spomaleny system a miznuce miesto z disku

Zpráva

eriduan · #1 Příspěvek od **eriduan** » 07 zář 2015 20:48

Ahojte mam dost delikatny problem

Prednedavnom mi skoncila licencia na nortona a kratko na to aj licencia na office 365. Povedal som si ze antivirak nepotrebujem a office libre je free aj na win nielen na linux. tak som to nechal tak.

potom zacali problemy so spustanim pc. vsetko co mam na pc nainstalovane a stiahnute je legalne.
ale beztak sa mi hry nejako aktualizuju a na particii kde mam win 8.1 nainstalovany sa z casu na cas aktualizuje nejaka hra.
Vtedy si zvycajne odkroji kus z HDD ale potom po update to zas vrati.

Avsak. Uz treti krat po sebe sa mi stalo ze win mi povedal ze chcem aktualizovat a potrebujem na to 1GB dat stiahnut. tak si vravim. ved tam mas 10GB miesta na tej particii tak co kecas. a nechal som ho aktualizovat. behom aktualizacie sa mi zasekol pocitac a ked som hladal problem tak som zistil ze na cecku (win particia) mam 80MB volneho miesta. cumel som jak tela na nove vrata. ale nechapal som ako sa ten update windowsu zdesantnasobil.
nic to odinstaloval som nejake hry a nechal som ho dokoncit aktualizaciu ktora hlasila ze je len v 30% !!!!!
celkovo som mu odinstalaciou urobil dalsich 15GB miesta. ked som sa vratil k pc po dokonceni win updatu tak na disku bolo 6GB volneho miesta.
tak jedna aktualizacia zozrala 19GB miesta .. a to je aktualizacia tj nepocital som ze tej jediny gigabajt sa pripocita ale ze nahradi nejake subory....
no vzdychol som si a siel dalej.

No potom sa to opakovalo. Zase mi po aktualizacii zozralo 5GB miesta miesto nejakych 100MB aktualizacii.

Vcera sa mi to stalo zase a uz naozaj netusim co robit pretoze mi coskoro dojde miesto na disku.
Pred aktualizaciou som uvolnil celkovo 30GB a mal aktualizovat 1,1GB dat ... ale ked som sa dnes zobudil. tak pc nechcelo naskocit. celu hodinu som cakal na to kym sa zapne pc... a potom mi ukazal ze ma 0MB ... tak som tomu neveril. nechal som ho tak lebo uz som mal v ruke kladivo (pucku) a brokovnicu.
No teraz vecer som pc zapol a on mi laskavo ukazal ze na disku C ma 15GB miesta.... to znamena ze pocas aktualizacie zozral nie 1GB ale 15GB a ja by som rad vedel co s tym.

A aby som dokazal ze niesom lama.
Presiel som ho ccleanerom. a dal som premazat vsetky cache a tempy.
Premyslam ze je to virus (preto som spomenul ze nemam antivirak ani firewall)
skusam odinstalovat to ten office (co ak sa aktualizuje a kazda iteracia si povie ze este nie je nainstolavny office tak ho nainstalujem niekam na disk) takze som pustil fixit (mam lenovo ideapad takze fixit sa hodi ak chcete odinstalovat office uplne) https://support.lenovo.com/us/en/documents/ht078584
myslim si ze by bolo vhodne moje pc preskenovat od virusov - neviem cim ani to neviem vyhodnotit
a v noci necham zbehnut defragmentaciu.

ale fakt neviem ako ziskam naspat moje desiatky gigabajtov miesta. snad pomoze to ta odinstalacia hlupeho office len neviem kolko giga bude z neho a kolko nie z neho. keby som len vedel kde vsade sa nachadzaju temporary files na disku tak by som ich premazal rucne. hlavne tie po aktualizaciach.

dakujem za akukolvek radu
E.

#2 Příspěvek od **Rudy** » 07 zář 2015 21:25

Zdravím!
Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=24&t=132509 .

eriduan · #3 Příspěvek od **eriduan** » 25 zář 2015 13:08

Zdravím ďakujem za odpoved, až teraz som sa k tomu dostal.
Vkladam LOG z FRST + prikladam ADDITION.7z

