Prosím o kontrolu logu

Zpráva

tommymacho · #1 Příspěvek od **tommymacho** » 13 srp 2016 22:29

Zdravím, poprosil bych o kontrolu logu.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-08-2016 01
Ran by Tomáš (administrator) on TOMÁŠ-PC (13-08-2016 23:19:37)
Running from C:\Users\Tomáš\Desktop
Loaded Profiles: Tomáš (Available Profiles: Tomáš & Administrator)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(iolo technologies, LLC) C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(Spotify Ltd) C:\Users\Tomáš\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(iolo technologies, LLC) C:\Program Files (x86)\iolo\System Mechanic\ioloGovernor64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Tomáš\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12446824 2012-01-31] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2866960 2011-12-19] (Synaptics Incorporated)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2565472 2013-04-22] (TOSHIBA Corporation)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-04-17] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [23546672 2016-08-01] (Dropbox, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7408312 2016-06-27] (AVAST Software)
HKLM-x32\...\Run: [AllShareAgent] => C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe [285072 2012-03-02] (Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-3176385675-1044772427-3118369927-1000\...\Run: [Spotify Web Helper] => C:\Users\Tomáš\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2355312 2016-01-29] (Spotify Ltd)
HKU\S-1-5-21-3176385675-1044772427-3118369927-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8455960 2015-08-20] (Piriform Ltd)
HKU\S-1-5-21-3176385675-1044772427-3118369927-1000\...\MountPoints2: F - F:\setup.exe
HKU\S-1-5-21-3176385675-1044772427-3118369927-1000\...\MountPoints2: {4105ee89-6069-11e5-b047-2016d84af875} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3176385675-1044772427-3118369927-1000\...\MountPoints2: {6d5e8263-8f6f-11e5-a119-7054d2832667} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3176385675-1044772427-3118369927-1000\...\MountPoints2: {6f1b8649-91b9-11e5-a156-7054d2832667} - H:\autorun.exe
HKU\S-1-5-21-3176385675-1044772427-3118369927-1000\...\MountPoints2: {6f1b8688-91b9-11e5-a156-7054d2832667} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3176385675-1044772427-3118369927-1000\...\MountPoints2: {6f1b868d-91b9-11e5-a156-7054d2832667} - H:\autorun.exe
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-05-13] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.255.255.10 10.255.255.20
Tcpip\..\Interfaces\{179D2B52-C8DB-4B22-BC95-7702E5A52A7E}: [DhcpNameServer] 10.255.255.10 10.255.255.20
Tcpip\..\Interfaces\{DA5705F0-C642-4671-8B87-5A7065EC6090}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: Windows Live Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll => No File
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-24] (Oracle Corporation)
BHO-x32: Windows Live Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll => No File
BHO-x32: Microsoft Web Test Recorder 14.0 Helper -> {b924f0b4-0b3c-49c0-bab2-213fb9ebd1d3} -> C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2015-07-07] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-24] (Oracle Corporation)

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-24] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll [2011-11-18] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)

