Zpomalený a zasekaný pc

Zpráva

whiskytony · #1 Příspěvek od **whiskytony** » 09 pro 2016 19:36

Zdravím,

dnes jsem zapnul notas a vše je zpomalené. V správci jsem si všiml "Hostitel služby", který dost žere

Přikládám log FRST

Děkuji,
Tony

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 07-12-2016
Ran by Anton (administrator) on TONY (09-12-2016 19:33:34)
Running from C:\Users\Anton\Desktop
Loaded Profiles: Anton (Available Profiles: Anton)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Razer Inc.) C:\Programy\Razer Game Booster\RzKLService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\22.8.1.14\nav.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\22.8.1.14\nav.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusSmartGestureDetector64.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Program Files (x86)\AGEIA Technologies\TrayIcon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\ASUSWSLoader.exe [63296 2014-08-20] ()
HKLM-x32\...\Run: [AGEIA PhysX SysTray] => C:\Program Files (x86)\AGEIA Technologies\TrayIcon.exe [339968 2006-08-16] ()
HKU\S-1-5-21-3113116595-2999987527-3303187697-1001\...\Run: [DAEMON Tools Lite] => "C:\Users\Anton\Desktop\DAEMON Tools Lite\DTLite.exe" -autorun
HKU\S-1-5-21-3113116595-2999987527-3303187697-1001\...\Run: [Steam] => "D:\Hry\EmpireTW\Steam.exe" -silent
HKU\S-1-5-21-3113116595-2999987527-3303187697-1001\...\Run: [Discord] => C:\Users\Anton\AppData\Local\Discord\app-0.0.296\Discord.exe [62471352 2016-08-24] (Hammer & Chisel, Inc.)
HKU\S-1-5-21-3113116595-2999987527-3303187697-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9105112 2016-11-15] (Piriform Ltd)
HKU\S-1-5-21-3113116595-2999987527-3303187697-1001\...\MountPoints2: {2156a9fb-7994-11e5-8261-acb57daa8b50} - "J:\fscommand\LS_Start_Launch.cmd"
HKU\S-1-5-21-3113116595-2999987527-3303187697-1001\...\MountPoints2: {8c7acbbc-b346-11e6-82a3-acb57daa8b50} - "J:\Setup.exe"
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton AntiVirus\Engine64\22.8.1.14\buShell.dll [2016-11-12] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton AntiVirus\Engine64\22.8.1.14\buShell.dll [2016-11-12] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton AntiVirus\Engine64\22.8.1.14\buShell.dll [2016-11-12] (Symantec Corporation)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2015-02-14]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SolidWorks 2014 Rychlé spuštění.lnk [2015-10-29]
ShortcutTarget: SolidWorks 2014 Rychlé spuštění.lnk -> C:\Windows\Installer\{4FFA60C4-9A8B-4C9E-8265-2241B266304C}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe (Flexera Software LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SolidWorks Nástroj pro stahování na pozadí.lnk [2015-10-29]
ShortcutTarget: SolidWorks Nástroj pro stahování na pozadí.lnk -> C:\Program Files (x86)\Common Files\Manažer instalací SolidWorks\BackgroundDownloading\sldBgDwld.exe (Dassault Systèmes SolidWorks Corp.)
Startup: C:\Users\Anton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar17.lnk [2016-01-11]
ShortcutTarget: Sidebar17.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (No File)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2D661260-C0ED-45C5-A9DE-A77C0EB44ADE}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7C0278D2-9D48-4008-80B4-540F817CBB5C}: [DhcpNameServer] 192.168.24.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3113116595-2999987527-3303187697-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3113116595-2999987527-3303187697-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton AntiVirus\Engine64\22.8.1.14\coIEPlg.dll [2016-11-12] (Symantec Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton AntiVirus\Engine\22.8.1.14\coIEPlg.dll [2016-11-12] (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Programy\Java\bin\ssv.dll [2015-12-12] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Programy\Java\bin\jp2ssv.dll [2015-12-12] (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton AntiVirus\Engine64\22.8.1.14\coIEPlg.dll [2016-11-12] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton AntiVirus\Engine\22.8.1.14\coIEPlg.dll [2016-11-12] (Symantec Corporation)

