VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Prosím o radu

https://forum.viry.cz:443/viewtopic.php?t=147489

Stránka 1 z 1

Prosím o radu

Napsal: 05 led 2016 16:13
od Awy
Zdravím, potřeboval bych pár rad jelikož jsem dnes chtěl přeinstalovat antivirus, tak jsem odstranil celou složku kde byl uložen Avast (zkušební verze na 30 dní).Poté jsem úspěšně nainstaloval ESET, ale problém je ten že nevím zda jsem si tím nezaviroval pc nebo neodstranil např.nějaký ovladač nebo podobně.Po té co jsem vše udělal mi počítač chvilkami hučí a nebo je potichu ale zaseklý,využití procesoru mi skáče v rozmezí od 50%-90% a díky tomu krásně topí.Proto bych potřeboval poradit jak vyřešit tento problém popř.jak udělat log jelikož jsem ho nikdy nedělal.Předem děkuji

Re: Prosím o radu

Napsal: 05 led 2016 17:37
od Rudy
Zdravím!
Korektní odinstalace Avastu se dělá pomocí Avast uninstall: https://www.avast.com/cs-cz/uninstall-utility . Zkuste to. Možná tam ještě máte nějaké zbytky.

Re: Prosím o radu

Napsal: 05 led 2016 18:04
od Awy
Vše jsem udělal podle návodu a úspěšně odinstaloval a celý počítač projel ESETem který mi našel 2 soubory a rovnou je smazal,počítač se mi už přestal sekat ale sice po delších časové prodlevě ale stejně začne vždy nahlas hučet a pořád mi připadá že je využítí procesoru moc velké(cca od 25-90%).

Re: Prosím o radu

Napsal: 05 led 2016 18:14
od Awy
Dělám třeba něco jen na webu a mám využítí procesoru na 77% například,jdu do správce úloh a najednou mám klasicky např:10% a po tom co jdu zpět na web tak po chvilce to mám zpět.

Re: Prosím o radu

Napsal: 05 led 2016 18:20
od Rudy
OK. Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .

Re: Prosím o radu

Napsal: 05 led 2016 18:59
od Awy
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:31-12-2015
Ran by Uzivatel (administrator) on UZIVATEL-PC (05-01-2016 18:54:02)
Running from C:\Users\Uzivatel\Desktop
Loaded Profiles: Uzivatel & (Available Profiles: Uzivatel)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Hi-Rez Studios) D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(PixArt Imaging Incorporation) C:\Windows\PixArt\Pac7302\Monitor.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Electronic Arts) D:\Origin\Origin.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe
(Malwarebytes) D:\Malwarebytes Anti-Malware\mbamscheduler.exe
() C:\Program Files (x86)\BloodyToneMaker\BloodyToneMaker\Bloody ToneMaker1.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.266\SSScheduler.exe
() C:\Users\Uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\googlecpupdate.exe
() C:\Users\Uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\win32cldefender.exe
() C:\Users\Uzivatel\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
() C:\Users\Uzivatel\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
() D:\Evolveo klávesnice\Monitor.EXE
() C:\Program Files (x86)\BloodyToneMaker\BloodyToneMaker\SDK\CM_LibraryIO.exe
() D:\Evolveo klávesnice\OSD.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(AVG) C:\Program Files (x86)\AVG PC TuneUp 2014\TuneUpUtilitiesService64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
(Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
(Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe
(AVG) C:\Program Files (x86)\AVG PC TuneUp 2014\TuneUpUtilitiesApp64.exe
(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.91.145.0\OverwolfHelper.exe
(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.91.145.0\OverwolfHelper64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\0.91.145.0\Purplizer\Purplizer.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\Silverlight.Configuration.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\0.91.145.0\OverwolfBrowser.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\0.91.145.0\OverwolfBrowser.exe
(Malwarebytes) D:\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(forum.viry.cz) C:\Users\Uzivatel\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12446824 2012-01-31] (Realtek Semiconductor)
HKLM\...\Run: [THXCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64
HKLM\...\Run: [PAC7302_Monitor] => C:\Windows\PixArt\PAC7302\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-29] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-26] (Intel Corporation)
HKLM-x32\...\Run: [THX TruStudio NB Settings] => C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe [909824 2011-05-19] (Creative Technology Ltd)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [3825176 2012-11-13] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [GK-862 Driver] => D:\Evolveo klávesnice\Monitor.exe [479232 2013-11-21] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-4223151101-1865949334-2702114818-1000\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [152872 2007-06-27] (Nero AG)
HKU\S-1-5-21-4223151101-1865949334-2702114818-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673728 2012-11-06] (DT Soft Ltd)
HKU\S-1-5-21-4223151101-1865949334-2702114818-1000\...\Run: [EADM] => D:\Origin\Origin.exe [3639280 2015-12-28] (Electronic Arts)
HKU\S-1-5-21-4223151101-1865949334-2702114818-1000\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe [45296 2015-12-15] (Overwolf LTD)
HKU\S-1-5-21-4223151101-1865949334-2702114818-1000\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Uzivatel\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-4223151101-1865949334-2702114818-1000\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Uzivatel\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-4223151101-1865949334-2702114818-1000\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [3713032 2012-11-13] (Safer-Networking Ltd.)
HKU\S-1-5-21-4223151101-1865949334-2702114818-1000\...\Run: [BloodyToneMaker] => C:\Program Files (x86)\BloodyToneMaker\BloodyToneMaker\Bloody ToneMaker1.exe [7887872 2014-01-15] ()
HKU\S-1-5-21-4223151101-1865949334-2702114818-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-4223151101-1865949334-2702114818-1000\...\MountPoints2: {217dc24b-282f-11e2-8617-806e6f6e6963} - D:\ASRSetup.exe
HKU\S-1-5-21-4223151101-1865949334-2702114818-1000\...\MountPoints2: {e823c9ba-2a47-11e2-8c20-bc5ff44826ef} - F:\setup.exe
HKU\S-1-5-21-4223151101-1865949334-2702114818-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [477696 2010-11-21] (Microsoft Corporation)
HKU\S-1-5-21-4223151101-1865949334-2702114818-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [152872 2007-06-27] (Nero AG)
HKU\S-1-5-21-4223151101-1865949334-2702114818-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673728 2012-11-06] (DT Soft Ltd)
