Neustálé využití procesoru na 50% - log

[dalicek]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-04-2015
Ran by Dalik at 2015-04-13 21:29:01
Running from C:\Users\Dalik\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AMD Catalyst Install Manager (HKLM\...\{37FCE154-7F59-74F0-3A35-BF503CEB230B}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
Aslain's XVM Mod version 4.2.44 (HKLM-x32\...\ZRwTINhSZfduKONYrSCTiCiGPggQZdcLRvoAVxyCOXXpkHeC~1DC3968F_is1) (Version: 4.2.44 - Aslain)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.68.1077 - AB Team, d.o.o.)
EasySaver B8.1224.1 (HKLM-x32\...\{07300F01-89CA-4CF8-92BD-2A605EB83C95}) (Version: 1.00.0000 - Gigabyte)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.118 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.9.1.131 - PandoraTV)
Malwarebytes Anti-Malware verze 2.1.4.1018 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: - )
Prime Benchmark 3.1 (HKLM-x32\...\Prime Benchmark_is1) (Version: - Vlastimil Burian)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5793 - Realtek Semiconductor Corp.)
TuneUp Utilities 2014 (en-GB) (x32 Version: 14.0.1000.221 - TuneUp Software) Hidden
TuneUp Utilities 2014 (HKLM-x32\...\TuneUp Utilities) (Version: 14.0.1000.221 - TuneUp Software)
TuneUp Utilities 2014 (x32 Version: 14.0.1000.221 - TuneUp Software) Hidden
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
World of Tanks - Common Test (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812CT}_is1) (Version: - Wargaming.net)
World of Tanks (HKU\S-1-5-21-3149348744-4266322119-582441026-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points =========================

30-01-2015 11:16:01 Installed Microsoft Office Enterprise 2007
30-01-2015 12:25:49 Nainstalováno rozhraní DirectX
26-03-2015 00:34:46 Removed Browser Configuration Utility
02-04-2015 14:27:07 Naplánovaný kontrolní bod
10-04-2015 12:13:14 Naplánovaný kontrolní bod
11-04-2015 21:16:32 Nainstalováno: TuneUp Utilities 2014
13-04-2015 18:26:10 zoek.exe restore point

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2015-04-13 18:26 - 00000841 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost
::1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {DC4943F0-78AA-4A09-8BB9-B9B3D65FC8BE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-29] (Google Inc.)
Task: {F9698540-15DE-4C38-B4E6-0B4F200D42EC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-29] (Google Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2013-04-30 00:25 - 2013-04-30 00:25 - 00211968 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2012-03-05 17:03 - 2012-03-05 17:03 - 00677376 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2012-02-16 15:53 - 2012-02-16 15:53 - 03642880 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2015-01-29 20:01 - 2008-12-24 17:52 - 00068136 _____ () C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE
2013-12-18 11:01 - 2013-12-18 11:01 - 00742200 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\avgrepliba.dll
2013-04-30 00:25 - 2013-04-30 00:25 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2013-06-18 16:49 - 2013-06-18 16:49 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2013-04-30 00:08 - 2013-04-30 00:08 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2015-01-29 20:01 - 2008-12-05 18:03 - 00098304 _____ () C:\Program Files (x86)\Gigabyte\EasySaver\YCC.DLL

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3149348744-4266322119-582441026-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Dalik\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.154.240.3 - 10.154.240.66

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== Accounts: =============================

Administrator (S-1-5-21-3149348744-4266322119-582441026-500 - Administrator - Disabled)
Dalik (S-1-5-21-3149348744-4266322119-582441026-1000 - Administrator - Enabled) => C:\Users\Dalik
Guest (S-1-5-21-3149348744-4266322119-582441026-501 - Limited - Disabled)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/13/2015 07:00:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/13/2015 06:59:00 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Aktivace licence systému Windows se nezdařila. Chyba 0x80070005.

