0405-0000-0000000FF1CE}_PROHYBRIDR_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0405-0000-0000000FF1CE}_HOMESTUDENTR_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0405-0000-0000000FF1CE}_PROHYBRIDR_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0405-0000-0000000FF1CE}_HOMESTUDENTR_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0405-0000-0000000FF1CE}_PROHYBRIDR_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
ASUS PC Link (HKLM\...\{077B24F1-B87A-4C57-AE35-E463A389D7FE}_is1) (Version: 1.22.25.203 - ASUSTEK)
ASUS RT-G31 Wireless Card (HKLM\...\{C245F926-664E-40B6-ADC6-D5CD4922EA30}) (Version: 1.0.0.0 - ASUS)
Audacity 2.1.0 (HKLM\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Autodesk Backburner 2008.1 (HKLM\...\{3D347E6D-5A03-4342-B5BA-6A771885F379}) (Version: 2008.1.1 - Autodesk, Inc.)
Avast Free Antivirus (HKLM\...\avast) (Version: 10.2.2215 - AVAST Software)
Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) (HKLM\...\504244733D18C8F63FF584AEB290E3904E791693) (Version: 08/22/2008 7.0.0.0 - Nokia)
Battle.net (HKLM\...\Battle.net) (Version: - Blizzard Entertainment)
Battlelog Web Plugins (HKLM\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB)
BlueStacks Notification Center (HKLM\...\{4FCF716C-CEB4-499D-AFB8-A5375105EC2A}) (Version: 0.9.17.9138 - BlueStack Systems, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
Counter-Strike: Source (HKLM\...\Steam App 240) (Version: - Valve)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Elements 9 Organizer (Version: 9.0 - Název společnosti:) Hidden
Elements STI Installer (Version: 1.0 - Adobe Systems Incorporated) Hidden
Fable III (HKLM\...\GFWL_{4D53090A-9B45-437B-A66A-831000008300}) (Version: 1.0.0000.131 - Microsoft Game Studios)
Fable III (Version: 1.0.0000.131 - Microsoft Game Studios) Hidden
Game of Thrones - A Telltale Games Series v1.0 / RePack by Azaq (HKLM\...\Game of Thrones - A Telltale Games Series_is1) (Version: - )
GameRanger (HKU\S-1-5-21-3545453532-2280684333-2720647477-1000\...\GameRanger) (Version: - GameRanger Technologies)
GameSpy Arcade (HKLM\...\GameSpy Arcade) (Version: - )
Gaming Keyboard Driver (HKLM\...\{B3CDED64-7DC2-429D-A325-BBC3CF793AA6}) (Version: 1.0 - Senbiz)
Garry's Mod (HKLM\...\Steam App 4000) (Version: - Facepunch Studios)
Google Drive (HKLM\...\{6C36881B-0E51-4231-9D02-BF2149664D34}) (Version: 1.20.8672.3137 - Google, Inc.)
Google Chrome (HKLM\...\Google Chrome) (Version: 42.0.2311.135 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
h3hota (HKLM\...\HotA_is1) (Version: - )
Half-Life 2 (HKLM\...\Steam App 220) (Version: - Valve)
Half-Life 2: Episode One (HKLM\...\Steam App 380) (Version: - Valve)
Half-Life 2: Episode Two (HKLM\...\Steam App 420) (Version: - Valve)
Half-Life 2: Lost Coast (HKLM\...\Steam App 340) (Version: - Valve)
Half-Life: Opposing Force (HKLM\...\Half-Life: Opposing Force) (Version: - )
Hearthstone (HKLM\...\Hearthstone) (Version: - Blizzard Entertainment)
Heroes of Might & Magic V: Hammers of Fate (HKLM\...\{07BE4679-4318-4413-9701-B3D91354F10C}) (Version: - )
Heroes of Might and Magic III Complete (HKLM\...\Heroes of Might and Magic III Complete) (Version: - )
Heroes of Might and Magic V - Hammers of Fate (HKLM\...\{EEF7568A-BD2C-42B7-A22E-6D55EA287C34}) (Version: 2.1 - Ubisoft)
Heroes of Might and Magic V - Tribes of the East (HKLM\...\{82FF9CEB-A50B-45A4-B6B1-7BF8C585D8CA}) (Version: 3.1 - Ubisoft)
Heroes of Might and Magic V (HKLM\...\{8829DAD4-8F07-4A96-B995-15498EBB8045}) (Version: - )
HP Deskjet 1510 series Nápověda (HKLM\...\{FB815CBF-148E-42A4-8741-4924C28C118F}) (Version: 30.0.0 - Hewlett Packard)
HP FWUpdateEDO2 (HKLM\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Support Solutions Framework (HKLM\...\{FC3C2B77-6800-48C6-A15D-9D1031130C16}) (Version: 11.51.0049 - Hewlett-Packard Company)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (Version: 1.00.0001 - Microsoft) Hidden
IrfanView (remove only) (HKLM\...\IrfanView) (Version: - )
Java 7 Update 71 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Keltští králové (HKLM\...\Celtic kings) (Version: - )
King’s Bounty (Pouze odstranit) (HKLM\...\{E43ED0A0-C85E-40F0-807C-6A8A9D2FAEF3}_is1) (Version: 1.0.0.0 - Cenega Czech)
King’s Bounty Crossworlds (Remove Only) (HKLM\...\{8BC85EE5-F169-482D-B818-117CD77E2093}_is1) (Version: 1.0.0.0 - 1C Company)
King's Bounty - Armored Princess (HKLM\...\{756AB9A1-607A-4305-BA74-AF7D2D3344DE}) (Version: 1.00.0000 - 1C Company)
KKND Krossfire (HKLM\...\KKND Krossfire) (Version: - )
Krush, Kill 'n' Destroy Xtreme (HKLM\...\Krush, Kill 'n' Destroy Xtreme) (Version: - )
League of Legends (HKLM\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (Version: 3.0.1 - Riot Games) Hidden
Left 4 Dead 2 (HKLM\...\Steam App 550) (Version: - Valve)
Malwarebytes Anti-Malware verze 2.1.4.1018 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
Mass Effect (HKLM\...\{1B0FBB9A-995D-47cd-87CD-13E68B676E4F}) (Version: 1.00 - Electronic Arts, Inc.)
Mass Effect™ 2 (HKLM\...\{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}) (Version: 1.2.1604.0 - Electronic Arts)
Mass Effect™ 3 (HKLM\...\{534A31BD-20F4-46b0-85CE-09778379663C}) (Version: 1.05.0.0 - Electronic Arts)
Mass Effect™ 3 Demo (HKLM\...\{A1683CA7-4850-4A21-982B-C6D853C79AF7}) (Version: 1.0.0.0 - Electronic Arts)
Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0405-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Might & Magic Heroes VI (HKLM\...\{745D37C2-26F4-4B65-BA13-F9840EBFA75B}) (Version: 1.8 - Ubisoft)
MPC-HC 1.6.3.5818 (HKLM\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.6.3.5818 - MPC-HC Team)
MSI Afterburner 4.1.0 (HKLM\...\Afterburner) (Version: 4.1.0 - MSI Co., LTD)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML4 Parser (HKLM\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 337.88 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 337.88 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.88 - NVIDIA Corporation)
NVIDIA PhysX (HKLM\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
OpenOffice.org 3.2 (HKLM\...\{5DE71D48-01EB-4BF2-A643-50FE6C9B6AC9}) (Version: 3.2.9483 - OpenOffice.org)
OpenTTD 1.5.0 (HKLM\...\OpenTTD) (Version: 1.5.0 - OpenTTD)
Opera 12.17 (HKLM\...\Opera 12.17.1863) (Version: 12.17.1863 - Opera Software ASA)
Origin (HKLM\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 337.88 (Version: 337.88 - NVIDIA Corporation) Hidden
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1BF}) (Version: 3.60.0 - dotPDN LLC)
PAYDAY 2 (HKLM\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
PC Connectivity Solution (HKLM\...\{83258E90-1F76-4E13-9F60-A0F8ED41E76F}) (Version: 8.22.7.0 - Nokia)
PDF Settings CS6 (Version: 11.0 - Adobe Systems Incorporated) Hidden
Portal (HKLM\...\Steam App 400) (Version: - Valve)
Portal 2 (HKLM\...\Steam App 620) (Version: - Valve)
Punské války (HKLM\...\{Punské války}) (Version: - )
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5936 - Realtek Semiconductor Corp.)
Rollcage (HKLM\...\Rollcage) (Version: - )
SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
Skype™ 7.2 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.2.103 - Skype Technologies S.A.)
Source SDK Base 2006 (HKLM\...\Steam App 215) (Version: - Valve)
Source SDK Base 2007 (HKLM\...\Steam App 218) (Version: - Valve)
Steam (HKLM\...\Steam) (Version: - Valve Corporation)
Studie vylepšování produktu HP Deskjet 1510 series (HKLM\...\{0A0B1D91-0716-4D99-AEA6-1D6651428EAC}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
THE SETTLERS - Dědictví králů (všechny produkty) (HKLM\...\{8FDC1610-3FB5-4EF2-A0D0-CEDC3A525A25}) (Version: 1.00.0000 - Blue Byte)
The Wolf Among Us (HKLM\...\Steam App 250320) (Version: - Telltale Games)
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 7.57 - Ghisler Software GmbH)
TP-LINK TL-WN721N/TL-WN722N Driver (HKLM\...\{38A1E3ED-D913-41D2-9953-A93D5ACE3ADF}) (Version: 1.0.0 - TP-LINK)
TP-LINK Wireless Configuration Utility (HKLM\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.0.0 - TP-LINK)
Trust Gaming Mouse Driver V1.1 (HKLM\...\{3AA9D712-182E-409C-ABBE-8E47CF05D926}_is1) (Version: - )
Tunngle (HKLM\...\Tunngle_is1) (Version: 5.2 - Tunngle.net GmbH)
Ubisoft Game Launcher (HKLM\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Vegas Pro 11.0 (HKLM\...\{6AEFCA01-8DF1-11E1-A17B-F04DA23A5C58}) (Version: 11.0.682 - Sony)
VLC media player 2.0.6 (HKLM\...\VLC media player) (Version: 2.0.6 - VideoLAN)
War2Combat version 4.01 (HKLM\...\War2Combat_is1) (Version: 4.01 - War2 RU Admins)
Warcraft III (HKLM\...\Warcraft III) (Version: - )
Warcraft III: All Products (HKU\S-1-5-21-3545453532-2280684333-2720647477-1000\...\Warcraft III) (Version: - )
Winamp (HKLM\...\Winamp) (Version: 5.63 - Nullsoft, Inc)
Winamp Detector Plug-in (HKU\S-1-5-21-3545453532-2280684333-2720647477-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{068B46A0-8858-4CEB-80BC-A4AE787A05FC}) (Version: 14.0.8089.726 - Microsoft Corporation)
WinRAR 4.10 beta 5 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.10.5 - win.rar GmbH)
Wizard101 (HKLM\...\{A9E27FF5-6294-46A8-B8FD-77B1DECA3021}) (Version: 1.0.0 - KingsIsle Entertainment, Inc.)
Wizard101(UK) (HKU\S-1-5-21-3545453532-2280684333-2720647477-1000\...\Wizard101(UK)_is1) (Version: - Gameforge 4D GmbH)
World of Warcraft Model Viewer 32-bit (HKLM\...\{270CD7D9-0669-4C7A-A80A-6B0CB83DD7DC}) (Version: 07.04.000 - WoWModelViewer.org)
Základní software zařízení HP Deskjet 1510 series (HKLM\...\{9A3DA7C7-F74F-4B29-9082-C7C01D2E465B}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3545453532-2280684333-2720647477-1000_Classes\CLSID\{1c492e6a-2803-5ed7-83e1-1b1d4d41eb39}\InprocServer32 -> C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
CustomCLSID: HKU\S-1-5-21-3545453532-2280684333-2720647477-1000_Classes\CLSID\{49BBAA3C-C574-419E-8378-783C362E9C15}\InprocServer32 -> C:\Program Files\HP\Common\FWUpdateEDO2.dll (Hewlett-Packard Co.)

