Dobrý den,
poslední dobou se mi notebook velmi zasekává a disk s procesorem jsou velmi zatížené až po 100%.
V prohlížeči windows explorer ( který nepoužívám ) jsem našel že je nastavena domovská stránka na nějakou s "čínskými" znaky. Počítač jsem dlouho nepřeinstalovával, tak jsem se jej pokusil vrátit do továrního nastavení ale ani to se mi nepodařilo. U pokusu o vrácení do továrního nastavení mi to asi po 20 minutách napsalo že se nezdařilo a že žádné změny neproběhli. Nedaří se mi ani aktualizovat windows. Pokaždě se sám po vypnutí aktualizuje asi hodinu a po hodině jen vypíše že aktualizace se nezdařil a že navrací změny což trvá další půlhodinku. Prosím o kontrolu a pomoc. Děkuji
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-01-2017 01
Ran by Radossek (administrator) on RADOSS (27-01-2017 16:39:23)
Running from C:\Users\Radossek\Desktop
Loaded Profiles: Radossek & Administrator (Available Profiles: Radossek & Administrator)
Platform: Windows 10 Home Version 1511 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
() C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe
(© 2015 Microsoft Corporation) C:\Users\Radossek\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(Společnost TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ESET) C:\Program Files\ESET\ESET Antivirus\x86\ekrn.exe
(ESET) C:\Program Files\ESET\ESET Antivirus\egui.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Huawei) C:\Program Files (x86)\HiSuite\HiSuite.exe
(Huawei) C:\Users\Radossek\AppData\Local\Hisuite\userdata\hwtools\hdbtransport.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.16112.10221.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13196432 2012-09-25] (Realtek Semiconductor)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2611112 2012-09-04] ()
HKLM\...\Run: [TODDMain] => C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe [213136 2012-08-04] ()
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [169896 2012-08-14] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [356776 2012-07-11] (TOSHIBA Corporation)
HKLM\...\Run: [SRS Premium Sound HD] => C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe [2170784 2012-08-20] (SRS Labs, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3954880 2015-10-08] (Synaptics Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Antivirus\egui.exe [5595848 2015-07-08] (ESET)
HKLM-x32\...\Run: [TPUReg] => C:\Program Files (x86)\TOSHIBA\Password Utility\TosPU.exe [7148032 2012-10-31] (Pegatron Corporation)
HKLM-x32\...\Run: [TPUReg(x86)] => "C:\Program Files\TOSHIBA\Password Utility\TosPU.exe" /Retimes
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565960 2016-11-11] (LogMeIn Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\Run: [BingSvc] => C:\Users\Radossek\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2016-03-09] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4290240 2016-03-01] (Disc Soft Ltd)
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2876704 2016-12-20] (Valve Corporation)
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\Run: [LoLReplay2] => "C:\Program Files (x86)\LoLReplay2\LoLReplay2.exe"
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\RunOnce: [Uninstall C:\Users\Radossek\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Radossek\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\RunOnce: [Uninstall C:\Users\Radossek\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Radossek\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64"
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\RunOnce: [Uninstall C:\Users\Radossek\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Radossek\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64"
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\RunOnce: [Uninstall C:\Users\Radossek\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Radossek\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64"
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\MountPoints2: G - "G:\.autorun\autorun.exe"
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\MountPoints2: {9058066f-f33b-11e5-be84-2cd05a5dda82} - "G:\.autorun\autorun.exe"
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\MountPoints2: {9340a2ea-c1b9-11e6-bf68-2cd05a5dda82} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\MountPoints2: {a00c6bcd-beda-11e6-bf67-2cd05a5dda82} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1513155856-3543802732-2289230164-500\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-10-30] (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{a5ec4c43-103a-42ad-ae86-a929e79b85ba}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{ca899a89-b3b7-4b3f-9ad2-fd466f0ef3b2}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.hao123.com/?tn=95144889_hao_pg
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.domaincentar.com/
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com
HKU\S-1-5-21-1513155856-3543802732-2289230164-500\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://toshiba13.msn.com
HKU\S-1-5-21-1513155856-3543802732-2289230164-500\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com
SearchScopes: HKU\S-1-5-21-1513155856-3543802732-2289230164-1001 -> DefaultScope {BCB9D611-4812-44D8-9C9F-505B05A687CA} URL =
SearchScopes: HKU\S-1-5-21-1513155856-3543802732-2289230164-1001 -> {BCB9D611-4812-44D8-9C9F-505B05A687CA} URL =
Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll [2015-10-30] ()
Handler-x32: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll [2015-10-30] ()
Handler-x32: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll [2016-03-29] ()
Handler-x32: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll [2016-03-29] ()
FireFox:
========
FF DefaultProfile: ovxykrwp.default
FF ProfilePath: C:\Users\Radossek\AppData\Roaming\Mozilla\Firefox\Profiles\ovxykrwp.default [2017-01-27]
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\ovxykrwp.default -> Google
FF Homepage: Mozilla\Firefox\Profiles\ovxykrwp.default -> seznam.cz/
FF Extension: (AdBlocker Ultimate) - C:\Users\Radossek\AppData\Roaming\Mozilla\Firefox\Profiles\ovxykrwp.default\Extensions\adblockultimate@adblockultimate.net.xpi [2017-01-01]
FF Extension: (Bing Search) - C:\Users\Radossek\AppData\Roaming\Mozilla\Firefox\Profiles\ovxykrwp.default\Extensions\bingsearch.full@microsoft.com.xpi [2016-03-09]
FF Extension: (Adblock Plus) - C:\Users\Radossek\AppData\Roaming\Mozilla\Firefox\Profiles\ovxykrwp.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-23]
FF SearchPlugin: C:\Users\Radossek\AppData\Roaming\Mozilla\Firefox\Profiles\ovxykrwp.default\searchplugins\bing-.xml [2016-03-09]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-11] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-11] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1225195.dll [2016-09-20] (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2012-08-31] (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-20] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Radossek\AppData\Local\Google\Chrome\User Data\Default [2016-12-29]
CHR Extension: (Prezentace Google) - C:\Users\Radossek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-12-20]
CHR Extension: (Dokumenty Google) - C:\Users\Radossek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-12-20]
CHR Extension: (Disk Google) - C:\Users\Radossek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-20]
CHR Extension: (YouTube) - C:\Users\Radossek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-29]
CHR Extension: (Dokumenty Google offline) - C:\Users\Radossek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-12-29]
CHR Extension: (Skype) - C:\Users\Radossek\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-12-29]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Radossek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-12-20]
CHR Extension: (Gmail) - C:\Users\Radossek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-12-20]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1444544 2016-03-01] (Disc Soft Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Antivirus\x86\ekrn.exe [1353720 2015-07-08] (ESET)
R2 GFNEXSrv; C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe [156672 2011-10-13] () [File not signed]
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [2627080 2016-11-11] (LogMeIn Inc.)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2016-08-26] ()
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [330136 2015-08-27] (Intel Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-08-31] (LogMeIn, Inc.)
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [4307704 2016-02-25] (INCA Internet Co., Ltd.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [201360 2012-08-31] (Realtek Semiconductor)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [4088608 2016-09-21] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [235984 2016-11-24] (Safer-Networking Ltd.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [255168 2015-10-08] (Synaptics Incorporated)
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [114656 2012-09-25] (Toshiba Europe GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-01] (Microsoft Corporation)
S3 icssvc; %SystemRoot%\System32\tetheringservice.dll [X]
S3 WerSvc; %SystemRoot%\System32\WerSvc.dll [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [129152 2016-04-24] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-03-26] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-03-26] (Disc Soft Ltd)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [255240 2015-07-13] (ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [251632 2015-07-13] (ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [178520 2015-07-13] (ESET)
R2 epfwwfpr; C:\WINDOWS\system32\DRIVERS\epfwwfpr.sys [168208 2015-07-13] (ESET)
R3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18816 2016-05-25] (Huawei Technologies Co., Ltd.)
R3 Hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [45680 2015-11-12] (LogMeIn Inc.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2016-05-25] (Huawei Technologies Co., Ltd.)
