Neustálé padání internetu

Zpráva

onlyforu747 · #1 Příspěvek od **onlyforu747** » 24 srp 2016 15:57

Dobrý den,
jak už nadpis napovídá, mám problém s neustálým vypadáváním internetu. K internetu jsem připojen pomocí venkovního zařízení, které je propojeno datovým kabelem s PC. Předem děkuji za pomoc. Přeji hezký zbytek dne.
Prošel jsem pár příspěvků se stejný tématem, takže jsem udělal kontrolu aplikací RSIT.

Logfile of random's system information tool 1.10 (written by random/random)
Run by David at 2016-08-24 16:20:27
Microsoft Windows 10 Pro
System drive C: has 76 GB (77%) free of 100 GB
Total RAM: 4078 MB (52% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:43:11, on 24. 8. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10586.0545)
Boot mode: Normal

Running processes:
D:\Framework\Common\avguix.exe
C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
D:\Steam\Steam.exe
D:\Steam\bin\steamwebhelper.exe
D:\Steam\bin\steamwebhelper.exe
C:\Program Files\WindowsApps\Microsoft.BingWeather_4.13.47.0_x86__8wekyb3d8bbwe\Microsoft.Msn.Weather.exe
C:\Program Files\trend micro\David.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [AvgUi] "D:\Framework\Common\avguirna.exe" /lps=fmw
O4 - HKLM\..\Run: [AVG_UI] "D:\Av\avuirunnerx.exe" D:\Av\avgui.exe
O4 - HKCU\..\Run: [OneDrive] "C:\Users\David\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: AdaptiveSleepService - Unknown owner - C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Unknown owner - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (file missing)
O23 - Service: AvgAMPS - AVG Technologies CZ, s.r.o. - D:\Av\avgamps.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - D:\Av\avgidsagenta.exe
O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - D:\Framework\Common\avgsvca.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - D:\Av\avgwdsvca.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8156 bytes

======Listing Processes======

d:\Av\avgrsa.exe /boot
D:\Av\avgcsrva.exe /pipeName=87542bb6-0200-0000-7775-1c5961a43a1e /binaryPath=D:\Av\ /logPath=C:\WINDOWS\system32\config\systemprofile\AppData\Local\Avg\log\av16 /logCfgPath=C:\ProgramData\Avg\log\av16

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\atiesrxx.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k appmodel

D:\Av\avgwdsvca.exe
D:\Framework\Common\avgsvca.exe
dashost.exe {49d751fe-bdfe-4af7-91cb09f4f4cb9514}
C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"D:\Av\avgnsa.exe"
"D:\Av\avgemca.exe"
C:\WINDOWS\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"

