Prosba o pomoc - zaplňuje se pevný disk

Zpráva

#16 Příspěvek od **Márty84** » 20 dub 2015 18:29

Fajn, tak jeste MBAM

liceli · #17 Příspěvek od **liceli** » 20 dub 2015 18:41

Ahoj, vkládám výsledek skenu MAM:

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 20.4.2015
Čas skenování: 14:27:35
Protokol:
Správce: Ano

Verze: 2.01.4.1018
Databáze malwaru: v2015.04.20.02
Databáze rootkitů: v2015.03.31.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x86
Souborový systém: NTFS
Uživatel: Briza

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 1316406
Uplynulý čas: 5 hod, 8 min, 33 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 1
PUP.Optional.PlusHD.A, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\Plus-HD-7.6, , [cd0591dd4941b482437ce220be46e917],

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 8
Extension.Mismatch, G:\LIPOTOP_Svoboda\obnova\Kolankiewicz Noutonice PT+L 1-2012 (1)_1.JPG, , [21b176f8256506302572475629d7916f],
Extension.Mismatch, G:\LIPOTOP_Svoboda\obnova\Kolankiewicz Noutonice PT+L 1-2012 (1).JPG, , [834fa5c95238b6808314b6e7cf31f10f],
Extension.Mismatch, G:\LIPOTOP_Svoboda\obnova\ÄermÃ¡k M. Popoice ÃT+K (12).JPG, , [23afe28cb7d375c1bcdb237a47b9b24e],
Extension.Mismatch, G:\LIPOTOP_Svoboda\obnova\ÄermÃ¡k M. Popoice ÃT+K (31).JPG, , [82509ed0f09aba7c0194207d6d930cf4],
Extension.Mismatch, G:\LIPOTOP_Svoboda\obnova\Å½ebrÃ¡k R. Praha StranÄice zamÄÅovÃ¡nÃ 1-2012 (11).JPG, , [389af777503a350111865c41679911ef],
Extension.Mismatch, G:\LIPOTOP_Svoboda\obnova\Å½ebrÃ¡k R. Praha StranÄice zamÄÅovÃ¡nÃ 1-2012 (13).JPG, , [efe3a1cd6921f5410493c4d98c74649c],
Trojan.Agent, G:\ÄernÃ½ tÃ¡ta\ZÃ¡loha flash fialovÃ¡\Windows 7 Activator AIO iGalerie.cz\7Loader R5 by Orbit30&Hazar\7Loader Release 5.exe, , [5280d896731789ad2c580e899d6550b0],
Hacktool.Agent, G:\ÄernÃ½ tÃ¡ta\ZÃ¡loha flash fialovÃ¡\Windows 7 Activator AIO iGalerie.cz\Win7 Loader 1.9.7 by DAZ (1011-02-18)\Windows Loader.exe, , [0fc3a6c873172412436d196141c0d52b],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)

(end)

#18 Příspěvek od **Márty84** » 20 dub 2015 19:00

Vzhledem k tem nalezum... je ten system legalni?

liceli · #19 Příspěvek od **liceli** » 20 dub 2015 19:33

Ano, byl zakoupený při hardvarové opravě počítače a instaloval ho tam přímo prodejce.

#20 Příspěvek od **Márty84** » 21 dub 2015 06:05

Nalezy hodte do karanteny. Po restartu pc test zopakujte, at vime, jestli se to nevraci. Napiste vysledek testu a podle nej zvolim dalsi postup.

liceli · #21 Příspěvek od **liceli** » 21 dub 2015 06:40

Dobré ráno, večer jsem vypnul počítač a nedal nalezené viry do karantény. Jde to nějak načíst a nebo musí proběhnout znovu celý scan? Děkuji

#22 Příspěvek od **Márty84** » 21 dub 2015 17:59

Musi probehnout novy sken, jinak to uz nejde. Leda najit ty soubory a smazat je rucne.

liceli · #23 Příspěvek od **liceli** » 22 dub 2015 05:34

Ahoj, tak odstraněno a znovu naskenováno a posílám výpis:
Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 21.4.2015
Čas skenování: 23:17:14
Protokol:
Správce: Ano

Verze: 2.01.4.1018
Databáze malwaru: v2015.04.21.06
Databáze rootkitů: v2015.04.21.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x86
Souborový systém: NTFS
Uživatel: Briza

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 1318333
Uplynulý čas: 4 hod, 51 min, 31 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 0
(Nenalezeny žádné škodlivé položky)

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)

(end)

#24 Příspěvek od **Márty84** » 22 dub 2015 08:46

MBAM muzete odinstalovat.

Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach

liceli · #25 Příspěvek od **liceli** » 23 dub 2015 06:36

Ahoj, posílám log z FRST.

Díky
Li

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 22-04-2015 01
Ran by Briza (administrator) on TRADER on 23-04-2015 07:33:07
Running from C:\Users\Briza\Desktop
Loaded Profiles: Briza (Available profiles: Briza & Classic .NET AppPool & DefaultAppPool)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
() C:\Program Files\All History Cleaner\HSService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Software602 a.s.) C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
(InterVideo Inc.) C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
(Microsoft Corporation) C:\Windows\System32\CISVC.EXE
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Teruten) C:\Windows\System32\FsUsbExService.Exe
(Microsoft Corporation) C:\Windows\System32\inetsrv\inetinfo.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\TCPSVCS.EXE
(Microsoft Corporation) C:\Windows\System32\snmp.exe
(Microsoft Corporation) C:\Windows\System32\mqtgsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(forum.viry.cz) C:\Users\Briza\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5088456 2015-01-28] (ESET)
HKU\S-1-5-21-1874530476-975385563-1636237756-1000\...\Run: [ISUSPM Startup] => C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2004-06-14] (InstallShield Software Corporation)
ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-02-19] (Google)
ShellIconOverlayIdentifiers: [GDriveSharedEditOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-02-19] (Google)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-02-19] (Google)
ShellIconOverlayIdentifiers: [GDriveSharedViewOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-02-19] (Google)
ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-02-19] (Google)
ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-02-19] (Google)
ShellIconOverlayIdentifiers: [Správa překryvné ikony digitálních podpisů AutoCADu ] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2006-03-05] (Autodesk)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1874530476-975385563-1636237756-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-08-05] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-08-05] (Oracle Corporation)
DPF: {F680B28A-3AEE-4C88-93ED-45AE9215C128} https://adisepo.mfcr.cz/adistc/adis/idp ... tsignx.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.98.231.66 10.98.0.202
Tcpip\..\Interfaces\{6517C550-3C73-4270-9ACE-4286ECDC2765}: [NameServer]