FireFox:
========
FF DefaultProfile: gs35zach.default
FF ProfilePath: C:\Users\Anton\AppData\Roaming\Mozilla\Firefox\Profiles\gs35zach.default [2016-12-07]
FF Homepage: Mozilla\Firefox\Profiles\gs35zach.default -> hxxps://cs-cz.facebook.com/
about:preferences#general
FF Extension: (Firebug) - C:\Users\Anton\AppData\Roaming\Mozilla\Firefox\Profiles\gs35zach.default\Extensions\firebug@software.joehewitt.com.xpi [2016-10-13]
FF SearchPlugin: C:\Users\Anton\AppData\Roaming\Mozilla\Firefox\Profiles\gs35zach.default\searchplugins\McSiteAdvisor.xml [2015-12-12]
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_22.5.4.24\coFFAddon
FF Extension: (Norton Security Toolbar) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_22.5.4.24\coFFAddon [2016-12-07]
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_22.5.4.24\coFFAddon
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Programy\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-01-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Programy\Java\bin\dtplugin\npDeployJava1.dll [2015-12-12] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Programy\Java\bin\plugin2\npjp2.dll [2015-12-12] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default [2016-12-09]
CHR Extension: (Prezentace Google) - C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-23]
CHR Extension: (Dokumenty Google) - C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-23]
CHR Extension: (Disk Google) - C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (Poper Blocker) - C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche [2016-08-28]
CHR Extension: (YouTube) - C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-23]
CHR Extension: (Vyhledávání Google) - C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Tabulky Google) - C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-23]
CHR Extension: (Dokumenty Google offline) - C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-17]
CHR Extension: (AdBlock) - C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-11-25]
CHR Extension: (Speed Dial [FVD] - New Tab Page, 3D, Sync...) - C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\llaficoajjainaijghjlofdfmbjpebpa [2016-11-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Gmail) - C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-25]
CHR Extension: (GeoProxy) - C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\pooljnboifbodgifngpppfklhifechoe [2015-12-27]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton AntiVirus\Engine\22.8.1.14\Exts\Chrome.crx [2016-11-20]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton AntiVirus\Engine\22.8.1.14\Exts\Chrome.crx [2016-11-20]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe [71168 2014-08-20] (ASUS Cloud Corporation) [File not signed]
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2251992 2013-11-14] (Broadcom Corporation.)
R2 esifsvc; C:\Windows\SysWOW64\esif_uf.exe [1037568 2014-09-18] (Intel Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344976 2014-12-15] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496 2015-01-06] (Intel Corporation)
R2 NAV; C:\Program Files (x86)\Norton AntiVirus\Engine\22.8.1.14\NAV.exe [289080 2016-11-12] (Symantec Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
S3 Origin Client Service; D:\Hry\Origin\OriginClientService.exe [2142728 2016-10-15] (Electronic Arts)
S2 Origin Web Helper Service; D:\Hry\Origin\OriginWebHelperService.exe [2209296 2016-10-15] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2016-10-15] ()
R2 RzKLService; C:\Programy\Razer Game Booster\RzKLService.exe [105448 2014-02-25] (Razer Inc.)
S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2015-10-29] (SolidWorks) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [69904 2014-09-19] (ASUS Corporation)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-11-14] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7546544 2015-02-14] (Broadcom Corporation)
R1 BHDrvx64; C:\Program Files (x86)\Norton AntiVirus\NortonData\22.5.4.24\Definitions\BASHDefs\20161208.001\BHDrvx64.sys [1874136 2016-11-07] (Symantec Corporation)
R1 ccSet_NAV; C:\Windows\system32\drivers\NAVx64\1608010.00E\ccSetx64.sys [174328 2016-06-02] (Symantec Corporation)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [38720 2014-09-18] (Intel Corporation)
R3 dptf_pch; C:\Windows\System32\drivers\dptf_pch.sys [38208 2014-09-18] (Intel Corporation)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2015-10-24] (DT Soft Ltd)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [497368 2016-10-04] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [156888 2016-10-04] (Symantec Corporation)
R3 esif_lf; C:\Windows\System32\drivers\esif_lf.sys [216360 2014-09-18] (Intel Corporation)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-11-12] (LogMeIn Inc.)
R1 IDSVia64; C:\Program Files (x86)\Norton AntiVirus\NortonData\22.5.4.24\Definitions\IPSDefs\20161207.002\IDSvia64.sys [1012952 2016-10-28] (Symantec Corporation)
R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [79016 2014-08-26] (Intel Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2015-01-06] (Intel Corporation)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [82072 2015-08-10] (McAfee, Inc.)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [11376 2016-03-19] () [File not signed]
S3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2015-06-04] ()
R3 SRTSP; C:\Windows\System32\Drivers\NAVx64\1608010.00E\SRTSP64.SYS [784624 2016-11-12] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NAVx64\1608010.00E\SRTSPX64.SYS [49400 2016-11-12] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\NAVx64\1608010.00E\SYMEFASI64.SYS [1628888 2016-11-12] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NAVx64\1608010.00E\SymELAM.sys [24192 2015-09-23] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [100592 2016-10-14] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NAVx64\1608010.00E\Ironx64.SYS [289520 2016-11-12] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NAVx64\1608010.00E\SYMNETS.SYS [567512 2016-11-12] (Symantec Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
U0 msahci; system32\drivers\msahci.sys [X]
S3 NAVENG; \??\C:\Program Files (x86)\Norton AntiVirus\NortonData\22.5.4.24\Definitions\SDSDefs\20160720.002\ENG64.SYS [X]
S3 NAVEX15; \??\C:\Program Files (x86)\Norton AntiVirus\NortonData\22.5.4.24\Definitions\SDSDefs\20160720.002\EX64.SYS [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-12-09 19:33 - 2016-12-09 19:34 - 00021523 _____ C:\Users\Anton\Desktop\FRST.txt
2016-12-09 19:33 - 2016-12-09 19:33 - 02420224 _____ (Farbar) C:\Users\Anton\Desktop\frst64.exe
2016-12-06 19:54 - 2016-12-06 19:54 - 00002782 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2016-12-06 19:54 - 2016-12-06 19:54 - 00000836 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-12-06 19:54 - 2016-12-06 19:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-12-06 19:54 - 2016-12-06 19:54 - 00000000 ____D C:\Program Files\CCleaner
2016-12-04 21:14 - 2016-12-04 21:14 - 00000000 ____D C:\Windows\System32\Tasks\Norton AntiVirus
2016-12-04 21:11 - 2016-12-04 21:11 - 00003218 _____ C:\Windows\System32\Tasks\Norton WSC Integration
2016-11-27 15:20 - 2016-12-06 19:07 - 00000000 ____D C:\Users\Anton\AppData\LocalLow\Mozilla
2016-11-10 15:15 - 2016-11-10 16:10 - 00000000 ____D C:\Users\Anton\AppData\Roaming\discord
2016-11-10 15:15 - 2016-11-10 15:15 - 00000000 ____D C:\Users\Anton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
2016-11-10 15:15 - 2016-11-10 15:15 - 00000000 ____D C:\Users\Anton\AppData\Local\SquirrelTemp
2016-11-10 15:15 - 2016-11-10 15:15 - 00000000 ____D C:\Users\Anton\AppData\Local\Discord

