VIRY.CZ

Dobrý den,

poslední dobou se mi notebook velmi zasekává a disk s procesorem jsou velmi zatížené až po 100%.
V prohlížeči windows explorer ( který nepoužívám ) jsem našel že je nastavena domovská stránka na nějakou s "čínskými" znaky. Počítač jsem dlouho nepřeinstalovával, tak jsem se jej pokusil vrátit do továrního nastavení ale ani to se mi nepodařilo. U pokusu o vrácení do továrního nastavení mi to asi po 20 minutách napsalo že se nezdařilo a že žádné změny neproběhli. Nedaří se mi ani aktualizovat windows. Pokaždě se sám po vypnutí aktualizuje asi hodinu a po hodině jen vypíše že aktualizace se nezdařil a že navrací změny což trvá další půlhodinku. Prosím o kontrolu a pomoc. Děkuji

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-01-2017 01
Ran by Radossek (administrator) on RADOSS (27-01-2017 16:39:23)
Running from C:\Users\Radossek\Desktop
Loaded Profiles: Radossek & Administrator (Available Profiles: Radossek & Administrator)
Platform: Windows 10 Home Version 1511 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
() C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe
(© 2015 Microsoft Corporation) C:\Users\Radossek\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(Společnost TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ESET) C:\Program Files\ESET\ESET Antivirus\x86\ekrn.exe
(ESET) C:\Program Files\ESET\ESET Antivirus\egui.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Huawei) C:\Program Files (x86)\HiSuite\HiSuite.exe
(Huawei) C:\Users\Radossek\AppData\Local\Hisuite\userdata\hwtools\hdbtransport.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.16112.10221.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13196432 2012-09-25] (Realtek Semiconductor)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2611112 2012-09-04] ()
HKLM\...\Run: [TODDMain] => C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe [213136 2012-08-04] ()
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [169896 2012-08-14] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [356776 2012-07-11] (TOSHIBA Corporation)
HKLM\...\Run: [SRS Premium Sound HD] => C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe [2170784 2012-08-20] (SRS Labs, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3954880 2015-10-08] (Synaptics Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Antivirus\egui.exe [5595848 2015-07-08] (ESET)
HKLM-x32\...\Run: [TPUReg] => C:\Program Files (x86)\TOSHIBA\Password Utility\TosPU.exe [7148032 2012-10-31] (Pegatron Corporation)
HKLM-x32\...\Run: [TPUReg(x86)] => "C:\Program Files\TOSHIBA\Password Utility\TosPU.exe" /Retimes
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565960 2016-11-11] (LogMeIn Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\Run: [BingSvc] => C:\Users\Radossek\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2016-03-09] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4290240 2016-03-01] (Disc Soft Ltd)
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2876704 2016-12-20] (Valve Corporation)
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\Run: [LoLReplay2] => "C:\Program Files (x86)\LoLReplay2\LoLReplay2.exe"
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\RunOnce: [Uninstall C:\Users\Radossek\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Radossek\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\RunOnce: [Uninstall C:\Users\Radossek\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Radossek\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64"
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\RunOnce: [Uninstall C:\Users\Radossek\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Radossek\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64"
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\RunOnce: [Uninstall C:\Users\Radossek\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Radossek\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64"
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\MountPoints2: G - "G:\.autorun\autorun.exe"
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\MountPoints2: {9058066f-f33b-11e5-be84-2cd05a5dda82} - "G:\.autorun\autorun.exe"
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\MountPoints2: {9340a2ea-c1b9-11e6-bf68-2cd05a5dda82} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\MountPoints2: {a00c6bcd-beda-11e6-bf67-2cd05a5dda82} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1513155856-3543802732-2289230164-500\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-10-30] (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{a5ec4c43-103a-42ad-ae86-a929e79b85ba}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{ca899a89-b3b7-4b3f-9ad2-fd466f0ef3b2}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.hao123.com/?tn=95144889_hao_pg
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.domaincentar.com/
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com
HKU\S-1-5-21-1513155856-3543802732-2289230164-500\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://toshiba13.msn.com
HKU\S-1-5-21-1513155856-3543802732-2289230164-500\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com
SearchScopes: HKU\S-1-5-21-1513155856-3543802732-2289230164-1001 -> DefaultScope {BCB9D611-4812-44D8-9C9F-505B05A687CA} URL =
SearchScopes: HKU\S-1-5-21-1513155856-3543802732-2289230164-1001 -> {BCB9D611-4812-44D8-9C9F-505B05A687CA} URL =
Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll [2015-10-30] ()
Handler-x32: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll [2015-10-30] ()
Handler-x32: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll [2016-03-29] ()
Handler-x32: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll [2016-03-29] ()

