Padání na plochu

Zpráva

Benak150 · #1 Příspěvek od **Benak150** » 02 říj 2015 20:28

Zdravim chtěl bych prosím poradit s jedním problemém.

Hraju hry a vždy po nějakém čase mi spadne 2x hra na plochu je to docela už otravné myslel jsem že to dělají nějaké procesy od AVG ale to jsem vyměnil za aviru a stejně se to děje tak nevim jestli to dělá nějakej soubor co je někde nebo nevim.

#2 Příspěvek od **Rudy** » 02 říj 2015 20:36

Zdravím!
Toto fórum neřeší problematiku her. Můžeme zkusit PC vyčistit. Máte-li zájem, dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .

Benak150 · #3 Příspěvek od **Benak150** » 02 říj 2015 20:45

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:30-09-2015
Ran by pc (administrator) on PC-PC (02-10-2015 21:42:34)
Running from C:\Users\pc\Desktop
Loaded Profiles: pc (Available Profiles: pc)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.1.6\ToolbarUpdater.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.1.6\loggingserver.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(AVG Secure Search) C:\Program Files (x86)\AVG Web TuneUp\avgcefrend.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Microsoft Corporation) C:\Windows\System32\UI0Detect.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\ScriptHelperInstaller\40.1.6\ScriptHelper.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Akamai Technologies, Inc.) C:\Users\pc\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\pc\AppData\Local\Akamai\netsession_win.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Cm108Sound] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cm108.dll,CMICtrlWnd
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [3175312 2015-08-26] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-07-15] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-09-10] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [782520 2015-09-01] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-2735022440-3995081480-2012866059-1000\...\Run: [Akamai NetSession Interface] => C:\Users\pc\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-30] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2735022440-3995081480-2012866059-1000\...\Run: [Google Update] => C:\Users\pc\AppData\Local\Google\Update\GoogleUpdate.exe [107848 2015-02-06] (Google Inc.)
HKU\S-1-5-21-2735022440-3995081480-2012866059-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7451928 2015-03-13] (Piriform Ltd)
HKU\S-1-5-21-2735022440-3995081480-2012866059-1000\...\Run: [MK LOL] => C:\Program Files (x86)\MKJogo\MK IM\Bin\MKIM.exe [1092296 2015-06-13] ()
HKU\S-1-5-21-2735022440-3995081480-2012866059-1000\...\Run: [GoogleChromeAutoLaunch_17E89F440D584F67E92EAD2E51C3A3A4] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [815944 2015-09-24] (Google Inc.)
HKU\S-1-5-21-2735022440-3995081480-2012866059-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-12-26] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{CF511904-62D8-46A1-8967-C17EE6327A01}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKU\S-1-5-21-2735022440-3995081480-2012866059-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={37F53E74-78C5-4D1A-85BC-39ED11F12444}&mid=5c7a9be3c39e47cd8068d1509d12d84c-06ce4fc639803a2e3563922518183d8e94088cb9&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0615pi&pr=fr&d=2015-07-09 21:13:48&v=4.1.4.948&pid=wtu&sg=&sap=hp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2735022440-3995081480-2012866059-1000 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={37F53E74-78C5-4D1A-85BC-39ED11F12444}&mid=5c7a9be3c39e47cd8068d1509d12d84c-06ce4fc639803a2e3563922518183d8e94088cb9&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0715avi&pr=fr&d=2015-07-09 21:13:48&v=4.1.4.948&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2735022440-3995081480-2012866059-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={37F53E74-78C5-4D1A-85BC-39ED11F12444}&mid=5c7a9be3c39e47cd8068d1509d12d84c-06ce4fc639803a2e3563922518183d8e94088cb9&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0715avi&pr=fr&d=2015-07-09 21:13:48&v=4.1.4.948&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-05-30] (Oracle Corporation)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.1.6.294\AVG Web TuneUp.dll [2015-08-26] (AVG)
BHO-x32: AviraBrowserSafety.BrowserSafety -> {c3c77255-42c0-499f-b664-6e981a0b1647} -> C:\Windows\SysWOW64\mscoree.dll [2010-11-05] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-30] (Oracle Corporation)
Handler-x32: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - C:\Windows\SysWOW64\mscoree.dll [2010-11-05] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\rto3mv73.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-29] ()
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-29] ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.1.6\\npsitesafety.dll [No File]
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-30] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-30] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npnxgameEU.dll [2015-06-11] (Nexon)
FF Plugin-x32: @ogplanet.com/npOGPPlugin -> C:\Windows\system32\npOGPPlugin.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin HKU\S-1-5-21-2735022440-3995081480-2012866059-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\pc\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-2735022440-3995081480-2012866059-1000: @talk.google.com/O1DPlugin -> C:\Users\pc\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-2735022440-3995081480-2012866059-1000: @tools.google.com/Google Update;version=3 -> C:\Users\pc\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-2735022440-3995081480-2012866059-1000: @tools.google.com/Google Update;version=9 -> C:\Users\pc\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\pc\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\pc\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Extension: Battlefield Heroes Updater - C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\rto3mv73.default\Extensions\battlefieldheroespatcher@ea.com [2015-05-29]
FF Extension: MEGA - C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\rto3mv73.default\Extensions\firefox@mega.co.nz.xpi [2015-06-25]
FF Extension: Adblock Plus - C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\rto3mv73.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-05-31]

