Preventivní kontrola

Zpráva

Bonaparte · #1 Příspěvek od **Bonaparte** » 07 čer 2016 18:52

Dobry den, chtel bych se prosimvas zeptat jestli bych zde nenasel nekoho hodneho co by me navedl jak spravne zkontrolovat a vymazat viry a take smazat ruzne zbytecnosti co zpomaluji pocitac, atp. ? Dlouho jsem pocitac neudrzoval a neprojizdel antivirama,atp. Jedine co pouzivam pravidelne je ccleaner. Momentalne delam fragmentaci disku pomoci O&O Defrag.. avsak na nejake slozitejsi veci si netroufam, protoze vim co to dokaze kdyz se postupuje nespravne a nerad bych ztratil data co tu mam v tom pocitaci.

#2 Příspěvek od **Rudy** » 07 čer 2016 19:20

Zdravím!
Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .

Bonaparte · #3 Příspěvek od **Bonaparte** » 07 čer 2016 20:12

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-06-2016
Ran by Michal (administrator) on MICHAL-PC (07-06-2016 21:04:47)
Running from C:\Users\Michal\Desktop
Loaded Profiles: Michal (Available Profiles: Michal)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodag.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cnext.exe
(Stardock Corporation) C:\Program Files (x86)\Stardock\CursorFX\CursorFX.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Logitech Inc.) C:\Program Files\Logitech\SetPoint II\SetPointII.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Opera Software) C:\Program Files (x86)\Opera\37.0.2178.54\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\37.0.2178.54\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\37.0.2178.54\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\37.0.2178.54\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\37.0.2178.54\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\37.0.2178.54\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\37.0.2178.54\opera.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
(forum.viry.cz) C:\Users\Michal\Desktop\FRSTLauncher (1).exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11905128 2011-06-28] (Realtek Semiconductor)
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] => C:\Windows\KHALMNPR.EXE [130576 2009-06-17] (Logitech, Inc.)
HKLM\...\Run: [itype] => c:\Program Files\Microsoft IntelliType Pro\itype.exe [1873256 2011-08-10] (Microsoft Corporation)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\cnext.exe [4859592 2015-11-18] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-05-19] (Intel Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [814608 2016-05-17] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [129272 2015-03-16] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-3622263592-3081926274-2433498376-1000\...\Run: [CursorFX] => C:\Program Files (x86)\Stardock\CursorFX\CursorFX.exe [417280 2010-03-23] (Stardock Corporation)
HKU\S-1-5-21-3622263592-3081926274-2433498376-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8418584 2015-07-17] (Piriform Ltd)
HKU\S-1-5-21-3622263592-3081926274-2433498376-1000\...\MountPoints2: E - E:\vs_professional.exe
HKU\S-1-5-21-3622263592-3081926274-2433498376-1000\...\MountPoints2: {93a38258-7570-11e3-a211-c860006e8f76} - E:\vs_professional.exe
HKU\S-1-5-21-3622263592-3081926274-2433498376-1000\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\O&O Defrag Tray.lnk [2016-05-24]
ShortcutTarget: O&O Defrag Tray.lnk -> C:\Windows\Installer\{10F2471C-34AD-4C33-9F92-039B8BC44AC0}\app_icon.ico ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SetPointII.lnk [2013-10-04]
ShortcutTarget: SetPointII.lnk -> C:\Program Files\Logitech\SetPoint II\SetPointII.exe (Logitech Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 213.46.172.36
Tcpip\..\Interfaces\{C6E4721E-4483-444B-A233-B55E77F18901}: [DhcpNameServer] 192.168.1.1 213.46.172.36

Internet Explorer:
==================
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3622263592-3081926274-2433498376-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3622263592-3081926274-2433498376-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3622263592-3081926274-2433498376-1000 -> {96DE3221-5E5A-41C7-ADB4-8F71410AF7B7} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-13] (Advanced Micro Devices)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-13] (Advanced Micro Devices)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-12-07] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-12-07] (Oracle Corporation)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-13] ()
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-13] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1221171.dll [2015-10-19] (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-07-17] (DivX, LLC)
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-12-07] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-12-07] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
FF Plugin-x32: @t.garena.com/garenatalk -> C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-05-08] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3622263592-3081926274-2433498376-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Michal\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-02] (Unity Technologies ApS)

Chrome:
=======
CHR Profile: C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-11]
CHR Extension: (Disk Google) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-14]
CHR Extension: (YouTube) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-19]
CHR Extension: (Vyhledávání Google) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-27]
CHR Extension: (Dokumenty Google offline) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-25]
CHR Extension: (AdBlock) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-10-19]
CHR Extension: (Shortcut Manager) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgjjeipcdnnjhgodgjpfkffcejoljijf [2015-02-24]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-19]
CHR Extension: (Gmail) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-27]

Opera:
=======
OPR Extension: (AdBlock) - C:\Users\Michal\AppData\Roaming\Opera Software\Opera Stable\Extensions\aobdicepooefnbaeokijohmhjlleamfj [2016-05-16]
StartMenuInternet: (HKLM) Opera - C:\Program Files\Opera x64\Opera.exe

