kontrola logu, nebo typ na upgrade Pc

[jaro3]

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.


Ten antilogger tam máš schválně?

zkus to tady:
http://www.wintips.org/how-to-fix-svcho ... -problems/

Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

[Reklama]

[hautchr]

antilogger sem pridal nedavno, kdyz sem mel podezreni na napadeni PC, nekdo mi naboural ucet mailu a FB (oboje jine heslo), ted uz ani nevim jak ho odinstalovat, v programech ho nevidim.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:18-04-2016
Ran by Radek (administrator) on PC (25-04-2016 17:35:38)
Running from C:\Users\Radek\Desktop
Loaded Profiles: Radek (Available Profiles: Radek)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Angličtina (Spojené státy)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
() C:\Program Files (x86)\RocketDock\RocketDock.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8067616 2009-08-18] (Realtek Semiconductor)
HKLM\...\Run: [itype] => C:\Program Files\Microsoft IntelliType Pro\itype.exe [2342800 2009-06-01] (Microsoft Corporation)
HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-08-13] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvastUI.exe [7021880 2016-01-26] (AVAST Software)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKU\S-1-5-21-647711843-1496248390-171917661-1000\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-647711843-1496248390-171917661-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [899584 2010-11-20] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShA64.dll [2016-01-26] (AVAST Software)
BootExecute:

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{F9C11A9F-155F-4157-91E5-6BC6B55478A1}: [DhcpNameServer] 213.46.172.36 213.46.172.37

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-647711843-1496248390-171917661-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-647711843-1496248390-171917661-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKU\S-1-5-21-647711843-1496248390-171917661-1000 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-647711843-1496248390-171917661-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [2016-01-26] (AVAST Software)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-04-23] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2016-01-26] (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-23] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\76u3drh3.default
FF NewTab: about:newtab
FF DefaultSearchEngine: Google
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-07] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-07] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-04-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-04-23] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [No File]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2015-10-08] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2015-10-08] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2015-10-08] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2015-10-08] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2015-10-08] (Apple Inc.)
FF Extension: Skype extension for Firefox - C:\Program Files (x86)\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED} [2016-04-12] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2016-01-26]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\Alwil Software\Avast5\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\Alwil Software\Avast5\SafePrice\FF [2016-01-26]