FireFox:
========
FF DefaultProfile: ovxykrwp.default
FF ProfilePath: C:\Users\Radossek\AppData\Roaming\Mozilla\Firefox\Profiles\ovxykrwp.default [2017-01-27]
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\ovxykrwp.default -> Google
FF Homepage: Mozilla\Firefox\Profiles\ovxykrwp.default -> seznam.cz/
FF Extension: (AdBlocker Ultimate) - C:\Users\Radossek\AppData\Roaming\Mozilla\Firefox\Profiles\ovxykrwp.default\Extensions\adblockultimate@adblockultimate.net.xpi [2017-01-01]
FF Extension: (Bing Search) - C:\Users\Radossek\AppData\Roaming\Mozilla\Firefox\Profiles\ovxykrwp.default\Extensions\bingsearch.full@microsoft.com.xpi [2016-03-09]
FF Extension: (Adblock Plus) - C:\Users\Radossek\AppData\Roaming\Mozilla\Firefox\Profiles\ovxykrwp.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-23]
FF SearchPlugin: C:\Users\Radossek\AppData\Roaming\Mozilla\Firefox\Profiles\ovxykrwp.default\searchplugins\bing-.xml [2016-03-09]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-11] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-11] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1225195.dll [2016-09-20] (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2012-08-31] (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-20] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Radossek\AppData\Local\Google\Chrome\User Data\Default [2016-12-29]
CHR Extension: (Prezentace Google) - C:\Users\Radossek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-12-20]
CHR Extension: (Dokumenty Google) - C:\Users\Radossek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-12-20]
CHR Extension: (Disk Google) - C:\Users\Radossek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-20]
CHR Extension: (YouTube) - C:\Users\Radossek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-29]
CHR Extension: (Dokumenty Google offline) - C:\Users\Radossek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-12-29]
CHR Extension: (Skype) - C:\Users\Radossek\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-12-29]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Radossek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-12-20]
CHR Extension: (Gmail) - C:\Users\Radossek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-12-20]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1444544 2016-03-01] (Disc Soft Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Antivirus\x86\ekrn.exe [1353720 2015-07-08] (ESET)
R2 GFNEXSrv; C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe [156672 2011-10-13] () [File not signed]
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [2627080 2016-11-11] (LogMeIn Inc.)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2016-08-26] ()
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [330136 2015-08-27] (Intel Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-08-31] (LogMeIn, Inc.)
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [4307704 2016-02-25] (INCA Internet Co., Ltd.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [201360 2012-08-31] (Realtek Semiconductor)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [4088608 2016-09-21] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [235984 2016-11-24] (Safer-Networking Ltd.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [255168 2015-10-08] (Synaptics Incorporated)
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [114656 2012-09-25] (Toshiba Europe GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-01] (Microsoft Corporation)
S3 icssvc; %SystemRoot%\System32\tetheringservice.dll [X]
S3 WerSvc; %SystemRoot%\System32\WerSvc.dll [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [129152 2016-04-24] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-03-26] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-03-26] (Disc Soft Ltd)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [255240 2015-07-13] (ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [251632 2015-07-13] (ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [178520 2015-07-13] (ESET)
R2 epfwwfpr; C:\WINDOWS\system32\DRIVERS\epfwwfpr.sys [168208 2015-07-13] (ESET)
R3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18816 2016-05-25] (Huawei Technologies Co., Ltd.)
R3 Hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [45680 2015-11-12] (LogMeIn Inc.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2016-05-25] (Huawei Technologies Co., Ltd.)
R2 PEGAGFN; C:\Program Files (x86)\TOSHIBA\Password Utility\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek )
R3 RtkBtFilter2; C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys [65792 2015-05-29] (Realtek Microelectronics)
R3 rtwlane_13; C:\WINDOWS\System32\drivers\rtwlane_13.sys [3749888 2015-10-30] (Realtek Semiconductor Corporation )
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [51392 2015-10-08] (Synaptics Incorporated)
R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [28632 2012-07-31] (Windows (R) Win 7 DDK provider)
S1 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [121248 2016-09-12] (Oracle Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (MBB)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S1 leprtdmt; \??\C:\WINDOWS\system32\drivers\leprtdmt.sys [X]
S1 QMUdisk; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\QMUdisk64.sys [X]
S1 softaal; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\softaal64.sys [X]
S1 SRepairDrv; \??\C:\Program Files (x86)\Tencent\QQPCMGR\Plugins\SRepairDrv [X]
S2 tsnethlpx64; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17339.217\TsNetHlpX64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-01-27 16:39 - 2017-01-27 16:40 - 00020039 _____ C:\Users\Radossek\Desktop\FRST.txt
2017-01-27 16:38 - 2017-01-27 16:39 - 00000000 ____D C:\FRST
2017-01-27 16:38 - 2017-01-27 16:38 - 02420736 _____ (Farbar) C:\Users\Radossek\Desktop\FRST64.exe
2017-01-27 11:45 - 2017-01-27 11:45 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2017-01-27 11:44 - 2017-01-27 11:49 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2017-01-27 11:44 - 2017-01-27 11:48 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2017-01-27 11:44 - 2017-01-27 11:44 - 00001475 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2017-01-27 11:44 - 2017-01-27 11:44 - 00001463 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2017-01-27 11:44 - 2017-01-27 11:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2017-01-27 11:44 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe
2017-01-27 11:43 - 2017-01-27 11:43 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Radossek\Downloads\spybot-2.4.exe
2017-01-27 11:37 - 2017-01-27 11:37 - 16409960 _____ (Safer Networking Limited ) C:\Users\Radossek\Downloads\spybotsd162.exe
2017-01-26 21:06 - 2017-01-26 21:06 - 00000000 ____D C:\Users\Radossek\AppData\Local\ESET
2017-01-26 19:20 - 2017-01-26 19:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2017-01-26 19:20 - 2017-01-26 19:20 - 00000000 ____D C:\ProgramData\ESET
2017-01-26 19:20 - 2017-01-26 19:20 - 00000000 ____D C:\Program Files\ESET
2017-01-26 18:38 - 2017-01-26 18:38 - 00000000 ____D C:\Users\Radossek\Desktop\ESET NOD32 Antivirus_Smart Security 8.0.319.1 RePack by KpoJIuK
2017-01-26 12:49 - 2017-01-26 12:51 - 00000000 ____D C:\Users\Radossek\Desktop\Let’s Dance 1-4
2017-01-19 18:18 - 2017-01-19 18:21 - 1221384192 _____ C:\Users\Radossek\Desktop\Avengers.2012.DVDRip.Xvid.CZ.avi
2017-01-19 18:05 - 2017-01-19 18:07 - 00000000 ____D C:\Users\Radossek\Desktop\Deadpool.2016.BDRip.XviD.CZ-TreZzoR
2017-01-19 17:51 - 2017-01-19 17:59 - 1946617856 _____ C:\Users\Radossek\Desktop\G.I. Joe 2 - Odveta.avi
2017-01-19 17:50 - 2017-01-19 18:04 - 1469321588 _____ C:\Users\Radossek\Desktop\G.I.Joe.The.Rise.of.Cobra.2009.AC3.DVDRip.XviD.CZ-DeBpuTa .avi
2017-01-18 17:24 - 2017-01-18 17:28 - 1622044636 _____ C:\Users\Radossek\Desktop\Hobit Bitva pěti armád 2014 Cz dab..mkv
2017-01-18 17:19 - 2017-01-18 17:22 - 1500182528 _____ C:\Users\Radossek\Desktop\Petes.Dragon.2016.BDRip.XViD.AC3.CZ.SK.avi
2017-01-17 19:23 - 2017-01-17 19:24 - 00000000 ____D C:\Users\Radossek\Desktop\Matrix Trilogy CZ
2017-01-15 22:06 - 2017-01-15 22:09 - 1618517870 _____ C:\Users\Radossek\Desktop\Terminator.Genisys.2015.480p.BDRip.XviD.AC3.CZ-HiDE.avi
2017-01-13 14:53 - 2017-01-13 14:59 - 00000000 ____D C:\Users\Radossek\Desktop\Men in Black Trilogy - Muži v černém trilogie
2017-01-13 14:47 - 2017-01-13 14:48 - 00000000 ____D C:\Users\Radossek\Desktop\Terminator.kolekce.1984-2009.480p.DVDRip.XviD.AC3.CZ.-calibrum2
2017-01-11 18:45 - 2017-01-11 18:45 - 02721168 _____ (Microsoft Corporation) C:\Users\Radossek\Downloads\Windows7-USB-DVD-tool.exe
2017-01-11 18:38 - 2017-01-11 18:40 - 00000000 ____D C:\Users\Radossek\Desktop\Windows 8.1 + crack
2017-01-11 16:12 - 2017-01-11 16:21 - 00000000 ____D C:\Users\Radossek\Desktop\Saw.kolekce.2004-2010.480p.DVDRip.XviD.AC3.CZ.-calibrum2
2017-01-08 18:42 - 2017-01-08 18:42 - 00000219 _____ C:\Users\Radossek\Desktop\Alien Swarm.url
2017-01-07 20:03 - 2017-01-07 20:03 - 00002107 _____ C:\Users\Radossek\Desktop\left 4 dead.lnk
2017-01-07 19:51 - 2017-01-07 19:51 - 00000000 ____D C:\Program Files (x86)\valve
2017-01-07 19:40 - 2017-01-07 19:40 - 00000000 ____D C:\Users\Radossek\Desktop\left4dead_1030_nosteam_english
2017-01-07 18:35 - 2017-01-07 18:36 - 00000000 ____D C:\Users\Radossek\Desktop\Heroes 5 cz dabing
2017-01-07 01:50 - 2017-01-07 01:51 - 07837144 _____ C:\Users\Radossek\Downloads\WitN_fix7_for_v1.0.0.1.7z
2017-01-07 01:47 - 2017-01-07 01:47 - 00000000 ____D C:\Users\Radossek\AppData\Local\Chromium
2017-01-07 01:31 - 2017-01-07 01:31 - 00000000 ____D C:\Users\Radossek\AppData\Local\WB Games
2017-01-07 00:53 - 2017-01-07 00:53 - 08417280 _____ C:\Users\Radossek\Downloads\hamachi(1).msi
2017-01-06 21:26 - 2017-01-06 21:26 - 00000000 ____D C:\ProgramData\RELOADED
2017-01-06 21:21 - 2017-01-06 21:21 - 00001172 _____ C:\Users\Public\Desktop\LOTR - War in the North.lnk
2017-01-06 21:21 - 2017-01-06 21:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LOTR - War in the North
2017-01-06 21:08 - 2017-01-07 01:52 - 00000000 ____D C:\Program Files (x86)\LOTR - War in the North
2017-01-06 21:06 - 2017-01-06 21:07 - 00852263 _____ (tomi2k9 ) C:\Users\Radossek\Desktop\LOTR - War in the North by tomi2k9.exe
2017-01-06 21:04 - 2012-09-16 16:05 - 1133938771 ____N C:\Users\Radossek\Desktop\LOTR - War in the North by tomi2k9-3.bin
2017-01-06 21:02 - 2012-09-16 15:51 - 1533000000 ____N C:\Users\Radossek\Desktop\LOTR - War in the North by tomi2k9-2.bin
2017-01-06 21:01 - 2012-09-16 15:47 - 00000000 ____D C:\Users\Radossek\Desktop\.autorun
2017-01-06 21:01 - 2012-09-16 15:38 - 1532147520 ____N C:\Users\Radossek\Desktop\LOTR - War in the North by tomi2k9-1.bin
2017-01-05 00:25 - 2017-01-05 01:14 - 1969020928 _____ C:\Users\Radossek\Desktop\Deep Blue Sea - Útok z hlubin.avi
2017-01-01 23:39 - 2017-01-01 23:39 - 00000000 ____D C:\Users\Radossek\Desktop\ZVONÁR MATKY BOŽEJ 1080p [SK,CZ,ENG]
2016-12-30 22:18 - 2016-12-30 22:18 - 00000000 ____D C:\Users\Radossek\Desktop\Riddick - Trilogy CZ
2016-12-30 00:59 - 2016-12-30 01:02 - 00000000 ____D C:\Users\Radossek\Desktop\Hellboy 2 - Zlatá armáda
2016-12-30 00:16 - 2016-12-30 00:20 - 00000000 ____D C:\Users\Radossek\Desktop\Hellboy
2016-12-29 00:36 - 2016-12-29 00:42 - 00000000 ____D C:\Users\Radossek\Desktop\Scary Movie 5
2016-12-28 00:44 - 2016-12-28 00:45 - 00000000 ____D C:\Users\Radossek\Desktop\Lights.Out.2016.BRRip.XviD.AC3.CZ
2016-12-28 00:39 - 2016-12-28 00:39 - 00000000 ____D C:\Users\Radossek\Desktop\Vetřelec vs predator 1.2