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [970656 2016-05-17] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [467016 2016-05-17] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [467016 2016-05-17] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1435704 2016-05-17] (Avira Operations GmbH & Co. KG)
S2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [201008 2015-03-16] (Avira Operations GmbH & Co. KG)
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [15768 2010-02-03] (Microsoft Corporation)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [245544 2016-01-04] (EasyAntiCheat Ltd)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2013-08-22] (Microsoft Corporation) [File not signed]
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [3636936 2016-02-15] (O&O Software GmbH)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2014-11-10] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-01-14] ()
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-05] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [154816 2016-03-10] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141920 2016-05-17] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-07-02] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [79696 2016-05-17] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-01-05] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2011-10-24] (Huawei Technologies Co., Ltd.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-11-02] (Anchorfree Inc.)
S3 BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [X]
S1 HssDRV6; system32\DRIVERS\hssdrv6.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-06-07 21:04 - 2016-06-07 21:05 - 00015935 _____ C:\Users\Michal\Desktop\FRST.txt
2016-06-07 21:04 - 2016-06-07 21:04 - 00000000 ____D C:\FRST
2016-06-07 21:02 - 2016-06-07 21:02 - 00112640 _____ (forum.viry.cz) C:\Users\Michal\Desktop\FRSTLauncher (1).exe
2016-06-07 20:57 - 2016-06-07 20:57 - 02385408 _____ (Farbar) C:\Users\Michal\Desktop\FRST64.exe
2016-06-05 10:22 - 2016-06-06 16:02 - 00000000 ____D C:\Users\Michal\Desktop\Mp3 hudba
2016-06-03 13:40 - 2016-06-05 20:36 - 00000492 _____ C:\Users\Michal\Desktop\audi S4, A4.txt
2016-05-25 11:26 - 2016-05-25 11:26 - 00001473 _____ C:\Windows\system32\oodbs.lor
2016-05-24 12:30 - 2016-06-07 20:53 - 00000000 ____D C:\Windows\system32\oodag
2016-05-24 12:30 - 2016-05-24 12:30 - 00000000 ____D C:\Users\Michal\AppData\Local\O&O
2016-05-24 12:29 - 2016-05-24 12:29 - 00002497 _____ C:\Users\Public\Desktop\O&O Defrag.lnk
2016-05-24 12:29 - 2016-05-24 12:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\O&O Software
2016-05-24 12:29 - 2016-05-24 12:29 - 00000000 ____D C:\Program Files\OO Software
2016-05-24 12:28 - 2016-05-24 12:28 - 00000000 ____D C:\ProgramData\OO Software
2016-05-23 23:01 - 2016-06-07 20:57 - 00000000 ____D C:\Users\Michal\Desktop\obrázky
2016-05-23 10:55 - 2016-06-07 21:02 - 00000000 ____D C:\Users\Michal\Desktop\sr
2016-05-10 11:01 - 2016-06-05 10:24 - 00000000 ____D C:\Users\Michal\Desktop\mobil hudba

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-06-07 21:02 - 2013-10-04 11:04 - 00000000 ____D C:\Users\Michal\Desktop\Stažené
2016-06-07 20:51 - 2015-05-16 01:12 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-07 20:15 - 2014-12-27 14:53 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-06-07 19:59 - 2013-12-12 21:38 - 00000000 ____D C:\Users\Michal\AppData\Roaming\Skype
2016-06-07 14:27 - 2013-11-07 16:18 - 00000000 ____D C:\Users\Michal\AppData\Roaming\TS3Client
2016-06-07 10:13 - 2009-07-14 06:45 - 00021888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-06-07 10:13 - 2009-07-14 06:45 - 00021888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-06-07 10:09 - 2016-05-07 05:32 - 00000000 ____D C:\Users\Michal\Downloads\Gameforge Live
2016-06-07 10:05 - 2015-05-16 01:12 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-07 10:04 - 2015-02-15 01:45 - 00000360 _____ C:\Windows\Tasks\DriverToolkit Autorun.job
2016-06-07 10:04 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-05 00:01 - 2014-12-27 14:53 - 00000892 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-06-03 13:23 - 2014-06-01 18:26 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-06-03 13:23 - 2013-12-12 21:38 - 00000000 ____D C:\ProgramData\Skype
2016-06-01 18:22 - 2015-02-24 08:38 - 00003848 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1424759933
2016-06-01 18:22 - 2013-10-17 21:09 - 00000000 ____D C:\Program Files (x86)\Opera
2016-05-31 23:40 - 2015-02-13 17:05 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-05-28 23:56 - 2015-10-04 12:37 - 00000000 ____D C:\Users\Michal\Desktop\fotky
2016-05-24 12:23 - 2016-03-21 12:31 - 00000000 ____D C:\Users\Michal\Desktop\mobil
2016-05-23 23:21 - 2013-11-05 00:26 - 00000000 ____D C:\Users\Michal\Desktop\Cisteni pc
2016-05-23 23:20 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-05-23 23:19 - 2013-10-04 16:03 - 00000000 ____D C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2016-05-23 23:18 - 2015-10-31 21:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hry
2016-05-23 23:18 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-05-23 23:17 - 2013-10-04 11:04 - 00000000 ____D C:\Users\Michal\Desktop\Extrah
2016-05-17 15:45 - 2016-05-07 05:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
2016-05-17 15:45 - 2016-05-07 05:31 - 00000000 ____D C:\Program Files (x86)\GameforgeLive
2016-05-17 10:38 - 2014-07-20 23:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-05-17 10:37 - 2014-07-20 23:28 - 00141920 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2016-05-17 10:37 - 2014-07-20 23:28 - 00079696 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2016-05-13 11:15 - 2014-12-27 14:53 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-05-13 11:15 - 2014-12-27 14:53 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-05-13 11:15 - 2014-12-27 14:53 - 00003890 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-05-13 11:15 - 2014-12-27 14:53 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-05-13 06:56 - 2013-10-04 09:34 - 00002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-05-11 05:45 - 2015-05-16 01:12 - 00003948 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-05-11 05:45 - 2015-05-16 01:12 - 00003696 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-05-10 11:03 - 2011-04-12 10:34 - 00677618 _____ C:\Windows\system32\perfh005.dat
2016-05-10 11:03 - 2011-04-12 10:34 - 00146516 _____ C:\Windows\system32\perfc005.dat
2016-05-10 11:03 - 2009-07-14 07:13 - 01612072 _____ C:\Windows\system32\PerfStringBackup.INI