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:23-09-2015
Ran by Lenovo (administrator) on ERIDUAN (25-09-2015 14:05:27)
Running from C:\Users\Lenovo\Desktop
Loaded Profiles: Lenovo (Available Profiles: Lenovo)
Platform: Windows 8.1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Condusiv Technologies) C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
() C:\Windows\SysWOW64\UMonit64.exe
(Lenovo) C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsAlarms_6.3.9654.20335_x64__8wekyb3d8bbwe\time.exe
(Valve Corporation) Z:\Steam\Steam.exe
(Valve Corporation) Z:\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) Z:\Steam\bin\steamwebhelper.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Valve Corporation) Z:\Steam\bin\steamwebhelper.exe
(Valve Corporation) Z:\Steam\bin\steamwebhelper.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(NVIDIA Corporation) C:\Users\Lenovo\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
(Ubisoft) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe
(Ubisoft) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UplayWebCore.exe
(Ubisoft) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UplayWebCore.exe
(Ubisoft) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UplayWebCore.exe
(Ubisoft) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UplayWebCore.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [6346312 2013-03-15] (Realtek semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2891592 2013-05-17] (ELAN Microelectronics Corp.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286704 2013-04-30] (Intel Corporation)
HKLM\...\Run: [UMonit64] => C:\windows\SysWOW64\UMonit64.exe [40960 2013-04-09] ()
HKLM\...\Run: [OnekeyStudio] => C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [4196432 2012-09-15] (Lenovo)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17097200 2013-09-29] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [193008 2013-09-29] (Lenovo(beijing) Limited)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13648600 2013-08-29] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-30] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634896 2015-07-24] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [168464 2012-10-31] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [217088 2012-04-19] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [95192 2013-03-09] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2109952 2014-10-07] (Dominik Reichl)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226560 2014-11-18] ()
HKLM-x32\...\Run: [RoccatKone+] => C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.EXE [557056 2013-10-25] (ROCCAT GmbH)
HKU\S-1-5-21-2644494735-1459529413-616944993-1002\...\Run: [Steam] => Z:\Steam\steam.exe [2899136 2015-08-19] (Valve Corporation)
HKU\S-1-5-21-2644494735-1459529413-616944993-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2644494735-1459529413-616944993-1002\...\Run: [Google Update] => C:\Users\Lenovo\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc.)
HKU\S-1-5-21-2644494735-1459529413-616944993-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8418584 2015-07-17] (Piriform Ltd)
HKU\S-1-5-21-2644494735-1459529413-616944993-1002\...\RunOnce: [FlashPlayerUpdate] => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_232_Plugin.exe [1156296 2015-08-12] (Adobe Systems Incorporated)
AppInit_DLLs-x32: �Ȇ噎䵒 => No File
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 147.231.58.1 147.231.12.1
Tcpip\..\Interfaces\{0DFBE0A6-0C8C-49D3-9F88-38F372ED3159}: [DhcpNameServer] 10.4.0.2 10.4.0.3
Tcpip\..\Interfaces\{A444C385-2D30-4E8E-8BC5-5E0D0CBE1607}: [DhcpNameServer] 192.168.33.1
Tcpip\..\Interfaces\{F9BFAAC4-54AD-47B3-8C7C-E4FCB8DF13E6}: [DhcpNameServer] 147.231.58.1 147.231.12.1