FireFox:
========
FF ProfilePath: C:\Users\Briza\AppData\Roaming\Mozilla\Firefox\Profiles\ofzcbymo.default
FF DefaultSearchEngine: Seznam
FF Homepage: hxxp://pcworld.cz/navody/Integrovana-zaloha-ve-Windows-7-45684|hxxp://pcworld.cz/software/nezbytne-operace-ktere-musite-ihned-provest-na-novem-pc-2-dil-48153
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll [2011-07-26] (GARMIN Corp.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-08-05] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-08-05] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-04] (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-04] (NVIDIA Corporation)
FF Plugin: @software602.cz/602XML Filler -> C:\Program Files\Software602\602XML\Filler\npfiller.dll [2011-11-24] (Software602 a.s.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2012-12-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2012-12-02] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2012-12-02] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2012-12-02] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2012-12-02] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2012-12-02] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll [2012-12-02] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll [2012-12-02] (Apple Inc.)
FF Extension: Adblock Plus - C:\Users\Briza\AppData\Roaming\Mozilla\Firefox\Profiles\ofzcbymo.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-18]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.barchart.com/chart.php?sym=ESM15&st ... Date=#jump", "hxxp://www.barchart.com/chart.php?sym=YMM15&st ... Date=#jump", "hxxp://www.barchart.com/chart.php?sym=NQM15&st ... Date=#jump", "hxxp://www.barchart.com/chart.php?sym=RJM15&st ... Date=#jump", "hxxp://www.forexfactory.com/calendar.php", "hxxp://www.podhajsky.cz/2014/02/zakladem-nasic ... moce-masy/"
CHR Profile: C:\Users\Briza\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Briza\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-23]
CHR Extension: (Google Drive) - C:\Users\Briza\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-23]
CHR Extension: (Seznam Lištička - Email) - C:\Users\Briza\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2014-02-23]
CHR Extension: (YouTube) - C:\Users\Briza\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-23]
CHR Extension: (Google Search) - C:\Users\Briza\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-23]
CHR Extension: (Bookmark Manager) - C:\Users\Briza\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-23]
CHR Extension: (Google Wallet) - C:\Users\Briza\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-27]
CHR Extension: (Gmail) - C:\Users\Briza\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-23]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 602XML Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s.)
R2 Capture Device Service; C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe [198168 2007-03-06] (InterVideo Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1349576 2015-01-28] (ESET)
R2 FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [233472 2013-02-05] (Teruten) [File not signed]
R2 ftpsvc; C:\Windows\system32\inetsrv\ftpsvc.dll [310272 2012-06-01] (Microsoft Corporation)
R2 HSService; C:\Program Files\All History Cleaner\HSService.exe [293664 2012-08-28] ()
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [13824 2009-07-14] (Microsoft Corporation)
R2 iprip; C:\Windows\System32\iprip.dll [29696 2009-07-14] (Microsoft Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
R2 MbnExt; C:\Program Files\T-Mobile\Web'n'walk Manager\MbnExt.dll [417128 2013-12-02] (Gemfor s.r.o.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.0.285\McCHSvc.exe [234776 2012-09-05] (McAfee, Inc.)
R2 MDM; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 MSMQ; C:\Windows\system32\mqsvc.exe [8704 2009-07-14] (Microsoft Corporation)
R2 MSMQTriggers; C:\Windows\system32\mqtgsvc.exe [126464 2010-11-20] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1617696 2014-04-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19702048 2014-04-30] (NVIDIA Corporation)
S3 TipCtrl; C:\Program Files\uTIPu\TipCtrl.exe [318144 2010-09-28] (Utipu inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 dfmirage; C:\Windows\System32\DRIVERS\dfmirage.sys [34128 2008-03-26] (DemoForge, LLC)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [193464 2015-03-10] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [135808 2015-03-10] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [176448 2015-03-10] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [37928 2015-03-10] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [51824 2015-03-10] (ESET)
R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [37344 2013-02-05] () [File not signed]
R3 GemCCID; C:\Windows\System32\Drivers\GemCCID.sys [99968 2014-11-10] (Gemalto)
S3 huawei_cdcacm; C:\Windows\System32\DRIVERS\ew_jucdcacm.sys [95616 2012-04-23] (Huawei Technologies Co., Ltd.)
S3 huawei_ext_ctrl; C:\Windows\System32\DRIVERS\ew_juextctrl.sys [27520 2012-04-23] (Huawei Technologies Co., Ltd.)
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [202752 2012-04-23] (Huawei Technologies Co., Ltd.)
S3 ivusb; C:\Windows\System32\DRIVERS\ivusb.sys [25112 2010-07-29] (Initio Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-03-17] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-03-17] (Malwarebytes Corporation)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [141824 2010-11-20] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [17240 2014-04-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [34080 2014-03-31] (NVIDIA Corporation)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [15688 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [10320 2013-09-30] ()
R3 ROCKEYNT; C:\Windows\System32\DRIVERS\Rockey4.sys [26976 2014-10-16] (Feitian Technologies Co., Ltd.)
S3 seehcri; C:\Windows\System32\DRIVERS\seehcri.sys [27632 2010-12-09] (Sony Ericsson Mobile Communications) [File not signed]