C:\WINDOWS\System32\WinLogon.exe -SpecialSession
"dwm.exe"
atieclxx
sihost.exe
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\Explorer.EXE
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:\Program Files\AMD\CNext\CNext\cnext.exe" atlogon
/fmw.trayonly
/TRAYONLY
"fontdrvhost.exe"
ctfmon.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
"C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
D:\Steam\Steam.exe
D:\Steam\bin\steamwebhelper.exe "-cachedir=C:\Users\David\AppData\Local\Steam\htmlcache" "-steampid=76" "-buildid=1471977975" "-steamid=0" --disable-gpu-compositing --disable-gpu --process-per-tab --enable-system-flash --disable-spell-checking --enable-widevine-cdm --enable-direct-write
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"D:\Steam\bin\steamwebhelper.exe" --type=renderer --disable-gpu-compositing --enable-pinch --lang=en-US --lang=en-US --log-file="D:\Steam\bin\debug.log" --product-version="Valve Steam Client" --disable-spell-checking --enable-system-flash --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-gpu-compositing --channel="1612.0.1468608788\1453112003" --font-cache-shared-handle=680 /prefetch:1
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.BingWeather_4.13.47.0_x86__8wekyb3d8bbwe\Microsoft.Msn.Weather.exe" -ServerName:App.AppX2m6wj6jceb8yq7ppx1b3drf7yy51ha6f.mca
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-befe217b-b481-4f06-ba38-ca30c3a39203 -SystemEventPortName:HostProcess-42e0c740-def5-4841-a86e-112f2237c739 -IoCancelEventPortName:HostProcess-bfe7eb5c-1d0b-4ea9-9455-20f91224416f -NonStateChangingEventPortName:HostProcess-41d65ea5-3120-483a-bab9-ce78f84ed2ba -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:0a64a52f-8214-4205-a8f9-16b41d60f7c9 -DeviceGroupId:WpdFsGroup
C:\WINDOWS\system32\wbem\wmiprvse.exe
"D:\Stažené soubory\RSITx64.exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 688528]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCN"=C:\Program Files\AMD\CNext\CNext\cnext.exe [2015-11-29 4866760]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 112512]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\David\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-07-07 554184]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvgUi"=D:\Framework\Common\avguirna.exe [2016-08-18 204560]
"AVG_UI"=D:\Av\avuirunnerx.exe [2016-07-28 32528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 6722448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.RTV1"=rtvcvfw64.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-08-24 16:20:28 ----D---- C:\Program Files\trend micro
2016-08-24 16:20:27 ----D---- C:\rsit
2016-08-18 22:06:44 ----D---- C:\Users\David\AppData\Roaming\AVG
2016-08-18 22:06:10 ----D---- C:\Users\David\AppData\Roaming\TuneUp Software
2016-08-18 22:05:53 ----HD---- C:\$AVG
2016-08-18 22:04:44 ----D---- C:\ProgramData\MFAData
2016-08-18 22:00:27 ----AD---- C:\ProgramData\Avg
2016-08-18 22:00:21 ----HD---- C:\ProgramData\Common Files
2016-08-09 20:58:55 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryClient.dll
2016-08-09 20:58:55 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryBroker.dll
2016-08-09 20:58:55 ----A---- C:\WINDOWS\system32\rdpudd.dll
2016-08-09 20:58:55 ----A---- C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-08-09 20:58:55 ----A---- C:\WINDOWS\system32\MusNotificationUx.exe
2016-08-09 20:58:55 ----A---- C:\WINDOWS\system32\MusNotification.exe
2016-08-09 20:58:54 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepository.dll
2016-08-09 20:58:54 ----A---- C:\WINDOWS\system32\SettingSyncHost.exe
2016-08-09 20:58:54 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2016-08-09 20:58:53 ----A---- C:\WINDOWS\SYSWOW64\wmp.dll
2016-08-09 20:58:53 ----A---- C:\WINDOWS\system32\WWAHost.exe
2016-08-09 20:58:53 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-08-09 20:58:52 ----A---- C:\WINDOWS\system32\wmp.dll
2016-08-09 20:58:51 ----A---- C:\WINDOWS\SYSWOW64\wldp.dll
2016-08-09 20:58:51 ----A---- C:\WINDOWS\SYSWOW64\NetSetupEngine.dll
2016-08-09 20:58:51 ----A---- C:\WINDOWS\SYSWOW64\NetSetupApi.dll
2016-08-09 20:58:51 ----A---- C:\WINDOWS\SYSWOW64\dbgeng.dll
2016-08-09 20:58:50 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2016-08-09 20:58:50 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2016-08-09 20:58:50 ----A---- C:\WINDOWS\system32\dbgeng.dll
2016-08-09 20:58:49 ----A---- C:\WINDOWS\system32\wevtutil.exe
2016-08-09 20:58:49 ----A---- C:\WINDOWS\system32\lsasrv.dll
2016-08-09 20:58:48 ----A---- C:\WINDOWS\SYSWOW64\SensorsNativeApi.dll
2016-08-09 20:58:47 ----A---- C:\WINDOWS\system32\win32kbase.sys
2016-08-09 20:58:47 ----A---- C:\WINDOWS\system32\NetSetupApi.dll
2016-08-09 20:58:47 ----A---- C:\WINDOWS\system32\musdialoghandlers.dll
2016-08-09 20:58:47 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2016-08-09 20:58:47 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2016-08-09 20:58:47 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2016-08-09 20:58:46 ----A---- C:\WINDOWS\system32\NetSetupSvc.dll
2016-08-09 20:58:46 ----A---- C:\WINDOWS\system32\NetSetupEngine.dll
2016-08-09 20:58:46 ----A---- C:\WINDOWS\system32\cdd.dll
2016-08-09 20:58:46 ----A---- C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-08-09 20:58:45 ----A---- C:\WINDOWS\system32\win32kfull.sys
2016-08-09 20:58:45 ----A---- C:\WINDOWS\system32\usocore.dll
2016-08-09 20:58:45 ----A---- C:\WINDOWS\system32\TpmTasks.dll
2016-08-09 20:58:44 ----A---- C:\WINDOWS\SYSWOW64\WWAHost.exe
2016-08-09 20:58:44 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2016-08-09 20:58:44 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-08-09 20:58:43 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2016-08-09 20:58:43 ----A---- C:\WINDOWS\system32\mstscax.dll