==================== Files in the root of some directories =======

2015-11-08 13:36 - 2015-11-08 14:10 - 0000114 _____ () C:\Users\Michal\AppData\Roaming\Camdata.ini
2015-11-08 13:36 - 2015-11-08 14:10 - 0000408 _____ () C:\Users\Michal\AppData\Roaming\CamLayout.ini
2015-11-08 13:36 - 2015-11-08 14:10 - 0000408 _____ () C:\Users\Michal\AppData\Roaming\CamShapes.ini
2015-11-08 13:36 - 2015-11-08 14:10 - 0004519 _____ () C:\Users\Michal\AppData\Roaming\CamStudio.cfg
2015-02-17 05:11 - 2015-02-17 05:11 - 0009878 _____ () C:\Users\Michal\AppData\Roaming\msfleyr.dat
2014-06-29 21:08 - 2014-06-30 00:56 - 0000058 _____ () C:\Users\Michal\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2013-10-15 01:24 - 2013-10-15 01:24 - 0000094 _____ () C:\Users\Michal\AppData\Local\fusioncache.dat
2014-08-24 23:49 - 2014-08-24 23:49 - 0000000 ___SH () C:\Users\Michal\AppData\Local\LumaEmu
2015-11-04 23:13 - 2015-09-05 23:13 - 0000032 ____R () C:\ProgramData\hash.dat

Files to move or delete:
====================
C:\ProgramData\hash.dat

Some files in TEMP:
====================
C:\Users\Michal\AppData\Local\Temp\avgnt.exe

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_21_0_0_242_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DriverToolkit Autorun.job => C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Michal\Desktop" je 36784 MB.

***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlueStacks Agent
C:\Program Files (x86)\BlueStacks\HD-Agent.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring
"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXMediaServer
C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate
"C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Flvto YouTube Downloader
"\FlvtoYoutubeDownloader.exe" /minimize [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray
C:\Program Files\OO Software\Defrag\oodtray.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando Media Booster
C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Raptr
"C:\Program Files (x86)\Raptr\raptrstub.exe" --startup [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam
"C:\Program Files (x86)\Steam\steam.exe" -silent [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent
"C:\Users\Michal\AppData\Roaming\uTorrent\utorrent.exe" /MINIMIZED [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^LOLRecorder.lnk
C:\PROGRA~2\LOLREP~1\LOLREC~1.EXE [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Michal^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Registrace produktu.lnk

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

#4 Příspěvek od **Rudy** » 07 čer 2016 20:40

Teď spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

Bonaparte · #5 Příspěvek od **Bonaparte** » 07 čer 2016 22:18

# AdwCleaner v5.119 - Log vytvořen 07/06/2016 v 23:13:19
# Aktualizováno 30/05/2016 by Xplode
# Databáze : 2016-06-07.1 [Server]
# Operační system : Windows 7 Home Premium Service Pack 1 (X64)
# Uživatelské jméno : Michal - MICHAL-PC
# Spuštěno z : C:\Users\Michal\Desktop\adwcleaner_5.119.exe
# Nastavení : Čištění
# Podpora : http://toolslib.net/forum

***** [ Služby ] *****

***** [ Složky ] *****

[-] Složka Smazáno : C:\Users\Michal\AppData\Local\12729
[-] Složka Smazáno : C:\Users\Michal\AppData\Local\13957

***** [ Soubory ] *****

[-] Soubor Smazáno : C:\Windows\SysWOW64\lavasofttcpservice.dll
[-] Soubor Smazáno : C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini
[-] Soubor Smazáno : C:\Windows\SysNative\LavasoftTcpService64.dll
[-] Soubor Smazáno : C:\Windows\SysNative\LavasoftTcpServiceOff.ini

***** [ DLLs ] *****

***** [ WMI ] *****

***** [ Zástupci ] *****

***** [ Naplánované úlohy ] *****

[-] Úloha Smazáno : DRIVERTOOLKIT AUTORUN

***** [ Registry ] *****

[-] Hodnota Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION [HD-V1.9-bg.exe]
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Applications\iLividSetup-r484-n-bc (2).exe
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Applications\iLividSetup-r484-n-bc.exe
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{A8F7D0A5-7074-40B8-9BDC-1174BDD0A132}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{59D188FA-757A-424E-8C93-F58FFD896BD7}
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Hodnota Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
[-] Klíč Smazáno : HKCU\Software\Conduit
[-] Klíč Smazáno : HKLM\SOFTWARE\Lavasoft\Web Companion

***** [ Prohlížeče ] *****

[-] [C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Smazáno : oiokahphinmbmakkehgelkmpolmnbkdh

*************************

:: "Tracing" klíče smazány
:: Nastavení Winsock vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [2328 bytů] - [07/06/2016 23:13:19]
C:\AdwCleaner\AdwCleaner[R2].txt - [1358 bytů] - [21/02/2015 02:19:50]
C:\AdwCleaner\AdwCleaner[S1].txt - [2535 bytů] - [07/06/2016 23:11:56]
C:\AdwCleaner\AdwCleaner[S2].txt - [1235 bytů] - [21/02/2015 02:21:27]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [2620 bytů] ##########

#6 Příspěvek od **Rudy** » 08 čer 2016 18:45

Dejte nový log FRST.