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [324096 2014-02-18] (Duplex Secure Ltd.)
S3 sscebus; C:\Windows\System32\DRIVERS\sscebus.sys [136904 2013-04-03] (MCCI Corporation)
S3 sscemdfl; C:\Windows\System32\DRIVERS\sscemdfl.sys [17864 2013-04-03] (MCCI Corporation)
S3 sscemdm; C:\Windows\System32\DRIVERS\sscemdm.sys [153672 2013-04-03] (MCCI Corporation)
R2 SSPORT; C:\Windows\system32\Drivers\SSPORT.sys [5120 2009-09-10] (Samsung Electronics) [File not signed]
R1 StarOpen; C:\Windows\system32\Drivers\StarOpen.sys [5632 2006-07-24] () [File not signed]
U3 axykxh9i; C:\Windows\system32\Drivers\axykxh9i.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero size file/folder)
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-23 07:33 - 2015-04-23 07:33 - 00017724 _____ () C:\Users\Briza\Desktop\FRST.txt
2015-04-23 07:30 - 2015-04-23 07:30 - 00112640 _____ (forum.viry.cz) C:\Users\Briza\Desktop\FRSTLauncher.exe
2015-04-22 23:05 - 2015-04-22 23:06 - 01139200 _____ (Farbar) C:\Users\Briza\Desktop\FRST.exe
2015-04-22 07:47 - 2015-04-22 07:47 - 00000000 ____D () C:\NVIDIA
2015-04-22 06:53 - 2015-04-22 06:53 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-04-20 14:25 - 2015-04-21 22:46 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-20 14:24 - 2015-04-20 14:24 - 00001060 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-04-20 14:24 - 2015-04-20 14:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-04-20 14:24 - 2015-04-20 14:24 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-04-20 14:24 - 2015-04-20 14:24 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-04-20 14:24 - 2015-03-17 06:15 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-04-20 14:24 - 2015-03-17 06:15 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-04-20 14:24 - 2015-03-17 06:15 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-04-20 14:21 - 2015-04-20 14:21 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Briza\Desktop\mbam-setup-2.1.4.1018.exe
2015-04-20 12:52 - 2015-04-20 12:52 - 02217984 _____ () C:\Users\Briza\Desktop\adwcleaner_4.201.exe
2015-04-19 16:01 - 2015-04-19 16:02 - 02347384 _____ (ESET) C:\Users\Briza\Downloads\esetsmartinstaller_csy.exe
2015-04-19 15:55 - 2015-04-19 15:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2015-04-19 15:55 - 2015-04-19 15:55 - 00000000 ____D () C:\ProgramData\ESET
2015-04-19 15:55 - 2015-04-19 15:55 - 00000000 ____D () C:\Program Files\ESET
2015-04-19 15:46 - 2015-04-19 15:47 - 01582904 _____ (ESET) C:\Users\Briza\Downloads\eset_smart_security_live_installer.exe
2015-04-19 15:26 - 2015-04-19 15:28 - 44167360 _____ (Microsoft Corporation) C:\Users\Briza\Downloads\Windows-KB890830-V5.23.exe
2015-04-19 15:26 - 2015-04-19 15:27 - 00292184 _____ (Microsoft Corporation) C:\Users\Briza\Downloads\dxwebsetup(1).exe
2015-04-19 14:53 - 2015-04-23 06:29 - 00001512 _____ () C:\Windows\setupact.log
2015-04-19 14:53 - 2015-04-22 21:13 - 00004378 _____ () C:\Windows\PFRO.log
2015-04-19 14:53 - 2015-04-19 14:53 - 00000000 _____ () C:\Windows\setuperr.log
2015-04-19 11:34 - 2015-04-19 11:34 - 00000000 ____D () C:\Users\Briza\Desktop\Nová složka
2015-04-19 11:32 - 2015-04-19 11:33 - 00000000 ____D () C:\Users\Briza\Desktop\Přeinstalace WIN7
2015-04-16 06:58 - 2015-04-16 06:58 - 00000000 ___RD () C:\Program Files\Skype
2015-04-16 06:58 - 2015-04-16 06:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-04-16 06:58 - 2015-04-16 06:58 - 00000000 ____D () C:\Program Files\Common Files\Skype
2015-04-15 20:22 - 2015-03-23 05:06 - 00860160 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-15 20:22 - 2015-03-23 05:06 - 00630784 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-15 20:22 - 2015-03-23 05:06 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-15 20:22 - 2015-03-23 05:06 - 00331264 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-15 20:22 - 2015-03-23 05:06 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-15 20:22 - 2015-03-23 05:06 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-15 20:22 - 2015-03-23 05:06 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-15 20:22 - 2015-03-23 04:59 - 00896000 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-15 20:22 - 2015-03-17 07:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-04-15 20:22 - 2015-03-17 07:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-15 20:22 - 2015-03-17 07:01 - 00137656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-15 20:22 - 2015-03-17 07:01 - 00067512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-04-15 20:22 - 2015-03-17 06:59 - 01306112 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-15 20:22 - 2015-03-17 06:57 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-15 20:22 - 2015-03-17 06:57 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-15 20:22 - 2015-03-17 06:57 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-04-15 20:22 - 2015-03-17 06:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-04-15 20:22 - 2015-03-17 06:57 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-15 20:22 - 2015-03-17 06:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-04-15 20:22 - 2015-03-17 06:57 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-04-15 20:22 - 2015-03-17 06:57 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-04-15 20:22 - 2015-03-17 06:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-04-15 20:22 - 2015-03-17 06:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-04-15 20:22 - 2015-03-17 06:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-04-15 20:22 - 2015-03-17 06:57 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-04-15 20:22 - 2015-03-17 06:56 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-04-15 20:22 - 2015-03-17 06:56 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-04-15 20:22 - 2015-03-17 06:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-04-15 20:22 - 2015-03-17 06:56 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-04-15 20:22 - 2015-03-17 06:56 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-04-15 20:22 - 2015-03-17 06:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-04-15 