Chrome:
=======
CHR HomePage: Default -> hxxp://seznam.cz/
CHR StartupUrls: Default -> "hxxp://intranet/index.html","hxxp://pdm-airbus/mud/pump","www.google.com","hxxp://www.google.com/"
CHR Profile: C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-04-23]
CHR Extension: (Dokumenty Google) - C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-04-23]
CHR Extension: (Disk Google) - C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-23]
CHR Extension: (BeFunky Photo Editor) - C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apfkepiiddolifkgjmfdgpnipgnfejab [2016-04-23]
CHR Extension: (Fotor Photo Editor) - C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbckhhmjfnmedpakkaaflpnmkamdppf [2016-04-23]
CHR Extension: (YouTube) - C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-23]
CHR Extension: (Polarr Photo Editor 3) - C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\djonnbgfieijldcieafgjcnhmpcfpmgg [2016-04-23]
CHR Extension: (Avast SafePrice) - C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-04-23]
CHR Extension: (Tabulky Google) - C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-04-23]
CHR Extension: (PicMonkey) - C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgdgokchhicmaiacmgegjnppjkgogdhm [2016-04-23]
CHR Extension: (Dokumenty Google offline) - C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-23]
CHR Extension: (AdBlock) - C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-04-24]
CHR Extension: (Avast Online Security) - C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-04-23]
CHR Extension: (Sigerson Morrison) - C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcpgmpfeoahblfncaooigccakcgngjbh [2016-04-24]
CHR Extension: (Google Keep – poznámky a seznamy) - C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2016-04-23]
CHR Extension: (90`s Games) - C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\illbbfoihflomkbpcaaakhijinbnejom [2016-04-23]
CHR Extension: (Bird Brawl) - C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmfmnamhddafiplkkobdinpjcnidlplk [2016-04-23]
CHR Extension: (Pixeffect - Fotografické efekty) - C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\koekplodmdaalggcclajcecoomipnpca [2016-04-23]
CHR Extension: (Sticky Notes) - C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbjdhgkkhefpifbifjiflpaajchdkhpg [2016-04-23]
CHR Extension: (OneDrive) - C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nffchahhjecejoiigmnhhicpoabngedk [2016-04-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-23]
CHR Extension: (Gmail) - C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-23]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswwebrepchrome-sp.crx [2014-09-08]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx [2016-01-26]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [226440 2016-01-26] (AVAST Software)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 UleadBurningHelper; C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2004-12-13] (Ulead Systems, Inc.) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 archlp; C:\Windows\System32\drivers\archlp.sys [142848 2010-01-12] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2016-01-26] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [97648 2016-01-26] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2016-01-26] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2016-01-26] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1065720 2016-03-02] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [464256 2016-01-26] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [155304 2016-01-26] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [273784 2016-01-26] (AVAST Software)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 keycrypt; C:\Windows\System32\DRIVERS\KeyCrypt64.sys [143904 2015-11-05] (Zemana Ltd.)
S3 mod7700; C:\Windows\System32\DRIVERS\mod7700.sys [907264 2009-11-17] (DiBcom SA)
S3 MODRC; C:\Windows\System32\DRIVERS\modrc.sys [24200 2007-07-13] (DiBcom S.A.)
S3 PcaSp60; C:\Windows\SysWOW64\DRIVERS\PcaSp60.sys [38912 2010-09-07] (Printing Communications Assoc., Inc. (PCAUSA))
S3 s0016bus; C:\Windows\System32\DRIVERS\s0016bus.sys [115240 2008-05-16] (MCCI Corporation)
S3 s0016mdfl; C:\Windows\System32\DRIVERS\s0016mdfl.sys [19496 2008-05-16] (MCCI Corporation)
S3 s0016mdm; C:\Windows\System32\DRIVERS\s0016mdm.sys [158760 2008-05-16] (MCCI Corporation)
S3 s0016mgmt; C:\Windows\System32\DRIVERS\s0016mgmt.sys [137256 2008-05-16] (MCCI Corporation)
S3 s0016nd5; C:\Windows\System32\DRIVERS\s0016nd5.sys [34344 2008-05-16] (MCCI Corporation)
S3 s0016obex; C:\Windows\System32\DRIVERS\s0016obex.sys [136744 2008-05-16] (MCCI Corporation)
S3 s0016unic; C:\Windows\System32\DRIVERS\s0016unic.sys [151592 2008-05-16] (MCCI Corporation)
S3 s116bus; C:\Windows\System32\DRIVERS\s116bus.sys [108296 2007-04-03] (MCCI Corporation)
S3 s116mdfl; C:\Windows\System32\DRIVERS\s116mdfl.sys [19720 2007-04-03] (MCCI Corporation)
S3 s116mdm; C:\Windows\System32\DRIVERS\s116mdm.sys [144648 2007-04-03] (MCCI Corporation)
S3 s116mgmt; C:\Windows\System32\DRIVERS\s116mgmt.sys [126216 2007-04-03] (MCCI Corporation)
S3 s116nd5; C:\Windows\System32\DRIVERS\s116nd5.sys [31496 2007-04-03] (MCCI Corporation)
S3 s116obex; C:\Windows\System32\DRIVERS\s116obex.sys [123656 2007-04-03] (MCCI Corporation)
S3 s116unic; C:\Windows\System32\DRIVERS\s116unic.sys [130824 2007-04-03] (MCCI Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2009-11-30] () [File not signed]
U5 usbser; C:\Windows\System32\Drivers\usbser.sys [32768 2009-07-14] (Microsoft Corporation)
U3 aaufwl3t; C:\Windows\System32\Drivers\aaufwl3t.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 usbbus; system32\DRIVERS\lgx64bus.sys [X]
S3 UsbDiag; system32\DRIVERS\lgx64diag.sys [X]
S3 USBModem; system32\DRIVERS\lgx64modem.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-04-25 17:35 - 2016-04-25 17:36 - 00017401 _____ C:\Users\Radek\Desktop\FRST.txt
2016-04-25 17:35 - 2016-04-25 17:35 - 00000000 ____D C:\FRST
2016-04-25 17:34 - 2016-04-25 17:34 - 02375680 _____ (Farbar) C:\Users\Radek\Desktop\FRST64.exe
2016-04-24 20:16 - 2016-04-24 20:16 - 00000000 ___HD C:\OneDriveTemp
2016-04-24 12:27 - 2016-04-24 12:27 - 00388608 _____ (Trend Micro Inc.) C:\Users\Radek\Desktop\HijackThis.exe
2016-04-23 21:31 - 2016-04-23 21:33 - 00001172 _____ C:\DelFix.txt
2016-04-23 21:26 - 2016-04-23 21:26 - 00000000 ____D C:\Users\Radek\Desktop\backups
2016-04-23 20:50 - 2016-04-23 20:50 - 00000000 ____D C:\Users\Radek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome
2016-04-23 20:35 - 2016-04-23 20:08 - 00024064 _____ C:\Windows\zoek-delete.exe
2016-04-12 17:37 - 2016-04-13 16:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-04-09 01:19 - 2016-04-09 01:19 - 00036626 _____ C:\Users\Radek\Desktop\The.Walking.Dead.S06E16.INTERNAL.HDTV.x264-KILLERS.srt
2016-03-26 09:39 - 2011-03-02 21:53 - 02660344 _____ (Codejock Software) C:\Windows\SysWOW64\Codejock.CommandBars.v15.0.2.ocx
2016-03-26 09:39 - 2011-03-02 21:53 - 00501752 _____ (Codejock Software) C:\Windows\SysWOW64\Codejock.ShortcutBar.v15.0.2.ocx
2016-03-26 09:39 - 2004-11-23 17:59 - 00184320 _____ (CIA, The Company) C:\Windows\SysWOW64\ciaXPButton30.ocx
2016-03-26 09:39 - 2004-11-19 02:45 - 00200704 _____ (CIA, The company) C:\Windows\SysWOW64\ciaSCls20.dll
2016-03-26 09:39 - 2003-02-19 02:11 - 00065536 _____ (Larcom and Young) C:\Windows\SysWOW64\ReSize32.ocx
2016-03-26 09:39 - 2000-05-22 01:00 - 00203976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RICHTX32.OCX
2016-03-26 09:39 - 1999-11-22 14:58 - 00751104 _____ (LEAD Technologies, Inc.) C:\Windows\SysWOW64\ltocx11n.ocx
2016-03-26 09:39 - 1999-11-22 14:51 - 00262144 _____ (LEAD Technologies, Inc.) C:\Windows\SysWOW64\LTDIS11n.dll
2016-03-26 09:39 - 1999-11-22 14:51 - 00226816 _____ (LEAD Technologies, Inc.) C:\Windows\SysWOW64\ltefx11n.dll
2016-03-26 09:39 - 1999-11-22 14:51 - 00127488 _____ (LEAD Technologies, Inc.) C:\Windows\SysWOW64\ltimg11n.dll
2016-03-26 09:39 - 1999-11-22 14:51 - 00118272 _____ (LEAD Technologies, Inc.) C:\Windows\SysWOW64\ltfil11n.DLL
2016-03-26 09:39 - 1999-11-22 14:51 - 00038400 _____ (LEAD Technologies, Inc.) C:\Windows\SysWOW64\lttwn11n.dll
2016-03-26 09:39 - 1999-11-22 14:50 - 00391168 _____ (LEAD Technologies, Inc.) C:\Windows\SysWOW64\ltkrn11n.dll
2016-03-26 09:39 - 1999-07-01 14:17 - 00237568 _____ (VideoSoft) C:\Windows\SysWOW64\Vsocx6.ocx
2016-03-26 00:58 - 2016-03-26 00:58 - 00000000 ____D C:\Users\Radek\Documents\Legacy Charts
2016-03-26 00:46 - 2016-03-26 00:58 - 00000000 ____D C:\Users\Radek\Documents\Legacy Family Tree