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-12-09 19:33 - 2016-08-28 13:39 - 00000000 ____D C:\FRST
2016-12-09 19:29 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-09 19:24 - 2015-10-23 15:51 - 00001543 _____ C:\Users\Anton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AsusSmartGestureDetector.lnk
2016-12-09 19:24 - 2015-10-23 15:45 - 00000165 _____ C:\Users\Anton\AppData\Roaming\sp_data.sys
2016-12-09 18:00 - 2015-10-24 15:59 - 00000000 ____D C:\Users\Anton\AppData\Roaming\vlc
2016-12-09 15:45 - 2016-08-16 16:25 - 00003480 _____ C:\Windows\System32\Tasks\ASUS Live Update1
2016-12-09 15:45 - 2015-10-23 15:52 - 00003470 _____ C:\Windows\System32\Tasks\ASUS Live Update2
2016-12-09 15:45 - 2015-10-23 15:49 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3113116595-2999987527-3303187697-1001
2016-12-08 20:02 - 2015-10-29 13:37 - 01365504 ___SH C:\Users\Anton\Downloads\Thumbs.db
2016-12-07 21:36 - 2015-12-15 14:57 - 00000000 ____D C:\Windows\System32\Tasks\Remediation
2016-12-07 20:28 - 2014-10-21 12:24 - 00741360 _____ C:\Windows\system32\perfh005.dat
2016-12-07 20:28 - 2014-10-21 12:24 - 00152030 _____ C:\Windows\system32\perfc005.dat
2016-12-07 20:28 - 2014-03-18 16:26 - 01745984 _____ C:\Windows\system32\PerfStringBackup.INI
2016-12-07 20:28 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf
2016-12-07 20:17 - 2015-11-06 20:12 - 00000000 ____D C:\Users\Anton\AppData\Roaming\uTorrent
2016-12-07 20:17 - 2015-10-23 23:12 - 00000000 ____D C:\Users\Anton\AppData\Roaming\DAEMON Tools Lite
2016-12-07 20:11 - 2016-06-05 16:22 - 00000000 ____D C:\Users\Anton\AppData\Local\CrashDumps
2016-12-07 20:11 - 2014-10-21 13:09 - 00000000 ____D C:\Windows\Panther
2016-12-06 19:46 - 2016-01-11 17:27 - 00000058 _____ C:\Users\Anton\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2016-12-06 19:46 - 2015-10-25 10:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hry
2016-12-06 19:45 - 2015-02-14 03:42 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-12-06 19:42 - 2015-10-26 13:04 - 00000000 ____D C:\Users\Anton\Documents\SolidWorks Downloads
2016-12-06 19:41 - 2015-10-23 16:08 - 00000000 ____D C:\Programy
2016-12-06 19:10 - 2015-10-23 17:05 - 00000000 ____D C:\Users\Anton\Desktop\Moje
2016-12-05 21:03 - 2015-10-23 15:43 - 00000000 ____D C:\Users\Anton
2016-12-04 21:20 - 2015-10-24 13:36 - 00000000 ____D C:\Users\Anton\AppData\Roaming\Skype
2016-12-04 21:09 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2016-12-04 21:06 - 2015-10-23 21:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-04 21:06 - 2013-08-22 16:36 - 00000000 ___HD C:\Windows\ELAMBKUP
2016-12-04 20:54 - 2015-10-23 16:10 - 07759872 ___SH C:\Users\Anton\Desktop\Thumbs.db
2016-12-04 20:46 - 2016-06-24 18:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-12-01 17:40 - 2015-12-13 18:04 - 00000000 ____D C:\Windows\system32\Drivers\NAVx64
2016-12-01 17:39 - 2015-12-13 18:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton AntiVirus
2016-11-30 20:29 - 2016-01-02 20:42 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-11-30 20:29 - 2014-10-21 05:29 - 00000000 ____D C:\ProgramData\Skype
2016-11-28 19:44 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp
2016-11-27 18:20 - 2016-01-29 16:52 - 00000000 ____D C:\Users\Anton\AppData\Roaming\TS3Client
2016-11-14 18:23 - 2016-10-15 13:56 - 1655064576 ____R C:\Users\Anton\Downloads\Allegiant.2016.BRRip.XviD.AC3.CZ.avi
2016-11-14 18:17 - 2016-10-15 13:56 - 1499391470 ____R C:\Users\Anton\Downloads\Hardcore.Henry.2015.BRRip.XviD.AC3.CZ-PiRaTE.avi
2016-11-14 18:07 - 2016-10-15 13:56 - 1646839920 ____R C:\Users\Anton\Downloads\Les.Visiteurs.La.Révolution.2016.480p.BDRip.XviD.AC3.CZ.avi
2016-11-11 17:04 - 2015-10-23 16:02 - 00002217 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-11-10 16:18 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI

==================== Files in the root of some directories =======

2015-11-01 19:22 - 2015-11-01 19:22 - 0000504 _____ () C:\Users\Anton\AppData\Roaming\Drives Monitor_Settings.ini
2015-10-23 15:45 - 2016-12-09 19:24 - 0000165 _____ () C:\Users\Anton\AppData\Roaming\sp_data.sys
2015-11-01 19:24 - 2015-11-01 19:28 - 0000122 _____ () C:\Users\Anton\AppData\Roaming\System Monitor II_UptimeRecord.ini
2016-01-11 17:27 - 2016-12-06 19:46 - 0000058 _____ () C:\Users\Anton\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2016-10-03 18:01 - 2016-10-03 18:01 - 0003414 _____ () C:\Users\Anton\AppData\Local\recently-used.xbel
2015-10-29 16:45 - 2015-12-09 15:19 - 0000000 _____ () C:\Users\Anton\AppData\Local\Temptable.xml
2014-10-21 05:28 - 2012-09-07 12:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2014-10-21 05:28 - 2009-07-22 11:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-10-23 11:30

==================== End of FRST.txt ============================

#2 Příspěvek od **Rudy** » 09 pro 2016 19:51

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

whiskytony · #3 Příspěvek od **whiskytony** » 09 pro 2016 20:29

# AdwCleaner v6.040 - Logfile created 09/12/2016 at 20:27:04
# Updated on 02/12/2016 by Malwarebytes
# Database : 2016-12-09.1 [Server]
# Operating System : Windows 8.1 (X64)
# Username : Anton - TONY
# Running from : C:\Users\Anton\Desktop\adwcleaner_6.040.exe
# Mode: Clean
# Support : https://www.malwarebytes.com/support

***** [ Services ] *****

***** [ Folders ] *****

***** [ Files ] *****

***** [ DLL ] *****

***** [ WMI ] *****

***** [ Shortcuts ] *****

***** [ Scheduled Tasks ] *****

***** [ Registry ] *****

[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com

***** [ Web browsers ] *****

*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [3778 Bytes] - [05/06/2016 17:09:33]
C:\AdwCleaner\AdwCleaner[C2].txt - [1469 Bytes] - [28/08/2016 17:40:35]
C:\AdwCleaner\AdwCleaner[C3].txt - [1272 Bytes] - [09/12/2016 20:27:04]
C:\AdwCleaner\AdwCleaner[S1].txt - [3678 Bytes] - [05/06/2016 17:07:33]
C:\AdwCleaner\AdwCleaner[S2].txt - [1578 Bytes] - [28/08/2016 17:40:20]
C:\AdwCleaner\AdwCleaner[S3].txt - [1740 Bytes] - [09/12/2016 20:25:06]

########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [1564 Bytes] ##########

#4 Příspěvek od **Rudy** » 09 pro 2016 21:04

Dejte nový log FRST.

whiskytony · #5 Příspěvek od **whiskytony** » 09 pro 2016 21:42

Problém přetrvává

LOG:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 07-12-2016
Ran by Anton (administrator) on TONY (09-12-2016 21:39:18)
Running from C:\Users\Anton\Desktop
Loaded Profiles: Anton (Available Profiles: Anton)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\22.8.1.14\nav.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\22.8.1.14\nav.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Razer Inc.) C:\Programy\Razer Game Booster\RzKLService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusSmartGestureDetector64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Program Files (x86)\AGEIA Technologies\TrayIcon.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\ASUSWSLoader.exe [63296 2014-08-20] ()
HKLM-x32\...\Run: [AGEIA PhysX SysTray] => C:\Program Files (x86)\AGEIA Technologies\TrayIcon.exe [339968 2006-08-16] ()
HKU\S-1-5-21-3113116595-2999987527-3303187697-1001\...\Run: [DAEMON Tools Lite] => "C:\Users\Anton\Desktop\DAEMON Tools Lite\DTLite.exe" -autorun
HKU\S-1-5-21-3113116595-2999987527-3303187697-1001\...\Run: [Steam] => "D:\Hry\EmpireTW\Steam.exe" -silent
HKU\S-1-5-21-3113116595-2999987527-3303187697-1001\...\Run: [Discord] => C:\Users\Anton\AppData\Local\Discord\app-0.0.296\Discord.exe [62471352 2016-08-24] (Hammer & Chisel, Inc.)
HKU\S-1-5-21-3113116595-2999987527-3303187697-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9105112 2016-11-15] (Piriform Ltd)
HKU\S-1-5-21-3113116595-2999987527-3303187697-1001\...\MountPoints2: {2156a9fb-7994-11e5-8261-acb57daa8b50} - "J:\fscommand\LS_Start_Launch.cmd"
HKU\S-1-5-21-3113116595-2999987527-3303187697-1001\...\MountPoints2: {8c7acbbc-b346-11e6-82a3-acb57daa8b50} - "J:\Setup.exe"
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton AntiVirus\Engine64\22.8.1.14\buShell.dll [2016-11-12] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton AntiVirus\Engine64\22.8.1.14\buShell.dll [2016-11-12] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton AntiVirus\Engine64\22.8.1.14\buShell.dll [2016-11-12] (Symantec Corporation)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2015-02-14]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SolidWorks 2014 Rychlé spuštění.lnk [2015-10-29]
ShortcutTarget: SolidWorks 2014 Rychlé spuštění.lnk -> C:\Windows\Installer\{4FFA60C4-9A8B-4C9E-8265-2241B266304C}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe (Flexera Software LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SolidWorks Nástroj pro stahování na pozadí.lnk [2015-10-29]
ShortcutTarget: SolidWorks Nástroj pro stahování na pozadí.lnk -> C:\Program Files (x86)\Common Files\Manažer instalací SolidWorks\BackgroundDownloading\sldBgDwld.exe (Dassault Systèmes SolidWorks Corp.)
Startup: C:\Users\Anton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar17.lnk [2016-01-11]
ShortcutTarget: Sidebar17.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (No File)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2D661260-C0ED-45C5-A9DE-A77C0EB44ADE}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7C0278D2-9D48-4008-80B4-540F817CBB5C}: [DhcpNameServer] 192.168.24.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3113116595-2999987527-3303187697-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3113116595-2999987527-3303187697-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton AntiVirus\Engine64\22.8.1.14\coIEPlg.dll [2016-11-12] (Symantec Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton AntiVirus\Engine\22.8.1.14\coIEPlg.dll [2016-11-12] (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Programy\Java\bin\ssv.dll [2015-12-12] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Programy\Java\bin\jp2ssv.dll [2015-12-12] (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton AntiVirus\Engine64\22.8.1.14\coIEPlg.dll [2016-11-12] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton AntiVirus\Engine\22.8.1.14\coIEPlg.dll [2016-11-12] (Symantec Corporation)