R2 PEGAGFN; C:\Program Files (x86)\TOSHIBA\Password Utility\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek )
R3 RtkBtFilter2; C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys [65792 2015-05-29] (Realtek Microelectronics)
R3 rtwlane_13; C:\WINDOWS\System32\drivers\rtwlane_13.sys [3749888 2015-10-30] (Realtek Semiconductor Corporation )
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [51392 2015-10-08] (Synaptics Incorporated)
R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [28632 2012-07-31] (Windows (R) Win 7 DDK provider)
S1 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [121248 2016-09-12] (Oracle Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (MBB)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S1 leprtdmt; \??\C:\WINDOWS\system32\drivers\leprtdmt.sys [X]
S1 QMUdisk; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QMUdisk64.sys [X]
S1 softaal; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\softaal64.sys [X]
S1 SRepairDrv; \??\C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\SRepairDrv [X]
S2 tsnethlpx64; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\TsNetHlpX64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-01-27 16:39 - 2017-01-27 16:40 - 00020039 _____ C:\Users\Radossek\Desktop\FRST.txt
2017-01-27 16:38 - 2017-01-27 16:39 - 00000000 ____D C:\FRST
2017-01-27 16:38 - 2017-01-27 16:38 - 02420736 _____ (Farbar) C:\Users\Radossek\Desktop\FRST64.exe
2017-01-27 11:45 - 2017-01-27 11:45 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2017-01-27 11:44 - 2017-01-27 11:49 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2017-01-27 11:44 - 2017-01-27 11:48 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2017-01-27 11:44 - 2017-01-27 11:44 - 00001475 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2017-01-27 11:44 - 2017-01-27 11:44 - 00001463 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2017-01-27 11:44 - 2017-01-27 11:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2017-01-27 11:44 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe
2017-01-27 11:43 - 2017-01-27 11:43 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Radossek\Downloads\spybot-2.4.exe
2017-01-27 11:37 - 2017-01-27 11:37 - 16409960 _____ (Safer Networking Limited ) C:\Users\Radossek\Downloads\spybotsd162.exe
2017-01-26 21:06 - 2017-01-26 21:06 - 00000000 ____D C:\Users\Radossek\AppData\Local\ESET
2017-01-26 19:20 - 2017-01-26 19:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2017-01-26 19:20 - 2017-01-26 19:20 - 00000000 ____D C:\ProgramData\ESET
2017-01-26 19:20 - 2017-01-26 19:20 - 00000000 ____D C:\Program Files\ESET
2017-01-26 18:38 - 2017-01-26 18:38 - 00000000 ____D C:\Users\Radossek\Desktop\ESET NOD32 Antivirus_Smart Security 8.0.319.1 RePack by KpoJIuK
2017-01-26 12:49 - 2017-01-26 12:51 - 00000000 ____D C:\Users\Radossek\Desktop\Let’s Dance 1-4
2017-01-19 18:18 - 2017-01-19 18:21 - 1221384192 _____ C:\Users\Radossek\Desktop\Avengers.2012.DVDRip.Xvid.CZ.avi
2017-01-19 18:05 - 2017-01-19 18:07 - 00000000 ____D C:\Users\Radossek\Desktop\Deadpool.2016.BDRip.XviD.CZ-TreZzoR
2017-01-19 17:51 - 2017-01-19 17:59 - 1946617856 _____ C:\Users\Radossek\Desktop\G.I. Joe 2 - Odveta.avi
2017-01-19 17:50 - 2017-01-19 18:04 - 1469321588 _____ C:\Users\Radossek\Desktop\G.I.Joe.The.Rise.of.Cobra.2009.AC3.DVDRip.XviD.CZ-DeBpuTa .avi
2017-01-18 17:24 - 2017-01-18 17:28 - 1622044636 _____ C:\Users\Radossek\Desktop\Hobit Bitva pěti armád 2014 Cz dab..mkv
2017-01-18 17:19 - 2017-01-18 17:22 - 1500182528 _____ C:\Users\Radossek\Desktop\Petes.Dragon.2016.BDRip.XViD.AC3.CZ.SK.avi
2017-01-17 19:23 - 2017-01-17 19:24 - 00000000 ____D C:\Users\Radossek\Desktop\Matrix Trilogy CZ
2017-01-15 22:06 - 2017-01-15 22:09 - 1618517870 _____ C:\Users\Radossek\Desktop\Terminator.Genisys.2015.480p.BDRip.XviD.AC3.CZ-HiDE.avi
2017-01-13 14:53 - 2017-01-13 14:59 - 00000000 ____D C:\Users\Radossek\Desktop\Men in Black Trilogy - Muži v černém trilogie
2017-01-13 14:47 - 2017-01-13 14:48 - 00000000 ____D C:\Users\Radossek\Desktop\Terminator.kolekce.1984-2009.480p.DVDRip.XviD.AC3.CZ.-calibrum2
2017-01-11 18:45 - 2017-01-11 18:45 - 02721168 _____ (Microsoft Corporation) C:\Users\Radossek\Downloads\Windows7-USB-DVD-tool.exe
2017-01-11 18:38 - 2017-01-11 18:40 - 00000000 ____D C:\Users\Radossek\Desktop\Windows 8.1 + crack
2017-01-11 16:12 - 2017-01-11 16:21 - 00000000 ____D C:\Users\Radossek\Desktop\Saw.kolekce.2004-2010.480p.DVDRip.XviD.AC3.CZ.-calibrum2
2017-01-08 18:42 - 2017-01-08 18:42 - 00000219 _____ C:\Users\Radossek\Desktop\Alien Swarm.url
2017-01-07 20:03 - 2017-01-07 20:03 - 00002107 _____ C:\Users\Radossek\Desktop\left 4 dead.lnk
2017-01-07 19:51 - 2017-01-07 19:51 - 00000000 ____D C:\Program Files (x86)\valve
2017-01-07 19:40 - 2017-01-07 19:40 - 00000000 ____D C:\Users\Radossek\Desktop\left4dead_1030_nosteam_english
2017-01-07 18:35 - 2017-01-07 18:36 - 00000000 ____D C:\Users\Radossek\Desktop\Heroes 5 cz dabing
2017-01-07 01:50 - 2017-01-07 01:51 - 07837144 _____ C:\Users\Radossek\Downloads\WitN_fix7_for_v1.0.0.1.7z
2017-01-07 01:47 - 2017-01-07 01:47 - 00000000 ____D C:\Users\Radossek\AppData\Local\Chromium
2017-01-07 01:31 - 2017-01-07 01:31 - 00000000 ____D C:\Users\Radossek\AppData\Local\WB Games
2017-01-07 00:53 - 2017-01-07 00:53 - 08417280 _____ C:\Users\Radossek\Downloads\hamachi(1).msi
2017-01-06 21:26 - 2017-01-06 21:26 - 00000000 ____D C:\ProgramData\RELOADED
2017-01-06 21:21 - 2017-01-06 21:21 - 00001172 _____ C:\Users\Public\Desktop\LOTR - War in the North.lnk
2017-01-06 21:21 - 2017-01-06 21:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LOTR - War in the North
2017-01-06 21:08 - 2017-01-07 01:52 - 00000000 ____D C:\Program Files (x86)\LOTR - War in the North
2017-01-06 21:06 - 2017-01-06 21:07 - 00852263 _____ (tomi2k9 ) C:\Users\Radossek\Desktop\LOTR - War in the North by tomi2k9.exe
2017-01-06 21:04 - 2012-09-16 16:05 - 1133938771 ____N C:\Users\Radossek\Desktop\LOTR - War in the North by tomi2k9-3.bin
2017-01-06 21:02 - 2012-09-16 15:51 - 1533000000 ____N C:\Users\Radossek\Desktop\LOTR - War in the North by tomi2k9-2.bin
2017-01-06 21:01 - 2012-09-16 15:47 - 00000000 ____D C:\Users\Radossek\Desktop\.autorun
2017-01-06 21:01 - 2012-09-16 15:38 - 1532147520 ____N C:\Users\Radossek\Desktop\LOTR - War in the North by tomi2k9-1.bin
2017-01-05 00:25 - 2017-01-05 01:14 - 1969020928 _____ C:\Users\Radossek\Desktop\Deep Blue Sea - Útok z hlubin.avi
2017-01-01 23:39 - 2017-01-01 23:39 - 00000000 ____D C:\Users\Radossek\Desktop\ZVONÁR MATKY BOŽEJ 1080p [SK,CZ,ENG]
2016-12-30 22:18 - 2016-12-30 22:18 - 00000000 ____D C:\Users\Radossek\Desktop\Riddick - Trilogy CZ
2016-12-30 00:59 - 2016-12-30 01:02 - 00000000 ____D C:\Users\Radossek\Desktop\Hellboy 2 - Zlatá armáda
2016-12-30 00:16 - 2016-12-30 00:20 - 00000000 ____D C:\Users\Radossek\Desktop\Hellboy
2016-12-29 00:36 - 2016-12-29 00:42 - 00000000 ____D C:\Users\Radossek\Desktop\Scary Movie 5
2016-12-28 00:44 - 2016-12-28 00:45 - 00000000 ____D C:\Users\Radossek\Desktop\Lights.Out.2016.BRRip.XviD.AC3.CZ
2016-12-28 00:39 - 2016-12-28 00:39 - 00000000 ____D C:\Users\Radossek\Desktop\Vetřelec vs predator 1.2
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-01-27 16:30 - 2016-11-03 13:57 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-01-27 16:00 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2017-01-27 16:00 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-01-27 13:03 - 2016-11-18 18:34 - 00000000 ____D C:\Users\Radossek\AppData\LocalLow\Mozilla
2017-01-27 12:54 - 2016-11-18 17:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-01-27 12:54 - 2016-03-05 11:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-01-27 11:43 - 2016-03-04 20:43 - 00000000 ____D C:\Users\Radossek\AppData\Roaming\uTorrent
2017-01-27 11:18 - 2016-04-03 14:58 - 00000000 ____D C:\Users\Radossek\AppData\Local\LogMeIn Hamachi
2017-01-27 02:38 - 2016-03-04 23:38 - 01771468 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-01-27 02:38 - 2015-10-30 19:31 - 00751272 _____ C:\WINDOWS\system32\perfh005.dat
2017-01-27 02:38 - 2015-10-30 19:31 - 00150860 _____ C:\WINDOWS\system32\perfc005.dat
2017-01-27 02:38 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF
2017-01-26 22:44 - 2016-11-23 01:18 - 00000000 ____D C:\Users\Radossek\AppData\Roaming\vlc
2017-01-26 22:00 - 2016-03-09 06:53 - 00000000 ____D C:\ProgramData\Skype
2017-01-26 21:59 - 2016-07-10 07:58 - 00000000 ____D C:\UnrealTournament
2017-01-26 21:58 - 2013-03-11 04:26 - 00000000 ____D C:\Program Files (x86)\WildGames
2017-01-26 21:57 - 2013-03-11 04:23 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-01-26 21:57 - 2013-03-11 04:23 - 00000000 ____D C:\ProgramData\WildTangent
2017-01-26 21:06 - 2016-02-19 15:57 - 00000000 ____D C:\Users\Radossek\Downloads\ESET NOD32 antivirus 8.0.304.1 (x86,x64)(CZ,SK)
2017-01-26 19:31 - 2016-02-19 11:44 - 00000000 ____D C:\Users\Radossek\AppData\Local\Packages
2017-01-26 19:14 - 2016-03-05 04:54 - 00000000 ___HD C:\$SysReset
2017-01-26 19:11 - 2016-05-03 14:57 - 00000000 ____D C:\Program Files (x86)\Steam
2017-01-26 19:08 - 2016-03-05 11:06 - 00000000 __SHD C:\Users\Radossek\IntelGraphicsProfiles
2017-01-26 19:07 - 2016-03-04 23:36 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-01-26 19:06 - 2016-03-04 23:21 - 00000000 ____D C:\Users\Radossek
2017-01-26 19:06 - 2015-10-30 07:28 - 01048576 ___SH C:\WINDOWS\system32\config\BBI
2017-01-26 18:38 - 2016-10-31 13:23 - 00000017 _____ C:\Users\Radossek\Desktop\pro tátu.txt
2017-01-18 23:19 - 2016-12-13 23:36 - 00003278 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-01-18 23:19 - 2016-03-05 08:27 - 00002411 _____ C:\Users\Radossek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-01-18 23:19 - 2016-03-05 08:27 - 00000000 ___RD C:\Users\Radossek\OneDrive
2017-01-13 14:56 - 2016-07-24 22:33 - 00000000 ____D C:\Users\Radossek\Desktop\filmy
2017-01-11 15:30 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-01-11 15:30 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-01-08 18:42 - 2016-05-03 15:14 - 00000000 ____D C:\Users\Radossek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2017-01-07 01:47 - 2016-05-03 15:02 - 00000000 ____D C:\Users\Radossek\AppData\Local\Steam
==================== Files in the root of some directories =======
2016-03-26 14:49 - 2016-03-26 14:49 - 0005120 _____ () C:\Users\Radossek\AppData\Roaming\GiftBag.db
Some files in TEMP:
====================
2016-03-09 07:04 - 2016-03-09 07:04 - 0144008 _____ (© 2015 Microsoft Corporation) C:\Users\Radossek\AppData\Local\Temp\BingSvc.exe