Internet Explorer:
==================
HKU\S-1-5-21-2644494735-1459529413-616944993-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.lenovo.com/
HKU\S-1-5-21-2644494735-1459529413-616944993-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-2644494735-1459529413-616944993-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2644494735-1459529413-616944993-1002 -> DefaultScope {3637FA6A-3C99-405F-A237-33AB32C28781} URL =
SearchScopes: HKU\S-1-5-21-2644494735-1459529413-616944993-1002 -> {3637FA6A-3C99-405F-A237-33AB32C28781} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-01-12] (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-01-12] (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-2644494735-1459529413-616944993-1002 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\afihx4hs.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-12] ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-01-12] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-01-12] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-23] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-23] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-23] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-12] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-16] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-07-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-07-23] (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin HKU\.DEFAULT: ditec.sk/DitecZepDViewerFb -> C:\Program Files (x86)\Ditec\DViewer\npDitec.Zep.DViewerFb.dll [2014-01-14] (Ditec, a.s.)
FF Plugin HKU\.DEFAULT: ditec.sk/DSigXadesExtenderFb -> C:\Program Files (x86)\Ditec\DSigXadesExtender\npDitec.Zep.DSigXadesExtenderFb.dll [2014-01-14] (Ditec, a.s.)
FF Plugin HKU\.DEFAULT: ditec.sk/DSigXadesFb -> C:\Program Files (x86)\Ditec\DSigXades\npDitec.Zep.DSigXadesFb.dll [2014-01-14] (Ditec,a.s.)
FF Plugin HKU\S-1-5-21-2644494735-1459529413-616944993-1002: @talk.google.com/GoogleTalkPlugin -> C:\Users\Lenovo\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-2644494735-1459529413-616944993-1002: @talk.google.com/O1DPlugin -> C:\Users\Lenovo\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-2644494735-1459529413-616944993-1002: @tools.google.com/Google Update;version=3 -> C:\Users\Lenovo\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-2644494735-1459529413-616944993-1002: @tools.google.com/Google Update;version=9 -> C:\Users\Lenovo\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-2644494735-1459529413-616944993-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Lenovo\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-09-08] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2644494735-1459529413-616944993-1002: ditec.sk/DitecZepDViewerFb -> C:\Program Files (x86)\Ditec\DViewer\npDitec.Zep.DViewerFb.dll [2014-01-14] (Ditec, a.s.)
FF Plugin HKU\S-1-5-21-2644494735-1459529413-616944993-1002: ditec.sk/DSigXadesExtenderFb -> C:\Program Files (x86)\Ditec\DSigXadesExtender\npDitec.Zep.DSigXadesExtenderFb.dll [2014-01-14] (Ditec, a.s.)
FF Plugin HKU\S-1-5-21-2644494735-1459529413-616944993-1002: ditec.sk/DSigXadesFb -> C:\Program Files (x86)\Ditec\DSigXades\npDitec.Zep.DSigXadesFb.dll [2014-01-14] (Ditec,a.s.)
FF Plugin HKU\S-1-5-21-2644494735-1459529413-616944993-1002: LWAPlugin15.8 -> C:\Users\Lenovo\AppData\Roaming\Mozilla\Plugins\npLWAPlugin15.8.dll [2013-03-13] (Microsoft Corporation)
FF Plugin HKU\S-1-5-21-2644494735-1459529413-616944993-1002: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-09-23] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Lenovo\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Lenovo\AppData\Roaming\mozilla\plugins\npLWAPlugin15.8.dll [2013-03-13] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\Lenovo\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Extension: Adblock Plus - C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\afihx4hs.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-01-12]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-05-01]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\Ditec.Zep.DSigXadesFb.js [2014-03-05]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\Ditec.Zep.DViewerFb.js [2014-03-05]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [967040 2015-03-20] ()
S3 BRSptSvc; C:\ProgramData\BitRaider\BRSptSvc.exe [477960 2014-06-07] (BitRaider, LLC)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [238376 2015-06-06] (EasyAntiCheat Ltd)
R2 ExpressCache; C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe [107792 2013-07-03] (Condusiv Technologies)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155216 2015-07-24] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-04-30] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-05-16] (Intel Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-18] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-16] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1871504 2015-07-24] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544592 2015-07-24] (NVIDIA Corporation)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [38200 2014-11-07] (The OpenVPN Project)
S3 Origin Client Service; Z:\Origin\OriginClientService.exe [2007048 2015-07-25] (Electronic Arts)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2014-07-01] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BRDriver64; C:\ProgramData\BitRaider\BRDriver64.sys [75048 2014-06-07] (BitRaider)
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2013-09-05] (Motorola Solutions, Inc.)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
U3 dtscsidrv; C:\Windows\System32\Drivers\dtscsidrv.sys [309248 2014-05-28] (Disc Soft Ltd)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-05-28] (Disc Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 ETDSMBus; C:\Windows\system32\DRIVERS\ETDSMBus.sys [22280 2013-05-16] (ELAN Microelectronic Corp.)
R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [25872 2013-07-03] (Condusiv Technologies)
R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [112912 2013-07-03] (Condusiv Technologies)
S3 GemCCID; C:\Windows\system32\DRIVERS\GemCCID.sys [129792 2013-02-22] (Gemalto)
S3 GeneStor; C:\Windows\System32\drivers\GeneStor.sys [91368 2013-03-22] (GenesysLogic)
R3 NETwNe64; C:\Windows\system32\DRIVERS\Netwew00.sys [3345376 2013-10-08] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-07-24] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47976 2015-07-03] (NVIDIA Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [8243272 2013-03-15] (Realtek Semiconductor Corp.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-05-28] (Duplex Secure Ltd.)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-25 14:05 - 2015-09-25 14:05 - 00024858 _____ C:\Users\Lenovo\Desktop\FRST.txt
2015-09-25 12:51 - 2015-09-25 12:51 - 02192384 _____ (Farbar) C:\Users\Lenovo\Desktop\FRST64.exe
2015-09-23 20:09 - 2015-09-24 07:44 - 00000199 _____ C:\Users\Lenovo\Desktop\Tomb Raider.url
2015-09-20 19:22 - 2015-09-23 11:33 - 00000849 _____ C:\Users\Lenovo\Desktop\urgenttne tufu.txt
2015-09-20 08:17 - 2015-09-24 07:45 - 00000000 ____D C:\Users\Lenovo\Desktop\HRY NA KTORE MAM CHUT
2015-09-18 22:45 - 2015-09-18 22:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-09-17 05:55 - 2015-09-17 05:55 - 00000000 ___SH C:\DkHyperbootSync
2015-09-16 04:19 - 2015-09-16 04:19 - 00017485 _____ C:\WINDOWS\DirectX.log
2015-09-15 23:29 - 2015-09-15 23:29 - 00000201 _____ C:\Users\Lenovo\Desktop\SpaceChem.url
2015-09-15 22:40 - 2015-09-15 22:40 - 00000202 _____ C:\Users\Lenovo\Desktop\Alan Wake's American Nightmare.url
2015-09-12 13:28 - 2015-09-12 13:28 - 1113666901 _____ C:\WINDOWS\MEMORY.DMP
2015-09-12 13:28 - 2015-09-12 13:28 - 00480992 _____ C:\WINDOWS\Minidump\091215-24312-01.dmp
2015-09-10 23:58 - 2015-09-10 23:58 - 00000202 _____ C:\Users\Lenovo\Desktop\Platformines.url
2015-09-07 22:36 - 2015-09-23 11:29 - 00003556 _____ C:\Users\Lenovo\Desktop\list elite.txt
2015-09-07 22:13 - 2015-09-07 22:13 - 00000710 _____ C:\WINDOWS\PFRO.log
2015-09-07 21:25 - 2015-09-07 21:26 - 00997927 _____ C:\Users\Lenovo\Downloads\O15CTRRemove.diagcab
2015-09-07 20:56 - 2015-09-12 13:29 - 00000693 _____ C:\WINDOWS\setupact.log