FireFox:
========
FF DefaultProfile: gs35zach.default
FF ProfilePath: C:\Users\Anton\AppData\Roaming\Mozilla\Firefox\Profiles\gs35zach.default [2016-12-07]
FF Homepage: Mozilla\Firefox\Profiles\gs35zach.default -> hxxps://cs-cz.facebook.com/
about:preferences#general
FF Extension: (Firebug) - C:\Users\Anton\AppData\Roaming\Mozilla\Firefox\Profiles\gs35zach.default\Extensions\firebug@software.joehewitt.com.xpi [2016-10-13]
FF SearchPlugin: C:\Users\Anton\AppData\Roaming\Mozilla\Firefox\Profiles\gs35zach.default\searchplugins\McSiteAdvisor.xml [2015-12-12]
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_22.5.4.24\coFFAddon
FF Extension: (Norton Security Toolbar) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_22.5.4.24\coFFAddon [2016-12-07]
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_22.5.4.24\coFFAddon
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Programy\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-01-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Programy\Java\bin\dtplugin\npDeployJava1.dll [2015-12-12] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Programy\Java\bin\plugin2\npjp2.dll [2015-12-12] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default [2016-12-09]
CHR Extension: (Prezentace Google) - C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-23]
CHR Extension: (Dokumenty Google) - C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-23]
CHR Extension: (Disk Google) - C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (Poper Blocker) - C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche [2016-08-28]
CHR Extension: (YouTube) - C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-23]
CHR Extension: (Vyhledávání Google) - C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Tabulky Google) - C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-23]
CHR Extension: (Dokumenty Google offline) - C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-17]
CHR Extension: (AdBlock) - C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-11-25]
CHR Extension: (Speed Dial [FVD] - New Tab Page, 3D, Sync...) - C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\llaficoajjainaijghjlofdfmbjpebpa [2016-11-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Gmail) - C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-25]
CHR Extension: (GeoProxy) - C:\Users\Anton\AppData\Local\Google\Chrome\User Data\Default\Extensions\pooljnboifbodgifngpppfklhifechoe [2015-12-27]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton AntiVirus\Engine\22.8.1.14\Exts\Chrome.crx [2016-11-20]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton AntiVirus\Engine\22.8.1.14\Exts\Chrome.crx [2016-11-20]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe [71168 2014-08-20] (ASUS Cloud Corporation) [File not signed]
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2251992 2013-11-14] (Broadcom Corporation.)
R2 esifsvc; C:\Windows\SysWOW64\esif_uf.exe [1037568 2014-09-18] (Intel Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344976 2014-12-15] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496 2015-01-06] (Intel Corporation)
R2 NAV; C:\Program Files (x86)\Norton AntiVirus\Engine\22.8.1.14\NAV.exe [289080 2016-11-12] (Symantec Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
S3 Origin Client Service; D:\Hry\Origin\OriginClientService.exe [2142728 2016-10-15] (Electronic Arts)
S2 Origin Web Helper Service; D:\Hry\Origin\OriginWebHelperService.exe [2209296 2016-10-15] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2016-10-15] ()
R2 RzKLService; C:\Programy\Razer Game Booster\RzKLService.exe [105448 2014-02-25] (Razer Inc.)
S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2015-10-29] (SolidWorks) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [69904 2014-09-19] (ASUS Corporation)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-11-14] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7546544 2015-02-14] (Broadcom Corporation)
R1 BHDrvx64; C:\Program Files (x86)\Norton AntiVirus\NortonData\22.5.4.24\Definitions\BASHDefs\20161208.001\BHDrvx64.sys [1874136 2016-11-07] (Symantec Corporation)
R1 ccSet_NAV; C:\Windows\system32\drivers\NAVx64\1608010.00E\ccSetx64.sys [174328 2016-06-02] (Symantec Corporation)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [38720 2014-09-18] (Intel Corporation)
R3 dptf_pch; C:\Windows\System32\drivers\dptf_pch.sys [38208 2014-09-18] (Intel Corporation)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2015-10-24] (DT Soft Ltd)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [497368 2016-10-04] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [156888 2016-10-04] (Symantec Corporation)
R3 esif_lf; C:\Windows\System32\drivers\esif_lf.sys [216360 2014-09-18] (Intel Corporation)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-11-12] (LogMeIn Inc.)
R1 IDSVia64; C:\Program Files (x86)\Norton AntiVirus\NortonData\22.5.4.24\Definitions\IPSDefs\20161207.002\IDSvia64.sys [1012952 2016-10-28] (Symantec Corporation)
R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [79016 2014-08-26] (Intel Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2015-01-06] (Intel Corporation)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [82072 2015-08-10] (McAfee, Inc.)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [11376 2016-03-19] () [File not signed]
S3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2015-06-04] ()
R3 SRTSP; C:\Windows\System32\Drivers\NAVx64\1608010.00E\SRTSP64.SYS [784624 2016-11-12] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NAVx64\1608010.00E\SRTSPX64.SYS [49400 2016-11-12] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\NAVx64\1608010.00E\SYMEFASI64.SYS [1628888 2016-11-12] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NAVx64\1608010.00E\SymELAM.sys [24192 2015-09-23] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [100592 2016-10-14] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NAVx64\1608010.00E\Ironx64.SYS [289520 2016-11-12] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NAVx64\1608010.00E\SYMNETS.SYS [567512 2016-11-12] (Symantec Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
U0 msahci; system32\drivers\msahci.sys [X]
S3 NAVENG; \??\C:\Program Files (x86)\Norton AntiVirus\NortonData\22.5.4.24\Definitions\SDSDefs\20160720.002\ENG64.SYS [X]
S3 NAVEX15; \??\C:\Program Files (x86)\Norton AntiVirus\NortonData\22.5.4.24\Definitions\SDSDefs\20160720.002\EX64.SYS [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-12-09 20:22 - 2016-12-09 20:22 - 03968464 _____ C:\Users\Anton\Desktop\adwcleaner_6.040.exe
2016-12-09 19:33 - 2016-12-09 21:40 - 00021747 _____ C:\Users\Anton\Desktop\FRST.txt
2016-12-09 19:33 - 2016-12-09 19:33 - 02420224 _____ (Farbar) C:\Users\Anton\Desktop\frst64.exe
2016-12-06 19:54 - 2016-12-06 19:54 - 00002782 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2016-12-06 19:54 - 2016-12-06 19:54 - 00000836 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-12-06 19:54 - 2016-12-06 19:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-12-06 19:54 - 2016-12-06 19:54 - 00000000 ____D C:\Program Files\CCleaner
2016-12-04 21:14 - 2016-12-04 21:14 - 00000000 ____D C:\Windows\System32\Tasks\Norton AntiVirus
2016-12-04 21:11 - 2016-12-04 21:11 - 00003218 _____ C:\Windows\System32\Tasks\Norton WSC Integration
2016-11-27 15:20 - 2016-12-06 19:07 - 00000000 ____D C:\Users\Anton\AppData\LocalLow\Mozilla
2016-11-10 15:15 - 2016-11-10 16:10 - 00000000 ____D C:\Users\Anton\AppData\Roaming\discord
2016-11-10 15:15 - 2016-11-10 15:15 - 00000000 ____D C:\Users\Anton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
2016-11-10 15:15 - 2016-11-10 15:15 - 00000000 ____D C:\Users\Anton\AppData\Local\SquirrelTemp
2016-11-10 15:15 - 2016-11-10 15:15 - 00000000 ____D C:\Users\Anton\AppData\Local\Discord