2016-03-26 13:01 - 2016-03-26 13:01 - 0102912 _____ () C:\Users\Radossek\AppData\Local\Temp\bitool.dll
2016-03-09 07:04 - 2016-03-09 07:05 - 1118360 _____ (© 2015 Microsoft Corporation) C:\Users\Radossek\AppData\Local\Temp\BSvcProcessor.exe
2016-03-09 07:04 - 2016-03-09 07:04 - 0170128 _____ (© 2015 Microsoft Corporation) C:\Users\Radossek\AppData\Local\Temp\BSvcUpdater.exe
2017-01-26 21:58 - 2016-08-16 17:40 - 0786432 ____N () C:\Users\Radossek\AppData\Local\Temp\Core.dll
2017-01-26 21:58 - 2016-08-16 17:40 - 0311296 ____N () C:\Users\Radossek\AppData\Local\Temp\Setup.exe
2016-04-13 13:54 - 2016-11-25 18:46 - 43872728 _____ (Skype Technologies S.A.) C:\Users\Radossek\AppData\Local\Temp\SkypeSetup.exe
2016-09-25 12:57 - 2016-03-25 15:18 - 0118274 _____ () C:\Users\Radossek\AppData\Local\Temp\Uninstall.exe
2017-01-26 21:58 - 2016-08-16 17:40 - 0483328 ____N () C:\Users\Radossek\AppData\Local\Temp\Window.dll
2016-07-10 14:55 - 2006-05-24 14:10 - 0455600 ____R (Macrovision Corporation) C:\Users\Radossek\AppData\Local\Temp\_is122C.exe
2016-03-26 14:52 - 2016-03-26 14:51 - 0534528 _____ () C:\Users\Radossek\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
2016-11-23 01:09 - 2016-11-23 01:10 - 0733312 _____ () C:\Users\Radossek\AppData\Local\Temp\~FF39.exe
Some zero byte size files/folders:
==========================
C:\Windows\SysWOW64\inetcomm.dll
C:\Windows\SysWOW64\mfh265enc.dll
C:\Windows\SysWOW64\rpcnsh.dll
C:\Windows\SysWOW64\Windows.Security.Credentials.UI.UserConsentVerifier.dll
C:\Windows\SysWOW64\wlanpref.dll
C:\Windows\System32\autofmt.exe
C:\Windows\System32\CPFilters.dll
C:\Windows\System32\drmmgrtn.dll
C:\Windows\System32\efscore.dll
C:\Windows\System32\fdeploy.dll
C:\Windows\System32\inetcomm.dll
C:\Windows\System32\mfh265enc.dll
C:\Windows\System32\nslookup.exe
C:\Windows\System32\rascfg.dll
C:\Windows\System32\rdpinput.exe
C:\Windows\System32\TSWorkspace.dll
C:\Windows\System32\unbcl.dll
C:\Windows\System32\uudf.dll
C:\Windows\System32\wlanpref.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-01-21 16:18
==================== End of FRST.txt ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontorlu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Prosím o kontorlu
- Přílohy
-
- Addition.rar
- Addition z FRSC
- (10.44 KiB) Staženo 97 x
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontorlu
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontorlu
Jenom bch ještě přidal do problému nefunkční tlačítko start u windows ( mužu na nej klikat jak chci nabidka nevyjede ) a pokud najedu kurzorem do praveho horniho rohu aby vyjela nabidka na vpnuti a pod taky nevyjede. Log z ADW
# AdwCleaner v6.042 - Log vytvořen 27/01/2017 v 17:39:32
# Aktualizováno dne 06/01/2017 z Malwarebytes
# Databáze : 2017-01-27.1 [Server]
# Operační systém : Windows 10 Home (X64)
# Uživatelské jméno : Radossek - RADOSS
# Spuštěno z : C:\Users\Radossek\Desktop\adwcleaner_6.042.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support
***** [ Služby ] *****
[-] Služba smazána: QMUdisk
[-] Služba smazána: softaal
[-] Služba smazána: SRepairDrv
[-] Služba smazána: tsnethlpx64
***** [ Složky ] *****
[-] Složka smazána: C:\Users\Radossek\AppData\Local\VirtualStore\ProgramData\Application Data\Tencent
[-] Složka smazána: C:\Users\Radossek\AppData\Roaming\Tencent
[-] Složka smazána: C:\Users\Radossek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件
[-] Složka smazána: C:\Program Files\Common Files\Tencent
[-] Složka smazána: C:\Users\Radossek\AppData\Local\VirtualStore\Program Files (x86)\Tencent
[-] Složka smazána: C:\ProgramData\TXQMPC
[-] Složka smazána: C:\ProgramData\Tencent
[-] Složka smazána: C:\ProgramData\Application Data\Tencent
[-] Složka smazána: C:\Program Files (x86)\Tencent
[-] Složka smazána: C:\Program Files (x86)\Common Files\Tencent
[-] Složka smazána: C:\Users\Radossek\AppData\Local\Temp\Tencent
[-] Složka smazána: C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Roaming\Tencent
***** [ Soubory ] *****
[-] Soubor smazán: C:\Users\Administrator\Favorites\eBay.lnk
[-] Soubor smazán: C:\WINDOWS\SysNative\drivers\TFsFltX64.sys
[-] Soubor smazán: C:\WINDOWS\SysNative\drivers\TAOKernelEx64.sys
[-] Soubor smazán: C:\WINDOWS\SysWOW64\drivers\TS888x64.sys
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
[-] Zástupce vyléčen: C:\Users\Radossek\Desktop\hry\WarThunder.lnk
***** [ Naplánované úlohy ] *****
[-] Úloha smazána: LaunchPreSignup
***** [ Registry ] *****
[-] Klíč smazán: HKLM\SOFTWARE\Classes\metnsd
[-] Klíč smazán: HKLM\SOFTWARE\Classes\qmgcfiles
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\metnsd
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\qmgcfiles
[-] Klíč smazán: HKLM\SOFTWARE\Classes\AppID\{51BEE30D-EEC8-4BA3-930B-298B8E759EB1}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{70DE12EA-79F4-46BC-9812-86DB50A2FD64}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
[-] Klíč smazán: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{29B6CFD5-0064-411A-8C42-9890C83F9921}
[-] Klíč smazán: HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\Software\PRODUCTSETUP
[-] Klíč smazán: HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\Software\Softwareopensource
[-] Klíč smazán: HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\Software\csastats
[#] Klíč smazán po restartu: HKCU\Software\PRODUCTSETUP
[#] Klíč smazán po restartu: HKCU\Software\Softwareopensource
[#] Klíč smazán po restartu: HKCU\Software\csastats
[#] Klíč smazán po restartu: [x64] HKCU\Software\PRODUCTSETUP
[#] Klíč smazán po restartu: [x64] HKCU\Software\Softwareopensource
[#] Klíč smazán po restartu: [x64] HKCU\Software\csastats
[-] Data obnovena: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Klíč smazán: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\hao123.com
[-] Klíč smazán: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.hao123.com
[-] Klíč smazán: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\hao123.com
[-] Klíč smazán: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.hao123.com
[#] Klíč smazán po restartu: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\hao123.com
[#] Klíč smazán po restartu: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.hao123.com
[#] Klíč smazán po restartu: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\hao123.com
[#] Klíč smazán po restartu: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.hao123.com
[-] Klíč smazán: HKLM\SOFTWARE\Classes\AppID\DownloadProxy.EXE
[-] Klíč smazán: HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP
[-] Klíč smazán: HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP
[-] Klíč smazán: HKEY_CLASSES_ROOT\.qmgc
***** [ Prohlížeče ] *****
[-] Firefox předvolby vyčištěny: "startpage.ntsearch_url" - "hxxps://search.yahoo.com/search?fr=spigot-nt-ff&ei=utf-8&ilc=12&type=0&p={searchTerms}"
*************************
:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [5728 Bajty] - [27/01/2017 17:39:32]
C:\AdwCleaner\AdwCleaner[S0].txt - [5899 Bajty] - [27/01/2017 17:38:53]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [5874 Bajty] ##########
# AdwCleaner v6.042 - Log vytvořen 27/01/2017 v 17:39:32
# Aktualizováno dne 06/01/2017 z Malwarebytes
# Databáze : 2017-01-27.1 [Server]
# Operační systém : Windows 10 Home (X64)
# Uživatelské jméno : Radossek - RADOSS
# Spuštěno z : C:\Users\Radossek\Desktop\adwcleaner_6.042.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support
***** [ Služby ] *****
[-] Služba smazána: QMUdisk
[-] Služba smazána: softaal
[-] Služba smazána: SRepairDrv
[-] Služba smazána: tsnethlpx64
***** [ Složky ] *****
[-] Složka smazána: C:\Users\Radossek\AppData\Local\VirtualStore\ProgramData\Application Data\Tencent
[-] Složka smazána: C:\Users\Radossek\AppData\Roaming\Tencent
[-] Složka smazána: C:\Users\Radossek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件
[-] Složka smazána: C:\Program Files\Common Files\Tencent
[-] Složka smazána: C:\Users\Radossek\AppData\Local\VirtualStore\Program Files (x86)\Tencent
[-] Složka smazána: C:\ProgramData\TXQMPC
[-] Složka smazána: C:\ProgramData\Tencent
[-] Složka smazána: C:\ProgramData\Application Data\Tencent
[-] Složka smazána: C:\Program Files (x86)\Tencent
[-] Složka smazána: C:\Program Files (x86)\Common Files\Tencent
[-] Složka smazána: C:\Users\Radossek\AppData\Local\Temp\Tencent
[-] Složka smazána: C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Roaming\Tencent
***** [ Soubory ] *****
[-] Soubor smazán: C:\Users\Administrator\Favorites\eBay.lnk
[-] Soubor smazán: C:\WINDOWS\SysNative\drivers\TFsFltX64.sys
[-] Soubor smazán: C:\WINDOWS\SysNative\drivers\TAOKernelEx64.sys
[-] Soubor smazán: C:\WINDOWS\SysWOW64\drivers\TS888x64.sys
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
[-] Zástupce vyléčen: C:\Users\Radossek\Desktop\hry\WarThunder.lnk
***** [ Naplánované úlohy ] *****
[-] Úloha smazána: LaunchPreSignup
***** [ Registry ] *****
[-] Klíč smazán: HKLM\SOFTWARE\Classes\metnsd
[-] Klíč smazán: HKLM\SOFTWARE\Classes\qmgcfiles
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\metnsd
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\qmgcfiles
[-] Klíč smazán: HKLM\SOFTWARE\Classes\AppID\{51BEE30D-EEC8-4BA3-930B-298B8E759EB1}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{70DE12EA-79F4-46BC-9812-86DB50A2FD64}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
[-] Klíč smazán: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{29B6CFD5-0064-411A-8C42-9890C83F9921}
[-] Klíč smazán: HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\Software\PRODUCTSETUP
[-] Klíč smazán: HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\Software\Softwareopensource
[-] Klíč smazán: HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\Software\csastats
[#] Klíč smazán po restartu: HKCU\Software\PRODUCTSETUP
[#] Klíč smazán po restartu: HKCU\Software\Softwareopensource
[#] Klíč smazán po restartu: HKCU\Software\csastats
[#] Klíč smazán po restartu: [x64] HKCU\Software\PRODUCTSETUP
[#] Klíč smazán po restartu: [x64] HKCU\Software\Softwareopensource
[#] Klíč smazán po restartu: [x64] HKCU\Software\csastats
[-] Data obnovena: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Klíč smazán: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\hao123.com
[-] Klíč smazán: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.hao123.com
[-] Klíč smazán: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\hao123.com
[-] Klíč smazán: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.hao123.com
[#] Klíč smazán po restartu: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\hao123.com