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-04-25 17:07 - 2009-07-14 06:45 - 00017264 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-04-25 17:07 - 2009-07-14 06:45 - 00017264 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-04-25 17:06 - 2016-02-18 17:48 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-04-25 16:39 - 2016-01-17 10:49 - 00000000 ____D C:\Users\Radek\AppData\Local\CrashDumps
2016-04-25 16:39 - 2012-08-21 14:32 - 00004184 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-04-25 16:38 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-24 20:40 - 2009-10-06 15:55 - 00000000 ____D C:\Users\Radek\AppData\Roaming\Media Player Classic
2016-04-24 20:38 - 2016-01-17 11:05 - 00000000 ____D C:\Windows\erdnt
2016-04-24 20:16 - 2014-02-20 18:35 - 00002174 _____ C:\Users\Radek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-04-24 20:16 - 2013-01-21 17:53 - 00000000 ___RD C:\Users\Radek\SkyDrive
2016-04-24 12:06 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2016-04-24 09:27 - 2010-12-28 10:42 - 00007622 _____ C:\Users\Radek\AppData\Local\Resmon.ResmonCfg
2016-04-23 21:31 - 2010-10-12 17:20 - 00000000 ____D C:\Program Files (x86)\Trend Micro
2016-04-23 21:08 - 2009-07-14 07:08 - 00032572 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-04-23 20:47 - 2014-12-20 11:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-04-23 20:47 - 2009-11-01 18:42 - 00000000 ____D C:\Program Files (x86)\Java
2016-04-23 20:46 - 2015-11-16 09:47 - 00000000 ____D C:\Users\Radek\.oracle_jre_usage
2016-04-23 20:45 - 2014-12-20 11:54 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-04-23 18:24 - 2016-01-15 23:58 - 00028272 _____ C:\Windows\system32\Drivers\TrueSight.sys
2016-04-23 17:56 - 2009-10-06 19:14 - 00000000 ____D C:\Users\Radek\AppData\Roaming\uTorrent
2016-04-22 20:19 - 2016-01-15 22:02 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-04-22 20:18 - 2016-01-15 22:01 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-04-22 20:02 - 2014-09-03 18:33 - 00000000 ____D C:\Users\Radek\AppData\Local\Adobe
2016-04-22 18:15 - 2009-10-06 22:51 - 00671916 _____ C:\Windows\system32\perfh005.dat
2016-04-22 18:15 - 2009-10-06 22:51 - 00142498 _____ C:\Windows\system32\perfc005.dat
2016-04-22 18:15 - 2009-07-14 07:13 - 01592230 _____ C:\Windows\system32\PerfStringBackup.INI
2016-04-22 18:15 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-04-14 16:46 - 2012-09-23 17:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-04-13 18:32 - 2009-10-06 16:37 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-04-13 18:25 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-04-12 17:23 - 2016-01-30 20:12 - 00002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-07 22:06 - 2016-02-18 17:48 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-04-07 22:06 - 2012-03-28 20:59 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-04-07 22:06 - 2011-09-11 18:09 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2010-12-28 10:42 - 2016-04-24 09:27 - 0007622 _____ () C:\Users\Radek\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-04-22 11:45

==================== End of FRST.txt ============================

[hautchr]

Additional scan result of Farbar Recovery Scan Tool (x64) Version:18-04-2016
Ran by Radek (2016-04-25 17:36:27)
Running from C:\Users\Radek\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2009-10-06 13:09:01)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-647711843-1496248390-171917661-500 - Administrator - Disabled)
Guest (S-1-5-21-647711843-1496248390-171917661-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-647711843-1496248390-171917661-1002 - Limited - Enabled)
Radek (S-1-5-21-647711843-1496248390-171917661-1000 - Administrator - Enabled) => C:\Users\Radek