Error: (04/13/2015 06:58:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Fuel.Service.exe, verze: 1.0.0.0, časové razítko: 0x517f39a1
Název chybujícího modulu: Device.dll, verze: 4.1.0.0, časové razítko: 0x4f55e10b
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000033c1
ID chybujícího procesu: 0x584
Čas spuštění chybující aplikace: 0xFuel.Service.exe0
Cesta k chybující aplikaci: Fuel.Service.exe1
Cesta k chybujícímu modulu: Fuel.Service.exe2
ID zprávy: Fuel.Service.exe3

Error: (04/13/2015 06:24:54 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/13/2015 06:23:12 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Aktivace licence systému Windows se nezdařila. Chyba 0x80070005.

Error: (04/13/2015 06:11:16 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/13/2015 06:09:33 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Aktivace licence systému Windows se nezdařila. Chyba 0x80070005.

Error: (04/13/2015 04:38:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Fuel.Service.exe, verze: 1.0.0.0, časové razítko: 0x517f39a1
Název chybujícího modulu: Device.dll, verze: 4.1.0.0, časové razítko: 0x4f55e10b
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000033c1
ID chybujícího procesu: 0x640
Čas spuštění chybující aplikace: 0xFuel.Service.exe0
Cesta k chybující aplikaci: Fuel.Service.exe1
Cesta k chybujícímu modulu: Fuel.Service.exe2
ID zprávy: Fuel.Service.exe3

Error: (04/13/2015 04:08:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/13/2015 04:06:30 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Aktivace licence systému Windows se nezdařila. Chyba 0x80070005.


System errors:
=============
Error: (04/13/2015 06:58:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AMD FUEL Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (04/13/2015 06:53:09 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (04/13/2015 06:53:08 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (04/13/2015 06:53:07 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (04/13/2015 06:53:06 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (04/13/2015 06:53:05 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (04/13/2015 06:22:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Search neuspěla při spuštění v důsledku následující chyby:
%%1069

Error: (04/13/2015 06:22:23 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba WSearch se nemohla přihlásit jako NT AUTHORITY\SYSTEM s aktuálně konfigurovaným heslem z důvodu následující chyby:
%%50

Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).

Error: (04/13/2015 06:21:55 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 byla neočekávaně ukončena. Tento stav nastal již 2krát.

Error: (04/13/2015 06:21:53 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.


Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Processor: AMD Athlon(tm) 7850 Dual-Core Processor
Percentage of memory in use: 34%
Total physical RAM: 2046.55 MB
Available physical RAM: 1339.01 MB
Total Pagefile: 4093.11 MB
Available Pagefile: 2986.81 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:124.16 GB) (Free:77.53 GB) NTFS
Drive e: (Místní disk) (Fixed) (Total:108.62 GB) (Free:64.29 GB) NTFS
Drive g: () (Removable) (Total:7.46 GB) (Free:7.46 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or (Size: 232.9 GB) (Disk ID: 0780DD53)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=124.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=108.6 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 7.5 GB) (Disk ID: 00E5335F)
Partition 1: (Active) - (Size=7.5 GB) - (Type=0B)

==================== End Of Log ============================

[Reklama]

[dalicek]

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-04-2015
Ran by Dalik (administrator) on DALIK-PC on 13-04-2015 21:28:10
Running from C:\Users\Dalik\Desktop
Loaded Profiles: Dalik (Available profiles: Dalik)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
() C:\Program Files (x86)\Gigabyte\EasySaver\essvr.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(AVG) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7037984 2009-02-17] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] => C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-02-17] (Realtek Semiconductor Corp.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642304 2013-04-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AMD AVT] => C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [20992 2012-03-19] ()
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3149348744-4266322119-582441026-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.154.240.3 10.154.240.66