2016-08-09 20:58:42 ----A---- C:\WINDOWS\SYSWOW64\VEEventDispatcher.dll
2016-08-09 20:58:42 ----A---- C:\WINDOWS\SYSWOW64\tdlrecover.exe
2016-08-09 20:58:42 ----A---- C:\WINDOWS\SYSWOW64\LogonController.dll
2016-08-09 20:58:41 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2016-08-09 20:58:41 ----A---- C:\WINDOWS\system32\wwansvc.dll
2016-08-09 20:58:41 ----A---- C:\WINDOWS\system32\WUDFPlatform.dll
2016-08-09 20:58:41 ----A---- C:\WINDOWS\system32\winsrv.dll
2016-08-09 20:58:41 ----A---- C:\WINDOWS\system32\RecoveryDrive.exe
2016-08-09 20:58:41 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2016-08-09 20:58:40 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2016-08-09 20:58:40 ----A---- C:\WINDOWS\SYSWOW64\wshbth.dll
2016-08-09 20:58:40 ----A---- C:\WINDOWS\SYSWOW64\BluetoothApis.dll
2016-08-09 20:58:40 ----A---- C:\WINDOWS\system32\drivers\pdc.sys
2016-08-09 20:58:39 ----A---- C:\WINDOWS\SYSWOW64\ole32.dll
2016-08-09 20:58:38 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2016-08-09 20:58:38 ----A---- C:\WINDOWS\system32\wuaueng.dll
2016-08-09 20:58:38 ----A---- C:\WINDOWS\system32\wuauclt.exe
2016-08-09 20:58:38 ----A---- C:\WINDOWS\system32\wininet.dll
2016-08-09 20:58:38 ----A---- C:\WINDOWS\system32\sppwinob.dll
2016-08-09 20:58:38 ----A---- C:\WINDOWS\system32\sppobjs.dll
2016-08-09 20:58:37 ----A---- C:\WINDOWS\system32\urlmon.dll
2016-08-09 20:58:37 ----A---- C:\WINDOWS\system32\iertutil.dll
2016-08-09 20:58:37 ----A---- C:\WINDOWS\system32\drivers\pci.sys
2016-08-09 20:58:36 ----A---- C:\WINDOWS\SYSWOW64\wevtutil.exe
2016-08-09 20:58:36 ----A---- C:\WINDOWS\system32\wuapi.dll
2016-08-09 20:58:36 ----A---- C:\WINDOWS\system32\wshbth.dll
2016-08-09 20:58:36 ----A---- C:\WINDOWS\system32\drivers\storport.sys
2016-08-09 20:58:36 ----A---- C:\WINDOWS\system32\BluetoothApis.dll
2016-08-09 20:58:35 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2016-08-09 20:58:34 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2016-08-09 20:58:33 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-08-09 20:58:33 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-08-09 20:58:33 ----A---- C:\WINDOWS\system32\Windows.StateRepository.dll
2016-08-09 20:58:33 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-08-09 20:58:33 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-08-09 20:58:32 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-08-09 20:58:32 ----A---- C:\WINDOWS\system32\VEEventDispatcher.dll
2016-08-09 20:58:32 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2016-08-09 20:58:32 ----A---- C:\WINDOWS\system32\appraiser.dll
2016-08-09 20:58:32 ----A---- C:\WINDOWS\system32\acmigration.dll
2016-08-09 20:58:31 ----A---- C:\WINDOWS\system32\wldp.dll
2016-08-09 20:58:31 ----A---- C:\WINDOWS\system32\tileobjserver.dll
2016-08-09 20:58:31 ----A---- C:\WINDOWS\system32\tdlrecover.exe
2016-08-09 20:58:31 ----A---- C:\WINDOWS\system32\LockAppHost.exe
2016-08-09 20:58:31 ----A---- C:\WINDOWS\system32\IdCtrls.dll
2016-08-09 20:58:30 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2016-08-09 20:58:30 ----A---- C:\WINDOWS\SYSWOW64\OneDriveSettingSyncProvider.dll
2016-08-09 20:58:30 ----A---- C:\WINDOWS\SYSWOW64\LockAppHost.exe
2016-08-09 20:58:30 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2016-08-09 20:58:30 ----A---- C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-08-09 20:58:29 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Logon.dll
2016-08-09 20:58:29 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncHost.exe
2016-08-09 20:58:29 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2016-08-09 20:58:28 ----A---- C:\WINDOWS\SYSWOW64\ActiveSyncProvider.dll
2016-08-09 20:58:27 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2016-08-09 20:58:27 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2016-08-09 20:58:27 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2016-08-09 20:58:27 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2016-08-09 20:58:26 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2016-08-09 20:58:26 ----A---- C:\WINDOWS\SYSWOW64\IdCtrls.dll
2016-08-09 20:58:26 ----A---- C:\WINDOWS\system32\msfeeds.dll
2016-08-09 20:58:25 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2016-08-09 20:58:25 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2016-08-09 20:58:25 ----A---- C:\WINDOWS\system32\jscript9.dll
2016-08-09 20:58:23 ----A---- C:\WINDOWS\system32\ieframe.dll
2016-08-09 20:58:23 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2016-08-09 20:58:23 ----A---- C:\WINDOWS\system32\Chakra.dll
2016-08-09 20:58:22 ----A---- C:\WINDOWS\system32\edgehtml.dll
2016-08-09 20:58:21 ----A---- C:\WINDOWS\system32\wuuhext.dll
2016-08-09 20:58:21 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-08-09 20:58:20 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2016-08-09 20:58:20 ----A---- C:\WINDOWS\system32\LogonController.dll
2016-08-09 20:58:20 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2016-08-09 20:58:19 ----A---- C:\WINDOWS\system32\ole32.dll
2016-08-09 20:58:19 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-08-09 20:58:18 ----A---- C:\WINDOWS\system32\shell32.dll
2016-08-09 20:58:15 ----A---- C:\WINDOWS\system32\SensorsApi.dll
2016-08-09 20:58:14 ----A---- C:\WINDOWS\SYSWOW64\SensorsApi.dll
2016-08-09 20:58:14 ----A---- C:\WINDOWS\system32\SensorsNativeApi.dll
2016-08-09 20:58:14 ----A---- C:\WINDOWS\system32\kerberos.dll
2016-08-09 20:58:14 ----A---- C:\WINDOWS\system32\drivers\rdbss.sys
2016-08-09 20:58:14 ----A---- C:\WINDOWS\system32\bthserv.dll
2016-08-09 20:58:13 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2016-08-09 20:58:13 ----A---- C:\WINDOWS\system32\SensorService.dll
2016-08-09 20:58:13 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2016-08-09 20:58:13 ----A---- C:\WINDOWS\system32\ie4uinit.exe