2015-09-07 20:56 - 2015-09-07 20:56 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-09-07 15:03 - 2015-07-30 16:04 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-09-07 15:03 - 2015-07-30 15:48 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-09-07 14:37 - 2015-07-16 23:14 - 25192448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-09-07 14:37 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-09-07 14:37 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-09-07 14:37 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-09-07 14:37 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-09-07 14:37 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-09-07 14:37 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-09-07 14:37 - 2015-07-16 22:20 - 19870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-09-07 14:37 - 2015-07-16 21:53 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-09-07 14:37 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-09-07 14:37 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-09-07 14:37 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-09-07 14:37 - 2015-07-16 21:45 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-09-07 14:37 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-09-07 14:37 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-09-07 14:37 - 2015-07-16 21:38 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-09-07 14:37 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-09-07 14:37 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-09-07 14:37 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-09-07 14:37 - 2015-07-16 21:14 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-09-07 14:37 - 2015-07-16 21:13 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-09-07 14:37 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-09-07 14:37 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-09-07 14:37 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-09-07 14:37 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-09-07 14:37 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-09-07 14:37 - 2015-07-16 20:52 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-09-07 14:37 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-09-07 14:37 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-09-07 14:37 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-09-07 14:37 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-09-07 14:36 - 2015-07-19 03:58 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-09-07 14:36 - 2015-07-18 20:51 - 03704320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-09-07 14:36 - 2015-07-18 20:31 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-09-07 14:36 - 2015-07-18 20:31 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-09-07 14:36 - 2015-07-18 20:31 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-09-07 14:36 - 2015-07-18 20:29 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-09-07 14:36 - 2015-07-18 20:29 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-09-07 14:36 - 2015-07-18 20:29 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-09-07 14:36 - 2015-07-18 20:28 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-09-07 14:36 - 2015-07-18 20:12 - 02228736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-09-07 14:36 - 2015-07-18 20:10 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-09-07 14:36 - 2015-07-18 20:09 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-09-07 14:36 - 2015-07-16 02:29 - 07458648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-09-07 14:36 - 2015-07-16 02:29 - 01735000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-09-07 14:36 - 2015-07-16 02:29 - 00101720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2015-09-07 14:36 - 2015-07-16 02:28 - 01499920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-09-07 14:36 - 2015-07-10 19:54 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2015-09-07 14:36 - 2015-07-07 11:40 - 00270168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-09-07 14:36 - 2015-07-07 11:40 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-09-07 14:36 - 2015-07-07 11:40 - 00044560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-09-07 14:36 - 2015-06-12 19:03 - 18823680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-09-07 14:36 - 2015-06-12 18:36 - 15159296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-09-07 14:36 - 2015-06-09 20:27 - 00411133 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-09-07 14:35 - 2015-07-29 16:37 - 01994752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-09-07 14:35 - 2015-07-29 16:30 - 01381888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-09-07 14:35 - 2015-07-29 16:23 - 01559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-09-07 14:35 - 2015-07-29 01:24 - 00025776 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2015-09-07 14:35 - 2015-07-28 16:24 - 01148416 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-09-07 14:35 - 2015-07-28 16:24 - 01116160 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-09-07 14:35 - 2015-07-28 16:24 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-09-07 14:35 - 2015-07-28 16:24 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-09-07 14:35 - 2015-07-28 16:24 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-09-07 14:35 - 2015-07-28 16:24 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-09-07 14:35 - 2015-07-24 20:57 - 04177408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-09-07 14:35 - 2015-07-24 20:57 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-09-07 14:35 - 2015-07-24 20:52 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-09-07 14:35 - 2015-07-24 19:27 - 00301568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-09-07 14:35 - 2015-07-24 19:23 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-09-07 14:35 - 2015-07-14 05:22 - 02529880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-09-07 14:35 - 2015-07-14 05:21 - 01901776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-09-07 14:35 - 2015-07-13 21:46 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2015-09-07 14:35 - 2015-07-13 21:45 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2015-09-07 14:35 - 2015-07-10 20:19 - 01101824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2015-09-07 14:35 - 2015-07-10 19:42 - 02345472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-09-07 14:35 - 2015-07-10 19:14 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2015-09-07 14:35 - 2015-07-10 19:13 - 07032320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2015-09-07 14:35 - 2015-07-10 18:47 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-09-07 14:35 - 2015-07-10 18:31 - 06213120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2015-09-07 14:35 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2015-09-07 14:35 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2015-09-07 14:35 - 2015-07-09 18:30 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2015-09-07 14:35 - 2015-07-02 00:19 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2015-09-07 14:35 - 2015-07-02 00:16 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2015-09-07 14:35 - 2015-07-01 23:37 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2015-09-07 14:35 - 2015-07-01 23:35 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2015-09-07 14:35 - 2015-06-11 22:12 - 02476376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-09-07 14:35 - 2015-06-11 22:12 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-09-07 14:34 - 2015-06-10 00:39 - 00081920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2015-09-07 14:34 - 2015-06-10 00:39 - 00053248 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2015-09-07 14:34 - 2015-06-10 00:38 - 01201664 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2015-09-07 14:06 - 2015-09-07 14:06 - 00000202 _____ C:\Users\Lenovo\Desktop\Robocraft.url
2015-09-07 14:01 - 2015-09-07 14:01 - 00000201 _____ C:\Users\Lenovo\Desktop\Moonbase Alpha.url
2015-09-07 13:56 - 2015-09-07 13:56 - 00000202 _____ C:\Users\Lenovo\Desktop\To the Moon.url
2015-09-07 13:55 - 2015-09-07 13:55 - 00000202 _____ C:\Users\Lenovo\Desktop\Always Sometimes Monsters.url
2015-09-07 13:41 - 2015-09-07 13:41 - 00000202 _____ C:\Users\Lenovo\Desktop\L.A. Noire.url
2015-09-07 13:37 - 2015-09-23 10:26 - 00000140 _____ C:\Users\Lenovo\Desktop\zoznam hier prejdene napis recenziu a dokonci achievementy.txt
2015-09-07 13:15 - 2015-09-07 13:15 - 00000202 _____ C:\Users\Lenovo\Desktop\Outlast.url
2015-09-07 13:15 - 2015-07-14 23:59 - 01113944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-09-07 13:15 - 2015-07-14 23:59 - 00487256 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2015-09-07 13:15 - 2015-07-14 23:59 - 00393560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2015-08-30 17:09 - 2015-08-30 17:09 - 00000202 _____ C:\Users\Lenovo\Desktop\World of Guns Gun Disassembly.url

