Prosba o pomoc - systém instalován před 2 měsícama

Zpráva

William_CZ · #1 Příspěvek od **William_CZ** » 23 říj 2016 16:57

Instalován místo Win XP a systém je výrazně pomalejší a to podle mě není na tom výkonově až tak špatně.

Potíže: 1.spuštění Google Chrome trvá výrazněji déle než na starém sys Win XP po několika letech bez přeinstalace a čištění win.
2.spuštění samostatného win 7 trvá taky celkem dlouho
3.po delší nečinnosti se systém nedávno sám vypnul

Podívejte se mi prosím i na spuštěné programy po startu systému a co nejvíce jich můžeme deaktivovat.

Prosím tedy o podívání na log a další rady. Děkuji moc

-------------------------------------------------------------------------------------------------------------
Logfile of random's system information tool 1.10 (written by random/random)
Run by Miloš at 2016-10-23 17:49:52
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 446 GB (91%) free of 491 GB
Total RAM: 8191 MB (54% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:50:00, on 23.10.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe
C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\System Explorer\SystemExplorer.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Miloš.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=12454
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [StatusAlerts] "C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on
O4 - HKLM\..\Run: [TrueImageMonitor.exe] "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
O4 - HKLM\..\Run: [AcronisTibMounterMonitor] C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O23 - Service: Služba Acronis Scheduler2 (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Acronis Nonstop Backup Service (afcdpsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP DS Service - Hewlett-Packard Company - C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe
O23 - Service: HP LaserJet Service - HP - C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Acronis Sync Agent Service (syncagentsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
O23 - Service: System Explorer Service (SystemExplorerHelpService) - Mister Group - C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7672 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files\ESET\ESET Smart Security\ekrn.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" /rep_new
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe"
"C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe"
"C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
"C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe"
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
"C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on
"C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
"C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --no-rate-limit "--database=C:\Users\Miloš\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel=-m --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=53.0.2785.143 --handshake-handle=0xb0
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3892.0.318506960\1865115378" --mojo-application-channel-token=368A494A333BB4F3BBE6DAF65C17CC1E --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/site-engagement-eager/AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeChannelStable/Enabled/ClientSideDetectionModel/Model0/DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Enabled2/PreconnectMore/Control/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_25/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/WebFontsInterventionV2/Default/ --disable-d3d11 --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=5,11,13,14,15,18,31,56,70 --gpu-vendor-id=0x10de --gpu-device-id=0x0640 --gpu-driver-vendor=NVIDIA --gpu-driver-version=8.15.11.8593 --gpu-driver-date=5-14-2009 --mojo-platform-channel-handle=1076 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeChannelStable/Enabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Enabled2/PreconnectMore/Control/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_25/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/WebFontsInterventionV2/Default/ --primordial-pipe-token=E748094F842128E4ACA4FA17BF481E93 --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --disable-accelerated-video-decode --mojo-channel-token=5A29401EF8E1A351A592010A87F4FE2F --mojo-application-channel-token=E748094F842128E4ACA4FA17BF481E93 --channel="3892.3.1222888965\1585911957" --mojo-platform-channel-handle=2596 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeChannelStable/Enabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Enabled2/PreconnectMore/Control/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_25/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/*WebFontsInterventionV2/Default/ --primordial-pipe-token=F324A17BE6978E58ED8BD4C26FE402C1 --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --disable-accelerated-video-decode --mojo-channel-token=301DD390CDE6006D87E2483D35148C5E --mojo-application-channel-token=F324A17BE6978E58ED8BD4C26FE402C1 --channel="3892.4.715956357\312284716" --mojo-platform-channel-handle=3148 /prefetch:1
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\System Explorer\SystemExplorer.exe"
"C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeChannelStable/Enabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Enabled2/*PreconnectMore/Control/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/SyncHttpContentCompression/Enabled/*TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_25/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/*WebFontsInterventionV2/Default/ --primordial-pipe-token=D2B927AB22CBE6F38FA31C1DC35C14BB --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --disable-accelerated-video-decode --mojo-channel-token=35EB2588D99E834269C9A254415046EC --mojo-application-channel-token=D2B927AB22CBE6F38FA31C1DC35C14BB --channel="3892.9.482890582\1975613151" --mojo-platform-channel-handle=5596 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeChannelStable/Enabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/*PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Enabled2/*PreconnectMore/Control/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/SyncHttpContentCompression/Enabled/*TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_25/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/*WebFontsInterventionV2/Default/ --primordial-pipe-token=DDCB0A4322BF314E1DC9E5969A314D33 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --disable-accelerated-video-decode --mojo-channel-token=AA6804744196E3138ACBEC5A5ABE8353 --mojo-application-channel-token=DDCB0A4322BF314E1DC9E5969A314D33 --channel="3892.10.485078383\559631030" --mojo-platform-channel-handle=5292 /prefetch:1