Chrome:
=======
CHR Profile: C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Disk Google) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (GeoGebra Math Apps) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnbaboaihhkjoaolfnfoablhllahjnee [2016-05-23]
CHR Extension: (ImprovedTube - YouTube Extension) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnomihfieiccainjcjblhegjgglakjdd [2016-07-28]
CHR Extension: (Adblock Plus) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-06-29]
CHR Extension: (Vyhledávání Google) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (Into The Mist) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgihmkgobaljfehcadcckdggpeojaadh [2016-03-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Gmail) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-11]
CHR Extension: (Chrome Media Router) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-10]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [243296 2016-05-13] (AVAST Software)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-10-10] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-10-10] (Dropbox, Inc.)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [File not signed]
R2 ioloSystemService; C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe [1168960 2013-12-03] (iolo technologies, LLC)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2016-06-27] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2016-06-27] ()
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [52968 2015-07-07] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-05-13] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-05-13] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-05-13] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-05-13] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-05-13] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [465792 2016-05-13] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [166432 2016-05-13] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [292704 2016-08-05] (AVAST Software)
S3 CH341SER_A64; C:\Windows\System32\Drivers\CH341S64.SYS [58368 2009-06-02] (http://www.winchiphead.com)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 ElRawDisk; C:\Windows\system32\drivers\ElRawDsk.sys [30752 2013-12-03] (EldoS Corporation)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
S3 smhwser; C:\Windows\System32\DRIVERS\smhwser.sys [122624 2015-11-24] (QUALCOMM Incorporated)
R3 TS_ARN5416; C:\Windows\System32\DRIVERS\ts_athrx.sys [3544264 2014-07-23] (TamoSoft)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-08-13 23:19 - 2016-08-13 23:20 - 00017238 _____ C:\Users\Tomáš\Desktop\FRST.txt
2016-08-13 23:17 - 2016-08-13 23:19 - 00000000 ____D C:\FRST
2016-08-13 23:17 - 2016-08-13 23:17 - 00112640 _____ (forum.viry.cz) C:\Users\Tomáš\Desktop\FRSTLauncher.exe
2016-08-13 23:16 - 2016-08-13 23:17 - 02393600 _____ (Farbar) C:\Users\Tomáš\Desktop\FRST64.exe
2016-08-13 23:07 - 2016-08-13 23:07 - 00000000 ____D C:\Users\Tomáš\Downloads\2016 Mariner
2016-08-13 13:06 - 2016-08-13 13:31 - 00000000 ____D C:\Users\Tomáš\Desktop\Bifrost - Heidenmetal
2016-08-13 12:08 - 2016-08-13 12:08 - 00000000 ____D C:\Users\Tomáš\AppData\Local\Microsoft Windows
2016-08-12 09:57 - 2009-09-27 09:39 - 00415744 ___SH (The Public) C:\Windows\SysWOW64\avisynth.dll
2016-08-12 09:57 - 2005-07-14 12:31 - 00032256 ___SH C:\Windows\SysWOW64\AVSredirect.dll
2016-08-12 09:57 - 2004-02-22 10:11 - 00764416 ___SH (Abysmal Software) C:\Windows\SysWOW64\devil.dll
2016-08-12 09:57 - 2004-01-25 00:00 - 00070656 ___SH (http://www.helixcommunity.org) C:\Windows\SysWOW64\yv12vfw.dll
2016-08-12 09:57 - 2004-01-25 00:00 - 00070656 ___SH (http://www.helixcommunity.org) C:\Windows\SysWOW64\i420vfw.dll
2016-08-12 09:54 - 2016-08-12 09:54 - 00000000 ____D C:\Users\Tomáš\Documents\eRightSoft
2016-08-12 09:54 - 2016-08-12 09:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPER © - by eRightSoft
2016-08-12 09:54 - 2016-08-12 09:54 - 00000000 ____D C:\Program Files (x86)\eRightSoft
2016-08-12 09:54 - 2014-03-07 12:03 - 03109520 __RSH (FFmpeg Project) C:\Windows\SysWOW64\avcodec-lav-55.dll
2016-08-12 09:54 - 2014-03-07 12:03 - 00550032 __RSH (FFmpeg Project) C:\Windows\SysWOW64\avformat-lav-55.dll
2016-08-12 09:54 - 2014-03-07 12:03 - 00313520 __RSH (1f0.de - Hendrik Leppkes) C:\Windows\SysWOW64\HLvideo.dll
2016-08-12 09:54 - 2014-03-07 12:03 - 00293888 __RSH C:\Windows\SysWOW64\avcodec-lav-1321.dll
2016-08-12 09:54 - 2014-03-07 12:03 - 00203408 __RSH (1f0.de - Hendrik Leppkes) C:\Windows\SysWOW64\HLsplit.dll
2016-08-12 09:54 - 2014-03-07 12:03 - 00181392 __RSH (FFmpeg Project) C:\Windows\SysWOW64\avutil-lav-52.dll
2016-08-12 09:54 - 2014-03-07 12:03 - 00166544 __RSH (Intel Corp.) C:\Windows\SysWOW64\IntelQuickSyncDecoder.dll
2016-08-12 09:54 - 2014-03-07 12:03 - 00122512 __RSH (1f0.de - Hendrik Leppkes) C:\Windows\SysWOW64\HLaudio.dll
2016-08-12 09:54 - 2014-03-07 12:03 - 00118416 __RSH (FFmpeg Project) C:\Windows\SysWOW64\swscale-lav-2.dll
2016-08-12 09:54 - 2014-03-07 12:03 - 00109712 __RSH C:\Windows\SysWOW64\libbluray.dll
2016-08-12 09:54 - 2014-03-07 12:03 - 00098960 __RSH (FFmpeg Project) C:\Windows\SysWOW64\avfilter-lav-4.dll
2016-08-12 09:54 - 2014-03-07 12:03 - 00059536 __RSH (FFmpeg Project) C:\Windows\SysWOW64\avresample-lav-1.dll
2016-08-12 09:54 - 2014-01-31 17:20 - 00000493 __RSH C:\Windows\SysWOW64\LAVFilters.Dependencies.manifest
2016-08-12 09:54 - 2012-10-05 20:54 - 00188416 __RSH C:\Windows\SysWOW64\winDCE32.dll
2016-08-12 09:54 - 2012-07-12 00:00 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Olepau32.ax
2016-08-12 09:54 - 2011-06-14 21:05 - 00121344 __RSH C:\Windows\SysWOW64\TAKDSDecoder.ax
2016-08-12 09:54 - 2011-02-11 11:26 - 00112128 __RSH C:\Windows\SysWOW64\OptimFROG.dll
2016-08-12 09:54 - 2010-01-07 01:00 - 00107520 __RSH C:\Windows\SysWOW64\TAKDSDecoder.dll
2016-08-12 09:54 - 2009-08-11 00:00 - 00352768 __RSH C:\Windows\SysWOW64\ac3DX.ax
2016-08-12 09:54 - 2005-02-22 18:55 - 00081920 __RSH C:\Windows\SysWOW64\aac_parser.ax
2016-08-12 09:54 - 2004-10-10 10:50 - 00278528 _____ (Real Networks, Inc) C:\Windows\SysWOW64\pncrt.dll
2016-08-12 09:54 - 2004-07-02 18:33 - 00327749 _____ (RealNetworks, Inc.) C:\Windows\SysWOW64\drvc.dll
2016-08-12 09:54 - 2004-04-27 17:03 - 00017408 __RSH (RadLight) C:\Windows\SysWOW64\RLOFRDec.ax
2016-08-12 09:54 - 2004-04-05 11:31 - 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2016-08-11 16:45 - 2016-08-11 16:47 - 00000000 ____D C:\Users\Tomáš\Downloads\Rick and Morty - Season 2 [WebRip][1080p]
2016-08-11 16:16 - 2016-08-12 10:41 - 00000000 ____D C:\Users\Tomáš\Downloads\Rick and Morty Season 1 [1080p] [HEVC]
2016-08-10 11:08 - 2016-08-11 11:28 - 00000000 ____D C:\Users\Tomáš\Downloads\Star.Wars.Episode.VII.The.Force.Awakens.2015.1080p.BluRay.x264.DTS-JYK
2016-08-10 11:07 - 2016-08-11 11:28 - 00000000 ____D C:\Users\Tomáš\Downloads\Star Wars Episode VI Return of the Jedi (1983) [1080p]
2016-08-10 11:06 - 2016-08-11 11:27 - 00000000 ____D C:\Users\Tomáš\Downloads\Star Wars Episode V The Empire Strikes Back (1980) [1080p]
2016-08-10 11:06 - 2016-08-11 11:27 - 00000000 ____D C:\Users\Tomáš\Downloads\Star Wars Episode IV A New Hope (1977) [1080p]
2016-08-10 11:05 - 2016-08-11 11:23 - 00000000 ____D C:\Users\Tomáš\Downloads\Star.Wars.Episode.III.Revenge.Of.The.Sith.2005.1080p.Bluray.x264.anoXmous
2016-08-10 11:05 - 2016-08-11 11:22 - 00000000 ____D C:\Users\Tomáš\Downloads\Star.Wars.Episode.II.Attack.Of.The.Clones.2002.1080p.Bluray.x264.anoXmous
2016-08-10 11:04 - 2016-08-11 11:19 - 00000000 ____D C:\Users\Tomáš\Downloads\Star Wars Episode I The Phantom Menace (1999) [1080p]
2016-08-08 18:35 - 2016-08-08 18:36 - 00000000 ____D C:\Users\Tomáš\Downloads\Belakor - Of Breath and Bone (2012)
2016-08-08 18:31 - 2016-08-08 18:32 - 00000000 ____D C:\Users\Tomáš\Downloads\Be'lakor - Vessels [2016]
2016-08-07 23:35 - 2016-08-07 23:41 - 00000000 ____D C:\Users\Tomáš\Downloads\IT Crowd
2016-08-07 15:00 - 2016-08-07 23:37 - 00000000 ____D C:\Users\Tomáš\Downloads\The.100.Year.Old.Man.Who.Climbed.Out.the.Window.and.Disappeared.2013.BDRip.XViD.MP3.CZ-GRiNGO
2016-08-05 22:14 - 2016-08-05 22:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-08-05 12:27 - 2016-08-05 12:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2016-08-05 11:44 - 2016-08-05 11:47 - 00000000 ____D C:\Users\Tomáš\Downloads\dUninstaller
2016-08-04 23:07 - 2016-08-04 23:09 - 00000000 ____D C:\Users\Tomáš\Downloads\Sylosis
2016-07-31 21:28 - 2016-08-01 10:31 - 00000000 ____D C:\Users\Tomáš\Downloads\Stranger.Things.Season.1.Complete.720p.WebRip.EN-SUB.x264-[MULVAcoded]
2016-07-31 16:36 - 2016-07-31 16:36 - 00000000 ____D C:\Users\Tomáš\Desktop\Pelican - What We All Come To Need
2016-07-30 11:34 - 2016-07-30 11:34 - 00000000 ____D C:\Users\Tomáš\AppData\LocalLow\Blizzard Entertainment
2016-07-27 21:21 - 2016-07-27 21:21 - 00000000 ____D C:\ProgramData\RELOADED
2016-07-26 22:55 - 2016-07-27 11:17 - 00000000 ____D C:\Users\Tomáš\Downloads\Zootopia 2016 1080p HDRip x264 AC3-JYK
2016-07-21 15:59 - 2016-07-21 15:59 - 00000000 ____D C:\Users\Tomáš\AppData\LocalLow\PlayfulCorp
2016-07-21 11:11 - 2016-07-21 11:11 - 00000000 ____D C:\Users\Tomáš\AppData\LocalLow\Strange Fire
2016-07-19 18:10 - 2016-07-19 18:10 - 00000000 ____D C:\Users\Tomáš\Downloads\WOFI(metalarea.org)
2016-07-19 16:23 - 2016-07-19 16:24 - 00000000 ____D C:\Users\Tomáš\Downloads\Words Of Farewell - The Black Wild Yonder (2014) [Gorgatz]
2016-07-19 14:50 - 2016-07-20 09:47 - 00000000 ____D C:\Users\Tomáš\Downloads\Hot Fuzz (2007)
2016-07-18 19:58 - 2016-07-18 20:00 - 00000000 ____D C:\Program Files (x86)\Audacity
2016-07-18 19:58 - 2016-07-18 19:58 - 00001023 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2016-07-18 19:14 - 2016-07-18 19:14 - 00000000 ____D C:\Users\Tomáš\AppData\Local\by_dekart811
2016-07-18 19:10 - 2016-07-18 19:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Catalyst
2016-07-18 18:46 - 2016-07-18 18:46 - 00000000 ____D C:\R.G. Catalyst
2016-07-15 18:48 - 2016-07-28 10:25 - 00000000 ____D C:\Users\Tomáš\Downloads\Paul (2011)
2016-07-14 13:18 - 2016-07-21 17:37 - 00000000 ____D C:\Users\Tomáš\Downloads\American Horror Story S02 (Asylum)
2016-07-14 12:09 - 2016-07-14 12:09 - 00000000 ____D C:\Users\Tomáš\AppData\LocalLow\Unity
2016-07-14 12:09 - 2016-07-14 12:09 - 00000000 ____D C:\Users\Tomáš\AppData\LocalLow\Hyper Hippo Productions Ltd_