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-25 14:05 - 2014-12-31 11:36 - 00000000 ____D C:\FRST
2015-09-25 14:05 - 2014-01-12 22:30 - 00000000 ____D C:\Temp
2015-09-25 14:02 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-09-25 13:51 - 2015-05-01 10:48 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-09-25 13:32 - 2014-06-07 15:45 - 00000966 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2644494735-1459529413-616944993-1002UA.job
2015-09-25 13:10 - 2015-07-09 12:33 - 00000406 _____ C:\WINDOWS\Tasks\update-sys.job
2015-09-25 12:42 - 2014-02-23 04:35 - 00281688 _____ C:\WINDOWS\SysWOW64\PnkBstrB.xtr
2015-09-25 12:42 - 2014-02-23 04:29 - 00281688 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2015-09-25 12:10 - 2015-07-09 12:33 - 00000406 _____ C:\WINDOWS\Tasks\update-S-1-5-21-2644494735-1459529413-616944993-1002.job
2015-09-25 11:37 - 2015-05-02 18:00 - 01140820 _____ C:\WINDOWS\WindowsUpdate.log
2015-09-25 11:36 - 2014-01-14 19:12 - 00003970 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{3C852C74-F254-4286-BE80-FD0C7A8A7E67}
2015-09-25 07:25 - 2015-08-13 07:08 - 00000000 ____D C:\Users\Lenovo\AppData\Roaming\StarTrekPC
2015-09-25 01:42 - 2014-02-23 04:29 - 00281688 _____ C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2015-09-24 19:32 - 2014-06-07 15:45 - 00000914 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2644494735-1459529413-616944993-1002Core.job
2015-09-24 10:07 - 2014-01-12 02:10 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2644494735-1459529413-616944993-1002
2015-09-24 09:28 - 2015-07-09 12:51 - 00000495 ____H C:\Users\Lenovo\Downloads\fssort.ini
2015-09-24 09:25 - 2014-01-13 00:33 - 03800064 ___SH C:\Users\Lenovo\Downloads\Thumbs.db
2015-09-24 08:26 - 2014-04-22 22:06 - 00000000 ____D C:\Users\Lenovo\AppData\Roaming\foobar2000
2015-09-23 22:58 - 2014-11-11 19:32 - 00000000 ____D C:\Users\Lenovo\AppData\Roaming\vlc
2015-09-23 20:26 - 2015-04-21 14:00 - 00000000 ____D C:\Users\Lenovo\AppData\Roaming\Skype
2015-09-23 18:45 - 2014-01-12 01:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-09-23 18:45 - 2014-01-12 01:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-09-23 12:00 - 2013-11-14 14:40 - 01783676 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-09-23 12:00 - 2013-11-14 14:24 - 00743302 _____ C:\WINDOWS\system32\perfh005.dat
2015-09-23 12:00 - 2013-11-14 14:24 - 00157852 _____ C:\WINDOWS\system32\perfc005.dat
2015-09-23 11:29 - 2014-10-10 13:57 - 00000000 ____D C:\Users\Lenovo\Desktop\hry
2015-09-23 10:34 - 2015-05-15 11:30 - 00001221 _____ C:\Users\Lenovo\Desktop\anglina base.txt
2015-09-22 23:54 - 2014-07-27 18:13 - 00000000 ____D C:\Users\Lenovo\Downloads\filmy
2015-09-19 12:17 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-09-18 22:45 - 2015-04-21 14:00 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-09-18 22:45 - 2015-04-21 14:00 - 00000000 ____D C:\ProgramData\Skype
2015-09-16 19:27 - 2014-06-07 15:45 - 00003914 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2644494735-1459529413-616944993-1002UA
2015-09-16 19:27 - 2014-06-07 15:45 - 00003534 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2644494735-1459529413-616944993-1002Core
2015-09-16 12:59 - 2014-01-12 10:12 - 00000000 ___DO C:\Users\Lenovo\SkyDrive
2015-09-16 05:00 - 2014-01-12 16:11 - 00000000 ____D C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-09-16 04:20 - 2014-05-12 12:15 - 00000000 ____D C:\Users\Lenovo\Documents\Remedy
2015-09-15 23:34 - 2014-10-15 23:30 - 00897024 ___SH C:\Users\Lenovo\Desktop\Thumbs.db
2015-09-13 04:01 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-09-12 14:02 - 2014-03-22 00:41 - 00000000 ____D C:\Users\Lenovo\Desktop\PROGRAMY
2015-09-12 13:29 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-09-12 13:28 - 2015-03-05 01:00 - 00000000 ____D C:\ProgramData\NVIDIA
2015-09-12 13:28 - 2014-06-15 04:45 - 00000000 ____D C:\WINDOWS\Minidump
2015-09-07 22:13 - 2013-08-22 16:44 - 00480064 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-09-07 22:13 - 2013-08-22 15:25 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2015-09-07 21:46 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-09-07 21:42 - 2014-01-12 22:32 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-09-07 21:42 - 2013-11-14 14:26 - 00000000 ____D C:\WINDOWS\ShellNew
2015-09-07 21:37 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Common Files\System
2015-09-07 21:37 - 2013-08-22 15:25 - 00000076 _____ C:\WINDOWS\win.ini
2015-09-07 20:55 - 2014-01-12 19:53 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-09-07 20:55 - 2014-01-12 19:53 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-09-07 20:53 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-09-07 20:53 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-09-07 20:53 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Defender
2015-09-07 20:53 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-09-07 15:04 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-09-07 15:03 - 2014-01-12 19:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-09-07 15:01 - 2014-01-12 19:04 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-09-07 14:58 - 2014-01-12 19:04 - 132483416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-09-07 14:53 - 2015-04-21 18:42 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-09-07 14:53 - 2014-12-06 13:16 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-09-07 14:52 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-07 14:52 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-07 13:58 - 2015-04-13 15:08 - 00000202 _____ C:\Users\Lenovo\Desktop\Brothers - A Tale of Two Sons.url
2015-09-07 13:38 - 2014-01-14 17:42 - 00004956 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for ERIDUAN-Lenovo Eriduan
2015-09-07 13:24 - 2014-02-06 16:01 - 00000000 ____D C:\Users\Lenovo\Documents\Soubory aplikace Outlook
2015-09-05 03:08 - 2014-06-27 19:07 - 00000000 ____D C:\Users\Lenovo\AppData\Roaming\Bioshock
2015-08-30 18:26 - 2015-06-10 15:43 - 00000000 ____D C:\Users\Lenovo\Desktop\balast
2015-08-30 17:10 - 2015-05-15 10:27 - 00000000 ____D C:\Users\Lenovo\Desktop\Lucka