Chrome:
=======
CHR HomePage: Default -> hxxps://mysearch.avg.com/?rvt=1
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR NewTab: Default -> "chrome-extension://chfdnecihphmhljaaejmgoiahnihplgn/pages/newtab.html"
CHR DefaultSearchURL: Default -> hxxps://mysearch.avg.com/search?rvt=1&sap=dsp&q={searchTerms}
CHR DefaultSearchKeyword: Default -> https://mysearch.avg.com
CHR DefaultSuggestURL: Default -> hxxps://toolbar.avg.com/acp?q={searchTerms}&o=1
CHR Profile: C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-18]
CHR Extension: (Dokumenty Google) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2010-02-01]
CHR Extension: (Disk Google) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2010-02-01]
CHR Extension: (YouTube) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2010-02-01]
CHR Extension: (Battlefield Heroes) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh [2014-12-26]
CHR Extension: (Fire Dragon) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\cggmonnikkilkmkppbpjjbefmakjbcel [2015-05-21]
CHR Extension: (AVG Secure Search) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2015-07-22]
CHR Extension: (Steam inventory helper) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2015-04-07]
CHR Extension: (Vyhledávání Google) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2010-02-01]
CHR Extension: (Lounge Assistant) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\enjonnlehciedbcidabdglnnihcncbml [2015-04-07]
CHR Extension: (Tabulky Google) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-18]
CHR Extension: (Dokumenty Google offline) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-04]
CHR Extension: (AdBlock) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-08-02]
CHR Extension: (Twitch Now) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlmbdmpjmlijibeockamioakdpmhjnpk [2015-08-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-18]
CHR Extension: (Gmail) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2010-02-01]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [932912 2015-09-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [461672 2015-09-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [461672 2015-09-01] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1148688 2015-09-01] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [240872 2015-09-10] (Avira Operations GmbH & Co. KG)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [245544 2015-07-29] (EasyAntiCheat Ltd)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [8704 2015-09-02] (Hi-Rez Studios) [File not signed]
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3398544 2014-11-11] (INCA Internet Co., Ltd.)
S3 Origin Client Service; E:\Hry\Origin\OriginClientService.exe [1997168 2015-06-23] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-03-05] ()
S3 Survarium-Steam Update Service; E:\Soubory Lukáš\STEAM\steamapps\common\Survarium\game\binaries\x86\survarium_service.exe [76408 2015-04-04] ()
R2 vToolbarUpdater40.1.6; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.1.6\ToolbarUpdater.exe [1874320 2015-08-26] (AVG Secure Search)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [1205136 2015-08-26] ()