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-08-13 23:19 - 2015-09-11 20:25 - 00000000 ____D C:\Users\Tomáš\AppData\Roaming\uTorrent
2016-08-13 23:11 - 2015-09-11 18:34 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-13 23:01 - 2015-10-10 15:37 - 00000906 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2016-08-13 23:01 - 2015-09-25 23:16 - 00000461 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2016-08-13 20:26 - 2015-10-10 15:37 - 00000902 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2016-08-13 13:28 - 2015-12-22 19:08 - 00000000 ____D C:\Users\Tomáš\AppData\Roaming\Audacity
2016-08-13 12:30 - 2016-03-11 19:16 - 00000000 ____D C:\Users\Tomáš\AppData\Local\CrashDumps
2016-08-13 11:47 - 2009-07-14 06:45 - 00028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-08-13 11:47 - 2009-07-14 06:45 - 00028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-08-13 11:37 - 2015-10-10 15:42 - 00000000 ___RD C:\Users\Tomáš\Dropbox
2016-08-13 11:36 - 2015-09-11 18:46 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-08-13 11:35 - 2015-09-11 18:34 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-13 11:35 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-08-12 15:34 - 2015-09-14 16:05 - 00000000 ____D C:\Program Files (x86)\Steam
2016-08-12 11:53 - 2015-09-26 14:19 - 00000000 ____D C:\Users\Tomáš\AppData\Local\Battle.net
2016-08-12 11:53 - 2015-09-26 14:18 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-08-11 19:33 - 2015-09-26 14:33 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2016-08-11 16:01 - 2015-09-11 17:19 - 00000000 ____D C:\Users\Tomáš
2016-08-10 11:54 - 2016-07-13 11:21 - 00000000 ____D C:\Users\Tomáš\Downloads\Simpsonovi S27
2016-08-09 15:46 - 2016-01-08 17:42 - 00000000 ____D C:\Users\Tomáš\Documents\REAPER Media
2016-08-09 15:44 - 2016-01-08 17:38 - 00000000 ____D C:\Users\Tomáš\AppData\Roaming\REAPER
2016-08-09 12:23 - 2015-09-14 17:00 - 00000000 ____D C:\Users\Tomáš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-08-09 09:19 - 2015-09-11 18:35 - 00002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-08-05 22:15 - 2015-10-10 15:37 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-08-05 14:58 - 2009-07-14 07:13 - 00781790 _____ C:\Windows\system32\PerfStringBackup.INI
2016-08-05 14:58 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-08-05 12:29 - 2015-12-20 17:52 - 00000000 ____D C:\Users\Tomáš\Documents\My Games
2016-08-05 12:29 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-08-05 12:23 - 2016-04-16 23:34 - 00000000 ____D C:\GOG Games
2016-08-05 10:17 - 2015-10-30 15:04 - 00292704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2016-08-04 23:24 - 2015-11-23 18:08 - 00000000 ____D C:\Program Files\DIFX
2016-08-03 15:24 - 2015-12-07 18:44 - 00000000 ____D C:\Users\Tomáš\AppData\Local\Arduino15
2016-08-03 09:44 - 2009-07-14 07:08 - 00032588 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-08-01 10:30 - 2015-09-30 20:40 - 00000000 ____D C:\Program Files\KMSnano
2016-07-30 11:27 - 2016-03-15 10:58 - 00000000 ____D C:\Program Files (x86)\World of Warcraft
2016-07-29 11:06 - 2015-09-11 18:34 - 00003948 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-07-29 11:06 - 2015-09-11 18:34 - 00003696 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-07-27 22:49 - 2016-04-18 18:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GD Hardware Scan
2016-07-27 22:44 - 2015-09-11 18:34 - 00000000 ____D C:\Users\Tomáš\AppData\Local\Deployment
2016-07-27 13:08 - 2016-06-19 22:12 - 00000000 ____D C:\Games
2016-07-26 22:06 - 2015-10-07 15:04 - 00000000 ____D C:\Users\Tomáš\Documents\Outlook Files
2016-07-18 19:58 - 2015-10-16 21:25 - 00000000 ___RD C:\Users\Tomáš\Desktop\
2016-07-18 19:46 - 2015-11-29 17:28 - 00000000 ____D C:\Users\Tomáš\AppData\Local\SKIDROW
2016-07-18 16:13 - 2016-02-01 20:14 - 00000000 ____D C:\Users\Tomáš\AppData\Roaming\IrfanView
2016-07-15 11:35 - 2015-09-18 21:43 - 00000000 ____D C:\Users\Tomáš\AppData\Roaming\Skype
2016-07-14 20:56 - 2016-02-25 21:05 - 00000000 ____D C:\Users\Tomáš\AppData\Roaming\TS3Client