Bonaparte · #7 Příspěvek od **Bonaparte** » 08 čer 2016 22:05

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:08-06-2016
Ran by Michal (administrator) on MICHAL-PC (08-06-2016 23:00:58)
Running from C:\Users\Michal\Desktop
Loaded Profiles: Michal (Available Profiles: Michal)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodag.exe
(Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Stardock Corporation) C:\Program Files (x86)\Stardock\CursorFX\CursorFX.exe
(Logitech Inc.) C:\Program Files\Logitech\SetPoint II\SetPointII.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_ep64.exe
(Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_ep64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Epic Games, Inc.) C:\Program Files (x86)\GameforgeLive\Games\GBR_eng\Orcs Must Die! Unchained\Binaries\SpitfireGame.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
(forum.viry.cz) C:\Users\Michal\Desktop\FRST-OlderVersion\FRSTLauncher (1).exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11905128 2011-06-28] (Realtek Semiconductor)
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] => C:\Windows\KHALMNPR.EXE [130576 2009-06-17] (Logitech, Inc.)
HKLM\...\Run: [itype] => c:\Program Files\Microsoft IntelliType Pro\itype.exe [1873256 2011-08-10] (Microsoft Corporation)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [5006536 2016-03-21] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [OODefragTray] => C:\Program Files\OO Software\Defrag\oodtray.exe [4468424 2016-02-15] (O&O Software GmbH)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-05-19] (Intel Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [814608 2016-05-17] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [129272 2015-03-16] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [71440 2016-06-07] (Plays.tv, LLC)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58640 2016-05-23] (Raptr, Inc)
HKU\S-1-5-21-3622263592-3081926274-2433498376-1000\...\Run: [CursorFX] => C:\Program Files (x86)\Stardock\CursorFX\CursorFX.exe [417280 2010-03-23] (Stardock Corporation)
HKU\S-1-5-21-3622263592-3081926274-2433498376-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8418584 2015-07-17] (Piriform Ltd)
HKU\S-1-5-21-3622263592-3081926274-2433498376-1000\...\MountPoints2: E - E:\vs_professional.exe
HKU\S-1-5-21-3622263592-3081926274-2433498376-1000\...\MountPoints2: {93a38258-7570-11e3-a211-c860006e8f76} - E:\vs_professional.exe
HKU\S-1-5-21-3622263592-3081926274-2433498376-1000\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\O&O Defrag Tray.lnk [2016-05-24]
ShortcutTarget: O&O Defrag Tray.lnk -> C:\Windows\Installer\{10F2471C-34AD-4C33-9F92-039B8BC44AC0}\app_icon.ico ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SetPointII.lnk [2013-10-04]
ShortcutTarget: SetPointII.lnk -> C:\Program Files\Logitech\SetPoint II\SetPointII.exe (Logitech Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 213.46.172.36
Tcpip\..\Interfaces\{C6E4721E-4483-444B-A233-B55E77F18901}: [DhcpNameServer] 192.168.1.1 213.46.172.36

Internet Explorer:
==================
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3622263592-3081926274-2433498376-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3622263592-3081926274-2433498376-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3622263592-3081926274-2433498376-1000 -> {96DE3221-5E5A-41C7-ADB4-8F71410AF7B7} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-13] (Advanced Micro Devices)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-13] (Advanced Micro Devices)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-12-07] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-12-07] (Oracle Corporation)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-13] ()
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-13] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1221171.dll [2015-10-19] (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-07-17] (DivX, LLC)
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-12-07] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-12-07] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
FF Plugin-x32: @t.garena.com/garenatalk -> C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-05-08] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3622263592-3081926274-2433498376-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Michal\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-02] (Unity Technologies ApS)

Chrome:
=======
CHR Profile: C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-11]
CHR Extension: (Disk Google) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-14]
CHR Extension: (YouTube) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-19]
CHR Extension: (Vyhledávání Google) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-27]
CHR Extension: (Dokumenty Google offline) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-25]
CHR Extension: (AdBlock) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-10-19]
CHR Extension: (Shortcut Manager) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgjjeipcdnnjhgodgjpfkffcejoljijf [2015-02-24]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-19]
CHR Extension: (Gmail) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-27]

Opera:
=======
OPR Extension: (AdBlock) - C:\Users\Michal\AppData\Roaming\Opera Software\Opera Stable\Extensions\aobdicepooefnbaeokijohmhjlleamfj [2016-05-16]
StartMenuInternet: (HKLM) Opera - C:\Program Files\Opera x64\Opera.exe