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [62152 2014-10-28] (Advanced Micro Devices, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [163544 2015-09-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141416 2015-09-01] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-09-01] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [74952 2015-09-01] (Avira Operations GmbH & Co. KG)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 X6va025; \??\C:\Windows\SysWOW64\Drivers\X6va025 [X]
S3 X6va029; \??\C:\Windows\SysWOW64\Drivers\X6va029 [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-02 21:42 - 2015-10-02 21:43 - 00018088 _____ C:\Users\pc\Desktop\FRST.txt
2015-10-02 21:42 - 2015-10-02 21:42 - 00000000 ____D C:\Users\pc\Desktop\FRST-OlderVersion
2015-10-02 16:50 - 2015-10-02 16:50 - 00003432 _____ C:\Windows\System32\Tasks\Avira Browser Safety Updater Task
2015-10-02 16:50 - 2015-10-02 16:50 - 00000000 ____D C:\Users\pc\AppData\Roaming\Avira
2015-10-02 16:48 - 2015-09-01 17:09 - 00163544 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-10-02 16:48 - 2015-09-01 17:09 - 00141416 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-10-02 16:48 - 2015-09-01 17:09 - 00074952 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2015-10-02 16:48 - 2015-09-01 17:09 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2015-10-02 16:46 - 2015-10-02 16:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-10-02 16:46 - 2015-10-02 16:46 - 00001210 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2015-10-02 16:25 - 2015-10-02 16:25 - 04559688 _____ (Avira Operations GmbH & Co. KG) C:\Users\pc\Downloads\avira_en_av_560e93839bf51__ws.exe
2015-10-01 21:15 - 2015-10-01 21:16 - 00000020 _____ C:\Users\pc\Desktop\tsko.txt
2015-09-29 19:39 - 2015-09-29 19:39 - 00000000 ____D C:\Users\pc\AppData\Roaming\Awesomium
2015-09-25 20:11 - 2015-09-25 20:11 - 00000000 ____D C:\Users\pc\Documents\FreeReign
2015-09-25 20:11 - 2015-09-25 20:11 - 00000000 ____D C:\Users\pc\AppData\Local\FreeReign
2015-09-25 20:11 - 2015-09-25 20:11 - 00000000 ____D C:\Users\pc\AppData\Local\CrashRpt
2015-09-25 18:24 - 2015-09-25 18:24 - 00000222 _____ C:\Users\pc\Desktop\Aftermath.url
2015-09-21 16:10 - 2015-09-21 16:10 - 00002866 _____ C:\Windows\System32\Tasks\{D009EFE3-4C30-430A-9303-F67D7130F3E2}
2015-09-21 16:01 - 2015-09-21 16:01 - 00000000 ____D C:\Users\pc\Downloads\SkypePortable
2015-09-18 16:44 - 2015-09-18 16:44 - 00000000 ____D C:\ProgramData\X360CE
2015-09-17 08:36 - 2015-09-17 08:36 - 00000000 ____D C:\Users\Default\AppData\Roaming\TuneUp Software
2015-09-17 08:36 - 2015-09-17 08:36 - 00000000 ____D C:\Users\Default User\AppData\Roaming\TuneUp Software
2015-09-17 07:39 - 2015-10-01 13:58 - 00003824 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1442468352
2015-09-17 07:39 - 2015-09-17 07:39 - 00001139 _____ C:\Users\Public\Desktop\Opera.lnk
2015-09-17 07:39 - 2015-09-17 07:39 - 00001139 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-09-09 15:45 - 2015-09-09 15:45 - 00000000 ____D C:\Users\pc\AppData\Local\Daybreak Game Company
2015-09-08 19:44 - 2015-09-08 19:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eden4SDE
2015-09-06 16:35 - 2015-09-06 16:35 - 00000000 ____D C:\Users\pc\AppData\Roaming\Firefly Studios
2015-09-06 16:34 - 2015-09-06 16:34 - 00000000 ____D C:\Users\pc\Documents\Stronghold Kingdoms
2015-09-04 18:39 - 2015-09-04 18:39 - 00000593 _____ C:\Users\Public\Desktop\Guild Wars 2.lnk
2015-09-04 18:39 - 2015-09-04 18:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars 2
2015-09-04 18:37 - 2015-09-13 18:31 - 00000000 ____D C:\Users\pc\AppData\Roaming\Guild Wars 2

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-02 21:42 - 2015-07-13 20:26 - 02192384 _____ (Farbar) C:\Users\pc\Desktop\FRST64.exe
2015-10-02 21:42 - 2015-07-13 20:26 - 00000000 ____D C:\FRST
2015-10-02 21:39 - 2015-01-07 16:59 - 00000000 ____D C:\Program Files (x86)\Steam
2015-10-02 21:35 - 2014-10-25 11:18 - 02042706 _____ C:\Windows\WindowsUpdate.log
2015-10-02 21:31 - 2015-01-07 17:09 - 00000000 ____D C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-10-02 21:27 - 2015-02-22 17:38 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-10-02 21:09 - 2014-12-28 21:10 - 00000000 ____D C:\Users\pc\AppData\Roaming\TS3Client
2015-10-02 21:02 - 2010-02-01 19:09 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-02 20:55 - 2015-03-03 20:25 - 00000950 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2735022440-3995081480-2012866059-1000UA.job
2015-10-02 20:45 - 2015-02-21 23:02 - 00000000 ____D C:\Users\pc\AppData\Local\Akamai
2015-10-02 16:54 - 2014-12-26 13:26 - 00000000 ____D C:\Windows\Minidump
2015-10-02 16:50 - 2015-03-18 17:43 - 00000000 ____D C:\Program Files (x86)\Avira
2015-10-02 16:50 - 2009-07-14 06:45 - 00014416 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-02 16:50 - 2009-07-14 06:45 - 00014416 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-02 16:48 - 2015-03-18 17:43 - 00000000 ____D C:\ProgramData\Avira
2015-10-02 16:46 - 2015-01-07 17:04 - 00000000 ____D C:\ProgramData\Package Cache
2015-10-02 16:42 - 2010-02-01 19:09 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-02 16:41 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-02 16:40 - 2015-07-09 21:00 - 00000000 ____D C:\ProgramData\AVG2015
2015-10-02 16:40 - 2015-05-16 14:03 - 00000000 ____D C:\Program Files (x86)\AVG
2015-10-02 16:40 - 2015-03-18 17:32 - 00000000 ____D C:\ProgramData\MFAData
2015-10-02 16:39 - 2015-07-09 21:01 - 00000000 ____D C:\Program Files\Common Files\AV
2015-10-02 16:37 - 2015-07-09 21:00 - 00000000 ___HD C:\$AVG
2015-10-02 16:25 - 2015-07-09 21:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-10-01 22:55 - 2015-03-03 20:25 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2735022440-3995081480-2012866059-1000Core.job
2015-10-01 13:58 - 2015-02-22 17:29 - 00000000 ____D C:\Program Files (x86)\Opera
2015-09-30 18:25 - 2015-05-04 22:42 - 00000000 ____D C:\Program Files (x86)\Heroes of the Storm
2015-09-30 18:24 - 2015-04-11 18:46 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2015-09-30 18:23 - 2015-04-11 18:45 - 00000000 ____D C:\Users\pc\AppData\Local\Battle.net
2015-09-30 18:23 - 2015-04-11 18:45 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-09-29 21:27 - 2015-02-22 17:38 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-09-29 21:27 - 2015-02-22 17:38 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-09-29 21:27 - 2015-01-19 17:06 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-29 19:46 - 2015-01-19 17:03 - 00000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2015-09-29 19:42 - 2015-01-19 17:07 - 00000000 ____D C:\Users\pc\Documents\My Games
2015-09-28 15:17 - 2014-12-28 21:08 - 00000000 ____D C:\Users\pc\AppData\Local\TeamSpeak 3 Client
2015-09-22 11:16 - 2014-12-24 23:46 - 00347464 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2015-09-22 11:16 - 2014-12-24 23:39 - 00347464 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2015-09-22 11:12 - 2014-12-24 23:39 - 00347464 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2015-09-21 16:44 - 2014-12-24 20:48 - 00000000 ____D C:\ProgramData\Skype
2015-09-21 16:43 - 2014-12-24 20:48 - 00000000 ____D C:\Users\pc\AppData\Roaming\Skype
2015-09-21 16:09 - 2015-05-24 16:37 - 00000000 ____D C:\Windows\system32\appmgmt
2015-09-16 22:50 - 2015-03-03 20:25 - 00003914 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2735022440-3995081480-2012866059-1000UA
2015-09-16 22:50 - 2015-03-03 20:25 - 00003518 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2735022440-3995081480-2012866059-1000Core
2015-09-15 22:57 - 2010-02-01 19:09 - 00003948 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-15 22:57 - 2010-02-01 19:09 - 00003696 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-14 15:46 - 2010-02-01 19:08 - 00000000 ____D C:\Users\pc\AppData\Local\Google
2015-09-12 11:05 - 2015-08-03 23:09 - 00000000 ___RD C:\Users\pc\Creative Cloud Files
2015-09-08 20:31 - 2015-07-14 19:34 - 00000000 ____D C:\Users\pc\Desktop\HRY
2015-09-06 16:35 - 2015-04-27 17:07 - 00000000 ____D C:\Users\pc\AppData\Local\Geckofx
2015-09-03 15:48 - 2015-07-22 07:55 - 00000000 ____D C:\ProgramData\AVG Security Toolbar