20:22 - 2015-03-17 06:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-15 20:22 - 2015-03-17 06:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-04-15 20:22 - 2015-03-17 06:50 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-15 20:22 - 2015-03-17 06:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-04-15 20:22 - 2015-03-05 06:06 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-15 20:22 - 2015-03-04 06:16 - 00249784 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-15 20:22 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-15 20:21 - 2015-04-02 01:49 - 00342704 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-04-15 20:21 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-15 20:21 - 2015-03-13 05:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-15 20:21 - 2015-03-13 05:42 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-04-15 20:21 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-15 20:21 - 2015-03-13 05:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-04-15 20:21 - 2015-03-13 05:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-15 20:21 - 2015-03-13 05:27 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-04-15 20:21 - 2015-03-13 05:26 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-04-15 20:21 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-15 20:21 - 2015-03-13 05:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-15 20:21 - 2015-03-13 05:20 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-04-15 20:21 - 2015-03-13 05:17 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-15 20:21 - 2015-03-13 05:16 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-15 20:21 - 2015-03-13 05:16 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-04-15 20:21 - 2015-03-13 05:15 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-04-15 20:21 - 2015-03-13 05:09 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-15 20:21 - 2015-03-13 05:06 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-15 20:21 - 2015-03-13 05:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-15 20:21 - 2015-03-13 04:57 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-04-15 20:21 - 2015-03-13 04:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-15 20:21 - 2015-03-13 04:54 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-15 20:21 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-15 20:21 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-15 20:21 - 2015-03-13 04:43 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-15 20:21 - 2015-03-13 04:43 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-15 20:21 - 2015-03-13 04:42 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-04-15 20:21 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-15 20:21 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-15 20:21 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-15 20:21 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-15 20:20 - 2015-03-25 05:00 - 03088384 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-15 20:20 - 2015-03-25 05:00 - 02020864 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-15 20:20 - 2015-03-25 05:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-15 20:20 - 2015-03-25 05:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-15 20:20 - 2015-03-25 05:00 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-15 20:20 - 2015-03-25 05:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-15 20:20 - 2015-03-25 05:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-15 20:20 - 2015-03-25 05:00 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-15 20:20 - 2015-03-25 05:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-15 20:20 - 2015-03-25 05:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-15 20:20 - 2015-03-25 05:00 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 20:20 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-15 20:20 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-15 20:20 - 2015-02-25 05:03 - 00514560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-14 07:37 - 2015-04-14 07:37 - 01107968 _____ () C:\Users\Briza\Desktop\RSIT.exe
2015-04-13 16:43 - 2015-04-13 16:44 - 26510865 _____ () C:\Users\Briza\Downloads\zasilka-EKR358MVRIHN9JST.zip
2015-04-06 10:50 - 2015-04-06 10:50 - 00000000 ___SD () C:\Windows\system32\GWX
2015-04-02 16:19 - 2015-04-02 16:19 - 00063635 _____ () C:\Users\Briza\Desktop\Pokladna 2014.xlsx
2015-03-31 20:50 - 2015-03-31 20:55 - 239122443 _____ () C:\Users\Briza\Downloads\CzechRep_by_Dave_Luv_150322.zip
2015-03-31 20:50 - 2015-03-31 20:55 - 223078831 _____ () C:\Users\Briza\Downloads\CzechRep_by_Dave_Luv_Mapsource_150322.zip
2015-03-31 13:34 - 2015-03-31 13:34 - 09657337 _____ () C:\Users\Briza\Downloads\DPFDP5-6257010474-20150331-133233-1074471921-potvrzeni(1).p7s
2015-03-31 13:33 - 2015-03-31 13:34 - 04827390 _____ () C:\Users\Briza\Downloads\DPFDP5-6257010474-20150331-133233.xml
2015-03-31 13:33 - 2015-03-31 13:33 - 09657337 _____ () C:\Users\Briza\Downloads\DPFDP5-6257010474-20150331-133233-1074471921-potvrzeni.p7s
2015-03-31 13:27 - 2015-03-31 13:28 - 04827210 _____ () C:\Users\Briza\Downloads\DPFDP5-6257010474-20150331-132736-pracovni.xml
2015-03-31 13:24 - 2015-03-31 13:25 - 04827071 _____ () C:\Users\Briza\Downloads\DPFDP5-6257010474-20150331-132337-pracovni.xml
2015-03-31 13:19 - 2015-03-31 13:20 - 03867150 _____ () C:\Users\Briza\Downloads\DPFDP5-6257010474-20150331-131940-pracovni.xml
2015-03-31 13:19 - 2015-03-31 13:20 - 03867150 _____ () C:\Users\Briza\Downloads\DPFDP5-6257010474-20150331-131940-pracovni(1).xml
2015-03-31 13:04 - 2015-03-31 13:04 - 00001399 _____ () C:\Users\Briza\Downloads\DPFDP5-6257010474-20150331-130421-pracovni.xml
2015-03-30 21:59 - 2015-03-30 21:59 - 00000598 _____ () C:\Users\Briza\Downloads\DPFDP5-6257010474-20150330-204402-pracovni(1).xml
2015-03-30 20:44 - 2015-03-30 20:44 - 00000598 _____ () C:\Users\Briza\Downloads\DPFDP5-6257010474-20150330-204402-pracovni.xml
2015-03-30 20:18 - 2015-04-07 11:17 - 00000000 ____D () C:\Users\Briza\Desktop\Bodlinka_2014_daň