==================== Files in the root of some directories =======

2015-03-26 13:48 - 2015-03-26 13:48 - 2174976 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\Common Files\atimpenc.dll
2016-01-09 17:46 - 2016-01-09 17:46 - 0000030 _____ () C:\Users\Tomáš\AppData\Roaming\.pgbiasfx
2015-12-27 22:16 - 2012-09-01 20:03 - 0000144 _____ () C:\Users\Tomáš\AppData\Roaming\ACEConfigCache2.lst
2015-11-14 12:27 - 2015-12-22 19:10 - 0000016 _____ () C:\Users\Tomáš\AppData\Roaming\msregsvv.dll
2015-11-14 12:27 - 2015-12-22 19:10 - 0000016 _____ () C:\ProgramData\autobk.inc

Some files in TEMP:
====================
C:\Users\Tomáš\AppData\Local\Temp\SkypeSetup.exe

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Tom��\Desktop" je 101465 MB.

***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring
"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper
"C:\Users\Tom��\AppData\Roaming\Spotify\SpotifyWebHelper.exe"

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

#2 Příspěvek od **Rudy** » 14 srp 2016 10:22

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

tommymacho · #3 Příspěvek od **tommymacho** » 14 srp 2016 10:49

# AdwCleaner v6.000 - Logfile created 14/08/2016 at 11:38:12
# Updated on 12/08/2016 by ToolsLib
# Database : 2016-08-13.3 [Server]
# Operating System : Windows 7 Home Premium Service Pack 1 (X64)
# Username : Tomáš - TOMÁŠ-PC
# Running from : C:\Users\Tomáš\Downloads\adwcleaner_6.000.exe
# Mode: Clean
# Support : https://toolslib.net/forum

***** [ Services ] *****

***** [ Folders ] *****

[-] Folder deleted: C:\Users\Tomáš\AppData\Local\DriverToolkit
[-] Folder deleted: C:\Program Files (x86)\DriverToolkit

***** [ Files ] *****

***** [ DLL ] *****

***** [ WMI ] *****

***** [ Shortcuts ] *****

***** [ Scheduled Tasks ] *****

***** [ Registry ] *****

[-] Key deleted: HKU\S-1-5-21-3176385675-1044772427-3118369927-1000\Software\Conduit
[-] Key deleted: HKU\S-1-5-21-3176385675-1044772427-3118369927-1000\Software\DriverToolkit
[#] Key deleted on reboot: HKCU\Software\Conduit
[#] Key deleted on reboot: HKCU\Software\DriverToolkit
[-] Key deleted: HKLM\SOFTWARE\Conduit

***** [ Web browsers ] *****

[-] [mystartsearch] [Search Provider] Deleted: mystartsearch
[-] [free-pdf-reader.en.softonic.com] [Search Provider] Deleted: free-pdf-reader.en.softonic.com

*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [1373 Bytes] - [14/08/2016 11:38:12]
C:\AdwCleaner\AdwCleaner[S0].txt - [1673 Bytes] - [14/08/2016 11:37:18]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1519 Bytes] ##########

#4 Příspěvek od **Rudy** » 14 srp 2016 10:59

Dejte nový log FRST.

tommymacho · #5 Příspěvek od **tommymacho** » 14 srp 2016 11:27

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-08-2016 01
Ran by Tomáš (administrator) on TOMÁŠ-PC (14-08-2016 12:20:41)
Running from C:\Users\Tomáš\Desktop
Loaded Profiles: Tomáš (Available Profiles: Tomáš & Administrator)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(iolo technologies, LLC) C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(iolo technologies, LLC) C:\Program Files (x86)\iolo\System Mechanic\ioloGovernor64.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(Spotify Ltd) C:\Users\Tomáš\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(forum.viry.cz) C:\Users\Tomáš\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12446824 2012-01-31] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2866960 2011-12-19] (Synaptics Incorporated)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2565472 2013-04-22] (TOSHIBA Corporation)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-04-17] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [23546672 2016-08-01] (Dropbox, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7408312 2016-06-27] (AVAST Software)
HKLM-x32\...\Run: [AllShareAgent] => C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe [285072 2012-03-02] (Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-3176385675-1044772427-3118369927-1000\...\Run: [Spotify Web Helper] => C:\Users\Tomáš\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2355312 2016-01-29] (Spotify Ltd)
HKU\S-1-5-21-3176385675-1044772427-3118369927-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8455960 2015-08-20] (Piriform Ltd)
HKU\S-1-5-21-3176385675-1044772427-3118369927-1000\...\MountPoints2: F - F:\setup.exe
HKU\S-1-5-21-3176385675-1044772427-3118369927-1000\...\MountPoints2: {4105ee89-6069-11e5-b047-2016d84af875} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3176385675-1044772427-3118369927-1000\...\MountPoints2: {6d5e8263-8f6f-11e5-a119-7054d2832667} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3176385675-1044772427-3118369927-1000\...\MountPoints2: {6f1b8649-91b9-11e5-a156-7054d2832667} - H:\autorun.exe
HKU\S-1-5-21-3176385675-1044772427-3118369927-1000\...\MountPoints2: {6f1b8688-91b9-11e5-a156-7054d2832667} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3176385675-1044772427-3118369927-1000\...\MountPoints2: {6f1b868d-91b9-11e5-a156-7054d2832667} - H:\autorun.exe
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-05-13] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.255.255.10 10.255.255.20
Tcpip\..\Interfaces\{179D2B52-C8DB-4B22-BC95-7702E5A52A7E}: [DhcpNameServer] 10.255.255.10 10.255.255.20
Tcpip\..\Interfaces\{DA5705F0-C642-4671-8B87-5A7065EC6090}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: Windows Live Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll => No File
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-24] (Oracle Corporation)
BHO-x32: Windows Live Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll => No File
BHO-x32: Microsoft Web Test Recorder 14.0 Helper -> {b924f0b4-0b3c-49c0-bab2-213fb9ebd1d3} -> C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2015-07-07] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-24] (Oracle Corporation)