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Dalik\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Dalik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-13]
CHR Extension: (Google Docs) - C:\Users\Dalik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-29]
CHR Extension: (Google Drive) - C:\Users\Dalik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-29]
CHR Extension: (YouTube) - C:\Users\Dalik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-29]
CHR Extension: (Google Search) - C:\Users\Dalik\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-29]
CHR Extension: (Google Sheets) - C:\Users\Dalik\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-13]
CHR Extension: (Google Wallet) - C:\Users\Dalik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-29]
CHR Extension: (Gmail) - C:\Users\Dalik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-29]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-04-30] (Advanced Micro Devices, Inc.) [File not signed]
R2 ES lite Service; C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE [68136 2008-12-24] ()
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2103096 2013-12-18] (TuneUp Software)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-04-13] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-03-17] (Malwarebytes Corporation)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-08-21] (TuneUp Software)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-13 21:28 - 2015-04-13 21:28 - 00006970 _____ () C:\Users\Dalik\Desktop\FRST.txt
2015-04-13 21:27 - 2015-04-13 21:28 - 00000000 ____D () C:\FRST
2015-04-13 21:26 - 2015-04-13 21:26 - 02096640 _____ (Farbar) C:\Users\Dalik\Desktop\FRST64.exe
2015-04-13 18:57 - 2015-04-13 18:25 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-04-13 18:26 - 2015-04-13 18:59 - 00005591 _____ () C:\zoek-results.log
2015-04-13 18:25 - 2015-04-13 18:53 - 00000000 ____D () C:\zoek_backup
2015-04-13 18:25 - 2015-04-13 18:25 - 01305600 _____ () C:\Users\Dalik\Downloads\zoek.exe
2015-04-13 16:14 - 2015-04-13 16:14 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-13 16:13 - 2015-04-13 16:13 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-04-13 16:13 - 2015-04-13 16:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-04-13 16:13 - 2015-04-13 16:13 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-04-13 16:13 - 2015-03-17 06:15 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-04-13 16:13 - 2015-03-17 06:15 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-04-13 16:13 - 2015-03-17 06:15 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-04-13 16:12 - 2015-04-13 16:12 - 00000960 _____ () C:\Users\Dalik\Desktop\AdwCleaner[R1].txt
2015-04-13 16:03 - 2015-04-13 16:03 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Dalik\Downloads\mbam-setup-2.1.4.1018 (2).exe
2015-04-13 16:03 - 2015-04-13 16:03 - 02217984 _____ () C:\Users\Dalik\Desktop\adwcleaner_4.201.exe
2015-04-13 16:02 - 2015-04-13 16:02 - 00448512 _____ (OldTimer Tools) C:\Users\Dalik\Downloads\TFC.exe
2015-04-13 15:34 - 2015-04-13 20:36 - 00006392 _____ () C:\Users\Dalik\Downloads\hijackthis.log
2015-04-13 15:34 - 2015-04-13 15:34 - 00388608 _____ (Trend Micro Inc.) C:\Users\Dalik\Downloads\HijackThis.exe
2015-04-11 21:21 - 2013-12-18 11:01 - 00043320 _____ (TuneUp Software) C:\Windows\system32\uxtuneup.dll
2015-04-11 21:20 - 2013-12-18 11:01 - 00036152 _____ (TuneUp Software) C:\Windows\SysWOW64\uxtuneup.dll
2015-04-11 21:18 - 2015-04-11 21:18 - 00002209 _____ () C:\Users\Public\Desktop\TuneUp 1-Click Maintenance.lnk
2015-04-11 21:18 - 2015-04-11 21:18 - 00002195 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014.lnk