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [970656 2016-05-17] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [467016 2016-05-17] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [467016 2016-05-17] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1435704 2016-05-17] (Avira Operations GmbH & Co. KG)
S2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [201008 2015-03-16] (Avira Operations GmbH & Co. KG)
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [15768 2010-02-03] (Microsoft Corporation)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [245544 2016-01-04] (EasyAntiCheat Ltd)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2013-08-22] (Microsoft Corporation) [File not signed]
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [3636936 2016-02-15] (O&O Software GmbH)
R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [32528 2016-06-07] (Plays.tv, LLC)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2014-11-10] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-01-14] ()
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-05] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [154816 2016-03-10] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141920 2016-05-17] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-07-02] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [79696 2016-05-17] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-01-05] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2011-10-24] (Huawei Technologies Co., Ltd.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-11-02] (Anchorfree Inc.)
S3 BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [X]
S1 HssDRV6; system32\DRIVERS\hssdrv6.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-06-08 23:00 - 2016-06-08 23:00 - 00000000 ____D C:\Users\Michal\Desktop\FRST-OlderVersion
2016-06-07 23:31 - 2016-06-08 17:14 - 00000000 ____D C:\Users\Michal\AppData\Roaming\PlaysTV
2016-06-07 23:31 - 2016-06-07 23:31 - 00004224 _____ C:\Windows\System32\Tasks\AMD Updater
2016-06-07 23:31 - 2016-06-07 23:31 - 00002023 _____ C:\Users\Public\Desktop\Raptr.lnk
2016-06-07 23:31 - 2016-06-07 23:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Raptr
2016-06-07 23:29 - 2016-06-07 23:30 - 00000000 ____D C:\Program Files (x86)\Raptr Inc
2016-06-07 23:29 - 2016-02-16 01:27 - 00125720 _____ C:\Windows\SysWOW64\vulkan-1.dll
2016-06-07 23:29 - 2016-02-16 01:26 - 00126232 _____ C:\Windows\system32\vulkan-1.dll
2016-06-07 23:29 - 2016-02-16 01:25 - 00045848 _____ C:\Windows\system32\vulkaninfo.exe
2016-06-07 23:29 - 2016-02-16 01:25 - 00042264 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2016-06-07 23:28 - 2016-06-07 23:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vulkan 1.0.3.1
2016-06-07 23:28 - 2016-06-07 23:28 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-06-07 23:11 - 2016-06-07 23:11 - 03677248 _____ C:\Users\Michal\Desktop\adwcleaner_5.119.exe
2016-06-07 21:04 - 2016-06-08 23:01 - 00016644 _____ C:\Users\Michal\Desktop\FRST.txt
2016-06-07 21:04 - 2016-06-08 23:00 - 00000000 ____D C:\FRST
2016-06-07 20:57 - 2016-06-08 23:00 - 02385408 _____ (Farbar) C:\Users\Michal\Desktop\FRST64.exe
2016-06-05 10:22 - 2016-06-06 16:02 - 00000000 ____D C:\Users\Michal\Desktop\Mp3 hudba
2016-06-03 13:40 - 2016-06-05 20:36 - 00000492 _____ C:\Users\Michal\Desktop\audi S4, A4.txt
2016-05-25 11:26 - 2016-05-25 11:26 - 00001473 _____ C:\Windows\system32\oodbs.lor
2016-05-24 12:30 - 2016-06-07 20:53 - 00000000 ____D C:\Windows\system32\oodag
2016-05-24 12:30 - 2016-05-24 12:30 - 00000000 ____D C:\Users\Michal\AppData\Local\O&O
2016-05-24 12:29 - 2016-05-24 12:29 - 00002497 _____ C:\Users\Public\Desktop\O&O Defrag.lnk
2016-05-24 12:29 - 2016-05-24 12:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\O&O Software
2016-05-24 12:29 - 2016-05-24 12:29 - 00000000 ____D C:\Program Files\OO Software
2016-05-24 12:28 - 2016-05-24 12:28 - 00000000 ____D C:\ProgramData\OO Software
2016-05-23 23:01 - 2016-06-07 20:57 - 00000000 ____D C:\Users\Michal\Desktop\obrázky
2016-05-23 10:55 - 2016-06-07 21:02 - 00000000 ____D C:\Users\Michal\Desktop\sr
2016-05-10 11:01 - 2016-06-05 10:24 - 00000000 ____D C:\Users\Michal\Desktop\mobil hudba