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-24] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll [2011-11-18] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)

Chrome:
=======
CHR Profile: C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Disk Google) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (GeoGebra Math Apps) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnbaboaihhkjoaolfnfoablhllahjnee [2016-05-23]
CHR Extension: (ImprovedTube - YouTube Extension) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnomihfieiccainjcjblhegjgglakjdd [2016-07-28]
CHR Extension: (Adblock Plus) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-06-29]
CHR Extension: (Vyhledávání Google) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (Into The Mist) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgihmkgobaljfehcadcckdggpeojaadh [2016-03-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Gmail) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-11]
CHR Extension: (Chrome Media Router) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-10]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [243296 2016-05-13] (AVAST Software)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-10-10] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-10-10] (Dropbox, Inc.)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [File not signed]
R2 ioloSystemService; C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe [1168960 2013-12-03] (iolo technologies, LLC)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2016-06-27] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2016-06-27] ()
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [52968 2015-07-07] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-05-13] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-05-13] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-05-13] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-05-13] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-05-13] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [465792 2016-05-13] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [166432 2016-05-13] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [292704 2016-08-05] (AVAST Software)
S3 CH341SER_A64; C:\Windows\System32\Drivers\CH341S64.SYS [58368 2009-06-02] (http://www.winchiphead.com)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 ElRawDisk; C:\Windows\system32\drivers\ElRawDsk.sys [30752 2013-12-03] (EldoS Corporation)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
S3 smhwser; C:\Windows\System32\DRIVERS\smhwser.sys [122624 2015-11-24] (QUALCOMM Incorporated)
R3 TS_ARN5416; C:\Windows\System32\DRIVERS\ts_athrx.sys [3544264 2014-07-23] (TamoSoft)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-08-14 12:16 - 2016-08-14 12:16 - 00112640 _____ (forum.viry.cz) C:\Users\Tomáš\Desktop\FRSTLauncher.exe
2016-08-14 11:35 - 2016-08-14 11:38 - 00000000 ____D C:\AdwCleaner
2016-08-14 11:35 - 2016-08-14 11:35 - 03784256 _____ C:\Users\Tomáš\Downloads\adwcleaner_6.000.exe
2016-08-13 23:31 - 2016-08-13 23:32 - 00000000 ____D C:\ZÁLOHA
2016-08-13 23:23 - 2016-08-13 23:23 - 00006375 _____ C:\Users\Tomáš\Desktop\Addition.zip
2016-08-13 23:19 - 2016-08-14 12:21 - 00017001 _____ C:\Users\Tomáš\Desktop\FRST.txt
2016-08-13 23:17 - 2016-08-14 12:20 - 00000000 ____D C:\FRST
2016-08-13 23:16 - 2016-08-13 23:17 - 02393600 _____ (Farbar) C:\Users\Tomáš\Desktop\FRST64.exe
2016-08-13 23:07 - 2016-08-13 23:07 - 00000000 ____D C:\Users\Tomáš\Downloads\2016 Mariner
2016-08-13 13:06 - 2016-08-13 13:31 - 00000000 ____D C:\Users\Tomáš\Desktop\Bifrost - Heidenmetal
2016-08-13 12:08 - 2016-08-13 12:08 - 00000000 ____D C:\Users\Tomáš\AppData\Local\Microsoft Windows
2016-08-12 09:57 - 2009-09-27 09:39 - 00415744 ___SH (The Public) C:\Windows\SysWOW64\avisynth.dll
2016-08-12 09:57 - 2005-07-14 12:31 - 00032256 ___SH C:\Windows\SysWOW64\AVSredirect.dll
2016-08-12 09:57 - 2004-02-22 10:11 - 00764416 ___SH (Abysmal Software) C:\Windows\SysWOW64\devil.dll
2016-08-12 09:57 - 2004-01-25 00:00 - 00070656 ___SH (http://www.helixcommunity.org) C:\Windows\SysWOW64\yv12vfw.dll
2016-08-12 09:57 - 2004-01-25 00:00 - 00070656 ___SH (http://www.helixcommunity.org) C:\Windows\SysWOW64\i420vfw.dll
2016-08-12 09:54 - 2016-08-12 09:54 - 00000000 ____D C:\Users\Tomáš\Documents\eRightSoft
2016-08-12 09:54 - 2016-08-12 09:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPER © - by eRightSoft
2016-08-12 09:54 - 2016-08-12 09:54 - 00000000 ____D C:\Program Files (x86)\eRightSoft
2016-08-12 09:54 - 2014-03-07 12:03 - 03109520 __RSH (FFmpeg Project) C:\Windows\SysWOW64\avcodec-lav-55.dll
2016-08-12 09:54 - 2014-03-07 12:03 - 00550032 __RSH (FFmpeg Project) C:\Windows\SysWOW64\avformat-lav-55.dll
2016-08-12 09:54 - 2014-03-07 12:03 - 00313520 __RSH (1f0.de - Hendrik Leppkes) C:\Windows\SysWOW64\HLvideo.dll
2016-08-12 09:54 - 2014-03-07 12:03 - 00293888 __RSH C:\Windows\SysWOW64\avcodec-lav-1321.dll
2016-08-12 09:54 - 2014-03-07 12:03 - 00203408 __RSH (1f0.de - Hendrik Leppkes) C:\Windows\SysWOW64\HLsplit.dll
2016-08-12 09:54 - 2014-03-07 12:03 - 00181392 __RSH (FFmpeg Project) C:\Windows\SysWOW64\avutil-lav-52.dll
2016-08-12 09:54 - 2014-03-07 12:03 - 00166544 __RSH (Intel Corp.) C:\Windows\SysWOW64\IntelQuickSyncDecoder.dll