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-12-09 21:39 - 2016-08-28 13:39 - 00000000 ____D C:\FRST
2016-12-09 21:39 - 2015-10-23 15:45 - 00000165 _____ C:\Users\Anton\AppData\Roaming\sp_data.sys
2016-12-09 20:36 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-09 20:34 - 2015-10-23 15:49 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3113116595-2999987527-3303187697-1001
2016-12-09 20:33 - 2014-10-21 12:24 - 00741360 _____ C:\Windows\system32\perfh005.dat
2016-12-09 20:33 - 2014-10-21 12:24 - 00152030 _____ C:\Windows\system32\perfc005.dat
2016-12-09 20:33 - 2014-03-18 16:26 - 01745984 _____ C:\Windows\system32\PerfStringBackup.INI
2016-12-09 20:33 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf
2016-12-09 20:29 - 2015-10-23 15:51 - 00001543 _____ C:\Users\Anton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AsusSmartGestureDetector.lnk
2016-12-09 20:27 - 2016-06-05 17:07 - 00000000 ____D C:\AdwCleaner
2016-12-09 18:00 - 2015-10-24 15:59 - 00000000 ____D C:\Users\Anton\AppData\Roaming\vlc
2016-12-09 15:45 - 2016-08-16 16:25 - 00003480 _____ C:\Windows\System32\Tasks\ASUS Live Update1
2016-12-09 15:45 - 2015-10-23 15:52 - 00003470 _____ C:\Windows\System32\Tasks\ASUS Live Update2
2016-12-08 20:02 - 2015-10-29 13:37 - 01365504 ___SH C:\Users\Anton\Downloads\Thumbs.db
2016-12-07 21:36 - 2015-12-15 14:57 - 00000000 ____D C:\Windows\System32\Tasks\Remediation
2016-12-07 20:17 - 2015-11-06 20:12 - 00000000 ____D C:\Users\Anton\AppData\Roaming\uTorrent
2016-12-07 20:17 - 2015-10-23 23:12 - 00000000 ____D C:\Users\Anton\AppData\Roaming\DAEMON Tools Lite
2016-12-07 20:11 - 2016-06-05 16:22 - 00000000 ____D C:\Users\Anton\AppData\Local\CrashDumps
2016-12-07 20:11 - 2014-10-21 13:09 - 00000000 ____D C:\Windows\Panther
2016-12-06 19:46 - 2016-01-11 17:27 - 00000058 _____ C:\Users\Anton\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2016-12-06 19:46 - 2015-10-25 10:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hry
2016-12-06 19:45 - 2015-02-14 03:42 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-12-06 19:42 - 2015-10-26 13:04 - 00000000 ____D C:\Users\Anton\Documents\SolidWorks Downloads
2016-12-06 19:41 - 2015-10-23 16:08 - 00000000 ____D C:\Programy
2016-12-06 19:10 - 2015-10-23 17:05 - 00000000 ____D C:\Users\Anton\Desktop\Moje
2016-12-05 21:03 - 2015-10-23 15:43 - 00000000 ____D C:\Users\Anton
2016-12-04 21:20 - 2015-10-24 13:36 - 00000000 ____D C:\Users\Anton\AppData\Roaming\Skype
2016-12-04 21:09 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2016-12-04 21:06 - 2015-10-23 21:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-04 21:06 - 2013-08-22 16:36 - 00000000 ___HD C:\Windows\ELAMBKUP
2016-12-04 20:54 - 2015-10-23 16:10 - 07759872 ___SH C:\Users\Anton\Desktop\Thumbs.db
2016-12-04 20:46 - 2016-06-24 18:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-12-01 17:40 - 2015-12-13 18:04 - 00000000 ____D C:\Windows\system32\Drivers\NAVx64
2016-12-01 17:39 - 2015-12-13 18:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton AntiVirus
2016-11-30 20:29 - 2016-01-02 20:42 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-11-30 20:29 - 2014-10-21 05:29 - 00000000 ____D C:\ProgramData\Skype
2016-11-28 19:44 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp
2016-11-27 18:20 - 2016-01-29 16:52 - 00000000 ____D C:\Users\Anton\AppData\Roaming\TS3Client
2016-11-14 18:23 - 2016-10-15 13:56 - 1655064576 ____R C:\Users\Anton\Downloads\Allegiant.2016.BRRip.XviD.AC3.CZ.avi
2016-11-14 18:17 - 2016-10-15 13:56 - 1499391470 ____R C:\Users\Anton\Downloads\Hardcore.Henry.2015.BRRip.XviD.AC3.CZ-PiRaTE.avi
2016-11-14 18:07 - 2016-10-15 13:56 - 1646839920 ____R C:\Users\Anton\Downloads\Les.Visiteurs.La.Révolution.2016.480p.BDRip.XviD.AC3.CZ.avi
2016-11-11 17:04 - 2015-10-23 16:02 - 00002217 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-11-10 16:18 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI

==================== Files in the root of some directories =======

2015-11-01 19:22 - 2015-11-01 19:22 - 0000504 _____ () C:\Users\Anton\AppData\Roaming\Drives Monitor_Settings.ini
2015-10-23 15:45 - 2016-12-09 21:39 - 0000165 _____ () C:\Users\Anton\AppData\Roaming\sp_data.sys
2015-11-01 19:24 - 2015-11-01 19:28 - 0000122 _____ () C:\Users\Anton\AppData\Roaming\System Monitor II_UptimeRecord.ini
2016-01-11 17:27 - 2016-12-06 19:46 - 0000058 _____ () C:\Users\Anton\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2016-10-03 18:01 - 2016-10-03 18:01 - 0003414 _____ () C:\Users\Anton\AppData\Local\recently-used.xbel
2015-10-29 16:45 - 2015-12-09 15:19 - 0000000 _____ () C:\Users\Anton\AppData\Local\Temptable.xml
2014-10-21 05:28 - 2012-09-07 12:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2014-10-21 05:28 - 2009-07-22 11:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe

Some files in TEMP:
====================
C:\Users\Anton\AppData\Local\Temp\libeay32.dll
C:\Users\Anton\AppData\Local\Temp\msvcr120.dll
C:\Users\Anton\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-10-23 11:30

==================== End of FRST.txt ============================

#6 Příspěvek od **Rudy** » 09 pro 2016 22:10

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKU\S-1-5-21-3113116595-2999987527-3303187697-1001\...\MountPoints2: {2156a9fb-7994-11e5-8261-acb57daa8b50} - "J:\fscommand\LS_Start_Launch.cmd"
HKU\S-1-5-21-3113116595-2999987527-3303187697-1001\...\MountPoints2: {8c7acbbc-b346-11e6-82a3-acb57daa8b50} - "J:\Setup.exe"
ShortcutTarget: Sidebar17.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (No File)
C:\Users\Anton\AppData\Local\Temp