======List of files/folders modified in the last 1 month======

2016-08-24 16:41:49 ----D---- C:\WINDOWS\Temp
2016-08-24 16:20:39 ----D---- C:\WINDOWS\Prefetch
2016-08-24 16:20:28 ----RD---- C:\Program Files
2016-08-24 16:17:43 ----D---- C:\WINDOWS\System32
2016-08-24 16:17:43 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-08-24 16:17:42 ----D---- C:\WINDOWS\INF
2016-08-24 15:55:00 ----D---- C:\WINDOWS\system32\sru
2016-08-24 09:46:47 ----D---- C:\WINDOWS\AppReadiness
2016-08-24 09:46:46 ----HD---- C:\Program Files\WindowsApps
2016-08-23 17:22:17 ----D---- C:\WINDOWS\Microsoft.NET
2016-08-22 18:43:27 ----D---- C:\Program Files (x86)\RivaTuner Statistics Server
2016-08-22 18:41:50 ----D---- C:\WINDOWS\system32\Tasks
2016-08-22 18:29:35 ----SHDC---- C:\WINDOWS\Installer
2016-08-18 22:37:19 ----HD---- C:\ProgramData
2016-08-18 22:29:04 ----D---- C:\Windows
2016-08-18 22:06:07 ----HD---- C:\WINDOWS\ELAMBKUP
2016-08-18 22:06:07 ----D---- C:\WINDOWS\system32\drivers
2016-08-18 22:01:56 ----D---- C:\WINDOWS\SysWOW64
2016-08-17 17:31:05 ----D---- C:\WINDOWS\system32\config
2016-08-13 22:31:53 ----D---- C:\WINDOWS\LiveKernelReports
2016-08-12 18:12:42 ----D---- C:\WINDOWS\rescache
2016-08-10 19:25:39 ----D---- C:\WINDOWS\system32\DriverStore
2016-08-10 19:25:36 ----D---- C:\WINDOWS\WinSxS
2016-08-10 19:24:35 ----D---- C:\WINDOWS\system32\catroot2
2016-08-09 23:37:10 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2016-08-09 23:37:10 ----D---- C:\WINDOWS\system32\en-US
2016-08-09 23:37:10 ----D---- C:\WINDOWS\system32\cs-CZ
2016-08-09 23:37:10 ----D---- C:\WINDOWS\system32\appraiser
2016-08-09 23:37:09 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2016-08-09 23:37:09 ----D---- C:\Program Files\Windows Journal
2016-08-09 23:37:09 ----D---- C:\Program Files\Internet Explorer
2016-08-09 23:37:09 ----D---- C:\Program Files (x86)\Internet Explorer
2016-08-09 21:20:46 ----D---- C:\WINDOWS\CbsTemp
2016-08-09 21:20:45 ----D---- C:\WINDOWS\system32\SecureBootUpdates
2016-08-09 21:20:42 ----D---- C:\WINDOWS\system32\MRT
2016-08-09 21:17:10 ----AC---- C:\WINDOWS\system32\MRT.exe
2016-07-31 15:57:32 ----D---- C:\WINDOWS\system32\NDF
2016-07-29 16:32:39 ----RD---- C:\Program Files (x86)
2016-07-29 16:32:38 ----D---- C:\WINDOWS\Tasks
2016-07-27 21:25:34 ----N---- C:\WINDOWS\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHA;AVGIDSHA; C:\WINDOWS\system32\DRIVERS\avgidsha.sys [2016-06-01 261376]
R0 Avgloga;AVG Logging Driver; C:\WINDOWS\system32\DRIVERS\avgloga.sys [2016-02-16 360736]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\WINDOWS\system32\DRIVERS\avgmfx64.sys [2016-07-19 261888]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\WINDOWS\system32\DRIVERS\avgrkx64.sys [2016-06-01 52992]
R0 avguniva;AVG Universal Driver; C:\WINDOWS\system32\DRIVERS\avguniva.sys [2016-06-20 77056]
R1 Avgdiska;AVG Disk Driver; C:\WINDOWS\system32\DRIVERS\avgdiska.sys [2016-05-13 163072]
R1 AVGIDSDriver;AVGIDSDriver; C:\WINDOWS\system32\DRIVERS\avgidsdrivera.sys [2016-06-30 314112]
R1 Avgldx64;AVG AVI Loader Driver; C:\WINDOWS\system32\DRIVERS\avgldx64.sys [2016-06-01 260352]
R1 Avgwfpa;AVG Firewall Driver; C:\WINDOWS\system32\DRIVERS\avgwfpa.sys [2016-07-20 313088]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2016-04-23 87552]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-10-30 8192]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2015-10-30 47616]
R3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2016-04-22 23969776]
R3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2016-04-22 679912]
R3 AtiHDAudioService;@oem4.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdWT6.sys [2015-07-21 102912]
R3 L1C;@netl1c63x64.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\WINDOWS\System32\drivers\L1C63x64.sys [2015-10-30 121344]
R3 MTsensor;@oem2.inf,%ASACPI.DisplayName%;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2013-05-17 17280]
S0 Avgboota;AVG Early Launch Anti-Malware Driver; C:\WINDOWS\system32\DRIVERS\avgboota.sys [2016-01-07 21632]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-10-30 104800]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-10-30 99168]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2015-10-30 58208]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2015-10-30 58720]
S2 AODDriver4.2.0;AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys []
S3 bcmfn;@bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service; C:\WINDOWS\System32\drivers\bcmfn.sys [2015-10-30 9728]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-10-30 37376]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2016-02-13 117248]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-10-30 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-10-30 50016]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2015-10-30 81408]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2015-10-30 165888]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2015-10-30 424800]
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\WINDOWS\system32\drivers\ioqos.sys [2015-10-30 26624]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-10-30 705376]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2015-10-30 76128]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2015-10-30 930656]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdaptiveSleepService;AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [2015-11-29 138752]
R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2016-04-22 254960]
R2 AVGIDSAgent;AVGIDSAgent; D:\Av\avgidsagenta.exe [2016-07-28 5267456]
R2 avgsvc;AVG Service; D:\Framework\Common\avgsvca.exe [2016-08-18 1097488]
R2 avgwd;AVG WatchDog; D:\Av\avgwdsvca.exe [2016-07-28 760024]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R2 OneSyncSvc_1a0bfec;Hostitel synchronizace_1a0bfec; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
R3 PimIndexMaintenanceSvc_1a0bfec;Data kontaktů_1a0bfec; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-08-23 1465120]
S2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe /launchService []
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-14 154440]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_10478a58;Hostitel synchronizace_10478a58; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_10d89b5a;Hostitel synchronizace_10d89b5a; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_1133ef9f;Hostitel synchronizace_1133ef9f; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_11f63009;Hostitel synchronizace_11f63009; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_1537a2;Hostitel synchronizace_1537a2; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_21a3fd;Hostitel synchronizace_21a3fd; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_23bec;Hostitel synchronizace_23bec; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_26988;Hostitel synchronizace_26988; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_26b29;Hostitel synchronizace_26b29; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_29707;Hostitel synchronizace_29707; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_297c1;Hostitel synchronizace_297c1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_2a81a;Hostitel synchronizace_2a81a; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_2b548;Hostitel synchronizace_2b548; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_2be4fb5;Hostitel synchronizace_2be4fb5; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_2c67a;Hostitel synchronizace_2c67a; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_2ee16;Hostitel synchronizace_2ee16; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_39527b;Hostitel synchronizace_39527b; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_3db366f;Hostitel synchronizace_3db366f; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_477a7;Hostitel synchronizace_477a7; C:\Windows\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_53b100e;Hostitel synchronizace_53b100e; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_54d5de7;Hostitel synchronizace_54d5de7; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_66995b;Hostitel synchronizace_66995b; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_7e404e;Hostitel synchronizace_7e404e; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_c40b7c5;Hostitel synchronizace_c40b7c5; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_d0993cf;Hostitel synchronizace_d0993cf; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S2 OneSyncSvc_d0d35c8;Hostitel synchronizace_d0d35c8; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 AvgAMPS;AvgAMPS; D:\Av\avgamps.exe [2016-07-28 674552]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-10-30 31744]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2015-10-23 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-14 154440]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_10478a58;Služba zasílání zpráv_10478a58; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_10d89b5a;Služba zasílání zpráv_10d89b5a; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_1133ef9f;Služba zasílání zpráv_1133ef9f; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_11f63009;Služba zasílání zpráv_11f63009; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_1537a2;Služba zasílání zpráv_1537a2; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_1a0bfec;Služba zasílání zpráv_1a0bfec; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_21a3fd;Služba zasílání zpráv_21a3fd; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_23bec;Služba zasílání zpráv_23bec; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_26988;Služba zasílání zpráv_26988; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_26b29;Služba zasílání zpráv_26b29; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_29707;Služba zasílání zpráv_29707; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_297c1;Služba zasílání zpráv_297c1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_2a81a;Služba zasílání zpráv_2a81a; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_2b548;Služba zasílání zpráv_2b548; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_2be4fb5;Služba zasílání zpráv_2be4fb5; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_2c67a;Služba zasílání zpráv_2c67a; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_2ee16;Služba zasílání zpráv_2ee16; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_39527b;Služba zasílání zpráv_39527b; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_3db366f;Služba zasílání zpráv_3db366f; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_53b100e;Služba zasílání zpráv_53b100e; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_54d5de7;Služba zasílání zpráv_54d5de7; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_66995b;Služba zasílání zpráv_66995b; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_7e404e;Služba zasílání zpráv_7e404e; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_c40b7c5;Služba zasílání zpráv_c40b7c5; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_d0993cf;Služba zasílání zpráv_d0993cf; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 MessagingService_d0d35c8;Služba zasílání zpráv_d0d35c8; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 51456888]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_10478a58;Data kontaktů_10478a58; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_10d89b5a;Data kontaktů_10d89b5a; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_1133ef9f;Data kontaktů_1133ef9f; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_11f63009;Data kontaktů_11f63009; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_1537a2;Data kontaktů_1537a2; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_21a3fd;Data kontaktů_21a3fd; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_23bec;Data kontaktů_23bec; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_26988;Data kontaktů_26988; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_26b29;Data kontaktů_26b29; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_29707;Data kontaktů_29707; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_297c1;Data kontaktů_297c1; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_2a81a;Data kontaktů_2a81a; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_2b548;Data kontaktů_2b548; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_2be4fb5;Data kontaktů_2be4fb5; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_2c67a;Data kontaktů_2c67a; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_2ee16;Data kontaktů_2ee16; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_39527b;Data kontaktů_39527b; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_3db366f;Data kontaktů_3db366f; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_53b100e;Data kontaktů_53b100e; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_54d5de7;Data kontaktů_54d5de7; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_66995b;Data kontaktů_66995b; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_7e404e;Data kontaktů_7e404e; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_c40b7c5;Data kontaktů_c40b7c5; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_d0993cf;Data kontaktů_d0993cf; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 PimIndexMaintenanceSvc_d0d35c8;Data kontaktů_d0d35c8; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2015-10-30 43944]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2015-10-30 1297408]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]
S4 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 43944]