==================== Restore Points =========================

30-04-2015 14:42:00 ComboFix created restore point
30-04-2015 15:18:20 Removed BlueStacks Notification Center
30-04-2015 15:18:50 Removed BlueStacks Notification Center
30-04-2015 15:19:52 Removed BlueStacks Notification Center
30-04-2015 15:25:44 Removed IPTInstaller
30-04-2015 15:26:13 Removed HTC Driver Installer.
30-04-2015 15:29:22 Removed Microsoft Silverlight
30-04-2015 15:32:44 Odebráno: Nokia Connectivity Cable Driver
30-04-2015 15:33:40 Removed Skype Click to Call

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:04 - 2015-04-10 16:42 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {00B58168-EA2F-4438-9234-A9018F9285B5} - System32\Tasks\HPCustParticipation HP Deskjet 1510 series => C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPCustPartic.exe [2014-03-06] (Hewlett-Packard Co.)
Task: {02FF7F8E-27A2-43A2-9278-BC4AFE22AE69} - System32\Tasks\{9F464F18-7B4F-41AB-8B05-AA10C7385556} => C:\games\League of Legends\lol.launcher.exe
Task: {03A6038B-9726-4920-BC98-92EA080E3315} - System32\Tasks\{F3E3C00A-F9E3-4A9C-BE1D-544231239E19} => pcalua.exe -a D:\SETUP.EXE -d D:\
Task: {07FDC213-D5EE-4964-B5A2-8BC6F07AB68E} - System32\Tasks\{58054D16-CFF0-41A6-A8A0-A06563D42013} => pcalua.exe -a C:\Users\uzivatel\Desktop\MK4\SETUP.EXE -d C:\Users\uzivatel\Desktop\MK4
Task: {0DEA90C4-1783-491A-8ED9-F4D663218BEA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-11-09] (Google Inc.)
Task: {1842370C-7898-4662-B612-474A1DADB8A5} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {2032853E-5F43-4031-98D5-3A167CF10CD8} - System32\Tasks\{488F9C62-97FC-45A3-9B8E-5F0FD6CF1D61} => pcalua.exe -a J:\Setup.exe -d J:\
Task: {2191EC9C-88D2-42C3-A4CA-DDB9FDC286B6} - System32\Tasks\Google Software Updater => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-11-09] (Google)
Task: {2B942593-0D8A-49F7-8683-BD8682A064A4} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation)
Task: {2D37E134-A005-4652-8813-4800F130ED89} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-04-23] (Piriform Ltd)
Task: {2EBB7C80-E95A-49E9-B614-298DF62C133B} - System32\Tasks\{351CE8D0-E118-4D05-BB44-912B99CA49C5} => pcalua.exe -a C:\Users\uzivatel\Desktop\CD\CD3Setup\CD3Setup.exe -d C:\Users\uzivatel\Desktop\CD\CD3Setup
Task: {34739ABE-5B94-45A4-ADF3-FE9C9AF48675} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {3ABB140B-9C2F-46E2-8205-B6A1755C01C2} - System32\Tasks\{1B061779-D8F7-4DFA-A970-B71ABD1DB7D9} => pcalua.exe -a "C:\Program Files\Hamachi\hamachi.exe" -d C:\Users\uzivatel\Desktop
Task: {4001ADB4-6F60-4272-9F42-B7673CCA6E25} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-11-09] (Google Inc.)
Task: {403E4B07-F44C-4AD9-83DA-52CFF157E83D} - System32\Tasks\{739BFDD5-474E-4492-9A2E-075BB81B132F} => C:\Program Files\Punské války\PUNSKE_VALKY.EXE [2012-03-02] ()
Task: {53758D62-2D1F-4F95-B082-ABD051C850A3} - System32\Tasks\{0F734785-1CCE-4A20-886F-719A4E048629} => pcalua.exe -a "C:\Users\uzivatel\Desktop\League of Legends\setup.exe" -d "C:\Users\uzivatel\Desktop\League of Legends"
Task: {56B5558C-8983-40B3-923B-6B0509797B97} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-04-09] (Avast Software s.r.o.)
Task: {5BDFF710-9C9A-449B-A8E2-C50547FD13AD} - System32\Tasks\{157B79A5-B3C7-4CBF-86A5-016ADF692C8A} => pcalua.exe -a C:\Users\uzivatel\loleusetup.exe
Task: {602095BF-BF25-49CF-AA33-CAB9CBE58E81} - System32\Tasks\{88E1DC6A-96C8-4477-AF2B-49D0780B0C4C} => pcalua.exe -a C:\Users\uzivatel\Desktop\CD3\CD3Setup\CD3Setup.exe -d C:\Users\uzivatel\Desktop\CD3\CD3Setup
Task: {616264DE-1F8C-43A5-A0F9-6D7479F34C3F} - System32\Tasks\{B9AC31E8-F30F-407B-B796-07AEB6DB4673} => C:\games\League of Legends\lol.launcher.exe
Task: {70FBBC7A-C413-4D9D-BEC7-747E8815B1C1} - System32\Tasks\AdobeAAMUpdater-1.0-uzivatel-PC-uzivatel => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {760236B1-06A0-459B-A2F2-C06CC73BE06F} - System32\Tasks\{A998202D-F948-41F8-8984-F07C6D4C3356} => pcalua.exe -a "C:\Program Files\Steam\steam.exe" -c steam://uninstall/233070
Task: {77D3A4DB-E650-4322-9939-80AC28D20FCD} - System32\Tasks\{3748EC42-A052-45B1-B045-33969D0F0D42} => C:\Program Files\Punské války\PUNSKE_VALKY.EXE [2012-03-02] ()
Task: {7DF68A52-AB6A-4E14-A89C-BE4A7514D8A7} - System32\Tasks\{44529B22-93C1-405E-8634-AD42E662A172} => C:\Riot Games\League of Legends\lol.launcher.exe [2013-06-17] ()
Task: {8F5F471C-8DA6-4467-8876-2ACED84B18F3} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {91B12C7B-40ED-4CA8-B59F-FA1994463F55} - System32\Tasks\{765FD839-C2AD-4DA9-8C1F-41502BC09A62} => pcalua.exe -a C:\Users\uzivatel\Desktop\mp3rec10\MP3REC10.exe -d C:\Users\uzivatel\Desktop\mp3rec10
Task: {A094F90B-CBC6-4D69-B236-0E72948C5933} - System32\Tasks\{50C1D565-AEB4-4E9B-B919-B3B455E65A24} => C:\Program Files\Tools\DDS Converter 2\DDS Converter 2.exe
Task: {AC1FA195-F05B-4465-B6A3-A8C04F331EDD} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3545453532-2280684333-2720647477-1000
Task: {B57476A6-208F-4F5E-B893-0DCFF3DD8B3A} - System32\Tasks\{3A596BCB-71E9-4FAC-814D-E6AFA7BD3831} => pcalua.exe -a C:\Users\uzivatel\Downloads\LOLReplay-0-5-9-3.exe -d C:\Users\uzivatel\Downloads
Task: {B7453245-DFFA-40A3-BE15-58496300B675} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15] (Adobe Systems Incorporated)
Task: {C923EE75-FDD4-4C23-AFFE-07858D9E1648} - System32\Tasks\{5ACB8D7B-4AFB-4706-A3C1-B326B0B2729C} => C:\Program Files\Punské války\PUNSKE_VALKY.EXE [2012-03-02] ()
Task: {C9C0DC7B-801F-465C-976C-B03F76240670} - System32\Tasks\{0A754685-07DC-4929-938D-FD308B17B0D3} => C:\games\League of Legends\lol.launcher.exe
Task: {DC2940FD-BCA9-497D-BA84-626FE80A1C05} - System32\Tasks\{03315E63-A5B5-4AC9-9DCA-A32E3D32AE1C} => pcalua.exe -a C:\Windows\IsUninst.exe -c -fC:\KKNDXtreme\Uninst.isu
Task: {EC3EB398-D514-4A00-9C48-7BC21005C10F} - System32\Tasks\{2D3AE3AD-7518-462A-85A6-ADA843B3CCDA} => C:\Program Files\Skype\Phone\Skype.exe [2015-02-26] (Skype Technologies S.A.)
Task: {EEEF8719-0E8A-4784-BAA8-D17360B6554A} - System32\Tasks\{BF55EBEF-F0F5-4174-8EBF-CAAFF04EC3BF} => pcalua.exe -a C:\ProgramData\Wizard101(UK)\Wizard101.exe -d C:\ProgramData\Wizard101(UK)
Task: {FC487C4E-2D38-4297-9AE7-E1A882E73A6A} - System32\Tasks\{BCEFC9CA-4B8E-4A49-9DD1-7B4C880F4BE3} => pcalua.exe -a C:\Users\uzivatel\Desktop\stsetup.exe -d C:\Users\uzivatel\Desktop

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Google Software Updater.job => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2015-04-09 20:51 - 2015-04-09 20:51 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-04-09 20:51 - 2015-04-09 20:51 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-04-30 19:49 - 2015-04-30 19:49 - 02926592 _____ () C:\Program Files\AVAST Software\Avast\defs\15043001\algo.dll
2015-05-01 14:38 - 2015-05-01 14:38 - 02926592 _____ () C:\Program Files\AVAST Software\Avast\defs\15050100\algo.dll
2012-11-18 13:39 - 2014-05-20 02:04 - 00106840 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2011-12-21 15:23 - 2011-12-15 13:38 - 00166912 _____ () C:\Program Files\WinRAR\rarext.dll
2015-04-09 20:51 - 2015-04-09 20:51 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-04-10 17:23 - 2013-04-09 12:13 - 00270336 _____ () C:\Program Files\Gaming Keyboard\Monitor.EXE
2015-04-10 17:23 - 2012-11-05 08:09 - 00057344 _____ () C:\Program Files\Gaming Keyboard\lan.dll
2015-04-10 17:23 - 2012-11-05 08:37 - 00061440 _____ () C:\Program Files\Gaming Keyboard\hiddriver.dll
2015-04-10 17:23 - 2013-01-09 11:47 - 00151552 _____ () C:\Program Files\Gaming Keyboard\OSD.exe
2015-04-08 21:53 - 2015-04-08 21:53 - 00053248 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2015-04-30 23:10 - 2015-04-28 04:07 - 01252680 _____ () C:\Program Files\Google\Chrome\Application\42.0.2311.135\libglesv2.dll
2015-04-30 23:10 - 2015-04-28 04:07 - 00080712 _____ () C:\Program Files\Google\Chrome\Application\42.0.2311.135\libegl.dll
2015-04-30 23:10 - 2015-04-28 04:07 - 14980424 _____ () C:\Program Files\Google\Chrome\Application\42.0.2311.135\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:05EE1EEF

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)

[Wayshan]

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3545453532-2280684333-2720647477-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.0.0.138

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: Trust Gaming Mouse => C:\Program Files\Trust Gaming Mouse\Mouse.exe