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-01-27 16:30 - 2016-11-03 13:57 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-01-27 16:00 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2017-01-27 16:00 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-01-27 13:03 - 2016-11-18 18:34 - 00000000 ____D C:\Users\Radossek\AppData\LocalLow\Mozilla
2017-01-27 12:54 - 2016-11-18 17:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-01-27 12:54 - 2016-03-05 11:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-01-27 11:43 - 2016-03-04 20:43 - 00000000 ____D C:\Users\Radossek\AppData\Roaming\uTorrent
2017-01-27 11:18 - 2016-04-03 14:58 - 00000000 ____D C:\Users\Radossek\AppData\Local\LogMeIn Hamachi
2017-01-27 02:38 - 2016-03-04 23:38 - 01771468 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-01-27 02:38 - 2015-10-30 19:31 - 00751272 _____ C:\WINDOWS\system32\perfh005.dat
2017-01-27 02:38 - 2015-10-30 19:31 - 00150860 _____ C:\WINDOWS\system32\perfc005.dat
2017-01-27 02:38 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF
2017-01-26 22:44 - 2016-11-23 01:18 - 00000000 ____D C:\Users\Radossek\AppData\Roaming\vlc
2017-01-26 22:00 - 2016-03-09 06:53 - 00000000 ____D C:\ProgramData\Skype
2017-01-26 21:59 - 2016-07-10 07:58 - 00000000 ____D C:\UnrealTournament
2017-01-26 21:58 - 2013-03-11 04:26 - 00000000 ____D C:\Program Files (x86)\WildGames
2017-01-26 21:57 - 2013-03-11 04:23 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-01-26 21:57 - 2013-03-11 04:23 - 00000000 ____D C:\ProgramData\WildTangent
2017-01-26 21:06 - 2016-02-19 15:57 - 00000000 ____D C:\Users\Radossek\Downloads\ESET NOD32 antivirus 8.0.304.1 (x86,x64)(CZ,SK)
2017-01-26 19:31 - 2016-02-19 11:44 - 00000000 ____D C:\Users\Radossek\AppData\Local\Packages
2017-01-26 19:14 - 2016-03-05 04:54 - 00000000 ___HD C:\$SysReset
2017-01-26 19:11 - 2016-05-03 14:57 - 00000000 ____D C:\Program Files (x86)\Steam
2017-01-26 19:08 - 2016-03-05 11:06 - 00000000 __SHD C:\Users\Radossek\IntelGraphicsProfiles
2017-01-26 19:07 - 2016-03-04 23:36 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-01-26 19:06 - 2016-03-04 23:21 - 00000000 ____D C:\Users\Radossek
2017-01-26 19:06 - 2015-10-30 07:28 - 01048576 ___SH C:\WINDOWS\system32\config\BBI
2017-01-26 18:38 - 2016-10-31 13:23 - 00000017 _____ C:\Users\Radossek\Desktop\pro tátu.txt
2017-01-18 23:19 - 2016-12-13 23:36 - 00003278 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-01-18 23:19 - 2016-03-05 08:27 - 00002411 _____ C:\Users\Radossek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-01-18 23:19 - 2016-03-05 08:27 - 00000000 ___RD C:\Users\Radossek\OneDrive
2017-01-13 14:56 - 2016-07-24 22:33 - 00000000 ____D C:\Users\Radossek\Desktop\filmy
2017-01-11 15:30 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-01-11 15:30 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-01-08 18:42 - 2016-05-03 15:14 - 00000000 ____D C:\Users\Radossek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2017-01-07 01:47 - 2016-05-03 15:02 - 00000000 ____D C:\Users\Radossek\AppData\Local\Steam

==================== Files in the root of some directories =======

2016-03-26 14:49 - 2016-03-26 14:49 - 0005120 _____ () C:\Users\Radossek\AppData\Roaming\GiftBag.db