2015-04-11 21:18 - 2015-04-11 21:18 - 00002183 _____ () C:\Users\Public\Desktop\TuneUp Utilities 2014.lnk
2015-04-11 21:18 - 2015-04-11 21:18 - 00000000 ____D () C:\Users\Dalik\AppData\Roaming\TuneUp Software
2015-04-11 21:18 - 2015-04-11 21:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014
2015-04-11 21:18 - 2013-12-18 11:01 - 00040760 _____ (TuneUp Software) C:\Windows\system32\TURegOpt.exe
2015-04-11 21:18 - 2013-12-18 11:01 - 00029496 _____ (TuneUp Software) C:\Windows\system32\authuitu.dll
2015-04-11 21:18 - 2013-12-18 11:01 - 00025400 _____ (TuneUp Software) C:\Windows\SysWOW64\authuitu.dll
2015-04-11 21:17 - 2015-04-11 21:20 - 00000000 ____D () C:\Program Files (x86)\TuneUp Utilities 2014
2015-04-11 21:16 - 2015-04-11 21:21 - 00000000 ____D () C:\ProgramData\TuneUp Software
2015-04-11 21:15 - 2015-04-11 21:15 - 55413160 _____ (TuneUp Software) C:\Users\Dalik\Downloads\TuneUpUtilities2014.exe
2015-04-11 20:20 - 2015-04-11 20:20 - 00000000 _____ () C:\Windows\SysWOW64\svc_host.dat
2015-04-11 20:18 - 2015-04-11 20:18 - 00001086 _____ () C:\Users\Public\Desktop\Prime Benchmark.lnk
2015-04-11 20:18 - 2015-04-11 20:18 - 00000000 ____D () C:\Users\Dalik\Downloads\prime_benchmark
2015-04-11 20:18 - 2015-04-11 20:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prime Benchmark
2015-04-11 20:18 - 2015-04-11 20:18 - 00000000 ____D () C:\Program Files (x86)\Prime Benchmark
2015-04-11 20:17 - 2015-04-11 20:17 - 01196333 _____ () C:\Users\Dalik\Downloads\prime_benchmark.zip
2015-04-11 19:47 - 2015-04-11 19:47 - 00440266 _____ () C:\Users\Dalik\Downloads\motherboard_driver_raid_mcp72_78_bootdisk_win7-64bit.exe
2015-04-11 19:47 - 2015-04-11 19:47 - 00000000 ____D () C:\Users\Dalik\Downloads\raid_win7-64
2015-04-11 19:46 - 2015-04-11 19:46 - 00000000 ____D () C:\Users\Dalik\Desktop\DRIVER
2015-04-11 19:45 - 2015-04-11 19:45 - 00360844 _____ () C:\Users\Dalik\Downloads\motherboard_driver_ahci_mcp72_78_bootdisk_win7-64bit.exe
2015-04-09 11:45 - 2015-04-09 11:48 - 00000000 ____D () C:\Users\Dalik\Desktop\knizky
2015-04-08 12:19 - 2015-04-11 19:48 - 00000000 ____D () C:\Users\Dalik\Desktop\sk
2015-04-08 12:17 - 2015-04-08 12:18 - 00002606 _____ () C:\Users\Dalik\Desktop\Nový textový dokument (2).txt
2015-04-08 12:17 - 2015-04-08 12:18 - 00001987 _____ () C:\Users\Dalik\Desktop\Nový textový dokument (4).txt
2015-04-08 12:17 - 2015-04-08 12:18 - 00001813 _____ () C:\Users\Dalik\Desktop\Nový textový dokument (3).txt
2015-04-08 12:16 - 2015-04-08 12:18 - 00001987 _____ () C:\Users\Dalik\Desktop\Nový textový dokument.txt
2015-04-07 08:56 - 2015-04-07 08:57 - 69120757 _____ (Aslain ) C:\Users\Dalik\Downloads\Aslains_XVM_Mod_Installer_v.4.2.44_96.exe
2015-04-05 15:06 - 2015-04-05 15:19 - 2027488722 _____ () C:\Users\Dalik\Downloads\Furious.7.2015.CAM.x264-RARBG.mp4
2015-04-05 15:05 - 2015-04-05 15:05 - 00077870 _____ () C:\Users\Dalik\Downloads\[CzT]Rychle_a_zbesile_7_Fast_Furious_7_2015_CAM_.torrent
2015-04-03 15:31 - 2015-04-03 15:41 - 1561638912 _____ () C:\Users\Dalik\Desktop\Big.Hero.6.2014.480p.BDRip.XviD.AC3.CZ-4play.avi
2015-04-03 15:31 - 2015-04-03 15:32 - 00000000 ____D () C:\Users\Dalik\Downloads\Big.Hero.6.2014.480p.BDRip.XviD.AC3.CZ-4play
2015-04-03 15:31 - 2015-04-03 15:31 - 00015613 _____ () C:\Users\Dalik\Downloads\[CzT]Velka_sestka_Big_Hero_6_2014_CZ_.torrent
2015-04-02 15:47 - 2015-04-02 15:59 - 1871644672 _____ () C:\Users\Dalik\Desktop\Šéfové na zabití 2 2014 Cz dab..avi
2015-04-02 15:46 - 2015-04-02 15:46 - 00018422 _____ () C:\Users\Dalik\Downloads\[CzT]Sefove_na_zabiti_2_Horrible_Bosses_2_2014_CZ_.torrent