2016-08-12 09:54 - 2014-03-07 12:03 - 00122512 __RSH (1f0.de - Hendrik Leppkes) C:\Windows\SysWOW64\HLaudio.dll
2016-08-12 09:54 - 2014-03-07 12:03 - 00118416 __RSH (FFmpeg Project) C:\Windows\SysWOW64\swscale-lav-2.dll
2016-08-12 09:54 - 2014-03-07 12:03 - 00109712 __RSH C:\Windows\SysWOW64\libbluray.dll
2016-08-12 09:54 - 2014-03-07 12:03 - 00098960 __RSH (FFmpeg Project) C:\Windows\SysWOW64\avfilter-lav-4.dll
2016-08-12 09:54 - 2014-03-07 12:03 - 00059536 __RSH (FFmpeg Project) C:\Windows\SysWOW64\avresample-lav-1.dll
2016-08-12 09:54 - 2014-01-31 17:20 - 00000493 __RSH C:\Windows\SysWOW64\LAVFilters.Dependencies.manifest
2016-08-12 09:54 - 2012-10-05 20:54 - 00188416 __RSH C:\Windows\SysWOW64\winDCE32.dll
2016-08-12 09:54 - 2012-07-12 00:00 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Olepau32.ax
2016-08-12 09:54 - 2011-06-14 21:05 - 00121344 __RSH C:\Windows\SysWOW64\TAKDSDecoder.ax
2016-08-12 09:54 - 2011-02-11 11:26 - 00112128 __RSH C:\Windows\SysWOW64\OptimFROG.dll
2016-08-12 09:54 - 2010-01-07 01:00 - 00107520 __RSH C:\Windows\SysWOW64\TAKDSDecoder.dll
2016-08-12 09:54 - 2009-08-11 00:00 - 00352768 __RSH C:\Windows\SysWOW64\ac3DX.ax
2016-08-12 09:54 - 2005-02-22 18:55 - 00081920 __RSH C:\Windows\SysWOW64\aac_parser.ax
2016-08-12 09:54 - 2004-10-10 10:50 - 00278528 _____ (Real Networks, Inc) C:\Windows\SysWOW64\pncrt.dll
2016-08-12 09:54 - 2004-07-02 18:33 - 00327749 _____ (RealNetworks, Inc.) C:\Windows\SysWOW64\drvc.dll
2016-08-12 09:54 - 2004-04-27 17:03 - 00017408 __RSH (RadLight) C:\Windows\SysWOW64\RLOFRDec.ax
2016-08-12 09:54 - 2004-04-05 11:31 - 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2016-08-11 16:45 - 2016-08-11 16:47 - 00000000 ____D C:\Users\Tomáš\Downloads\Rick and Morty - Season 2 [WebRip][1080p]
2016-08-11 16:16 - 2016-08-12 10:41 - 00000000 ____D C:\Users\Tomáš\Downloads\Rick and Morty Season 1 [1080p] [HEVC]
2016-08-10 11:08 - 2016-08-11 11:28 - 00000000 ____D C:\Users\Tomáš\Downloads\Star.Wars.Episode.VII.The.Force.Awakens.2015.1080p.BluRay.x264.DTS-JYK
2016-08-10 11:07 - 2016-08-11 11:28 - 00000000 ____D C:\Users\Tomáš\Downloads\Star Wars Episode VI Return of the Jedi (1983) [1080p]
2016-08-10 11:06 - 2016-08-11 11:27 - 00000000 ____D C:\Users\Tomáš\Downloads\Star Wars Episode V The Empire Strikes Back (1980) [1080p]
2016-08-10 11:06 - 2016-08-11 11:27 - 00000000 ____D C:\Users\Tomáš\Downloads\Star Wars Episode IV A New Hope (1977) [1080p]
2016-08-10 11:05 - 2016-08-11 11:23 - 00000000 ____D C:\Users\Tomáš\Downloads\Star.Wars.Episode.III.Revenge.Of.The.Sith.2005.1080p.Bluray.x264.anoXmous
2016-08-10 11:05 - 2016-08-11 11:22 - 00000000 ____D C:\Users\Tomáš\Downloads\Star.Wars.Episode.II.Attack.Of.The.Clones.2002.1080p.Bluray.x264.anoXmous
2016-08-10 11:04 - 2016-08-11 11:19 - 00000000 ____D C:\Users\Tomáš\Downloads\Star Wars Episode I The Phantom Menace (1999) [1080p]
2016-08-08 18:35 - 2016-08-08 18:36 - 00000000 ____D C:\Users\Tomáš\Downloads\Belakor - Of Breath and Bone (2012)
2016-08-08 18:31 - 2016-08-08 18:32 - 00000000 ____D C:\Users\Tomáš\Downloads\Be'lakor - Vessels [2016]
2016-08-07 23:35 - 2016-08-07 23:41 - 00000000 ____D C:\Users\Tomáš\Downloads\IT Crowd
2016-08-07 15:00 - 2016-08-07 23:37 - 00000000 ____D C:\Users\Tomáš\Downloads\The.100.Year.Old.Man.Who.Climbed.Out.the.Window.and.Disappeared.2013.BDRip.XViD.MP3.CZ-GRiNGO
2016-08-05 22:14 - 2016-08-05 22:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-08-05 12:27 - 2016-08-05 12:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2016-08-05 11:44 - 2016-08-05 11:47 - 00000000 ____D C:\Users\Tomáš\Downloads\dUninstaller
2016-08-04 23:07 - 2016-08-04 23:09 - 00000000 ____D C:\Users\Tomáš\Downloads\Sylosis
2016-07-31 21:28 - 2016-08-01 10:31 - 00000000 ____D C:\Users\Tomáš\Downloads\Stranger.Things.Season.1.Complete.720p.WebRip.EN-SUB.x264-[MULVAcoded]
2016-07-31 16:36 - 2016-07-31 16:36 - 00000000 ____D C:\Users\Tomáš\Desktop\Pelican - What We All Come To Need
2016-07-30 11:34 - 2016-07-30 11:34 - 00000000 ____D C:\Users\Tomáš\AppData\LocalLow\Blizzard Entertainment
2016-07-27 21:21 - 2016-07-27 21:21 - 00000000 ____D C:\ProgramData\RELOADED
2016-07-26 22:55 - 2016-07-27 11:17 - 00000000 ____D C:\Users\Tomáš\Downloads\Zootopia 2016 1080p HDRip x264 AC3-JYK
2016-07-21 15:59 - 2016-07-21 15:59 - 00000000 ____D C:\Users\Tomáš\AppData\LocalLow\PlayfulCorp
2016-07-21 11:11 - 2016-07-21 11:11 - 00000000 ____D C:\Users\Tomáš\AppData\LocalLow\Strange Fire
2016-07-19 18:10 - 2016-07-19 18:10 - 00000000 ____D C:\Users\Tomáš\Downloads\WOFI(metalarea.org)
2016-07-19 16:23 - 2016-07-19 16:24 - 00000000 ____D C:\Users\Tomáš\Downloads\Words Of Farewell - The Black Wild Yonder (2014) [Gorgatz]
2016-07-19 14:50 - 2016-07-20 09:47 - 00000000 ____D C:\Users\Tomáš\Downloads\Hot Fuzz (2007)
2016-07-18 19:58 - 2016-07-18 20:00 - 00000000 ____D C:\Program Files (x86)\Audacity
2016-07-18 19:58 - 2016-07-18 19:58 - 00001023 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2016-07-18 19:14 - 2016-07-18 19:14 - 00000000 ____D C:\Users\Tomáš\AppData\Local\by_dekart811
2016-07-18 19:10 - 2016-07-18 19:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Catalyst
2016-07-18 18:46 - 2016-07-18 18:46 - 00000000 ____D C:\R.G. Catalyst
2016-07-15 18:48 - 2016-07-28 10:25 - 00000000 ____D C:\Users\Tomáš\Downloads\Paul (2011)