Some files in TEMP:
====================
2016-03-09 07:04 - 2016-03-09 07:04 - 0144008 _____ (© 2015 Microsoft Corporation) C:\Users\Radossek\AppData\Local\Temp\BingSvc.exe
2016-03-26 13:01 - 2016-03-26 13:01 - 0102912 _____ () C:\Users\Radossek\AppData\Local\Temp\bitool.dll
2016-03-09 07:04 - 2016-03-09 07:05 - 1118360 _____ (© 2015 Microsoft Corporation) C:\Users\Radossek\AppData\Local\Temp\BSvcProcessor.exe
2016-03-09 07:04 - 2016-03-09 07:04 - 0170128 _____ (© 2015 Microsoft Corporation) C:\Users\Radossek\AppData\Local\Temp\BSvcUpdater.exe
2017-01-26 21:58 - 2016-08-16 17:40 - 0786432 ____N () C:\Users\Radossek\AppData\Local\Temp\Core.dll
2017-01-26 21:58 - 2016-08-16 17:40 - 0311296 ____N () C:\Users\Radossek\AppData\Local\Temp\Setup.exe
2016-04-13 13:54 - 2016-11-25 18:46 - 43872728 _____ (Skype Technologies S.A.) C:\Users\Radossek\AppData\Local\Temp\SkypeSetup.exe
2016-09-25 12:57 - 2016-03-25 15:18 - 0118274 _____ () C:\Users\Radossek\AppData\Local\Temp\Uninstall.exe
2017-01-26 21:58 - 2016-08-16 17:40 - 0483328 ____N () C:\Users\Radossek\AppData\Local\Temp\Window.dll
2016-07-10 14:55 - 2006-05-24 14:10 - 0455600 ____R (Macrovision Corporation) C:\Users\Radossek\AppData\Local\Temp\_is122C.exe
2016-03-26 14:52 - 2016-03-26 14:51 - 0534528 _____ () C:\Users\Radossek\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
2016-11-23 01:09 - 2016-11-23 01:10 - 0733312 _____ () C:\Users\Radossek\AppData\Local\Temp\~FF39.exe

Some zero byte size files/folders:
==========================
C:\Windows\SysWOW64\inetcomm.dll
C:\Windows\SysWOW64\mfh265enc.dll
C:\Windows\SysWOW64\rpcnsh.dll
C:\Windows\SysWOW64\Windows.Security.Credentials.UI.UserConsentVerifier.dll
C:\Windows\SysWOW64\wlanpref.dll
C:\Windows\System32\autofmt.exe
C:\Windows\System32\CPFilters.dll
C:\Windows\System32\drmmgrtn.dll
C:\Windows\System32\efscore.dll
C:\Windows\System32\fdeploy.dll
C:\Windows\System32\inetcomm.dll
C:\Windows\System32\mfh265enc.dll
C:\Windows\System32\nslookup.exe
C:\Windows\System32\rascfg.dll
C:\Windows\System32\rdpinput.exe
C:\Windows\System32\TSWorkspace.dll
C:\Windows\System32\unbcl.dll
C:\Windows\System32\uudf.dll
C:\Windows\System32\wlanpref.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-01-21 16:18

==================== End of FRST.txt ============================

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

Jenom bch ještě přidal do problému nefunkční tlačítko start u windows ( mužu na nej klikat jak chci nabidka nevyjede ) a pokud najedu kurzorem do praveho horniho rohu aby vyjela nabidka na vpnuti a pod taky nevyjede. Log z ADW

# AdwCleaner v6.042 - Log vytvořen 27/01/2017 v 17:39:32
# Aktualizováno dne 06/01/2017 z Malwarebytes
# Databáze : 2017-01-27.1 [Server]
# Operační systém : Windows 10 Home (X64)
# Uživatelské jméno : Radossek - RADOSS
# Spuštěno z : C:\Users\Radossek\Desktop\adwcleaner_6.042.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support

***** [ Služby ] *****

[-] Služba smazána: QMUdisk
[-] Služba smazána: softaal
[-] Služba smazána: SRepairDrv
[-] Služba smazána: tsnethlpx64

***** [ Složky ] *****

[-] Složka smazána: C:\Users\Radossek\AppData\Local\VirtualStore\ProgramData\Application Data\Tencent
[-] Složka smazána: C:\Users\Radossek\AppData\Roaming\Tencent
[-] Složka smazána: C:\Users\Radossek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件
[-] Složka smazána: C:\Program Files\Common Files\Tencent
[-] Složka smazána: C:\Users\Radossek\AppData\Local\VirtualStore\Program Files (x86)\Tencent
[-] Složka smazána: C:\ProgramData\TXQMPC
[-] Složka smazána: C:\ProgramData\Tencent
[-] Složka smazána: C:\ProgramData\Application Data\Tencent
[-] Složka smazána: C:\Program Files (x86)\Tencent
[-] Složka smazána: C:\Program Files (x86)\Common Files\Tencent
[-] Složka smazána: C:\Users\Radossek\AppData\Local\Temp\Tencent
[-] Složka smazána: C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Roaming\Tencent

***** [ Soubory ] *****

[-] Soubor smazán: C:\Users\Administrator\Favorites\eBay.lnk
[-] Soubor smazán: C:\WINDOWS\SysNative\drivers\TFsFltX64.sys
[-] Soubor smazán: C:\WINDOWS\SysNative\drivers\TAOKernelEx64.sys
[-] Soubor smazán: C:\WINDOWS\SysWOW64\drivers\TS888x64.sys

***** [ DLL ] *****

***** [ WMI ] *****

***** [ Zástupci ] *****

[-] Zástupce vyléčen: C:\Users\Radossek\Desktop\hry\WarThunder.lnk

***** [ Naplánované úlohy ] *****

[-] Úloha smazána: LaunchPreSignup

***** [ Registry ] *****

[-] Klíč smazán: HKLM\SOFTWARE\Classes\metnsd
[-] Klíč smazán: HKLM\SOFTWARE\Classes\qmgcfiles
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\metnsd
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\qmgcfiles
[-] Klíč smazán: HKLM\SOFTWARE\Classes\AppID\{51BEE30D-EEC8-4BA3-930B-298B8E759EB1}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{70DE12EA-79F4-46BC-9812-86DB50A2FD64}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
[-] Klíč smazán: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{29B6CFD5-0064-411A-8C42-9890C83F9921}
[-] Klíč smazán: HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\Software\PRODUCTSETUP
[-] Klíč smazán: HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\Software\Softwareopensource
[-] Klíč smazán: HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\Software\csastats
[#] Klíč smazán po restartu: HKCU\Software\PRODUCTSETUP
[#] Klíč smazán po restartu: HKCU\Software\Softwareopensource
[#] Klíč smazán po restartu: HKCU\Software\csastats
[#] Klíč smazán po restartu: [x64] HKCU\Software\PRODUCTSETUP
[#] Klíč smazán po restartu: [x64] HKCU\Software\Softwareopensource
[#] Klíč smazán po restartu: [x64] HKCU\Software\csastats
[-] Data obnovena: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Klíč smazán: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\hao123.com
[-] Klíč smazán: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.hao123.com
[-] Klíč smazán: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\hao123.com
[-] Klíč smazán: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.hao123.com
[#] Klíč smazán po restartu: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\hao123.com
[#] Klíč smazán po restartu: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.hao123.com
[#] Klíč smazán po restartu: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\hao123.com
[#] Klíč smazán po restartu: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.hao123.com
[-] Klíč smazán: HKLM\SOFTWARE\Classes\AppID\DownloadProxy.EXE
[-] Klíč smazán: HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP
[-] Klíč smazán: HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP
[-] Klíč smazán: HKEY_CLASSES_ROOT\.qmgc

***** [ Prohlížeče ] *****

[-] Firefox předvolby vyčištěny: "startpage.ntsearch_url" - "hxxps://search.yahoo.com/search?fr=spigot-nt-ff&ei=utf-8&ilc=12&type=0&p={searchTerms}"

*************************

:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [5728 Bajty] - [27/01/2017 17:39:32]
C:\AdwCleaner\AdwCleaner[S0].txt - [5899 Bajty] - [27/01/2017 17:38:53]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [5874 Bajty] ##########