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

whiskytony · #7 Příspěvek od **whiskytony** » 09 pro 2016 22:18

Hostitel tam furt je

----

Fix result of Farbar Recovery Scan Tool (x64) Version: 07-12-2016
Ran by Anton (09-12-2016 22:13:27) Run:2
Running from C:\Users\Anton\Desktop
Loaded Profiles: Anton (Available Profiles: Anton)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKU\S-1-5-21-3113116595-2999987527-3303187697-1001\...\MountPoints2: {2156a9fb-7994-11e5-8261-acb57daa8b50} - "J:\fscommand\LS_Start_Launch.cmd"
HKU\S-1-5-21-3113116595-2999987527-3303187697-1001\...\MountPoints2: {8c7acbbc-b346-11e6-82a3-acb57daa8b50} - "J:\Setup.exe"
ShortcutTarget: Sidebar17.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (No File)
C:\Users\Anton\AppData\Local\Temp

EmptyTemp:
End
*****************

"HKU\S-1-5-21-3113116595-2999987527-3303187697-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2156a9fb-7994-11e5-8261-acb57daa8b50}" => key removed successfully
HKCR\CLSID\{2156a9fb-7994-11e5-8261-acb57daa8b50} => key not found.
"HKU\S-1-5-21-3113116595-2999987527-3303187697-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8c7acbbc-b346-11e6-82a3-acb57daa8b50}" => key removed successfully
HKCR\CLSID\{8c7acbbc-b346-11e6-82a3-acb57daa8b50} => key not found.
C:\Program Files\Windows Sidebar\sidebar.exe => not found.

"C:\Users\Anton\AppData\Local\Temp" folder move:

Could not move "C:\Users\Anton\AppData\Local\Temp" => Scheduled to move on reboot.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 19169485 B
Java, Flash, Steam htmlcache => 387780490 B
Windows/system/drivers => 410552 B
Edge => 0 B
Chrome => 638832700 B
Firefox => 13786608 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 96335 B
systemprofile32 => 0 B
LocalService => 3274 B
NetworkService => 0 B
Anton => 147316 B

RecycleBin => 8718916 B
EmptyTemp: => 1 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 09-12-2016 22:16:36)

C:\Users\Anton\AppData\Local\Temp => moved successfully

==== End of Fixlog 22:16:37 ====

#8 Příspěvek od **Rudy** » 09 pro 2016 22:21

Smazáno. Udělejte ještě kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemäžte.

whiskytony · #9 Příspěvek od **whiskytony** » 09 pro 2016 22:36

Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 09.12.16
Čas skenování: 22:30
Logovací soubor:
Správce: Ano

-Informace o softwaru-
Verze: 3.0.4.1269
Verze komponentů: 1.0.39
Aktualizovat verzi balíku komponent: 1.0.678
Licence: Zkušební

-Systémová informace-
OS: Windows 8.1
CPU: x64
Systém souborů: NTFS
Uživatel: Tony\Anton

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Výsledek: Dokončeno
Skenované objekty: 363977
Uplynulý čas: 6 min, 3 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Povoleno
Potenciálně nežádoucí modifikace: Povoleno

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)

Soubor: 0
(Nebyly zjištěny žádné škodlivé položky)

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)

(end)

#10 Příspěvek od **Rudy** » 10 pro 2016 11:24

Je to OK, v PC nic škodlivého nemáte. Na zkoušku vypněte aut. aktualizace.

whiskytony · #11 Příspěvek od **whiskytony** » 10 pro 2016 20:00

No, prvně jsem stáhnul aktualizace (mám je většinou vyplé). Pak jsem to nastavil, aby to aktualizace nehledalo, ani nestahovalo, ani neinstalovalo.

No, asi se to zlepšilo.

https://postimg.org/image/tolj0x7hv/
https://postimg.org/image/axjlqrcxf/
https://postimg.org/image/irk7c5kqb/

Pamět se drží na těch +-20%, ale Procesor a Disk občas vyskočí. Většinou teda za to může Norton (bude mi za 3 dny končit licence, mám jej prodloužit, nebo mi doporučíte jiný?)

Ale stále zde vidím Hostitel služby, přitom jsem si toho asi nikdy nevšimnul.

Pokud by problémy opět nastaly, mám zkusit částečnou obnovu?

Děkuji

#12 Příspěvek od **Rudy** » 10 pro 2016 20:25

Mohu vám doporučit Avast, nebo Aviru. Pro home usery free antivirus postačí. Obnovu zkusit můžete.

VIRY.CZ

Zpomalený a zasekaný pc

Zpomalený a zasekaný pc

Re: Zpomalený a zasekaný pc

Re: Zpomalený a zasekaný pc

Re: Zpomalený a zasekaný pc

Re: Zpomalený a zasekaný pc

Re: Zpomalený a zasekaný pc

Re: Zpomalený a zasekaný pc

Re: Zpomalený a zasekaný pc

Re: Zpomalený a zasekaný pc

Re: Zpomalený a zasekaný pc

Re: Zpomalený a zasekaný pc

Re: Zpomalený a zasekaný pc