[#] Klíč smazán po restartu: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.hao123.com
[#] Klíč smazán po restartu: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\hao123.com
[#] Klíč smazán po restartu: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.hao123.com
[-] Klíč smazán: HKLM\SOFTWARE\Classes\AppID\DownloadProxy.EXE
[-] Klíč smazán: HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP
[-] Klíč smazán: HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP
[-] Klíč smazán: HKEY_CLASSES_ROOT\.qmgc
***** [ Prohlížeče ] *****
[-] Firefox předvolby vyčištěny: "startpage.ntsearch_url" - "hxxps://search.yahoo.com/search?fr=spigot-nt-ff&ei=utf-8&ilc=12&type=0&p={searchTerms}"
*************************
:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [5728 Bajty] - [27/01/2017 17:39:32]
C:\AdwCleaner\AdwCleaner[S0].txt - [5899 Bajty] - [27/01/2017 17:38:53]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [5874 Bajty] ##########
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontorlu
Dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontorlu
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-01-2017 01
Ran by Radossek (administrator) on RADOSS (27-01-2017 18:47:08)
Running from C:\Users\Radossek\Desktop
Loaded Profiles: Radossek (Available Profiles: Radossek & Administrator)
Platform: Windows 10 Home Version 1511 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
() C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(ESET) C:\Program Files\ESET\ESET Antivirus\x86\ekrn.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe
(ESET) C:\Program Files\ESET\ESET Antivirus\egui.exe
(© 2015 Microsoft Corporation) C:\Users\Radossek\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(Společnost TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13196432 2012-09-25] (Realtek Semiconductor)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2611112 2012-09-04] ()
HKLM\...\Run: [TODDMain] => C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe [213136 2012-08-04] ()
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [169896 2012-08-14] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [356776 2012-07-11] (TOSHIBA Corporation)
HKLM\...\Run: [SRS Premium Sound HD] => C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe [2170784 2012-08-20] (SRS Labs, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3954880 2015-10-08] (Synaptics Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Antivirus\egui.exe [5595848 2015-07-08] (ESET)
HKLM-x32\...\Run: [TPUReg] => C:\Program Files (x86)\TOSHIBA\Password Utility\TosPU.exe [7148032 2012-10-31] (Pegatron Corporation)
HKLM-x32\...\Run: [TPUReg(x86)] => "C:\Program Files\TOSHIBA\Password Utility\TosPU.exe" /Retimes
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565960 2016-11-11] (LogMeIn Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\Run: [BingSvc] => C:\Users\Radossek\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2016-03-09] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4290240 2016-03-01] (Disc Soft Ltd)
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2876704 2016-12-20] (Valve Corporation)
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\Run: [LoLReplay2] => "C:\Program Files (x86)\LoLReplay2\LoLReplay2.exe"
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\RunOnce: [Uninstall C:\Users\Radossek\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Radossek\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\RunOnce: [Uninstall C:\Users\Radossek\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Radossek\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64"
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\RunOnce: [Uninstall C:\Users\Radossek\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Radossek\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64"
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\RunOnce: [Uninstall C:\Users\Radossek\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Radossek\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64"
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\MountPoints2: G - "G:\.autorun\autorun.exe"
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\MountPoints2: {9058066f-f33b-11e5-be84-2cd05a5dda82} - "G:\.autorun\autorun.exe"
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\MountPoints2: {9340a2ea-c1b9-11e6-bf68-2cd05a5dda82} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\MountPoints2: {a00c6bcd-beda-11e6-bf67-2cd05a5dda82} - "E:\HiSuiteDownLoader.exe"
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{a5ec4c43-103a-42ad-ae86-a929e79b85ba}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{ca899a89-b3b7-4b3f-9ad2-fd466f0ef3b2}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.domaincentar.com/
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com
SearchScopes: HKU\S-1-5-21-1513155856-3543802732-2289230164-1001 -> DefaultScope {BCB9D611-4812-44D8-9C9F-505B05A687CA} URL =
SearchScopes: HKU\S-1-5-21-1513155856-3543802732-2289230164-1001 -> {BCB9D611-4812-44D8-9C9F-505B05A687CA} URL =
Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll [2015-10-30] ()
Handler-x32: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll [2015-10-30] ()
Handler-x32: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll [2016-03-29] ()
Handler-x32: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll [2016-03-29] ()
FireFox:
========
FF DefaultProfile: ovxykrwp.default
FF ProfilePath: C:\Users\Radossek\AppData\Roaming\Mozilla\Firefox\Profiles\ovxykrwp.default [2017-01-27]
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\ovxykrwp.default -> Google
FF Homepage: Mozilla\Firefox\Profiles\ovxykrwp.default -> seznam.cz/
FF Extension: (AdBlocker Ultimate) - C:\Users\Radossek\AppData\Roaming\Mozilla\Firefox\Profiles\ovxykrwp.default\Extensions\adblockultimate@adblockultimate.net.xpi [2017-01-01]
FF Extension: (Bing Search) - C:\Users\Radossek\AppData\Roaming\Mozilla\Firefox\Profiles\ovxykrwp.default\Extensions\bingsearch.full@microsoft.com.xpi [2016-03-09]
FF Extension: (Adblock Plus) - C:\Users\Radossek\AppData\Roaming\Mozilla\Firefox\Profiles\ovxykrwp.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-23]
FF SearchPlugin: C:\Users\Radossek\AppData\Roaming\Mozilla\Firefox\Profiles\ovxykrwp.default\searchplugins\bing-.xml [2016-03-09]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-11] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-11] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1225195.dll [2016-09-20] (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2012-08-31] (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-20] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Radossek\AppData\Local\Google\Chrome\User Data\Default [2016-12-29]
CHR Extension: (Prezentace Google) - C:\Users\Radossek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-12-20]
CHR Extension: (Dokumenty Google) - C:\Users\Radossek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-12-20]
CHR Extension: (Disk Google) - C:\Users\Radossek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-20]
CHR Extension: (YouTube) - C:\Users\Radossek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-29]
CHR Extension: (Dokumenty Google offline) - C:\Users\Radossek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-12-29]
CHR Extension: (Skype) - C:\Users\Radossek\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-12-29]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Radossek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-12-20]
CHR Extension: (Gmail) - C:\Users\Radossek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-12-20]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1444544 2016-03-01] (Disc Soft Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Antivirus\x86\ekrn.exe [1353720 2015-07-08] (ESET)
R2 GFNEXSrv; C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe [156672 2011-10-13] () [File not signed]
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [2627080 2016-11-11] (LogMeIn Inc.)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2016-08-26] ()
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [330136 2015-08-27] (Intel Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-08-31] (LogMeIn, Inc.)
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [4307704 2016-02-25] (INCA Internet Co., Ltd.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [201360 2012-08-31] (Realtek Semiconductor)
S2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
S2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [4088608 2016-09-21] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [235984 2016-11-24] (Safer-Networking Ltd.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [255168 2015-10-08] (Synaptics Incorporated)
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [114656 2012-09-25] (Toshiba Europe GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-01] (Microsoft Corporation)
S3 icssvc; %SystemRoot%\System32\tetheringservice.dll [X]
S3 WerSvc; %SystemRoot%\System32\WerSvc.dll [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [129152 2016-04-24] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-03-26] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-03-26] (Disc Soft Ltd)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [255240 2015-07-13] (ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [251632 2015-07-13] (ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [178520 2015-07-13] (ESET)
R2 epfwwfpr; C:\WINDOWS\system32\DRIVERS\epfwwfpr.sys [168208 2015-07-13] (ESET)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18816 2016-05-25] (Huawei Technologies Co., Ltd.)
R3 Hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [45680 2015-11-12] (LogMeIn Inc.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2016-05-25] (Huawei Technologies Co., Ltd.)
R2 PEGAGFN; C:\Program Files (x86)\TOSHIBA\Password Utility\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek )
R3 RtkBtFilter2; C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys [65792 2015-05-29] (Realtek Microelectronics)
R3 rtwlane_13; C:\WINDOWS\System32\drivers\rtwlane_13.sys [3749888 2015-10-30] (Realtek Semiconductor Corporation )
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [51392 2015-10-08] (Synaptics Incorporated)
R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [28632 2012-07-31] (Windows (R) Win 7 DDK provider)