Some files in TEMP:
====================
C:\Users\pc\AppData\Local\Temp\avgnt.exe

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-10-01 14:57

==================== End of FRST.txt ============================

#4 Příspěvek od **Rudy** » 02 říj 2015 21:40

Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

Benak150 · #5 Příspěvek od **Benak150** » 03 říj 2015 09:59

# AdwCleaner v5.009 - Logfile created 03/10/2015 at 10:46:44
# Updated 27/09/2015 by Xplode
# Database : 2015-09-30.1 [Server]
# Operating system : Windows 7 Ultimate Service Pack 1 (x64)
# Username : pc - PC-PC
# Running from : C:\Users\pc\Desktop\adwcleaner_5.009.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

[-] Service Deleted : vToolbarUpdater40.1.6

***** [ Folders ] *****

[-] Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
[-] Folder Deleted : C:\ProgramData\AVG Secure Search
[-] Folder Deleted : C:\ProgramData\AVG Security Toolbar
[-] Folder Deleted : C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn

***** [ Files ] *****

[-] File Deleted : C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_chfdnecihphmhljaaejmgoiahnihplgn_0.localstorage
[-] File Deleted : C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_chfdnecihphmhljaaejmgoiahnihplgn_0.localstorage-journal

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

[-] Task Deleted : Adobe Flash Player Updater

***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
[-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[-] Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKU\.DEFAULT\Software\Avg Secure Update
[-] Key Deleted : HKCU\Software\AVG Secure Search
[-] Key Deleted : HKCU\Software\Avg Secure Update
[!] Key Not Deleted : [x64] HKCU\Software\AVG Secure Search
[!] Key Not Deleted : [x64] HKCU\Software\Avg Secure Update
[!] Key Not Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[!] Key Not Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Data Restored : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[!] Key Not Deleted : HKU\S-1-5-21-2735022440-3995081480-2012866059-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Data Restored : HKU\S-1-5-21-2735022440-3995081480-2012866059-1000\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]

***** [ Web browsers ] *****

[-] [C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : chfdnecihphmhljaaejmgoiahnihplgn

*************************

:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [4408 bytes] ##########

#6 Příspěvek od **Rudy** » 03 říj 2015 10:53

Dejte nový log FRST.