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Adobe Photoshop 7.0 CE (HKLM-x32\...\Adobe Photoshop 7.0 CE) (Version: 7.0 CE - Adobe Systems, Inc.)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo Burning Studio 6 FREE (HKLM-x32\...\Ashampoo Burning Studio 6 FREE_is1) (Version: 6.7.7 - ashampoo GmbH & Co. KG)
Assassin's Creed (HKLM-x32\...\{8CFA9151-6404-409A-AF22-4632D04582FD}) (Version: 1.00 - Ubisoft)
Assassins Creed IV Black Flag (HKLM-x32\...\QXNzYXNzaW5zQ3JlZWRJVkJsYWNrRmxhZw==_is1) (Version: 1 - )
ATI Catalyst Install Manager (HKLM\...\{B88F5E68-B0FB-950F-EC6F-82FB18DF3E5D}) (Version: 3.0.741.0 - ATI Technologies, Inc.)
Auta 2 (HKLM-x32\...\{FF10D622-7BFE-48C6-8DF6-40D8CB1D3C1B}) (Version: 1.00.0000 - Disney Interactive Studios)
Avast Free Antivirus (HKLM-x32\...\avast) (Version: 11.1.2245 - AVAST Software)
Avidemux 2.5 (HKLM-x32\...\Avidemux 2.5) (Version: 2.5.1.5249 - )
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.66.1075 - AB Team, d.o.o.)
Call of Duty(R) - World at War(TM) 1.1 Patch (x32 Version: - ) Hidden
ccc-core-static (x32 Version: 2009.0813.2131.36817 - Název společnosti:) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.00 - Piriform)
CPUID CPU-Z 1.75 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
ICQ7.7 (HKLM-x32\...\{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE}) (Version: 7.7 - ICQ)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
K-Lite Mega Codec Pack 9.8.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.8.0 - )
LEGO® Pirates of the Caribbean The Video Game (HKLM-x32\...\{64958DA4-79D3-43FD-AF06-720DAD044F9E}) (Version: 1.0.0.0 - Disney Interactive Studios)
Malwarebytes Anti-Malware verze 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Camera Codec Pack (HKLM-x32\...\{DA961505-4602-420E-A8DA-61F440BE81E8}) (Version: 16.4.1734.1104 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft IntelliType Pro 7.0 (HKLM\...\{850C7AF6-7376-464D-A69C-E8419EC7ACA7}) (Version: 7.0.260.0 - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-647711843-1496248390-171917661-1000\...\OneDriveSetup.exe) (Version: 17.3.6386.0412 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Firefox 45.0.2 (x86 cs) (HKLM-x32\...\Mozilla Firefox 45.0.2 (x86 cs)) (Version: 45.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0.2.5941 - Mozilla)
MSVC80_x64 (Version: 1.0.1.0 - Nokia) Hidden
MSVC80_x86 (x32 Version: 1.0.1.0 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MySQL Connector/ODBC 3.51 (HKLM-x32\...\{0CB3C535-1171-4A20-B549-E2CB5DEB9723}) (Version: 3.51.12 - MySQL AB)
NVIDIA PhysX (HKLM-x32\...\{5DB65884-C963-4454-AABA-4CA3089281FA}) (Version: 9.09.0720 - NVIDIA Corporation)
Ovladače videa společnosti Pinnacle (HKLM\...\{6DE721A5-5E89-4D74-994C-652BB3C0672E}) (Version: 12.1.0.030 - Pinnacle Systems)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
Pinnacle Studio 15 (HKLM-x32\...\{1362E602-9625-42D3-B57F-CDA9D26F9DA8}) (Version: 15.0.0.7593 - Pinnacle Systems)
PolarEditOctagon 1018 v 0.2.1.5 (HKLM-x32\...\{7A30ED46-A312-4892-9EAF-9ACC1517E515}_is1) (Version: - Polarstern)
PrimoPDF -- by Nitro PDF Software (HKLM-x32\...\PrimoPDF) (Version: 5.0.0.19 - Nitro PDF Software)
QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
rajče průvodce verze 1.59.48.263 (HKLM-x32\...\rajče.net_is1) (Version: - rajče.net)
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.5897 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5919 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RocketDock 1.3.5 (HKLM-x32\...\RocketDock_is1) (Version: - Punk Software)
Skype web features (HKLM-x32\...\{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}) (Version: 1.0.3971 - Skype Technologies S.A.)
Skype™ 7.2 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.2.103 - Skype Technologies S.A.)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: - )
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
UTF8_convert version 1.0.3.0 (HKLM-x32\...\UTF8_convert 1.0.3.0_is1) (Version: - Company: Pepinator)
Vegas Pro 12.0 (64-bit) (HKLM\...\{A7500970-FE98-11E1-B560-F04DA23A5C58}) (Version: 12.0.367 - Sony)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinFast Codec-TS SDK (HKLM-x32\...\{28FB7853-A6ED-4F67-8635-9F0E863FC0AD}) (Version: - ArcSoft)
WinFast De-interlace SDK (HKLM-x32\...\{9A0E0340-C3D7-42D1-96D4-64179FD456AE}) (Version: - ArcSoft)
WinFast PVR2 (HKLM-x32\...\{C92C584E-C781-475E-A8E2-C67D993A6B95}) (Version: 2.0.3.24 - Leadtek)
WinFast TT-SB SDK (HKLM-x32\...\{AF9848E2-5F19-4E49-9E6E-044FBDC28404}) (Version: - ArcSoft)
WinRAR 5.21 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-647711843-1496248390-171917661-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Radek\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64\FileCoAuthLib64.dll ()
CustomCLSID: HKU\S-1-5-21-647711843-1496248390-171917661-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Radek\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\FileCoAuth.exe (Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {164234A3-9849-44CF-ACBA-CB98F8C2212A} - System32\Tasks\{863050BB-68C0-406B-8243-A75A18A09B10} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-02-26] (Skype Technologies S.A.)
Task: {23F132B7-0C31-468C-B133-6A5BE217B78A} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-04-18] (AVAST Software)
Task: {4B661D78-5655-43EF-A9C4-C0FECC58EDA3} - System32\Tasks\{F19343FE-8273-43D3-A90B-901D77754857} => pcalua.exe -a C:\Windows\SysWOW64\Samsung_USB_Drivers\6\SS_BUninstall.exe
Task: {4DE8E4FC-9ADE-43FC-8537-58F63434A9F4} - System32\Tasks\{500EFA58-F597-4FEC-802E-C70D59868298} => pcalua.exe -a C:\Windows\SysWOW64\Samsung_USB_Drivers\3\SSCDUninstall.exe
Task: {4E5049A0-3C83-4DF1-AA65-9FEEBD21418E} - System32\Tasks\{6FCBAC1B-1E04-4306-A913-805B382F0542} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{14DCD95A-EBA3-4BF0-B7EF-533852E99BE6}\setup.exe" -c -runfromtemp -l0x0005 -removeonly
Task: {61E7343F-F576-4A8A-B83E-D469C27FD299} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {6B006C31-CA7E-4D63-88DE-D39A8DC58FEA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {70491BFB-D70B-429F-A3C0-57F1BDD1C5C3} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => C:\Program Files\Microsoft IntelliType Pro\IType.exe [2009-06-01] (Microsoft Corporation)
Task: {78E66A46-8ECE-41D8-A470-C0A8C3061561} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-07] (Adobe Systems Incorporated)
Task: {866A646D-4B3E-499A-866B-8CD4CD10BD28} - System32\Tasks\{9C09E441-B59C-403C-95C4-08C7F1596806} => pcalua.exe -a C:\Users\Radek\Desktop\RocketDock-v1.3.5.exe -d C:\Users\Radek\Desktop
Task: {86A4F502-B591-450D-83D6-9B7288118F9E} - System32\Tasks\{9E29155E-34D2-453F-828C-9F773320F60D} => pcalua.exe -a G:\VCRedist\vcredist_x86.exe -d G:\VCRedist
Task: {947BC693-FCB6-4E5D-95A1-ACDAD3B88FE4} - System32\Tasks\{6604C015-F5E8-4F17-903A-F21F8A7F840A} => pcalua.exe -a C:\Windows\SysWOW64\Samsung_USB_Drivers\6_old\SSBCUninstall.exe