HKU\S-1-5-21-4223151101-1865949334-2702114818-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [EADM] => D:\Origin\Origin.exe [3639280 2015-12-28] (Electronic Arts)
HKU\S-1-5-21-4223151101-1865949334-2702114818-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe [45296 2015-12-15] (Overwolf LTD)
HKU\S-1-5-21-4223151101-1865949334-2702114818-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Uzivatel\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-4223151101-1865949334-2702114818-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Uzivatel\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-4223151101-1865949334-2702114818-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [3713032 2012-11-13] (Safer-Networking Ltd.)
HKU\S-1-5-21-4223151101-1865949334-2702114818-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [BloodyToneMaker] => C:\Program Files (x86)\BloodyToneMaker\BloodyToneMaker\Bloody ToneMaker1.exe [7887872 2014-01-15] ()
HKU\S-1-5-21-4223151101-1865949334-2702114818-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-4223151101-1865949334-2702114818-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {217dc24b-282f-11e2-8617-806e6f6e6963} - D:\ASRSetup.exe
HKU\S-1-5-21-4223151101-1865949334-2702114818-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {e823c9ba-2a47-11e2-8c20-bc5ff44826ef} - F:\setup.exe
HKU\S-1-5-21-4223151101-1865949334-2702114818-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [477696 2010-11-21] (Microsoft Corporation)
AppInit_DLLs: C:\PROGRA~3\ASSIST~1\ASSIST~2.DLL => No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-12-17]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.266\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\googlecpupdate.exe [2016-01-05] ()
Startup: C:\Users\Uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\win32cldefender.exe [2016-01-05] ()
BootExecute: autocheck autochk * sh4native Sh4Removalsdnclean64.exe
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{B1EAAEAD-6247-40B5-8D67-688090ED0E70}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKU\S-1-5-21-4223151101-1865949334-2702114818-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=13415
HKU\S-1-5-21-4223151101-1865949334-2702114818-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=13415
SearchScopes: HKLM -> DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKLM -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKLM-x32 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-4223151101-1865949334-2702114818-1000 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-4223151101-1865949334-2702114818-1000 -> {0F34D814-CA97-43AE-BA41-EA7B01456C7B} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-4223151101-1865949334-2702114818-1000 -> {1C88DDDA-BA80-4B4E-9B27-6E69B65C1FBA} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-4223151101-1865949334-2702114818-1000 -> {1FD4772F-FFE9-4B99-86FD-D8A4D8D781DE} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-4223151101-1865949334-2702114818-1000 -> {3405A787-C520-4F03-9605-8DC381CAA5BA} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_13415
SearchScopes: HKU\S-1-5-21-4223151101-1865949334-2702114818-1000 -> {67F4D47C-E9BD-477D-821B-81BA7C7F0E16} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_13415
SearchScopes: HKU\S-1-5-21-4223151101-1865949334-2702114818-1000 -> {78A65B60-FE98-4C3F-B90E-BB1D4B617B01} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_13415
SearchScopes: HKU\S-1-5-21-4223151101-1865949334-2702114818-1000 -> {8ADB433E-15BA-44D3-97E8-209965486664} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_13415
SearchScopes: HKU\S-1-5-21-4223151101-1865949334-2702114818-1000 -> {8C94228E-D3AB-4F8D-BEA6-10C4A088A74D} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-4223151101-1865949334-2702114818-1000 -> {F175CEAE-6444-49E5-A88A-8F57DFB620BB} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-4223151101-1865949334-2702114818-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-4223151101-1865949334-2702114818-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {0F34D814-CA97-43AE-BA41-EA7B01456C7B} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-4223151101-1865949334-2702114818-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {1C88DDDA-BA80-4B4E-9B27-6E69B65C1FBA} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-4223151101-1865949334-2702114818-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {1FD4772F-FFE9-4B99-86FD-D8A4D8D781DE} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-4223151101-1865949334-2702114818-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {3405A787-C520-4F03-9605-8DC381CAA5BA} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_13415
SearchScopes: HKU\S-1-5-21-4223151101-1865949334-2702114818-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {67F4D47C-E9BD-477D-821B-81BA7C7F0E16} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_13415