Dejte nový log FRST.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-01-2017 01
Ran by Radossek (administrator) on RADOSS (27-01-2017 18:47:08)
Running from C:\Users\Radossek\Desktop
Loaded Profiles: Radossek (Available Profiles: Radossek & Administrator)
Platform: Windows 10 Home Version 1511 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
() C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(ESET) C:\Program Files\ESET\ESET Antivirus\x86\ekrn.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe
(ESET) C:\Program Files\ESET\ESET Antivirus\egui.exe
(© 2015 Microsoft Corporation) C:\Users\Radossek\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(Společnost TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13196432 2012-09-25] (Realtek Semiconductor)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2611112 2012-09-04] ()
HKLM\...\Run: [TODDMain] => C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe [213136 2012-08-04] ()
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [169896 2012-08-14] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [356776 2012-07-11] (TOSHIBA Corporation)
HKLM\...\Run: [SRS Premium Sound HD] => C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe [2170784 2012-08-20] (SRS Labs, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3954880 2015-10-08] (Synaptics Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Antivirus\egui.exe [5595848 2015-07-08] (ESET)
HKLM-x32\...\Run: [TPUReg] => C:\Program Files (x86)\TOSHIBA\Password Utility\TosPU.exe [7148032 2012-10-31] (Pegatron Corporation)
HKLM-x32\...\Run: [TPUReg(x86)] => "C:\Program Files\TOSHIBA\Password Utility\TosPU.exe" /Retimes
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565960 2016-11-11] (LogMeIn Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\Run: [BingSvc] => C:\Users\Radossek\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2016-03-09] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4290240 2016-03-01] (Disc Soft Ltd)
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2876704 2016-12-20] (Valve Corporation)
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\Run: [LoLReplay2] => "C:\Program Files (x86)\LoLReplay2\LoLReplay2.exe"
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\RunOnce: [Uninstall C:\Users\Radossek\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Radossek\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\RunOnce: [Uninstall C:\Users\Radossek\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Radossek\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64"
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\RunOnce: [Uninstall C:\Users\Radossek\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Radossek\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64"
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\RunOnce: [Uninstall C:\Users\Radossek\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Radossek\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64"
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\MountPoints2: G - "G:\.autorun\autorun.exe"
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\MountPoints2: {9058066f-f33b-11e5-be84-2cd05a5dda82} - "G:\.autorun\autorun.exe"
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\MountPoints2: {9340a2ea-c1b9-11e6-bf68-2cd05a5dda82} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\MountPoints2: {a00c6bcd-beda-11e6-bf67-2cd05a5dda82} - "E:\HiSuiteDownLoader.exe"
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{a5ec4c43-103a-42ad-ae86-a929e79b85ba}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{ca899a89-b3b7-4b3f-9ad2-fd466f0ef3b2}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.domaincentar.com/
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com
SearchScopes: HKU\S-1-5-21-1513155856-3543802732-2289230164-1001 -> DefaultScope {BCB9D611-4812-44D8-9C9F-505B05A687CA} URL =
SearchScopes: HKU\S-1-5-21-1513155856-3543802732-2289230164-1001 -> {BCB9D611-4812-44D8-9C9F-505B05A687CA} URL =
Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll [2015-10-30] ()
Handler-x32: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll [2015-10-30] ()
Handler-x32: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll [2016-03-29] ()
Handler-x32: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll [2016-03-29] ()