==================== Files in the root of some directories =======

2014-09-10 06:27 - 2014-09-10 06:27 - 0000094 _____ () C:\Users\Lenovo\AppData\Local\fusioncache.dat
2014-03-25 16:47 - 2014-03-25 16:47 - 0015738 _____ () C:\Users\Lenovo\AppData\Local\recently-used.xbel
2014-01-12 12:52 - 2014-10-29 15:50 - 0007602 _____ () C:\Users\Lenovo\AppData\Local\resmon.resmoncfg
2015-07-09 12:33 - 2015-07-09 12:33 - 0000003 _____ () C:\Users\Lenovo\AppData\Local\updater.log
2015-07-09 12:33 - 2015-07-09 12:33 - 0000424 _____ () C:\Users\Lenovo\AppData\Local\UserProducts.xml
2013-09-29 20:34 - 2013-09-29 20:34 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-09-25 12:08

==================== End of FRST.txt ============================

#4 Příspěvek od **Rudy** » 25 zář 2015 18:18

Otevřte poznámkový blok a zkopírujte do něj:

Start
AppInit_DLLs-x32: �Ȇ噎䵒 => No File
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2644494735-1459529413-616944993-1002 -> DefaultScope {3637FA6A-3C99-405F-A237-33AB32C28781} URL =
SearchScopes: HKU\S-1-5-21-2644494735-1459529413-616944993-1002 -> {3637FA6A-3C99-405F-A237-33AB32C28781} URL =
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
C:\Program Files (x86)\Skype\Toolbars
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2644494735-1459529413-616944993-1002UA.job
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2644494735-1459529413-616944993-1002Core.job
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2644494735-1459529413-616944993-1002UA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2644494735-1459529413-616944993-1002Core
C:\ProgramData\DP45977C.lfl
CustomCLSID: HKU\S-1-5-21-2644494735-1459529413-616944993-1002_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Lenovo\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2644494735-1459529413-616944993-1002_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Lenovo\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2644494735-1459529413-616944993-1002_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Lenovo\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2644494735-1459529413-616944993-1002_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Lenovo\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2644494735-1459529413-616944993-1002_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Lenovo\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
AlternateDataStreams: C:\Users\Lenovo\SkyDrive:ms-properties
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

eriduan · #5 Příspěvek od **eriduan** » 26 zář 2015 03:12

Tak fixlo to v poriadku. No predtym nez som to dal fixunt som mal PC vypnute a jeho zapinanie bolo velmo divne. Najprv som zadal bios heslo a potom nasledovala asi 30 min cierna obrazovkka, nakoniec naskocil login do windowsu tak som zadal heslo. zase bola cierna obrazovka tetntoraz asi 15 min. a potom zas naskocilo bios heslo. Akoby sa medzicasom restartovalo pc. Tak som ho zase zadal a potom 5 min nic iba cierno a naskocil windows, zase som zadal heslo. A to uz sa win spustil len bol taky divny spomaleny. Na nic neslo kliknut poriadne. A ked som aj nieco spravil tak to trvalo dlhe minuty nez sa akcia vykonala. to je fakt divne spravanie.
Nakoniec som ho nechal nech dopracuje niekolko hodin a spustil som fixit. restart prebehol normalne a prihlasenie tiez. (tzn ziadne dlhe prodlevy ani dvojite prihlasovanie) zobrazil sa log a ten som sem pridal.