SearchScopes: HKU\S-1-5-21-4223151101-1865949334-2702114818-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {78A65B60-FE98-4C3F-B90E-BB1D4B617B01} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_13415
SearchScopes: HKU\S-1-5-21-4223151101-1865949334-2702114818-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {8ADB433E-15BA-44D3-97E8-209965486664} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_13415
SearchScopes: HKU\S-1-5-21-4223151101-1865949334-2702114818-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {8C94228E-D3AB-4F8D-BEA6-10C4A088A74D} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-4223151101-1865949334-2702114818-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {F175CEAE-6444-49E5-A88A-8F57DFB620BB} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_13415
BHO-x32: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll [2012-11-13] (Safer-Networking Ltd.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\hgncn2dc.default
FF NewTab: hxxp://www.google.com
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll [2016-01-05] ()
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2015-10-13] (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll [2016-01-05] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll [2014-03-11] (Adobe Systems, Inc.)
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll [No File]
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2013-05-04] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-05-04] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2015-10-13] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [No File]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2012-07-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4223151101-1865949334-2702114818-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\Uzivatel\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2013-10-29] (Google)
FF Plugin HKU\S-1-5-21-4223151101-1865949334-2702114818-1000: @talk.google.com/O1DPlugin -> C:\Users\Uzivatel\AppData\Roaming\Mozilla\plugins\npo1d.dll [2013-10-29] (Google)
FF Plugin HKU\S-1-5-21-4223151101-1865949334-2702114818-1000: @talk.google.com/O3DPlugin -> C:\Users\Uzivatel\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll [2013-10-29] ()
FF Plugin HKU\S-1-5-21-4223151101-1865949334-2702114818-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Uzivatel\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll [No File]
FF Plugin HKU\S-1-5-21-4223151101-1865949334-2702114818-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Uzivatel\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll [No File]
FF Plugin HKU\S-1-5-21-4223151101-1865949334-2702114818-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Uzivatel\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2013-08-27] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-4223151101-1865949334-2702114818-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [No File]
FF Plugin HKU\S-1-5-21-4223151101-1865949334-2702114818-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @talk.google.com/GoogleTalkPlugin -> C:\Users\Uzivatel\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2013-10-29] (Google)
FF Plugin HKU\S-1-5-21-4223151101-1865949334-2702114818-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @talk.google.com/O1DPlugin -> C:\Users\Uzivatel\AppData\Roaming\Mozilla\plugins\npo1d.dll [2013-10-29] (Google)
FF Plugin HKU\S-1-5-21-4223151101-1865949334-2702114818-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @talk.google.com/O3DPlugin -> C:\Users\Uzivatel\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll [2013-10-29] ()
FF Plugin HKU\S-1-5-21-4223151101-1865949334-2702114818-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @tools.google.com/Google Update;version=3 -> C:\Users\Uzivatel\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll [No File]
FF Plugin HKU\S-1-5-21-4223151101-1865949334-2702114818-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @tools.google.com/Google Update;version=9 -> C:\Users\Uzivatel\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll [No File]
FF Plugin HKU\S-1-5-21-4223151101-1865949334-2702114818-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Uzivatel\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2013-08-27] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-4223151101-1865949334-2702114818-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [No File]
FF Plugin ProgramFiles/Appdata: C:\Users\Uzivatel\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2013-10-29] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Uzivatel\AppData\Roaming\mozilla\plugins\npgtpo3dautoplugin.dll [2013-10-29] ()
FF Plugin ProgramFiles/Appdata: C:\Users\Uzivatel\AppData\Roaming\mozilla\plugins\npo1d.dll [2013-10-29] (Google)
FF Extension: Seznam lištička - C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\hgncn2dc.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2015-12-29]