==================== FirewallRules (whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [{AC7EC3CB-9315-44B5-984E-DEECF59C2BFC}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{B8A7C2FB-4195-42DE-8CF6-E18CC61CA140}] => (Allow) svchost.exe
FirewallRules: [{A745C9A7-533B-40E4-8BB8-5F7BE3C9F4C6}] => (Allow) C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{9BF234F7-6D74-4F19-8558-ED74AFE7725A}] => (Allow) C:\Program Files\Microsoft Office\Office12\outlook.exe
FirewallRules: [TCP Query User{CC3DFBC9-5E83-43F5-A8CD-AB81FA4CAD07}C:\program files\opera\opera.exe] => (Allow) C:\program files\opera\opera.exe
FirewallRules: [UDP Query User{8BD96191-045F-4E19-B440-3D4DBB8289A8}C:\program files\opera\opera.exe] => (Allow) C:\program files\opera\opera.exe
FirewallRules: [TCP Query User{2FC9C6E8-EA2C-4D14-B06E-1769561671CB}C:\program files\psygnosis\rollcage\direct3d\rollcage.exe] => (Block) C:\program files\psygnosis\rollcage\direct3d\rollcage.exe
FirewallRules: [UDP Query User{AC81A194-B948-48F3-8335-BC491673E370}C:\program files\psygnosis\rollcage\direct3d\rollcage.exe] => (Block) C:\program files\psygnosis\rollcage\direct3d\rollcage.exe
FirewallRules: [TCP Query User{EAB9C0A6-3F69-4097-A9AA-964C82761F37}C:\program files\warcraft iii\war3.exe] => (Allow) C:\program files\warcraft iii\war3.exe
FirewallRules: [UDP Query User{DD5EFB2A-0D0C-49D9-A41F-F395A593600B}C:\program files\warcraft iii\war3.exe] => (Allow) C:\program files\warcraft iii\war3.exe
FirewallRules: [{31EE9A52-D2A3-43A2-A87D-875192B8898E}] => (Allow) C:\Program Files\Warcraft III\Frozen Throne.exe
FirewallRules: [{E44EC024-1193-416D-A4D4-9B40F19CD2FA}] => (Allow) C:\Program Files\Warcraft III\Frozen Throne.exe
FirewallRules: [{6011ED49-F4DE-4ECB-A663-B900BF475812}] => (Allow) C:\Program Files\Warcraft III\Frozen Throne.exe
FirewallRules: [{F551A07F-85A0-45B8-8CD9-25D35597F7A5}] => (Allow) C:\Program Files\Warcraft III\Frozen Throne.exe
FirewallRules: [{A190EDBE-0C4D-461E-B145-EA310DF86360}] => (Allow) C:\Program Files\Opera\opera.exe
FirewallRules: [{AD9B9D26-F2EB-4B25-9E4C-FA637331060D}] => (Allow) C:\Program Files\Opera\opera.exe
FirewallRules: [{5C898F5D-22E9-4D75-9C2E-FD62DCF74C92}] => (Allow) C:\Program Files\GameSpy Arcade\Aphex.exe
FirewallRules: [{384AD86C-9537-403D-9BBB-41D203995567}] => (Allow) C:\Program Files\GameSpy Arcade\Aphex.exe
FirewallRules: [{9C1E78B6-4FB6-49AF-916A-BEB6E5042A38}] => (Allow) LPort=8394
FirewallRules: [{F707D993-14BC-4593-ACE6-6CD427737B9D}] => (Allow) LPort=8394
FirewallRules: [{C2929095-9914-4D6B-96BE-76FFC7925978}] => (Allow) LPort=6892
FirewallRules: [{8D82D684-0508-45FC-921F-2D6397E594EE}] => (Allow) LPort=6892
FirewallRules: [{39C96D40-F7EB-4527-A926-5620D60BF884}] => (Allow) LPort=6941
FirewallRules: [{A749CFC0-2BD0-4199-8D9E-B57FFF6D4CAE}] => (Allow) LPort=6941
FirewallRules: [{66D0F5DE-E178-4F5E-B08F-3B5780827440}] => (Allow) LPort=6897
FirewallRules: [{A8912BC0-BD76-460D-9926-2C5D978FC992}] => (Allow) LPort=6897
FirewallRules: [TCP Query User{E04B5BD6-5A2A-4046-AB12-DA44595CE844}C:\program files\ubisoft\blue byte\the settlers - dědictví králů\bin\settlershok.exe] => (Allow) C:\program files\ubisoft\blue byte\the settlers - dědictví králů\bin\settlershok.exe
FirewallRules: [UDP Query User{5089329C-13AA-4358-85F5-39C0613A2B03}C:\program files\ubisoft\blue byte\the settlers - dědictví králů\bin\settlershok.exe] => (Allow) C:\program files\ubisoft\blue byte\the settlers - dědictví králů\bin\settlershok.exe
FirewallRules: [{C2AEA30F-A12C-4F9C-8BD1-8F021DA93DAE}] => (Block) C:\program files\ubisoft\blue byte\the settlers - dědictví králů\bin\settlershok.exe
FirewallRules: [{7F322CB6-B9AC-4744-83F0-0C156BBAA67D}] => (Block) C:\program files\ubisoft\blue byte\the settlers - dědictví králů\bin\settlershok.exe
FirewallRules: [TCP Query User{B8078550-73D3-4664-A197-6CD683DA4C61}C:\program files\ubisoft\heroes of might and magic v\bin\h5_game.exe] => (Allow) C:\program files\ubisoft\heroes of might and magic v\bin\h5_game.exe
FirewallRules: [UDP Query User{EC00F840-273C-45E5-9C21-8D3163431CB6}C:\program files\ubisoft\heroes of might and magic v\bin\h5_game.exe] => (Allow) C:\program files\ubisoft\heroes of might and magic v\bin\h5_game.exe
FirewallRules: [{779F8C08-7427-488C-B58C-D9F5BC5503D5}] => (Allow) C:\program files\ubisoft\heroes of might and magic v\bin\h5_game.exe
FirewallRules: [{77C84F8F-AF3B-4EC4-BF04-98C74ECD4725}] => (Allow) C:\program files\ubisoft\heroes of might and magic v\bin\h5_game.exe
FirewallRules: [{91CD476B-593D-4BF0-8F35-1EEA9FCE342B}] => (Allow) LPort=8395
FirewallRules: [{09814E3A-6DE4-4823-833C-4FC9B1602D51}] => (Allow) LPort=8395
FirewallRules: [{980FA362-9CB1-4520-BF74-3B3BCFE7BC69}] => (Allow) LPort=6986
FirewallRules: [{6ECD1F2E-6CCC-4003-8926-B781DDBA3424}] => (Allow) LPort=6986
FirewallRules: [{FEDE047C-51CC-4C18-90D3-32D937E50453}] => (Allow) LPort=6952
FirewallRules: [{A1D00FAA-C67B-47FA-A836-6F1FB2B94531}] => (Allow) LPort=6952
FirewallRules: [{614670D0-B29C-4FE4-8E57-DAA790C3E668}] => (Allow) LPort=6909
FirewallRules: [{56E8E27A-4A35-4833-8718-24AD141C58CE}] => (Allow) LPort=6909
FirewallRules: [{EBFF4ED7-655D-4FCE-A0C8-106F3597F687}] => (Allow) LPort=8396
FirewallRules: [{5FF55E97-A3C5-42EE-ADD0-D84749E772DC}] => (Allow) LPort=8396
FirewallRules: [{8D7D1D64-D650-4A5D-A586-CA79529E49E9}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{FB2A3F8B-57FB-4E6F-8C42-32339EACFEF4}] => (Allow) LPort=2869
FirewallRules: [{AA85C857-86CC-45F6-B459-85BA567C0A23}] => (Allow) LPort=1900
FirewallRules: [{F1CE8593-B0EE-448E-B7AC-5AF368A991CF}] => (Allow) C:\Program Files\Windows Live\Mesh\MOE.exe
FirewallRules: [{6D3F41F9-1C39-4346-A7DA-C77D448EB841}] => (Allow) LPort=6942
FirewallRules: [{0E423AD1-2237-4A9A-A8F9-443D19CFFAA8}] => (Allow) LPort=6942
FirewallRules: [TCP Query User{346B0A55-67BE-4BA1-9DD1-4AB8FE99F269}C:\program files\haemimont games\celtic kings\celtic kings.exe] => (Allow) C:\program files\haemimont games\celtic kings\celtic kings.exe
FirewallRules: [UDP Query User{C5881985-7023-4625-8843-2833891D085B}C:\program files\haemimont games\celtic kings\celtic kings.exe] => (Allow) C:\program files\haemimont games\celtic kings\celtic kings.exe
FirewallRules: [{37047EB2-AA8D-41BE-93A2-EC7D92DDDEDE}] => (Allow) C:\program files\haemimont games\celtic kings\celtic kings.exe
FirewallRules: [{C0E38BDF-998A-49C1-8989-1B8D926628BA}] => (Allow) C:\program files\haemimont games\celtic kings\celtic kings.exe
FirewallRules: [TCP Query User{6DE4550F-F04A-41B8-B254-D77E35FA6942}C:\users\uzivatel\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\uzivatel\appdata\roaming\gameranger\gameranger\gameranger.exe
FirewallRules: [UDP Query User{B5822AB6-0C6A-4020-BEF5-F164C9FB2BAE}C:\users\uzivatel\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\uzivatel\appdata\roaming\gameranger\gameranger\gameranger.exe
FirewallRules: [{841EA394-23C6-4E52-B0E0-9EEE7A444226}] => (Allow) C:\users\uzivatel\appdata\roaming\gameranger\gameranger\gameranger.exe
FirewallRules: [{88057BCC-6EC2-49BC-BD11-E2BFBC730C17}] => (Allow) C:\users\uzivatel\appdata\roaming\gameranger\gameranger\gameranger.exe
FirewallRules: [{C50044F1-7F55-416D-807C-E42E6E9B2DCD}] => (Allow) LPort=8397
FirewallRules: [{D1710FAF-4A27-447E-A0EC-5BA30F4D80F1}] => (Allow) LPort=8397
FirewallRules: [TCP Query User{B2150C74-A0C8-4A4F-B7BB-6391A49CBA88}C:\program files\ubisoft\heroes of might and magic v - tribes of the east\bin\h5_game.exe] => (Allow) C:\program files\ubisoft\heroes of might and magic v - tribes of the east\bin\h5_game.exe
FirewallRules: [UDP Query User{E21F93B9-831D-4B5E-944C-DFF5DE497D46}C:\program files\ubisoft\heroes of might and magic v - tribes of the east\bin\h5_game.exe] => (Allow) C:\program files\ubisoft\heroes of might and magic v - tribes of the east\bin\h5_game.exe
FirewallRules: [{D6050C5E-7270-4938-8DC7-D5AE3A80E0D0}] => (Allow) LPort=8397
FirewallRules: [{A47210DE-0D5C-4DBC-A21B-1A32CA719F7B}] => (Allow) LPort=8397
FirewallRules: [TCP Query User{0BCCF52B-3B26-41C6-ABAA-FAEABC743BB2}C:\riot games\league of legends\lol.launcher.exe] => (Allow) C:\riot games\league of legends\lol.launcher.exe
FirewallRules: [UDP Query User{EBD353EC-4120-471F-AE36-7D2A77AF5F5B}C:\riot games\league of legends\lol.launcher.exe] => (Allow) C:\riot games\league of legends\lol.launcher.exe
FirewallRules: [{F936B660-8FF9-4116-A16F-3D121B36C27F}] => (Allow) C:\Program Files\Microsoft Games\Fable III\Fable3.exe
FirewallRules: [{636E8402-CB3C-4A9A-9360-D702AA6CB0B2}] => (Allow) C:\Program Files\Microsoft Games\Fable III\Fable3.exe
FirewallRules: [TCP Query User{0FEE78C2-FD45-407A-B470-DF9D8BFAE53A}C:\program files\winamp\winamp.exe] => (Allow) C:\program files\winamp\winamp.exe
FirewallRules: [UDP Query User{C496292A-5DF0-4BD8-A3CC-F112F9FEDDC5}C:\program files\winamp\winamp.exe] => (Allow) C:\program files\winamp\winamp.exe
FirewallRules: [{8659D040-BA2B-4E8B-8B2B-C485A37E7204}] => (Allow) C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE
FirewallRules: [{134DF2B1-C7F2-4BA3-888E-04E787B14CCB}] => (Allow) C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE
FirewallRules: [{3183119B-3FD8-45B5-9C2A-A6EACF467718}] => (Allow) C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{94D85E53-4800-451F-A358-ADE37B70AE48}] => (Allow) C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [TCP Query User{E8AE18A3-C96C-42F2-BB58-CDC0E71235A2}C:\program files\microsoft games\age of mythology\aomx.exe] => (Allow) C:\program files\microsoft games\age of mythology\aomx.exe
FirewallRules: [UDP Query User{70CDF02F-9889-4714-811B-C95EE5552EB9}C:\program files\microsoft games\age of mythology\aomx.exe] => (Allow) C:\program files\microsoft games\age of mythology\aomx.exe
FirewallRules: [{25EAB4CE-E0DD-4A2E-B35B-2126A67F7F0A}] => (Block) C:\program files\microsoft games\age of mythology\aomx.exe
FirewallRules: [{56AAF199-BBD1-4B0A-B8BE-547F6A60600E}] => (Block) C:\program files\microsoft games\age of mythology\aomx.exe
FirewallRules: [TCP Query User{8FADDCCE-C1AB-4378-9243-D717668DD753}K:\portal 2\portal 2\portal2.exe] => (Allow) K:\portal 2\portal 2\portal2.exe
FirewallRules: [UDP Query User{59ACF7FC-1366-4D3F-9E42-541C6C2374F6}K:\portal 2\portal 2\portal2.exe] => (Allow) K:\portal 2\portal 2\portal2.exe
FirewallRules: [{4BDF89B8-F035-4FE6-A803-FAB346C71478}] => (Block) K:\portal 2\portal 2\portal2.exe
FirewallRules: [{BB8CCD3F-05F5-4EDE-A3DF-4E3B5DF28721}] => (Block) K:\portal 2\portal 2\portal2.exe
FirewallRules: [{A514ADCC-9FDE-4C7B-938D-21C39E2859DA}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [{17259E6D-AA2B-468C-8E1E-89F399A014D9}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [TCP Query User{65A4963B-1D05-4178-8CBA-110248BDEA02}C:\program files\microsoft games\age of mythology\aom.exe] => (Allow) C:\program files\microsoft games\age of mythology\aom.exe
FirewallRules: [UDP Query User{305B5C37-032B-4302-9CF2-8EC8609DE5E4}C:\program files\microsoft games\age of mythology\aom.exe] => (Allow) C:\program files\microsoft games\age of mythology\aom.exe
FirewallRules: [{423EFEA2-F8C1-4D70-B9AD-C04BF252350A}] => (Block) C:\program files\microsoft games\age of mythology\aom.exe
FirewallRules: [{9083428A-2E91-4707-BF2A-8FDDEA0F5381}] => (Block) C:\program files\microsoft games\age of mythology\aom.exe
FirewallRules: [{88ABE5A5-1F04-48CF-8820-CCA9B5B1F1FF}] => (Allow) C:\Program Files\Origin Games\Mass Effect 3\Binaries\Win32\MassEffect3.exe
FirewallRules: [{BE69E9EE-F231-4281-82EB-E4983D81402E}] => (Allow) C:\Program Files\Origin Games\Mass Effect 3\Binaries\Win32\MassEffect3.exe
FirewallRules: [{D013E8A3-831B-4105-8691-9D96404EBC70}] => (Allow) C:\games\Mass Effect\Binaries\MassEffect.exe
FirewallRules: [{E2AE31E0-5935-427F-A47A-6A4A63FB7E0D}] => (Allow) C:\games\Mass Effect\Binaries\MassEffect.exe
FirewallRules: [{F39FA52D-2B73-4BB9-B9D6-DD627F1D9F13}] => (Allow) C:\games\Mass Effect\MassEffectLauncher.exe
FirewallRules: [{EFCFFD0D-0A48-472A-A602-855502D2CA85}] => (Allow) C:\games\Mass Effect\MassEffectLauncher.exe
FirewallRules: [TCP Query User{377D2D9F-E10A-4548-A4F1-CA637C5B4B0C}C:\games\kknd krossfire\kknd2.exe] => (Allow) C:\games\kknd krossfire\kknd2.exe
FirewallRules: [UDP Query User{753EF372-3680-42D3-A416-CBFBC0DBCC31}C:\games\kknd krossfire\kknd2.exe] => (Allow) C:\games\kknd krossfire\kknd2.exe
FirewallRules: [TCP Query User{B1AC0CB2-E18A-477A-A3E8-D48FA45D801A}C:\windows\system32\dplaysvr.exe] => (Allow) C:\windows\system32\dplaysvr.exe