Fix result of Farbar Recovery Scan Tool (x64) Version:23-09-2015
Ran by Lenovo (2015-09-26 03:55:34) Run:1
Running from C:\Users\Lenovo\Desktop
Loaded Profiles: Lenovo (Available Profiles: Lenovo)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
AppInit_DLLs-x32: �Ȇ噎䵒 => No File
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2644494735-1459529413-616944993-1002 -> DefaultScope {3637FA6A-3C99-405F-A237-33AB32C28781} URL =
SearchScopes: HKU\S-1-5-21-2644494735-1459529413-616944993-1002 -> {3637FA6A-3C99-405F-A237-33AB32C28781} URL =
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
C:\Program Files (x86)\Skype\Toolbars
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2644494735-1459529413-616944993-1002UA.job
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2644494735-1459529413-616944993-1002Core.job
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2644494735-1459529413-616944993-1002UA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2644494735-1459529413-616944993-1002Core
C:\ProgramData\DP45977C.lfl
CustomCLSID: HKU\S-1-5-21-2644494735-1459529413-616944993-1002_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Lenovo\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2644494735-1459529413-616944993-1002_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Lenovo\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2644494735-1459529413-616944993-1002_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Lenovo\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2644494735-1459529413-616944993-1002_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Lenovo\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2644494735-1459529413-616944993-1002_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Lenovo\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
AlternateDataStreams: C:\Users\Lenovo\SkyDrive:ms-properties
End
*****************

"�Ȇ噎䵒" => Value data not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive1" => key removed successfully
HKCR\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive2" => key removed successfully
HKCR\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive3" => key removed successfully
HKCR\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive1" => key removed successfully
HKCR\Wow6432Node\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive2" => key removed successfully
HKCR\Wow6432Node\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive3" => key removed successfully
HKCR\Wow6432Node\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-21-2644494735-1459529413-616944993-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-2644494735-1459529413-616944993-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{3637FA6A-3C99-405F-A237-33AB32C28781}" => key removed successfully
HKCR\CLSID\{3637FA6A-3C99-405F-A237-33AB32C28781} => key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKCR\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
C:\Program Files (x86)\Skype\Toolbars => moved successfully
c2cautoupdatesvc => Unable to stop service.
c2cautoupdatesvc => service removed successfully
c2cpnrsvc => Unable to stop service.
c2cpnrsvc => service removed successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2644494735-1459529413-616944993-1002UA.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2644494735-1459529413-616944993-1002Core.job => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2644494735-1459529413-616944993-1002UA => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2644494735-1459529413-616944993-1002Core => moved successfully
Could not move "C:\ProgramData\DP45977C.lfl" => Scheduled to move on reboot.
"HKU\S-1-5-21-2644494735-1459529413-616944993-1002_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}" => key removed successfully
"HKU\S-1-5-21-2644494735-1459529413-616944993-1002_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}" => key removed successfully
"HKU\S-1-5-21-2644494735-1459529413-616944993-1002_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}" => key removed successfully
"HKU\S-1-5-21-2644494735-1459529413-616944993-1002_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}" => key removed successfully
"HKU\S-1-5-21-2644494735-1459529413-616944993-1002_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}" => key removed successfully
"C:\Users\Lenovo\SkyDrive" => ":ms-properties" ADS not found.

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-09-26 03:59:41)<=

"C:\ProgramData\DP45977C.lfl" => Could not move

==== End of Fixlog 03:59:41 ====

#6 Příspěvek od **Rudy** » 26 zář 2015 10:43

Smazáno. Nastala nějaká změna?

eriduan · #7 Příspěvek od **eriduan** » 26 zář 2015 12:22

ano. furt mi nieco pada. akykolvek program spustim tak padne po chvilke.

no a co sa tyka toho pomaleho spustania. neviem zatial nebol vypnuty. stale bezi. a k tomu zas pyta nejake aktualizacie. snad nezozerie polku disku.

aky si mam dat antivirak? nejaky zadarmo? alebo firewall. ani jedno nemam.
iba to nativne cudo od win8.1 ako zatial funguje neviem ako kvalitne

a co sa tyka velkosti miesta na disku. tak to si myslim ze sa spravilo. ukazuje ze mam 50GB volneho miesta na C. tak snad je to to co som uvolnil pocas tych predhcadzajucich aktualizacii.

#8 Příspěvek od **Rudy** » 26 zář 2015 15:43

Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

eriduan · #9 Příspěvek od **eriduan** » 01 říj 2015 09:47

Dobrý deň sken urobim dnes v noci.
zatial pridavam novy problem:

screenshot z aplikacie Posta (nativna posta 8.1, snad ju poznate.)
rozhasene pismena. nerozumiem tomu. z nicoho nic sa to stalo, apllilkacia bola len minimalizovana, a prisiel mi mail od realitnej agentky s navrhom zmluvy nezazipovany samozrejme. po stiahnuti a otvoreni jej suboru som tu aplikaciu ozivil z minimalizovaneho stavu a toto nasiel. potom sa to same dalo doporiadku po naslednom vypnuti a zapnuti aplikacie.

Pc radsej nevypnem. ked odidem od neho.
bojim ze sa nezapne.