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeChannelStable/Enabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/*PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Enabled2/*PreconnectMore/Control/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/SyncHttpContentCompression/Enabled/*TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_25/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/*WebFontsInterventionV2/Default/ --primordial-pipe-token=A10C18C011E8EDD4571F2CAA51C1BC14 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --disable-accelerated-video-decode --mojo-channel-token=68836294B2ADCB7EDEB33500249D7CF8 --mojo-application-channel-token=A10C18C011E8EDD4571F2CAA51C1BC14 --channel="3892.11.1497274696\1915395886" --mojo-platform-channel-handle=1340 /prefetch:1
taskhost.exe $(Arg0)
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-eager/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeChannelStable/Enabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/*PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/*PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Enabled2/*PreconnectMore/Control/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/SyncHttpContentCompression/Enabled/*TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_25/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/WebBluetoothBlacklist/BlacklistUpdate1/*WebFontsInterventionV2/Default/ --primordial-pipe-token=E5CD7128A0014D15A4179B6F1ED6E38A --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --disable-accelerated-video-decode --mojo-channel-token=7D0C721C721D4131506A1B7F41CA3745 --mojo-application-channel-token=E5CD7128A0014D15A4179B6F1ED6E38A --channel="3892.13.1759299534\428718968" --mojo-platform-channel-handle=1732 /prefetch:1
"C:\Users\Miloš\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Služba Acronis Scheduler2"=C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [2012-09-24 404280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate]
C:\Users\Miloš\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop]
C:\Users\Miloš\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce]
C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Users\Miloš\AppData\Roaming\uTorrent\uTorrent.exe [2016-09-09 2139840]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate]
C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE [2012-10-18 752736]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Miloš^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
C:\PROGRA~2\MICROS~1\Office12\ONENOTEM.EXE [2006-10-26 98632]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
""= []
"StatusAlerts"=C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [2013-04-18 313656]
"TrueImageMonitor.exe"=C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [2012-09-24 6036056]
"AcronisTibMounterMonitor"=C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [2012-07-24 943344]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-10-23 17:49:52 ----D---- C:\rsit
2016-10-23 17:49:52 ----D---- C:\Program Files\trend micro
2016-10-23 17:45:36 ----D---- C:\ProgramData\SystemExplorer
2016-10-23 17:45:34 ----D---- C:\Program Files (x86)\System Explorer
2016-10-23 17:41:46 ----D---- C:\Windows\pss
2016-10-16 17:04:41 ----D---- C:\Users\Miloš\AppData\Roaming\Ubisoft
2016-10-16 17:00:44 ----D---- C:\ProgramData\Tages
2016-10-16 16:59:41 ----A---- C:\Windows\system32\drivers\lirsgt.sys
2016-10-16 16:59:41 ----A---- C:\Windows\system32\drivers\atksgt.sys
2016-10-16 16:59:37 ----A---- C:\Windows\SYSWOW64\d3dx10_41.dll
2016-10-16 16:59:37 ----A---- C:\Windows\SYSWOW64\D3DCompiler_41.dll
2016-10-16 16:59:37 ----A---- C:\Windows\system32\d3dx10_41.dll
2016-10-16 16:59:37 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2016-10-16 16:59:36 ----A---- C:\Windows\SYSWOW64\D3DX9_41.dll
2016-10-16 16:59:36 ----A---- C:\Windows\system32\D3DX9_41.dll
2016-10-16 16:59:35 ----A---- C:\Windows\SYSWOW64\XAudio2_4.dll
2016-10-16 16:59:35 ----A---- C:\Windows\SYSWOW64\XAPOFX1_3.dll
2016-10-16 16:59:35 ----A---- C:\Windows\SYSWOW64\xactengine3_4.dll
2016-10-16 16:59:35 ----A---- C:\Windows\SYSWOW64\X3DAudio1_6.dll
2016-10-16 16:59:35 ----A---- C:\Windows\system32\XAudio2_4.dll
2016-10-16 16:59:35 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2016-10-16 16:59:35 ----A---- C:\Windows\system32\xactengine3_4.dll
2016-10-16 16:59:35 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2016-10-16 16:59:34 ----A---- C:\Windows\SYSWOW64\d3dx10_40.dll
2016-10-16 16:59:34 ----A---- C:\Windows\SYSWOW64\D3DCompiler_40.dll
2016-10-16 16:59:34 ----A---- C:\Windows\system32\d3dx10_40.dll
2016-10-16 16:59:34 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2016-10-16 16:59:33 ----A---- C:\Windows\SYSWOW64\D3DX9_40.dll
2016-10-16 16:59:33 ----A---- C:\Windows\system32\D3DX9_40.dll
2016-10-16 16:59:32 ----A---- C:\Windows\SYSWOW64\XAudio2_3.dll
2016-10-16 16:59:32 ----A---- C:\Windows\SYSWOW64\XAPOFX1_2.dll
2016-10-16 16:59:32 ----A---- C:\Windows\SYSWOW64\xactengine3_3.dll
2016-10-16 16:59:32 ----A---- C:\Windows\system32\XAudio2_3.dll
2016-10-16 16:59:32 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2016-10-16 16:59:32 ----A---- C:\Windows\system32\xactengine3_3.dll
2016-10-16 16:59:31 ----A---- C:\Windows\SYSWOW64\XAudio2_2.dll
2016-10-16 16:59:31 ----A---- C:\Windows\SYSWOW64\XAPOFX1_1.dll
2016-10-16 16:59:31 ----A---- C:\Windows\SYSWOW64\X3DAudio1_5.dll
2016-10-16 16:59:31 ----A---- C:\Windows\system32\XAudio2_2.dll
2016-10-16 16:59:31 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2016-10-16 16:59:31 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2016-10-16 16:59:30 ----A---- C:\Windows\SYSWOW64\xactengine3_2.dll
2016-10-16 16:59:30 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll
2016-10-16 16:59:30 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll
2016-10-16 16:59:30 ----A---- C:\Windows\system32\xactengine3_2.dll
2016-10-16 16:59:30 ----A---- C:\Windows\system32\d3dx10_39.dll
2016-10-16 16:59:30 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2016-10-16 16:59:29 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2016-10-16 16:59:29 ----A---- C:\Windows\system32\D3DX9_39.dll
2016-10-16 16:59:28 ----A---- C:\Windows\SYSWOW64\XAudio2_1.dll
2016-10-16 16:59:28 ----A---- C:\Windows\SYSWOW64\XAPOFX1_0.dll
2016-10-16 16:59:28 ----A---- C:\Windows\SYSWOW64\xactengine3_1.dll
2016-10-16 16:59:28 ----A---- C:\Windows\system32\XAudio2_1.dll
2016-10-16 16:59:28 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2016-10-16 16:59:28 ----A---- C:\Windows\system32\xactengine3_1.dll