FirewallRules: [UDP Query User{E392816D-A14E-42F1-B6F0-9F39F892DF19}C:\windows\system32\dplaysvr.exe] => (Allow) C:\windows\system32\dplaysvr.exe
FirewallRules: [{CDF362DC-F956-450A-831D-9AF11A41FB30}] => (Block) C:\windows\system32\dplaysvr.exe
FirewallRules: [{432C4EFA-FAD8-47AB-BCB3-31AE95230BBD}] => (Block) C:\windows\system32\dplaysvr.exe
FirewallRules: [{6B3B55FE-AD6C-4982-9945-8147FE5CDAA8}] => (Block) C:\games\kknd krossfire\kknd2.exe
FirewallRules: [{414A3A1D-DA0A-4AA2-8D5E-9C3F97B2DBC5}] => (Block) C:\games\kknd krossfire\kknd2.exe
FirewallRules: [TCP Query User{7FEAFA9E-41AB-469E-8AEE-92BAEFAD7AB0}C:\program files\3do\heroes 3 complete\heroes3.icd] => (Allow) C:\program files\3do\heroes 3 complete\heroes3.icd
FirewallRules: [UDP Query User{FA369B6D-DA9B-4122-82F8-765A2085B31F}C:\program files\3do\heroes 3 complete\heroes3.icd] => (Allow) C:\program files\3do\heroes 3 complete\heroes3.icd
FirewallRules: [{A6EAF9D2-B9BD-4CDE-A35C-F0B368CFAF19}] => (Block) C:\program files\3do\heroes 3 complete\heroes3.icd
FirewallRules: [{1AE64F13-1FD6-482C-A130-9FB8D28A1CF2}] => (Block) C:\program files\3do\heroes 3 complete\heroes3.icd
FirewallRules: [{7FE4A8C7-F876-462D-AD19-BB04D0C137B7}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{B1E8A8DC-D8C2-4DFF-907B-C076A7A1DB0F}] => (Allow) C:\Program Files\Origin Games\Mass Effect 2\Binaries\MassEffect2.exe
FirewallRules: [{CCC6C245-A591-4F13-8E34-E1A3CEC4BF01}] => (Allow) C:\Program Files\Origin Games\Mass Effect 2\Binaries\MassEffect2.exe
FirewallRules: [TCP Query User{7EE02EE9-2A03-4F0B-AEE9-939DD45CC2C1}C:\program files\origin games\mass effect 2\binaries\me2game.exe] => (Allow) C:\program files\origin games\mass effect 2\binaries\me2game.exe
FirewallRules: [UDP Query User{6CDBB1C0-89DC-44CD-8F92-3395B9341C46}C:\program files\origin games\mass effect 2\binaries\me2game.exe] => (Allow) C:\program files\origin games\mass effect 2\binaries\me2game.exe
FirewallRules: [{6F408DDB-3DD6-4B6A-BAEB-68F8C70D60A7}] => (Block) C:\program files\origin games\mass effect 2\binaries\me2game.exe
FirewallRules: [{8BC58CC0-5084-4FF2-98BB-762ADE498D1C}] => (Block) C:\program files\origin games\mass effect 2\binaries\me2game.exe
FirewallRules: [{D0BFFB8B-BCF6-423E-8F78-6E6F7F80A313}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{96D77EF8-7727-452F-87CD-026FA95E78A4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{7DB77293-15FA-4582-B0E5-D5C865B17223}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{43FD42E5-A744-469B-9A45-A00E2A5875FF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4073468F-36E2-4B54-B138-3EDB119BAB7D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{CADABAA3-2B15-408E-BF35-CC90B387D60B}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{2927E57D-965E-457B-88C7-E8F1DC56895A}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{8D8CA9D3-521C-4C44-AEE9-EECF08A2EBB7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{46792E90-A8F9-4E11-BC4E-B295843D5D3B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{465B37E5-4E1F-4B7C-814D-7D50D871124B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B5ABCCB2-D088-4572-A1A9-0D51FADC2D49}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C8A846E3-AE63-4C02-AF3E-5EE0A28FC51B}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{4883B944-6EC8-42FD-84E5-3FCA566EEDFC}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{7A1E9F0D-016B-4BC1-B732-5BC3C8ECF808}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{FE920E79-E7D1-4D5D-BCCC-E6117C2DD26B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{9C941C73-BAFF-42F9-AD67-FCC3321CC5A2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F813B4B1-9496-4AC7-9E7D-7B2901B6D4B8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{302D9A6D-D79F-48B3-8AC9-130E33C3F08E}] => (Allow) C:\Program Files\Battle.net\Battle.net.exe
FirewallRules: [{9306D440-4515-4A3D-BDBB-075B173319C8}] => (Allow) C:\Program Files\Battle.net\Battle.net.exe
FirewallRules: [{8B92AE15-4349-4F83-AE31-5E47497A6EB1}] => (Allow) C:\Program Files\Hearthstone\Hearthstone.exe
FirewallRules: [{CC68092C-C38B-4540-8792-F315116BCA0B}] => (Allow) C:\Program Files\Hearthstone\Hearthstone.exe
FirewallRules: [{8984E834-618A-4612-8868-6D4C8024B759}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{D67370D0-A35B-43B0-A3F9-3825ED6F4B70}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{97C0171E-166C-4338-9AB5-7A6AE7183305}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{FACB9E0A-2815-4BDD-81F9-60BE6A4DCFBC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{B4FDD9C1-E6CA-405D-97F2-D2F9FBE0F70C}] => (Allow) C:\Program Files\Tunngle\TnglCtrl.exe
FirewallRules: [{49183C5A-2F2A-4F7B-B49A-B7A1C04B00FE}] => (Allow) C:\Program Files\Tunngle\TnglCtrl.exe
FirewallRules: [{D8D9E067-54E1-49C0-9431-622567CC9924}] => (Allow) C:\Program Files\Tunngle\Tunngle.exe
FirewallRules: [{0B84A52E-0427-4D76-92FE-53720CC95615}] => (Allow) C:\Program Files\Tunngle\Tunngle.exe
FirewallRules: [TCP Query User{2604AD7E-9015-4F42-ABE7-97BF76201770}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{7FD376D4-1A37-41B5-A72F-6AF9CE4F2EEB}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{C6E8561A-24A4-44C8-A8E9-913776636239}] => (Block) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{498AE7FE-D0D8-419C-B6EE-10519CAAE0DB}] => (Block) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{A0160033-8FC5-4B01-A85C-7CE8612E3C9F}] => (Allow) C:\Users\uzivatel\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{C8AEF42F-06A7-4B3D-844B-B8079F6B265D}] => (Allow) C:\Users\uzivatel\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8DF26559-D187-4495-8363-D8A73751F406}] => (Allow) C:\Program Files\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{656C8EDC-5BDF-44AB-9E2A-2373D6BEB05C}] => (Allow) C:\Program Files\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{17923046-19A4-4EE2-9081-6DAFE0BA2D9D}] => (Allow) C:\Program Files\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{4FF22DEC-E583-4489-89BE-FBB820F0A8CB}] => (Allow) C:\Program Files\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{6A64A4B4-819D-4570-916C-C0C578718450}] => (Allow) C:\Program Files\Steam\SteamApps\common\Half-Life 2\hl2.exe
FirewallRules: [{D5555E33-5C34-45B5-8C0E-4261A9895B95}] => (Allow) C:\Program Files\Steam\SteamApps\common\Half-Life 2\hl2.exe
FirewallRules: [{2B2A8577-0325-4D29-83BE-B74B7A6751A9}] => (Allow) C:\Program Files\Steam\SteamApps\common\Portal\hl2.exe
FirewallRules: [{0711FAD7-1BF6-4F94-8D36-388CEEA04878}] => (Allow) C:\Program Files\Steam\SteamApps\common\Portal\hl2.exe
FirewallRules: [{BF304A5D-C030-4ED7-B0E9-911ABB3DD547}] => (Allow) C:\Program Files\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{864DFB09-DA28-4C01-A313-92E2FFADF67B}] => (Allow) C:\Program Files\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{3438AA6A-5C79-465F-A3BE-7E047C1D382F}] => (Allow) C:\Program Files\Steam\SteamApps\common\Source SDK Base\hl2.exe
FirewallRules: [{9524995D-79D0-411D-B4B4-6F9EA2862F9B}] => (Allow) C:\Program Files\Steam\SteamApps\common\Source SDK Base\hl2.exe
FirewallRules: [{2FC27951-101E-490E-859C-0A43CB4734E1}] => (Allow) C:\Program Files\Ubisoft\Might & Magic Heroes VI\Might & Magic Heroes VI.exe
FirewallRules: [{DF272DCB-114B-4659-BD9B-2C1C67D56031}] => (Allow) C:\Program Files\Ubisoft\Might & Magic Heroes VI\Might & Magic Heroes VI.exe
FirewallRules: [{98CC1E32-431E-4956-8ED1-ABA885790E9B}] => (Allow) C:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [{ACB7EB4A-7EEA-452E-9D06-72A73DC4064F}] => (Allow) C:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{774C45E3-3392-48C1-BA34-C568C04FF0BA}C:\program files\hearthstone\hearthstone.exe] => (Allow) C:\program files\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{2D03A98C-A886-4BDC-9F2A-81469FC0E8B5}C:\program files\hearthstone\hearthstone.exe] => (Allow) C:\program files\hearthstone\hearthstone.exe
FirewallRules: [{DE0A52C6-432D-45FE-8D01-2BCBFAB46120}] => (Allow) C:\Program Files\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{EB5F34C7-F73E-49D9-93AF-5116C68E3477}] => (Allow) C:\Program Files\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{C38E02B8-02EC-4175-A09C-F826CA9AFB9A}] => (Allow) C:\Program Files\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{09E45E5B-373C-47DE-B75C-730FEDE27E14}] => (Allow) C:\Program Files\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{8B89E86B-59E4-4137-961F-7435300A6189}] => (Allow) C:\Program Files\Origin Games\Mass Effect 2\Binaries\MassEffect2.exe
FirewallRules: [{DCCE68AA-D0D2-4B88-8441-3A727B397F96}] => (Allow) C:\Program Files\Origin Games\Mass Effect 2\Binaries\MassEffect2.exe
FirewallRules: [TCP Query User{533AE04C-4F3F-4B6D-A03A-BDC6EEFA191E}C:0\hry\vampire the masquerade - redemption\vampire.exe] => (Allow) C:0\hry\vampire the masquerade - redemption\vampire.exe
FirewallRules: [UDP Query User{28A234CD-4237-44ED-8EDA-5229FE01F9CB}C:0\hry\vampire the masquerade - redemption\vampire.exe] => (Allow) C:0\hry\vampire the masquerade - redemption\vampire.exe
FirewallRules: [TCP Query User{B3FBE94E-6501-40B3-94D1-E0533B373CF3}C:\users\uzivatel\desktop\warcraft (ingvar)\warcraft iii (ingvar)\war3.exe] => (Allow) C:\users\uzivatel\desktop\warcraft (ingvar)\warcraft iii (ingvar)\war3.exe
FirewallRules: [UDP Query User{4122F12D-D665-4773-8D1E-0516A70093DC}C:\users\uzivatel\desktop\warcraft (ingvar)\warcraft iii (ingvar)\war3.exe] => (Allow) C:\users\uzivatel\desktop\warcraft (ingvar)\warcraft iii (ingvar)\war3.exe
FirewallRules: [{94B36D1D-2A01-47D2-B551-2155BEAD0151}] => (Allow) C:\Program Files\Steam\SteamApps\common\The Wolf Among Us\TheWolfAmongUs.exe
FirewallRules: [{5E9A2218-2AE1-4295-B71D-923B3F93D499}] => (Allow) C:\Program Files\Steam\SteamApps\common\The Wolf Among Us\TheWolfAmongUs.exe
FirewallRules: [{D6070746-0C9C-4D50-92A7-C57F122B6047}] => (Allow) C:\Program Files\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{A8239ED3-1F6E-4FD9-84BE-12CBC5E77317}] => (Allow) C:\Program Files\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [TCP Query User{59445ADE-3D4B-4718-B7FC-7B814FF913B1}C:\program files\origin games\mass effect 3\binaries\win32\masseffect3.exe] => (Allow) C:\program files\origin games\mass effect 3\binaries\win32\masseffect3.exe
FirewallRules: [UDP Query User{159C60BF-311C-42AA-A141-BC320EF947EA}C:\program files\origin games\mass effect 3\binaries\win32\masseffect3.exe] => (Allow) C:\program files\origin games\mass effect 3\binaries\win32\masseffect3.exe
FirewallRules: [TCP Query User{6530A7E0-E1B7-43A4-99B9-2B62EF71ECE2}C:\program files\airdroid\airdroid.exe] => (Allow) C:\program files\airdroid\airdroid.exe
FirewallRules: [UDP Query User{33C17195-2999-4AAD-814F-557736381A35}C:\program files\airdroid\airdroid.exe] => (Allow) C:\program files\airdroid\airdroid.exe
FirewallRules: [{CD280FB8-588D-4DF4-9EBA-58C8D0C22064}] => (Allow) C:\Program Files\Steam\SteamApps\common\Source SDK Base 2007\hl2.exe
FirewallRules: [{022A05AB-C9BE-497D-BC13-4C18CB592E81}] => (Allow) C:\Program Files\Steam\SteamApps\common\Source SDK Base 2007\hl2.exe
FirewallRules: [{EA5F506F-E6F6-448D-AD8A-E415E5293831}] => (Allow) C:\Program Files\Tunngle\TnglCtrl.exe
FirewallRules: [{41EF69C4-24AF-4F4B-AA41-3946B37547E3}] => (Allow) C:\Program Files\Tunngle\TnglCtrl.exe
FirewallRules: [{53112A7D-921D-466B-BB2D-F35F1148BEC1}] => (Allow) C:\Program Files\Tunngle\Tunngle.exe
FirewallRules: [{B66C4ACB-3D4F-48A4-B951-9958BC055D43}] => (Allow) C:\Program Files\Tunngle\Tunngle.exe
FirewallRules: [{72C60C2D-C2B9-4374-B912-2EBFE239C09D}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{350DDE31-FF9D-416B-BA1B-AC6B259A22F6}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{D182ABD3-CE7D-4BAB-8796-81370120BE91}] => (Allow) C:\Program Files\HP\HP Deskjet 1510 series\Bin\USBSetup.exe
FirewallRules: [{A219C4FB-1666-471C-BDB2-01748274A787}] => (Allow) C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{47A6C8C9-06F8-4C80-AFC0-F78F1008E433}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/01/2015 10:35:50 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Službu nelze spustit. System.IO.FileNotFoundException: Soubor C:\ProgramData\BlueStacks\Android\kernel.elf nebyl nalezen.
Název souboru: C:\ProgramData\BlueStacks\Android\kernel.elf
v BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
v System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (05/01/2015 00:03:26 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Hearthstone.exe verze 2.5.0.8416 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 1efc