-----------------EOF-----------------

#2 Příspěvek od **Rudy** » 24 srp 2016 16:17

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

onlyforu747 · #3 Příspěvek od **onlyforu747** » 24 srp 2016 17:26

Nakonec to po mě chtělo restart PC. Po restartu mi to vyhodilo tento poznámkový blok.
# AdwCleaner v6.000 - *Logfile created 24/08/2016 *at 18:17:37
# *Updated on 12/08/2016 by ToolsLib
# *Database : 2016-08-23.1 [*Server]
# *Operating System : Windows 10 Pro (X64)
# *Username : David - ASUS
# *Running from : C:\Users\David\Desktop\adwcleaner_6.000.exe
# *Mode: Clean
# *Support : https://toolslib.net/forum

***** [ *Services ] *****

***** [ *Folders ] *****

***** [ *Files ] *****

***** [ DLL ] *****

***** [ WMI ] *****

***** [ *Shortcuts ] *****

***** [ *Scheduled Tasks ] *****

***** [ *Registry ] *****

***** [ *Browsers ] *****

*************************

:: *"Tracing" keys deleted
:: *Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [746 *Bytes] - [24/08/2016 18:17:37]
C:\AdwCleaner\AdwCleaner[S0].txt - [1151 *Bytes] - [24/08/2016 18:17:25]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [893 *Bytes] ##########

#4 Příspěvek od **Rudy** » 24 srp 2016 18:34

Toto je OK. Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .

onlyforu747 · #5 Příspěvek od **onlyforu747** » 28 srp 2016 10:29

Provedl jsem FRST scan.
První poznámkový blok, který se mi otevřel je zde:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-08-2016
Ran by David (administrator) on ASUS (28-08-2016 11:21:14)
Running from C:\Users\David\Desktop
Loaded Profiles: David (Available Profiles: David)
Platform: Windows 10 Pro Version 1511 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) D:\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) D:\Av\avgcsrva.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVG Technologies CZ, s.r.o.) D:\Av\avgwdsvca.exe
(AVG Technologies CZ, s.r.o.) D:\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) D:\Av\avgidsagenta.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cnext.exe
(AVG Technologies CZ, s.r.o.) D:\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) D:\Av\avgui.exe
(AVG Technologies CZ, s.r.o.) D:\Av\avgemca.exe
() C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\cnext.exe [4866760 2015-11-29] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [AvgUi] => D:\Framework\Common\avguirna.exe [204560 2016-08-18] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AVG_UI] => D:\Av\avgui.exe [6709008 2016-07-28] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-451002269-1392437201-2376695314-1001\...\MountPoints2: {7959d576-4e5b-11e6-8268-08606ed551f2} - "F:\Lenovo_Suite.exe"

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 93.95.37.242 78.108.152.158
Tcpip\..\Interfaces\{40ec447d-e019-4e07-bf94-95a1586e18d5}: [DhcpNameServer] 93.95.37.242 78.108.152.158