2016-10-16 16:59:27 ----A---- C:\Windows\SYSWOW64\X3DAudio1_4.dll
2016-10-16 16:59:27 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2016-10-16 16:59:26 ----A---- C:\Windows\SYSWOW64\d3dx10_38.dll
2016-10-16 16:59:26 ----A---- C:\Windows\SYSWOW64\D3DCompiler_38.dll
2016-10-16 16:59:26 ----A---- C:\Windows\system32\d3dx10_38.dll
2016-10-16 16:59:26 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2016-10-16 16:59:25 ----A---- C:\Windows\SYSWOW64\XAudio2_0.dll
2016-10-16 16:59:25 ----A---- C:\Windows\SYSWOW64\D3DX9_38.dll
2016-10-16 16:59:25 ----A---- C:\Windows\system32\XAudio2_0.dll
2016-10-16 16:59:25 ----A---- C:\Windows\system32\D3DX9_38.dll
2016-10-16 16:59:24 ----A---- C:\Windows\SYSWOW64\xactengine3_0.dll
2016-10-16 16:59:24 ----A---- C:\Windows\SYSWOW64\X3DAudio1_3.dll
2016-10-16 16:59:24 ----A---- C:\Windows\system32\xactengine3_0.dll
2016-10-16 16:59:24 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2016-10-16 16:59:23 ----A---- C:\Windows\SYSWOW64\d3dx10_37.dll
2016-10-16 16:59:23 ----A---- C:\Windows\SYSWOW64\D3DCompiler_37.dll
2016-10-16 16:59:23 ----A---- C:\Windows\system32\d3dx10_37.dll
2016-10-16 16:59:23 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2016-10-16 16:59:22 ----A---- C:\Windows\SYSWOW64\xactengine2_10.dll
2016-10-16 16:59:22 ----A---- C:\Windows\SYSWOW64\D3DX9_37.dll
2016-10-16 16:59:22 ----A---- C:\Windows\system32\xactengine2_10.dll
2016-10-16 16:59:22 ----A---- C:\Windows\system32\D3DX9_37.dll
2016-10-16 16:59:21 ----A---- C:\Windows\SYSWOW64\d3dx10_36.dll
2016-10-16 16:59:21 ----A---- C:\Windows\SYSWOW64\D3DCompiler_36.dll
2016-10-16 16:59:21 ----A---- C:\Windows\system32\d3dx10_36.dll
2016-10-16 16:59:21 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2016-10-16 16:59:20 ----A---- C:\Windows\SYSWOW64\d3dx9_36.dll
2016-10-16 16:59:20 ----A---- C:\Windows\system32\d3dx9_36.dll
2016-10-16 16:59:19 ----A---- C:\Windows\SYSWOW64\xactengine2_9.dll
2016-10-16 16:59:19 ----A---- C:\Windows\SYSWOW64\d3dx10_35.dll
2016-10-16 16:59:19 ----A---- C:\Windows\system32\xactengine2_9.dll
2016-10-16 16:59:19 ----A---- C:\Windows\system32\d3dx10_35.dll
2016-10-16 16:59:18 ----A---- C:\Windows\SYSWOW64\d3dx9_35.dll
2016-10-16 16:59:18 ----A---- C:\Windows\SYSWOW64\D3DCompiler_35.dll
2016-10-16 16:59:18 ----A---- C:\Windows\system32\d3dx9_35.dll
2016-10-16 16:59:18 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2016-10-16 16:59:17 ----A---- C:\Windows\SYSWOW64\xactengine2_8.dll
2016-10-16 16:59:17 ----A---- C:\Windows\SYSWOW64\X3DAudio1_2.dll
2016-10-16 16:59:17 ----A---- C:\Windows\system32\xactengine2_8.dll
2016-10-16 16:59:17 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2016-10-16 16:59:16 ----A---- C:\Windows\SYSWOW64\d3dx10_34.dll
2016-10-16 16:59:16 ----A---- C:\Windows\SYSWOW64\D3DCompiler_34.dll
2016-10-16 16:59:16 ----A---- C:\Windows\system32\d3dx10_34.dll
2016-10-16 16:59:16 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2016-10-16 16:59:15 ----A---- C:\Windows\SYSWOW64\xinput1_3.dll
2016-10-16 16:59:15 ----A---- C:\Windows\SYSWOW64\d3dx9_34.dll
2016-10-16 16:59:15 ----A---- C:\Windows\system32\xinput1_3.dll
2016-10-16 16:59:15 ----A---- C:\Windows\system32\d3dx9_34.dll
2016-10-16 16:59:14 ----A---- C:\Windows\SYSWOW64\xactengine2_7.dll
2016-10-16 16:59:14 ----A---- C:\Windows\SYSWOW64\d3dx10_33.dll
2016-10-16 16:59:14 ----A---- C:\Windows\SYSWOW64\D3DCompiler_33.dll
2016-10-16 16:59:14 ----A---- C:\Windows\system32\xactengine2_7.dll
2016-10-16 16:59:14 ----A---- C:\Windows\system32\d3dx10_33.dll
2016-10-16 16:59:14 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2016-10-16 16:59:13 ----A---- C:\Windows\SYSWOW64\d3dx9_33.dll
2016-10-16 16:59:13 ----A---- C:\Windows\system32\d3dx9_33.dll
2016-10-16 16:59:12 ----A---- C:\Windows\SYSWOW64\xactengine2_6.dll
2016-10-16 16:59:12 ----A---- C:\Windows\system32\xactengine2_6.dll
2016-10-16 16:59:11 ----A---- C:\Windows\SYSWOW64\xactengine2_5.dll
2016-10-16 16:59:11 ----A---- C:\Windows\SYSWOW64\d3dx10.dll
2016-10-16 16:59:11 ----A---- C:\Windows\system32\xactengine2_5.dll
2016-10-16 16:59:11 ----A---- C:\Windows\system32\d3dx10.dll
2016-10-16 16:59:10 ----A---- C:\Windows\SYSWOW64\d3dx9_32.dll
2016-10-16 16:59:10 ----A---- C:\Windows\system32\d3dx9_32.dll
2016-10-16 16:59:09 ----A---- C:\Windows\SYSWOW64\xactengine2_4.dll
2016-10-16 16:59:09 ----A---- C:\Windows\SYSWOW64\x3daudio1_1.dll
2016-10-16 16:59:09 ----A---- C:\Windows\system32\xactengine2_4.dll
2016-10-16 16:59:09 ----A---- C:\Windows\system32\x3daudio1_1.dll
2016-10-16 16:59:08 ----A---- C:\Windows\SYSWOW64\xinput1_2.dll
2016-10-16 16:59:08 ----A---- C:\Windows\SYSWOW64\xactengine2_3.dll
2016-10-16 16:59:08 ----A---- C:\Windows\SYSWOW64\d3dx9_31.dll
2016-10-16 16:59:08 ----A---- C:\Windows\system32\xinput1_2.dll
2016-10-16 16:59:08 ----A---- C:\Windows\system32\xactengine2_3.dll
2016-10-16 16:59:08 ----A---- C:\Windows\system32\d3dx9_31.dll
2016-10-16 16:59:07 ----A---- C:\Windows\SYSWOW64\xinput1_1.dll
2016-10-16 16:59:07 ----A---- C:\Windows\SYSWOW64\xactengine2_2.dll
2016-10-16 16:59:07 ----A---- C:\Windows\system32\xinput1_1.dll
2016-10-16 16:59:07 ----A---- C:\Windows\system32\xactengine2_2.dll
2016-10-16 16:59:06 ----A---- C:\Windows\SYSWOW64\xactengine2_1.dll
2016-10-16 16:59:06 ----A---- C:\Windows\system32\xactengine2_1.dll
2016-10-16 16:59:01 ----A---- C:\Windows\system32\d3dx9_30.dll
2016-10-16 16:59:00 ----A---- C:\Windows\SYSWOW64\xactengine2_0.dll
2016-10-16 16:59:00 ----A---- C:\Windows\SYSWOW64\x3daudio1_0.dll
2016-10-16 16:59:00 ----A---- C:\Windows\system32\xactengine2_0.dll
2016-10-16 16:59:00 ----A---- C:\Windows\system32\x3daudio1_0.dll
2016-10-16 16:58:59 ----A---- C:\Windows\SYSWOW64\d3dx9_29.dll
2016-10-16 16:58:59 ----A---- C:\Windows\SYSWOW64\d3dx9_28.dll
2016-10-16 16:58:59 ----A---- C:\Windows\system32\d3dx9_29.dll
2016-10-16 16:58:59 ----A---- C:\Windows\system32\d3dx9_28.dll
2016-10-16 16:58:57 ----A---- C:\Windows\SYSWOW64\d3dx9_27.dll
2016-10-16 16:58:57 ----A---- C:\Windows\system32\d3dx9_27.dll
2016-10-16 16:58:56 ----A---- C:\Windows\SYSWOW64\d3dx9_26.dll
2016-10-16 16:58:56 ----A---- C:\Windows\system32\d3dx9_26.dll
2016-10-16 16:58:55 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll
2016-10-16 16:58:55 ----A---- C:\Windows\system32\d3dx9_25.dll
2016-10-16 16:58:54 ----A---- C:\Windows\SYSWOW64\d3dx9_24.dll
2016-10-16 16:58:54 ----A---- C:\Windows\system32\d3dx9_24.dll
2016-10-16 16:52:32 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2016-10-16 16:52:32 ----D---- C:\Program Files (x86)\Ubisoft
2016-10-08 12:15:53 ----D---- C:\Hudba staženo