S1 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [121248 2016-09-12] (Oracle Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (MBB)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S1 leprtdmt; \??\C:\WINDOWS\system32\drivers\leprtdmt.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-01-27 18:46 - 2017-01-27 18:47 - 00018151 _____ C:\Users\Radossek\Desktop\FRST.txt
2017-01-27 18:43 - 2017-01-27 18:46 - 00039984 _____ C:\Users\Radossek\Desktop\Addition.txt
2017-01-27 18:37 - 2017-01-27 18:37 - 00000000 ___HD C:\$WINDOWS.~BT
2017-01-27 17:28 - 2017-01-27 17:39 - 00000000 ____D C:\AdwCleaner
2017-01-27 17:08 - 2017-01-27 17:33 - 03988944 _____ C:\Users\Radossek\Desktop\adwcleaner_6.042.exe
2017-01-27 16:51 - 2017-01-27 16:51 - 00010689 _____ C:\Users\Radossek\Desktop\Addition.rar
2017-01-27 16:38 - 2017-01-27 18:47 - 00000000 ____D C:\FRST
2017-01-27 16:38 - 2017-01-27 16:38 - 02420736 _____ (Farbar) C:\Users\Radossek\Desktop\FRST64.exe
2017-01-27 11:45 - 2017-01-27 11:45 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2017-01-27 11:44 - 2017-01-27 11:49 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2017-01-27 11:44 - 2017-01-27 11:48 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2017-01-27 11:44 - 2017-01-27 11:44 - 00001475 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2017-01-27 11:44 - 2017-01-27 11:44 - 00001463 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2017-01-27 11:44 - 2017-01-27 11:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2017-01-27 11:44 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe
2017-01-27 11:43 - 2017-01-27 11:43 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Radossek\Downloads\spybot-2.4.exe
2017-01-27 11:37 - 2017-01-27 11:37 - 16409960 _____ (Safer Networking Limited ) C:\Users\Radossek\Downloads\spybotsd162.exe
2017-01-26 21:06 - 2017-01-26 21:06 - 00000000 ____D C:\Users\Radossek\AppData\Local\ESET
2017-01-26 19:20 - 2017-01-26 19:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2017-01-26 19:20 - 2017-01-26 19:20 - 00000000 ____D C:\ProgramData\ESET
2017-01-26 19:20 - 2017-01-26 19:20 - 00000000 ____D C:\Program Files\ESET
2017-01-26 18:38 - 2017-01-26 18:38 - 00000000 ____D C:\Users\Radossek\Desktop\ESET NOD32 Antivirus_Smart Security 8.0.319.1 RePack by KpoJIuK
2017-01-26 12:49 - 2017-01-26 12:51 - 00000000 ____D C:\Users\Radossek\Desktop\Let’s Dance 1-4
2017-01-19 18:18 - 2017-01-19 18:21 - 1221384192 _____ C:\Users\Radossek\Desktop\Avengers.2012.DVDRip.Xvid.CZ.avi
2017-01-19 18:05 - 2017-01-19 18:07 - 00000000 ____D C:\Users\Radossek\Desktop\Deadpool.2016.BDRip.XviD.CZ-TreZzoR
2017-01-19 17:51 - 2017-01-19 17:59 - 1946617856 _____ C:\Users\Radossek\Desktop\G.I. Joe 2 - Odveta.avi
2017-01-19 17:50 - 2017-01-19 18:04 - 1469321588 _____ C:\Users\Radossek\Desktop\G.I.Joe.The.Rise.of.Cobra.2009.AC3.DVDRip.XviD.CZ-DeBpuTa .avi
2017-01-18 17:24 - 2017-01-18 17:28 - 1622044636 _____ C:\Users\Radossek\Desktop\Hobit Bitva pěti armád 2014 Cz dab..mkv
2017-01-18 17:19 - 2017-01-18 17:22 - 1500182528 _____ C:\Users\Radossek\Desktop\Petes.Dragon.2016.BDRip.XViD.AC3.CZ.SK.avi
2017-01-17 19:23 - 2017-01-17 19:24 - 00000000 ____D C:\Users\Radossek\Desktop\Matrix Trilogy CZ
2017-01-15 22:06 - 2017-01-15 22:09 - 1618517870 _____ C:\Users\Radossek\Desktop\Terminator.Genisys.2015.480p.BDRip.XviD.AC3.CZ-HiDE.avi
2017-01-13 14:53 - 2017-01-13 14:59 - 00000000 ____D C:\Users\Radossek\Desktop\Men in Black Trilogy - Muži v černém trilogie
2017-01-13 14:47 - 2017-01-13 14:48 - 00000000 ____D C:\Users\Radossek\Desktop\Terminator.kolekce.1984-2009.480p.DVDRip.XviD.AC3.CZ.-calibrum2
2017-01-11 18:45 - 2017-01-11 18:45 - 02721168 _____ (Microsoft Corporation) C:\Users\Radossek\Downloads\Windows7-USB-DVD-tool.exe
2017-01-11 18:38 - 2017-01-11 18:40 - 00000000 ____D C:\Users\Radossek\Desktop\Windows 8.1 + crack
2017-01-11 16:12 - 2017-01-11 16:21 - 00000000 ____D C:\Users\Radossek\Desktop\Saw.kolekce.2004-2010.480p.DVDRip.XviD.AC3.CZ.-calibrum2
2017-01-08 18:42 - 2017-01-08 18:42 - 00000219 _____ C:\Users\Radossek\Desktop\Alien Swarm.url
2017-01-07 20:03 - 2017-01-07 20:03 - 00002107 _____ C:\Users\Radossek\Desktop\left 4 dead.lnk
2017-01-07 19:51 - 2017-01-07 19:51 - 00000000 ____D C:\Program Files (x86)\valve
2017-01-07 19:40 - 2017-01-07 19:40 - 00000000 ____D C:\Users\Radossek\Desktop\left4dead_1030_nosteam_english
2017-01-07 18:35 - 2017-01-07 18:36 - 00000000 ____D C:\Users\Radossek\Desktop\Heroes 5 cz dabing
2017-01-07 01:50 - 2017-01-07 01:51 - 07837144 _____ C:\Users\Radossek\Downloads\WitN_fix7_for_v1.0.0.1.7z
2017-01-07 01:47 - 2017-01-07 01:47 - 00000000 ____D C:\Users\Radossek\AppData\Local\Chromium
2017-01-07 01:31 - 2017-01-07 01:31 - 00000000 ____D C:\Users\Radossek\AppData\Local\WB Games
2017-01-07 00:53 - 2017-01-07 00:53 - 08417280 _____ C:\Users\Radossek\Downloads\hamachi(1).msi
2017-01-06 21:26 - 2017-01-06 21:26 - 00000000 ____D C:\ProgramData\RELOADED
2017-01-06 21:21 - 2017-01-06 21:21 - 00001172 _____ C:\Users\Public\Desktop\LOTR - War in the North.lnk
2017-01-06 21:21 - 2017-01-06 21:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LOTR - War in the North
2017-01-06 21:08 - 2017-01-07 01:52 - 00000000 ____D C:\Program Files (x86)\LOTR - War in the North
2017-01-06 21:06 - 2017-01-06 21:07 - 00852263 _____ (tomi2k9 ) C:\Users\Radossek\Desktop\LOTR - War in the North by tomi2k9.exe
2017-01-06 21:04 - 2012-09-16 16:05 - 1133938771 ____N C:\Users\Radossek\Desktop\LOTR - War in the North by tomi2k9-3.bin
2017-01-06 21:02 - 2012-09-16 15:51 - 1533000000 ____N C:\Users\Radossek\Desktop\LOTR - War in the North by tomi2k9-2.bin
2017-01-06 21:01 - 2012-09-16 15:47 - 00000000 ____D C:\Users\Radossek\Desktop\.autorun
2017-01-06 21:01 - 2012-09-16 15:38 - 1532147520 ____N C:\Users\Radossek\Desktop\LOTR - War in the North by tomi2k9-1.bin
2017-01-05 00:25 - 2017-01-05 01:14 - 1969020928 _____ C:\Users\Radossek\Desktop\Deep Blue Sea - Útok z hlubin.avi
2017-01-01 23:39 - 2017-01-01 23:39 - 00000000 ____D C:\Users\Radossek\Desktop\ZVONÁR MATKY BOŽEJ 1080p [SK,CZ,ENG]
2016-12-30 22:18 - 2016-12-30 22:18 - 00000000 ____D C:\Users\Radossek\Desktop\Riddick - Trilogy CZ
2016-12-30 00:59 - 2016-12-30 01:02 - 00000000 ____D C:\Users\Radossek\Desktop\Hellboy 2 - Zlatá armáda
2016-12-30 00:16 - 2016-12-30 00:20 - 00000000 ____D C:\Users\Radossek\Desktop\Hellboy
2016-12-29 00:36 - 2016-12-29 00:42 - 00000000 ____D C:\Users\Radossek\Desktop\Scary Movie 5
2016-12-28 00:44 - 2016-12-28 00:45 - 00000000 ____D C:\Users\Radossek\Desktop\Lights.Out.2016.BRRip.XviD.AC3.CZ
2016-12-28 00:39 - 2016-12-28 00:39 - 00000000 ____D C:\Users\Radossek\Desktop\Vetřelec vs predator 1.2
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-01-27 18:38 - 2016-03-04 23:10 - 00000000 ___DC C:\WINDOWS\Panther
2017-01-27 18:33 - 2016-04-03 14:58 - 00000000 ____D C:\Users\Radossek\AppData\Local\LogMeIn Hamachi
2017-01-27 18:30 - 2016-11-03 13:57 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-01-27 18:00 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-01-27 17:44 - 2016-11-18 18:34 - 00000000 ____D C:\Users\Radossek\AppData\LocalLow\Mozilla
2017-01-27 17:44 - 2016-05-03 14:57 - 00000000 ____D C:\Program Files (x86)\Steam
2017-01-27 17:42 - 2016-03-05 11:06 - 00000000 __SHD C:\Users\Radossek\IntelGraphicsProfiles
2017-01-27 17:42 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-01-27 17:41 - 2016-03-04 23:36 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-01-27 17:40 - 2016-11-18 17:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-01-27 17:40 - 2016-03-05 11:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-01-27 17:40 - 2015-10-30 07:28 - 01048576 ___SH C:\WINDOWS\system32\config\BBI
2017-01-27 17:40 - 2013-03-11 04:00 - 00000000 ____D C:\Program Files (x86)\Intel
2017-01-27 17:39 - 2016-06-11 08:09 - 00000000 ____D C:\Users\Radossek\Desktop\hry
2017-01-27 16:00 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2017-01-27 11:43 - 2016-03-04 20:43 - 00000000 ____D C:\Users\Radossek\AppData\Roaming\uTorrent
2017-01-27 02:38 - 2016-03-04 23:38 - 01771468 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-01-27 02:38 - 2015-10-30 19:31 - 00751272 _____ C:\WINDOWS\system32\perfh005.dat
2017-01-27 02:38 - 2015-10-30 19:31 - 00150860 _____ C:\WINDOWS\system32\perfc005.dat
2017-01-27 02:38 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF
2017-01-26 22:44 - 2016-11-23 01:18 - 00000000 ____D C:\Users\Radossek\AppData\Roaming\vlc
2017-01-26 22:00 - 2016-03-09 06:53 - 00000000 ____D C:\ProgramData\Skype
2017-01-26 21:59 - 2016-07-10 07:58 - 00000000 ____D C:\UnrealTournament
2017-01-26 21:58 - 2013-03-11 04:26 - 00000000 ____D C:\Program Files (x86)\WildGames
2017-01-26 21:57 - 2013-03-11 04:23 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-01-26 21:57 - 2013-03-11 04:23 - 00000000 ____D C:\ProgramData\WildTangent
2017-01-26 21:06 - 2016-02-19 15:57 - 00000000 ____D C:\Users\Radossek\Downloads\ESET NOD32 antivirus 8.0.304.1 (x86,x64)(CZ,SK)
2017-01-26 19:31 - 2016-02-19 11:44 - 00000000 ____D C:\Users\Radossek\AppData\Local\Packages
2017-01-26 19:14 - 2016-03-05 04:54 - 00000000 ___HD C:\$SysReset
2017-01-26 19:06 - 2016-03-04 23:21 - 00000000 ____D C:\Users\Radossek
2017-01-26 18:38 - 2016-10-31 13:23 - 00000017 _____ C:\Users\Radossek\Desktop\pro tátu.txt
2017-01-18 23:19 - 2016-12-13 23:36 - 00003278 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-01-18 23:19 - 2016-03-05 08:27 - 00002411 _____ C:\Users\Radossek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-01-18 23:19 - 2016-03-05 08:27 - 00000000 ___RD C:\Users\Radossek\OneDrive
2017-01-13 14:56 - 2016-07-24 22:33 - 00000000 ____D C:\Users\Radossek\Desktop\filmy
2017-01-11 15:30 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-01-11 15:30 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-01-08 18:42 - 2016-05-03 15:14 - 00000000 ____D C:\Users\Radossek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2017-01-07 01:47 - 2016-05-03 15:02 - 00000000 ____D C:\Users\Radossek\AppData\Local\Steam
==================== Files in the root of some directories =======
2016-03-26 14:49 - 2016-03-26 14:49 - 0005120 _____ () C:\Users\Radossek\AppData\Roaming\GiftBag.db
Some files in TEMP:
====================
2016-03-09 07:04 - 2016-03-09 07:04 - 0144008 _____ (© 2015 Microsoft Corporation) C:\Users\Radossek\AppData\Local\Temp\BingSvc.exe
2016-03-26 13:01 - 2016-03-26 13:01 - 0102912 _____ () C:\Users\Radossek\AppData\Local\Temp\bitool.dll
2016-03-09 07:04 - 2016-03-09 07:05 - 1118360 _____ (© 2015 Microsoft Corporation) C:\Users\Radossek\AppData\Local\Temp\BSvcProcessor.exe