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR NewTab: Default -> "chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\pdf.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll => No File
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U9) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.90.5) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll => No File
CHR Profile: C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-15]
CHR Extension: (Steam item search between friends.) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajlddciniccidokpjhppahkoefohkchg [2015-09-18]
CHR Extension: (Dokumenty Google) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-15]
CHR Extension: (Disk Google) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-17]
CHR Extension: (Seznam Lištička - Email) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2015-07-15]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2015-07-15]
CHR Extension: (YouTube) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-08]
CHR Extension: (Vyhledávání Google) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-17]
CHR Extension: (Tabulky Google) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-15]
CHR Extension: (LoungeDestroyer) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghahcnmfjfckcedfajbhekgknjdplfcl [2015-12-18]
CHR Extension: (Dokumenty Google offline) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-04]
CHR Extension: (Avast Online Security) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-11-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-24]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2015-12-04]
CHR Extension: (Gmail) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-15]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [236832 2015-12-26] (EasyAntiCheat Ltd)
U2 HiPatchService; D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [8704 2012-12-04] (Hi-Rez Studios) [File not signed]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [121344 2012-02-07] () [File not signed]
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [133632 2012-02-09] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-07] (Intel Corporation)
R2 MBAMScheduler; D:\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
S2 MBAMService; D:\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.266\McCHSvc.exe [289256 2015-12-02] (McAfee, Inc.)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [279848 2007-06-27] (Nero AG)
S3 Origin Client Service; D:\Origin\OriginClientService.exe [2104840 2015-12-28] (Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1008880 2015-12-15] (Overwolf LTD)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2015-07-08] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [189248 2015-07-08] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1103392 2012-11-13] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1369624 2012-11-13] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [168384 2012-11-13] (Safer-Networking Ltd.)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG PC TuneUp 2014\TuneUpUtilitiesService64.exe [2099000 2013-10-12] (AVG)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49760 2011-09-21] (Asmedia Technology)
R3 CMUAC; C:\Windows\System32\DRIVERS\Headset6400x1.SYS [386560 2013-10-03] (A4Tech Inc.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-11-09] (DT Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [25536 2012-02-09] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [25536 2012-02-09] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [44992 2012-02-09] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-01-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
S3 NPF; C:\Windows\SysWOW64\drivers\NPF.sys [34064 2007-11-07] (CACE Technologies)
S3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [527872 2007-11-08] (PixArt Imaging Inc.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG PC TuneUp 2014\TuneUpUtilitiesDriver64.sys [14112 2013-09-18] (TuneUp Software)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2016-01-05] ()
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 EverestDriver; \??\D:\EVEREST Ultimate Edition\kerneld.amd64 [X]
S3 FairplayKD3; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-05 18:54 - 2016-01-05 18:54 - 00033300 _____ C:\Users\Uzivatel\Desktop\FRST.txt
2016-01-05 18:52 - 2016-01-05 18:54 - 00000000 ____D C:\FRST
2016-01-05 18:50 - 2016-01-05 18:50 - 00112640 _____ (forum.viry.cz) C:\Users\Uzivatel\Desktop\FRSTLauncher.exe
2016-01-05 18:45 - 2016-01-05 18:45 - 02370560 _____ (Farbar) C:\Users\Uzivatel\Desktop\FRST64.exe
2016-01-05 18:38 - 2016-01-05 18:38 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2016-01-05 17:38 - 2016-01-05 17:38 - 05762544 _____ (AVAST Software) C:\Users\Uzivatel\Downloads\avastclear.exe
2016-01-05 15:38 - 2016-01-05 15:38 - 00003350 _____ C:\Windows\System32\Tasks\ESET Windows 10 upgrade – Refresh settings
2016-01-05 14:43 - 2016-01-05 14:52 - 00000066 _____ C:\Users\Uzivatel\Desktop\Nový textový dokument.txt
2016-01-05 14:30 - 2016-01-05 18:38 - 00507522 _____ C:\Windows\ntbtlog.txt
2016-01-05 14:10 - 2016-01-05 14:10 - 00137728 _____ C:\Users\Uzivatel\AppData\Roaming\gpu.exe
2016-01-05 14:10 - 2016-01-05 14:10 - 00128197 _____ C:\Users\Uzivatel\AppData\Roaming\cpu.exe
2016-01-05 14:09 - 2016-01-05 14:09 - 00156504 _____ C:\Users\Uzivatel\Downloads\ESET-NOD32-ANTIVIRUS-8-+-CRACK-(32-64BIT).rar.zip
2016-01-05 14:04 - 2016-01-05 15:50 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-01-05 14:04 - 2016-01-05 15:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-01-05 14:04 - 2016-01-05 14:04 - 00002731 _____ C:\Users\Public\Desktop\Skype.lnk
2016-01-05 13:52 - 2016-01-05 13:52 - 02861368 _____ (ESET) C:\Users\Uzivatel\Downloads\eset_nod32_antivirus_live_installer_.exe
2015-12-26 21:57 - 2015-12-26 21:02 - 00236832 _____ (EasyAntiCheat Ltd) C:\Windows\SysWOW64\EasyAntiCheat.exe
2015-12-23 21:02 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2015-12-22 23:33 - 2015-12-22 23:33 - 03263528 _____ C:\Users\Uzivatel\Downloads\moje videjko.mp4
2015-12-22 23:31 - 2015-12-22 23:31 - 03587522 _____ C:\Users\Uzivatel\Downloads\M4V00001.MP4
2015-12-20 13:52 - 2015-12-20 13:53 - 83864054 _____ C:\Users\Uzivatel\Downloads\WORKOUT2.rar
2015-12-20 13:51 - 2015-12-20 13:51 - 89117347 _____ C:\Users\Uzivatel\Downloads\WORKOUT.rar
2015-12-20 13:48 - 2015-12-20 13:55 - 00000000 ____D C:\Users\Uzivatel\Desktop\BASY
2015-12-17 18:29 - 2015-12-17 18:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2015-12-08 14:14 - 2015-12-08 16:46 - 00000000 ____D C:\Users\Uzivatel\Documents\TrackMania
2015-12-06 19:39 - 2015-12-06 19:39 - 01519567 _____ C:\Users\Uzivatel\Downloads\x360ce.zip
2015-12-06 19:39 - 2015-12-06 19:39 - 00000000 ____D C:\ProgramData\X360CE