======List of files/folders modified in the last 1 month======

2016-10-23 17:49:57 ----D---- C:\Windows\Temp
2016-10-23 17:49:52 ----RD---- C:\Program Files
2016-10-23 17:48:53 ----D---- C:\Windows\System32
2016-10-23 17:48:53 ----D---- C:\Windows\inf
2016-10-23 17:48:53 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-10-23 17:47:04 ----D---- C:\Windows\system32\config
2016-10-23 17:45:36 ----HD---- C:\ProgramData
2016-10-23 17:45:34 ----RD---- C:\Program Files (x86)
2016-10-23 17:41:46 ----D---- C:\Windows
2016-10-23 13:24:09 ----D---- C:\Users\Miloš\AppData\Roaming\Seznam.cz
2016-10-16 16:59:41 ----D---- C:\Windows\system32\drivers
2016-10-16 16:59:37 ----D---- C:\Windows\SysWOW64
2016-10-16 16:59:06 ----RSD---- C:\Windows\assembly
2016-10-16 16:59:03 ----D---- C:\Windows\Microsoft.NET
2016-10-16 16:57:35 ----SHD---- C:\System Volume Information
2016-10-16 16:57:18 ----D---- C:\Windows\Logs
2016-10-16 16:52:38 ----SHD---- C:\Windows\Installer
2016-10-16 16:45:19 ----D---- C:\Users\Miloš\AppData\Roaming\uTorrent
2016-10-12 19:01:29 ----D---- C:\Users\Miloš\AppData\Roaming\Audacity
2016-10-11 15:21:56 ----D---- C:\Windows\system32\Tasks
2016-10-07 21:28:56 ----D---- C:\Windows\system32\wdi

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2016-06-28 84640]
R0 fltsrv;Acronis Storage Filter Management; C:\Windows\system32\DRIVERS\fltsrv.sys [2016-08-20 155272]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 snapman;Acronis Snapshots Manager; C:\Windows\system32\DRIVERS\snapman.sys [2016-08-20 340104]
R0 tdrpman;Acronis Try&Decide and Restore Points filter; C:\Windows\system32\DRIVERS\tdrpman.sys [2016-08-20 1340040]
R0 tib_mounter;Acronis TIB Mounter; C:\Windows\system32\DRIVERS\tib_mounter.sys [2016-08-20 1093256]
R0 vididr;Acronis Virtual Disk; C:\Windows\system32\DRIVERS\vididr.sys [2016-08-20 228488]
R0 vidsflt;Acronis Disk Storage Filter; C:\Windows\system32\DRIVERS\vidsflt.sys [2016-08-20 166024]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2016-08-24 263296]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2016-06-28 197288]
R1 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2016-06-28 208552]
R1 EpfwLWF;ESET Personal Firewall; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2016-06-28 61608]
R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2016-10-16 314016]
R2 ekbdflt;ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [2016-08-24 153248]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2016-10-16 43680]
R3 afcdp;afcdp; C:\Windows\system32\DRIVERS\afcdp.sys [2016-08-20 367200]
R3 MarvinBus;Pinnacle Marvin Bus 64; C:\Windows\system32\DRIVERS\MarvinBus64.sys [2005-09-23 261120]
R3 RTL8167;Ovladač Realtek 8167 NT; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcrSch2Svc;Služba Acronis Scheduler2; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [2012-09-24 1127840]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-09-16 82128]
R2 afcdpsrv;Acronis Nonstop Backup Service; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2016-08-20 3692536]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2016-08-24 2780160]
R2 HP DS Service;HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [2011-10-17 13824]
R2 HP LaserJet Service;HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [2012-12-04 174592]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2008-09-30 935208]
R2 syncagentsrv;Acronis Sync Agent Service; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [2012-09-14 7024712]
R3 SystemExplorerHelpService;System Explorer Service; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [2014-12-20 820960]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-04 107848]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-04 107848]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

-----------------EOF-----------------

#2 Příspěvek od **Márty84** » 24 říj 2016 12:32

Zdravim

Pokud nepouzivate, odinstalujte Seznam Software

Stahnete crystal disk info http://www.slunecnice.cz/sw/crystaldiskinfo/
Nainstalujte (pozor na pripadne doplnky, ty odmitnete zrusenim zatrzitka) a spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)

Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner[C?].txt ). Ten mi sem zkopirujte.

Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

William_CZ · #3 Příspěvek od **William_CZ** » 28 říj 2016 17:36

Dobrý den, zde vkládám logy z jednotlivých aplikací:

CrystalDisk
------------------------------------------------
----------------------------------------------------------------------------
CrystalDiskInfo 7.0.4 (C) 2008-2016 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 Home Premium SP1 [6.1 Build 7601] (x64)
Date : 2016/10/27 17:42:37

-- Controller Map ----------------------------------------------------------
+ PCI Standardní dvoukanálový řadič IDE [ATA]
+ ATA Channel 0 (0)
- HL-DT-ST DVDRAM GH24NSC0 ATA Device
- WDC WD10PURX-64E5EY0 ATA Device
- ATA Channel 1 (1)
+ PCI Standardní dvoukanálový řadič IDE [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)

-- Disk List ---------------------------------------------------------------
(1) WDC WD10PURX-64E5EY0 : 1000,2 GB [0/2/0, pd1] - wd

----------------------------------------------------------------------------
(1) WDC WD10PURX-64E5EY0
----------------------------------------------------------------------------
Model : WDC WD10PURX-64E5EY0
Firmware : 01.01A01
Serial Number : WD-WCC4J3NK1RYR
Disk Size : 1000,2 GB (8,4/137,4/1000,2/1000,2)
Buffer Size : Neznámy údaj
Queue Depth : 32
# of Sectors : 1953525168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ACS-2
Minor Version : ----
Transfer Mode : SATA/300 | SATA/600
Power On Hours : 80 hod.
Power On Count : 78 krát
Temperature : 31 C (87 F)
Health Status : Dobrý
Features : S.M.A.R.T., 48bit LBA, NCQ
APM Level : ----
AAM Level : ----
Drive Letter : C: D:

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 138 138 _21 000000000FE2 Čas na roztočení ploten
04 100 100 __0 00000000004E Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 200 200 __0 000000000000 Počet chybných hledání
09 100 100 __0 000000000050 Hodin v činnosti
0A 100 253 __0 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 253 __0 000000000000 Počet pokusů o překalibrování
0C 100 100 __0 00000000004E Počet cyklů zapnutí zařízení
C0 200 200 __0 000000000001 Počet vypnutí disku
C1 200 200 __0 00000000004C Počet cyklů načítání/vymazání
C2 112 105 __0 00000000001F Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 100 253 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 253 __0 000000000000 Počet chyb při zápisu sektorů

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 5743 4334 4A33 4E4B 3152 5952
020: 0000 0000 0000 3031 2E30 3141 3031 5744 4320 5744
030: 3130 5055 5258 2D36 3445 3545 5930 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 9F0E 0004 004C 0040
080: 03FE 0000 746B 7D61 6733 7469 BC41 6723 407F 004A
090: 004A 0000 FFFE 0000 0000 0008 0000 0000 86A0 0001
100: 6DB0 7470 0000 0000 0000 0000 6003 0000 5001 4EE2
110: B82C 90E2 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 303D 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 103E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 4AA5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 C8 C8 00 00 00 00 00 00 00 03 27
010: 00 8A 8A E2 0F 00 00 00 00 00 04 32 00 64 64 4E
020: 00 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 2E 00 C8 C8 00 00 00 00 00 00 00 09 32
040: 00 64 64 50 00 00 00 00 00 00 0A 32 00 64 FD 00
050: 00 00 00 00 00 00 0B 32 00 64 FD 00 00 00 00 00
060: 00 00 0C 32 00 64 64 4E 00 00 00 00 00 00 C0 32
070: 00 C8 C8 01 00 00 00 00 00 00 C1 32 00 C8 C8 4C
080: 00 00 00 00 00 00 C2 22 00 70 69 1F 00 00 00 00
090: 00 00 C4 32 00 C8 C8 00 00 00 00 00 00 00 C5 32
0A0: 00 C8 C8 00 00 00 00 00 00 00 C6 30 00 64 FD 00
0B0: 00 00 00 00 00 00 C7 32 00 C8 C8 00 00 00 00 00
0C0: 00 00 C8 08 00 64 FD 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 9C 36 01 7B
170: 03 00 01 00 02 9F 05 00 00 00 00 00 00 00 00 00
180: 00 00 01 02 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 FF

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 00 00 00 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 00 C8 C8 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 00 00 00 00 00
050: 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 C0 00
070: 00 00 00 00 00 00 00 00 00 00 C1 00 00 00 00 00
080: 00 00 00 00 00 00 C2 00 00 00 00 00 00 00 00 00
090: 00 00 C4 00 00 00 00 00 00 00 00 00 00 00 C5 00
0A0: 00 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00
0B0: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
0C0: 00 00 C8 00 00 00 00 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 9D

--------------------------------------------------------------------------------------------------------------
--------------------------------------------------------------------------------------------------------------

AdwCleaner:

# AdwCleaner v6.030 - Log soubor vytvořen 27/10/2016 na 17:47:45
# Aktualizováno dne 19/10/2016 z Malwarebytes
# Databáze : 2016-10-27.1 [Server]
# Operační systém : Windows 7 Home Premium Service Pack 1 (X64)
# Uživatelské jméno : Miloš - MILOŠ-PC
# Beží od : C:\Users\Miloš\Desktop\adwcleaner_6.030.exe
# Mod: Čištění
# Podpora : hxxps://www.malwarebytes.com/support

***** [ Služby ] *****

***** [ Adresáře ] *****

***** [ Soubory ] *****

***** [ DLL ] *****

***** [ WMI ] *****

***** [ Zástupce ] *****

[-] Zástupce dezinfikován:C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis\True Image\Nástroje\Připojit diskový obraz.lnk

***** [ Plánovač úloh ] *****

***** [ Registry ] *****

[-] Klíč smazán:HKLM\SOFTWARE\14919ea49a8f3b4aa3cf1058d9a64cec

***** [ Prohlížeče ] *****

*************************

:: "Tracing" klíč smazán
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [1025 Bajtů] - [27/10/2016 17:47:45]
C:\AdwCleaner\AdwCleaner[S0].txt - [1530 Bajtů] - [27/10/2016 17:47:19]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1173 Bajtů] ##########

--------------------------------------------------------------------------------------------------------------
--------------------------------------------------------------------------------------------------------------

Malvarebytes:

- projeto dvakrát poprvé spuštěno léčení. Log vložen z druhého skenu:

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 27.10.2016
Čas skenování: 20:28
Protokol: Výsledek.txt
Správce: Ano

Verze: 2.2.1.1043
Databáze malwaru: v2016.10.27.07
Databáze rootkitů: v2016.09.26.02
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Miloš

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 406213
Uplynulý čas: 1 hod, 20 min, 50 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 0
(Nenalezeny žádné škodlivé položky)

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)

(end)

#4 Příspěvek od **Márty84** » 28 říj 2016 23:48

William_CZ píše:Malvarebytes:

- projeto dvakrát poprvé spuštěno léčení. Log vložen z druhého skenu:

Rad bych videl log z toho prvniho skenu, abych vedel, co tam bylo a mohl lepe cilit dalsi kroky.

Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach

(Kdyby nesel Launcher stahnout, dejte logy jen ze samotneho FRST, tedy bez pouziti Launcheru)

Robotka · #5 Příspěvek od **Robotka** » 29 říj 2016 14:35

Zdravím.
Syn odjel,pokračuji místo něj .Ten první log nemůžu poslat, protože ho majitel pc omylem smazal .
Tady posílám nový log podle postupu, v příloze posílám addition :

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-10-2016
Ran by MiloĹˇ (administrator) on MILOĹ -PC (29-10-2016 15:25:33)
Running from C:\Users\MiloĹˇ\Desktop
Loaded Profiles: MiloĹˇ (Available Profiles: MiloĹˇ)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: ÄŚeĹˇtina (ÄŚeskĂˇ republika)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTray.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\MiloĹˇ\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SluĹľba Acronis Scheduler2] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [404280 2012-09-24] (Acronis)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [313656 2013-04-18] (Hewlett-Packard Company)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [6036056 2012-09-24] (Acronis)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [943344 2012-07-24] (Acronis)
HKU\S-1-5-21-3827542295-2010513319-4259380965-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE [752736 2012-10-18] (ZONER software)
HKU\S-1-5-21-3827542295-2010513319-4259380965-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [333824 2010-11-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2012-09-24] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2012-09-24] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2012-09-24] (Acronis)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 37.44.16.254 37.44.17.254 192.168.1.1
Tcpip\..\Interfaces\{B4A6032A-1BA4-4D52-995E-6BBC7F57A770}: [DhcpNameServer] 37.44.16.254 37.44.17.254 192.168.1.1

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-3827542295-2010513319-4259380965-1001 -> {4B52C396-0B88-413C-8FC0-E6BEC452C725} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)