2016-03-09 07:04 - 2016-03-09 07:04 - 0170128 _____ (© 2015 Microsoft Corporation) C:\Users\Radossek\AppData\Local\Temp\BSvcUpdater.exe
2017-01-26 21:58 - 2016-08-16 17:40 - 0786432 ____N () C:\Users\Radossek\AppData\Local\Temp\Core.dll
2017-01-26 21:58 - 2016-08-16 17:40 - 0311296 ____N () C:\Users\Radossek\AppData\Local\Temp\Setup.exe
2016-04-13 13:54 - 2016-11-25 18:46 - 43872728 _____ (Skype Technologies S.A.) C:\Users\Radossek\AppData\Local\Temp\SkypeSetup.exe
2016-09-25 12:57 - 2016-03-25 15:18 - 0118274 _____ () C:\Users\Radossek\AppData\Local\Temp\Uninstall.exe
2017-01-26 21:58 - 2016-08-16 17:40 - 0483328 ____N () C:\Users\Radossek\AppData\Local\Temp\Window.dll
2016-07-10 14:55 - 2006-05-24 14:10 - 0455600 ____R (Macrovision Corporation) C:\Users\Radossek\AppData\Local\Temp\_is122C.exe
2016-03-26 14:52 - 2016-03-26 14:51 - 0534528 _____ () C:\Users\Radossek\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
2016-11-23 01:09 - 2016-11-23 01:10 - 0733312 _____ () C:\Users\Radossek\AppData\Local\Temp\~FF39.exe
Some zero byte size files/folders:
==========================
C:\Windows\SysWOW64\inetcomm.dll
C:\Windows\SysWOW64\mfh265enc.dll
C:\Windows\SysWOW64\rpcnsh.dll
C:\Windows\SysWOW64\Windows.Security.Credentials.UI.UserConsentVerifier.dll
C:\Windows\SysWOW64\wlanpref.dll
C:\Windows\System32\autofmt.exe
C:\Windows\System32\CPFilters.dll
C:\Windows\System32\drmmgrtn.dll
C:\Windows\System32\efscore.dll
C:\Windows\System32\fdeploy.dll
C:\Windows\System32\inetcomm.dll
C:\Windows\System32\mfh265enc.dll
C:\Windows\System32\nslookup.exe
C:\Windows\System32\rascfg.dll
C:\Windows\System32\rdpinput.exe
C:\Windows\System32\TSWorkspace.dll
C:\Windows\System32\unbcl.dll
C:\Windows\System32\uudf.dll
C:\Windows\System32\wlanpref.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-01-21 16:18
==================== End of FRST.txt ============================
Ran by Radossek (administrator) on RADOSS (27-01-2017 18:47:08)
Running from C:\Users\Radossek\Desktop
Loaded Profiles: Radossek (Available Profiles: Radossek & Administrator)
Platform: Windows 10 Home Version 1511 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
() C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(ESET) C:\Program Files\ESET\ESET Antivirus\x86\ekrn.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe
(ESET) C:\Program Files\ESET\ESET Antivirus\egui.exe
(© 2015 Microsoft Corporation) C:\Users\Radossek\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(Společnost TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13196432 2012-09-25] (Realtek Semiconductor)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2611112 2012-09-04] ()
HKLM\...\Run: [TODDMain] => C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe [213136 2012-08-04] ()
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [169896 2012-08-14] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [356776 2012-07-11] (TOSHIBA Corporation)
HKLM\...\Run: [SRS Premium Sound HD] => C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe [2170784 2012-08-20] (SRS Labs, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3954880 2015-10-08] (Synaptics Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Antivirus\egui.exe [5595848 2015-07-08] (ESET)
HKLM-x32\...\Run: [TPUReg] => C:\Program Files (x86)\TOSHIBA\Password Utility\TosPU.exe [7148032 2012-10-31] (Pegatron Corporation)
HKLM-x32\...\Run: [TPUReg(x86)] => "C:\Program Files\TOSHIBA\Password Utility\TosPU.exe" /Retimes
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565960 2016-11-11] (LogMeIn Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\Run: [BingSvc] => C:\Users\Radossek\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2016-03-09] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4290240 2016-03-01] (Disc Soft Ltd)
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2876704 2016-12-20] (Valve Corporation)
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\Run: [LoLReplay2] => "C:\Program Files (x86)\LoLReplay2\LoLReplay2.exe"
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\RunOnce: [Uninstall C:\Users\Radossek\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Radossek\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\RunOnce: [Uninstall C:\Users\Radossek\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Radossek\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64"
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\RunOnce: [Uninstall C:\Users\Radossek\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Radossek\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64"
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\RunOnce: [Uninstall C:\Users\Radossek\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Radossek\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64"
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\MountPoints2: G - "G:\.autorun\autorun.exe"
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\MountPoints2: {9058066f-f33b-11e5-be84-2cd05a5dda82} - "G:\.autorun\autorun.exe"
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\MountPoints2: {9340a2ea-c1b9-11e6-bf68-2cd05a5dda82} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\MountPoints2: {a00c6bcd-beda-11e6-bf67-2cd05a5dda82} - "E:\HiSuiteDownLoader.exe"
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{a5ec4c43-103a-42ad-ae86-a929e79b85ba}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{ca899a89-b3b7-4b3f-9ad2-fd466f0ef3b2}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.domaincentar.com/
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com
SearchScopes: HKU\S-1-5-21-1513155856-3543802732-2289230164-1001 -> DefaultScope {BCB9D611-4812-44D8-9C9F-505B05A687CA} URL =
SearchScopes: HKU\S-1-5-21-1513155856-3543802732-2289230164-1001 -> {BCB9D611-4812-44D8-9C9F-505B05A687CA} URL =
Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll [2015-10-30] ()
Handler-x32: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll [2015-10-30] ()
Handler-x32: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll [2016-03-29] ()
Handler-x32: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll [2016-03-29] ()
FireFox:
========
FF DefaultProfile: ovxykrwp.default
FF ProfilePath: C:\Users\Radossek\AppData\Roaming\Mozilla\Firefox\Profiles\ovxykrwp.default [2017-01-27]
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\ovxykrwp.default -> Google
FF Homepage: Mozilla\Firefox\Profiles\ovxykrwp.default -> seznam.cz/
FF Extension: (AdBlocker Ultimate) - C:\Users\Radossek\AppData\Roaming\Mozilla\Firefox\Profiles\ovxykrwp.default\Extensions\adblockultimate@adblockultimate.net.xpi [2017-01-01]
FF Extension: (Bing Search) - C:\Users\Radossek\AppData\Roaming\Mozilla\Firefox\Profiles\ovxykrwp.default\Extensions\bingsearch.full@microsoft.com.xpi [2016-03-09]
FF Extension: (Adblock Plus) - C:\Users\Radossek\AppData\Roaming\Mozilla\Firefox\Profiles\ovxykrwp.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-23]
FF SearchPlugin: C:\Users\Radossek\AppData\Roaming\Mozilla\Firefox\Profiles\ovxykrwp.default\searchplugins\bing-.xml [2016-03-09]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-11] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-11] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1225195.dll [2016-09-20] (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2012-08-31] (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-20] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Radossek\AppData\Local\Google\Chrome\User Data\Default [2016-12-29]
CHR Extension: (Prezentace Google) - C:\Users\Radossek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-12-20]
CHR Extension: (Dokumenty Google) - C:\Users\Radossek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-12-20]
CHR Extension: (Disk Google) - C:\Users\Radossek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-20]
CHR Extension: (YouTube) - C:\Users\Radossek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-29]
CHR Extension: (Dokumenty Google offline) - C:\Users\Radossek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-12-29]
CHR Extension: (Skype) - C:\Users\Radossek\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-12-29]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Radossek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-12-20]
CHR Extension: (Gmail) - C:\Users\Radossek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-12-20]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1444544 2016-03-01] (Disc Soft Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Antivirus\x86\ekrn.exe [1353720 2015-07-08] (ESET)
R2 GFNEXSrv; C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe [156672 2011-10-13] () [File not signed]
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [2627080 2016-11-11] (LogMeIn Inc.)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2016-08-26] ()
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [330136 2015-08-27] (Intel Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-08-31] (LogMeIn, Inc.)
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [4307704 2016-02-25] (INCA Internet Co., Ltd.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [201360 2012-08-31] (Realtek Semiconductor)
S2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
S2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [4088608 2016-09-21] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [235984 2016-11-24] (Safer-Networking Ltd.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [255168 2015-10-08] (Synaptics Incorporated)
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [114656 2012-09-25] (Toshiba Europe GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-01] (Microsoft Corporation)
S3 icssvc; %SystemRoot%\System32\tetheringservice.dll [X]
S3 WerSvc; %SystemRoot%\System32\WerSvc.dll [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [129152 2016-04-24] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-03-26] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-03-26] (Disc Soft Ltd)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [255240 2015-07-13] (ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [251632 2015-07-13] (ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [178520 2015-07-13] (ESET)
R2 epfwwfpr; C:\WINDOWS\system32\DRIVERS\epfwwfpr.sys [168208 2015-07-13] (ESET)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18816 2016-05-25] (Huawei Technologies Co., Ltd.)
R3 Hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [45680 2015-11-12] (LogMeIn Inc.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2016-05-25] (Huawei Technologies Co., Ltd.)