Internet Explorer:
==================
HKU\S-1-5-21-451002269-1392437201-2376695314-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://seznam.cz/
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)

FireFox:
========
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)

Chrome:
=======
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-05-14]
CHR Extension: (Dokumenty Google) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-05-14]
CHR Extension: (Disk Google) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-05-14]
CHR Extension: (YouTube) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-14]
CHR Extension: (Adblock Plus) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-08-23]
CHR Extension: (Adblock na Youtube™) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2016-05-14]
CHR Extension: (Tabulky Google) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-05-14]
CHR Extension: (Dokumenty Google offline) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-14]
CHR Extension: (AdBlock) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-08-24]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-14]
CHR Extension: (Gmail) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-05-14]
CHR Extension: (Chrome Media Router) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-18]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [138752 2015-11-29] () [File not signed]
S3 AvgAMPS; D:\Av\avgamps.exe [674552 2016-07-28] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; D:\Av\avgidsagenta.exe [5267456 2016-07-28] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; D:\Framework\Common\avgsvca.exe [1097488 2016-08-18] (AVG Technologies CZ, s.r.o.)
R2 avgwd; D:\Av\avgwdsvca.exe [760024 2016-07-28] (AVG Technologies CZ, s.r.o.)
S3 vmicvss; C:\Windows\System32\ICSvc.dll [511488 2015-10-30] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-01] (Microsoft Corporation)
S2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe /launchService [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-07-21] (Advanced Micro Devices)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [21632 2016-01-07] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [163072 2016-05-13] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [314112 2016-06-30] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [261376 2016-06-01] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [260352 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [261888 2016-07-19] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [52992 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [77056 2016-06-20] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [313088 2016-07-20] (AVG Technologies CZ, s.r.o.)
R3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S2 AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-08-28 11:11 - 2016-08-28 11:11 - 00025565 _____ C:\Users\David\Desktop\Addition.txt
2016-08-28 11:10 - 2016-08-28 11:21 - 00010092 _____ C:\Users\David\Desktop\FRST.txt
2016-08-28 10:49 - 2016-08-28 11:21 - 00000000 ____D C:\FRST
2016-08-28 10:49 - 2016-08-28 10:49 - 00000000 ____D C:\Users\David\Desktop\FRST-OlderVersion
2016-08-28 10:14 - 2016-08-28 10:14 - 00000622 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2016-08-28 10:14 - 2016-08-28 10:14 - 00000572 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk
2016-08-24 21:07 - 2016-08-28 10:49 - 02396672 _____ (Farbar) C:\Users\David\Desktop\FRST64.exe
2016-08-24 18:16 - 2016-08-28 11:03 - 00000000 ____D C:\AdwCleaner
2016-08-24 16:20 - 2016-08-24 16:43 - 00000000 ____D C:\rsit
2016-08-24 16:20 - 2016-08-24 16:43 - 00000000 ____D C:\Program Files\trend micro
2016-08-18 22:06 - 2016-08-18 22:06 - 00000809 _____ C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\avguix.lnk
2016-08-18 22:06 - 2016-08-18 22:06 - 00000000 ____D C:\Users\David\AppData\Roaming\TuneUp Software
2016-08-18 22:06 - 2016-08-18 22:06 - 00000000 ____D C:\Users\David\AppData\Roaming\AVG
2016-08-18 22:06 - 2016-08-18 22:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2016-08-18 22:05 - 2016-08-18 22:05 - 00000000 ___HD C:\$AVG
2016-08-18 22:04 - 2016-08-28 11:06 - 00000000 ____D C:\ProgramData\MFAData
2016-08-18 22:04 - 2016-08-18 22:04 - 00000000 ____D C:\Users\David\AppData\Local\MFAData
2016-08-18 22:02 - 2016-08-18 22:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2016-08-18 22:00 - 2016-08-18 22:06 - 00000000 ____D C:\Users\David\AppData\Local\Avg
2016-08-18 22:00 - 2016-08-18 22:05 - 00000000 ____D C:\ProgramData\Avg
2016-08-18 22:00 - 2016-08-18 22:04 - 00000000 ____D C:\Users\David\AppData\Local\AvgSetupLog
2016-08-09 20:58 - 2016-08-03 13:14 - 01505984 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-08-09 20:58 - 2016-08-03 13:14 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-08-09 20:58 - 2016-08-03 13:14 - 00050368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-08-09 20:58 - 2016-08-03 12:36 - 07469408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-08-09 20:58 - 2016-08-03 12:36 - 00099680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-08-09 20:58 - 2016-08-03 12:36 - 00037744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2016-08-09 20:58 - 2016-08-03 12:30 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-08-09 20:58 - 2016-08-03 12:23 - 00693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-08-09 20:58 - 2016-08-03 12:23 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-08-09 20:58 - 2016-08-03 12:22 - 01322760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-08-09 20:58 - 2016-08-03 12:22 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-08-09 20:58 - 2016-08-03 12:22 - 00465248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2016-08-09 20:58 - 2016-08-03 12:22 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-08-09 20:58 - 2016-08-03 12:22 - 00058408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-08-09 20:58 - 2016-08-03 12:21 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-08-09 20:58 - 2016-08-03 12:21 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-08-09 20:58 - 2016-08-03 12:21 - 00566112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-08-09 20:58 - 2016-08-03 12:21 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-08-09 20:58 - 2016-08-03 12:20 - 01540224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-08-09 20:58 - 2016-08-03 12:20 - 00692136 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-08-09 20:58 - 2016-08-03 12:19 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-08-09 20:58 - 2016-08-03 12:19 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-08-09 20:58 - 2016-08-03 12:13 - 01988448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-08-09 20:58 - 2016-08-03 12:13 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-08-09 20:58 - 2016-08-03 12:13 - 00393056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-08-09 20:58 - 2016-08-03 12:11 - 00422744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-08-09 20:58 - 2016-08-03 11:51 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe
2016-08-09 20:58 - 2016-08-03 11:51 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-08-09 20:58 - 2016-08-03 11:46 - 22384128 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-08-09 20:58 - 2016-08-03 11:44 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-08-09 20:58 - 2016-08-03 11:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2016-08-09 20:58 - 2016-08-03 11:44 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2016-08-09 20:58 - 2016-08-03 11:43 - 16985088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-08-09 20:58 - 2016-08-03 11:41 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-08-09 20:58 - 2016-08-03 11:41 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-08-09 20:58 - 2016-08-03 11:40 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-08-09 20:58 - 2016-08-03 11:40 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2016-08-09 20:58 - 2016-08-03 11:40 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-08-09 20:58 - 2016-08-03 11:40 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2016-08-09 20:58 - 2016-08-03 11:39 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-08-09 20:58 - 2016-08-03 11:39 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-08-09 20:58 - 2016-08-03 11:38 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-08-09 20:58 - 2016-08-03 11:38 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-08-09 20:58 - 2016-08-03 11:37 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-08-09 20:58 - 2016-08-03 11:36 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-08-09 20:58 - 2016-08-03 11:36 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-08-09 20:58 - 2016-08-03 11:36 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-08-09 20:58 - 2016-08-03 11:35 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-08-09 20:58 - 2016-08-03 11:35 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2016-08-09 20:58 - 2016-08-03 11:34 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-08-09 20:58 - 2016-08-03 11:33 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-08-09 20:58 - 2016-08-03 11:33 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-08-09 20:58 - 2016-08-03 11:31 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-08-09 20:58 - 2016-08-03 11:31 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-08-09 20:58 - 2016-08-03 11:31 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtutil.exe
2016-08-09 20:58 - 2016-08-03 11:30 - 24613888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-08-09 20:58 - 2016-08-03 11:30 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-08-09 20:58 - 2016-08-03 11:30 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-08-09 20:58 - 2016-08-03 11:29 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-08-09 20:58 - 2016-08-03 11:29 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-08-09 20:58 - 2016-08-03 11:29 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-08-09 20:58 - 2016-08-03 11:29 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-08-09 20:58 - 2016-08-03 11:29 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-08-09 20:58 - 2016-08-03 11:28 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-08-09 20:58 - 2016-08-03 11:28 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-08-09 20:58 - 2016-08-03 11:28 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-08-09 20:58 - 2016-08-03 11:27 - 07536640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-08-09 20:58 - 2016-08-03 11:27 - 01752576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-08-09 20:58 - 2016-08-03 11:27 - 01717760 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-08-09 20:58 - 2016-08-03 11:27 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-08-09 20:58 - 2016-08-03 11:20 - 13390336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-08-09 20:58 - 2016-08-03 11:18 - 06974464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-08-09 20:58 - 2016-08-03 11:18 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-08-09 20:58 - 2016-08-03 11:18 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-08-09 20:58 - 2016-08-03 11:17 - 02175488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-08-09 20:58 - 2016-08-03 11:16 - 05123072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2016-08-09 20:58 - 2016-08-03 11:16 - 03589120 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-08-09 20:58 - 2016-08-03 11:16 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-08-09 20:58 - 2016-08-03 11:16 - 01732096 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-08-09 20:58 - 2016-08-03 11:15 - 07833088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-08-09 20:58 - 2016-08-03 11:14 - 04895232 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-08-09 20:58 - 2016-08-03 11:14 - 01997824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-08-09 20:58 - 2016-08-03 11:13 - 03025920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-08-09 20:58 - 2016-08-03 11:13 - 02280960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-08-09 20:58 - 2016-08-03 11:12 - 02746368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-08-09 20:58 - 2016-08-03 11:11 - 04171264 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-08-09 20:58 - 2016-08-03 07:52 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2016-08-09 20:58 - 2016-08-03 07:34 - 00501592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-08-09 20:58 - 2016-08-03 07:34 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-08-09 20:58 - 2016-08-03 07:33 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
2016-08-09 20:58 - 2016-08-03 07:31 - 02921368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-08-09 20:58 - 2016-08-03 07:31 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-08-09 20:58 - 2016-08-03 07:31 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-08-09 20:58 - 2016-08-03 07:30 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-08-09 20:58 - 2016-08-03 07:30 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-08-09 20:58 - 2016-08-03 07:30 - 00255168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-08-09 20:58 - 2016-08-03 06:57 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdlrecover.exe
2016-08-09 20:58 - 2016-08-03 06:48 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2016-08-09 20:58 - 2016-08-03 06:47 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-08-09 20:58 - 2016-08-03 06:44 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-08-09 20:58 - 2016-08-03 06:44 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2016-08-09 20:58 - 2016-08-03 06:42 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2016-08-09 20:58 - 2016-08-03 06:40 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2016-08-09 20:58 - 2016-08-03 06:39 - 19351040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-08-09 20:58 - 2016-08-03 06:37 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-08-09 20:58 - 2016-08-03 06:37 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-08-09 20:58 - 2016-08-03 06:35 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2016-08-09 20:58 - 2016-08-03 06:35 - 00178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtutil.exe
2016-08-09 20:58 - 2016-08-03 06:34 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-08-09 20:58 - 2016-08-03 06:34 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-08-09 20:58 - 2016-08-03 06:33 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-08-09 20:58 - 2016-08-03 06:33 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-08-09 20:58 - 2016-08-03 06:33 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-08-09 20:58 - 2016-08-03 06:32 - 12585984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-08-09 20:58 - 2016-08-03 06:32 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-08-09 20:58 - 2016-08-03 06:32 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-08-09 20:58 - 2016-08-03 06:32 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-08-09 20:58 - 2016-08-03 06:31 - 06743040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-08-09 20:58 - 2016-08-03 06:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-08-09 20:58 - 2016-08-03 06:29 - 12133376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-08-09 20:58 - 2016-08-03 06:28 - 03663360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-08-09 20:58 - 2016-08-03 06:25 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-08-09 20:58 - 2016-08-03 06:25 - 04078080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2016-08-09 20:58 - 2016-08-03 06:23 - 05660672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-08-09 20:58 - 2016-08-03 06:23 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-08-09 20:58 - 2016-08-03 06:22 - 02501120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-08-09 20:58 - 2016-08-03 06:22 - 01502208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-08-09 20:58 - 2016-08-03 06:21 - 01708032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-08-09 20:58 - 2016-08-03 06:19 - 02180096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-07-31 22:16 - 2016-08-28 10:53 - 00000000 ___RD C:\Users\David\3D Objects