FireFox:
========
FF DefaultProfile: ovxykrwp.default
FF ProfilePath: C:\Users\Radossek\AppData\Roaming\Mozilla\Firefox\Profiles\ovxykrwp.default [2017-01-27]
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\ovxykrwp.default -> Google
FF Homepage: Mozilla\Firefox\Profiles\ovxykrwp.default -> seznam.cz/
FF Extension: (AdBlocker Ultimate) - C:\Users\Radossek\AppData\Roaming\Mozilla\Firefox\Profiles\ovxykrwp.default\Extensions\adblockultimate@adblockultimate.net.xpi [2017-01-01]
FF Extension: (Bing Search) - C:\Users\Radossek\AppData\Roaming\Mozilla\Firefox\Profiles\ovxykrwp.default\Extensions\bingsearch.full@microsoft.com.xpi [2016-03-09]
FF Extension: (Adblock Plus) - C:\Users\Radossek\AppData\Roaming\Mozilla\Firefox\Profiles\ovxykrwp.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-23]
FF SearchPlugin: C:\Users\Radossek\AppData\Roaming\Mozilla\Firefox\Profiles\ovxykrwp.default\searchplugins\bing-.xml [2016-03-09]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-11] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-11] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1225195.dll [2016-09-20] (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2012-08-31] (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-20] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Radossek\AppData\Local\Google\Chrome\User Data\Default [2016-12-29]
CHR Extension: (Prezentace Google) - C:\Users\Radossek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-12-20]
CHR Extension: (Dokumenty Google) - C:\Users\Radossek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-12-20]
CHR Extension: (Disk Google) - C:\Users\Radossek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-20]
CHR Extension: (YouTube) - C:\Users\Radossek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-29]
CHR Extension: (Dokumenty Google offline) - C:\Users\Radossek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-12-29]
CHR Extension: (Skype) - C:\Users\Radossek\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-12-29]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Radossek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-12-20]
CHR Extension: (Gmail) - C:\Users\Radossek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-12-20]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1444544 2016-03-01] (Disc Soft Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Antivirus\x86\ekrn.exe [1353720 2015-07-08] (ESET)
R2 GFNEXSrv; C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe [156672 2011-10-13] () [File not signed]
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [2627080 2016-11-11] (LogMeIn Inc.)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2016-08-26] ()
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [330136 2015-08-27] (Intel Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-08-31] (LogMeIn, Inc.)
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [4307704 2016-02-25] (INCA Internet Co., Ltd.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [201360 2012-08-31] (Realtek Semiconductor)
S2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
S2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [4088608 2016-09-21] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [235984 2016-11-24] (Safer-Networking Ltd.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [255168 2015-10-08] (Synaptics Incorporated)
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [114656 2012-09-25] (Toshiba Europe GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-01] (Microsoft Corporation)
S3 icssvc; %SystemRoot%\System32\tetheringservice.dll [X]
S3 WerSvc; %SystemRoot%\System32\WerSvc.dll [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [129152 2016-04-24] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-03-26] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-03-26] (Disc Soft Ltd)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [255240 2015-07-13] (ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [251632 2015-07-13] (ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [178520 2015-07-13] (ESET)
R2 epfwwfpr; C:\WINDOWS\system32\DRIVERS\epfwwfpr.sys [168208 2015-07-13] (ESET)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18816 2016-05-25] (Huawei Technologies Co., Ltd.)
R3 Hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [45680 2015-11-12] (LogMeIn Inc.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2016-05-25] (Huawei Technologies Co., Ltd.)
R2 PEGAGFN; C:\Program Files (x86)\TOSHIBA\Password Utility\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek )
R3 RtkBtFilter2; C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys [65792 2015-05-29] (Realtek Microelectronics)
R3 rtwlane_13; C:\WINDOWS\System32\drivers\rtwlane_13.sys [3749888 2015-10-30] (Realtek Semiconductor Corporation )
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [51392 2015-10-08] (Synaptics Incorporated)
R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [28632 2012-07-31] (Windows (R) Win 7 DDK provider)
S1 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [121248 2016-09-12] (Oracle Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (MBB)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S1 leprtdmt; \??\C:\WINDOWS\system32\drivers\leprtdmt.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-01-27 18:46 - 2017-01-27 18:47 - 00018151 _____ C:\Users\Radossek\Desktop\FRST.txt
2017-01-27 18:43 - 2017-01-27 18:46 - 00039984 _____ C:\Users\Radossek\Desktop\Addition.txt
2017-01-27 18:37 - 2017-01-27 18:37 - 00000000 ___HD C:\$WINDOWS.~BT
2017-01-27 17:28 - 2017-01-27 17:39 - 00000000 ____D C:\AdwCleaner
2017-01-27 17:08 - 2017-01-27 17:33 - 03988944 _____ C:\Users\Radossek\Desktop\adwcleaner_6.042.exe
2017-01-27 16:51 - 2017-01-27 16:51 - 00010689 _____ C:\Users\Radossek\Desktop\Addition.rar
2017-01-27 16:38 - 2017-01-27 18:47 - 00000000 ____D C:\FRST
2017-01-27 16:38 - 2017-01-27 16:38 - 02420736 _____ (Farbar) C:\Users\Radossek\Desktop\FRST64.exe
2017-01-27 11:45 - 2017-01-27 11:45 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2017-01-27 11:44 - 2017-01-27 11:49 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2017-01-27 11:44 - 2017-01-27 11:48 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2017-01-27 11:44 - 2017-01-27 11:44 - 00001475 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2017-01-27 11:44 - 2017-01-27 11:44 - 00001463 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2017-01-27 11:44 - 2017-01-27 11:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2017-01-27 11:44 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe
2017-01-27 11:43 - 2017-01-27 11:43 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Radossek\Downloads\spybot-2.4.exe
2017-01-27 11:37 - 2017-01-27 11:37 - 16409960 _____ (Safer Networking Limited ) C:\Users\Radossek\Downloads\spybotsd162.exe
2017-01-26 21:06 - 2017-01-26 21:06 - 00000000 ____D C:\Users\Radossek\AppData\Local\ESET
2017-01-26 19:20 - 2017-01-26 19:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2017-01-26 19:20 - 2017-01-26 19:20 - 00000000 ____D C:\ProgramData\ESET
2017-01-26 19:20 - 2017-01-26 19:20 - 00000000 ____D C:\Program Files\ESET
2017-01-26 18:38 - 2017-01-26 18:38 - 00000000 ____D C:\Users\Radossek\Desktop\ESET NOD32 Antivirus_Smart Security 8.0.319.1 RePack by KpoJIuK
2017-01-26 12:49 - 2017-01-26 12:51 - 00000000 ____D C:\Users\Radossek\Desktop\Let’s Dance 1-4
2017-01-19 18:18 - 2017-01-19 18:21 - 1221384192 _____ C:\Users\Radossek\Desktop\Avengers.2012.DVDRip.Xvid.CZ.avi
2017-01-19 18:05 - 2017-01-19 18:07 - 00000000 ____D C:\Users\Radossek\Desktop\Deadpool.2016.BDRip.XviD.CZ-TreZzoR
2017-01-19 17:51 - 2017-01-19 17:59 - 1946617856 _____ C:\Users\Radossek\Desktop\G.I. Joe 2 - Odveta.avi
2017-01-19 17:50 - 2017-01-19 18:04 - 1469321588 _____ C:\Users\Radossek\Desktop\G.I.Joe.The.Rise.of.Cobra.2009.AC3.DVDRip.XviD.CZ-DeBpuTa .avi
2017-01-18 17:24 - 2017-01-18 17:28 - 1622044636 _____ C:\Users\Radossek\Desktop\Hobit Bitva pěti armád 2014 Cz dab..mkv
2017-01-18 17:19 - 2017-01-18 17:22 - 1500182528 _____ C:\Users\Radossek\Desktop\Petes.Dragon.2016.BDRip.XViD.AC3.CZ.SK.avi
2017-01-17 19:23 - 2017-01-17 19:24 - 00000000 ____D C:\Users\Radossek\Desktop\Matrix Trilogy CZ
2017-01-15 22:06 - 2017-01-15 22:09 - 1618517870 _____ C:\Users\Radossek\Desktop\Terminator.Genisys.2015.480p.BDRip.XviD.AC3.CZ-HiDE.avi
2017-01-13 14:53 - 2017-01-13 14:59 - 00000000 ____D C:\Users\Radossek\Desktop\Men in Black Trilogy - Muži v černém trilogie
2017-01-13 14:47 - 2017-01-13 14:48 - 00000000 ____D C:\Users\Radossek\Desktop\Terminator.kolekce.1984-2009.480p.DVDRip.XviD.AC3.CZ.-calibrum2
2017-01-11 18:45 - 2017-01-11 18:45 - 02721168 _____ (Microsoft Corporation) C:\Users\Radossek\Downloads\Windows7-USB-DVD-tool.exe
2017-01-11 18:38 - 2017-01-11 18:40 - 00000000 ____D C:\Users\Radossek\Desktop\Windows 8.1 + crack
2017-01-11 16:12 - 2017-01-11 16:21 - 00000000 ____D C:\Users\Radossek\Desktop\Saw.kolekce.2004-2010.480p.DVDRip.XviD.AC3.CZ.-calibrum2
2017-01-08 18:42 - 2017-01-08 18:42 - 00000219 _____ C:\Users\Radossek\Desktop\Alien Swarm.url
2017-01-07 20:03 - 2017-01-07 20:03 - 00002107 _____ C:\Users\Radossek\Desktop\left 4 dead.lnk
2017-01-07 19:51 - 2017-01-07 19:51 - 00000000 ____D C:\Program Files (x86)\valve
2017-01-07 19:40 - 2017-01-07 19:40 - 00000000 ____D C:\Users\Radossek\Desktop\left4dead_1030_nosteam_english
2017-01-07 18:35 - 2017-01-07 18:36 - 00000000 ____D C:\Users\Radossek\Desktop\Heroes 5 cz dabing
2017-01-07 01:50 - 2017-01-07 01:51 - 07837144 _____ C:\Users\Radossek\Downloads\WitN_fix7_for_v1.0.0.1.7z
2017-01-07 01:47 - 2017-01-07 01:47 - 00000000 ____D C:\Users\Radossek\AppData\Local\Chromium
2017-01-07 01:31 - 2017-01-07 01:31 - 00000000 ____D C:\Users\Radossek\AppData\Local\WB Games
2017-01-07 00:53 - 2017-01-07 00:53 - 08417280 _____ C:\Users\Radossek\Downloads\hamachi(1).msi
2017-01-06 21:26 - 2017-01-06 21:26 - 00000000 ____D C:\ProgramData\RELOADED
2017-01-06 21:21 - 2017-01-06 21:21 - 00001172 _____ C:\Users\Public\Desktop\LOTR - War in the North.lnk
2017-01-06 21:21 - 2017-01-06 21:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LOTR - War in the North
2017-01-06 21:08 - 2017-01-07 01:52 - 00000000 ____D C:\Program Files (x86)\LOTR - War in the North
2017-01-06 21:06 - 2017-01-06 21:07 - 00852263 _____ (tomi2k9 ) C:\Users\Radossek\Desktop\LOTR - War in the North by tomi2k9.exe
2017-01-06 21:04 - 2012-09-16 16:05 - 1133938771 ____N C:\Users\Radossek\Desktop\LOTR - War in the North by tomi2k9-3.bin
2017-01-06 21:02 - 2012-09-16 15:51 - 1533000000 ____N C:\Users\Radossek\Desktop\LOTR - War in the North by tomi2k9-2.bin
2017-01-06 21:01 - 2012-09-16 15:47 - 00000000 ____D C:\Users\Radossek\Desktop\.autorun
2017-01-06 21:01 - 2012-09-16 15:38 - 1532147520 ____N C:\Users\Radossek\Desktop\LOTR - War in the North by tomi2k9-1.bin
2017-01-05 00:25 - 2017-01-05 01:14 - 1969020928 _____ C:\Users\Radossek\Desktop\Deep Blue Sea - Útok z hlubin.avi
2017-01-01 23:39 - 2017-01-01 23:39 - 00000000 ____D C:\Users\Radossek\Desktop\ZVONÁR MATKY BOŽEJ 1080p [SK,CZ,ENG]
2016-12-30 22:18 - 2016-12-30 22:18 - 00000000 ____D C:\Users\Radossek\Desktop\Riddick - Trilogy CZ
2016-12-30 00:59 - 2016-12-30 01:02 - 00000000 ____D C:\Users\Radossek\Desktop\Hellboy 2 - Zlatá armáda
2016-12-30 00:16 - 2016-12-30 00:20 - 00000000 ____D C:\Users\Radossek\Desktop\Hellboy
2016-12-29 00:36 - 2016-12-29 00:42 - 00000000 ____D C:\Users\Radossek\Desktop\Scary Movie 5
2016-12-28 00:44 - 2016-12-28 00:45 - 00000000 ____D C:\Users\Radossek\Desktop\Lights.Out.2016.BRRip.XviD.AC3.CZ
2016-12-28 00:39 - 2016-12-28 00:39 - 00000000 ____D C:\Users\Radossek\Desktop\Vetřelec vs predator 1.2