R2 PEGAGFN; C:\Program Files (x86)\TOSHIBA\Password Utility\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek )
R3 RtkBtFilter2; C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys [65792 2015-05-29] (Realtek Microelectronics)
R3 rtwlane_13; C:\WINDOWS\System32\drivers\rtwlane_13.sys [3749888 2015-10-30] (Realtek Semiconductor Corporation )
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [51392 2015-10-08] (Synaptics Incorporated)
R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [28632 2012-07-31] (Windows (R) Win 7 DDK provider)
S1 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [121248 2016-09-12] (Oracle Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (MBB)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S1 leprtdmt; \??\C:\WINDOWS\system32\drivers\leprtdmt.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-01-27 18:46 - 2017-01-27 18:47 - 00018151 _____ C:\Users\Radossek\Desktop\FRST.txt
2017-01-27 18:43 - 2017-01-27 18:46 - 00039984 _____ C:\Users\Radossek\Desktop\Addition.txt
2017-01-27 18:37 - 2017-01-27 18:37 - 00000000 ___HD C:\$WINDOWS.~BT
2017-01-27 17:28 - 2017-01-27 17:39 - 00000000 ____D C:\AdwCleaner
2017-01-27 17:08 - 2017-01-27 17:33 - 03988944 _____ C:\Users\Radossek\Desktop\adwcleaner_6.042.exe
2017-01-27 16:51 - 2017-01-27 16:51 - 00010689 _____ C:\Users\Radossek\Desktop\Addition.rar
2017-01-27 16:38 - 2017-01-27 18:47 - 00000000 ____D C:\FRST
2017-01-27 16:38 - 2017-01-27 16:38 - 02420736 _____ (Farbar) C:\Users\Radossek\Desktop\FRST64.exe
2017-01-27 11:45 - 2017-01-27 11:45 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2017-01-27 11:44 - 2017-01-27 11:49 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2017-01-27 11:44 - 2017-01-27 11:48 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2017-01-27 11:44 - 2017-01-27 11:44 - 00001475 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2017-01-27 11:44 - 2017-01-27 11:44 - 00001463 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2017-01-27 11:44 - 2017-01-27 11:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2017-01-27 11:44 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe
2017-01-27 11:43 - 2017-01-27 11:43 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Radossek\Downloads\spybot-2.4.exe
2017-01-27 11:37 - 2017-01-27 11:37 - 16409960 _____ (Safer Networking Limited ) C:\Users\Radossek\Downloads\spybotsd162.exe
2017-01-26 21:06 - 2017-01-26 21:06 - 00000000 ____D C:\Users\Radossek\AppData\Local\ESET
2017-01-26 19:20 - 2017-01-26 19:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2017-01-26 19:20 - 2017-01-26 19:20 - 00000000 ____D C:\ProgramData\ESET
2017-01-26 19:20 - 2017-01-26 19:20 - 00000000 ____D C:\Program Files\ESET
2017-01-26 18:38 - 2017-01-26 18:38 - 00000000 ____D C:\Users\Radossek\Desktop\ESET NOD32 Antivirus_Smart Security 8.0.319.1 RePack by KpoJIuK
2017-01-26 12:49 - 2017-01-26 12:51 - 00000000 ____D C:\Users\Radossek\Desktop\Let’s Dance 1-4
2017-01-19 18:18 - 2017-01-19 18:21 - 1221384192 _____ C:\Users\Radossek\Desktop\Avengers.2012.DVDRip.Xvid.CZ.avi
2017-01-19 18:05 - 2017-01-19 18:07 - 00000000 ____D C:\Users\Radossek\Desktop\Deadpool.2016.BDRip.XviD.CZ-TreZzoR
2017-01-19 17:51 - 2017-01-19 17:59 - 1946617856 _____ C:\Users\Radossek\Desktop\G.I. Joe 2 - Odveta.avi
2017-01-19 17:50 - 2017-01-19 18:04 - 1469321588 _____ C:\Users\Radossek\Desktop\G.I.Joe.The.Rise.of.Cobra.2009.AC3.DVDRip.XviD.CZ-DeBpuTa .avi
2017-01-18 17:24 - 2017-01-18 17:28 - 1622044636 _____ C:\Users\Radossek\Desktop\Hobit Bitva pěti armád 2014 Cz dab..mkv
2017-01-18 17:19 - 2017-01-18 17:22 - 1500182528 _____ C:\Users\Radossek\Desktop\Petes.Dragon.2016.BDRip.XViD.AC3.CZ.SK.avi
2017-01-17 19:23 - 2017-01-17 19:24 - 00000000 ____D C:\Users\Radossek\Desktop\Matrix Trilogy CZ
2017-01-15 22:06 - 2017-01-15 22:09 - 1618517870 _____ C:\Users\Radossek\Desktop\Terminator.Genisys.2015.480p.BDRip.XviD.AC3.CZ-HiDE.avi
2017-01-13 14:53 - 2017-01-13 14:59 - 00000000 ____D C:\Users\Radossek\Desktop\Men in Black Trilogy - Muži v černém trilogie
2017-01-13 14:47 - 2017-01-13 14:48 - 00000000 ____D C:\Users\Radossek\Desktop\Terminator.kolekce.1984-2009.480p.DVDRip.XviD.AC3.CZ.-calibrum2
2017-01-11 18:45 - 2017-01-11 18:45 - 02721168 _____ (Microsoft Corporation) C:\Users\Radossek\Downloads\Windows7-USB-DVD-tool.exe
2017-01-11 18:38 - 2017-01-11 18:40 - 00000000 ____D C:\Users\Radossek\Desktop\Windows 8.1 + crack
2017-01-11 16:12 - 2017-01-11 16:21 - 00000000 ____D C:\Users\Radossek\Desktop\Saw.kolekce.2004-2010.480p.DVDRip.XviD.AC3.CZ.-calibrum2
2017-01-08 18:42 - 2017-01-08 18:42 - 00000219 _____ C:\Users\Radossek\Desktop\Alien Swarm.url
2017-01-07 20:03 - 2017-01-07 20:03 - 00002107 _____ C:\Users\Radossek\Desktop\left 4 dead.lnk
2017-01-07 19:51 - 2017-01-07 19:51 - 00000000 ____D C:\Program Files (x86)\valve
2017-01-07 19:40 - 2017-01-07 19:40 - 00000000 ____D C:\Users\Radossek\Desktop\left4dead_1030_nosteam_english
2017-01-07 18:35 - 2017-01-07 18:36 - 00000000 ____D C:\Users\Radossek\Desktop\Heroes 5 cz dabing
2017-01-07 01:50 - 2017-01-07 01:51 - 07837144 _____ C:\Users\Radossek\Downloads\WitN_fix7_for_v1.0.0.1.7z
2017-01-07 01:47 - 2017-01-07 01:47 - 00000000 ____D C:\Users\Radossek\AppData\Local\Chromium
2017-01-07 01:31 - 2017-01-07 01:31 - 00000000 ____D C:\Users\Radossek\AppData\Local\WB Games
2017-01-07 00:53 - 2017-01-07 00:53 - 08417280 _____ C:\Users\Radossek\Downloads\hamachi(1).msi
2017-01-06 21:26 - 2017-01-06 21:26 - 00000000 ____D C:\ProgramData\RELOADED
2017-01-06 21:21 - 2017-01-06 21:21 - 00001172 _____ C:\Users\Public\Desktop\LOTR - War in the North.lnk
2017-01-06 21:21 - 2017-01-06 21:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LOTR - War in the North
2017-01-06 21:08 - 2017-01-07 01:52 - 00000000 ____D C:\Program Files (x86)\LOTR - War in the North
2017-01-06 21:06 - 2017-01-06 21:07 - 00852263 _____ (tomi2k9 ) C:\Users\Radossek\Desktop\LOTR - War in the North by tomi2k9.exe
2017-01-06 21:04 - 2012-09-16 16:05 - 1133938771 ____N C:\Users\Radossek\Desktop\LOTR - War in the North by tomi2k9-3.bin
2017-01-06 21:02 - 2012-09-16 15:51 - 1533000000 ____N C:\Users\Radossek\Desktop\LOTR - War in the North by tomi2k9-2.bin
2017-01-06 21:01 - 2012-09-16 15:47 - 00000000 ____D C:\Users\Radossek\Desktop\.autorun
2017-01-06 21:01 - 2012-09-16 15:38 - 1532147520 ____N C:\Users\Radossek\Desktop\LOTR - War in the North by tomi2k9-1.bin
2017-01-05 00:25 - 2017-01-05 01:14 - 1969020928 _____ C:\Users\Radossek\Desktop\Deep Blue Sea - Útok z hlubin.avi
2017-01-01 23:39 - 2017-01-01 23:39 - 00000000 ____D C:\Users\Radossek\Desktop\ZVONÁR MATKY BOŽEJ 1080p [SK,CZ,ENG]
2016-12-30 22:18 - 2016-12-30 22:18 - 00000000 ____D C:\Users\Radossek\Desktop\Riddick - Trilogy CZ
2016-12-30 00:59 - 2016-12-30 01:02 - 00000000 ____D C:\Users\Radossek\Desktop\Hellboy 2 - Zlatá armáda
2016-12-30 00:16 - 2016-12-30 00:20 - 00000000 ____D C:\Users\Radossek\Desktop\Hellboy
2016-12-29 00:36 - 2016-12-29 00:42 - 00000000 ____D C:\Users\Radossek\Desktop\Scary Movie 5
2016-12-28 00:44 - 2016-12-28 00:45 - 00000000 ____D C:\Users\Radossek\Desktop\Lights.Out.2016.BRRip.XviD.AC3.CZ
2016-12-28 00:39 - 2016-12-28 00:39 - 00000000 ____D C:\Users\Radossek\Desktop\Vetřelec vs predator 1.2
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-01-27 18:38 - 2016-03-04 23:10 - 00000000 ___DC C:\WINDOWS\Panther
2017-01-27 18:33 - 2016-04-03 14:58 - 00000000 ____D C:\Users\Radossek\AppData\Local\LogMeIn Hamachi
2017-01-27 18:30 - 2016-11-03 13:57 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-01-27 18:00 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-01-27 17:44 - 2016-11-18 18:34 - 00000000 ____D C:\Users\Radossek\AppData\LocalLow\Mozilla
2017-01-27 17:44 - 2016-05-03 14:57 - 00000000 ____D C:\Program Files (x86)\Steam
2017-01-27 17:42 - 2016-03-05 11:06 - 00000000 __SHD C:\Users\Radossek\IntelGraphicsProfiles
2017-01-27 17:42 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-01-27 17:41 - 2016-03-04 23:36 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-01-27 17:40 - 2016-11-18 17:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-01-27 17:40 - 2016-03-05 11:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-01-27 17:40 - 2015-10-30 07:28 - 01048576 ___SH C:\WINDOWS\system32\config\BBI
2017-01-27 17:40 - 2013-03-11 04:00 - 00000000 ____D C:\Program Files (x86)\Intel
2017-01-27 17:39 - 2016-06-11 08:09 - 00000000 ____D C:\Users\Radossek\Desktop\hry
2017-01-27 16:00 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2017-01-27 11:43 - 2016-03-04 20:43 - 00000000 ____D C:\Users\Radossek\AppData\Roaming\uTorrent
2017-01-27 02:38 - 2016-03-04 23:38 - 01771468 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-01-27 02:38 - 2015-10-30 19:31 - 00751272 _____ C:\WINDOWS\system32\perfh005.dat
2017-01-27 02:38 - 2015-10-30 19:31 - 00150860 _____ C:\WINDOWS\system32\perfc005.dat
2017-01-27 02:38 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF
2017-01-26 22:44 - 2016-11-23 01:18 - 00000000 ____D C:\Users\Radossek\AppData\Roaming\vlc
2017-01-26 22:00 - 2016-03-09 06:53 - 00000000 ____D C:\ProgramData\Skype
2017-01-26 21:59 - 2016-07-10 07:58 - 00000000 ____D C:\UnrealTournament
2017-01-26 21:58 - 2013-03-11 04:26 - 00000000 ____D C:\Program Files (x86)\WildGames
2017-01-26 21:57 - 2013-03-11 04:23 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-01-26 21:57 - 2013-03-11 04:23 - 00000000 ____D C:\ProgramData\WildTangent
2017-01-26 21:06 - 2016-02-19 15:57 - 00000000 ____D C:\Users\Radossek\Downloads\ESET NOD32 antivirus 8.0.304.1 (x86,x64)(CZ,SK)
2017-01-26 19:31 - 2016-02-19 11:44 - 00000000 ____D C:\Users\Radossek\AppData\Local\Packages
2017-01-26 19:14 - 2016-03-05 04:54 - 00000000 ___HD C:\$SysReset
2017-01-26 19:06 - 2016-03-04 23:21 - 00000000 ____D C:\Users\Radossek
2017-01-26 18:38 - 2016-10-31 13:23 - 00000017 _____ C:\Users\Radossek\Desktop\pro tátu.txt
2017-01-18 23:19 - 2016-12-13 23:36 - 00003278 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-01-18 23:19 - 2016-03-05 08:27 - 00002411 _____ C:\Users\Radossek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-01-18 23:19 - 2016-03-05 08:27 - 00000000 ___RD C:\Users\Radossek\OneDrive
2017-01-13 14:56 - 2016-07-24 22:33 - 00000000 ____D C:\Users\Radossek\Desktop\filmy
2017-01-11 15:30 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-01-11 15:30 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-01-08 18:42 - 2016-05-03 15:14 - 00000000 ____D C:\Users\Radossek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2017-01-07 01:47 - 2016-05-03 15:02 - 00000000 ____D C:\Users\Radossek\AppData\Local\Steam
==================== Files in the root of some directories =======