Benak150 · #7 Příspěvek od **Benak150** » 03 říj 2015 12:37

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:03-10-2015
Ran by pc (administrator) on PC-PC (03-10-2015 13:28:55)
Running from C:\Users\pc\Desktop
Loaded Profiles: pc (Available Profiles: pc)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Akamai Technologies, Inc.) C:\Users\pc\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\pc\AppData\Local\Akamai\netsession_win.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Cm108Sound] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cm108.dll,CMICtrlWnd
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-07-15] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-09-10] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [782520 2015-09-01] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-2735022440-3995081480-2012866059-1000\...\Run: [Akamai NetSession Interface] => C:\Users\pc\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-30] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2735022440-3995081480-2012866059-1000\...\Run: [Google Update] => C:\Users\pc\AppData\Local\Google\Update\GoogleUpdate.exe [107848 2015-02-06] (Google Inc.)
HKU\S-1-5-21-2735022440-3995081480-2012866059-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7451928 2015-03-13] (Piriform Ltd)
HKU\S-1-5-21-2735022440-3995081480-2012866059-1000\...\Run: [MK LOL] => C:\Program Files (x86)\MKJogo\MK IM\Bin\MKIM.exe [1092296 2015-06-13] ()
HKU\S-1-5-21-2735022440-3995081480-2012866059-1000\...\Run: [GoogleChromeAutoLaunch_17E89F440D584F67E92EAD2E51C3A3A4] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [815944 2015-09-24] (Google Inc.)
HKU\S-1-5-21-2735022440-3995081480-2012866059-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-12-26] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{CF511904-62D8-46A1-8967-C17EE6327A01}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKU\S-1-5-21-2735022440-3995081480-2012866059-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={37F53E74-78C5-4D1A-85BC-39ED11F12444}&mid=5c7a9be3c39e47cd8068d1509d12d84c-06ce4fc639803a2e3563922518183d8e94088cb9&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0615pi&pr=fr&d=2015-07-09 21:13:48&v=4.1.4.948&pid=wtu&sg=&sap=hp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-05-30] (Oracle Corporation)
BHO-x32: AviraBrowserSafety.BrowserSafety -> {c3c77255-42c0-499f-b664-6e981a0b1647} -> C:\Windows\SysWOW64\mscoree.dll [2010-11-05] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-30] (Oracle Corporation)
Handler-x32: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - C:\Windows\SysWOW64\mscoree.dll [2010-11-05] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\rto3mv73.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-29] ()
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-29] ()
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-30] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-30] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npnxgameEU.dll [2015-06-11] (Nexon)
FF Plugin-x32: @ogplanet.com/npOGPPlugin -> C:\Windows\system32\npOGPPlugin.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin HKU\S-1-5-21-2735022440-3995081480-2012866059-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\pc\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-2735022440-3995081480-2012866059-1000: @talk.google.com/O1DPlugin -> C:\Users\pc\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-2735022440-3995081480-2012866059-1000: @tools.google.com/Google Update;version=3 -> C:\Users\pc\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-2735022440-3995081480-2012866059-1000: @tools.google.com/Google Update;version=9 -> C:\Users\pc\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\pc\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\pc\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Extension: Battlefield Heroes Updater - C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\rto3mv73.default\Extensions\battlefieldheroespatcher@ea.com [2015-05-29]
FF Extension: MEGA - C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\rto3mv73.default\Extensions\firefox@mega.co.nz.xpi [2015-06-25]
FF Extension: Adblock Plus - C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\rto3mv73.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-05-31]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-18]
CHR Extension: (Dokumenty Google) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2010-02-01]
CHR Extension: (Disk Google) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2010-02-01]
CHR Extension: (YouTube) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2010-02-01]
CHR Extension: (Battlefield Heroes) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh [2014-12-26]
CHR Extension: (Fire Dragon) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\cggmonnikkilkmkppbpjjbefmakjbcel [2015-05-21]
CHR Extension: (Steam inventory helper) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2015-04-07]
CHR Extension: (Vyhledávání Google) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2010-02-01]
CHR Extension: (Lounge Assistant) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\enjonnlehciedbcidabdglnnihcncbml [2015-04-07]
CHR Extension: (Tabulky Google) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-18]
CHR Extension: (Dokumenty Google offline) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-04]
CHR Extension: (AdBlock) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-08-02]
CHR Extension: (Twitch Now) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlmbdmpjmlijibeockamioakdpmhjnpk [2015-08-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-18]
CHR Extension: (Gmail) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2010-02-01]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [932912 2015-09-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [461672 2015-09-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [461672 2015-09-01] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1148688 2015-09-01] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [240872 2015-09-10] (Avira Operations GmbH & Co. KG)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [245544 2015-07-29] (EasyAntiCheat Ltd)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [8704 2015-09-02] (Hi-Rez Studios) [File not signed]
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3398544 2014-11-11] (INCA Internet Co., Ltd.)
S3 Origin Client Service; E:\Hry\Origin\OriginClientService.exe [1997168 2015-06-23] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-03-05] ()
S3 Survarium-Steam Update Service; E:\Soubory Lukáš\STEAM\steamapps\common\Survarium\game\binaries\x86\survarium_service.exe [76408 2015-04-04] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [1205136 2015-08-26] ()