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-01-27 18:38 - 2016-03-04 23:10 - 00000000 ___DC C:\WINDOWS\Panther
2017-01-27 18:33 - 2016-04-03 14:58 - 00000000 ____D C:\Users\Radossek\AppData\Local\LogMeIn Hamachi
2017-01-27 18:30 - 2016-11-03 13:57 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-01-27 18:00 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-01-27 17:44 - 2016-11-18 18:34 - 00000000 ____D C:\Users\Radossek\AppData\LocalLow\Mozilla
2017-01-27 17:44 - 2016-05-03 14:57 - 00000000 ____D C:\Program Files (x86)\Steam
2017-01-27 17:42 - 2016-03-05 11:06 - 00000000 __SHD C:\Users\Radossek\IntelGraphicsProfiles
2017-01-27 17:42 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-01-27 17:41 - 2016-03-04 23:36 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-01-27 17:40 - 2016-11-18 17:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-01-27 17:40 - 2016-03-05 11:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-01-27 17:40 - 2015-10-30 07:28 - 01048576 ___SH C:\WINDOWS\system32\config\BBI
2017-01-27 17:40 - 2013-03-11 04:00 - 00000000 ____D C:\Program Files (x86)\Intel
2017-01-27 17:39 - 2016-06-11 08:09 - 00000000 ____D C:\Users\Radossek\Desktop\hry
2017-01-27 16:00 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2017-01-27 11:43 - 2016-03-04 20:43 - 00000000 ____D C:\Users\Radossek\AppData\Roaming\uTorrent
2017-01-27 02:38 - 2016-03-04 23:38 - 01771468 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-01-27 02:38 - 2015-10-30 19:31 - 00751272 _____ C:\WINDOWS\system32\perfh005.dat
2017-01-27 02:38 - 2015-10-30 19:31 - 00150860 _____ C:\WINDOWS\system32\perfc005.dat
2017-01-27 02:38 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF
2017-01-26 22:44 - 2016-11-23 01:18 - 00000000 ____D C:\Users\Radossek\AppData\Roaming\vlc
2017-01-26 22:00 - 2016-03-09 06:53 - 00000000 ____D C:\ProgramData\Skype
2017-01-26 21:59 - 2016-07-10 07:58 - 00000000 ____D C:\UnrealTournament
2017-01-26 21:58 - 2013-03-11 04:26 - 00000000 ____D C:\Program Files (x86)\WildGames
2017-01-26 21:57 - 2013-03-11 04:23 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-01-26 21:57 - 2013-03-11 04:23 - 00000000 ____D C:\ProgramData\WildTangent
2017-01-26 21:06 - 2016-02-19 15:57 - 00000000 ____D C:\Users\Radossek\Downloads\ESET NOD32 antivirus 8.0.304.1 (x86,x64)(CZ,SK)
2017-01-26 19:31 - 2016-02-19 11:44 - 00000000 ____D C:\Users\Radossek\AppData\Local\Packages
2017-01-26 19:14 - 2016-03-05 04:54 - 00000000 ___HD C:\$SysReset
2017-01-26 19:06 - 2016-03-04 23:21 - 00000000 ____D C:\Users\Radossek
2017-01-26 18:38 - 2016-10-31 13:23 - 00000017 _____ C:\Users\Radossek\Desktop\pro tátu.txt
2017-01-18 23:19 - 2016-12-13 23:36 - 00003278 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-01-18 23:19 - 2016-03-05 08:27 - 00002411 _____ C:\Users\Radossek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-01-18 23:19 - 2016-03-05 08:27 - 00000000 ___RD C:\Users\Radossek\OneDrive
2017-01-13 14:56 - 2016-07-24 22:33 - 00000000 ____D C:\Users\Radossek\Desktop\filmy
2017-01-11 15:30 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-01-11 15:30 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-01-08 18:42 - 2016-05-03 15:14 - 00000000 ____D C:\Users\Radossek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2017-01-07 01:47 - 2016-05-03 15:02 - 00000000 ____D C:\Users\Radossek\AppData\Local\Steam

==================== Files in the root of some directories =======

2016-03-26 14:49 - 2016-03-26 14:49 - 0005120 _____ () C:\Users\Radossek\AppData\Roaming\GiftBag.db

Some files in TEMP:
====================
2016-03-09 07:04 - 2016-03-09 07:04 - 0144008 _____ (© 2015 Microsoft Corporation) C:\Users\Radossek\AppData\Local\Temp\BingSvc.exe
2016-03-26 13:01 - 2016-03-26 13:01 - 0102912 _____ () C:\Users\Radossek\AppData\Local\Temp\bitool.dll
2016-03-09 07:04 - 2016-03-09 07:05 - 1118360 _____ (© 2015 Microsoft Corporation) C:\Users\Radossek\AppData\Local\Temp\BSvcProcessor.exe
2016-03-09 07:04 - 2016-03-09 07:04 - 0170128 _____ (© 2015 Microsoft Corporation) C:\Users\Radossek\AppData\Local\Temp\BSvcUpdater.exe
2017-01-26 21:58 - 2016-08-16 17:40 - 0786432 ____N () C:\Users\Radossek\AppData\Local\Temp\Core.dll
2017-01-26 21:58 - 2016-08-16 17:40 - 0311296 ____N () C:\Users\Radossek\AppData\Local\Temp\Setup.exe
2016-04-13 13:54 - 2016-11-25 18:46 - 43872728 _____ (Skype Technologies S.A.) C:\Users\Radossek\AppData\Local\Temp\SkypeSetup.exe
2016-09-25 12:57 - 2016-03-25 15:18 - 0118274 _____ () C:\Users\Radossek\AppData\Local\Temp\Uninstall.exe
2017-01-26 21:58 - 2016-08-16 17:40 - 0483328 ____N () C:\Users\Radossek\AppData\Local\Temp\Window.dll
2016-07-10 14:55 - 2006-05-24 14:10 - 0455600 ____R (Macrovision Corporation) C:\Users\Radossek\AppData\Local\Temp\_is122C.exe
2016-03-26 14:52 - 2016-03-26 14:51 - 0534528 _____ () C:\Users\Radossek\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
2016-11-23 01:09 - 2016-11-23 01:10 - 0733312 _____ () C:\Users\Radossek\AppData\Local\Temp\~FF39.exe