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-23 07:33 - 2014-02-24 09:48 - 00000000 ____D () C:\FRST
2015-04-23 06:40 - 2013-01-10 21:05 - 00000000 ____D () C:\Program Files\All History Cleaner
2015-04-23 06:39 - 2014-02-25 23:25 - 01307684 _____ () C:\Windows\WindowsUpdate.log
2015-04-23 06:37 - 2014-03-11 20:37 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-23 06:35 - 2009-07-14 06:34 - 00019984 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-23 06:35 - 2009-07-14 06:34 - 00019984 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-23 06:30 - 2014-04-01 10:58 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-23 06:30 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\inetsrv
2015-04-23 06:28 - 2012-04-26 09:57 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-04-23 06:28 - 2011-05-10 20:01 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-04-23 06:28 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-21 22:04 - 2011-05-10 20:08 - 00000000 ____D () C:\Windows\WindowsMobile
2015-04-21 07:32 - 2014-01-16 08:37 - 00000000 ____D () C:\_EKUS,dokumenty
2015-04-20 14:20 - 2014-02-23 23:15 - 00000000 ____D () C:\AdwCleaner
2015-04-20 13:32 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2015-04-20 13:30 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\AppCompat
2015-04-19 15:49 - 2011-03-10 23:07 - 00001912 _____ () C:\Windows\epplauncher.mif
2015-04-19 15:29 - 2011-12-19 19:08 - 00007679 _____ () C:\Users\Briza\AppData\Local\resmon.resmoncfg
2015-04-19 15:28 - 2013-05-27 18:04 - 00000000 ____D () C:\Windows\system32\directx
2015-04-19 14:45 - 2011-03-10 23:02 - 01689518 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-19 13:10 - 2011-05-28 12:21 - 00000000 ____D () C:\Users\Briza\AppData\Roaming\DAEMON Tools Lite
2015-04-19 13:10 - 2011-04-17 15:17 - 00000000 ____D () C:\Users\Briza\AppData\Roaming\Media Player Classic
2015-04-16 14:54 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-04-16 07:49 - 2014-12-11 08:08 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-16 07:49 - 2014-05-06 07:12 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-16 07:29 - 2013-07-18 06:38 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-16 07:08 - 2011-03-10 23:12 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-16 06:58 - 2011-08-08 23:46 - 00000000 ____D () C:\ProgramData\Skype
2015-04-15 21:37 - 2012-04-03 06:38 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-04-15 21:37 - 2011-09-26 05:24 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-04-14 07:44 - 2014-02-23 21:51 - 00000000 ____D () C:\rsit
2015-04-14 07:38 - 2013-02-25 14:41 - 00000000 ____D () C:\Program Files\trend micro
2015-04-13 21:18 - 2011-06-10 10:31 - 00008192 ___SH () C:\Users\Briza\Thumbs.db
2015-04-13 07:46 - 2011-05-15 16:09 - 00679936 ___SH () C:\Users\Briza\Documents\Thumbs.db
2015-04-12 22:49 - 2011-06-24 08:23 - 00000000 ____D () C:\Users\Briza\AppData\Roaming\vlc
2015-04-01 11:22 - 2011-03-11 00:37 - 125832184 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-28 18:03 - 2009-07-14 06:53 - 00032570 _____ () C:\Windows\Tasks\SCHEDLGU.TXT