Task: {B873470A-7C58-475D-B5B7-9B182313D1DE} - System32\Tasks\avast! Emergency Update => C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe [2016-01-26] (AVAST Software)
Task: {C0780CAE-1D6F-4615-B156-F1D3B539093C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {FBF6A148-405F-40BB-A49A-339F9F7A1F12} - System32\Tasks\{929D35F1-4FE4-4A59-A8C1-0EA96B4B9ADA} => pcalua.exe -a C:\Windows\SysWOW64\Samsung_USB_Drivers\5\SSSDUninstall.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-04-24 20:16 - 2016-04-24 20:16 - 00959176 _____ () C:\Users\Radek\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64\ClientTelemetry.dll
2010-07-18 12:33 - 2009-07-31 03:58 - 00090624 _____ () C:\Windows\System32\Primomonnt.dll
2009-10-06 16:48 - 2007-09-02 13:58 - 00495616 _____ () C:\Program Files (x86)\RocketDock\RocketDock.exe
2009-08-28 16:08 - 2009-08-28 16:08 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2009-10-06 15:23 - 2009-10-06 15:23 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2016-01-26 18:49 - 2016-01-26 18:49 - 00103888 _____ () C:\Program Files\Alwil Software\Avast5\log.dll
2016-01-26 18:49 - 2016-01-26 18:49 - 00125512 _____ () C:\Program Files\Alwil Software\Avast5\JsonRpcServer.dll
2016-04-24 12:09 - 2016-04-24 12:09 - 02890240 _____ () C:\Program Files\Alwil Software\Avast5\defs\16042400\algo.dll
2016-04-14 16:56 - 2016-04-14 16:56 - 00510368 _____ () C:\Program Files\Alwil Software\Avast5\ffl2.dll
2016-04-25 16:40 - 2016-04-25 16:40 - 02890240 _____ () C:\Program Files\Alwil Software\Avast5\defs\16042500\algo.dll
2016-04-24 20:16 - 2016-04-24 20:16 - 00679624 _____ () C:\Users\Radek\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\ClientTelemetry.dll
2009-10-06 16:48 - 2007-09-02 13:57 - 00069632 _____ () C:\Program Files (x86)\RocketDock\RocketDock.dll
2016-01-26 18:49 - 2016-01-26 18:49 - 40539648 _____ () C:\Program Files\Alwil Software\Avast5\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2016-04-24 12:06 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-647711843-1496248390-171917661-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Radek\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 213.46.172.36 - 213.46.172.37
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk => C:\Windows\pss\Adobe Gamma Loader.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: WinFast Schedule => C:\Program Files\WinFast\WFDTV\WFWIZ.exe
MSCONFIG\startupreg: WinFastDTV => C:\Program Files\WinFast\WFDTV\DTVSchdl.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{E87C905B-B733-4C9C-A63F-6F6D3BD0BE71}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{0E5D26C0-867A-4546-A515-077FB6C3B2BB}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 12\Programs\RM.exe
FirewallRules: [{B2E05C3E-A768-4E5D-BAC7-1BDD0704A2D2}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 12\Programs\RM.exe
FirewallRules: [{D6285C9F-7ADE-443E-A812-FF43044E7EF4}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 12\Programs\Studio.exe
FirewallRules: [{CBEF217A-381E-4BF1-8972-67ED6A170E84}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 12\Programs\Studio.exe
FirewallRules: [{3113DC59-E0D0-42D9-AA9E-7E5738F04DBF}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 12\Programs\umi.exe
FirewallRules: [{FC2AA7C5-EF9A-4A0D-A8E1-5F7339AE775F}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 12\Programs\umi.exe
FirewallRules: [{72B0C24B-3CC6-4DFE-A4E1-641D46B7EA20}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{AED4DC1E-DC42-4EC6-B488-F17761516A91}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{CA732254-D0EF-46ED-B49B-456C018D57E7}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{6C715619-3B26-42CD-A519-0FE63BFEDC46}] => (Allow) C:\Program Files (x86)\Samsung\Samsung New PC Studio\npsasvr.exe
FirewallRules: [{480B572A-E68B-4E9C-B7E2-B69D554AEBD4}] => (Allow) C:\Program Files (x86)\Samsung\Samsung New PC Studio\npsasvr.exe
FirewallRules: [{4291F738-2FC7-4ED4-8C62-E6B17B99D74E}] => (Allow) C:\Program Files (x86)\Samsung\Samsung New PC Studio\npsvsvr.exe
FirewallRules: [{2BC320BD-E3D6-423E-B44A-CA2C8A3E4FC1}] => (Allow) C:\Program Files (x86)\Samsung\Samsung New PC Studio\npsvsvr.exe
FirewallRules: [TCP Query User{D44E78F4-6BAB-4E06-A633-747F59C698EC}C:\program files (x86)\arcsoft\totalmedia theatre 3\udigital theatre.exe] => (Block) C:\program files (x86)\arcsoft\totalmedia theatre 3\udigital theatre.exe
FirewallRules: [UDP Query User{BF184F7E-D855-4D07-BF98-591A458FCB1A}C:\program files (x86)\arcsoft\totalmedia theatre 3\udigital theatre.exe] => (Block) C:\program files (x86)\arcsoft\totalmedia theatre 3\udigital theatre.exe
FirewallRules: [TCP Query User{DD563137-B2B0-4F63-A5B3-F1F8DF439C5B}D:\games\call of duty - black ops\blackops.exe] => (Block) D:\games\call of duty - black ops\blackops.exe
FirewallRules: [UDP Query User{745E77E6-40B1-47E3-B8F5-B0BB5A96A49F}D:\games\call of duty - black ops\blackops.exe] => (Block) D:\games\call of duty - black ops\blackops.exe
FirewallRules: [TCP Query User{035D3B32-15C1-42BB-AE46-FAA671EC69CD}C:\program files (x86)\google\google earth\client\googleearth.exe] => (Allow) C:\program files (x86)\google\google earth\client\googleearth.exe
FirewallRules: [UDP Query User{B1E6ADEB-3C6F-411A-A7B6-D7F2C5540F78}C:\program files (x86)\google\google earth\client\googleearth.exe] => (Allow) C:\program files (x86)\google\google earth\client\googleearth.exe
FirewallRules: [{78F07A97-70F2-47D3-98C4-8889C6477528}] => (Allow) C:\Program Files (x86)\ICQ7.7\ICQ.exe
FirewallRules: [{02C50BEB-BF2E-437C-89D8-848A3714E15D}] => (Allow) C:\Program Files (x86)\ICQ7.7\ICQ.exe
FirewallRules: [{473A0833-26A8-4322-9979-B259CAF77ED9}] => (Allow) C:\Program Files (x86)\ICQ7.7\ICQ.exe
FirewallRules: [{6881227B-02CE-40B7-9769-5D7E9F5EB259}] => (Allow) C:\Program Files (x86)\ICQ7.7\ICQ.exe
FirewallRules: [{8664EBA7-A640-4492-800E-3F0E590C09C3}] => (Allow) C:\Program Files (x86)\ICQ7.7\ICQ.exe
FirewallRules: [{1EE0660D-9939-4455-8791-7A3166156EDF}] => (Allow) C:\Program Files (x86)\ICQ7.7\ICQ.exe
FirewallRules: [{096A7F62-EB2D-4459-A665-66A87689918C}] => (Allow) D:\Games\STREETFIGHTERIV\StreetFighterIV.exe
FirewallRules: [{D27DBE75-AECC-4563-9D7E-A99B820577AD}] => (Allow) D:\Games\STREETFIGHTERIV\StreetFighterIV.exe
FirewallRules: [TCP Query User{B9273660-1A70-4B3B-86D3-BEAA4AAAAC70}D:\games\fifa 12\game\fifa.exe] => (Block) D:\games\fifa 12\game\fifa.exe
FirewallRules: [UDP Query User{6DF979BE-5A61-4C1A-B7C0-22512AAD48C1}D:\games\fifa 12\game\fifa.exe] => (Block) D:\games\fifa 12\game\fifa.exe
FirewallRules: [TCP Query User{E2C75BCC-6ACC-4520-ABEC-94F11F084F02}J:\game\left 4 dead\left4dead.exe] => (Block) J:\game\left 4 dead\left4dead.exe
FirewallRules: [UDP Query User{6B672323-1A67-41E5-8BBD-128454482922}J:\game\left 4 dead\left4dead.exe] => (Block) J:\game\left 4 dead\left4dead.exe
FirewallRules: [TCP Query User{86BFD250-8674-41CF-8379-3976C9D4272F}D:\games\call of duty - black ops\blackopsmp.exe] => (Block) D:\games\call of duty - black ops\blackopsmp.exe