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [62152 2014-10-28] (Advanced Micro Devices, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [163544 2015-09-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141416 2015-09-01] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-09-01] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [74952 2015-09-01] (Avira Operations GmbH & Co. KG)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 X6va025; \??\C:\Windows\SysWOW64\Drivers\X6va025 [X]
S3 X6va029; \??\C:\Windows\SysWOW64\Drivers\X6va029 [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-03 13:28 - 2015-10-03 13:29 - 00015595 _____ C:\Users\pc\Desktop\FRST.txt
2015-10-03 13:28 - 2015-10-03 13:28 - 00000000 ____D C:\Users\pc\Desktop\FRST-OlderVersion
2015-10-03 10:38 - 2015-10-03 10:38 - 01670656 _____ C:\Users\pc\Desktop\adwcleaner_5.009.exe
2015-10-03 10:19 - 2015-10-03 10:48 - 00000112 _____ C:\Windows\setupact.log
2015-10-03 10:19 - 2015-10-03 10:19 - 00136314 _____ C:\Windows\PFRO.log
2015-10-03 10:19 - 2015-10-03 10:19 - 00000000 _____ C:\Windows\setuperr.log
2015-10-02 16:50 - 2015-10-02 16:50 - 00003432 _____ C:\Windows\System32\Tasks\Avira Browser Safety Updater Task
2015-10-02 16:50 - 2015-10-02 16:50 - 00000000 ____D C:\Users\pc\AppData\Roaming\Avira
2015-10-02 16:48 - 2015-09-01 17:09 - 00163544 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-10-02 16:48 - 2015-09-01 17:09 - 00141416 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-10-02 16:48 - 2015-09-01 17:09 - 00074952 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2015-10-02 16:48 - 2015-09-01 17:09 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2015-10-02 16:46 - 2015-10-02 16:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-10-02 16:46 - 2015-10-02 16:46 - 00001210 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2015-10-02 16:25 - 2015-10-02 16:25 - 04559688 _____ (Avira Operations GmbH & Co. KG) C:\Users\pc\Downloads\avira_en_av_560e93839bf51__ws.exe
2015-10-01 21:15 - 2015-10-01 21:16 - 00000020 _____ C:\Users\pc\Desktop\tsko.txt
2015-09-29 19:39 - 2015-09-29 19:39 - 00000000 ____D C:\Users\pc\AppData\Roaming\Awesomium
2015-09-25 20:11 - 2015-09-25 20:11 - 00000000 ____D C:\Users\pc\Documents\FreeReign
2015-09-25 20:11 - 2015-09-25 20:11 - 00000000 ____D C:\Users\pc\AppData\Local\FreeReign
2015-09-25 20:11 - 2015-09-25 20:11 - 00000000 ____D C:\Users\pc\AppData\Local\CrashRpt
2015-09-25 18:24 - 2015-09-25 18:24 - 00000222 _____ C:\Users\pc\Desktop\Aftermath.url
2015-09-21 16:10 - 2015-09-21 16:10 - 00002866 _____ C:\Windows\System32\Tasks\{D009EFE3-4C30-430A-9303-F67D7130F3E2}
2015-09-21 16:01 - 2015-09-21 16:01 - 00000000 ____D C:\Users\pc\Downloads\SkypePortable
2015-09-18 16:44 - 2015-09-18 16:44 - 00000000 ____D C:\ProgramData\X360CE
2015-09-17 08:36 - 2015-09-17 08:36 - 00000000 ____D C:\Users\Default\AppData\Roaming\TuneUp Software
2015-09-17 08:36 - 2015-09-17 08:36 - 00000000 ____D C:\Users\Default User\AppData\Roaming\TuneUp Software
2015-09-17 07:39 - 2015-10-01 13:58 - 00003824 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1442468352
2015-09-17 07:39 - 2015-09-17 07:39 - 00001139 _____ C:\Users\Public\Desktop\Opera.lnk
2015-09-17 07:39 - 2015-09-17 07:39 - 00001139 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-09-09 15:45 - 2015-09-09 15:50 - 00000000 ____D C:\Users\pc\AppData\LocalLow\Daybreak Game Company
2015-09-09 15:45 - 2015-09-09 15:45 - 00000000 ____D C:\Users\pc\AppData\Local\Daybreak Game Company
2015-09-08 19:44 - 2015-09-08 19:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eden4SDE
2015-09-06 16:35 - 2015-09-06 16:35 - 00000000 ____D C:\Users\pc\AppData\Roaming\Firefly Studios
2015-09-06 16:34 - 2015-09-06 16:34 - 00000000 ____D C:\Users\pc\Documents\Stronghold Kingdoms
2015-09-04 18:39 - 2015-09-04 18:39 - 00000593 _____ C:\Users\Public\Desktop\Guild Wars 2.lnk
2015-09-04 18:39 - 2015-09-04 18:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars 2
2015-09-04 18:37 - 2015-09-13 18:31 - 00000000 ____D C:\Users\pc\AppData\Roaming\Guild Wars 2