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-06-08 22:50 - 2015-05-16 01:12 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-08 22:15 - 2014-12-27 14:53 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-06-08 19:14 - 2016-05-07 05:32 - 00000000 ____D C:\Users\Michal\Downloads\Gameforge Live
2016-06-08 18:24 - 2015-02-24 08:38 - 00003848 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1424759933
2016-06-08 18:24 - 2013-10-17 21:09 - 00000000 ____D C:\Program Files (x86)\Opera
2016-06-08 17:41 - 2009-07-14 06:45 - 00021888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-06-08 17:41 - 2009-07-14 06:45 - 00021888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-06-08 17:35 - 2015-08-03 13:11 - 00000000 ____D C:\Users\Michal\AppData\Roaming\Raptr
2016-06-08 17:14 - 2015-05-16 01:12 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-08 17:12 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-08 04:23 - 2013-12-12 21:38 - 00000000 ____D C:\Users\Michal\AppData\Roaming\Skype
2016-06-07 23:31 - 2015-08-03 13:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2016-06-07 23:30 - 2015-08-03 13:11 - 00000000 ____D C:\Program Files (x86)\Raptr
2016-06-07 23:28 - 2015-12-07 20:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2016-06-07 23:28 - 2013-10-04 09:58 - 00000000 ____D C:\Program Files\AMD
2016-06-07 23:28 - 2013-10-04 09:58 - 00000000 ____D C:\Program Files (x86)\AMD
2016-06-07 23:27 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-06-07 23:26 - 2015-12-07 20:43 - 00000000 ____D C:\Users\Michal\AppData\Local\AMD
2016-06-07 23:16 - 2013-10-04 11:04 - 00000000 ____D C:\Users\Michal\Desktop\Stažené
2016-06-07 23:13 - 2015-02-21 02:19 - 00000000 ____D C:\AdwCleaner
2016-06-07 14:27 - 2013-11-07 16:18 - 00000000 ____D C:\Users\Michal\AppData\Roaming\TS3Client
2016-06-05 00:01 - 2014-12-27 14:53 - 00000892 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-06-03 13:23 - 2014-06-01 18:26 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-06-03 13:23 - 2013-12-12 21:38 - 00000000 ____D C:\ProgramData\Skype
2016-05-31 23:40 - 2015-02-13 17:05 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-05-28 23:56 - 2015-10-04 12:37 - 00000000 ____D C:\Users\Michal\Desktop\fotky
2016-05-24 12:23 - 2016-03-21 12:31 - 00000000 ____D C:\Users\Michal\Desktop\mobil
2016-05-23 23:21 - 2013-11-05 00:26 - 00000000 ____D C:\Users\Michal\Desktop\Cisteni pc
2016-05-23 23:19 - 2013-10-04 16:03 - 00000000 ____D C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2016-05-23 23:18 - 2015-10-31 21:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hry
2016-05-23 23:18 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-05-23 23:17 - 2013-10-04 11:04 - 00000000 ____D C:\Users\Michal\Desktop\Extrah
2016-05-17 15:45 - 2016-05-07 05:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
2016-05-17 15:45 - 2016-05-07 05:31 - 00000000 ____D C:\Program Files (x86)\GameforgeLive
2016-05-17 10:38 - 2014-07-20 23:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-05-17 10:37 - 2014-07-20 23:28 - 00141920 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2016-05-17 10:37 - 2014-07-20 23:28 - 00079696 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2016-05-13 11:15 - 2014-12-27 14:53 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-05-13 11:15 - 2014-12-27 14:53 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-05-13 11:15 - 2014-12-27 14:53 - 00003890 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-05-13 11:15 - 2014-12-27 14:53 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-05-13 06:56 - 2013-10-04 09:34 - 00002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-05-11 05:45 - 2015-05-16 01:12 - 00003948 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-05-11 05:45 - 2015-05-16 01:12 - 00003696 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-05-10 11:03 - 2011-04-12 10:34 - 00677618 _____ C:\Windows\system32\perfh005.dat
2016-05-10 11:03 - 2011-04-12 10:34 - 00146516 _____ C:\Windows\system32\perfc005.dat
2016-05-10 11:03 - 2009-07-14 07:13 - 01612072 _____ C:\Windows\system32\PerfStringBackup.INI

==================== Files in the root of some directories =======

2015-11-08 13:36 - 2015-11-08 14:10 - 0000114 _____ () C:\Users\Michal\AppData\Roaming\Camdata.ini
2015-11-08 13:36 - 2015-11-08 14:10 - 0000408 _____ () C:\Users\Michal\AppData\Roaming\CamLayout.ini
2015-11-08 13:36 - 2015-11-08 14:10 - 0000408 _____ () C:\Users\Michal\AppData\Roaming\CamShapes.ini
2015-11-08 13:36 - 2015-11-08 14:10 - 0004519 _____ () C:\Users\Michal\AppData\Roaming\CamStudio.cfg
2015-02-17 05:11 - 2015-02-17 05:11 - 0009878 _____ () C:\Users\Michal\AppData\Roaming\msfleyr.dat
2014-06-29 21:08 - 2014-06-30 00:56 - 0000058 _____ () C:\Users\Michal\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2013-10-15 01:24 - 2013-10-15 01:24 - 0000094 _____ () C:\Users\Michal\AppData\Local\fusioncache.dat
2014-08-24 23:49 - 2014-08-24 23:49 - 0000000 ___SH () C:\Users\Michal\AppData\Local\LumaEmu
2015-11-04 23:13 - 2015-09-05 23:13 - 0000032 ____R () C:\ProgramData\hash.dat

Files to move or delete:
====================
C:\ProgramData\hash.dat

Some files in TEMP:
====================
C:\Users\Michal\AppData\Local\Temp\avgnt.exe
C:\Users\Michal\AppData\Local\Temp\libeay32.dll
C:\Users\Michal\AppData\Local\Temp\msvcr120.dll
C:\Users\Michal\AppData\Local\Temp\playstv_patch.exe
C:\Users\Michal\AppData\Local\Temp\raptrpatch.exe
C:\Users\Michal\AppData\Local\Temp\raptr_stub.exe
C:\Users\Michal\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_21_0_0_242_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Michal\Desktop" je 36793 MB.