Čas spuštění: 01d083915d4b235c

Čas ukončení: 152

Cesta k aplikaci: C:\Program Files\Hearthstone\Hearthstone.exe

ID hlášení: b7e9fc77-ef84-11e4-bdcd-00241d562a1c

Error: (04/30/2015 06:35:07 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1 se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (04/30/2015 06:34:51 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1 se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (04/30/2015 03:46:03 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Službu nelze spustit. System.IO.FileNotFoundException: Soubor C:\ProgramData\BlueStacks\Android\kernel.elf nebyl nalezen.
Název souboru: C:\ProgramData\BlueStacks\Android\kernel.elf
v BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
v System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (04/30/2015 03:26:09 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10007) (User: uzivatel-PC)
Description: Aplikaci nebo službu Internet Pass-Through Service nelze restartovat.

Error: (04/30/2015 03:20:41 PM) (Source: MsiInstaller) (EventID: 10005) (User: uzivatel-PC)
Description: Product: BlueStacks Notification Center -- The installer has encountered an unexpected error installing this package. This may indicate a problem with this package. The error code is 2318. The arguments are: C:\ProgramData\BlueStacks\Logs\BlueStacksUpdater.log, ,

Error: (04/30/2015 03:19:11 PM) (Source: MsiInstaller) (EventID: 10005) (User: uzivatel-PC)
Description: Product: BlueStacks Notification Center -- The installer has encountered an unexpected error installing this package. This may indicate a problem with this package. The error code is 2318. The arguments are: C:\ProgramData\BlueStacks\Logs\BlueStacksUpdater.log, ,

Error: (04/30/2015 03:18:35 PM) (Source: MsiInstaller) (EventID: 10005) (User: uzivatel-PC)
Description: Product: BlueStacks Notification Center -- The installer has encountered an unexpected error installing this package. This may indicate a problem with this package. The error code is 2318. The arguments are: C:\ProgramData\BlueStacks\Logs\BlueStacksUpdater.log, ,

Error: (04/30/2015 02:33:32 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: Správce oken plochy zjistil závažnou chybu (0x0).


