VIRY.CZ

Dobry den, prosim o kontrolu logu diky.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Pepik at 2016-07-11 08:47:51
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 147 GB (32%) free of 458 GB
Total RAM: 3767 MB (49% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:47:53, on 11.7.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16470)
Boot mode: Normal

Running processes:
C:\Users\Pepik\AppData\Roaming\BitTorrent\BitTorrent.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Users\Pepik\AppData\Roaming\BitTorrent\updates\7.9.7_42331\utorrentie.exe
C:\Users\Pepik\AppData\Roaming\BitTorrent\updates\7.9.7_42331\utorrentie.exe
C:\Program Files (x86)\Winamp\winamp.exe
C:\Program Files (x86)\Opera\38.0.2220.41\opera.exe
C:\Program Files (x86)\Opera\38.0.2220.41\opera_crashreporter.exe
C:\Program Files (x86)\Opera\38.0.2220.41\opera.exe
C:\Program Files (x86)\Opera\38.0.2220.41\opera.exe
C:\Program Files (x86)\Opera\38.0.2220.41\opera.exe
C:\Program Files (x86)\Opera\38.0.2220.41\opera.exe
C:\Program Files\trend micro\Pepik.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [BitTorrent] "C:\Users\Pepik\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [SetupNO] wscript.exe //B "C:\Users\Pepik\AppData\Local\Temp\SetupNO.vbs"
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O4 - Startup: RollerCoaster Tycoon 3 Registration.lnk = Pepik\AppData\Local\Temp\{C9AAE132-3AA8-4EED-B900-E3ED025012A9}\{907B4640-266B-4A21-92FB-CD1A86CD0F63}\ATR1.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Digital Wave Update Service (DigitalWave.Update.Service) - Digital Wave Ltd. - C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8545 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
winlogon.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe"
"C:\Program Files (x86)\Acer\Registration\GREGsvc.exe"
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\SysWOW64\PnkBstrB.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\Windows\system32\wbem\wmiprvse.exe
WLIDSvcM.exe 2296
C:\Windows\System32\alg.exe
taskhost.exe USER
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Users\Pepik\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED
C:\Windows\system32\igfxext.exe -Embedding
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Users\Pepik\AppData\Roaming\BitTorrent\updates\7.9.7_42331\utorrentie.exe" BitTorrent_3660_00A1A4F8_1157506424 BT4823DF041B09 BitTorrent
"C:\Users\Pepik\AppData\Roaming\BitTorrent\updates\7.9.7_42331\utorrentie.exe" BitTorrent_3660_00A1A460_371142013 BT4823DF041B09 BitTorrent
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Winamp\winamp.exe" -Embedding
"C:\Program Files (x86)\Opera\38.0.2220.41\opera.exe" --ran-launcher
"C:\Program Files (x86)\Opera\38.0.2220.41\opera_crashreporter.exe" --ran-launcher --crash-reporter-parent-id=4456
"C:\Program Files (x86)\Opera\38.0.2220.41\opera.exe" --enable-features=DownloadResumption --type=gpu-process --channel="4456.0.1585184076\1442674531" --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=on --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-pref-default-overrides-support=on --crash-reporter-pid=2304 --disable-d3d11 --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=4,10,12,13,25,46,54 --gpu-vendor-id=0x8086 --gpu-device-id=0x0046 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2182 --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=on --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-pref-default-overrides-support=on --crash-reporter-pid=2304 --mojo-platform-channel-handle=1080 --ignored=" --type=renderer "
"C:\Program Files (x86)\Opera\38.0.2220.41\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --enable-features=DownloadResumption --primordial-pipe-token=33C681F9B9858C81DB153EB2E4CD7A84 --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=on --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-pref-default-overrides-support=on --crash-reporter-pid=2304 --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --disable-accelerated-video-decode --channel="4456.2.459251800\1953268075" --mojo-platform-channel-handle=1676
"C:\Program Files (x86)\Opera\38.0.2220.41\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --enable-features=DownloadResumption --primordial-pipe-token=FE5F8DECAB6E6DE942FAE455090EA546 --lang=cs --disable-client-side-phishing-detection --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=on --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-pref-default-overrides-support=on --crash-reporter-pid=2304 --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --disable-accelerated-video-decode --channel="4456.4.330833871\1498642845" --mojo-platform-channel-handle=1916
"C:\Program Files (x86)\Opera\38.0.2220.41\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --enable-features=DownloadResumption --primordial-pipe-token=FC41709CEC91FD2A3687ECBC4B92722C --lang=cs --disable-client-side-phishing-detection --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=on --with-feature:installer-hide-from-program-and-features=off --with-feature:installer-pref-default-overrides-support=on --crash-reporter-pid=2304 --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --disable-accelerated-video-decode --channel="4456.14.1774966193\2061616107" --mojo-platform-channel-handle=3800
"C:\Users\Pepik\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player PPAPI Notifier.job - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_192_pepper.exe -check pepperplugin
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-07-01 662672]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-05-01 462400]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-01 565304]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-01 173120]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Power Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2011-05-10 1831528]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-07-23 386584]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-07-23 161304]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-07-23 415256]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-02-18 11779176]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BitTorrent"=C:\Users\Pepik\AppData\Roaming\BitTorrent\BitTorrent.exe [2016-05-20 1972232]
"SetupNO"=wscript.exe //B C:\Users\Pepik\AppData\Local\Temp\SetupNO.vbs []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent]
C:\Users\Pepik\AppData\Roaming\BitTorrent\BitTorrent.exe [2016-05-20 1972232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2016-03-11 8686296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Flvto Youtube Downloader]
Flvto Youtube Downloader\FlvtoYoutubeDownloader.exe /minimize []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gaming Mouse Driver]
C:\Program Files (x86)\Gaming Mouse\Monitor.EXE [2011-09-09 200704]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OfficeSyncProcess]
C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Start WingMan Profiler]
C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2010-06-15 190536]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Pepik^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MEGAsync.lnk]
C:\Users\Pepik\AppData\Local\MEGAsync\MEGAsync.exe [2016-03-16 4818120]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Pepik^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Screen Clipper and Launcher.lnk]
C:\PROGRA~2\MICROS~2\Office14\ONENOTEM.EXE []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BackupManagerTray"=C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [2011-04-24 297280]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-07-02 5515496]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-04-01 596504]

C:\Users\Pepik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
RollerCoaster Tycoon 3 Registration.lnk - C:\Users\Pepik\AppData\Local\Temp\{C9AAE132-3AA8-4EED-B900-E3ED025012A9}\{907B4640-266B-4A21-92FB-CD1A86CD0F63}\ATR1.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-07-20 271360]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"vidc.tscc"=C:\Windows\SysWOW64\tsccvid64.dll
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2016-07-11 08:46:10 ----D---- C:\rsit
2016-06-25 14:42:04 ----A---- C:\Windows\SYSWOW64\H@tKeysH@@k.DLL
2016-06-24 18:48:28 ----D---- C:\Users\Pepik\AppData\Roaming\.atlauncher
2016-06-23 10:45:29 ----D---- C:\Users\Pepik\AppData\Roaming\Microsoft Games
2016-06-23 10:41:34 ----D---- C:\ProgramData\Package Cache

======List of files/folders modified in the last 1 month======

2016-07-11 08:47:52 ----D---- C:\Program Files\trend micro
2016-07-11 08:44:47 ----D---- C:\Users\Pepik\AppData\Roaming\BitTorrent
2016-07-11 08:24:50 ----D---- C:\Users\Pepik\AppData\Roaming\Mp3tag
2016-07-11 08:07:07 ----D---- C:\Windows\system32\config
2016-07-11 08:03:22 ----D---- C:\Windows\system32\Tasks
2016-07-11 08:03:22 ----D---- C:\Program Files\CCleaner
2016-07-11 08:03:16 ----D---- C:\Windows\Temp
2016-07-11 07:56:04 ----A---- C:\Windows\SYSWOW64\log.txt
2016-07-10 22:12:15 ----D---- C:\Windows\System32
2016-07-10 22:12:15 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-07-07 15:18:26 ----D---- C:\Program Files (x86)\Opera
2016-07-07 13:20:21 ----D---- C:\Users\Pepik\AppData\Roaming\Skype
2016-07-06 10:46:15 ----D---- C:\Program Files (x86)\Valve
2016-07-06 10:35:59 ----D---- C:\Program Files (x86)
2016-07-06 09:45:28 ----D---- C:\Windows\SysWOW64
2016-07-06 09:44:29 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2016-07-06 09:43:46 ----D---- C:\Users\Pepik\AppData\Roaming\DAEMON Tools Lite
2016-07-05 23:31:08 ----SHD---- C:\System Volume Information
2016-07-04 19:16:06 ----D---- C:\Windows
2016-07-04 17:59:24 ----D---- C:\Users\Pepik\AppData\Roaming\Foxit Software
2016-07-04 15:19:54 ----D---- C:\Users\Pepik\AppData\Roaming\MPC-HC
2016-07-04 13:04:13 ----D---- C:\Windows\inf
2016-06-28 20:20:11 ----D---- C:\Users\Pepik\AppData\Roaming\DVDVideoSoft
2016-06-26 08:16:34 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-06-24 18:35:09 ----D---- C:\Users\Pepik\AppData\Roaming\.minecraft
2016-06-23 10:45:52 ----SD---- C:\Users\Pepik\AppData\Roaming\Microsoft
2016-06-23 10:41:51 ----SHD---- C:\Windows\Installer
2016-06-23 10:41:51 ----SHD---- C:\Config.Msi
2016-06-23 10:41:34 ----AD---- C:\ProgramData
2016-06-23 07:53:01 ----D---- C:\Windows\SYSWOW64\drivers
2016-06-14 20:57:33 ----D---- C:\Windows\system32\catroot2

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-07-01 65736]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-07-01 272248]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2010-04-13 540696]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2014-08-14 834544]
R1 appliand;Applian LightWeight Filter; C:\Windows\system32\DRIVERS\appliand.sys [2013-02-06 30304]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-07-01 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-07-01 1047320]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-07-02 442264]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-11-09 270912]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-07-01 29168]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-07-01 89944]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-07-01 137288]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-06-02 2750464]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\drivers\HECIx64.sys [2009-09-17 56344]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-07-20 10603904]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2010-02-27 158976]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-02-22 2750312]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2011-01-18 412712]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2011-03-10 18432]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2011-03-10 17408]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\WmBEnum.sys [2010-04-28 26440]
R3 WmXlCore;Logitech Translation Layer Driver; C:\Windows\system32\drivers\WmXlCore.sys [2010-04-27 77512]
S0 prohlp02;StarForce Protection Helper Driver v2; C:\Windows\System32\drivers\prohlp02.sys []
S0 prosync1;StarForce Protection Synchronization Driver v1; C:\Windows\System32\drivers\prosync1.sys []
S0 sfhlp01;StarForce Protection Helper Driver; C:\Windows\System32\drivers\sfhlp01.sys []
S1 prodrv06;StarForce Protection Environment Driver v6; C:\Windows\System32\drivers\prodrv06.sys []
S2 WCMVCAM;WebcamMax, WDM Video Capture; C:\Windows\system32\DRIVERS\wcmvcam64.sys [2012-04-15 1071032]
S3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2011-06-08 4729408]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-09-22 243712]
S3 RtkBtFilter;Realtek Bluetooth Filter Driver; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [2015-01-20 585944]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2009-09-19 127488]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2009-09-19 18944]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2009-09-19 161280]
S3 tap0901;TAP-Win32 Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2011-12-15 31232]
S3 TFsExDisk;TFsExDisk; \??\C:\Windows\System32\Drivers\TFsExDisk.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 VCSVADHWSer;Avnex Virtual Audio Device (WDM); C:\Windows\system32\DRIVERS\vcsvad.sys [2008-12-26 21504]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
S3 WmFilter;Logitech Gaming HID Filter Driver; C:\Windows\system32\drivers\WmFilter.sys [2010-04-27 43976]
S3 WmVirHid;Logitech Virtual Hid Device Driver; C:\Windows\system32\drivers\WmVirHid.sys [2010-04-28 16200]
S3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\Windows\system32\DRIVERS\xusb21.sys [2009-04-08 68992]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-09-14 82128]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-07-01 343336]
R2 DigitalWave.Update.Service;Digital Wave Update Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [2016-01-19 388968]
R2 GREGService;GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2011-05-26 29696]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-04-13 13336]
R2 Live Updater Service;Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2011-04-22 244624]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-03-18 268824]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2011-04-24 256832]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-08-18 75064]
R2 PnkBstrB;PnkBstrB; C:\Windows\syswow64\PnkBstrB.exe [2014-12-24 214520]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-18 2320920]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-03-23 327808]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-10-09 655624]
S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2012-04-26 135584]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01 144200]
S3 npggsvc;nProtect GameGuard Service; C:\Windows\syswow64\GameMon.des [2012-09-26 4460280]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-11-11 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2008-11-11 620544]

-----------------EOF-----------------

Zdravim

Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner[C?].txt ). Ten mi sem zkopirujte.

Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

Adw zde:

# AdwCleaner v5.201 - Log vytvořen 12/07/2016 v 15:24:15
# Aktualizováno 30/06/2016 by ToolsLib
# Databáze : 2016-07-12.1 [Server]
# Operační system : Windows 7 Home Premium Service Pack 1 (X64)
# Uživatelské jméno : Pepik - PEPA
# Spuštěno z : C:\Users\Pepik\Desktop\adwcleaner_5.201.exe
# Nastavení : Čištění
# Podpora : https://toolslib.net/forum

***** [ Služby ] *****


***** [ Složky ] *****


***** [ Soubory ] *****

[-] Soubor Smazáno : C:\Windows\SysWOW64\h@tkeysh@@k.dll

***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Zástupci ] *****


***** [ Naplánované úlohy ] *****


***** [ Registry ] *****

[-] Klíč Smazáno : HKCU\Software\Link64

***** [ Prohlížeče ] *****


*************************

:: "Tracing" klíče smazány
:: Nastavení Winsock vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [1418 bytů] - [16/05/2016 15:15:00]
C:\AdwCleaner\AdwCleaner[C2].txt - [954 bytů] - [12/07/2016 15:24:15]
C:\AdwCleaner\AdwCleaner[S1].txt - [1330 bytů] - [16/05/2016 15:12:23]
C:\AdwCleaner\AdwCleaner[S2].txt - [1116 bytů] - [23/05/2016 20:07:45]
C:\AdwCleaner\AdwCleaner[S3].txt - [1224 bytů] - [12/07/2016 15:21:51]

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1245 bytů] ##########

Fajn, tak jeste MBAM

Dobry den, MBAM mi uz jede 3 dny tak uz snad budu mit dneska log.

OK

Tak tady ten MBAM:

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 13.7.2016
Čas skenování: 0:57
Protokol: log mbam 20.7 2016.txt
Správce: Ano

Verze: 2.2.1.1043
Databáze malwaru: v2016.07.12.11
Databáze rootkitů: v2016.05.27.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Pepik

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 832885
Uplynulý čas: 177 hod, 17 min, 19 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Sken hloubkových rootkitů: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 2
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{21111111-1111-1111-1111-110211671166}, , [f338091a3466a294ccbd930c22e1c23e],
PUP.Optional.TidyNetwork, HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\DRAGDROP\{70BC1CDB-0744-4172-BDA0-B5A487D00C3A}, , [2803190a8b0f75c1a580dcdd13f0e020],

Hodnoty registru: 1
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{21111111-1111-1111-1111-110211671166}|AppName, Discount Buddy-bg.exe, , [f338091a3466a294ccbd930c22e1c23e]

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 3
HackTool.HotKeyHook, C:\AdwCleaner\FileQuarantine\C\Windows\SysWOW64\h@tkeysh@@k.dll.vir, , [d754f13275259d99860fb1d6a35da55b],
CrackTool.Agent, C:\Program Files\Adobe\Adobe Photoshop CS6 (64 Bit)\adobe.photoshop.cs6-patch.exe, , [35f66bb89ffbf640fd81e464fc055fa1],
Trojan.Agent, C:\Program Files (x86)\GetFLV\GetFLV.v9.1.2.0.loader.exe, , [b5762bf87a2066d061c325de7d852ed2],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

Nalezy nechte odstranit.

Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach
(Kdyby nesel Launcher stahnout, dejte logy jen ze samotneho FRST, tedy bez pouziti Launcheru)

A log z Addition v přiloze.
Log z FRST zde:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-07-2016
Ran by Pepik (administrator) on PEPA (21-07-2016 16:03:23)
Running from C:\Users\Pepik\Desktop
Loaded Profiles: Pepik (Available Profiles: Pepik)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 9 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831528 2011-05-10] (Acer Incorporated)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11779176 2011-02-18] (Realtek Semiconductor)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-04-24] (NTI Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [8900328 2016-07-12] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\...\Run: [BitTorrent] => C:\Users\Pepik\AppData\Roaming\BitTorrent\BitTorrent.exe [1972232 2016-05-20] (BitTorrent Inc.)
HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\...\Run: [SetupNO] => wscript.exe //B "C:\Users\Pepik\AppData\Local\Temp\SetupNO.vbs" <===== ATTENTION
HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\System32\Acer.scr [456224 2010-07-29] ()
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Pepik\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Pepik\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Pepik\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-07-12] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Pepik\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Pepik\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Pepik\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
Startup: C:\Users\Pepik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RollerCoaster Tycoon 3 Registration.lnk [2016-04-20]
ShortcutTarget: RollerCoaster Tycoon 3 Registration.lnk -> C:\Users\Pepik\AppData\Local\Temp\{C9AAE132-3AA8-4EED-B900-E3ED025012A9}\{907B4640-266B-4A21-92FB-CD1A86CD0F63}\ATR1.exe (No File)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 91.103.164.5 91.103.164.10
Tcpip\..\Interfaces\{610EB418-5BBF-4997-8F43-3817DE589DD9}: [DhcpNameServer] 91.103.164.5 91.103.164.10

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2289079560-4057469565-1523236124-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-07-12] (AVAST Software)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-05-01] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-07-12] (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-01] (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-02-01] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Pepik\AppData\Roaming\Mozilla\Firefox\Profiles\6icesh4i.default
FF NewTab: about:newtab
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_182.dll [2016-04-30] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_182.dll [2016-04-30] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll [2013-12-05] (Adobe Systems, Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-01] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2289079560-4057469565-1523236124-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Pepik\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [No File]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Extension: No Name - C:\Users\Pepik\AppData\Roaming\Mozilla\Firefox\Profiles\6icesh4i.default\extensions\anttoolbar@ant.com [not found]
FF Extension: YouTube Video and Audio Downloader - C:\Users\Pepik\AppData\Roaming\Mozilla\Firefox\Profiles\6icesh4i.default\Extensions\feca4b87-3be4-43da-a1b1-137c24220968@jetpack.xpi [2015-04-28] [not signed]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-07-12]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-07-12]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-01]

Opera:
=======
OPR Extension: (AdBlock) - C:\Users\Pepik\AppData\Roaming\Opera Software\Opera Stable\Extensions\aobdicepooefnbaeokijohmhjlleamfj [2016-05-16]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-07-12] (AVAST Software)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2016-01-19] (Digital Wave Ltd.)
R2 GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [29696 2011-05-26] (Acer Incorporated) [File not signed]
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4460280 2012-09-26] (INCA Internet Co., Ltd.)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-24] (NTI Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75064 2013-08-18] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [214520 2014-12-24] ()
S4 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [620544 2008-11-11] (Nokia.) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 appliand; C:\Windows\System32\DRIVERS\appliand.sys [30304 2013-02-06] (Applian Technologies Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-07-12] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-07-12] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108304 2016-07-12] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-07-12] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-07-12] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-07-12] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [473592 2016-07-13] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [162904 2016-07-12] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [290088 2016-07-12] (AVAST Software)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [270912 2011-11-09] (DT Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S0 prohlp02; C:\Windows\SysWOW64\drivers\prohlp02.sys [72896 2004-07-06] (Protection Technology) [File not signed]
S0 prosync1; C:\Windows\SysWOW64\drivers\prosync1.sys [7040 2004-07-19] (Protection Technology) [File not signed]
S3 RtkBtFilter; C:\Windows\System32\DRIVERS\RtkBtfilter.sys [585944 2015-01-20] (Realtek Semiconductor Corporation)
S0 sfhlp01; C:\Windows\SysWOW64\drivers\sfhlp01.sys [4832 2003-12-01] (Protection Technology) [File not signed]
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2014-08-14] () [File not signed]
S3 VCSVADHWSer; C:\Windows\System32\DRIVERS\vcsvad.sys [21504 2008-12-26] (Avnex) [File not signed]
S2 WCMVCAM; C:\Windows\System32\DRIVERS\wcmvcam64.sys [1071032 2012-04-15] (Windows (R) Win 7 DDK provider)
S1 prodrv06; \SystemRoot\System32\drivers\prodrv06.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-21 16:03 - 2016-07-21 16:03 - 00014873 _____ C:\Users\Pepik\Desktop\FRST.txt
2016-07-21 16:02 - 2016-07-21 16:03 - 00000000 ____D C:\FRST
2016-07-21 16:01 - 2016-07-21 16:01 - 02393600 _____ (Farbar) C:\Users\Pepik\Desktop\FRST64.exe
2016-07-21 15:59 - 2016-07-21 15:59 - 00015327 _____ C:\Users\Pepik\Desktop\LM.bat
2016-07-21 15:58 - 2016-07-21 15:59 - 00029696 _____ C:\Users\Pepik\AppData\Local\MSGBOX.EXE
2016-07-21 14:13 - 2016-07-21 14:45 - 2694275072 _____ C:\Users\Pepik\Downloads\Interstellar.2014.IMAX.480p.BDRip.XviD.AC3.CZ-4play.avi
2016-07-21 09:55 - 2016-07-21 09:55 - 54551543 _____ C:\Users\Pepik\Downloads\VID_20160720_101555.3gp
2016-07-21 09:25 - 2016-07-21 15:56 - 00000000 ____D C:\Users\Pepik\AppData\LocalLow\BitTorrent
2016-07-20 13:57 - 2016-07-19 11:56 - 00000000 ____D C:\Users\Pepik\Desktop\Chubby Jag - The Best There Is The Best There Was (DatPiff.com)
2016-07-20 13:56 - 2016-07-20 13:57 - 136245343 _____ C:\Users\Pepik\Downloads\The_Best_There_Is_The_Best_There_Was-(DatPiff.com).zip
2016-07-20 13:56 - 2016-07-20 05:55 - 00000000 ____D C:\Users\Pepik\Desktop\21 Savage Metro Boomin - Savage Boomin (DatPiff.com)
2016-07-20 13:54 - 2016-07-20 13:55 - 71019084 _____ C:\Users\Pepik\Downloads\Savage_Boomin-(DatPiff.com).zip
2016-07-19 14:01 - 2016-07-19 15:01 - 2775697322 _____ C:\Users\Pepik\Downloads\wkd_axel_brauns_nylon_720p_2500.mp4
2016-07-18 09:58 - 2016-07-18 09:58 - 00000000 ____D C:\Users\Pepik\Desktop\Billionaire Black
2016-07-18 09:43 - 2016-07-18 09:44 - 82214032 _____ C:\Users\Pepik\Downloads\Billionaire_Black-Out_The_Blue.zip
2016-07-18 09:35 - 2016-07-18 09:37 - 91168248 _____ C:\Users\Pepik\Downloads\Billionaire_Black-Billion_Versus_Billy.zip
2016-07-18 09:09 - 2016-07-18 09:10 - 81854481 _____ C:\Users\Pepik\Downloads\HHID_Billion Dollar Man.zip
2016-07-18 08:51 - 2016-07-18 08:52 - 00000000 ____D C:\Users\Pepik\Desktop\Use - Bullet 2 (DatPiff.com)
2016-07-18 08:43 - 2016-07-18 08:44 - 118675118 _____ C:\Users\Pepik\Downloads\Bullet_2-(DatPiff.com).zip
2016-07-17 14:27 - 2016-07-17 14:41 - 569098376 _____ C:\Users\Pepik\Downloads\Pictures_SexArt-720p.mp4
2016-07-17 14:12 - 2016-07-17 14:22 - 625206991 _____ C:\Users\Pepik\Downloads\Anna Rose & Eva Berger Vintage Collection - Partiers 720p.mp4
2016-07-17 13:51 - 2016-07-17 14:05 - 645167940 _____ C:\Users\Pepik\Downloads\Anna Rose & Cristal Caitlin Bittersweet Tale Part 1 720p.mp4
2016-07-17 13:51 - 2016-07-17 14:05 - 547794933 _____ C:\Users\Pepik\Downloads\Dolly Diore & Maxmilian Dior Bittersweet Tale Part 2 720p.mp4
2016-07-17 13:26 - 2016-07-17 13:43 - 819992355 _____ C:\Users\Pepik\Downloads\Anna Rose & Maxmilian Dior Bittersweet Tale Part 3 720p.mp4
2016-07-17 13:25 - 2016-07-17 13:44 - 760159735 _____ C:\Users\Pepik\Downloads\Cristal Caitlin & Tyler Nixon Bittersweet Tale Part 5 720p.mp4
2016-07-17 13:06 - 2016-07-17 13:16 - 664700821 _____ C:\Users\Pepik\Downloads\Anna Rose & Cristal Caitlin Bittersweet Tale Part 4 720p.mp4
2016-07-16 09:43 - 2016-07-15 19:11 - 00000000 ____D C:\Users\Pepik\Desktop\Young Buck - 10 Bodies (DatPiff.com)
2016-07-14 18:51 - 2016-07-14 18:51 - 00000000 ____D C:\Users\Pepik\Desktop\HASAN - OCEAN
2016-07-13 16:32 - 2016-07-12 20:49 - 00000000 ____D C:\Users\Pepik\Desktop\Project Pat - Street God 3 (DatPiff.com)
2016-07-12 17:28 - 2016-07-12 18:22 - 769348512 _____ C:\Users\Pepik\Downloads\2cstbonnieskinjohnny_720.mp4
2016-07-12 16:02 - 2016-06-03 20:43 - 00000000 ____D C:\Users\Pepik\Desktop\Ali Bumaye - 2016 Rumble In The Jungle
2016-07-12 15:31 - 2016-07-12 15:31 - 00001327 _____ C:\Users\Pepik\Desktop\ADW 1.7 2016.txt
2016-07-12 15:29 - 2016-07-12 09:37 - 00390984 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-07-12 15:26 - 2016-07-12 15:30 - 00003882 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1468329968
2016-07-12 15:26 - 2016-07-12 15:26 - 00001001 _____ C:\Users\Public\Desktop\Avast SafeZone Browser.lnk
2016-07-12 15:26 - 2016-07-12 15:26 - 00001001 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-07-12 15:19 - 2016-07-12 15:19 - 03712064 _____ C:\Users\Pepik\Desktop\adwcleaner_5.201.exe
2016-07-12 12:06 - 2016-07-12 12:38 - 2046807799 _____ C:\Users\Pepik\Downloads\HouseOfTaboo.16.01.28.Wendy.Moon.Latex.Lucy.And.Mea.Melone.XXX.1080p.MP4-KTR.mp4
2016-07-12 09:39 - 2016-07-12 09:36 - 00037144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2016-07-12 09:38 - 2016-07-12 09:37 - 00992960 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-07-12 09:38 - 2016-07-12 09:37 - 00921280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-07-12 09:37 - 2016-07-12 09:37 - 00053208 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-07-12 09:35 - 2016-07-12 09:35 - 00000000 ____D C:\Users\Pepik\Desktop\Ace Hood - Starvation 5 (DatPiff.com)
2016-07-11 14:06 - 2016-07-11 14:06 - 00000000 ____D C:\Users\Pepik\Downloads\Met - Art Ariel Piper Fawn - Rainy Day
2016-07-11 10:02 - 2016-07-11 10:24 - 1710851781 _____ C:\Users\Pepik\Downloads\Avengers XXX 2_ An Axel Braun Parody (Vivid) XXX NEW 720p WEBRip (2015).mp4
2016-07-11 08:46 - 2016-07-11 08:46 - 00000000 ____D C:\rsit
2016-07-11 08:42 - 2016-07-07 22:33 - 00000000 ____D C:\Users\Pepik\Desktop\Migos - 3 Way EP (DatPiff.com)
2016-07-10 18:53 - 2016-07-10 19:13 - 1646200743 _____ C:\Users\Pepik\Downloads\uc-sexmachina.mp4
2016-07-05 20:44 - 2016-07-05 21:33 - 338886656 ____R C:\Users\Pepik\Downloads\Call Of Duty 4 Modern Warfare CZ - t2k9.iso
2016-07-05 20:43 - 2016-07-05 20:43 - 00022587 _____ C:\Users\Pepik\Downloads\[CzT]Call_Of_Duty_4_Modern_Warfare_CZ_2007_.torrent
2016-07-04 16:25 - 2016-07-04 16:28 - 00000000 ____D C:\Users\Pepik\Downloads\assasin cread cz
2016-07-04 16:25 - 2016-07-04 16:25 - 00027211 _____ C:\Users\Pepik\Downloads\[CzT]Assassin_s_Creed_2008_CZ_.torrent
2016-07-03 19:46 - 2016-07-03 19:46 - 00012724 _____ C:\Users\Pepik\Downloads\[CzT]Projekt_X_Project_X_2012_CZ_720pLQ_.torrent
2016-07-02 10:32 - 2016-07-02 10:32 - 00012304 _____ C:\Users\Pepik\Downloads\Interracial.Crush.XXX.DVDRip.XviD.www.TorrenTesX.com.torrent
2016-06-29 13:40 - 2016-06-29 17:53 - 204038144 _____ C:\Users\Pepik\Downloads\FEAR.iso.mdf
2016-06-23 10:45 - 2016-06-23 10:45 - 00000000 ___SH C:\Users\Pepik\AppData\Local\LumaEmu
2016-06-23 10:45 - 2016-06-23 10:45 - 00000000 ____D C:\Users\Pepik\AppData\Roaming\Microsoft Games
2016-06-23 10:41 - 2016-06-23 10:41 - 00000000 ____D C:\ProgramData\Package Cache
2016-06-23 07:44 - 2016-06-23 07:44 - 00000000 ____D C:\Users\Pepik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PANZERS - Phase1

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-21 16:02 - 2009-07-14 06:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-07-21 16:02 - 2009-07-14 06:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-07-21 15:56 - 2014-10-05 12:34 - 00000000 ____D C:\Users\Pepik\AppData\Roaming\BitTorrent
2016-07-21 15:54 - 2015-07-15 23:51 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-21 15:54 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-07-21 15:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Resources
2016-07-21 15:26 - 2015-07-15 23:51 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-21 09:09 - 2015-10-03 09:05 - 00000000 ____D C:\Users\Pepik\Downloads\CzT
2016-07-21 09:00 - 2015-09-20 09:01 - 00000000 ____D C:\Users\Pepik\Downloads\xxx
2016-07-21 08:31 - 2011-10-09 18:35 - 01691336 _____ C:\Windows\system32\perfh005.dat
2016-07-21 08:31 - 2011-10-09 18:35 - 00497602 _____ C:\Windows\system32\perfc005.dat
2016-07-21 08:31 - 2009-07-14 07:13 - 00006508 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-18 09:55 - 2015-06-29 19:00 - 00000000 ____D C:\Users\Pepik\AppData\Roaming\Mp3tag
2016-07-17 12:57 - 2016-01-29 10:56 - 00000000 ____D C:\Users\Pepik\Documents\uloz.to X
2016-07-17 09:41 - 2011-11-09 13:11 - 00000000 ____D C:\Users\Pepik\AppData\Roaming\Skype
2016-07-17 08:56 - 2015-07-14 22:51 - 00000958 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-07-13 15:30 - 2011-11-09 15:33 - 00473592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2016-07-13 00:57 - 2014-07-15 09:20 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-07-12 15:33 - 2011-07-20 09:40 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-07-12 15:33 - 2011-07-20 09:40 - 00000000 ____D C:\ProgramData\Skype
2016-07-12 15:32 - 2011-12-26 20:49 - 00000000 ___RD C:\Users\Pepik\Desktop\Programy
2016-07-12 15:30 - 2012-09-07 11:54 - 00003922 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-07-12 15:24 - 2016-05-16 15:10 - 00000000 ____D C:\AdwCleaner
2016-07-12 09:38 - 2014-07-31 15:30 - 00162904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-07-12 09:38 - 2013-10-22 15:59 - 00290088 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2016-07-12 09:38 - 2011-11-09 15:33 - 00000000 ____D C:\ProgramData\AVAST Software
2016-07-12 09:37 - 2014-07-31 15:30 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-07-12 09:37 - 2013-10-22 15:59 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-07-12 09:37 - 2012-04-03 07:19 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-07-12 09:37 - 2011-11-09 15:33 - 00473592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.146830920085502
2016-07-12 09:37 - 2011-11-09 15:33 - 00108304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-07-12 09:36 - 2011-11-09 15:33 - 01070904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2016-07-12 09:35 - 2011-11-09 15:33 - 00000000 ____D C:\Program Files\AVAST Software
2016-07-11 08:47 - 2011-11-09 15:41 - 00000000 ____D C:\Program Files\trend micro
2016-07-11 08:03 - 2016-04-02 13:12 - 00000000 ____D C:\Program Files\CCleaner
2016-07-07 15:18 - 2014-07-19 13:30 - 00003838 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1405769399
2016-07-07 15:18 - 2014-07-19 13:29 - 00000000 ____D C:\Program Files (x86)\Opera
2016-07-06 10:46 - 2016-05-02 14:34 - 00000000 ____D C:\Program Files (x86)\Valve
2016-07-06 10:35 - 2011-07-20 09:17 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-07-06 10:34 - 2014-05-02 16:03 - 00000000 ____D C:\Users\Pepik\AppData\Local\CrashDumps
2016-07-06 09:46 - 2011-12-25 14:00 - 00000000 ____D C:\Users\Pepik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2016-07-06 09:43 - 2011-11-09 15:10 - 00000000 ____D C:\Users\Pepik\AppData\Roaming\DAEMON Tools Lite
2016-07-04 17:59 - 2014-06-06 19:49 - 00000000 ____D C:\Users\Pepik\AppData\Roaming\Foxit Software
2016-07-04 15:19 - 2015-08-03 01:22 - 00000000 ____D C:\Users\Pepik\AppData\Roaming\MPC-HC
2016-07-04 13:04 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-06-28 20:20 - 2016-01-31 11:33 - 00000000 ____D C:\Users\Pepik\AppData\Roaming\DVDVideoSoft
2016-06-26 08:16 - 2015-07-14 22:51 - 00003944 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-06-26 08:16 - 2012-06-08 06:00 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-06-26 08:16 - 2011-11-11 23:19 - 00000000 ____D C:\Users\Pepik\AppData\Local\Adobe
2016-06-26 08:16 - 2011-07-20 10:00 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-24 18:35 - 2016-04-29 18:06 - 00000000 ____D C:\Users\Pepik\AppData\Roaming\.minecraft
2016-06-24 16:10 - 2016-05-02 14:14 - 00000000 ____D C:\Users\Pepik\Documents\My Games
2016-06-22 17:49 - 2016-04-14 16:07 - 00001177 _____ C:\Users\Pepik\AppData\Roaming\Microsoft\Windows\Start Menu\GOM Player.lnk

==================== Files in the root of some directories =======

2015-08-18 15:03 - 2015-08-18 15:03 - 0032768 __RSH () C:\Program Files (x86)\GTProtector.asi
2015-08-18 15:03 - 2015-08-18 15:03 - 0135168 __RSH () C:\Program Files (x86)\GTProtector.dll
2015-08-18 15:03 - 2015-08-18 15:03 - 0000197 __RSH () C:\Program Files (x86)\GTProtector.ini
2015-08-18 15:00 - 2015-08-18 15:03 - 0004061 __RSH () C:\Program Files (x86)\rev.ini
2015-08-18 15:03 - 2015-08-18 15:03 - 0000000 __RSH () C:\Program Files (x86)\update20oct2014.ini
2014-06-01 16:39 - 2015-03-22 16:32 - 0000132 _____ () C:\Users\Pepik\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2014-06-03 19:36 - 2014-07-04 16:01 - 0065599 _____ () C:\Users\Pepik\AppData\Roaming\Camdata.ini
2014-06-03 19:36 - 2014-07-04 16:01 - 0000408 _____ () C:\Users\Pepik\AppData\Roaming\CamLayout.ini
2014-06-03 19:36 - 2014-07-04 16:01 - 0000408 _____ () C:\Users\Pepik\AppData\Roaming\CamShapes.ini
2014-06-03 19:36 - 2014-07-04 16:01 - 0004524 _____ () C:\Users\Pepik\AppData\Roaming\CamStudio.cfg
2014-08-16 12:48 - 2015-08-07 20:22 - 1426423 _____ () C:\Users\Pepik\AppData\Roaming\File.jar
2013-09-19 17:27 - 2013-09-21 08:42 - 0000000 _____ () C:\Users\Pepik\AppData\Roaming\ForgeModLoader-client-0.log.lck
2003-04-09 05:28 - 2003-04-09 05:28 - 0233472 ____N () C:\Users\Pepik\AppData\Roaming\MafiaSetup.exe
2013-09-19 17:30 - 2013-09-19 17:31 - 0001083 _____ () C:\Users\Pepik\AppData\Roaming\output-server.log.1
2012-03-07 19:04 - 2012-12-28 18:17 - 0045270 _____ () C:\Users\Pepik\AppData\Roaming\room_v3.dat
2012-12-11 19:46 - 2016-01-01 10:11 - 0024064 ___SH () C:\Users\Pepik\AppData\Roaming\Thumbs.db
2011-11-09 15:37 - 2011-11-09 15:37 - 0017212 _____ () C:\Users\Pepik\AppData\Roaming\UserTile.png
2012-02-11 23:31 - 2012-03-23 16:13 - 0005632 _____ () C:\Users\Pepik\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-06-23 10:45 - 2016-06-23 10:45 - 0000000 ___SH () C:\Users\Pepik\AppData\Local\LumaEmu
2016-07-21 15:58 - 2016-07-21 15:59 - 0029696 _____ () C:\Users\Pepik\AppData\Local\MSGBOX.EXE
2016-01-08 19:06 - 2016-01-08 19:06 - 0001467 _____ () C:\Users\Pepik\AppData\Local\recently-used.xbel
2011-12-29 19:36 - 2011-12-29 19:37 - 0007605 _____ () C:\Users\Pepik\AppData\Local\Resmon.ResmonCfg
2013-03-23 15:29 - 2013-07-01 15:30 - 0877747 ____N () C:\Users\Pepik\AppData\Local\Tempmusic.ogg

Some files in TEMP:
====================
C:\Users\Pepik\AppData\Local\Temp\libeay32.dll
C:\Users\Pepik\AppData\Local\Temp\msvcr120.dll
C:\Users\Pepik\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-07-17 20:33

==================== End of FRST.txt ============================

Napiste mi velikost adresare plochy (C:\Users\Pepik\Plocha)




Otevrete si poznamkovy blok a zkopirujte do nej tento skript Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.

Plocha 2,83 GB

log zde:

Fix result of Farbar Recovery Scan Tool (x64) Version: 23-07-2016 01
Ran by Pepik (2016-07-23 13:51:54) Run:1
Running from C:\Users\Pepik\Desktop
Loaded Profiles: Pepik (Available Profiles: Pepik)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\...\Run: [BitTorrent] => C:\Users\Pepik\AppData\Roaming\BitTorrent\BitTorrent.exe [1972232 2016-05-20] (BitTorrent Inc.)
HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\...\Run: [SetupNO] => wscript.exe //B "C:\Users\Pepik\AppData\Local\Temp\SetupNO.vbs" <===== ATTENTION
ShortcutTarget: RollerCoaster Tycoon 3 Registration.lnk -> C:\Users\Pepik\AppData\Local\Temp\{C9AAE132-3AA8-4EED-B900-E3ED025012A9}\{907B4640-266B-4A21-92FB-CD1A86CD0F63}\ATR1.exe (No File)

FF Extension: No Name - C:\Users\Pepik\AppData\Roaming\Mozilla\Firefox\Profiles\6icesh4i.default\extensions\anttoolbar@ant.com [not found]

Task: {2372A4B6-6E4A-4E4F-839C-506392D58462} - \Razer_Game_Booster_AutoUpdate -> No File <==== ATTENTION
Task: {B523D847-765E-482B-BD39-D45F952850A2} - \Game_Booster_AutoUpdate -> No File <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_192_pepper.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

AlternateDataStreams: C:\ProgramData:$SS_DESCRIPTOR_LBP6VPVFLVGVVFB84LTSUTB92PFNPC7BPV4XFJDMNGTFB5V5NBJ5TBBJMT9Y0N96GMP3V0GRUEF39X8XHH0TCFUL44FTBX4MLSWPBXRTF6VEKLFEJK35PNX0WHNGT9LSVEVF1VTVVTVXVVD [971]
AlternateDataStreams: C:\Users\All Users:$SS_DESCRIPTOR_LBP6VPVFLVGVVFB84LTSUTB92PFNPC7BPV4XFJDMNGTFB5V5NBJ5TBBJMT9Y0N96GMP3V0GRUEF39X8XHH0TCFUL44FTBX4MLSWPBXRTF6VEKLFEJK35PNX0WHNGT9LSVEVF1VTVVTVXVVD [971]
AlternateDataStreams: C:\ProgramData\Application Data:$SS_DESCRIPTOR_LBP6VPVFLVGVVFB84LTSUTB92PFNPC7BPV4XFJDMNGTFB5V5NBJ5TBBJMT9Y0N96GMP3V0GRUEF39X8XHH0TCFUL44FTBX4MLSWPBXRTF6VEKLFEJK35PNX0WHNGT9LSVEVF1VTVVTVXVVD [971]

S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-03-23 327808]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01 144200]

DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Flvto Youtube Downloader
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OfficeSyncProcess
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Pepik^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Screen Clipper and Launcher.lnk

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\Software\Microsoft\Windows\CurrentVersion\Run\\BitTorrent => value removed successfully
HKU\S-1-5-21-2289079560-4057469565-1523236124-1000\Software\Microsoft\Windows\CurrentVersion\Run\\SetupNO => value removed successfully
C:\Users\Pepik\AppData\Local\Temp\{C9AAE132-3AA8-4EED-B900-E3ED025012A9}\{907B4640-266B-4A21-92FB-CD1A86CD0F63}\ATR1.exe => not found.
C:\Users\Pepik\AppData\Roaming\Mozilla\Firefox\Profiles\6icesh4i.default\extensions\anttoolbar@ant.com => path removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2372A4B6-6E4A-4E4F-839C-506392D58462}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2372A4B6-6E4A-4E4F-839C-506392D58462}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Razer_Game_Booster_AutoUpdate => key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B523D847-765E-482B-BD39-D45F952850A2}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B523D847-765E-482B-BD39-D45F952850A2}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Game_Booster_AutoUpdate => key not found.
C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\ProgramData => ":$SS_DESCRIPTOR_LBP6VPVFLVGVVFB84LTSUTB92PFNPC7BPV4XFJDMNGTFB5V5NBJ5TBBJMT9Y0N96GMP3V0GRUEF39X8XHH0TCFUL44FTBX4MLSWPBXRTF6VEKLFEJK35PNX0WHNGT9LSVEVF1VTVVTVXVVD" ADS removed successfully.
"C:\Users\All Users" => ":$SS_DESCRIPTOR_LBP6VPVFLVGVVFB84LTSUTB92PFNPC7BPV4XFJDMNGTFB5V5NBJ5TBBJMT9Y0N96GMP3V0GRUEF39X8XHH0TCFUL44FTBX4MLSWPBXRTF6VEKLFEJK35PNX0WHNGT9LSVEVF1VTVVTVXVVD" ADS not found.
"C:\ProgramData\Application Data" => ":$SS_DESCRIPTOR_LBP6VPVFLVGVVFB84LTSUTB92PFNPC7BPV4XFJDMNGTFB5V5NBJ5TBBJMT9Y0N96GMP3V0GRUEF39X8XHH0TCFUL44FTBX4MLSWPBXRTF6VEKLFEJK35PNX0WHNGT9LSVEVF1VTVVTVXVVD" ADS not found.
gupdate => service removed successfully
SkypeUpdate => service removed successfully
gupdatem => service removed successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent => key removed successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring => key removed successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Flvto Youtube Downloader => key removed successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OfficeSyncProcess => key removed successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Pepik^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Screen Clipper and Launcher.lnk => key removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 155310634 B
Java, Flash, Steam htmlcache => 93529591 B
Windows/system/drivers => 40353969 B
Edge => 0 B
Chrome => 0 B
Firefox => 0 B
Opera => 509770664 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 296557 B
systemprofile32 => 692 B
LocalService => 0 B
NetworkService => 0 B
Pepik => 70104975 B

RecycleBin => 4279263386 B
EmptyTemp: => 4.8 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 13:53:37 ====

Polska Pasha píše:Plocha 2,83 GB

Velikost plochy by nemela presahovat 200 - 300 MB! Brzdi to chod pc. Cili ji trosku uklidte a na plochu dejte jen zastupce. Jen pozor na obcasnou chybu, ze uzivatele maji na plose slozku, v ni dalsi a v ni dalsi a do te to schovaji. To je sice hezke, ale plochu to nezmensi, jen je to v jinem supliku




Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

vyosek píše: DelFix https://toolslib.net/downloads/finish/2/

• Stahnete a spustte
• Ponechte zatrzitkou pouze u volby Remove disinfection tools
• Kliknete na Run

Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)

Defragmentujte disk(y) (SSD Disky ne!)
Stahnete program Defraggler https://www.piriform.com/defraggler/download/standard
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.




Pak napiste, jak to s pc vypada.

Pc je rychlejši, Diky moc

Nemate zac!

Mejte se a treba zase nekdy