***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlueStacks Agent
C:\Program Files (x86)\BlueStacks\HD-Agent.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring
"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXMediaServer
C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate
"C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Flvto YouTube Downloader
"\FlvtoYoutubeDownloader.exe" /minimize [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray
C:\Program Files\OO Software\Defrag\oodtray.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando Media Booster
C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Raptr
"C:\Program Files (x86)\Raptr\raptrstub.exe" --startup [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam
"C:\Program Files (x86)\Steam\steam.exe" -silent [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent
"C:\Users\Michal\AppData\Roaming\uTorrent\utorrent.exe" /MINIMIZED [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^LOLRecorder.lnk
C:\PROGRA~2\LOLREP~1\LOLREC~1.EXE [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Michal^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Registrace produktu.lnk

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

#8 Příspěvek od **Rudy** » 09 čer 2016 16:57

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKU\S-1-5-21-3622263592-3081926274-2433498376-1000\...\MountPoints2: E - E:\vs_professional.exe
HKU\S-1-5-21-3622263592-3081926274-2433498376-1000\...\MountPoints2: {93a38258-7570-11e3-a211-c860006e8f76} - E:\vs_professional.exe
HKU\S-1-5-21-3622263592-3081926274-2433498376-1000\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3622263592-3081926274-2433498376-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
FF Plugin-x32: @t.garena.com/garenatalk -> C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll [No File]
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\ProgramData\hash.dat
C:\Users\Michal\AppData\Local\Temp

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Z logu:

Velikost slozky "C:\Users\Michal\Desktop" je 36793 MB.

To je příliš mnoho a může to zpomalovat start systému. Vytvořte v C:\Users\Michal novou složku, do ketré přesuňte všechna data z plochy (kromě zástupců). Na plochu si pak dejte zástupce té složky.

Bonaparte · #9 Příspěvek od **Bonaparte** » 11 čer 2016 17:51

Ten start systemu mam docela OK.. trva asi tak 10 vterin nez se nacte.. Nejaky poradek bych si tu udelat pozdeji ale asi mel..

Fix result of Farbar Recovery Scan Tool (x64) Version:10-06-2016
Ran by Michal (2016-06-11 18:44:04) Run:1
Running from C:\Users\Michal\Desktop
Loaded Profiles: Michal (Available Profiles: Michal)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKU\S-1-5-21-3622263592-3081926274-2433498376-1000\...\MountPoints2: E - E:\vs_professional.exe
HKU\S-1-5-21-3622263592-3081926274-2433498376-1000\...\MountPoints2: {93a38258-7570-11e3-a211-c860006e8f76} - E:\vs_professional.exe
HKU\S-1-5-21-3622263592-3081926274-2433498376-1000\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3622263592-3081926274-2433498376-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
FF Plugin-x32: @t.garena.com/garenatalk -> C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll [No File]
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\ProgramData\hash.dat
C:\Users\Michal\AppData\Local\Temp
*****************

"HKU\S-1-5-21-3622263592-3081926274-2433498376-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E" => key removed successfully
"HKU\S-1-5-21-3622263592-3081926274-2433498376-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{93a38258-7570-11e3-a211-c860006e8f76}" => key removed successfully
HKCR\CLSID\{93a38258-7570-11e3-a211-c860006e8f76} => key not found.
HKU\S-1-5-21-3622263592-3081926274-2433498376-1000\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => value removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKU\S-1-5-21-3622263592-3081926274-2433498376-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@t.garena.com/garenatalk" => key removed successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
C:\ProgramData\hash.dat => moved successfully

"C:\Users\Michal\AppData\Local\Temp" folder move:

Could not move "C:\Users\Michal\AppData\Local\Temp" => Scheduled to move on reboot.

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2016-06-11 18:47:03)

C:\Users\Michal\AppData\Local\Temp => moved successfully

==== End of Fixlog 18:47:03 ====

Bonaparte · #10 Příspěvek od **Bonaparte** » 11 čer 2016 17:54

Jinak zrovna resim na jinem foru problemy s prihlasenim. Nevite cim by to mohlo byt? Nemohou to byt viry nejake?

http://www.pc-help.cz/viewtopic.php?f=3 ... 9#p1375179

#11 Příspěvek od **Rudy** » 11 čer 2016 18:23

Bonaparte píše:Jinak zrovna resim na jinem foru problemy s prihlasenim. Nevite cim by to mohlo byt? Nemohou to byt viry nejake?

http://www.pc-help.cz/viewtopic.php?f=3 ... 9#p1375179

Smazáno. Vzhledem k tomu přihlašování ještě zkuste kompletní sken MBAM: http://www.malwarebytes.org/mbam.php . Dejte log, předem nic nemažte.

Bonaparte · #12 Příspěvek od **Bonaparte** » 11 čer 2016 19:11

S tim prihlasenim uz to je v poradku, akorat jsem v prohlizeci musel odskrtnout - Zakazat cookies a data webu tretich stran... neni to nejak nebezpecne mit to odskrtnute?