FirewallRules: [UDP Query User{BE068B1A-A4E4-42C7-BF85-CADAC49B5C0A}D:\games\call of duty - black ops\blackopsmp.exe] => (Block) D:\games\call of duty - black ops\blackopsmp.exe
FirewallRules: [{522AF866-7F92-4BC6-9ABD-41896886BEE6}] => (Allow) D:\Games\Blur\Blur.exe
FirewallRules: [{700F1054-F5C0-4D7C-A347-E096992DADC3}] => (Allow) D:\Games\Blur\Blur.exe
FirewallRules: [{66728D62-BA9B-48F2-997D-79DBC1B8FE75}] => (Allow) D:\Games\Residen Evil 5\RE5DX9.EXE
FirewallRules: [{09F5D9EB-BEFE-4E9C-BC06-E85620786246}] => (Allow) D:\Games\Residen Evil 5\RE5DX9.EXE
FirewallRules: [{973A087C-A889-46C3-B16C-6CC301BA9ED3}] => (Allow) D:\Games\Residen Evil 5\RE5DX10.EXE
FirewallRules: [{FE019633-EC8B-4B29-8B96-413CE8B65BD2}] => (Allow) D:\Games\Residen Evil 5\RE5DX10.EXE
FirewallRules: [{C88D56F2-B9AF-48CF-9BDF-7167C301F411}] => (Allow) D:\Games\Rayman Origins\Rayman Origins.exe
FirewallRules: [{0FF28C37-43ED-4778-9BA1-894ED8F76D9B}] => (Allow) D:\Games\Rayman Origins\Rayman Origins.exe
FirewallRules: [{FE52A809-B2F9-44EC-90B4-80D9BD490535}] => (Allow) D:\Games\Rayman Origins\gu.exe
FirewallRules: [{9F16CFA5-B6F9-400A-8DEF-8B3600894080}] => (Allow) D:\Games\Rayman Origins\gu.exe
FirewallRules: [{4A74D35E-BF23-43B7-8014-C444B6EEF580}] => (Allow) C:\Program Files (x86)\ASUS\RT-N13U.B1 Wireless Router Utilities\Discovery.exe
FirewallRules: [{8040A36F-AE59-4BDE-9FB3-A1E2F1429B10}] => (Allow) C:\Program Files (x86)\ASUS\RT-N13U.B1 Wireless Router Utilities\Discovery.exe
FirewallRules: [{D3BD8127-42B7-459D-B0A7-695E06BDDB17}] => (Allow) C:\Program Files (x86)\ASUS\RT-N13U.B1 Wireless Router Utilities\Rescue.exe
FirewallRules: [{0042EF87-CF29-4EE7-8BFC-D2347EE9C8BC}] => (Allow) C:\Program Files (x86)\ASUS\RT-N13U.B1 Wireless Router Utilities\Rescue.exe
FirewallRules: [{D2062ABB-967D-4096-9A54-005CB5FADB3B}] => (Allow) C:\Program Files (x86)\ASUS\RT-N13U.B1 Wireless Router Utilities\Download.exe
FirewallRules: [{7EE7E60A-C619-4532-92CC-5014A8891413}] => (Allow) C:\Program Files (x86)\ASUS\RT-N13U.B1 Wireless Router Utilities\Download.exe
FirewallRules: [{D455F6DB-1F04-44F0-98F3-E73E959FB5BC}] => (Allow) C:\Program Files (x86)\ASUS\RT-N13U.B1 Wireless Router Utilities\LiveUpdate.exe
FirewallRules: [{6B89B001-76B9-4B39-9279-3D2C88A34CB5}] => (Allow) C:\Program Files (x86)\ASUS\RT-N13U.B1 Wireless Router Utilities\LiveUpdate.exe
FirewallRules: [{C488D0D5-73B0-4914-8186-CAEF786C8E6E}] => (Allow) C:\Program Files (x86)\ASUS\RT-N13U.B1 Wireless Router Utilities\Discovery.exe
FirewallRules: [{EABB2770-B716-4730-B49E-9BC79F00ECFD}] => (Allow) C:\Program Files (x86)\ASUS\RT-N13U.B1 Wireless Router Utilities\Discovery.exe
FirewallRules: [{A50FF455-B783-46F2-912C-25F79CB6CB54}] => (Allow) C:\Program Files (x86)\ASUS\RT-N13U.B1 Wireless Router Utilities\Rescue.exe
FirewallRules: [{1B9348C2-7DF3-4880-81C8-CD368BE7587F}] => (Allow) C:\Program Files (x86)\ASUS\RT-N13U.B1 Wireless Router Utilities\Rescue.exe
FirewallRules: [{B32F4C45-30AE-4C1B-83BB-B67236583EB8}] => (Allow) C:\Program Files (x86)\ASUS\RT-N13U.B1 Wireless Router Utilities\Download.exe
FirewallRules: [{960CD98B-DF0D-4363-8A14-1F9286F61CDA}] => (Allow) C:\Program Files (x86)\ASUS\RT-N13U.B1 Wireless Router Utilities\Download.exe
FirewallRules: [{3340C32C-B0F2-436D-B6E8-C5F0E64DCD23}] => (Allow) C:\Program Files (x86)\ASUS\RT-N13U.B1 Wireless Router Utilities\LiveUpdate.exe
FirewallRules: [{350D3C73-5A12-4508-BD77-3B1DF46C0DD1}] => (Allow) C:\Program Files (x86)\ASUS\RT-N13U.B1 Wireless Router Utilities\LiveUpdate.exe
FirewallRules: [TCP Query User{110DBD86-A30D-40CE-AD21-7B8462F66F35}C:\program files (x86)\utorrent\utorrent.exe] => (Allow) C:\program files (x86)\utorrent\utorrent.exe
FirewallRules: [UDP Query User{28D02A74-CE5C-4B83-B34C-1D5C9557DFA5}C:\program files (x86)\utorrent\utorrent.exe] => (Allow) C:\program files (x86)\utorrent\utorrent.exe
FirewallRules: [{550B668B-0A32-4BB7-AAEE-0F9CF97BA085}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
FirewallRules: [{F15B8C50-7177-4BCE-A57C-6A9E2B7B8699}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
FirewallRules: [{4EBF09B5-B4D8-43DC-8795-F0BC6AABADEB}] => (Allow) C:\Users\Radek\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{AC0CF363-8FD2-4E98-AD68-AF7C95A25240}] => (Allow) D:\Program\Pinnacle\Studio 15\Programs\RM.exe
FirewallRules: [{E6B836A8-5F96-4BD7-940E-2DFA9FFB0425}] => (Allow) D:\Program\Pinnacle\Studio 15\Programs\RM.exe
FirewallRules: [{344D3E83-009E-4B46-95C7-7618E6E4E987}] => (Allow) D:\Program\Pinnacle\Studio 15\Programs\Studio.exe
FirewallRules: [{02581E11-9A0F-4218-9F92-1E44F7A8D785}] => (Allow) D:\Program\Pinnacle\Studio 15\Programs\Studio.exe
FirewallRules: [{996A3117-1B12-4E50-8BD4-D499CB8C84F7}] => (Allow) D:\Program\Pinnacle\Studio 15\Programs\umi.exe
FirewallRules: [{601FC336-EEAA-4491-BD9D-21721ED1E996}] => (Allow) D:\Program\Pinnacle\Studio 15\Programs\umi.exe
FirewallRules: [{F05371A2-8726-43BB-AE14-70A51D9B529A}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{3780E7B2-EF6C-4DCD-9AF3-F1CE3A7BAE36}] => (Allow) D:\Games\ASSASSIN\AssassinsCreed_Dx9.exe
FirewallRules: [{C0DDEA00-3B8E-4E61-A54A-D0F9FB98E3C1}] => (Allow) D:\Games\ASSASSIN\AssassinsCreed_Dx9.exe
FirewallRules: [{012B34C8-0547-4F86-95E1-2FFFE9C7DB0E}] => (Allow) D:\Games\ASSASSIN\AssassinsCreed_Dx10.exe
FirewallRules: [{B244184C-2B8E-485A-8DE3-433A5DABE80B}] => (Allow) D:\Games\ASSASSIN\AssassinsCreed_Dx10.exe
FirewallRules: [{D78960D5-B243-4522-B866-3ACB7299E8C7}] => (Allow) D:\Games\ASSASSIN\AssassinsCreed_Launcher.exe
FirewallRules: [{453EB54F-8D0F-4ED7-A7B4-6DAA61B43886}] => (Allow) D:\Games\ASSASSIN\AssassinsCreed_Launcher.exe
FirewallRules: [{9D5C2328-536F-47D4-B4CD-AD318ED6C1CC}] => (Allow) C:\Users\Radek\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [{A816F2A6-7F7A-4AAA-9D8A-284A9A79D34F}] => (Allow) C:\Users\Radek\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [{F1F7A58E-0100-459A-AD24-2E84D1ABEF8E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{CEE7F8EF-3590-458C-A107-8DECFDF943F0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{32B04CD7-6D3B-44B1-93BA-38CDCAEEEE8C}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{B750C54C-6A04-4265-835F-6715C1B74742}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{ED745C81-6D82-4217-8C09-28029AEA0BCC}D:\program\pinnacle\studio 15\programs\studio.exe] => (Block) D:\program\pinnacle\studio 15\programs\studio.exe
FirewallRules: [UDP Query User{7962172D-E211-4D86-93EE-3DFEDB4EFB9A}D:\program\pinnacle\studio 15\programs\studio.exe] => (Block) D:\program\pinnacle\studio 15\programs\studio.exe
FirewallRules: [{43168AC4-A77F-4D28-9793-7E5650F8B5CA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0D662A9B-AE2C-4426-B1A0-66C32936E29B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C1CA8F55-AF2D-4FCA-A1D4-CCFFFBE8DFE9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============