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-05 18:52 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2016-01-05 18:46 - 2014-05-16 19:48 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-01-05 18:45 - 2010-11-21 10:27 - 00668882 _____ C:\Windows\system32\perfh005.dat
2016-01-05 18:45 - 2010-11-21 10:27 - 00141542 _____ C:\Windows\system32\perfc005.dat
2016-01-05 18:45 - 2009-07-14 06:13 - 01584626 _____ C:\Windows\system32\PerfStringBackup.INI
2016-01-05 18:45 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-01-05 18:43 - 2015-07-07 10:03 - 00000000 ____D C:\Users\Uzivatel\AppData\Roaming\Seznam.cz
2016-01-05 18:38 - 2014-12-03 14:43 - 00034752 _____ C:\Windows\system32\Drivers\WPRO_41_2001.sys
2016-01-05 18:38 - 2013-04-20 18:59 - 00000000 ____D C:\ProgramData\Origin
2016-01-05 18:38 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-05 18:34 - 2009-07-14 05:45 - 00026768 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-01-05 18:34 - 2009-07-14 05:45 - 00026768 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-01-05 15:50 - 2015-12-03 15:58 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2016-01-05 15:50 - 2015-04-04 23:56 - 00000000 ___SD C:\Windows\system32\GWX
2016-01-05 15:50 - 2014-12-25 20:47 - 00000000 ____D C:\Users\Uzivatel\AppData\Roaming\Skype
2016-01-05 15:50 - 2014-12-23 21:54 - 00000000 ____D C:\ProgramData\Skype
2016-01-05 15:50 - 2013-11-22 20:28 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2016-01-05 15:50 - 2012-11-06 16:24 - 00000000 ____D C:\Users\Uzivatel\AppData\Roaming\BitTorrent
2016-01-05 15:50 - 2012-11-06 13:32 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-01-05 15:50 - 2012-11-06 13:32 - 00000000 ____D C:\Windows\system32\Macromed
2016-01-05 15:50 - 2012-11-06 10:56 - 00000000 ____D C:\Users\Uzivatel
2016-01-05 15:50 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2016-01-05 15:38 - 2015-12-03 15:58 - 00000000 ____D C:\Program Files\Common Files\AV
2016-01-05 15:31 - 2014-08-10 18:55 - 00000000 ____D C:\ProgramData\dfhecmjcbjhjblgkhmoggnffmcmiflho
2016-01-05 14:05 - 2012-11-06 13:32 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-01-05 14:05 - 2012-11-06 13:32 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-01-04 21:55 - 2012-11-06 15:57 - 00000000 ____D C:\Users\Uzivatel\AppData\Roaming\TS3Client
2016-01-04 19:06 - 2015-11-17 14:57 - 00000000 ____D C:\Windows\SysWOW64\vbox
2016-01-04 19:06 - 2015-11-17 14:57 - 00000000 ____D C:\Windows\system32\vbox
2015-12-29 15:19 - 2014-05-10 09:32 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-12-26 11:28 - 2015-08-05 19:56 - 00002008 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2015-12-23 21:03 - 2012-12-25 14:49 - 00000000 ____D C:\Users\Uzivatel\Documents\My Games
2015-12-23 18:24 - 2014-01-31 17:40 - 00000270 __RSH C:\ProgramData\ntuser.pol
2015-12-23 12:04 - 2015-07-06 16:54 - 00000000 ____D C:\Program Files (x86)\Overwolf
2015-12-20 18:53 - 2015-10-23 22:44 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2015-12-20 18:53 - 2015-04-18 15:11 - 00000080 _____ C:\Users\Uzivatel\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦
2015-12-20 18:52 - 2015-10-23 22:44 - 00000000 ____D C:\Program Files\Rockstar Games
2015-12-18 13:37 - 2014-09-12 20:12 - 00000000 ____D C:\Program Files (x86)\Youtube Downloader
2015-12-17 18:29 - 2015-11-11 21:02 - 00000000 ____D C:\Program Files\McAfee Security Scan
2015-12-12 13:44 - 2014-12-23 22:09 - 00000000 ____D C:\Users\Uzivatel\Documents\Rockstar Games
2015-12-08 17:47 - 2015-12-02 21:37 - 00000000 ____D C:\Users\Uzivatel\Documents\The Witcher 3
2015-12-08 16:09 - 2014-02-24 15:54 - 00000000 ____D C:\ProgramData\TrackMania
2015-12-08 14:05 - 2014-05-18 09:53 - 00000000 ____D C:\Users\Uzivatel\AppData\Roaming\LolClient
2015-12-06 21:39 - 2015-12-03 12:08 - 00000000 ____D C:\Users\Uzivatel\Desktop\Nové filmy