2015-04-01 19:38 - 2015-04-01 19:47 - 53620937 _____ (Aslain ) C:\Users\Dalik\Downloads\Aslains_XVM_Mod_Installer_v.4.2.43_96.exe
2015-03-30 16:01 - 2015-03-30 16:01 - 00000000 ____D () C:\Users\Dalik\Desktop\VVUU
2015-03-27 17:00 - 2015-03-27 17:00 - 00000619 _____ () C:\Users\Public\Desktop\World of Tanks - Common Test.lnk
2015-03-27 17:00 - 2015-03-27 17:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks - Common Test
2015-03-27 16:59 - 2015-03-27 16:59 - 04691200 _____ (Wargaming.net ) C:\Users\Dalik\Downloads\WoT_internet_install_ct (1).exe
2015-03-26 11:44 - 2015-03-26 11:46 - 51654770 _____ (Aslain ) C:\Users\Dalik\Downloads\Aslains_XVM_Mod_Installer_v.4.2.38_96.exe
2015-03-25 01:08 - 2015-04-01 13:40 - 00000000 ____D () C:\Users\Dalik\Desktop\Adelka a Amalka
2015-03-24 23:53 - 2015-03-24 23:53 - 00000000 _____ () C:\autoexec.bat
2015-03-24 12:13 - 2015-03-24 12:13 - 00000000 ____D () C:\Program Files\Enigma Software Group
2015-03-24 12:12 - 2015-03-24 12:12 - 03109248 _____ (Enigma Software Group USA, LLC.) C:\Users\Dalik\Downloads\SpyHunter-Installer.exe
2015-03-24 10:35 - 2015-03-30 21:07 - 00000000 ____D () C:\Program Files\HitmanPro
2015-03-24 10:35 - 2015-03-24 10:36 - 00000000 ____D () C:\ProgramData\HitmanPro
2015-03-24 10:34 - 2015-03-24 10:34 - 10995632 _____ (SurfRight B.V.) C:\Users\Dalik\Downloads\HitmanPro_x64.exe
2015-03-24 10:30 - 2015-03-24 10:30 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Dalik\Downloads\mbam-setup-2.1.4.1018.exe
2015-03-24 10:30 - 2015-03-24 10:30 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Dalik\Downloads\mbam-setup-2.1.4.1018 (1).exe
2015-03-24 10:30 - 2015-03-24 10:30 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-24 10:22 - 2015-04-13 18:21 - 00000000 ____D () C:\AdwCleaner
2015-03-24 10:22 - 2015-03-24 10:22 - 02168320 _____ () C:\Users\Dalik\Downloads\adwcleaner_4.113.exe
2015-03-18 15:39 - 2015-03-18 15:40 - 727343104 _____ () C:\Users\Dalik\Downloads\Šéfové na zabití.avi
2015-03-18 15:38 - 2015-03-18 15:38 - 00014427 _____ () C:\Users\Dalik\Downloads\[CzT]Sefove_na_zabiti_Horrible_Bosses_2011_CZ_.torrent
2015-03-18 15:37 - 2015-03-18 15:41 - 886966272 _____ () C:\Users\Dalik\Downloads\Just.Go.With.It.2011.BRRip.XviD.CZ-LEADERs.avi
2015-03-18 15:36 - 2015-03-18 15:36 - 00017489 _____ () C:\Users\Dalik\Downloads\[CzT]Zkus_me_rozesmat_Just_Go_with_It_2011_.torrent
2015-03-18 14:55 - 2015-03-18 14:40 - 727343104 _____ () C:\Users\Dalik\Desktop\Šéfové na zabití.avi
2015-03-18 14:52 - 2015-03-18 14:41 - 886966272 _____ () C:\Users\Dalik\Desktop\Just.Go.With.It.2011.BRRip.XviD.CZ-LEADERs.avi
2015-03-17 22:15 - 2015-04-01 10:39 - 00000000 ____D () C:\Users\Dalik\Desktop\Fotky
2015-03-16 16:33 - 2015-03-16 16:33 - 00018487 _____ () C:\Users\Dalik\Downloads\[CzT]10_pravidel_jak_sbalit_holku_2014_CZ_ (1).torrent
2015-03-16 16:13 - 2015-03-16 16:13 - 00016074 _____ () C:\Users\Dalik\Downloads\[CzT]10_pravidel_jak_sbalit_holku_2014_CZ_.torrent
2015-03-15 00:52 - 2015-03-15 00:52 - 00014427 _____ () C:\Users\Dalik\Downloads\[CzT]Spongebob_v_kalhotach_SpongeBob_SquarePants_Movie_The.torrent
2015-03-15 00:39 - 2015-03-15 00:39 - 00014793 _____ () C:\Users\Dalik\Downloads\[CzT]10_pravidel_jak_sbalit_holku_2014_CZ_720p_.torrent
2015-03-15 00:35 - 2015-03-15 00:35 - 00000000 ____D () C:\Users\Dalik\Downloads\Vykoupení z věznice Shawshank
2015-03-15 00:34 - 2015-03-15 00:34 - 00017110 _____ () C:\Users\Dalik\Downloads\[CzT]Vykoupeni_z_veznice_Shawshank.torrent
2015-03-14 17:01 - 2015-03-14 17:02 - 00000000 ____D () C:\Users\Dalik\Downloads\The Avengers -2012-.DVDRip
2015-03-14 17:01 - 2015-03-14 17:01 - 00012325 _____ () C:\Users\Dalik\Downloads\The Avengers -2012-.DVDRip.torrent