System errors:
=============
Error: (05/01/2015 10:37:39 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Seskupování v sítích peer-to-peer závisí na službě Protokol PNRP (Peer Name Resolution Protocol), která neuspěla při spuštění v důsledku následující chyby:
%%-2140993535

Error: (05/01/2015 10:37:39 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Protokol PNRP (Peer Name Resolution Protocol) byla ukončena s následující chybou:
%%-2140993535

Error: (05/01/2015 10:37:39 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Seskupování v sítích peer-to-peer závisí na službě Protokol PNRP (Peer Name Resolution Protocol), která neuspěla při spuštění v důsledku následující chyby:
%%-2140993535

Error: (05/01/2015 10:37:39 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Protokol PNRP (Peer Name Resolution Protocol) byla ukončena s následující chybou:
%%-2140993535

Error: (05/01/2015 10:37:39 AM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801

Error: (05/01/2015 10:37:39 AM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801

Error: (05/01/2015 10:37:33 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Seskupování v sítích peer-to-peer závisí na službě Protokol PNRP (Peer Name Resolution Protocol), která neuspěla při spuštění v důsledku následující chyby:
%%-2140993535

Error: (05/01/2015 10:37:33 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Protokol PNRP (Peer Name Resolution Protocol) byla ukončena s následující chybou:
%%-2140993535

Error: (05/01/2015 10:37:33 AM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801

Error: (05/01/2015 10:36:30 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
prodrv06
prohlp02
prosync1
sfhlp01
sptd


Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Duo CPU E7500 @ 2.93GHz
Percentage of memory in use: 48%
Total physical RAM: 3326.49 MB
Available physical RAM: 1698.49 MB
Total Pagefile: 6651.28 MB
Available Pagefile: 4643.49 MB
Total Virtual: 2047.88 MB
Available Virtual: 1891.61 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:690.82 GB) (Free:169.19 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (JURASSIC_PARK_3) (CDROM) (Total:6.9 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or (Size: 698.6 GB) (Disk ID: 30D6E82F)
Partition 1: (Active) - (Size=690.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=7.8 GB) - (Type=27)

==================== End Of Log ============================

[mople71]

Odinstaluj prosím tyto programy:

Kód: Vybrat vše

CCleaner

------------------------------------------------------------

Aplikuj fixlist pro FRST:

Na Ploše (musí na ní být umístěn FRST) vytvoř textový soubor s názvem fixlist, do něj zkopíruj následujcí skript a ulož.

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

Task: {03A6038B-9726-4920-BC98-92EA080E3315} - System32\Tasks\{F3E3C00A-F9E3-4A9C-BE1D-544231239E19} => pcalua.exe -a D:\SETUP.EXE -d D:\
Task: {07FDC213-D5EE-4964-B5A2-8BC6F07AB68E} - System32\Tasks\{58054D16-CFF0-41A6-A8A0-A06563D42013} => pcalua.exe -a C:\Users\uzivatel\Desktop\MK4\SETUP.EXE -d C:\Users\uzivatel\Desktop\MK4
Task: {2032853E-5F43-4031-98D5-3A167CF10CD8} - System32\Tasks\{488F9C62-97FC-45A3-9B8E-5F0FD6CF1D61} => pcalua.exe -a J:\Setup.exe -d J:\
Task: {2D37E134-A005-4652-8813-4800F130ED89} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-04-23] (Piriform Ltd)
Task: {2EBB7C80-E95A-49E9-B614-298DF62C133B} - System32\Tasks\{351CE8D0-E118-4D05-BB44-912B99CA49C5} => pcalua.exe -a C:\Users\uzivatel\Desktop\CD\CD3Setup\CD3Setup.exe -d C:\Users\uzivatel\Desktop\CD\CD3Setup
Task: {3ABB140B-9C2F-46E2-8205-B6A1755C01C2} - System32\Tasks\{1B061779-D8F7-4DFA-A970-B71ABD1DB7D9} => pcalua.exe -a "C:\Program Files\Hamachi\hamachi.exe" -d C:\Users\uzivatel\Desktop
Task: {403E4B07-F44C-4AD9-83DA-52CFF157E83D} - System32\Tasks\{739BFDD5-474E-4492-9A2E-075BB81B132F} => C:\Program Files\Punské války\PUNSKE_VALKY.EXE [2012-03-02] ()
Task: {53758D62-2D1F-4F95-B082-ABD051C850A3} - System32\Tasks\{0F734785-1CCE-4A20-886F-719A4E048629} => pcalua.exe -a "C:\Users\uzivatel\Desktop\League of Legends\setup.exe" -d "C:\Users\uzivatel\Desktop\League of Legends"
Task: {5BDFF710-9C9A-449B-A8E2-C50547FD13AD} - System32\Tasks\{157B79A5-B3C7-4CBF-86A5-016ADF692C8A} => pcalua.exe -a C:\Users\uzivatel\loleusetup.exe
Task: {602095BF-BF25-49CF-AA33-CAB9CBE58E81} - System32\Tasks\{88E1DC6A-96C8-4477-AF2B-49D0780B0C4C} => pcalua.exe -a C:\Users\uzivatel\Desktop\CD3\CD3Setup\CD3Setup.exe -d C:\Users\uzivatel\Desktop\CD3\CD3Setup
Task: {760236B1-06A0-459B-A2F2-C06CC73BE06F} - System32\Tasks\{A998202D-F948-41F8-8984-F07C6D4C3356} => pcalua.exe -a "C:\Program Files\Steam\steam.exe" -c steam://uninstall/233070
Task: {77D3A4DB-E650-4322-9939-80AC28D20FCD} - System32\Tasks\{3748EC42-A052-45B1-B045-33969D0F0D42} => C:\Program Files\Punské války\PUNSKE_VALKY.EXE [2012-03-02] ()
Task: {91B12C7B-40ED-4CA8-B59F-FA1994463F55} - System32\Tasks\{765FD839-C2AD-4DA9-8C1F-41502BC09A62} => pcalua.exe -a C:\Users\uzivatel\Desktop\mp3rec10\MP3REC10.exe -d C:\Users\uzivatel\Desktop\mp3rec10
Task: {B57476A6-208F-4F5E-B893-0DCFF3DD8B3A} - System32\Tasks\{3A596BCB-71E9-4FAC-814D-E6AFA7BD3831} => pcalua.exe -a C:\Users\uzivatel\Downloads\LOLReplay-0-5-9-3.exe -d C:\Users\uzivatel\Downloads
Task: {C923EE75-FDD4-4C23-AFFE-07858D9E1648} - System32\Tasks\{5ACB8D7B-4AFB-4706-A3C1-B326B0B2729C} => C:\Program Files\Punské války\PUNSKE_VALKY.EXE [2012-03-02] ()
Task: {DC2940FD-BCA9-497D-BA84-626FE80A1C05} - System32\Tasks\{03315E63-A5B5-4AC9-9DCA-A32E3D32AE1C} => pcalua.exe -a C:\Windows\IsUninst.exe -c -fC:\KKNDXtreme\Uninst.isu
Task: {EC3EB398-D514-4A00-9C48-7BC21005C10F} - System32\Tasks\{2D3AE3AD-7518-462A-85A6-ADA843B3CCDA} => C:\Program Files\Skype\Phone\Skype.exe [2015-02-26] (Skype Technologies S.A.)
Task: {EEEF8719-0E8A-4784-BAA8-D17360B6554A} - System32\Tasks\{BF55EBEF-F0F5-4174-8EBF-CAAFF04EC3BF} => pcalua.exe -a C:\ProgramData\Wizard101(UK)\Wizard101.exe -d C:\ProgramData\Wizard101(UK)
Task: {FC487C4E-2D38-4297-9AE7-E1A882E73A6A} - System32\Tasks\{BCEFC9CA-4B8E-4A49-9DD1-7B4C880F4BE3} => pcalua.exe -a C:\Users\uzivatel\Desktop\stsetup.exe -d C:\Users\uzivatel\Desktop
AlternateDataStreams: C:\ProgramData\TEMP:05EE1EEF
C:\ProgramData\TEMP

HKLM\...\Run: [] => [X]
HKU\S-1-5-21-3545453532-2280684333-2720647477-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6278424 2015-04-23] (Piriform Ltd)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3545453532-2280684333-2720647477-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-3545453532-2280684333-2720647477-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3545453532-2280684333-2720647477-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09] (Skype Technologies S.A.)

FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @pack.google.com/Google Updater;version=14 -> C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll No File
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Extension: No Name - C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\profiles\extensions\extensions [2013-05-26]
FF Extension: No Name - C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\profiles\extensions\searchplugins [2013-11-27]

C:\Users\uzivatel\Desktop\*.tmp
C:\Windows\Tasks\*.job
C:\ProgramData\RogueKiller
C:\ProgramData\ezsidmv.dat

CMD: bitsadmin /reset /allusers
CMD: dir C:\Windows\erdnt
CMD: dir %appdata%
CMD: dir %localappdata%
CMD: dir %programdata%

EmptyTemp:
End

Poté otevři FRST jako správce a klikni na tlačítko >Fix<. Po restartu PC se na Ploše objeví fixlog, jeho obsah prosím vlož do dalšího příspěvku.

[Wayshan]

Hele jenom se chci ujistit, že to nebude dělat žádný brutální zásahy. Je to bezpečný? Protože já momentálně pracuju na PC s důležitými materály a kdyby se stalo něco typu že by to nešlo zapnout, tak bych měl celkem problém.

Tak bych jen rád věděl co teda teď děláme a jestli nic nehrozí, dík.

[mople71]

Neveříš?

Nic brutálního tam není.

[Wayshan]

Ale věřím věřím, jen se chci ujistit, že se nechceš pouštět do nějakých drsných zásahů, protože v tom případě bych to odložil o pár týdnů až už PC nebudu nutně potřebovat Ale už mlčím a poslouchám :) Takže co dál?

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 29-04-2015 01
Ran by uzivatel at 2015-05-01 23:54:37 Run:1
Running from C:\Users\uzivatel\Desktop
Loaded Profiles: uzivatel (Available profiles: uzivatel & Madlenka & Rodina)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:

Task: {03A6038B-9726-4920-BC98-92EA080E3315} - System32\Tasks\{F3E3C00A-F9E3-4A9C-BE1D-544231239E19} => pcalua.exe -a D:\SETUP.EXE -d D:\
Task: {07FDC213-D5EE-4964-B5A2-8BC6F07AB68E} - System32\Tasks\{58054D16-CFF0-41A6-A8A0-A06563D42013} => pcalua.exe -a C:\Users\uzivatel\Desktop\MK4\SETUP.EXE -d C:\Users\uzivatel\Desktop\MK4
Task: {2032853E-5F43-4031-98D5-3A167CF10CD8} - System32\Tasks\{488F9C62-97FC-45A3-9B8E-5F0FD6CF1D61} => pcalua.exe -a J:\Setup.exe -d J:\
Task: {2D37E134-A005-4652-8813-4800F130ED89} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-04-23] (Piriform Ltd)
Task: {2EBB7C80-E95A-49E9-B614-298DF62C133B} - System32\Tasks\{351CE8D0-E118-4D05-BB44-912B99CA49C5} => pcalua.exe -a C:\Users\uzivatel\Desktop\CD\CD3Setup\CD3Setup.exe -d C:\Users\uzivatel\Desktop\CD\CD3Setup
Task: {3ABB140B-9C2F-46E2-8205-B6A1755C01C2} - System32\Tasks\{1B061779-D8F7-4DFA-A970-B71ABD1DB7D9} => pcalua.exe -a "C:\Program Files\Hamachi\hamachi.exe" -d C:\Users\uzivatel\Desktop
Task: {403E4B07-F44C-4AD9-83DA-52CFF157E83D} - System32\Tasks\{739BFDD5-474E-4492-9A2E-075BB81B132F} => C:\Program Files\Punské války\PUNSKE_VALKY.EXE [2012-03-02] ()
Task: {53758D62-2D1F-4F95-B082-ABD051C850A3} - System32\Tasks\{0F734785-1CCE-4A20-886F-719A4E048629} => pcalua.exe -a "C:\Users\uzivatel\Desktop\League of Legends\setup.exe" -d "C:\Users\uzivatel\Desktop\League of Legends"
Task: {5BDFF710-9C9A-449B-A8E2-C50547FD13AD} - System32\Tasks\{157B79A5-B3C7-4CBF-86A5-016ADF692C8A} => pcalua.exe -a C:\Users\uzivatel\loleusetup.exe
Task: {602095BF-BF25-49CF-AA33-CAB9CBE58E81} - System32\Tasks\{88E1DC6A-96C8-4477-AF2B-49D0780B0C4C} => pcalua.exe -a C:\Users\uzivatel\Desktop\CD3\CD3Setup\CD3Setup.exe -d C:\Users\uzivatel\Desktop\CD3\CD3Setup
Task: {760236B1-06A0-459B-A2F2-C06CC73BE06F} - System32\Tasks\{A998202D-F948-41F8-8984-F07C6D4C3356} => pcalua.exe -a "C:\Program Files\Steam\steam.exe" -c steam://uninstall/233070
Task: {77D3A4DB-E650-4322-9939-80AC28D20FCD} - System32\Tasks\{3748EC42-A052-45B1-B045-33969D0F0D42} => C:\Program Files\Punské války\PUNSKE_VALKY.EXE [2012-03-02] ()
Task: {91B12C7B-40ED-4CA8-B59F-FA1994463F55} - System32\Tasks\{765FD839-C2AD-4DA9-8C1F-41502BC09A62} => pcalua.exe -a C:\Users\uzivatel\Desktop\mp3rec10\MP3REC10.exe -d C:\Users\uzivatel\Desktop\mp3rec10
Task: {B57476A6-208F-4F5E-B893-0DCFF3DD8B3A} - System32\Tasks\{3A596BCB-71E9-4FAC-814D-E6AFA7BD3831} => pcalua.exe -a C:\Users\uzivatel\Downloads\LOLReplay-0-5-9-3.exe -d C:\Users\uzivatel\Downloads
Task: {C923EE75-FDD4-4C23-AFFE-07858D9E1648} - System32\Tasks\{5ACB8D7B-4AFB-4706-A3C1-B326B0B2729C} => C:\Program Files\Punské války\PUNSKE_VALKY.EXE [2012-03-02] ()
Task: {DC2940FD-BCA9-497D-BA84-626FE80A1C05} - System32\Tasks\{03315E63-A5B5-4AC9-9DCA-A32E3D32AE1C} => pcalua.exe -a C:\Windows\IsUninst.exe -c -fC:\KKNDXtreme\Uninst.isu
Task: {EC3EB398-D514-4A00-9C48-7BC21005C10F} - System32\Tasks\{2D3AE3AD-7518-462A-85A6-ADA843B3CCDA} => C:\Program Files\Skype\Phone\Skype.exe [2015-02-26] (Skype Technologies S.A.)
Task: {EEEF8719-0E8A-4784-BAA8-D17360B6554A} - System32\Tasks\{BF55EBEF-F0F5-4174-8EBF-CAAFF04EC3BF} => pcalua.exe -a C:\ProgramData\Wizard101(UK)\Wizard101.exe -d C:\ProgramData\Wizard101(UK)
Task: {FC487C4E-2D38-4297-9AE7-E1A882E73A6A} - System32\Tasks\{BCEFC9CA-4B8E-4A49-9DD1-7B4C880F4BE3} => pcalua.exe -a C:\Users\uzivatel\Desktop\stsetup.exe -d C:\Users\uzivatel\Desktop
AlternateDataStreams: C:\ProgramData\TEMP:05EE1EEF
C:\ProgramData\TEMP

HKLM\...\Run: [] => [X]
HKU\S-1-5-21-3545453532-2280684333-2720647477-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6278424 2015-04-23] (Piriform Ltd)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3545453532-2280684333-2720647477-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-3545453532-2280684333-2720647477-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3545453532-2280684333-2720647477-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09] (Skype Technologies S.A.)

FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @pack.google.com/Google Updater;version=14 -> C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll No File
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Extension: No Name - C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\profiles\extensions\extensions [2013-05-26]
FF Extension: No Name - C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\profiles\extensions\searchplugins [2013-11-27]

C:\Users\uzivatel\Desktop\*.tmp
C:\Windows\Tasks\*.job
C:\ProgramData\RogueKiller
C:\ProgramData\ezsidmv.dat

CMD: bitsadmin /reset /allusers
CMD: dir C:\Windows\erdnt
CMD: dir %appdata%
CMD: dir %localappdata%
CMD: dir %programdata%

EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{03A6038B-9726-4920-BC98-92EA080E3315}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{03A6038B-9726-4920-BC98-92EA080E3315}" => Key deleted successfully.
C:\Windows\System32\Tasks\{F3E3C00A-F9E3-4A9C-BE1D-544231239E19} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F3E3C00A-F9E3-4A9C-BE1D-544231239E19}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{07FDC213-D5EE-4964-B5A2-8BC6F07AB68E}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{07FDC213-D5EE-4964-B5A2-8BC6F07AB68E}" => Key deleted successfully.
C:\Windows\System32\Tasks\{58054D16-CFF0-41A6-A8A0-A06563D42013} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{58054D16-CFF0-41A6-A8A0-A06563D42013}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2032853E-5F43-4031-98D5-3A167CF10CD8}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2032853E-5F43-4031-98D5-3A167CF10CD8}" => Key deleted successfully.
C:\Windows\System32\Tasks\{488F9C62-97FC-45A3-9B8E-5F0FD6CF1D61} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{488F9C62-97FC-45A3-9B8E-5F0FD6CF1D61}" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2D37E134-A005-4652-8813-4800F130ED89} => Key not found.
C:\Windows\System32\Tasks\CCleanerSkipUAC not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2EBB7C80-E95A-49E9-B614-298DF62C133B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2EBB7C80-E95A-49E9-B614-298DF62C133B}" => Key deleted successfully.
C:\Windows\System32\Tasks\{351CE8D0-E118-4D05-BB44-912B99CA49C5} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{351CE8D0-E118-4D05-BB44-912B99CA49C5}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3ABB140B-9C2F-46E2-8205-B6A1755C01C2}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3ABB140B-9C2F-46E2-8205-B6A1755C01C2}" => Key deleted successfully.
C:\Windows\System32\Tasks\{1B061779-D8F7-4DFA-A970-B71ABD1DB7D9} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{1B061779-D8F7-4DFA-A970-B71ABD1DB7D9}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{403E4B07-F44C-4AD9-83DA-52CFF157E83D}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{403E4B07-F44C-4AD9-83DA-52CFF157E83D}" => Key deleted successfully.
C:\Windows\System32\Tasks\{739BFDD5-474E-4492-9A2E-075BB81B132F} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{739BFDD5-474E-4492-9A2E-075BB81B132F}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{53758D62-2D1F-4F95-B082-ABD051C850A3}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{53758D62-2D1F-4F95-B082-ABD051C850A3}" => Key deleted successfully.
C:\Windows\System32\Tasks\{0F734785-1CCE-4A20-886F-719A4E048629} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{0F734785-1CCE-4A20-886F-719A4E048629}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5BDFF710-9C9A-449B-A8E2-C50547FD13AD}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5BDFF710-9C9A-449B-A8E2-C50547FD13AD}" => Key deleted successfully.
C:\Windows\System32\Tasks\{157B79A5-B3C7-4CBF-86A5-016ADF692C8A} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{157B79A5-B3C7-4CBF-86A5-016ADF692C8A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{602095BF-BF25-49CF-AA33-CAB9CBE58E81}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{602095BF-BF25-49CF-AA33-CAB9CBE58E81}" => Key deleted successfully.
C:\Windows\System32\Tasks\{88E1DC6A-96C8-4477-AF2B-49D0780B0C4C} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{88E1DC6A-96C8-4477-AF2B-49D0780B0C4C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{760236B1-06A0-459B-A2F2-C06CC73BE06F}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{760236B1-06A0-459B-A2F2-C06CC73BE06F}" => Key deleted successfully.
C:\Windows\System32\Tasks\{A998202D-F948-41F8-8984-F07C6D4C3356} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A998202D-F948-41F8-8984-F07C6D4C3356}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{77D3A4DB-E650-4322-9939-80AC28D20FCD}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{77D3A4DB-E650-4322-9939-80AC28D20FCD}" => Key deleted successfully.
C:\Windows\System32\Tasks\{3748EC42-A052-45B1-B045-33969D0F0D42} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{3748EC42-A052-45B1-B045-33969D0F0D42}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{91B12C7B-40ED-4CA8-B59F-FA1994463F55}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{91B12C7B-40ED-4CA8-B59F-FA1994463F55}" => Key deleted successfully.
C:\Windows\System32\Tasks\{765FD839-C2AD-4DA9-8C1F-41502BC09A62} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{765FD839-C2AD-4DA9-8C1F-41502BC09A62}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B57476A6-208F-4F5E-B893-0DCFF3DD8B3A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B57476A6-208F-4F5E-B893-0DCFF3DD8B3A}" => Key deleted successfully.
C:\Windows\System32\Tasks\{3A596BCB-71E9-4FAC-814D-E6AFA7BD3831} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{3A596BCB-71E9-4FAC-814D-E6AFA7BD3831}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C923EE75-FDD4-4C23-AFFE-07858D9E1648}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C923EE75-FDD4-4C23-AFFE-07858D9E1648}" => Key deleted successfully.
C:\Windows\System32\Tasks\{5ACB8D7B-4AFB-4706-A3C1-B326B0B2729C} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{5ACB8D7B-4AFB-4706-A3C1-B326B0B2729C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DC2940FD-BCA9-497D-BA84-626FE80A1C05}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DC2940FD-BCA9-497D-BA84-626FE80A1C05}" => Key deleted successfully.
C:\Windows\System32\Tasks\{03315E63-A5B5-4AC9-9DCA-A32E3D32AE1C} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{03315E63-A5B5-4AC9-9DCA-A32E3D32AE1C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EC3EB398-D514-4A00-9C48-7BC21005C10F}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EC3EB398-D514-4A00-9C48-7BC21005C10F}" => Key deleted successfully.
C:\Windows\System32\Tasks\{2D3AE3AD-7518-462A-85A6-ADA843B3CCDA} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{2D3AE3AD-7518-462A-85A6-ADA843B3CCDA}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EEEF8719-0E8A-4784-BAA8-D17360B6554A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EEEF8719-0E8A-4784-BAA8-D17360B6554A}" => Key deleted successfully.
C:\Windows\System32\Tasks\{BF55EBEF-F0F5-4174-8EBF-CAAFF04EC3BF} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{BF55EBEF-F0F5-4174-8EBF-CAAFF04EC3BF}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FC487C4E-2D38-4297-9AE7-E1A882E73A6A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FC487C4E-2D38-4297-9AE7-E1A882E73A6A}" => Key deleted successfully.
C:\Windows\System32\Tasks\{BCEFC9CA-4B8E-4A49-9DD1-7B4C880F4BE3} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{BCEFC9CA-4B8E-4A49-9DD1-7B4C880F4BE3}" => Key deleted successfully.
C:\ProgramData\TEMP => ":05EE1EEF" ADS removed successfully.
C:\ProgramData\TEMP => Moved successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKU\S-1-5-21-3545453532-2280684333-2720647477-1000\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => Value not found.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-3545453532-2280684333-2720647477-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Search Page => value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page => value deleted successfully.
HKU\S-1-5-21-3545453532-2280684333-2720647477-1000\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\S-1-5-21-3545453532-2280684333-2720647477-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}" => Key deleted successfully.
HKCR\CLSID\{012E1000-F331-11DB-8314-0800200C9A66} => Key not found.
"HKCR\PROTOCOLS\Handler\skype-ie-addon-data" => Key deleted successfully.
"HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => Key deleted successfully.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14" => Key deleted successfully.
"HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3" => Key deleted successfully.
C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll => Moved successfully.
"HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9" => Key deleted successfully.
C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll not found.
C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\profiles\extensions\extensions => Moved successfully.
C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\profiles\extensions\searchplugins => Moved successfully.
C:\Users\uzivatel\Desktop\*.tmp => Moved successfully.
C:\Windows\Tasks\*.job => Moved successfully.
C:\ProgramData\RogueKiller => Moved successfully.
C:\ProgramData\ezsidmv.dat => Moved successfully.