==================== Files in the root of some directories =======

2007-06-21 16:11 - 2007-06-21 16:09 - 0000266 _____ () C:\Program Files (x86)\Common Files\hama.de - Download-Area Gamecontroller.url
2016-01-05 14:10 - 2016-01-05 14:10 - 0128197 _____ () C:\Users\Uzivatel\AppData\Roaming\cpu.exe
2016-01-05 14:10 - 2016-01-05 14:10 - 0137728 _____ () C:\Users\Uzivatel\AppData\Roaming\gpu.exe
2012-11-16 19:15 - 2013-03-07 19:26 - 0703117 _____ () C:\Users\Uzivatel\AppData\Roaming\technic-launcher.jar
2012-11-16 19:15 - 2012-11-16 19:15 - 0579274 _____ () C:\Users\Uzivatel\AppData\Roaming\technic-launcher.jar.bak
2005-04-08 03:16 - 2014-08-26 00:36 - 0152395 ____H () C:\Users\Uzivatel\AppData\Roaming\Uzivatellog.dat
2013-02-04 16:46 - 2013-08-26 09:50 - 0010240 _____ () C:\Users\Uzivatel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-05-16 17:07 - 2014-05-16 17:13 - 0007597 _____ () C:\Users\Uzivatel\AppData\Local\Resmon.ResmonCfg
2012-11-06 11:12 - 2012-11-06 11:12 - 0000003 _____ () C:\Users\Uzivatel\AppData\Local\user_data.ini

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll
[2010-11-21 04:24] - [2015-10-18 18:59] - 1008640 ____A (Microsoft Corporation) 2C353B6CE0C8D03225CAA2AF33B68D79

C:\Windows\SysWOW64\User32.dll
[2010-11-21 04:24] - [2015-10-18 18:59] - 0833024 ____A (Microsoft Corporation) 861C4346F9281DC0380DE72C8D55D6BE

C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-01-03 19:38

==================== End of FRST.txt ============================



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:119.14 GB) (Free:33.42 GB) NTFS
Drive d: (Data) (Fixed) (Total:931.51 GB) (Free:268.62 GB) NTFS
Drive f: (Spintires) (CDROM) (Total:0.59 GB) (Free:0 GB) CDFS

Available physical RAM: 5000.68 MB
Total physical RAM: 8078.04 MB
Percentage of memory in use: 38%