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-13 21:18 - 2015-01-29 20:07 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-13 19:03 - 2011-04-12 10:34 - 00668138 _____ () C:\Windows\system32\perfh005.dat
2015-04-13 19:03 - 2011-04-12 10:34 - 00140798 _____ () C:\Windows\system32\perfc005.dat
2015-04-13 19:03 - 2009-07-14 07:13 - 01582262 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-13 19:02 - 2015-01-29 17:11 - 01710174 _____ () C:\Windows\WindowsUpdate.log
2015-04-13 18:59 - 2015-01-29 20:07 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-13 18:59 - 2015-01-29 20:05 - 00023080 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2015-04-13 18:59 - 2015-01-29 20:01 - 00000126 _____ () C:\service.log
2015-04-13 18:59 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-13 18:58 - 2010-11-21 05:47 - 00011744 _____ () C:\Windows\PFRO.log
2015-04-13 18:58 - 2009-07-14 06:51 - 00045394 _____ () C:\Windows\setupact.log
2015-04-13 15:34 - 2015-01-29 18:58 - 00000000 ____D () C:\Users\Dalik\AppData\Local\VirtualStore
2015-04-11 22:34 - 2015-03-06 20:23 - 00000000 ____D () C:\Users\Dalik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
2015-04-11 19:54 - 2009-07-14 06:45 - 00017056 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-11 19:54 - 2009-07-14 06:45 - 00017056 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-11 19:48 - 2015-01-29 19:09 - 00000000 ____D () C:\Users\Dalik\Desktop\Windows 7 aktivátor
2015-04-04 12:21 - 2015-01-29 20:08 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-01 10:15 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-03-27 17:00 - 2015-01-30 12:25 - 00000000 ____D () C:\Windows\SysWOW64\directx
2015-03-26 23:27 - 2015-01-29 20:07 - 00111104 _____ () C:\Users\Dalik\AppData\Local\GDIPFONTCACHEV1.DAT
2015-03-26 23:26 - 2009-07-14 06:45 - 00423104 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-26 10:40 - 2015-01-16 20:35 - 00000000 ____D () C:\Users\Dalik\Desktop\Adélka
2015-03-26 00:35 - 2015-01-29 20:01 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-03-24 12:14 - 2015-01-29 18:58 - 00000000 ____D () C:\Users\Dalik
2015-03-22 23:03 - 2009-07-14 07:08 - 00032530 _____ () C:\Windows\Tasks\SCHEDLGU.TXT

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-04-04 20:44

==================== End Of Log ============================

[mople71]

OS je legální?

[dalicek]

Ne není.

[dalicek]

Tak PC se dneska rozjel. Vytížení je na minimu.

[mople71]

Tak to Ti gratuluji!

Nevím jak kolegové, ale já nelegální OS čistit nebudu - jako že to ani v některých případech nejde, používají profesionální exploity...


Hezký den přeji, užij si pravděpodobný bitcoin miner.

[Orcus]

V rámci pravidel zdejšího fóra téma zamykám.