========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

0 out of 0 jobs canceled.

========= End of CMD: =========


========= dir C:\Windows\erdnt =========

Svazek v jednotce C je System.
S�riov� ��slo svazku je CEF8-3679.

V�pis adres��e C:\Windows\erdnt

30.04.2015 14:40 <DIR> .
30.04.2015 14:40 <DIR> ..
10.04.2015 16:43 <DIR> cache
Soubor�: 0, Bajt�: 0
Adres���: 3, Voln�ch bajt�: 178�323�451�904

========= End of CMD: =========


========= dir %appdata% =========

Svazek v jednotce C je System.
S�riov� ��slo svazku je CEF8-3679.

V�pis adres��e C:\Users\uzivatel\AppData\Roaming

30.04.2015 14:24 <DIR> .
30.04.2015 14:24 <DIR> ..
31.03.2014 23:17 <DIR> .minecraft
13.04.2013 16:41 <DIR> Adobe
14.10.2014 18:19 132 Adobe Form�t PNG CS6 - p�edvolby
14.12.2014 12:39 132 Adobe Form�t Targa CS6 - p�edvolby
27.05.2014 17:39 <DIR> Apple Computer
30.04.2015 17:03 <DIR> Audacity
16.02.2013 18:58 <DIR> Autodesk
04.10.2014 09:19 <DIR> AVAST Software
03.10.2011 17:45 <DIR> avidemux
05.03.2014 19:47 <DIR> Battle.net
02.02.2014 22:17 <DIR> Black Sea Studios
03.10.2011 19:04 <DIR> com.adobe.downloadassistant.AdobeDownloadAssistant
30.04.2015 19:27 <DIR> DAEMON Tools Lite
27.03.2011 19:24 <DIR> GameRanger
08.03.2012 19:52 <DIR> GHISLER
15.11.2013 20:13 <DIR> go
12.12.2009 16:33 <DIR> Google
22.09.2013 12:55 <DIR> gtk-2.0
24.12.2011 01:21 <DIR> Hamachi
29.04.2015 18:21 <DIR> HpUpdate
05.03.2015 18:11 <DIR> HTC
01.12.2009 16:31 <DIR> Identities
24.12.2010 20:08 <DIR> InstallShield
31.05.2011 16:02 <DIR> Lionhead Studios
20.05.2010 15:58 <DIR> LolClient
24.05.2012 14:45 <DIR> LolClient2
24.12.2009 19:51 <DIR> Macromedia
13.06.2013 17:06 <DIR> Malwarebytes
15.04.2012 21:19 <DIR> Map Maker
14.07.2009 11:19 <DIR> Media Center Programs
30.04.2015 14:56 <DIR> Media Player Classic
21.07.2014 11:08 <DIR> Might & Magic Heroes VI
11.02.2013 17:08 <DIR> MilkShape 3D 1.x.x
16.11.2014 13:38 <DIR> MKKE
15.11.2013 21:10 <DIR> Mozilla
05.09.2012 15:34 <DIR> NCH Software
15.11.2013 21:21 <DIR> NCH Swift Sound
12.01.2013 19:59 <DIR> NVIDIA
30.05.2010 20:39 <DIR> OpenOffice.org
18.05.2011 20:34 <DIR> Opera
25.06.2013 12:52 <DIR> Origin
01.06.2014 13:10 138�056 PnkBstrK.sys
02.12.2010 18:48 <DIR> resources
03.09.2013 14:20 <DIR> Riot Games
24.04.2014 18:31 45�270 room_v3.dat
01.05.2015 23:54 <DIR> Skype
29.05.2011 10:01 <DIR> skypePM
22.03.2013 13:18 <DIR> Sony
31.05.2011 14:59 <DIR> Spore
30.04.2015 14:56 <DIR> TeamViewer
21.10.2012 14:28 <DIR> Telef�nica M�viles
20.12.2012 17:46 <DIR> TP-LINK
08.07.2013 23:13 <DIR> TS3Client
05.04.2015 21:26 <DIR> Tunngle
31.05.2011 14:58 <DIR> Ubisoft
12.05.2012 01:29 <DIR> Utherverse
01.05.2015 23:52 <DIR> uTorrent
25.03.2014 19:12 <DIR> vexorian
01.05.2015 13:35 <DIR> vlc
28.05.2014 15:52 <DIR> Winamp
21.12.2011 15:25 <DIR> WinRAR
15.11.2013 21:22 <DIR> Zoner
Soubor�: 4, Bajt�: 183�590
Adres���: 60, Voln�ch bajt�: 178�323�447�808

========= End of CMD: =========


========= dir %localappdata% =========

Svazek v jednotce C je System.
S�riov� ��slo svazku je CEF8-3679.

V�pis adres��e C:\Users\uzivatel\AppData\Local

01.05.2015 16:07 <DIR> .
01.05.2015 16:07 <DIR> ..
13.06.2013 21:15 <DIR> 2K Games
01.05.2015 10:45 <DIR> Adobe
27.05.2014 17:39 <DIR> Apple Computer
25.06.2013 14:08 <DIR> Autodesk
01.05.2015 23:53 <DIR> Battle.net
05.03.2014 20:22 <DIR> Blizzard
21.03.2014 22:08 <DIR> Blizzard Entertainment
18.04.2015 19:07 <DIR> Bluestacks
30.04.2015 14:53 <DIR> CrashDumps
05.01.2012 01:19 4�608 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
26.04.2015 13:51 <DIR> Diagnostics
12.04.2015 14:05 <DIR> DOSBox
12.07.2014 11:21 <DIR> Downloaded Installations
16.04.2015 20:52 <DIR> ElevatedDiagnostics
01.06.2014 16:44 <DIR> ESN
16.11.2014 13:38 <DIR> FLT
17.04.2015 17:00 121�960 GDIPFONTCACHEV1.DAT
04.02.2015 18:12 <DIR> Google
22.04.2015 15:55 <DIR> HP
05.03.2015 18:12 <DIR> HTC MediaHub
22.12.2012 14:10 <DIR> L_&_D_Productions
29.03.2014 15:16 <DIR> Microsoft
21.06.2010 11:54 <DIR> Microsoft Games
09.11.2012 17:50 <DIR> Microsoft Help
02.12.2013 20:47 <DIR> NVIDIA
15.08.2014 17:33 <DIR> NVIDIA Corporation
18.05.2011 20:34 <DIR> Opera
06.03.2015 13:12 <DIR> Origin
27.02.2015 18:38 <DIR> Paint.NET
18.10.2014 21:24 <DIR> PAYDAY 2
20.01.2013 15:19 <DIR> Programs
01.06.2014 16:45 <DIR> PunkBuster
27.09.2012 15:58 1�455 RecConfig.xml
03.05.2011 19:41 <DIR> Saltyan
04.05.2014 21:30 <DIR> SKIDROW
27.02.2014 11:59 <DIR> Skype
19.09.2012 14:07 <DIR> Sony
04.03.2015 23:31 <DIR> Steam
01.05.2015 23:54 <DIR> Temp
11.07.2012 13:13 <DIR> Ubisoft Game Launcher
09.04.2015 22:32 <DIR> VirtualStore
07.01.2015 18:51 <DIR> Windows Live
17.12.2010 00:06 <DIR> Windows Live Writer
05.04.2014 10:26 <DIR> WV
01.12.2009 16:38 <DIR> Zoner
Soubor�: 3, Bajt�: 128�023
Adres���: 44, Voln�ch bajt�: 178�323�443�712

========= End of CMD: =========


========= dir %programdata% =========

Svazek v jednotce C je System.
S�riov� ��slo svazku je CEF8-3679.

V�pis adres��e C:\ProgramData

01.05.2015 23:55 <DIR> .
01.05.2015 23:55 <DIR> ..
22.03.2013 21:23 <DIR> Adobe
22.04.2015 15:31 57 Ament.ini
15.11.2012 23:06 <DIR> ASUS Driver
15.11.2013 21:05 <DIR> Autodesk
03.10.2014 13:52 <DIR> AVAST Software
04.03.2014 19:31 <DIR> Battle.net
23.12.2010 09:41 <DIR> Blizzard
09.05.2011 07:25 <DIR> Blizzard Entertainment
18.04.2015 19:07 <DIR> BlueStacks
30.04.2015 14:56 <DIR> BlueStacksSetup
11.03.2013 01:16 <DIR> DAEMON Tools Lite
07.09.2012 13:05 <DIR> EA Core
19.02.2012 19:38 <DIR> EA Logs
07.09.2012 13:05 <DIR> Electronic Arts
20.11.2012 00:37 <DIR> GoldWave
04.02.2015 18:12 <DIR> Google
10.10.2011 17:19 <DIR> Google Updater
22.04.2015 15:32 <DIR> HP
22.04.2015 15:33 <DIR> HP Photo Creations
27.05.2014 17:34 <DIR> HTC
31.05.2011 00:10 <DIR> Installations
28.10.2012 20:48 <DIR> install_clap
07.11.2011 21:04 <DIR> KingsIsle Entertainment
25.03.2015 20:03 <DIR> Malwarebytes
20.04.2013 18:03 <DIR> ManiaPlanet
01.07.2013 12:47 <DIR> Media Center Programs
15.04.2015 16:23 <DIR> Microsoft Help
09.02.2012 21:51 <DIR> MySQL
06.08.2012 09:44 <DIR> NCH Software
31.07.2011 09:30 <DIR> NCH Swift Sound
26.11.2010 17:51 <DIR> Nexon
01.05.2015 10:35 <DIR> NVIDIA
06.05.2014 19:50 <DIR> NVIDIA Corporation
07.03.2015 03:08 <DIR> Origin
22.03.2013 21:26 <DIR> regid.1986-12.com.adobe
20.07.2014 23:23 <DIR> Riot Games
04.03.2015 18:49 <DIR> Skype
04.10.2011 17:34 <DIR> SmartSound Software Inc
19.09.2012 14:07 <DIR> Sony
28.03.2010 16:03 <DIR> Sun
14.02.2013 11:34 <DIR> TP-LINK
29.02.2012 21:21 <DIR> TrackMania
05.04.2015 21:26 <DIR> Tunngle
31.05.2011 14:58 <DIR> Ubisoft
22.04.2015 15:33 <DIR> Visan
21.06.2014 19:42 <DIR> WarThunder
18.04.2015 17:07 <DIR> Wizard101(UK)
13.11.2009 16:42 <DIR> {174892B1-CBE7-44F5-86FF-AB555EFD73A3}
Soubor�: 1, Bajt�: 57
Adres���: 49, Voln�ch bajt�: 178�323�443�712

========= End of CMD: =========

EmptyTemp: => Removed 437 MB temporary data.


The system needed a reboot.

==== End of Fixlog 23:55:42 ====

[mople71]

Tohle už vypadá hodně dobře, co problémy?

[Wayshan]

Nic specifického, jenom mi blbne Skype, každých cca 15 sekund začne neodpovídat, ale to je asi spíš reinstall. Myslím, že to tu můžeme locknout.

Díky všem, chlapi! :)

[mople71]

Ještě uklidíme...

Stáhni si SecurityCheck: http://www.bleepingcomputer.com/download/securitycheck/

Ulož na Plochu, spusť jako Správce, odklikej a nech pracovat. Po dokončení skenu na tebe vyskočí log, jeho obsah sem prosím vlož.

-----------------------------------------------

Stáhni si DelFix: https://toolslib.net/downloads/viewdownload/2-delfix/

V něm označ Remove disinfection tools, Purge system restore a klikni na Run.

Následně prosím dodej jeho log.