Name: Eset Personal Firewall Miniport #409
Description: Eset Personal Firewall Miniport
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: ESET
Service: Epfwndis
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.

Name: Eset Personal Firewall Miniport #507
Description: Eset Personal Firewall Miniport
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: ESET
Service: Epfwndis
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/25/2016 04:39:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ACDaemon.exe, verze: 1.1.0.49, časové razítko: 0x4cc808ec
Název chybujícího modulu: ACDaemon.exe, verze: 1.1.0.49, časové razítko: 0x4cc808ec
Kód výjimky: 0xc0000005
Posun chyby: 0x0001af76
ID chybujícího procesu: 0xfe4
Čas spuštění chybující aplikace: 0xACDaemon.exe0
Cesta k chybující aplikaci: ACDaemon.exe1
Cesta k chybujícímu modulu: ACDaemon.exe2
ID zprávy: ACDaemon.exe3

Error: (04/24/2016 08:43:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ACDaemon.exe, verze: 1.1.0.49, časové razítko: 0x4cc808ec
Název chybujícího modulu: ACDaemon.exe, verze: 1.1.0.49, časové razítko: 0x4cc808ec
Kód výjimky: 0xc0000005
Posun chyby: 0x0001af76
ID chybujícího procesu: 0x958
Čas spuštění chybující aplikace: 0xACDaemon.exe0
Cesta k chybující aplikaci: ACDaemon.exe1
Cesta k chybujícímu modulu: ACDaemon.exe2
ID zprávy: ACDaemon.exe3

Error: (04/24/2016 08:30:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ACDaemon.exe, verze: 1.1.0.49, časové razítko: 0x4cc808ec
Název chybujícího modulu: ACDaemon.exe, verze: 1.1.0.49, časové razítko: 0x4cc808ec
Kód výjimky: 0xc0000005
Posun chyby: 0x0001af76
ID chybujícího procesu: 0xa9c
Čas spuštění chybující aplikace: 0xACDaemon.exe0
Cesta k chybující aplikaci: ACDaemon.exe1
Cesta k chybujícímu modulu: ACDaemon.exe2
ID zprávy: ACDaemon.exe3

Error: (04/24/2016 12:07:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ACDaemon.exe, verze: 1.1.0.49, časové razítko: 0x4cc808ec
Název chybujícího modulu: ACDaemon.exe, verze: 1.1.0.49, časové razítko: 0x4cc808ec
Kód výjimky: 0xc0000005
Posun chyby: 0x0001af76
ID chybujícího procesu: 0xb10
Čas spuštění chybující aplikace: 0xACDaemon.exe0
Cesta k chybující aplikaci: ACDaemon.exe1
Cesta k chybujícímu modulu: ACDaemon.exe2
ID zprávy: ACDaemon.exe3

Error: (04/24/2016 08:50:48 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ACDaemon.exe, verze: 1.1.0.49, časové razítko: 0x4cc808ec
Název chybujícího modulu: ACDaemon.exe, verze: 1.1.0.49, časové razítko: 0x4cc808ec
Kód výjimky: 0xc0000005
Posun chyby: 0x0001af76
ID chybujícího procesu: 0x5f0
Čas spuštění chybující aplikace: 0xACDaemon.exe0
Cesta k chybující aplikaci: ACDaemon.exe1
Cesta k chybujícímu modulu: ACDaemon.exe2
ID zprávy: ACDaemon.exe3

Error: (04/23/2016 09:28:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ACDaemon.exe, verze: 1.1.0.49, časové razítko: 0x4cc808ec
Název chybujícího modulu: ACDaemon.exe, verze: 1.1.0.49, časové razítko: 0x4cc808ec
Kód výjimky: 0xc0000005
Posun chyby: 0x0001af76
ID chybujícího procesu: 0x5e4
Čas spuštění chybující aplikace: 0xACDaemon.exe0
Cesta k chybující aplikaci: ACDaemon.exe1
Cesta k chybujícímu modulu: ACDaemon.exe2
ID zprávy: ACDaemon.exe3

Error: (04/23/2016 08:38:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ACDaemon.exe, verze: 1.1.0.49, časové razítko: 0x4cc808ec
Název chybujícího modulu: ACDaemon.exe, verze: 1.1.0.49, časové razítko: 0x4cc808ec
Kód výjimky: 0xc0000005
Posun chyby: 0x0001af76
ID chybujícího procesu: 0xdac
Čas spuštění chybující aplikace: 0xACDaemon.exe0
Cesta k chybující aplikaci: ACDaemon.exe1
Cesta k chybujícímu modulu: ACDaemon.exe2
ID zprávy: ACDaemon.exe3

Error: (04/23/2016 06:04:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ACDaemon.exe, verze: 1.1.0.49, časové razítko: 0x4cc808ec
Název chybujícího modulu: ACDaemon.exe, verze: 1.1.0.49, časové razítko: 0x4cc808ec
Kód výjimky: 0xc0000005
Posun chyby: 0x0001af76
ID chybujícího procesu: 0xea4
Čas spuštění chybující aplikace: 0xACDaemon.exe0
Cesta k chybující aplikaci: ACDaemon.exe1
Cesta k chybujícímu modulu: ACDaemon.exe2
ID zprávy: ACDaemon.exe3