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-03 13:28 - 2015-07-13 20:26 - 02193408 _____ (Farbar) C:\Users\pc\Desktop\FRST64.exe
2015-10-03 13:28 - 2015-07-13 20:26 - 00000000 ____D C:\FRST
2015-10-03 13:12 - 2014-10-25 11:18 - 01056938 _____ C:\Windows\WindowsUpdate.log
2015-10-03 13:02 - 2010-02-01 19:09 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-03 12:55 - 2015-03-03 20:25 - 00000950 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2735022440-3995081480-2012866059-1000UA.job
2015-10-03 11:12 - 2015-01-07 16:59 - 00000000 ____D C:\Program Files (x86)\Steam
2015-10-03 10:58 - 2009-07-14 06:45 - 00014416 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-03 10:58 - 2009-07-14 06:45 - 00014416 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-03 10:49 - 2010-02-01 19:09 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-03 10:49 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-03 10:46 - 2015-07-14 18:52 - 00000000 ____D C:\AdwCleaner
2015-10-03 10:24 - 2015-02-21 23:02 - 00000000 ____D C:\Users\pc\AppData\Local\Akamai
2015-10-03 01:40 - 2014-12-28 21:10 - 00000000 ____D C:\Users\pc\AppData\Roaming\TS3Client
2015-10-02 22:55 - 2015-03-03 20:25 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2735022440-3995081480-2012866059-1000Core.job
2015-10-02 21:31 - 2015-01-07 17:09 - 00000000 ____D C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-10-02 16:54 - 2014-12-26 13:26 - 00000000 ____D C:\Windows\Minidump
2015-10-02 16:50 - 2015-03-18 17:43 - 00000000 ____D C:\Program Files (x86)\Avira
2015-10-02 16:48 - 2015-03-18 17:43 - 00000000 ____D C:\ProgramData\Avira
2015-10-02 16:46 - 2015-01-07 17:04 - 00000000 ____D C:\ProgramData\Package Cache
2015-10-02 16:40 - 2015-07-09 21:00 - 00000000 ____D C:\ProgramData\AVG2015
2015-10-02 16:40 - 2015-05-16 14:03 - 00000000 ____D C:\Program Files (x86)\AVG
2015-10-02 16:40 - 2015-03-18 17:32 - 00000000 ____D C:\ProgramData\MFAData
2015-10-02 16:39 - 2015-07-09 21:01 - 00000000 ____D C:\Program Files\Common Files\AV
2015-10-02 16:37 - 2015-07-09 21:00 - 00000000 ___HD C:\$AVG
2015-10-02 16:25 - 2015-07-09 21:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-10-01 13:58 - 2015-02-22 17:29 - 00000000 ____D C:\Program Files (x86)\Opera
2015-09-30 18:25 - 2015-05-04 22:42 - 00000000 ____D C:\Program Files (x86)\Heroes of the Storm
2015-09-30 18:24 - 2015-04-11 18:46 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2015-09-30 18:23 - 2015-04-11 18:45 - 00000000 ____D C:\Users\pc\AppData\Local\Battle.net
2015-09-30 18:23 - 2015-04-11 18:45 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-09-29 21:27 - 2015-02-22 17:38 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-09-29 21:27 - 2015-01-19 17:06 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-29 19:46 - 2015-01-19 17:03 - 00000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2015-09-29 19:42 - 2015-01-19 17:07 - 00000000 ____D C:\Users\pc\Documents\My Games
2015-09-28 15:17 - 2014-12-28 21:08 - 00000000 ____D C:\Users\pc\AppData\Local\TeamSpeak 3 Client
2015-09-22 11:16 - 2014-12-24 23:46 - 00347464 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2015-09-22 11:16 - 2014-12-24 23:39 - 00347464 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2015-09-22 11:12 - 2014-12-24 23:39 - 00347464 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2015-09-21 16:44 - 2014-12-24 20:48 - 00000000 ____D C:\ProgramData\Skype
2015-09-21 16:43 - 2014-12-24 20:48 - 00000000 ____D C:\Users\pc\AppData\Roaming\Skype
2015-09-21 16:09 - 2015-05-24 16:37 - 00000000 ____D C:\Windows\system32\appmgmt
2015-09-16 22:50 - 2015-03-03 20:25 - 00003914 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2735022440-3995081480-2012866059-1000UA
2015-09-16 22:50 - 2015-03-03 20:25 - 00003518 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2735022440-3995081480-2012866059-1000Core
2015-09-15 22:57 - 2010-02-01 19:09 - 00003948 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-15 22:57 - 2010-02-01 19:09 - 00003696 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-14 15:46 - 2010-02-01 19:08 - 00000000 ____D C:\Users\pc\AppData\Local\Google
2015-09-12 11:05 - 2015-08-03 23:09 - 00000000 ___RD C:\Users\pc\Creative Cloud Files
2015-09-08 20:31 - 2015-07-14 19:34 - 00000000 ____D C:\Users\pc\Desktop\HRY
2015-09-06 16:35 - 2015-04-27 17:07 - 00000000 ____D C:\Users\pc\AppData\Local\Geckofx