Some zero byte size files/folders:
==========================
C:\Windows\SysWOW64\inetcomm.dll
C:\Windows\SysWOW64\mfh265enc.dll
C:\Windows\SysWOW64\rpcnsh.dll
C:\Windows\SysWOW64\Windows.Security.Credentials.UI.UserConsentVerifier.dll
C:\Windows\SysWOW64\wlanpref.dll
C:\Windows\System32\autofmt.exe
C:\Windows\System32\CPFilters.dll
C:\Windows\System32\drmmgrtn.dll
C:\Windows\System32\efscore.dll
C:\Windows\System32\fdeploy.dll
C:\Windows\System32\inetcomm.dll
C:\Windows\System32\mfh265enc.dll
C:\Windows\System32\nslookup.exe
C:\Windows\System32\rascfg.dll
C:\Windows\System32\rdpinput.exe
C:\Windows\System32\TSWorkspace.dll
C:\Windows\System32\unbcl.dll
C:\Windows\System32\uudf.dll
C:\Windows\System32\wlanpref.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-01-21 16:18

==================== End of FRST.txt ============================

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\Run: [BingSvc] => C:\Users\Radossek\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2016-03-09] (© 2015 Microsoft Corporation)
C:\Users\Radossek\AppData\Local\Microsoft\BingSvc
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\MountPoints2: G - "G:\.autorun\autorun.exe"
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\MountPoints2: {9058066f-f33b-11e5-be84-2cd05a5dda82} - "G:\.autorun\autorun.exe"
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\MountPoints2: {9340a2ea-c1b9-11e6-bf68-2cd05a5dda82} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\MountPoints2: {a00c6bcd-beda-11e6-bf67-2cd05a5dda82} - "E:\HiSuiteDownLoader.exe"
SearchScopes: HKU\S-1-5-21-1513155856-3543802732-2289230164-1001 -> DefaultScope {BCB9D611-4812-44D8-9C9F-505B05A687CA} URL =
SearchScopes: HKU\S-1-5-21-1513155856-3543802732-2289230164-1001 -> {BCB9D611-4812-44D8-9C9F-505B05A687CA} URL =
S1 leprtdmt; \??\C:\WINDOWS\system32\drivers\leprtdmt.sys [X]
C:\Users\Radossek\AppData\Local\Temp

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Fix result of Farbar Recovery Scan Tool (x64) Version: 25-01-2017 01
Ran by Radossek (27-01-2017 18:55:46) Run:1
Running from C:\Users\Radossek\Desktop
Loaded Profiles: Radossek (Available Profiles: Radossek & Administrator)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\Run: [BingSvc] => C:\Users\Radossek\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2016-03-09] (© 2015 Microsoft Corporation)
C:\Users\Radossek\AppData\Local\Microsoft\BingSvc
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\MountPoints2: G - "G:\.autorun\autorun.exe"
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\MountPoints2: {9058066f-f33b-11e5-be84-2cd05a5dda82} - "G:\.autorun\autorun.exe"
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\MountPoints2: {9340a2ea-c1b9-11e6-bf68-2cd05a5dda82} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\...\MountPoints2: {a00c6bcd-beda-11e6-bf67-2cd05a5dda82} - "E:\HiSuiteDownLoader.exe"
SearchScopes: HKU\S-1-5-21-1513155856-3543802732-2289230164-1001 -> DefaultScope {BCB9D611-4812-44D8-9C9F-505B05A687CA} URL =
SearchScopes: HKU\S-1-5-21-1513155856-3543802732-2289230164-1001 -> {BCB9D611-4812-44D8-9C9F-505B05A687CA} URL =
S1 leprtdmt; \??\C:\WINDOWS\system32\drivers\leprtdmt.sys [X]
C:\Users\Radossek\AppData\Local\Temp

EmptyTemp:
End
*****************

HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\Software\Microsoft\Windows\CurrentVersion\Run\\BingSvc => value removed successfully
C:\Users\Radossek\AppData\Local\Microsoft\BingSvc => moved successfully
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G => key removed successfully
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9058066f-f33b-11e5-be84-2cd05a5dda82} => key removed successfully
HKCR\CLSID\{9058066f-f33b-11e5-be84-2cd05a5dda82} => key not found.
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9340a2ea-c1b9-11e6-bf68-2cd05a5dda82} => key removed successfully
HKCR\CLSID\{9340a2ea-c1b9-11e6-bf68-2cd05a5dda82} => key not found.
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a00c6bcd-beda-11e6-bf67-2cd05a5dda82} => key removed successfully
HKCR\CLSID\{a00c6bcd-beda-11e6-bf67-2cd05a5dda82} => key not found.
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-21-1513155856-3543802732-2289230164-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BCB9D611-4812-44D8-9C9F-505B05A687CA} => key removed successfully
HKCR\CLSID\{BCB9D611-4812-44D8-9C9F-505B05A687CA} => key not found.
HKLM\System\CurrentControlSet\Services\leprtdmt => key removed successfully
leprtdmt => service removed successfully
C:\Users\Radossek\AppData\Local\Temp => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 32768 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 37160009 B
Java, Flash, Steam htmlcache => 243530568 B
Windows/system/drivers => 54805 B
Edge => 10299266 B
Chrome => 12874549 B
Firefox => 374816212 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 34012 B
NetworkService => 1644882 B
Radossek => 241832038 B
Administrator => 12198 B

RecycleBin => 18653702861 B
EmptyTemp: => 18.2 GB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 18:58:39 ====

Smazáno. Nastala nějaká změna?

Notebook startuje rychleji. Přes noc zkusím aktualizace windows jestli se něco změnilo. Každopádně tlačítko start nereaguje jak myší tak ani klávesou na klávesnici. V nejhorším případěš zkusím vrátit počítač do továrního nastavení pokud to už teda půjde.

Moc Vám děkuji za pomoc.

Jinou možností je obnova systému k datu, kdy korektně fungoval.

To bude asi horší jelikož tento ntb neni puvodně muj a nejsou tu žádné zálohy o kterých bych věděl nebo které by mi sám počítač nabídl. Už jen fakt že se brání přeměny do továrního nastavení a odmítá se aktualizovat mi nehraje do karet. Zkusím znovu aktualizace a popřípadě se ještě ozvu.

Děkuji za Vaší pomoc a za Váš čas.

Martin Vlk

OK. Rádo se stalo!

VIRY.CZ

Prosím o kontorlu

Prosím o kontorlu

Re: Prosím o kontorlu

Re: Prosím o kontorlu

Re: Prosím o kontorlu

Re: Prosím o kontorlu

Re: Prosím o kontorlu

Re: Prosím o kontorlu

Re: Prosím o kontorlu

Re: Prosím o kontorlu

Re: Prosím o kontorlu

Re: Prosím o kontorlu

Re: Prosím o kontorlu