Error: (04/23/2016 05:12:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ACDaemon.exe, verze: 1.1.0.49, časové razítko: 0x4cc808ec
Název chybujícího modulu: ACDaemon.exe, verze: 1.1.0.49, časové razítko: 0x4cc808ec
Kód výjimky: 0xc0000005
Posun chyby: 0x0001af76
ID chybujícího procesu: 0xed4
Čas spuštění chybující aplikace: 0xACDaemon.exe0
Cesta k chybující aplikaci: ACDaemon.exe1
Cesta k chybujícímu modulu: ACDaemon.exe2
ID zprávy: ACDaemon.exe3

Error: (04/22/2016 08:07:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ACDaemon.exe, verze: 1.1.0.49, časové razítko: 0x4cc808ec
Název chybujícího modulu: ACDaemon.exe, verze: 1.1.0.49, časové razítko: 0x4cc808ec
Kód výjimky: 0xc0000005
Posun chyby: 0x0001af76
ID chybujícího procesu: 0x994
Čas spuštění chybující aplikace: 0xACDaemon.exe0
Cesta k chybující aplikaci: ACDaemon.exe1
Cesta k chybujícímu modulu: ACDaemon.exe2
ID zprávy: ACDaemon.exe3


System errors:
=============
Error: (04/25/2016 04:55:39 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.

Error: (04/24/2016 08:27:32 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (20:22:01, ‎24.‎4.‎2016) bylo neočekávané.

Error: (04/24/2016 08:21:46 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.

Error: (04/24/2016 12:10:21 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Windows Update přestala během spouštění reagovat.

Error: (04/24/2016 12:01:14 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (04/24/2016 12:01:02 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (04/24/2016 11:59:15 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Načtení \??\C:\ComboFix\catchme.sys bylo zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o kompatibilní verzi ovladače.

Error: (04/24/2016 11:59:15 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Načtení \??\C:\ComboFix\catchme.sys bylo zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o kompatibilní verzi ovladače.

Error: (04/24/2016 11:55:03 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (04/24/2016 11:49:29 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Načtení \??\C:\ComboFix\catchme.sys bylo zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o kompatibilní verzi ovladače.


CodeIntegrity:
===================================
Date: 2016-04-24 11:59:15.394
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-04-24 11:59:15.238
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-04-24 11:59:15.176
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-04-24 11:59:15.129
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-04-24 11:49:29.707
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-04-24 11:49:29.676
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-04-24 11:49:29.582
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-04-24 11:49:29.535
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-04-24 09:13:16.509
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-04-24 09:13:16.338
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: AMD Phenom(tm) II X2 545 Processor
Percentage of memory in use: 37%
Total physical RAM: 4087.06 MB
Available physical RAM: 2537.79 MB
Total Virtual: 8172.33 MB
Available Virtual: 6283.72 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:48.73 GB) (Free:1.82 GB) NTFS
Drive d: () (Fixed) (Total:649.81 GB) (Free:97.24 GB) NTFS
Drive f: () (Fixed) (Total:931.51 GB) (Free:114.94 GB) NTFS
Drive i: (My Book) (Fixed) (Total:465.76 GB) (Free:333.74 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or (Size: 698.6 GB) (Disk ID: 64C1A47D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=48.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=649.8 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or (Size: 931.5 GB) (Disk ID: B98BD7C8)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 465.8 GB) (Disk ID: 44FDFE06)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

[jaro3]

Antilogger- nepíšu abys ho odinstaloval , jen píšu. Pokud chceš odinstalovat , použij RevoUninstaller.

Eset Personal Firewall miniport---zůstal někde viset v systému , zkus opět RevoUninstaller..



Drive c: () (Fixed) (Total:48.73 GB) (Free:1.82 GB) NTFS
uvolni si volné místo na disku , jinak jsou problémy s windows.

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-647711843-1496248390-171917661-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-21-647711843-1496248390-171917661-1000 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-647711843-1496248390-171917661-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
U3 aaufwl3t; C:\Windows\System32\Drivers\aaufwl3t.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)

EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

[hautchr]

ted sem si vsimnul, ze uz pekne dlouho nebyli nainstalovany zadne aktualizace windows (na pc chodime dva a klacicky kazdej si myslel, ze to nainstaloval ten druhej) a ted mi prijde, ze je v tech aktualizacich nejakej problem, jelikoz se vubec nestahujou.

disk C bych rad promazal, ale vubec nemam tuseni, co tam zabira tolik mista, vetsinou se snazim vsechny programy instalovat na disk D

[hautchr]

Fix result of Farbar Recovery Scan Tool (x64) Version:18-04-2016
Ran by Radek (2016-04-25 21:18:28) Run:1
Running from C:\Users\Radek\Desktop
Loaded Profiles: Radek (Available Profiles: Radek)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-647711843-1496248390-171917661-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-21-647711843-1496248390-171917661-1000 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-647711843-1496248390-171917661-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
U3 aaufwl3t; C:\Windows\System32\Drivers\aaufwl3t.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
"HKU\S-1-5-21-647711843-1496248390-171917661-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
HKU\S-1-5-21-647711843-1496248390-171917661-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-647711843-1496248390-171917661-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}" => key removed successfully
HKCR\CLSID\{012E1000-F331-11DB-8314-0800200C9A66} => key not found.
aaufwl3t => service not found.
EmptyTemp: => 356.6 MB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 21:18:51 ====

[jaro3]

Aktualizace nepůjdou , jelikož není dostatek volného místa. Musíš něco odinstalovat , smazat.
Pak dej vědět , co problémy.

[hautchr]

ted mam 6,8GB volna na disku C a aktualizace porad nejak nejdou.
svchost.exe (netsvcs) stale vytezije procesor cca 45%

[jaro3]

Stáhni si Memtest:

Políčko , ve kterém je napsáno:
All unused RAM -ponech , jak je.
-dej Start , nech nejméně 2h běžet , pokud bude po 2h stále 0 errors , jsou v pořádku.


Ještě zkontrolovat HDD na chyby ,popř. zkusit jeho defragmentaci ..


Stáhni si CrystalDiskInfo
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.



Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.

[hautchr]

tak po doinstalovani vsech aktualizaci mi na Cecku z 6,8GB zbylo 193MB, je to normalni?
pokud je to bezne, myslite, ze by slo zmenit rozdeleni disku, abych na Cecko pridal cca 40GB a z Decka je ubral, nebo je to prilis riskantni?

[jaro3]

Je to riskantní , můžeš ztratit data.
Spíš bych si něco dal na flash disk , ext. disk ap.

Udělej OTL.

[hautchr]

problem je ze nevim co z toho Cecka muzu pretahnout, co ja vim, tak je tam jenom operacni system a par programu,ktere pouzivam, jinak sem vse odinstaloval, nebo smazal.

OTL udelam vecer.