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-08-28 11:11 - 2016-05-14 12:02 - 01771468 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-08-28 11:11 - 2016-02-13 14:50 - 00750030 _____ C:\WINDOWS\system32\perfh005.dat
2016-08-28 11:11 - 2016-02-13 14:50 - 00150654 _____ C:\WINDOWS\system32\perfc005.dat
2016-08-28 11:11 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-08-28 11:05 - 2016-05-14 12:22 - 00000966 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-28 11:05 - 2016-02-13 15:10 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-08-28 11:04 - 2015-10-30 08:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-08-28 10:57 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-08-28 10:41 - 2016-05-14 12:40 - 00000000 ____D C:\Users\David\AppData\Roaming\TS3Client
2016-08-28 10:37 - 2016-05-14 12:22 - 00000970 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-27 19:12 - 2016-05-14 11:53 - 00000000 ____D C:\Users\David
2016-08-27 10:11 - 2016-05-15 12:12 - 00000000 ____D C:\Users\David\AppData\LocalLow\Heroes and Generals
2016-08-27 09:31 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-08-26 07:01 - 2015-10-30 08:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-08-22 18:43 - 2016-05-14 13:01 - 00000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2016-08-18 22:06 - 2015-10-30 09:24 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-08-13 22:31 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-08-12 18:12 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2016-08-10 09:43 - 2016-02-13 15:14 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-08-09 23:37 - 2016-02-13 15:01 - 00000000 ____D C:\Program Files\Windows Journal
2016-08-09 23:37 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-08-09 23:37 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-08-09 21:20 - 2016-05-14 15:37 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-08-09 21:20 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2016-08-09 21:20 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-08-09 21:17 - 2016-05-14 15:37 - 147640136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-08-08 21:38 - 2016-05-14 12:23 - 00002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-07-31 15:57 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-07-29 16:32 - 2016-05-14 12:22 - 00004028 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-07-29 16:32 - 2016-05-14 12:22 - 00003796 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore

Some files in TEMP:
====================
C:\Users\David\AppData\Local\Temp\avguirn_087998993.exe
C:\Users\David\AppData\Local\Temp\libeay32.dll
C:\Users\David\AppData\Local\Temp\msvcr120.dll
C:\Users\David\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-08-27 10:36

==================== End of FRST.txt ============================

#6 Příspěvek od **Rudy** » 28 srp 2016 13:25

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKU\S-1-5-21-451002269-1392437201-2376695314-1001\...\MountPoints2: {7959d576-4e5b-11e6-8268-08606ed551f2} - "F:\Lenovo_Suite.exe"
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\David\AppData\Local\Temp
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

onlyforu747 · #7 Příspěvek od **onlyforu747** » 28 srp 2016 14:03

Fix result of Farbar Recovery Scan Tool (x64) Version: 27-08-2016
Ran by David (28-08-2016 14:50:58) Run:1
Running from C:\Users\David\Desktop
Loaded Profiles: David (Available Profiles: David)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKU\S-1-5-21-451002269-1392437201-2376695314-1001\...\MountPoints2: {7959d576-4e5b-11e6-8268-08606ed551f2} - "F:\Lenovo_Suite.exe"
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\David\AppData\Local\Temp
End
*****************

"HKU\S-1-5-21-451002269-1392437201-2376695314-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7959d576-4e5b-11e6-8268-08606ed551f2}" => key removed successfully
HKCR\CLSID\{7959d576-4e5b-11e6-8268-08606ed551f2} => key not found.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully

"C:\Users\David\AppData\Local\Temp" folder move:

Could not move "C:\Users\David\AppData\Local\Temp" => Scheduled to move on reboot.

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 28-08-2016 14:52:50)

C:\Users\David\AppData\Local\Temp => moved successfully

==== End of Fixlog 14:52:51 ====

#8 Příspěvek od **Rudy** » 28 srp 2016 15:10

Smazáno. Nastala nějaká změna?

onlyforu747 · #9 Příspěvek od **onlyforu747** » 28 srp 2016 20:08

Ne, internet stále padá.

#10 Příspěvek od **Rudy** » 28 srp 2016 20:20

Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

onlyforu747 · #11 Příspěvek od **onlyforu747** » 28 srp 2016 21:05

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 28. 8. 2016
Čas skenování: 21:54
Protokol: Viry.txt
Správce: Ano

Verze: 2.2.1.1043
Databáze malwaru: v2016.08.28.07
Databáze rootkitů: v2016.08.15.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto

OS: Windows 10
CPU: x64
Souborový systém: NTFS
Uživatel: David

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 304677
Uplynulý čas: 4 min, 17 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 1
PUP.Optional.TerraClicks.ShrtCln, C:\Users\David\AppData\Local\Microsoft\Windows\INetCookies\Low\JKCD8S6Q.txt, , [e49391bf5446b4824a520399e321f20e],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)

#12 Příspěvek od **Rudy** » 28 srp 2016 21:47

Nález smažte.

VIRY.CZ

Neustálé padání internetu

Neustálé padání internetu

Re: Neustálé padání internetu

Re: Neustálé padání internetu

Re: Neustálé padání internetu

Re: Neustálé padání internetu

Re: Neustálé padání internetu

Re: Neustálé padání internetu

Re: Neustálé padání internetu

Re: Neustálé padání internetu

Re: Neustálé padání internetu

Re: Neustálé padání internetu

Re: Neustálé padání internetu