Some files in TEMP:
====================
C:\Users\pc\AppData\Local\Temp\avgnt.exe
C:\Users\pc\AppData\Local\Temp\Quarantine.exe
C:\Users\pc\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-10-01 14:57

==================== End of FRST.txt ============================

#8 Příspěvek od **Rudy** » 03 říj 2015 15:31

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKU\S-1-5-21-2735022440-3995081480-2012866059-1000\...\Run: [Akamai NetSession Interface] => C:\Users\pc\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-30] (Akamai Technologies, Inc.)
C:\Users\pc\AppData\Local\Akamai
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-12-26] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
HKU\S-1-5-21-2735022440-3995081480-2012866059-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={37F53E74-78C5-4D1A-85BC-39ED11F12444}&mid=5c7a9be3c39e47cd8068d1509d12d84c-06ce4fc639803a2e3563922518183d8e94088cb9&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0615pi&pr=fr&d=2015-07-09 21:13:48&v=4.1.4.948&pid=wtu&sg=&sap=hp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @ogplanet.com/npOGPPlugin -> C:\Windows\system32\npOGPPlugin.dll [No File]
S3 X6va025; \??\C:\Windows\SysWOW64\Drivers\X6va025 [X]
S3 X6va029; \??\C:\Windows\SysWOW64\Drivers\X6va029 [X]
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2735022440-3995081480-2012866059-1000UA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2735022440-3995081480-2012866059-1000Core.job
C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2735022440-3995081480-2012866059-1000UA
C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2735022440-3995081480-2012866059-1000Core
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\pc\AppData\Local\Temp
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Benak150 · #9 Příspěvek od **Benak150** » 03 říj 2015 18:10

Fix result of Farbar Recovery Scan Tool (x64) Version:03-10-2015
Ran by pc (2015-10-03 19:02:59) Run:1
Running from C:\Users\pc\Desktop
Loaded Profiles: pc (Available Profiles: pc)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKU\S-1-5-21-2735022440-3995081480-2012866059-1000\...\Run: [Akamai NetSession Interface] => C:\Users\pc\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-30] (Akamai Technologies, Inc.)
C:\Users\pc\AppData\Local\Akamai
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-12-26] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
HKU\S-1-5-21-2735022440-3995081480-2012866059-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={37F53E74-78C5-4D1A-85BC-39ED11F12444}&mid=5c7a9be3c39e47cd8068d1509d12d84c-06ce4fc639803a2e3563922518183d8e94088cb9&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0615pi&pr=fr&d=2015-07-09 21:13:48&v=4.1.4.948&pid=wtu&sg=&sap=hp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @ogplanet.com/npOGPPlugin -> C:\Windows\system32\npOGPPlugin.dll [No File]
S3 X6va025; \??\C:\Windows\SysWOW64\Drivers\X6va025 [X]
S3 X6va029; \??\C:\Windows\SysWOW64\Drivers\X6va029 [X]
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2735022440-3995081480-2012866059-1000UA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2735022440-3995081480-2012866059-1000Core.job
C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2735022440-3995081480-2012866059-1000UA
C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2735022440-3995081480-2012866059-1000Core
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\pc\AppData\Local\Temp
End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKU\S-1-5-21-2735022440-3995081480-2012866059-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Akamai NetSession Interface => value removed successfully

"C:\Users\pc\AppData\Local\Akamai" folder move:

Could not move "C:\Users\pc\AppData\Local\Akamai" => Scheduled to move on reboot.

HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SPReview => value removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => key removed successfully
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found.
HKU\S-1-5-21-2735022440-3995081480-2012866059-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@ogplanet.com/npOGPPlugin" => key removed successfully
X6va025 => service removed successfully
X6va029 => service removed successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2735022440-3995081480-2012866059-1000UA.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2735022440-3995081480-2012866059-1000Core.job => moved successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2735022440-3995081480-2012866059-1000UA => moved successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2735022440-3995081480-2012866059-1000Core => moved successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully

"C:\Users\pc\AppData\Local\Temp" folder move:

Could not move "C:\Users\pc\AppData\Local\Temp" => Scheduled to move on reboot.

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-10-03 19:05:06)

C:\Users\pc\AppData\Local\Akamai => Is moved successfully
C:\Users\pc\AppData\Local\Temp => moved successfully

==== End of Fixlog 19:05:06 ====

#10 Příspěvek od **Rudy** » 03 říj 2015 19:06

Smazáno. Nastala nějaká změna?

VIRY.CZ

Padání na plochu

Padání na plochu

Re: Padání na plochu

Re: Padání na plochu

Re: Padání na plochu

Re: Padání na plochu

Re: Padání na plochu

Re: Padání na plochu

Re: Padání na plochu

Re: Padání na plochu

Re: Padání na plochu