==================== Files in the root of some directories =======

2014-10-16 19:51 - 2014-10-16 19:51 - 0012977 _____ () C:\Users\Briza\AppData\Roaming\Hodnoty oddělené tabulátory (Windows).CAL
2014-05-24 14:14 - 2015-03-05 08:43 - 0012969 _____ () C:\Users\Briza\AppData\Roaming\Hodnoty oddělené čárkami (Windows).CAL
2011-12-12 23:42 - 2014-02-28 08:32 - 0038458 _____ () C:\Users\Briza\AppData\Roaming\Microsoft Excel 97-2003.ADR
2014-02-28 08:34 - 2015-03-05 08:26 - 0012963 _____ () C:\Users\Briza\AppData\Roaming\Microsoft Excel 97-2003.CAL
2014-02-28 08:36 - 2014-02-28 08:36 - 0011439 _____ () C:\Users\Briza\AppData\Roaming\Microsoft Excel 97-2003.TSK
2012-06-07 16:44 - 2014-03-24 22:01 - 0008704 _____ () C:\Users\Briza\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-10-05 15:14 - 2011-10-05 15:14 - 0000058 _____ () C:\Users\Briza\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2011-12-19 19:08 - 2015-04-19 15:29 - 0007679 _____ () C:\Users\Briza\AppData\Local\resmon.resmoncfg
2013-08-27 09:53 - 2013-08-27 15:25 - 0010019 _____ () C:\ProgramData\hpzinstall.log
2011-12-30 21:25 - 2012-12-09 21:21 - 0000000 _____ () C:\ProgramData\LauncherAccess.dt
2011-03-11 19:54 - 2011-12-07 17:05 - 0000211 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

Some content of TEMP:
====================
C:\Users\Briza\AppData\Local\Temp\InstHelper.exe
C:\Users\Briza\AppData\Local\Temp\Quarantine.exe
C:\Users\Briza\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: ESET Smart Security 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personální firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Briza\Desktop" je 4033 MB.

***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor
"C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup
C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KeePass 2 PreLoad
"C:\Program Files\KeePass Password Safe 2\KeePass.exe" --preload [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload
C:\Program Files\Samsung\Kies\Kies.exe /preload [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSC
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvBackend
"C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ShadowPlay
C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
"C:\Program Files\Common Files\Java\Java Update\jusched.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\T-Mobile CManager
"C:\Program Files\T-Mobile\Web'n'walk Manager\Manager.exe" -autorun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Briza^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^V��ezy obrazovky a spu�t�n� aplikace OneNote 2007.lnk
C:\PROGRA~1\MICROS~3\Office12\ONENOTEM.EXE /tsr [x]

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

liceli · #26 Příspěvek od **liceli** » 23 dub 2015 06:40

Ahoj, posílám v příloze adition.zip

#27 Příspěvek od **Márty84** » 23 dub 2015 16:09

Vypnete trvale Windows Defender.

Odinstalujte McAfee Security Scan.

liceli píše:***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Briza\Desktop" je 4033 MB.

Velikost plochy by nemela presahovat 200 - 300 MB! Brzdi to chod pc. Cili ji trosku uklidte a na plochu dejte jen zastupce. Jen pozor na obcasnou chybu, ze uzivatele maji na plose slozku, v ni dalsi a v ni dalsi a do te to schovaji. To je sice hezke, ale plochu to nezmensi, jen je to v jinem supliku

Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1874530476-975385563-1636237756-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION

S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.0.285\McCHSvc.exe [234776 2012-09-05] (McAfee, Inc.)
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-03 81088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-17 107912]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-06 267440]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-17 107912]

2015-04-20 14:21 - 2015-04-20 14:21 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Briza\Desktop\mbam-setup-2.1.4.1018.exe

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KeePass 2 PreLoad" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSC" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched" /f

Hosts:
EmptyTemp:
Reboot:
End

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.

liceli · #28 Příspěvek od **liceli** » 23 dub 2015 20:58

Ahoj, posílám fixlog. Moc děkuji za pomoc. Hezký večer.

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 23-04-2015
Ran by Briza at 2015-04-23 21:42:46 Run:2
Running from C:\Users\Briza\Desktop
Loaded Profiles: Briza (Available profiles: Briza & Classic .NET AppPool & DefaultAppPool)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1874530476-975385563-1636237756-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION

S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.0.285\McCHSvc.exe [234776 2012-09-05] (McAfee, Inc.)
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-03 81088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-17 107912]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-06 267440]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-17 107912]

2015-04-20 14:21 - 2015-04-20 14:21 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Briza\Desktop\mbam-setup-2.1.4.1018.exe

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KeePass 2 PreLoad" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSC" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched" /f

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Error: (0) Failed to create a restore point.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-1874530476-975385563-1636237756-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
McComponentHostService => Service not found.
AdobeARMservice => Service stopped successfully.
AdobeARMservice => Service deleted successfully.
gupdate => Service deleted successfully.
SkypeUpdate => Service deleted successfully.
AdobeFlashPlayerUpdateSvc => Service deleted successfully.
gupdatem => Service deleted successfully.
C:\Users\Briza\Desktop\mbam-setup-2.1.4.1018.exe => Moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KeePass 2 PreLoad" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSC" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched" /f =========

Operace byla dokonźena ŁspŘçnŘ.

========= End of Reg: =========

C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 252.4 MB temporary data.

The system needed a reboot.

==== End of Fixlog 21:43:30 ====

#29 Příspěvek od **Márty84** » 24 dub 2015 09:21

Vypnete antivir, at nebrani programu v praci.

Stahnete OTM http://oldtimer.geekstogo.com/OTM.exe a ulozte nejlepe na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Do leveho okna zkopirujte tento skript (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[Purity]
[ClearAllRestorePoints]

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

Kliknete na MoveIt a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu sem dejte log, ktery na vas vyskoci, nebo bude zde C:\_OTM\MovedFiles\xxxxxxxx_xxxxxx (misto tech x budou cisla, predstavujici datum a cas spusteni)

Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

vyosek píše: DelFix https://toolslib.net/downloads/finish/2/
Stahnete a spustte

Ponechte zatrzitkou pouze u volby Remove disinfection tools

Kliknete na Run

Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)

Defragmentujte disk(y) (SSD Disky ne!)
Stahnete program Defraggler https://www.piriform.com/defraggler/download/standard
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.

Pak napiste, jak je na tom pc.

liceli · #30 Příspěvek od **liceli** » 24 dub 2015 17:36

Ahoj, posílám log z OTM:

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Briza
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 598124 bytes
->Java cache emptied: 1485436 bytes
->FireFox cache emptied: 123778067 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 876 bytes

User: Classic .NET AppPool
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: DefaultAppPool
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 120,00 mb

[EMPTYFLASH]

User: All Users

User: Briza
->Flash cache emptied: 0 bytes

User: Classic .NET AppPool

User: Default

User: Default User

User: DefaultAppPool

User: Public

Total Flash Files Cleaned = 0,00 mb

Error creating restore point.
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.

OTM by OldTimer - Version 3.1.21.0 log created on 04242015_182911

VIRY.CZ

Prosba o pomoc - zaplňuje se pevný disk

Re: Prosba o pomoc - zaplňuje se pevný disk

Re: Prosba o pomoc - zaplňuje se pevný disk

Re: Prosba o pomoc - zaplňuje se pevný disk

Re: Prosba o pomoc - zaplňuje se pevný disk

Re: Prosba o pomoc - zaplňuje se pevný disk

Re: Prosba o pomoc - zaplňuje se pevný disk

Re: Prosba o pomoc - zaplňuje se pevný disk

Re: Prosba o pomoc - zaplňuje se pevný disk

Re: Prosba o pomoc - zaplňuje se pevný disk

Re: Prosba o pomoc - zaplňuje se pevný disk

Re: Prosba o pomoc - zaplňuje se pevný disk

Re: Prosba o pomoc - zaplňuje se pevný disk

Re: Prosba o pomoc - zaplňuje se pevný disk

Re: Prosba o pomoc - zaplňuje se pevný disk

Re: Prosba o pomoc - zaplňuje se pevný disk