FireFox:
========
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-04] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxps://www.seznam.cz/
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/"
CHR Profile: C:\Users\MiloĹˇ\AppData\Local\Google\Chrome\User Data\Default [2016-10-29]
CHR Extension: (PĹ™ekladaÄŤ Google) - C:\Users\MiloĹˇ\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2016-10-23]
CHR Extension: (Prezentace Google) - C:\Users\MiloĹˇ\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-08-04]
CHR Extension: (Dokumenty Google) - C:\Users\MiloĹˇ\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-04]
CHR Extension: (Disk Google) - C:\Users\MiloĹˇ\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-04]
CHR Extension: (YouTube) - C:\Users\MiloĹˇ\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-04]
CHR Extension: (Tabulky Google) - C:\Users\MiloĹˇ\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-04]
CHR Extension: (Platby InternetovĂ©ho obchodu Chrome) - C:\Users\MiloĹˇ\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-04]
CHR Extension: (Gmail) - C:\Users\MiloĹˇ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-04]
CHR Extension: (Chrome Media Router) - C:\Users\MiloĹˇ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-27]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2780160 2016-08-24] (ESET)
R2 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2011-10-17] (Hewlett-Packard Company) [File not signed]
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [174592 2012-12-04] (HP) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
S3 SystemExplorerHelpService; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [820960 2014-12-20] (Mister Group)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2016-10-16] ()
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [263296 2016-08-24] (ESET)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [197288 2016-06-28] (ESET)
R2 ekbdflt; C:\Windows\System32\DRIVERS\ekbdflt.sys [153248 2016-08-24] (ESET)
R1 epfw; C:\Windows\System32\DRIVERS\epfw.sys [208552 2016-06-28] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [61608 2016-06-28] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [84640 2016-06-28] (ESET)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2016-10-16] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-10-29] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [1093256 2016-08-20] (Acronis)
R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [166024 2016-08-20] (Acronis)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-10-29 15:25 - 2016-10-29 15:25 - 00010263 _____ C:\Users\MiloĹˇ\Desktop\FRST.txt
2016-10-29 15:25 - 2016-10-29 15:25 - 00000000 ____D C:\FRST
2016-10-29 15:23 - 2016-10-29 15:24 - 00112640 _____ (forum.viry.cz) C:\Users\MiloĹˇ\Desktop\FRSTLauncher.exe
2016-10-29 15:17 - 2016-10-29 15:17 - 02408448 _____ (Farbar) C:\Users\MiloĹˇ\Desktop\FRST64.exe
2016-10-27 17:52 - 2016-10-29 15:12 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-10-27 17:41 - 2016-10-27 17:41 - 00001106 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-10-27 17:41 - 2016-10-27 17:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-10-27 17:41 - 2016-10-27 17:41 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-10-27 17:41 - 2016-10-27 17:41 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-10-27 17:41 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-10-27 17:41 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-10-27 17:41 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-10-27 17:39 - 2016-10-27 17:40 - 22851472 _____ (Malwarebytes ) C:\Users\MiloĹˇ\Downloads\mbam-setup-2.2.1.1043.exe
2016-10-27 17:37 - 2016-10-27 17:37 - 03910208 _____ C:\Users\MiloĹˇ\Downloads\adwcleaner_6.030.exe
2016-10-27 17:35 - 2016-10-27 17:41 - 00000000 ____D C:\Program Files (x86)\CrystalDiskInfo
2016-10-27 17:35 - 2016-10-27 17:35 - 00001204 _____ C:\Users\MiloĹˇ\Desktop\CrystalDiskInfo.lnk
2016-10-27 17:35 - 2016-10-27 17:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2016-10-27 17:34 - 2016-10-27 17:47 - 00000000 ____D C:\AdwCleaner
2016-10-27 17:34 - 2016-10-27 17:34 - 03910208 _____ C:\Users\MiloĹˇ\Desktop\adwcleaner_6.030.exe
2016-10-23 22:09 - 2016-10-23 22:09 - 00000645 _____ C:\Users\MiloĹˇ\Desktop\Video.lnk
2016-10-23 18:05 - 2016-10-23 18:05 - 00000000 ____D C:\Users\MiloĹˇ\AppData\Roaming\TeamViewer
2016-10-23 18:04 - 2016-10-23 18:04 - 00001168 _____ C:\Users\MiloĹˇ\Desktop\TeamViewer â€“ zĂˇstupce.lnk
2016-10-23 18:04 - 2016-10-23 18:04 - 00000000 ____D C:\Users\MiloĹˇ\Desktop\TeamViewerPortable
2016-10-23 17:49 - 2016-10-23 17:50 - 00000000 ____D C:\rsit
2016-10-23 17:49 - 2016-10-23 17:50 - 00000000 ____D C:\Program Files\trend micro
2016-10-23 17:47 - 2016-10-23 17:48 - 01222144 _____ C:\Users\MiloĹˇ\Desktop\RSITx64.exe
2016-10-23 17:45 - 2016-10-23 17:53 - 00000000 ____D C:\ProgramData\SystemExplorer
2016-10-23 17:45 - 2016-10-23 17:45 - 01917528 _____ (Mister Group ) C:\Users\MiloĹˇ\Downloads\SystemExplorerSetup (1).exe
2016-10-23 17:45 - 2016-10-23 17:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Explorer
2016-10-23 17:45 - 2016-10-23 17:45 - 00000000 ____D C:\Program Files (x86)\System Explorer
2016-10-23 17:44 - 2016-10-23 17:45 - 01917528 _____ (Mister Group ) C:\Users\MiloĹˇ\Downloads\SystemExplorerSetup.exe
2016-10-23 17:41 - 2016-10-23 17:41 - 00000000 ____D C:\Windows\pss
2016-10-23 13:26 - 2016-10-23 13:26 - 00000000 ____D C:\Users\MiloĹˇ\AppData\Local\Nero
2016-10-21 21:38 - 2016-10-21 21:38 - 00001905 _____ C:\Users\MiloĹˇ\Desktop\VÄŤelaĹ™i 1.11.2016.xlsx
2016-10-19 20:38 - 2016-10-25 20:57 - 00000000 ____D C:\Users\MiloĹˇ\AppData\Local\Microsoft Games
2016-10-17 21:22 - 2016-10-17 21:22 - 00000000 ____D C:\Users\MiloĹˇ\Documents\Anno 1404
2016-10-16 17:18 - 2016-10-16 17:19 - 00000067 _____ C:\Users\MiloĹˇ\Desktop\pharaon odkaz ke staĹľenĂ.txt
2016-10-16 17:04 - 2016-10-16 17:04 - 00000000 ____D C:\Users\MiloĹˇ\AppData\Roaming\Ubisoft
2016-10-16 17:00 - 2016-10-16 17:01 - 00000000 ____D C:\ProgramData\Tages
2016-10-16 16:59 - 2016-10-16 16:59 - 00314016 _____ C:\Windows\system32\Drivers\atksgt.sys
2016-10-16 16:59 - 2016-10-16 16:59 - 00043680 _____ C:\Windows\system32\Drivers\lirsgt.sys
2016-10-16 16:59 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2016-10-16 16:59 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2016-10-16 16:59 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2016-10-16 16:59 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2016-10-16 16:59 - 2009-03-16 14:18 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2016-10-16 16:59 - 2009-03-16 14:18 - 00069448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2016-10-16 16:59 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2016-10-16 16:59 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2016-10-16 16:59 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2016-10-16 16:59 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2016-10-16 16:59 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2016-10-16 16:59 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2016-10-16 16:59 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2016-10-16 16:59 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2016-10-16 16:59 - 2008-10-15 07:03 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2016-10-16 16:59 - 2008-10-15 07:03 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2016-10-16 16:59 - 2008-10-15 07:03 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2016-10-16 16:59 - 2008-10-15 07:03 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2016-10-16 16:59 - 2008-10-15 07:03 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2016-10-16 16:59 - 2008-10-15 07:03 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2016-10-16 16:59 - 2008-10-15 07:03 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2016-10-16 16:59 - 2008-10-15 07:03 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2016-10-16 16:59 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2016-10-16 16:59 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2016-10-16 16:59 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2016-10-16 16:59 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2016-10-16 16:59 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2016-10-16 16:59 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2016-10-16 16:59 - 2008-07-30 06:20 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2016-10-16 16:59 - 2008-07-30 06:20 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2016-10-16 16:59 - 2008-07-30 06:20 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2016-10-16 16:59 - 2008-07-30 06:20 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2016-10-16 16:59 - 2008-07-30 06:20 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2016-10-16 16:59 - 2008-07-30 06:20 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2016-10-16 16:59 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2016-10-16 16:59 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2016-10-16 16:59 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2016-10-16 16:59 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2016-10-16 16:59 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2016-10-16 16:59 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2016-10-16 16:59 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2016-10-16 16:59 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2016-10-16 16:59 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2016-10-16 16:59 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2016-10-16 16:59 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2016-10-16 16:59 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2016-10-16 16:59 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2016-10-16 16:59 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2016-10-16 16:59 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2016-10-16 16:59 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2016-10-16 16:59 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2016-10-16 16:59 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2016-10-16 16:59 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2016-10-16 16:59 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2016-10-16 16:59 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2016-10-16 16:59 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2016-10-16 16:59 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2016-10-16 16:59 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2016-10-16 16:59 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2016-10-16 16:59 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2016-10-16 16:59 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2016-10-16 16:59 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2016-10-16 16:59 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2016-10-16 16:59 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2016-10-16 16:59 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2016-10-16 16:59 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2016-10-16 16:59 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2016-10-16 16:59 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2016-10-16 16:59 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2016-10-16 16:59 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2016-10-16 16:59 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2016-10-16 16:59 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2016-10-16 16:59 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2016-10-16 16:59 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2016-10-16 16:59 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2016-10-16 16:59 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2016-10-16 16:59 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2016-10-16 16:59 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2016-10-16 16:59 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2016-10-16 16:59 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2016-10-16 16:59 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2016-10-16 16:59 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2016-10-16 16:59 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2016-10-16 16:59 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2016-10-16 16:59 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2016-10-16 16:59 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2016-10-16 16:59 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2016-10-16 16:59 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2016-10-16 16:59 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2016-10-16 16:59 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2016-10-16 16:59 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2016-10-16 16:59 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2016-10-16 16:59 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2016-10-16 16:59 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2016-10-16 16:59 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2016-10-16 16:59 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2016-10-16 16:59 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2016-10-16 16:59 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2016-10-16 16:59 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2016-10-16 16:59 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2016-10-16 16:59 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2016-10-16 16:59 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2016-10-16 16:59 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2016-10-16 16:59 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2016-10-16 16:59 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2016-10-16 16:59 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2016-10-16 16:59 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2016-10-16 16:59 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2016-10-16 16:59 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2016-10-16 16:59 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2016-10-16 16:59 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2016-10-16 16:59 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2016-10-16 16:59 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2016-10-16 16:59 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2016-10-16 16:59 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2016-10-16 16:59 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2016-10-16 16:59 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2016-10-16 16:59 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2016-10-16 16:59 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2016-10-16 16:59 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2016-10-16 16:59 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2016-10-16 16:59 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2016-10-16 16:59 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2016-10-16 16:59 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2016-10-16 16:59 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2016-10-16 16:59 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2016-10-16 16:59 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2016-10-16 16:59 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2016-10-16 16:59 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2016-10-16 16:59 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2016-10-16 16:59 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2016-10-16 16:58 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2016-10-16 16:58 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2016-10-16 16:58 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2016-10-16 16:58 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2016-10-16 16:58 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2016-10-16 16:58 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2016-10-16 16:58 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2016-10-16 16:58 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2016-10-16 16:58 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2016-10-16 16:58 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2016-10-16 16:58 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2016-10-16 16:58 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2016-10-16 16:52 - 2016-10-16 16:52 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-10-16 16:52 - 2016-10-16 16:52 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2016-10-11 15:10 - 2016-10-23 12:43 - 00000000 ____D C:\Users\MiloĹˇ\AppData\Local\CrashDumps
2016-10-08 12:54 - 2016-10-08 12:54 - 00000017 _____ C:\Users\MiloĹˇ\AppData\Local\resmon.resmoncfg
2016-10-08 12:15 - 2016-10-08 12:44 - 00000000 ____D C:\Hudba staĹľeno
2016-10-07 21:44 - 2016-10-07 21:44 - 00075802 _____ C:\Users\MiloĹˇ\Downloads\0000000355429113_20160930_D_009_000_M_C.pdf
2016-10-07 21:43 - 2016-10-07 21:43 - 00074388 _____ C:\Users\MiloĹˇ\Downloads\0000000355429113_20160831_D_008_000_M_C.pdf
2016-10-07 21:35 - 2016-10-07 21:35 - 00006013 _____ C:\Users\MiloĹˇ\Downloads\smime.p7s
2016-10-05 12:32 - 2016-10-05 12:32 - 00264854 _____ C:\Users\MiloĹˇ\Desktop\Scan.pdf
2016-10-02 11:53 - 2016-10-02 12:00 - 00000000 ____D C:\Users\MiloĹˇ\Desktop\FoĹĄĂˇk