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 11.6.2016
Čas skenování: 19:49
Protokol: sken.txt
Správce: Ano

Verze: 2.2.1.1043
Databáze malwaru: v2016.06.11.03
Databáze rootkitů: v2016.05.27.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Michal

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 336419
Uplynulý čas: 18 min, 47 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 20
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{11401D00-D684-43F7-BF7C-AB518604A1D9}, , [644bc635f7a2dc5a4e17a243748fed13],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{3CB20EDD-8F91-46E8-9915-7FD50479918D}, , [258ad427f7a2fa3cb7aec322dc27eb15],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{5B33A621-F1C7-48F6-89D1-4CF0A5340F11}, , [b3fcab5067328bab392cedf8cf3443bd],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{7983F0F4-5550-461D-84B0-BD908E4B8F4B}, , [6b44ab505f3aef47e97c5c890af9966a],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{79C248BD-D1EC-4556-9F59-8C6BE6FEA113}, , [8629708bcdcc69cd065f1cc9a65d728e],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{7B3B83B3-C197-4601-BB9B-77CEDA1570E7}, , [27880feccccd1224fd687075ea19df21],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{87F8579F-48F8-4F41-9171-6340438D98C8}, , [c8e79962d6c33df96ff64f9636cd8b75],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{B4F0FA3D-813D-4A1C-9240-1DA6B5643BA7}, , [555aea11b6e34aecf471c421ba4955ab],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{C8F9F31F-678B-4F57-8227-575A35848CAE}, , [4a6510eb6b2ea1954d184c99798a669a],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{D7FF1749-A0EE-4F81-A469-2A7352FA7D85}, , [5a55da21386173c35312be2724df936d],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\dd0c47e4-3ff9-4cfd-8847-bc8018aefcdd-1, , [dbd4bf3c990074c20491751b768d7090],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\dd0c47e4-3ff9-4cfd-8847-bc8018aefcdd-10, , [9e11fffc39600432118438585ea529d7],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\dd0c47e4-3ff9-4cfd-8847-bc8018aefcdd-11, , [3c73cd2edfba82b404916a26df24c13f],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\dd0c47e4-3ff9-4cfd-8847-bc8018aefcdd-2, , [7e3193684851e056deb71f710df6c63a],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\dd0c47e4-3ff9-4cfd-8847-bc8018aefcdd-3, , [a50ad12a712858deb6dfc5cbe81b817f],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\dd0c47e4-3ff9-4cfd-8847-bc8018aefcdd-4, , [951a609b47524aecbbdaff912ed58977],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\dd0c47e4-3ff9-4cfd-8847-bc8018aefcdd-5, , [06a934c7a6f3b6804b4acdc37d867987],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\dd0c47e4-3ff9-4cfd-8847-bc8018aefcdd-5_user, , [357a44b7ecad0333068f98f8a36050b0],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\dd0c47e4-3ff9-4cfd-8847-bc8018aefcdd-6, , [c6e9fdfeb8e1d4623263d5bb996a7090],
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\dd0c47e4-3ff9-4cfd-8847-bc8018aefcdd-7, , [317ee813415812242273523ed72c22de],

Hodnoty registru: 10
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{11401D00-D684-43F7-BF7C-AB518604A1D9}|Path, \dd0c47e4-3ff9-4cfd-8847-bc8018aefcdd-4, , [644bc635f7a2dc5a4e17a243748fed13]
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{3CB20EDD-8F91-46E8-9915-7FD50479918D}|Path, \dd0c47e4-3ff9-4cfd-8847-bc8018aefcdd-3, , [258ad427f7a2fa3cb7aec322dc27eb15]
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{5B33A621-F1C7-48F6-89D1-4CF0A5340F11}|Path, \dd0c47e4-3ff9-4cfd-8847-bc8018aefcdd-1, , [b3fcab5067328bab392cedf8cf3443bd]
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{7983F0F4-5550-461D-84B0-BD908E4B8F4B}|Path, \dd0c47e4-3ff9-4cfd-8847-bc8018aefcdd-10, , [6b44ab505f3aef47e97c5c890af9966a]
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{79C248BD-D1EC-4556-9F59-8C6BE6FEA113}|Path, \dd0c47e4-3ff9-4cfd-8847-bc8018aefcdd-5, , [8629708bcdcc69cd065f1cc9a65d728e]
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{7B3B83B3-C197-4601-BB9B-77CEDA1570E7}|Path, \dd0c47e4-3ff9-4cfd-8847-bc8018aefcdd-11, , [27880feccccd1224fd687075ea19df21]
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{87F8579F-48F8-4F41-9171-6340438D98C8}|Path, \dd0c47e4-3ff9-4cfd-8847-bc8018aefcdd-7, , [c8e79962d6c33df96ff64f9636cd8b75]
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{B4F0FA3D-813D-4A1C-9240-1DA6B5643BA7}|Path, \dd0c47e4-3ff9-4cfd-8847-bc8018aefcdd-2, , [555aea11b6e34aecf471c421ba4955ab]
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{C8F9F31F-678B-4F57-8227-575A35848CAE}|Path, \dd0c47e4-3ff9-4cfd-8847-bc8018aefcdd-5_user, , [4a6510eb6b2ea1954d184c99798a669a]
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{D7FF1749-A0EE-4F81-A469-2A7352FA7D85}|Path, \dd0c47e4-3ff9-4cfd-8847-bc8018aefcdd-6, , [5a55da21386173c35312be2724df936d]

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 0
(Nenalezeny žádné škodlivé položky)

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)

(end)

#13 Příspěvek od **Rudy** » 11 čer 2016 20:19

Všechny nálezy smažte.

Bonaparte · #14 Příspěvek od **Bonaparte** » 11 čer 2016 20:36

Ok, hotovo

#15 Příspěvek od **Rudy** » 11 čer 2016 21:30

PC by již měl být čistý. Cookies můžete klidně zakázat. Pouze některé weby trvají na zapnutých cookies. Nebezpečné to není.

VIRY.CZ

Preventivní kontrola

Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola

Re: Preventivní kontrola