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-08-14 12:11 - 2015-09-11 18:34 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-14 11:48 - 2009-07-14 06:45 - 00028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-08-14 11:48 - 2009-07-14 06:45 - 00028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-08-14 11:42 - 2015-10-10 15:37 - 00000906 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2016-08-14 11:41 - 2015-10-10 15:42 - 00000000 ___RD C:\Users\Tomáš\Dropbox
2016-08-14 11:40 - 2015-10-10 15:37 - 00000902 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2016-08-14 11:40 - 2015-09-25 23:16 - 00000461 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2016-08-14 11:40 - 2015-09-11 18:34 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-14 11:39 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-08-14 11:19 - 2015-09-11 18:46 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-08-13 23:32 - 2015-10-16 21:25 - 00000000 ___RD C:\Users\Tomáš\Desktop\
2016-08-13 23:19 - 2015-09-11 20:25 - 00000000 ____D C:\Users\Tomáš\AppData\Roaming\uTorrent
2016-08-13 13:28 - 2015-12-22 19:08 - 00000000 ____D C:\Users\Tomáš\AppData\Roaming\Audacity
2016-08-13 12:30 - 2016-03-11 19:16 - 00000000 ____D C:\Users\Tomáš\AppData\Local\CrashDumps
2016-08-12 15:34 - 2015-09-14 16:05 - 00000000 ____D C:\Program Files (x86)\Steam
2016-08-12 11:53 - 2015-09-26 14:19 - 00000000 ____D C:\Users\Tomáš\AppData\Local\Battle.net
2016-08-12 11:53 - 2015-09-26 14:18 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-08-11 19:33 - 2015-09-26 14:33 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2016-08-11 16:01 - 2015-09-11 17:19 - 00000000 ____D C:\Users\Tomáš
2016-08-10 11:54 - 2016-07-13 11:21 - 00000000 ____D C:\Users\Tomáš\Downloads\Simpsonovi S27
2016-08-09 15:46 - 2016-01-08 17:42 - 00000000 ____D C:\Users\Tomáš\Documents\REAPER Media
2016-08-09 15:44 - 2016-01-08 17:38 - 00000000 ____D C:\Users\Tomáš\AppData\Roaming\REAPER
2016-08-09 12:23 - 2015-09-14 17:00 - 00000000 ____D C:\Users\Tomáš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-08-09 09:19 - 2015-09-11 18:35 - 00002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-08-05 22:15 - 2015-10-10 15:37 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-08-05 14:58 - 2009-07-14 07:13 - 00781790 _____ C:\Windows\system32\PerfStringBackup.INI
2016-08-05 14:58 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-08-05 12:29 - 2015-12-20 17:52 - 00000000 ____D C:\Users\Tomáš\Documents\My Games
2016-08-05 12:29 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-08-05 12:23 - 2016-04-16 23:34 - 00000000 ____D C:\GOG Games
2016-08-05 10:17 - 2015-10-30 15:04 - 00292704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2016-08-04 23:24 - 2015-11-23 18:08 - 00000000 ____D C:\Program Files\DIFX
2016-08-03 15:24 - 2015-12-07 18:44 - 00000000 ____D C:\Users\Tomáš\AppData\Local\Arduino15
2016-08-03 09:44 - 2009-07-14 07:08 - 00032588 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-08-01 10:30 - 2015-09-30 20:40 - 00000000 ____D C:\Program Files\KMSnano
2016-07-30 11:27 - 2016-03-15 10:58 - 00000000 ____D C:\Program Files (x86)\World of Warcraft
2016-07-29 11:06 - 2015-09-11 18:34 - 00003948 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-07-29 11:06 - 2015-09-11 18:34 - 00003696 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-07-27 22:49 - 2016-04-18 18:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GD Hardware Scan
2016-07-27 22:44 - 2015-09-11 18:34 - 00000000 ____D C:\Users\Tomáš\AppData\Local\Deployment
2016-07-27 13:08 - 2016-06-19 22:12 - 00000000 ____D C:\Games
2016-07-26 22:06 - 2015-10-07 15:04 - 00000000 ____D C:\Users\Tomáš\Documents\Outlook Files
2016-07-21 17:37 - 2016-07-14 13:18 - 00000000 ____D C:\Users\Tomáš\Downloads\American Horror Story S02 (Asylum)
2016-07-18 19:46 - 2015-11-29 17:28 - 00000000 ____D C:\Users\Tomáš\AppData\Local\SKIDROW
2016-07-18 16:13 - 2016-02-01 20:14 - 00000000 ____D C:\Users\Tomáš\AppData\Roaming\IrfanView
2016-07-15 11:35 - 2015-09-18 21:43 - 00000000 ____D C:\Users\Tomáš\AppData\Roaming\Skype

==================== Files in the root of some directories =======

2015-03-26 13:48 - 2015-03-26 13:48 - 2174976 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\Common Files\atimpenc.dll
2016-01-09 17:46 - 2016-01-09 17:46 - 0000030 _____ () C:\Users\Tomáš\AppData\Roaming\.pgbiasfx
2015-12-27 22:16 - 2012-09-01 20:03 - 0000144 _____ () C:\Users\Tomáš\AppData\Roaming\ACEConfigCache2.lst
2015-11-14 12:27 - 2015-12-22 19:10 - 0000016 _____ () C:\Users\Tomáš\AppData\Roaming\msregsvv.dll
2015-11-14 12:27 - 2015-12-22 19:10 - 0000016 _____ () C:\ProgramData\autobk.inc

Some files in TEMP:
====================
C:\Users\Tomáš\AppData\Local\Temp\libeay32.dll
C:\Users\Tomáš\AppData\Local\Temp\msvcr120.dll
C:\Users\Tomáš\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Tomáš\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-08-06 14:01

==================== End of FRST.txt ============================

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:698.54 GB) (Free:144.34 GB) NTFS ==>[drive with boot components (obtained from BCD)]

Available physical RAM: 2093.66 MB
Total physical RAM: 4047.3 MB
Percentage of memory in use: 48%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 4114E3DC)
Partition 1: (Active) - (Size=698.5 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\Windows:{4B9A1497-0817-47C4-9612-D6A1C53ACF57} [26]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`27hfm [0]

==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Tom��\Desktop" je 15346 MB.