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-10-29 15:19 - 2009-07-14 06:45 - 00022528 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-10-29 15:19 - 2009-07-14 06:45 - 00022528 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-10-29 15:17 - 2016-08-04 21:05 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-10-29 15:11 - 2016-08-04 21:05 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-10-29 15:11 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-10-27 17:33 - 2016-08-20 20:01 - 00000000 ____D C:\Users\MiloĹˇ\AppData\Roaming\Seznam.cz
2016-10-25 19:19 - 2016-08-04 21:06 - 00002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-25 19:19 - 2016-08-04 21:06 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-10-23 22:07 - 2016-09-03 21:57 - 00000158 _____ C:\Users\MiloĹˇ\AppData\Roaming\default.rss
2016-10-23 17:48 - 2011-04-12 10:34 - 00622422 _____ C:\Windows\system32\perfh005.dat
2016-10-23 17:48 - 2011-04-12 10:34 - 00118604 _____ C:\Windows\system32\perfc005.dat
2016-10-23 17:48 - 2009-07-14 07:13 - 01445734 _____ C:\Windows\system32\PerfStringBackup.INI
2016-10-23 17:48 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-10-16 16:59 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-10-16 16:45 - 2016-08-20 20:57 - 00000000 ____D C:\Users\MiloĹˇ\AppData\Roaming\uTorrent
2016-10-16 16:41 - 2016-08-20 20:58 - 00000000 ___SD C:\Users\MiloĹˇ\AppData\LocalLow\Temp
2016-10-12 19:01 - 2016-08-20 21:04 - 00000000 ____D C:\Users\MiloĹˇ\AppData\Roaming\Audacity
2016-10-12 17:52 - 2016-08-20 20:28 - 00000000 ____D C:\Users\MiloĹˇ\Documents\Pinnacle Studio
2016-10-12 17:52 - 2016-08-20 20:17 - 00000349 _____ C:\Users\Public\Documents\PCLECHAL.INI
2016-10-11 15:21 - 2016-08-20 20:01 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-10-11 15:21 - 2016-08-20 20:00 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-10-08 12:20 - 2016-08-04 20:50 - 00000000 ____D C:\Users\MiloĹˇ\AppData\Local\VirtualStore

==================== Files in the root of some directories =======

2016-09-03 21:57 - 2016-10-23 22:07 - 0000158 _____ () C:\Users\MiloĹˇ\AppData\Roaming\default.rss
2016-10-08 12:54 - 2016-10-08 12:54 - 0000017 _____ () C:\Users\MiloĹˇ\AppData\Local\resmon.resmoncfg

Some files in TEMP:
====================
C:\Users\MiloĹˇ\AppData\Local\Temp\917b0b87-3358-4e79-93de-3dfc2fc99ed0.exe
C:\Users\MiloĹˇ\AppData\Local\Temp\libeay32.dll
C:\Users\MiloĹˇ\AppData\Local\Temp\msvcr120.dll
C:\Users\MiloĹˇ\AppData\Local\Temp\ose00000.exe
C:\Users\MiloĹˇ\AppData\Local\Temp\sqlite3.dll
C:\Users\MiloĹˇ\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-08-04 20:38

==================== End of FRST.txt ============================

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:479.27 GB) (Free:436.91 GB) NTFS
Drive d: (NovĂ˝ svazek) (Fixed) (Total:452.15 GB) (Free:403.59 GB) NTFS

Available physical RAM: 4159.27 MB
Total physical RAM: 8190.55 MB
Percentage of memory in use: 49%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 56AEE9E4)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=479.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=452.1 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: ESET Smart Security 9.0.401.1 (Disabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Smart Security 9.0.401.1 (Disabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET PersonĂˇlnĂ firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Miloç\Desktop" je 96 MB.

***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate
"C:\Users\Miloç\AppData\Roaming\Seznam.cz\szninstall.exe" -c [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop
"C:\Users\Miloç\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce
"C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent
"C:\Users\Miloç\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate
C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Miloç^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk
C:\PROGRA~2\MICROS~1\Office12\ONENOTEM.EXE /tsr [x]

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

#6 Příspěvek od **Márty84** » 29 říj 2016 22:18

MBAM odinstalujte.

Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3827542295-2010513319-4259380965-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE [752736 2012-10-18] (ZONER software)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Miloç^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk

Hosts:
EmptyTemp:
Reboot:
End

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.

Robotka · #7 Příspěvek od **Robotka** » 30 říj 2016 17:33

Provedeno.Pošlu log, pokračovat budeme asi až za týden,majitel pc je mimo domov.Dík.
Tady je log:

Fix result of Farbar Recovery Scan Tool (x64) Version: 29-10-2016
Ran by Miloš (30-10-2016 17:25:38) Run:1
Running from C:\Users\Miloš\Desktop
Loaded Profiles: Miloš (Available Profiles: Miloš)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3827542295-2010513319-4259380965-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE [752736 2012-10-18] (ZONER software)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Miloç^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKU\S-1-5-21-3827542295-2010513319-4259380965-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Zoner Photo Studio Autoupdate => value removed successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate => key removed successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop => key removed successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce => key removed successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent => key removed successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate => key removed successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Miloç^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Věýezy obrazovky a spuçtŘnˇ aplikace OneNote 2007.lnk => key not found.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 64783441 B
Java, Flash, Steam htmlcache => 405 B
Windows/system/drivers => 5717333 B
Edge => 0 B
Chrome => 567234984 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 73080 B
Public => 0 B
ProgramData => 0 B
systemprofile => 66228 B
systemprofile32 => 66228 B
LocalService => 2269874 B
NetworkService => 127038 B
Miloš => 2100400645 B

RecycleBin => 131133705 B
EmptyTemp: => 2.7 GB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 17:26:37 ====

#8 Příspěvek od **Márty84** » 30 říj 2016 20:00

Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

vyosek píše: DelFix https://toolslib.net/downloads/finish/2/
Stahnete a spustte

Ponechte zatrzitkou pouze u volby Remove disinfection tools

Kliknete na Run

Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)

Defragmentujte disk(y) (SSD Disky ne!)
Stahnete program Defraggler https://www.piriform.com/defraggler/download/standard
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.

Pak napiste, jak to s pc vypada.

Robotka · #9 Příspěvek od **Robotka** » 05 lis 2016 18:48

Zdravím.
Vše jsem udělal a vypadá to podstatně lépe.
Zatím moc děkuji. Robotka

#10 Příspěvek od **Márty84** » 06 lis 2016 18:27

Nemate zac!

A je to uz v norme a muzem tema uzavrit? Nebo je to sice lepsi, ale do normalu stale neco chybi?

VIRY.CZ

Prosba o pomoc - systém instalován před 2 měsícama

Prosba o pomoc - systém instalován před 2 měsícama

Re: Prosba o pomoc - systém instalován před 2 měsícama

Re: Prosba o pomoc - systém instalován před 2 měsícama

Re: Prosba o pomoc - systém instalován před 2 měsícama

Re: Prosba o pomoc - systém instalován před 2 měsícama

Re: Prosba o pomoc - systém instalován před 2 měsícama

Re: Prosba o pomoc - systém instalován před 2 měsícama

Re: Prosba o pomoc - systém instalován před 2 měsícama

Re: Prosba o pomoc - systém instalován před 2 měsícama

Re: Prosba o pomoc - systém instalován před 2 měsícama