#10 Příspěvek od **Rudy** » 01 říj 2015 17:26

Znám, ale nemám s ní zkušenosti. Jestli je možné přeinstalovat, zkuste to.

eriduan · #11 Příspěvek od **eriduan** » 16 lis 2015 14:43

pardon za dlhsiu neaktivitu. mal som toho hodne na praci a pc som moc nezapinal. bol som mimo ČR.
Takze ten test som zbehol len som ho uz nestihol zavesit. Myslim ze mi tam nic nenaslo. niesom si isty. Mam taky divny pocit ze to co sa deje, ze mi niekedy nejde spustit rychlo pocitac ale ze sa spusta strasne dlho ma nejaky suvis s aktualizaciami. neviem to ale posudit.
Aj dnes sa mi tak pustal. PC som zapol. dal som heslo od biosu, cakal som pri ciernej obrazovke 15 min. potom sa PC restartovalo. dal som zase bios heslo. a prakticky hned naskocil win a heslo do win 8.1. Prihlasil som sa a pc funguje.

tu prikladam MBAM log:

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 26.10.2015
Scan Time: 13:49
Logfile: testmbam.txt
Administrator: Yes

Version: 2.2.0.1024
Malware Database: v2015.10.26.03
Rootkit Database: v2015.10.23.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: Lenovo

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 351748
Time Elapsed: 8 min, 49 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)

(end)

#12 Příspěvek od **Rudy** » 16 lis 2015 18:03

PC je evidentně bez virů. S těmi aktualizacem to souvislost mít může. K tomu, abyste zjistil, která z nich to způsobuje, budete muset jednu po druhé odinstalovat.

eriduan · #13 Příspěvek od **eriduan** » 24 pro 2015 01:27

Fuuu. To bola dlha doba. Ale na nieco som kapol.

Odinstaluval som hlavne aktualizacie a pomimo to aj cestoval. Prisiel som domov k rodicom a kedze som si neuvedomil ze doma asi nemaju taku striktnu politiku kondomov na USB ked davat do PC, tak som nechal vyhladat v ich wifi sieti aj ine zariadenia. Bac ho. Pripojil sa mi k mojemu PC externy disk od domaceho pc skrz wifi.
Tentoraz zareagoval Windows Defender.
Z cista jasna sa mi chcela aktualizovat Java a ja z uplnej lenivosti som ju neocekoval ze ci je novsia verzia. A dal oka Update.
Nasledne defender krici asi 7 krat po sebe ze mam Malware.
Trojan:JS/Redirector.OY
Fuu. prave mi bezi na pozadi kontrola od defendera. uplna. a potom dam pustit aj malwarebytes. ked on dobehne.
Raz prebehol uz aj restart systemu bo sa mi zdal pc nejaky zasekany po tom update. tak som ho natvrdo vypol.
a zas zapolo. pocas zapinania sa zas stalo to ze sa nejaku dobu nic nedialo a potom sa restartol a zas bol na zaciatku bootovania.
no teraz si myslim ze ten defender nieco nasiel tak davam tu kompletnu kontrolu nim. a potom ak bude chciet restart tak restartujem a dam aj skrz malwarebytes preskenovat system.

to jest zatial vse.

Original: 24.12.2015 time: 0130
EDIT: 24.12.2015 time: 0945
nasledujuci text je pridany po revizii

Takze sa mi podarilo preskenovat PC.
MalwareBytes nenasiel uplne ze nic. No pocas jeho skenu sa zase ozval ten Win.Defender a nasiel dalsie kopie toho malwaru.
To ma nahnevalo a dal som ho prosto zmazat. Odstranil som cely adresar - 3GB dokumenty z Jaderky. Nejake protokoly to boli a obsahovali nejake *.htm subory v ktorych sa skryval ten malware.
Prikladam fotku jak som skenoval MBAMom a popritom mi WinDefender zahlasil ze nasiel a riesil problem. Ako som si vsimol tak nic nezmazal iba dal do karanteny. Takze som stlacil vo WinDefender tlacitko Vymazat vsetko

Nasledne mi malwarebytes dobehol a prehlasil ze pc je cisty. (skenoval som aj Rootkity)
Spustil som WinDefender este raz s nastavenim Uplny sken. Po 9. hodinach zahlasil ze PC je chranene a monitorovane. No nevypluvol ziadny log. Predpokladam ze to znamena ze je PC ciste.

Moja terajsia otazka znie.
existuje nejaky speci nastroj na hladanie pozostatkov alebo nainstalovanych sucasti tohoto malwaru?
Trojan:JS/Redirector.OY

Dalej. Rad by som odinstaloval Java runtime a stiahol ju nanovo. Objavilo sa to spolu s updatom tej Javy. Tak ci tam nie je nejaky problem.
Ako stiahnem z Java stranky ich uninstaler. Alebo ako ju kompletne odinstalujem tak aby bolo vsetko prec akoby tu ani nikdy nebola?

Prajem Stastne a vesele a Dakujem.

#14 Příspěvek od **Rudy** » 24 pro 2015 11:52

Defender by ho měl odstranit, jak se píše zde: https://translate.google.cz/translate?h ... rev=search .

Hezké svátky a šťastný a veselý!

VIRY.CZ

spomaleny system a miznuce miesto z disku

spomaleny system a miznuce miesto z disku

Re: spomaleny system a miznuce miesto z disku

Re: spomaleny system a miznuce miesto z disku

Re: spomaleny system a miznuce miesto z disku

Re: spomaleny system a miznuce miesto z disku

Re: spomaleny system a miznuce miesto z disku

Re: spomaleny system a miznuce miesto z disku

Re: spomaleny system a miznuce miesto z disku

Re: spomaleny system a miznuce miesto z disku

Re: spomaleny system a miznuce miesto z disku

Re: spomaleny system a miznuce miesto z disku

Re: spomaleny system a miznuce miesto z disku

Re: spomaleny system a miznuce miesto z disku

Re: spomaleny system a miznuce miesto z disku