2016-03-26 14:49 - 2016-03-26 14:49 - 0005120 _____ () C:\Users\Radossek\AppData\Roaming\GiftBag.db
Some files in TEMP:
====================
2016-03-09 07:04 - 2016-03-09 07:04 - 0144008 _____ (© 2015 Microsoft Corporation) C:\Users\Radossek\AppData\Local\Temp\BingSvc.exe
2016-03-26 13:01 - 2016-03-26 13:01 - 0102912 _____ () C:\Users\Radossek\AppData\Local\Temp\bitool.dll
2016-03-09 07:04 - 2016-03-09 07:05 - 1118360 _____ (© 2015 Microsoft Corporation) C:\Users\Radossek\AppData\Local\Temp\BSvcProcessor.exe
2016-03-09 07:04 - 2016-03-09 07:04 - 0170128 _____ (© 2015 Microsoft Corporation) C:\Users\Radossek\AppData\Local\Temp\BSvcUpdater.exe
2017-01-26 21:58 - 2016-08-16 17:40 - 0786432 ____N () C:\Users\Radossek\AppData\Local\Temp\Core.dll
2017-01-26 21:58 - 2016-08-16 17:40 - 0311296 ____N () C:\Users\Radossek\AppData\Local\Temp\Setup.exe
2016-04-13 13:54 - 2016-11-25 18:46 - 43872728 _____ (Skype Technologies S.A.) C:\Users\Radossek\AppData\Local\Temp\SkypeSetup.exe
2016-09-25 12:57 - 2016-03-25 15:18 - 0118274 _____ () C:\Users\Radossek\AppData\Local\Temp\Uninstall.exe
2017-01-26 21:58 - 2016-08-16 17:40 - 0483328 ____N () C:\Users\Radossek\AppData\Local\Temp\Window.dll
2016-07-10 14:55 - 2006-05-24 14:10 - 0455600 ____R (Macrovision Corporation) C:\Users\Radossek\AppData\Local\Temp\_is122C.exe
2016-03-26 14:52 - 2016-03-26 14:51 - 0534528 _____ () C:\Users\Radossek\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
2016-11-23 01:09 - 2016-11-23 01:10 - 0733312 _____ () C:\Users\Radossek\AppData\Local\Temp\~FF39.exe
Some zero byte size files/folders:
==========================
C:\Windows\SysWOW64\inetcomm.dll
C:\Windows\SysWOW64\mfh265enc.dll
C:\Windows\SysWOW64\rpcnsh.dll
C:\Windows\SysWOW64\Windows.Security.Credentials.UI.UserConsentVerifier.dll
C:\Windows\SysWOW64\wlanpref.dll
C:\Windows\System32\autofmt.exe
C:\Windows\System32\CPFilters.dll
C:\Windows\System32\drmmgrtn.dll
C:\Windows\System32\efscore.dll
C:\Windows\System32\fdeploy.dll
C:\Windows\System32\inetcomm.dll
C:\Windows\System32\mfh265enc.dll
C:\Windows\System32\nslookup.exe
C:\Windows\System32\rascfg.dll
C:\Windows\System32\rdpinput.exe
C:\Windows\System32\TSWorkspace.dll
C:\Windows\System32\unbcl.dll
C:\Windows\System32\uudf.dll
C:\Windows\System32\wlanpref.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-01-21 16:18
==================== End of FRST.txt ============================
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontorlu
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\Run: [BingSvc] => C:\Users\Radossek\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2016-03-09] (© 2015 Microsoft Corporation)
C:\Users\Radossek\AppData\Local\Microsoft\BingSvc
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\MountPoints2: G - "G:\.autorun\autorun.exe"
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\MountPoints2: {9058066f-f33b-11e5-be84-2cd05a5dda82} - "G:\.autorun\autorun.exe"
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\MountPoints2: {9340a2ea-c1b9-11e6-bf68-2cd05a5dda82} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\MountPoints2: {a00c6bcd-beda-11e6-bf67-2cd05a5dda82} - "E:\HiSuiteDownLoader.exe"
SearchScopes: HKU\S-1-5-21-1513155856-3543802732-2289230164-1001 -> DefaultScope {BCB9D611-4812-44D8-9C9F-505B05A687CA} URL =
SearchScopes: HKU\S-1-5-21-1513155856-3543802732-2289230164-1001 -> {BCB9D611-4812-44D8-9C9F-505B05A687CA} URL =
S1 leprtdmt; \??\C:\WINDOWS\system32\drivers\leprtdmt.sys [X]
C:\Users\Radossek\AppData\Local\Temp
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontorlu
Fix result of Farbar Recovery Scan Tool (x64) Version: 25-01-2017 01
Ran by Radossek (27-01-2017 18:55:46) Run:1
Running from C:\Users\Radossek\Desktop
Loaded Profiles: Radossek (Available Profiles: Radossek & Administrator)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\Run: [BingSvc] => C:\Users\Radossek\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2016-03-09] (© 2015 Microsoft Corporation)
C:\Users\Radossek\AppData\Local\Microsoft\BingSvc
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\MountPoints2: G - "G:\.autorun\autorun.exe"
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\MountPoints2: {9058066f-f33b-11e5-be84-2cd05a5dda82} - "G:\.autorun\autorun.exe"
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\MountPoints2: {9340a2ea-c1b9-11e6-bf68-2cd05a5dda82} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\MountPoints2: {a00c6bcd-beda-11e6-bf67-2cd05a5dda82} - "E:\HiSuiteDownLoader.exe"
SearchScopes: HKU\S-1-5-21-1513155856-3543802732-2289230164-1001 -> DefaultScope {BCB9D611-4812-44D8-9C9F-505B05A687CA} URL =
SearchScopes: HKU\S-1-5-21-1513155856-3543802732-2289230164-1001 -> {BCB9D611-4812-44D8-9C9F-505B05A687CA} URL =
S1 leprtdmt; \??\C:\WINDOWS\system32\drivers\leprtdmt.sys [X]
C:\Users\Radossek\AppData\Local\Temp
EmptyTemp:
End
*****************
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\Software\Microsoft\Windows\CurrentVersion\Run\\BingSvc => value removed successfully
C:\Users\Radossek\AppData\Local\Microsoft\BingSvc => moved successfully
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G => key removed successfully
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9058066f-f33b-11e5-be84-2cd05a5dda82} => key removed successfully
HKCR\CLSID\{9058066f-f33b-11e5-be84-2cd05a5dda82} => key not found.
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9340a2ea-c1b9-11e6-bf68-2cd05a5dda82} => key removed successfully
HKCR\CLSID\{9340a2ea-c1b9-11e6-bf68-2cd05a5dda82} => key not found.
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a00c6bcd-beda-11e6-bf67-2cd05a5dda82} => key removed successfully
HKCR\CLSID\{a00c6bcd-beda-11e6-bf67-2cd05a5dda82} => key not found.
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BCB9D611-4812-44D8-9C9F-505B05A687CA} => key removed successfully
HKCR\CLSID\{BCB9D611-4812-44D8-9C9F-505B05A687CA} => key not found.
HKLM\System\CurrentControlSet\Services\leprtdmt => key removed successfully
leprtdmt => service removed successfully
C:\Users\Radossek\AppData\Local\Temp => moved successfully
=========== EmptyTemp: ==========
BITS transfer queue => 32768 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 37160009 B
Java, Flash, Steam htmlcache => 243530568 B
Windows/system/drivers => 54805 B
Edge => 10299266 B
Chrome => 12874549 B
Firefox => 374816212 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 34012 B
NetworkService => 1644882 B
Radossek => 241832038 B
Administrator => 12198 B
RecycleBin => 18653702861 B
EmptyTemp: => 18.2 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 18:58:39 ====
Ran by Radossek (27-01-2017 18:55:46) Run:1
Running from C:\Users\Radossek\Desktop
Loaded Profiles: Radossek (Available Profiles: Radossek & Administrator)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\Run: [BingSvc] => C:\Users\Radossek\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2016-03-09] (© 2015 Microsoft Corporation)
C:\Users\Radossek\AppData\Local\Microsoft\BingSvc
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\MountPoints2: G - "G:\.autorun\autorun.exe"
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\MountPoints2: {9058066f-f33b-11e5-be84-2cd05a5dda82} - "G:\.autorun\autorun.exe"
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\MountPoints2: {9340a2ea-c1b9-11e6-bf68-2cd05a5dda82} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\MountPoints2: {a00c6bcd-beda-11e6-bf67-2cd05a5dda82} - "E:\HiSuiteDownLoader.exe"
SearchScopes: HKU\S-1-5-21-1513155856-3543802732-2289230164-1001 -> DefaultScope {BCB9D611-4812-44D8-9C9F-505B05A687CA} URL =
SearchScopes: HKU\S-1-5-21-1513155856-3543802732-2289230164-1001 -> {BCB9D611-4812-44D8-9C9F-505B05A687CA} URL =
S1 leprtdmt; \??\C:\WINDOWS\system32\drivers\leprtdmt.sys [X]
C:\Users\Radossek\AppData\Local\Temp
EmptyTemp:
End
*****************
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\Software\Microsoft\Windows\CurrentVersion\Run\\BingSvc => value removed successfully
C:\Users\Radossek\AppData\Local\Microsoft\BingSvc => moved successfully
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G => key removed successfully
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9058066f-f33b-11e5-be84-2cd05a5dda82} => key removed successfully
HKCR\CLSID\{9058066f-f33b-11e5-be84-2cd05a5dda82} => key not found.
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9340a2ea-c1b9-11e6-bf68-2cd05a5dda82} => key removed successfully
HKCR\CLSID\{9340a2ea-c1b9-11e6-bf68-2cd05a5dda82} => key not found.
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a00c6bcd-beda-11e6-bf67-2cd05a5dda82} => key removed successfully
HKCR\CLSID\{a00c6bcd-beda-11e6-bf67-2cd05a5dda82} => key not found.
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BCB9D611-4812-44D8-9C9F-505B05A687CA} => key removed successfully
HKCR\CLSID\{BCB9D611-4812-44D8-9C9F-505B05A687CA} => key not found.
HKLM\System\CurrentControlSet\Services\leprtdmt => key removed successfully
leprtdmt => service removed successfully
C:\Users\Radossek\AppData\Local\Temp => moved successfully
=========== EmptyTemp: ==========
BITS transfer queue => 32768 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 37160009 B
Java, Flash, Steam htmlcache => 243530568 B
Windows/system/drivers => 54805 B
Edge => 10299266 B
Chrome => 12874549 B
Firefox => 374816212 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 34012 B
NetworkService => 1644882 B
Radossek => 241832038 B
Administrator => 12198 B
RecycleBin => 18653702861 B
EmptyTemp: => 18.2 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 18:58:39 ====
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontorlu
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontorlu
Notebook startuje rychleji. Přes noc zkusím aktualizace windows jestli se něco změnilo. Každopádně tlačítko start nereaguje jak myší tak ani klávesou na klávesnici. V nejhorším případěš zkusím vrátit počítač do továrního nastavení pokud to už teda půjde.
Moc Vám děkuji za pomoc.
Moc Vám děkuji za pomoc.
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontorlu
Jinou možností je obnova systému k datu, kdy korektně fungoval.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontorlu
To bude asi horší jelikož tento ntb neni puvodně muj a nejsou tu žádné zálohy o kterých bych věděl nebo které by mi sám počítač nabídl. Už jen fakt že se brání přeměny do továrního nastavení a odmítá se aktualizovat mi nehraje do karet. Zkusím znovu aktualizace a popřípadě se ještě ozvu.
Děkuji za Vaší pomoc a za Váš čas.
Martin Vlk
Děkuji za Vaší pomoc a za Váš čas.
Martin Vlk
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontorlu
OK. Rádo se stalo! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?