***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring
"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper
"C:\Users\Tom��\AppData\Roaming\Spotify\SpotifyWebHelper.exe"

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

#6 Příspěvek od **Rudy** » 14 srp 2016 12:36

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKU\S-1-5-21-3176385675-1044772427-3118369927-1000\...\MountPoints2: F - F:\setup.exe
HKU\S-1-5-21-3176385675-1044772427-3118369927-1000\...\MountPoints2: {4105ee89-6069-11e5-b047-2016d84af875} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3176385675-1044772427-3118369927-1000\...\MountPoints2: {6d5e8263-8f6f-11e5-a119-7054d2832667} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3176385675-1044772427-3118369927-1000\...\MountPoints2: {6f1b8649-91b9-11e5-a156-7054d2832667} - H:\autorun.exe
HKU\S-1-5-21-3176385675-1044772427-3118369927-1000\...\MountPoints2: {6f1b8688-91b9-11e5-a156-7054d2832667} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3176385675-1044772427-3118369927-1000\...\MountPoints2: {6f1b868d-91b9-11e5-a156-7054d2832667} - H:\autorun.exe
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
BHO: Windows Live Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll => No File
BHO-x32: Windows Live Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll => No File
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Tomáš\AppData\Local\Temp
AlternateDataStreams: C:\Windows:{4B9A1497-0817-47C4-9612-D6A1C53ACF57} [26]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`27hfm [0]
Task: {8E6E51E6-1C4C-4E2B-9E37-3D72C1927419} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Z logu:

Velikost slozky "C:\Users\Tomáš\Desktop" je 15346 MB.

To je příliš mnoho a může to zpomalovat start systému. Vytvořte v C:\Users\Tomáš novou složku, do níž překopírujte všechna data z plochy (kromě zástupců). Na plochu si pak pro snazší přístup dejte zástupce té složky.

tommymacho · #7 Příspěvek od **tommymacho** » 14 srp 2016 13:04

Fix result of Farbar Recovery Scan Tool (x64) Version: 11-08-2016 01
Ran by Tomáš (2016-08-14 13:54:08) Run:1
Running from C:\Users\Tomáš\Desktop
Loaded Profiles: Tomáš (Available Profiles: Tomáš & Administrator)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKU\S-1-5-21-3176385675-1044772427-3118369927-1000\...\MountPoints2: F - F:\setup.exe
HKU\S-1-5-21-3176385675-1044772427-3118369927-1000\...\MountPoints2: {4105ee89-6069-11e5-b047-2016d84af875} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3176385675-1044772427-3118369927-1000\...\MountPoints2: {6d5e8263-8f6f-11e5-a119-7054d2832667} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3176385675-1044772427-3118369927-1000\...\MountPoints2: {6f1b8649-91b9-11e5-a156-7054d2832667} - H:\autorun.exe
HKU\S-1-5-21-3176385675-1044772427-3118369927-1000\...\MountPoints2: {6f1b8688-91b9-11e5-a156-7054d2832667} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3176385675-1044772427-3118369927-1000\...\MountPoints2: {6f1b868d-91b9-11e5-a156-7054d2832667} - H:\autorun.exe
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
BHO: Windows Live Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll => No File
BHO-x32: Windows Live Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll => No File
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Tomáš\AppData\Local\Temp
AlternateDataStreams: C:\Windows:{4B9A1497-0817-47C4-9612-D6A1C53ACF57} [26]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`27hfm [0]
Task: {8E6E51E6-1C4C-4E2B-9E37-3D72C1927419} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
End
*****************

"HKU\S-1-5-21-3176385675-1044772427-3118369927-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F" => key removed successfully
"HKU\S-1-5-21-3176385675-1044772427-3118369927-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4105ee89-6069-11e5-b047-2016d84af875}" => key removed successfully
HKCR\CLSID\{4105ee89-6069-11e5-b047-2016d84af875} => key not found.
"HKU\S-1-5-21-3176385675-1044772427-3118369927-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6d5e8263-8f6f-11e5-a119-7054d2832667}" => key removed successfully
HKCR\CLSID\{6d5e8263-8f6f-11e5-a119-7054d2832667} => key not found.
"HKU\S-1-5-21-3176385675-1044772427-3118369927-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6f1b8649-91b9-11e5-a156-7054d2832667}" => key removed successfully
HKCR\CLSID\{6f1b8649-91b9-11e5-a156-7054d2832667} => key not found.
"HKU\S-1-5-21-3176385675-1044772427-3118369927-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6f1b8688-91b9-11e5-a156-7054d2832667}" => key removed successfully
HKCR\CLSID\{6f1b8688-91b9-11e5-a156-7054d2832667} => key not found.
"HKU\S-1-5-21-3176385675-1044772427-3118369927-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6f1b868d-91b9-11e5-a156-7054d2832667}" => key removed successfully
HKCR\CLSID\{6f1b868d-91b9-11e5-a156-7054d2832667} => key not found.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Local Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Local Page => value restored successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}" => key removed successfully
"HKCR\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6}" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6}" => key removed successfully
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully

"C:\Users\Tomáš\AppData\Local\Temp" folder move:

Could not move "C:\Users\Tomáš\AppData\Local\Temp" => Scheduled to move on reboot.

C:\Windows => ":{4B9A1497-0817-47C4-9612-D6A1C53ACF57}" ADS removed successfully.
C:\ProgramData\Reprise => ":wupeogjxldtlfudivq`qsp`27hfm" ADS removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8E6E51E6-1C4C-4E2B-9E37-3D72C1927419}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8E6E51E6-1C4C-4E2B-9E37-3D72C1927419}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => key removed successfully

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2016-08-14 13:56:02)

C:\Users\Tomáš\AppData\Local\Temp => moved successfully

==== End of Fixlog 13:56:03 ====

Na tu velikost plochy jsem koukal i v prvním logu, nějakých 80 GB jsem již přesunul. V čem byl jinak prosím problém?

#8 Příspěvek od **Rudy** » 14 srp 2016 17:19

Změnilo se něco po tomto mazání?

tommymacho · #9 Příspěvek od **tommymacho** » 14 srp 2016 17:22

Řekl bych, že nb jede o něco plynuleji, ale možná si to sugeruji. Každopádně mockrát děkuji.

#10 Příspěvek od **Rudy** » 14 srp 2016 17:23

Ještě zkuste defragmentivat disk. Nemáte zač!

VIRY.CZ

Prosím o kontrolu logu

Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu