VIRY.CZ

Zdravím,
kolegův notebook nezažil asi 10 let žádnou údržbu.
Vše jsem prohnal přes ccleaner a když teď koukám na výkon procáku, je totálně na maximu.
Notebook nestíhá chladit, nic.
Předem děkuji za pomoc.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 09-10-2016
Ran by čobolák (administrator) on PC (10-10-2016 14:34:49)
Running from C:\Users\čobolák\Desktop
Loaded Profiles: čobolák (Available Profiles: čobolák)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Digital Wave Ltd.) C:\Program Files\Common Files\DVDVideoSoft\lib\app_updater.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
(Flux Software LLC) C:\Users\čobolák\AppData\Local\FluxSoftware\Flux\flux.exe
(© 2015 Microsoft Corporation) C:\Users\čobolák\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
(Microsoft Corporation) C:\Windows\System32\dfrgui.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1537320 2009-06-18] (Synaptics Incorporated)
HKLM\...\Run: [QlbCtrl.exe] => C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [322104 2009-10-08] ( Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2685072 2015-05-08] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap.dll [1316000 2015-05-08] (NVIDIA Corporation)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1004064 2016-08-30] (Microsoft Corporation)
HKU\S-1-5-21-785789566-3867465019-2637425528-1000\...\Run: [Facebook Update] => C:\Users\čobolák\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-08-28] (Facebook Inc.)
HKU\S-1-5-21-785789566-3867465019-2637425528-1000\...\Run: [LightScribe Control Panel] => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2741616 2011-03-04] (Hewlett-Packard Company)
HKU\S-1-5-21-785789566-3867465019-2637425528-1000\...\Run: [f.lux] => C:\Users\čobolák\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC)
HKU\S-1-5-21-785789566-3867465019-2637425528-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6675672 2016-04-15] (Piriform Ltd)
HKU\S-1-5-21-785789566-3867465019-2637425528-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [29544576 2016-08-22] (Skype Technologies S.A.)
HKU\S-1-5-21-785789566-3867465019-2637425528-1000\...\Run: [BingSvc] => C:\Users\čobolák\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-785789566-3867465019-2637425528-1000\...\MountPoints2: {3247ddc5-e32b-11e3-8f4c-001f165cd941} - H:\Autorun.exe
HKU\S-1-5-21-785789566-3867465019-2637425528-1000\...\MountPoints2: {3247ddd1-e32b-11e3-8f4c-001f165cd941} - G:\Autorun.exe
HKU\S-1-5-21-785789566-3867465019-2637425528-1000\...\MountPoints2: {39c52642-9a07-11e5-bbd1-001f165cd941} - F:\AutoRun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.A14B04 PID_0083 {01D42BF0-ED08-463f-8A28-99EB6FEE962B}
HKU\S-1-5-21-785789566-3867465019-2637425528-1000\...\MountPoints2: {42e49ed4-0b91-11e4-87ee-001f165cd941} - G:\Autorun.exe
HKU\S-1-5-21-785789566-3867465019-2637425528-1000\...\MountPoints2: {42e49edf-0b91-11e4-87ee-001f165cd941} - G:\Autorun.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{E537CD83-FBA9-49E9-B6A9-EF50623623C2}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-05-13] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-05-13] (Oracle Corporation)

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-05-13] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-05-13] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] ( Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-26] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-26] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin HKU\S-1-5-21-785789566-3867465019-2637425528-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\čobolák\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=en-us
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/","hxxp://www.seznam.cz/" ... 1a73125892"
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC ... earchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultSuggestURL: Default -> hxxp://www.bing.com/osjson.aspx?FORM=__PARAM__ ... earchTerms}
CHR Profile: C:\Users\čobolák\AppData\Local\Google\Chrome\User Data\Default [2016-10-10]
CHR Extension: (Disk Google) - C:\Users\čobolák\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-18]
CHR Extension: (YouTube) - C:\Users\čobolák\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-16]
CHR Extension: (Vyhledávání Google) - C:\Users\čobolák\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (AdBlock) - C:\Users\čobolák\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-10-10]
CHR Extension: (Earth) - C:\Users\čobolák\AppData\Local\Google\Chrome\User Data\Default\Extensions\jieopfhnlbjmbpckpdhfdedccdmngdac [2014-05-25]
CHR Extension: (Převodník měn) - C:\Users\čobolák\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbhghjdcfghfhlogkgdklfgmpodeglno [2016-10-10]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\čobolák\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-10]
CHR Extension: (Gmail) - C:\Users\čobolák\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\čobolák\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-21]
CHR HKLM\...\Chrome\Extension: [hegneaniplmfjcmohoclabblbahcbjoe] - hxxp://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-785789566-3867465019-2637425528-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-785789566-3867465019-2637425528-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [hegneaniplmfjcmohoclabblbahcbjoe] - hxxp://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 DigitalWave.Update.Service; C:\Program Files\Common Files\DVDVideoSoft\lib\app_updater.exe [392168 2016-08-31] (Digital Wave Ltd.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [919184 2015-05-08] (NVIDIA Corporation)
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2011-03-04] (Hewlett-Packard Company) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [104200 2016-08-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [280864 2016-08-30] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1884304 2015-05-08] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [20698768 2015-05-08] (NVIDIA Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [27040 2015-11-12] (LogMeIn, Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [252808 2016-08-25] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [18576 2015-05-08] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [32912 2014-11-22] (NVIDIA Corporation)
S3 EverestDriver; \??\C:\Users\OBOLK~1\AppData\Local\Temp\Rar$EXa0.534\Everest Portable 5.5\kerneld.wnt [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X]
S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [X]
S3 huawei_wwanecm; system32\DRIVERS\ew_juwwanecm.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-10-10 14:34 - 2016-10-10 14:37 - 00013255 _____ C:\Users\čobolák\Desktop\FRST.txt
2016-10-10 14:34 - 2016-10-10 14:34 - 00000000 ___DC C:\FRST
2016-10-10 14:33 - 2016-10-10 14:34 - 01757184 _____ (Farbar) C:\Users\čobolák\Desktop\FRST.exe
2016-10-10 14:08 - 2016-10-10 14:08 - 00007605 _____ C:\Users\čobolák\AppData\Local\Resmon.ResmonCfg
2016-10-10 14:01 - 2016-10-10 14:01 - 00064024 _____ C:\Users\čobolák\AppData\Local\GDIPFONTCACHEV1.DAT
2016-10-10 13:59 - 2016-10-10 13:59 - 00286144 _____ C:\Windows\system32\FNTCACHE.DAT
2016-10-10 13:34 - 2016-10-10 13:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2016-10-10 13:33 - 2016-10-10 13:34 - 00000000 ____D C:\Program Files\FreeCodecPack
2016-10-10 13:20 - 2016-10-10 13:42 - 00000000 ____D C:\Users\čobolák\AppData\Roaming\DVDVideoSoft
2016-10-10 13:20 - 2016-10-10 13:34 - 00000000 ____D C:\Program Files\Common Files\DVDVideoSoft
2016-10-10 13:20 - 2016-10-10 13:33 - 00000000 ____D C:\Program Files\DVDVideoSoft
2016-10-10 13:01 - 2016-10-10 13:01 - 00000000 ____D C:\Users\čobolák\AppData\Roaming\Mozilla
2016-10-10 12:59 - 2016-10-10 12:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2016-10-10 12:59 - 2016-05-08 11:27 - 03613696 _____ (x264vfw project) C:\Windows\system32\x264vfw.dll
2016-10-10 12:59 - 2015-12-18 11:00 - 00674816 _____ C:\Windows\system32\xvidcore.dll
2016-10-10 12:59 - 2015-12-18 11:00 - 00282112 _____ C:\Windows\system32\xvidvfw.dll
2016-10-10 12:59 - 2015-02-25 18:27 - 00473088 _____ (hxxp://www.mp3dev.org/) C:\Windows\system32\lameACM.acm
2016-10-10 12:59 - 2012-07-21 12:54 - 00122880 _____ (fccHandler) C:\Windows\system32\ac3acm.acm
2016-10-10 12:59 - 2012-05-21 23:48 - 00000415 _____ C:\Windows\system32\lame_acm.xml
2016-10-10 12:59 - 2011-12-07 19:32 - 00216064 _____ ( ) C:\Windows\system32\lagarith.dll
2016-10-10 12:59 - 2004-05-18 20:16 - 00039936 _____ (Disappearing Inc.) C:\Windows\system32\huffyuv.dll
2016-10-10 12:58 - 2015-10-24 18:00 - 00112128 _____ C:\Windows\system32\ff_vfw.dll
2016-10-10 12:57 - 2016-10-10 12:59 - 00000000 ____D C:\Program Files\K-Lite Codec Pack
2016-10-09 16:31 - 2016-10-10 04:39 - 00000000 ____D C:\Users\čobolák\Desktop\Rychta
2016-09-28 19:50 - 2016-09-28 19:52 - 00000000 ____D C:\Users\čobolák\Desktop\NCOB
2016-09-28 19:47 - 2016-09-28 19:50 - 00000000 ____D C:\Users\čobolák\Desktop\Carotek2014 Vorvazov
2016-09-24 23:28 - 2016-09-24 23:28 - 00001562 _____ C:\Users\čobolák\Desktop\Counter-Strike 1.6.lnk
2016-09-24 23:28 - 2016-09-24 23:28 - 00001508 _____ C:\Users\čobolák\Desktop\Half-Life.lnk
2016-09-24 23:28 - 2016-09-24 23:28 - 00000000 ____D C:\Users\čobolák\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6
2016-09-24 23:19 - 2016-10-03 16:20 - 00000000 ___DC C:\Counter-Strike 1.6
2016-09-24 22:33 - 2016-09-24 23:02 - 283728966 _____ C:\Users\čobolák\Documents\Counter-Strike-1.6-Full-Install.rar
2016-09-24 19:56 - 2016-09-24 22:24 - 00000000 ___DC C:\Counter-Strike
2016-09-24 19:44 - 2016-09-24 19:51 - 179023420 _____ (CS-BOOST.LT ) C:\Users\čobolák\Documents\Counter-Strike.exe
2016-09-24 14:04 - 2016-09-24 14:11 - 302548481 _____ (InstallShield Software Corporation) C:\Users\čobolák\Documents\counter-strike-1-6.exe
2016-09-21 13:22 - 2016-08-05 17:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-09-12 03:51 - 2016-09-01 03:59 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-09-12 03:50 - 2016-09-02 17:21 - 04000488 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2016-09-12 03:50 - 2016-09-02 17:21 - 03944680 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-09-12 03:50 - 2016-09-02 17:21 - 00137960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-09-12 03:50 - 2016-09-02 17:21 - 00067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-09-12 03:50 - 2016-09-02 17:18 - 01310528 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-09-12 03:50 - 2016-09-02 17:16 - 01062912 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-09-12 03:50 - 2016-09-02 17:16 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-09-12 03:50 - 2016-09-02 17:16 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-09-12 03:50 - 2016-09-02 17:16 - 00644096 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-09-12 03:50 - 2016-09-02 17:16 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-09-12 03:50 - 2016-09-02 17:16 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-09-12 03:50 - 2016-09-02 17:16 - 00260608 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-09-12 03:50 - 2016-09-02 17:16 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-09-12 03:50 - 2016-09-02 17:16 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-09-12 03:50 - 2016-09-02 17:16 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-09-12 03:50 - 2016-09-02 17:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-09-12 03:50 - 2016-09-02 17:16 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-09-12 03:50 - 2016-09-02 17:16 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-09-12 03:50 - 2016-09-02 17:16 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-09-12 03:50 - 2016-09-02 17:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-09-12 03:50 - 2016-09-02 17:16 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-09-12 03:50 - 2016-09-02 17:16 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-09-12 03:50 - 2016-09-02 17:16 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-09-12 03:50 - 2016-09-02 17:16 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-09-12 03:50 - 2016-09-02 17:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-09-12 03:50 - 2016-09-02 17:16 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-09-12 03:50 - 2016-09-02 17:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-09-12 03:50 - 2016-09-02 16:53 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-09-12 03:50 - 2016-09-02 16:53 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-09-12 03:50 - 2016-09-02 16:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-09-12 03:50 - 2016-09-02 16:53 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-09-12 03:50 - 2016-09-02 16:53 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-09-12 03:50 - 2016-09-02 16:51 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-09-12 03:50 - 2016-09-02 16:49 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-09-12 03:50 - 2016-09-02 16:49 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-09-12 03:50 - 2016-09-02 16:49 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-09-12 03:50 - 2016-09-02 16:49 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-09-12 03:50 - 2016-09-02 16:49 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-09-12 03:50 - 2016-09-02 16:49 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-09-12 03:50 - 2016-09-02 16:49 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-09-12 03:50 - 2016-09-01 20:41 - 00346320 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-09-12 03:50 - 2016-09-01 05:18 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-09-12 03:50 - 2016-09-01 05:17 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-09-12 03:50 - 2016-09-01 05:08 - 20312064 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-09-12 03:50 - 2016-09-01 04:48 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-09-12 03:50 - 2016-09-01 04:46 - 00498688 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-09-12 03:50 - 2016-09-01 04:46 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-09-12 03:50 - 2016-09-01 04:46 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-09-12 03:50 - 2016-09-01 04:44 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-09-12 03:50 - 2016-09-01 04:34 - 02286592 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-09-12 03:50 - 2016-09-01 04:31 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-09-12 03:50 - 2016-09-01 04:31 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-09-12 03:50 - 2016-09-01 04:26 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-09-12 03:50 - 2016-09-01 04:24 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-09-12 03:50 - 2016-09-01 04:24 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-09-12 03:50 - 2016-09-01 04:24 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-09-12 03:50 - 2016-09-01 04:23 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-09-12 03:50 - 2016-09-01 04:14 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-09-12 03:50 - 2016-09-01 04:08 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-09-12 03:50 - 2016-09-01 03:57 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-09-12 03:50 - 2016-09-01 03:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-09-12 03:50 - 2016-09-01 03:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-09-12 03:50 - 2016-09-01 03:48 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-09-12 03:50 - 2016-09-01 03:45 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-09-12 03:50 - 2016-09-01 03:34 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-09-12 03:50 - 2016-09-01 03:31 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-09-12 03:50 - 2016-09-01 03:30 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-09-12 03:50 - 2016-09-01 03:29 - 02055680 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-09-12 03:50 - 2016-09-01 03:29 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-09-12 03:50 - 2016-09-01 03:27 - 13808128 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-09-12 03:50 - 2016-09-01 03:24 - 04607488 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-09-12 03:50 - 2016-09-01 02:43 - 02445824 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-09-12 03:50 - 2016-09-01 02:42 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-09-12 03:50 - 2016-09-01 02:38 - 01316352 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-09-12 03:50 - 2016-08-16 04:48 - 00811520 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-09-12 03:50 - 2016-08-16 04:28 - 02399232 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-09-12 03:49 - 2016-08-12 18:21 - 00313856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-09-12 03:49 - 2016-08-12 18:21 - 00310784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-09-12 03:49 - 2016-08-12 18:21 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-09-12 03:39 - 2016-08-06 17:15 - 00581632 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-10-10 14:13 - 2009-07-14 06:34 - 00021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-10-10 14:13 - 2009-07-14 06:34 - 00021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-10-10 14:04 - 2014-08-24 13:02 - 00000000 ____D C:\Users\čobolák\AppData\Roaming\Skype
2016-10-10 14:00 - 2014-05-13 23:15 - 00000936 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-10-10 13:59 - 2014-05-13 23:15 - 00000940 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-10-10 13:59 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-10-10 13:58 - 2016-04-22 19:07 - 00000000 ____D C:\Program Files\Auslogics
2016-10-10 12:45 - 2016-04-22 19:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
2016-10-10 12:26 - 2014-08-28 12:18 - 00000936 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-785789566-3867465019-2637425528-1000UA.job
2016-10-10 12:26 - 2014-08-28 12:18 - 00000914 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-785789566-3867465019-2637425528-1000Core.job
2016-10-10 11:49 - 2016-02-17 06:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
2016-10-10 04:39 - 2014-05-14 19:31 - 00000000 ____D C:\Users\čobolák\AppData\Roaming\vlc
2016-10-10 03:43 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\inf
2016-10-09 16:19 - 2015-10-31 14:45 - 00501542 _____ C:\Windows\system32\perfh006.dat
2016-10-09 16:19 - 2015-10-31 14:45 - 00098850 _____ C:\Windows\system32\perfc006.dat
2016-10-09 16:19 - 2015-10-30 20:25 - 00390470 _____ C:\Windows\system32\prfh0404.dat
2016-10-09 16:19 - 2015-10-30 20:25 - 00115282 _____ C:\Windows\system32\prfc0404.dat
2016-10-09 16:19 - 2015-10-30 19:52 - 00732486 _____ C:\Windows\system32\perfh015.dat
2016-10-09 16:19 - 2015-10-30 19:52 - 00156064 _____ C:\Windows\system32\perfc015.dat
2016-10-09 16:19 - 2015-10-30 19:16 - 00716728 _____ C:\Windows\system32\perfh019.dat
2016-10-09 16:19 - 2015-10-30 19:16 - 00151034 _____ C:\Windows\system32\perfc019.dat
2016-10-09 16:19 - 2015-10-28 21:14 - 00706008 _____ C:\Windows\system32\prfh0416.dat
2016-10-09 16:19 - 2015-10-28 21:14 - 00147848 _____ C:\Windows\system32\prfc0416.dat
2016-10-09 16:19 - 2015-09-06 02:03 - 00373298 _____ C:\Windows\system32\prfh0804.dat
2016-10-09 16:19 - 2015-09-06 02:03 - 00119784 _____ C:\Windows\system32\prfc0804.dat
2016-10-09 16:19 - 2015-09-03 10:44 - 00689336 _____ C:\Windows\system32\perfh007.dat
2016-10-09 16:19 - 2015-09-03 10:44 - 00648810 _____ C:\Windows\system32\perfh01F.dat
2016-10-09 16:19 - 2015-09-03 10:44 - 00149308 _____ C:\Windows\system32\perfc007.dat
2016-10-09 16:19 - 2015-09-03 10:44 - 00140192 _____ C:\Windows\system32\perfc01F.dat
2016-10-09 16:19 - 2010-11-21 03:16 - 00669116 _____ C:\Windows\system32\perfh005.dat
2016-10-09 16:19 - 2010-11-21 03:16 - 00141744 _____ C:\Windows\system32\perfc005.dat
2016-10-09 16:19 - 2010-11-20 23:01 - 07414820 _____ C:\Windows\system32\PerfStringBackup.INI
2016-10-02 20:01 - 2014-05-13 23:16 - 00002141 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-09-28 20:45 - 2014-05-14 19:09 - 00002117 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2016-09-28 20:45 - 2014-05-14 19:09 - 00001945 _____ C:\Windows\epplauncher.mif
2016-09-28 20:45 - 2014-05-14 19:09 - 00000000 ____D C:\Program Files\Microsoft Security Client
2016-09-24 14:43 - 2014-09-14 13:17 - 00000000 ____D C:\Program Files\Valve
2016-09-24 14:19 - 2014-05-13 23:05 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2016-09-18 13:34 - 2014-05-13 22:50 - 00000000 ____D C:\Users\čobolák
2016-09-18 13:34 - 2010-11-21 03:24 - 00000000 ___RD C:\Users\Public\Recorded TV
2016-09-18 13:34 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\servicing
2016-09-18 13:34 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\registration
2016-09-17 22:13 - 2009-07-14 06:53 - 00032622 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-09-13 10:29 - 2014-05-14 23:11 - 00000000 ____D C:\Windows\system32\MRT
2016-09-13 10:19 - 2014-05-14 23:11 - 141747376 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-09-13 04:37 - 2015-09-03 08:13 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-09-13 04:32 - 2015-09-03 08:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

==================== Files in the root of some directories =======

2014-05-13 23:35 - 2014-05-13 23:35 - 0000000 _____ () C:\Users\čobolák\AppData\Local\AtStart.txt
2014-05-13 23:35 - 2014-05-13 23:35 - 0000000 _____ () C:\Users\čobolák\AppData\Local\DSwitch.txt
2014-05-13 23:35 - 2014-05-13 23:35 - 0000000 _____ () C:\Users\čobolák\AppData\Local\QSwitch.txt
2016-10-10 14:08 - 2016-10-10 14:08 - 0007605 _____ () C:\Users\čobolák\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-09-29 20:37

==================== End of FRST.txt ============================

Zdravím!
Jak je na tom váš oper. systém s legalitou? Či NB je firemní?

NB je osobní s legálním win7.

OK. Udělejte tento sken:

Stáhněte a spusťte OTL: http://oldtimer.geekstogo.com/OTL.exe . Spusťte, zaškrněte "Pro všechny uživatele", Kontrola na havěť LOP" a Kontrola na hvěť PURITY" a do dolního bílého okna zkopírujte:

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*loader* /s

a klikněte na >Prohledat<. Dejte oba logy.

VIRY.CZ

total 01

total 01

Re: total 01

Re: total 01

Re: total 01