==================== MBR and Partition Table ==================

Sizer 3.34 (HKLM-x32\...\{DE43AA92-E8C0-4620-AFE2-FBD623C71643}) (Version: 3.3.4.0 - Brian Apps)
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: A2D90FC8)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119.1 GB) - (Type=07 NTFS)
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 09CC0CB8)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\ProgramData:NT2
AlternateDataStreams: C:\Users\All Users:NT2
AlternateDataStreams: C:\ProgramData\Application Data:NT2
AlternateDataStreams: C:\ProgramData\Data aplikací:NT2
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2
AlternateDataStreams: C:\Users\Uzivatel\Data aplikací:NT
AlternateDataStreams: C:\Users\Uzivatel\AppData\Roaming:NT

==================== Security Center ==================

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Uzivatel\Desktop" je 12997 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDTray.exe"="C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon"
"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDFSSvc.exe"="C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDUpdate.exe"="C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDUpdSvc.exe"="C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Re: Prosím o radu

Napsal: 05 led 2016 19:33
od Rudy
Jak je na tom váš oper. systém s legalitou?

Re: Prosím o radu

Napsal: 05 led 2016 20:17
od Awy
To je dobrá otázka,počítač jsem si nechával sestavit asi před cca 3-4 roky a měl jsem tam klasickou pravou licenci w 7 premium myslím,Asi před pár měsíci jsem si chtěl na doporučení kamaráda vyzkoušet w10 ale za pár dní jsem si ho vracel zpátky protože jsem po instalaci měl nějaké problémy s vypínáním pc a podobně.Ale samozřejmě že jsem u sebe už neměl cd s oper.systémem tak jsem to vrátil přes to fukční tlačítko během 30 dní po instalaci w10 zpět na w7.Po přeinstalaci zpět mi oper.systém vyhodil hlášku že není legální což jsem trošku nepochopil a ptal jsem se i kamaráda co stím dělat a ani jeden z nás nevěděl tudíž mi přestal fungovat i antivir od microsoftu co jsem měl a podobné omezení.A CD jsem už nikde nenašel takže doteď vlastně nevím proč mi tohle vůbec napsalo a jak to vrátit zpět.

Re: Prosím o radu

Napsal: 05 led 2016 20:47
od Rudy
Tak divil bych se, kdybyste kupoval verzi Ultimate, když běžná verze Home je za méně, než polovinu. Sežeňte si od někoho orig CD stejné verze a systém přeinstalujte. Při instalaci použijte váš CDKey a bude to legální

Re: Prosím o radu

Napsal: 05 led 2016 21:11
od Awy
Nevím co k tomuhle mám napsat,když mám nějaký problém s pc a potřebuji poradit tak bych vážně neměl náladu si tu vymýšlet blbosti o tom zda jsem měl nebo neměl legalní oper.systém a já vím že měl jelikož jsem ho kupoval s celou sestavou ale já osobně jsem ho tam nedával protože jsem ani počítač neskládal.A myslím si že zda mám home nebo ultimate a to o čem vy pochybujete kvůli cenně je mi úplně jedno a myslím si že to vůbec není podstatné.A rada o přeinstalování systému ? Děkuju za radu,tohle by mě vážně nenapadlo že když přeinstaluju celý systém do základu tak to půjde ale to bych neztrácel čas psaním a vytvářením si účtu sem,takovouhle radu by mi dal člověk i kdybych napsal například do skupiny na fb "autoporadna"..A kdybych ktomu měl logicky cdkey tak jsem ho zadal okamžitě a hlavně bych k tomu nepotřeboval vůbec cdčko.Tak velice pěkně děkuji za radu a váš čas :-)

Re: Prosím o radu

Napsal: 05 led 2016 22:25
od Rudy
Máme to v pravidlech: http://forum.viry.cz/viewtopic.php?f=12&t=115512 a jsem ten poslední, kdo je bude porušoavt. Nemá to nic společného s právem, nýbrž s tím, že nelegální systém je upravovaný tak, aby se mohl tvářit legálně a tudíž se při čištění bude chovat jinak, než ten legální. Opravdu nemám zájem řešit následně nějaký kolaps systému.
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz