Správce úloh hlásí 100% využití disku

[tekke]

Ahoj,
moc prosím o kontrolu logu:) Počítač je ultra pomalý, některé funkce (zvuk) občas vynechávají a Správce úloh mi hlásí 100% využití disku, i když v rozpise úloh je všude napsaná nula, max. nula celá jedna.
Děkuju!


Logfile of random's system information tool 1.10 (written by random/random)
Run by Barbora at 2016-09-28 17:19:52
Microsoft Windows 8
System drive C: has 22 GB (11%) free of 191 GB
Total RAM: 3982 MB (61% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:19:58, on 28. 9. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.16537)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe
C:\Program Files (x86)\CCleaner Cloud\CCleanerCloudTray.exe
C:\Users\Barbora\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Barbora.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 95.168.217.24:3128
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll
O2 - BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O3 - Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\AsusWSPanel.exe /S
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avuirunnerx.exe" C:\Program Files (x86)\AVG\AVG2015\avgui.exe
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [CCleanerCloudTray] "C:\Program Files (x86)\CCleaner Cloud\CCleanerCloudTray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [FreeAC] C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe -autorun
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Barbora\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Barbora\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
O8 - Extra context menu item: Převést &webovou stránku do Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll/AcroIECapture.html
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Přidat webovou stránku do existujícího PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll/AcroIEAppend.html
O8 - Extra context menu item: Připojit cíl vazby &k existujícímu PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll/AcroIEAppendSelLinks.html
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: AVGIDSAgent - Unknown owner - C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe (file missing)
O23 - Service: AVG WatchDog (avgwd) - Unknown owner - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe (file missing)
O23 - Service: CCleaner Cloud (CCleanerCloudAgentService) - Piriform - C:\Program Files (x86)\CCleaner Cloud\CCleanerCloudAgent.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @oem21.inf,%WIN32_DPTF_PARTICIPANT_PROC_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform and Thermal Framework Processor Participant Service Application (DptfParticipantProcessorService) - Unknown owner - C:\Windows\system32\DptfParticipantProcessorService.exe (file missing)
O23 - Service: @oem21.inf,%WIN32_DPTF_POLICY_CONFIGTDP_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform and Thermal Framework Config TDP Service Application (DptfPolicyConfigTDPService) - Unknown owner - C:\Windows\system32\DptfPolicyConfigTDPService.exe (file missing)
O23 - Service: @oem21.inf,%WIN32_DPTF_POLICY_LPM_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform and Thermal Framework Low Power Mode Service Application (DptfPolicyLpmService) - Unknown owner - C:\Windows\system32\DptfPolicyLpmService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: McAfee Home Network (HomeNetSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: McAfee Activation Service (McAWFwk) - McAfee, Inc. - c:\PROGRA~1\mcafee\msc\mcawfwk.exe
O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\windows\system32\mfevtps.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: OpenVPN Service (OpenVPNService) - The OpenVPN Project - C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: ASUS Wake Service (WakeupService) - ASUSTek Computer Inc. - C:\Program Files\ASUS\ASUS VivoBook\ASUSWakeupService.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 12638 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
"dwm.exe"
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
C:\Windows\system32\DptfParticipantProcessorService.exe
dashost.exe {64c114df-62c2-4721-a2ae90f93cf6ba97}
C:\Windows\system32\DptfPolicyConfigTDPService.exe
C:\Windows\system32\DptfPolicyLpmService.exe
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\windows\system32\mfevtps.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\ASUS\ASUS VivoBook\ASUSWakeupService.exe"
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe"
"C:\Program Files (x86)\CCleaner Cloud\CCleanerCloudAgent.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe"
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"
"C:\Program Files\ASUS\P4G\BatteryLife.exe"
"C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe"
taskhostex.exe
C:\Windows\Explorer.EXE
"C:\Program Files\ASUS\ASUS VivoBook\VivoBook.exe" /RunWithHide
KBFiltr.exe
"C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc
"C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe"
/QuitInfo:00000000000007A4;00000000000007A8;
/loadhooks /Parent:0000000000000978
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe"
"C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\System32\hkcmd.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX3
"C:\Windows\System32\DptfPolicyLpmServiceHelper.exe"
"C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe" -autorun
"C:\Program Files (x86)\CCleaner Cloud\CCleanerCloudTray.exe"
szndesktop.exe default start
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Users\Barbora\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\Windows\system32\conhost.exe 0x4

"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Windows\System32\Taskmgr.exe" /3
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --no-rate-limit "--database=C:\Users\Barbora\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel=-m --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=53.0.2785.116 --handshake-handle=0x124
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=1580 --on-initialized-event-handle=392 --parent-handle=396 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3816.0.1835581554\1020047693" --mojo-application-channel-token=9BF1EA1FD378A1E86D3A52A9229A1296 --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=BlockSmallPluginContent<PluginPowerSaverTiny,DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/site-engagement-conservative/AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ClientSideDetectionModel/Model0/DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Control/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/StrictSecureCookies/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_77/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=5,13,14,15,18,31,48,56 --gpu-vendor-id=0x8086 --gpu-device-id=0x0166 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.2875 --gpu-driver-date=10-17-2012 --mojo-platform-channel-handle=1184 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=BlockSmallPluginContent<PluginPowerSaverTiny,DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-conservative/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Control/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_77/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=E5AD8778A62B35E00D36D8C933C4721D --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=B64EADDE9CF7C92A92D030F3B04AE8B3 --mojo-application-channel-token=E5AD8778A62B35E00D36D8C933C4721D --channel="3816.3.1606710979\1837511932" --mojo-platform-channel-handle=3176 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=BlockSmallPluginContent<PluginPowerSaverTiny,DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-conservative/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Control/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_77/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=D37CE8FB499B04028AC341765F5ACC98 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=102A1B1446CF2CE3001FC7031D366921 --mojo-application-channel-token=D37CE8FB499B04028AC341765F5ACC98 --channel="3816.5.1092344226\159260604" --mojo-platform-channel-handle=5664 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=BlockSmallPluginContent<PluginPowerSaverTiny,DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-conservative/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Control/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_77/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=74912EC8CACF796DC7ACD81DFBC956AA --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=778A562AB2A706A72270FFF94D260E7D --mojo-application-channel-token=74912EC8CACF796DC7ACD81DFBC956AA --channel="3816.6.671114065\890673562" --mojo-platform-channel-handle=6380 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,MaterialDesignUserManager<MaterialDesignUserManager,*PreconnectMore<PreconnectMore,*TranslateUI2016Q2<TranslateUI2016Q2,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=BlockSmallPluginContent<PluginPowerSaverTiny,DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=*AppBannerTriggering/site-engagement-conservative/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/StandardR7/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/3-Times/PluginPowerSaverTiny/Control/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Default/*StrictSecureCookies/Default/SyncHttpContentCompression/Enabled/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_77/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/ --primordial-pipe-token=F3C9C93E5BF5296E5A6A429AA5B9D811 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=CFB773FCFA0E4E99037F079C51089D83 --mojo-application-channel-token=F3C9C93E5BF5296E5A6A429AA5B9D811 --channel="3816.7.853711427\2043215769" --mojo-platform-channel-handle=3020 /prefetch:1
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 568 572 580 65536 576
"C:\Users\Barbora\Downloads\RSITx64 (3).exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe# /c#
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe# /ua /installsource scheduler#

=========Mozilla firefox=========

ProfilePath - C:\Users\Barbora\AppData\Roaming\Mozilla\Firefox\Profiles\zur9e26r.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.101.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.101.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll


C:\Users\Barbora\AppData\Roaming\Mozilla\Firefox\Profiles\zur9e26r.default\extensions\
{ea614400-e918-4741-9a97-7a972ff7c30b}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe Acrobat Create PDF Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30 171704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
Adobe Acrobat Create PDF from Selection - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30 171704]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-09-05 473152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe Acrobat Create PDF Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30 141496]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-09-05 186944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
Adobe Acrobat Create PDF from Selection - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30 141496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe Acrobat Create PDF Toolbar - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30 171704]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe Acrobat Create PDF Toolbar - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30 141496]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-11-02 171040]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-11-02 399392]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-12-07 13262480]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2012-12-03 1256080]
"DptfPolicyLpmServiceHelper"=C:\Windows\system32\DptfPolicyLpmServiceHelper.exe [2013-01-18 27024]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-03-30 500936]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2012-12-28 129664]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"FreeAC"=C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe [2014-02-20 1553688]
"cz.seznam.software.autoupdate"=C:\Users\Barbora\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Barbora\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2016-07-13 29494400]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"ASUSPRP"=C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2012-11-23 3187360]
"ASUSWebStorage"=C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\AsusWSPanel.exe [2012-08-31 3423104]
"AVG_UI"=C:\Program Files (x86)\AVG\AVG2015\avuirunnerx.exe C:\Program Files (x86)\AVG\AVG2015\avgui.exe []
""= []
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"CCleanerCloudTray"=C:\Program Files (x86)\CCleaner Cloud\CCleanerCloudTray.exe [2016-04-04 2772392]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-06-22 598552]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2012-12-28 129664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-11-02 441344]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefire]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfevtp]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableCAD"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-09-12 19:55:48 ----D---- C:\Program Files (x86)\tuxguitar-1.3.2
2016-09-05 15:01:00 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-09-05 01:09:24 ----D---- C:\Users\Barbora\AppData\Roaming\Sun
2016-09-05 01:08:26 ----D---- C:\ProgramData\Oracle
2016-08-29 18:47:55 ----D---- C:\AdwCleaner
2016-08-29 13:16:00 ----D---- C:\Users\Barbora\AppData\Roaming\Opera Software
2016-08-29 13:15:12 ----D---- C:\Program Files (x86)\Opera
2016-08-29 12:44:57 ----D---- C:\Users\Barbora\AppData\Roaming\Skype
2016-08-29 12:44:39 ----RD---- C:\Program Files (x86)\Skype
2016-08-29 12:42:53 ----D---- C:\ProgramData\Skype

======List of files/folders modified in the last 1 month======

2016-09-28 17:19:54 ----D---- C:\Windows\Prefetch
2016-09-28 17:19:54 ----D---- C:\Program Files\trend micro
2016-09-28 17:17:32 ----D---- C:\Users\Barbora\AppData\Roaming\Seznam.cz
2016-09-28 17:16:41 ----RD---- C:\Windows\System32
2016-09-28 17:16:41 ----D---- C:\Windows\Inf
2016-09-28 17:16:41 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-09-28 17:15:41 ----D---- C:\Windows\Temp
2016-09-28 17:15:10 ----A---- C:\Windows\SYSWOW64\log.txt
2016-09-28 17:09:24 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-09-28 17:06:19 ----SHD---- C:\System Volume Information
2016-09-28 17:06:18 ----SHD---- C:\Windows\Installer
2016-09-28 17:06:18 ----SHD---- C:\Config.Msi
2016-09-28 17:06:17 ----D---- C:\Windows\system32\Tasks
2016-09-28 17:00:03 ----D---- C:\Windows\system32\sru
2016-09-28 11:47:19 ----D---- C:\Windows\security
2016-09-25 16:20:10 ----D---- C:\Windows\AUInstallAgent
2016-09-25 16:19:33 ----HD---- C:\Program Files\WindowsApps
2016-09-21 15:23:01 ----RD---- C:\Program Files (x86)
2016-09-12 22:51:27 ----D---- C:\Users\Barbora\AppData\Roaming\Atheros
2016-09-09 14:25:01 ----D---- C:\Program Files (x86)\CCleaner Cloud
2016-09-09 12:55:40 ----D---- C:\ProgramData\MFAData
2016-09-09 07:21:16 ----D---- C:\Windows
2016-09-09 07:11:48 ----D---- C:\Windows\Minidump
2016-09-08 16:31:14 ----D---- C:\Windows\Microsoft.NET
2016-09-05 01:09:42 ----D---- C:\Program Files (x86)\Common Files
2016-09-05 01:08:57 ----D---- C:\Windows\SysWOW64
2016-09-05 01:08:41 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2016-09-05 01:08:26 ----HD---- C:\ProgramData
2016-09-05 01:08:19 ----D---- C:\Program Files (x86)\Java
2016-08-30 12:47:58 ----D---- C:\rsit
2016-08-29 15:45:56 ----SD---- C:\Users\Barbora\AppData\Roaming\Microsoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2016-01-13 299440]
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2015-05-07 378336]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2016-01-22 255920]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2015-03-20 40928]
R0 iaStorA;iaStorA; C:\Windows\System32\drivers\iaStorA.sys [2012-07-24 645952]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-09-07 17536]
R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2015-03-11 162784]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2015-12-16 315312]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2015-12-16 296368]
R1 Avgwfpa;AVG Firewall Driver; C:\Windows\system32\DRIVERS\avgwfpa.sys [2015-08-04 304560]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2012-07-26 64000]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R2 mfeavfk;McAfee Inc. mfeavfk; C:\Windows\system32\drivers\mfeavfk.sys [2014-01-27 311600]
R2 mfehidk;McAfee Inc. mfehidk; C:\Windows\system32\drivers\mfehidk.sys [2014-01-27 783864]
R2 mfewfpk;McAfee Inc. mfewfpk; C:\Windows\system32\drivers\mfewfpk.sys [2014-01-27 344688]
R3 AiCharger;ASUS Charger Driver; C:\Windows\system32\DRIVERS\AiCharger.sys [2012-09-18 17152]
R3 AthBTPort;@oem17.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2012-12-28 89320]
R3 athr;@oem3.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athw8x.sys [2012-09-19 3653632]
R3 BTATH_BUS;@oem12.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\Windows\System32\drivers\btath_bus.sys [2012-12-28 33944]
R3 BTATH_HCRP;@oem18.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\Windows\System32\drivers\btath_hcrp.sys [2012-12-28 179432]
R3 BTATH_LWFLT;@oem20.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2012-12-28 77464]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2012-12-28 578792]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\Windows\System32\drivers\BthEnum.sys [2013-01-09 51712]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\Windows\system32\DRIVERS\BthLEEnum.sys [2012-07-26 202752]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2012-07-26 119808]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2013-01-09 74752]
R3 DptfDevDram;DptfDevDram; C:\Windows\system32\DRIVERS\DptfDevDram.sys [2013-01-18 107920]
R3 DptfDevFan;DptfDevFan; C:\Windows\system32\DRIVERS\DptfDevFan.sys [2013-01-18 43408]
R3 DptfDevGen;DptfDevGen; C:\Windows\system32\DRIVERS\DptfDevGen.sys [2013-01-18 65424]
R3 DptfDevPch;DptfDevPch; C:\Windows\system32\DRIVERS\DptfDevPch.sys [2013-01-18 97680]
R3 DptfDevProc;DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [2013-01-18 229776]
R3 DptfManager;DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [2013-01-18 363920]
R3 HIDSwitch;@oem16.inf,%ASSW.DisplayName%;ASUS Wireless Radio Control; C:\Windows\System32\drivers\AsHIDSwitch64.sys [2012-05-31 21152]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-11-02 5332896]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-12-11 3258256]
R3 IntcDAud;@oem8.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2012-10-26 342528]
R3 kbfiltr;@oem15.inf,%kbfiltr.SvcDesc%;Keyboard Filter; C:\Windows\System32\drivers\kbfiltr.sys [2012-08-02 14992]
R3 L1C;@oem4.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C63x64.sys [2012-07-19 110744]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-10-05 25816]
R3 MEIx64;@oem9.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\System32\drivers\HECIx64.sys [2012-07-02 62784]
R3 mfefirek;McAfee Inc. mfefirek; C:\Windows\system32\drivers\mfefirek.sys [2014-01-27 520696]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2013-03-01 156672]
R3 tap0901;@oem19.inf,%DeviceDescription%;TAP-Windows Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2013-08-22 40664]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-07-06 210560]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2012-07-26 17920]
S0 Avgboota;AVG Early Launch Anti-Malware Driver; C:\Windows\system32\DRIVERS\avgboota.sys [2015-03-27 21152]
S0 mfeelamk;McAfee Inc. mfeelamk; C:\Windows\system32\drivers\mfeelamk.sys [2014-01-27 69352]
S2 mfeapfk;McAfee Inc. mfeapfk; C:\Windows\system32\drivers\mfeapfk.sys [2014-01-27 180272]
S3 AgereSoftModem;@mdmags64.inf,%FullProductName%;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2012-06-02 1146880]
S3 AmUStor;@oem11.inf,%AmUStor.SvcDesc%;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2012-06-14 100992]
S3 ATP;@oem19.inf,%PS2.DeviceDesc%;ASUS Input Device; C:\Windows\System32\drivers\AsusTP.sys [2013-01-16 65784]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2013-03-01 1175040]
S3 cfwids;McAfee Inc. cfwids; C:\Windows\system32\drivers\cfwids.sys [2014-01-27 70592]
S3 e1iexpress;@net1ic64.inf,%E1IExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\Windows\system32\DRIVERS\e1i63x64.sys [2012-06-02 333824]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-10-05 64216]
S3 NETwNs64;@netwns64.inf,___ %NIC_Service_DispName_WIN7_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETwNs64.sys [2012-06-02 8604672]
S3 RTL8168;@netrt630x64.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2012-06-02 589824]
S3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;Ovladač zvuků USB (WDM); C:\Windows\system32\drivers\usbaudio.sys [2013-07-06 121984]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-02 43008]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-09-16 82128]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2013-01-15 107320]
R2 ASUS InstantOn;ASUS InstantOn Service; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [2012-04-13 277120]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2012-12-28 226944]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2011-11-21 96896]
R2 CCleanerCloudAgentService;CCleaner Cloud; C:\Program Files (x86)\CCleaner Cloud\CCleanerCloudAgent.exe [2016-04-04 18619304]
R2 DptfParticipantProcessorService;@oem21.inf,%WIN32_DPTF_PARTICIPANT_PROC_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform and Thermal Framework Processor Participant Service Application; C:\Windows\system32\DptfParticipantProcessorService.exe [2013-01-18 31632]
R2 DptfPolicyConfigTDPService;@oem21.inf,%WIN32_DPTF_POLICY_CONFIGTDP_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform and Thermal Framework Config TDP Service Application; C:\Windows\system32\DptfPolicyConfigTDPService.exe [2013-01-18 33168]
R2 DptfPolicyLpmService;@oem21.inf,%WIN32_DPTF_POLICY_LPM_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform and Thermal Framework Low Power Mode Service Application; C:\Windows\system32\DptfPolicyLpmService.exe [2013-01-18 39824]
R2 HomeNetSvc;McAfee Home Network; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2013-07-30 328928]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-06-27 129856]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-06-25 166720]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-17 277824]
R2 mcpltsvc;McAfee Platform Services; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [2013-07-30 328928]
R2 McProxy;McAfee Proxy Service; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [2013-07-30 328928]
R2 mfefire;McAfee Firewall Core Service; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [2014-01-27 219752]
R2 mfevtp;McAfee Validation Trust Protection Service; C:\windows\system32\mfevtps.exe [2014-01-27 185792]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-17 365376]
S2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe []
S2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe []
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-10-05 1135416]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-05-23 324224]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-11-02 277024]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2012-07-26 43616]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S3 McAWFwk;McAfee Activation Service; c:\PROGRA~1\mcafee\msc\mcawfwk.exe [2012-01-26 332080]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-09-05 146888]
S3 OpenVPNService;OpenVPN Service; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [2013-08-22 32568]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]

-----------------EOF-----------------

[Márty84]

Zdravim

Pokud nepouzivate, odinstalujte Seznam Software

Stahnete crystal disk info http://www.slunecnice.cz/sw/crystaldiskinfo/
Nainstalujte (pozor na pripadne doplnky, ty odmitnete zrusenim zatrzitka) a spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)

Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner[C?].txt ). Ten mi sem zkopirujte.

Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

[tekke]

Děkuju za radu! )))
Budu to sem vkládat postupně: první AdxCleaner log:
# AdwCleaner v6.020 - Log soubor vytvořen 28/09/2016 na 17:44:41
# Aktualizováno dne 14/09/2016 z ToolsLib
# Databáze : 2016-09-27.2 [Server]
# Operační systém : Windows 8 (X64)
# Uživatelské jméno : Barbora - ASUS
# Beží od : C:\Users\Barbora\Downloads\adwcleaner_6.020.exe
# Mod: Čištění
# Podpora : https://toolslib.net/forum



***** [ SluĹľby ] *****



***** [ Adresáře ] *****

[-] Adresář smazán:C:\Users\Barbora\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn


***** [ Soubory ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Zástupce ] *****



***** [ Plánovač úloh ] *****



***** [ Registry ] *****

[-] Klíč smazán:HKU\S-1-5-21-4254934038-780234969-2913759268-1001\Software\Conduit
[#] Klíč smazán po restartování:HKCU\Software\Conduit
[#] Klíč smazán po restartování:[x64] HKCU\Software\Conduit


***** [ ProhlĂ­ĹľeÄŤe ] *****

[-] [C:\Users\Barbora\AppData\Local\Google\Chrome\User Data\Default] [extension] Smazání:chfdnecihphmhljaaejmgoiahnihplgn


*************************

:: "Tracing" klíč smazán
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [2359 BajtĹŻ] - [29/08/2016 19:02:47]
C:\AdwCleaner\AdwCleaner[C2].txt - [1314 BajtĹŻ] - [28/09/2016 17:44:41]
C:\AdwCleaner\AdwCleaner[S0].txt - [2431 BajtĹŻ] - [29/08/2016 18:50:02]
C:\AdwCleaner\AdwCleaner[S1].txt - [2505 BajtĹŻ] - [29/08/2016 18:58:59]
C:\AdwCleaner\AdwCleaner[S2].txt - [1861 BajtĹŻ] - [28/09/2016 17:44:06]

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1610 BajtĹŻ] ##########

[tekke]

Crystal Disk Info:
----------------------------------------------------------------------------
CrystalDiskInfo 7.0.3 (C) 2008-2016 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 8 [6.2 Build 9200] (x64)
Date : 2016/09/28 18:59:14

-- Controller Map ----------------------------------------------------------
+ Intel(R) 7 Series Chipset Family SATA AHCI Controller [ATA]
- Hitachi HTS545050A7E380
- Řadič prostorů úložišť [SCSI]

-- Disk List ---------------------------------------------------------------
(1) Hitachi HTS545050A7E380 : 500,1 GB [0/0/0, pd1]

----------------------------------------------------------------------------
(1) Hitachi HTS545050A7E380
----------------------------------------------------------------------------
Model : Hitachi HTS545050A7E380
Firmware : GG2OA6C0
Serial Number : TE851749GTZZ2L
Disk Size : 500,1 GB (8,4/137,4/500,1/500,1)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 976773168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 6
Transfer Mode : ---- | SATA/300
Power On Hours : 10560 hod.
Power On Count : 1861 krát
Temperature : 35 C (95 F)
Health Status : Pozor
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 4001h [ON]
AAM Level : ----
Drive Letter : C: D:

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _62 000000000000 Počet chyb čtení
02 100 100 _40 000000000000 Průchodnost disku
03 253 253 _33 000600000000 Čas na roztočení ploten
04 _97 _97 __0 0000000013FA Počet spuštění/zastavení
05 100 100 __5 000000000000 Počet přemapovaných sektorů
07 100 100 _67 000000000000 Počet chybných hledání
08 100 100 _40 000000000000 Čas potřebný na vyhledání
09 _76 _76 __0 000000002940 Hodin v činnosti
0A 100 100 _60 000000000000 Počet opakovaných pokusů o roztočení ploten
0C _99 _99 __0 000000000745 Počet cyklů zapnutí zařízení
BF _99 _99 __0 000000000002 Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 00000000006E Počet vypnutí disku
C1 _90 _90 __0 000000019646 Počet cyklů načítání/vymazání
C2 171 171 __0 0031000B0023 Teplota
C4 100 100 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000010 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
DF 100 100 __0 000000000000 Zatížení budiče magnetických hlav způsobené opakovanými úkony

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 045A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2020 5445 3835 3137 3439 4754 5A5A 324C
020: 0003 4000 0004 4747 324F 4136 4330 4869 7461 6368
030: 6920 4854 5335 3435 3035 3041 3745 3338 3020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 1706 0000 005E 0048
080: 01FC 0028 746B 7D69 6163 7469 BC49 6163 207F 0035
090: 0036 4001 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 6030 3A38 0000 0000 0000 0000 6003 826C 5000 CCA7
110: 3ACB 5D2A 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 000B
130: 0000 0000 2182 1CF1 FA00 0000 4000 0400 0003 0000
140: 0000 0902 0603 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 3232 4236 0000 2802 0000 5DBD 2518 8000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 003D 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 101F 0021 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 03E0 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 A1A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 0B 00 64 64 00 00 00 00 00 00 00 02 05
010: 00 64 64 00 00 00 00 00 00 00 03 07 00 FD FD 00
020: 00 00 00 06 00 00 04 12 00 61 61 FA 13 00 00 00
030: 00 00 05 33 00 64 64 00 00 00 00 00 00 00 07 0B
040: 00 64 64 00 00 00 00 00 00 00 08 05 00 64 64 00
050: 00 00 00 00 00 00 09 12 00 4C 4C 40 29 00 00 00
060: 00 00 0A 13 00 64 64 00 00 00 00 00 00 00 0C 32
070: 00 63 63 45 07 00 00 00 00 00 BF 0A 00 63 63 02
080: 00 00 00 00 00 00 C0 32 00 64 64 6E 00 00 00 00
090: 00 00 C1 12 00 5A 5A 46 96 01 00 00 00 00 C2 02
0A0: 00 AB AB 23 00 0B 00 31 00 00 C4 32 00 64 64 00
0B0: 00 00 00 00 00 00 C5 22 00 64 64 10 00 00 00 00
0C0: 00 00 C6 08 00 64 64 00 00 00 00 00 00 00 C7 0A
0D0: 00 C8 C8 00 00 00 00 00 00 00 DF 0A 00 64 64 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 2D 00 01 5B
170: 03 00 01 00 02 6C 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 A8

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 3E 00 00 00 00 00 00 00 00 00 00 02 28
010: 00 00 00 00 00 00 00 00 00 00 03 21 00 00 00 00
020: 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 00
030: 00 00 05 05 00 00 00 00 00 00 00 00 00 00 07 43
040: 00 00 00 00 00 00 00 00 00 00 08 28 00 00 00 00
050: 00 00 00 00 00 00 09 00 00 00 00 00 00 00 00 00
060: 00 00 0A 3C 00 00 00 00 00 00 00 00 00 00 0C 00
070: 00 00 00 00 00 00 00 00 00 00 BF 00 00 00 00 00
080: 00 00 00 00 00 00 C0 00 00 00 00 00 00 00 00 00
090: 00 00 C1 00 00 00 00 00 00 00 00 00 00 00 C2 00
0A0: 00 00 00 00 00 00 00 00 00 00 C4 00 00 00 00 00
0B0: 00 00 00 00 00 00 C5 00 00 00 00 00 00 00 00 00
0C0: 00 00 C6 00 00 00 00 00 00 00 00 00 00 00 C7 00
0D0: 00 00 00 00 00 00 00 00 00 00 DF 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 89

[tekke]

Malwarebytes:
Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 28. 9. 2016
Čas skenování: 19:04
Protokol: malwarebytes.txt
Správce: Ano

Verze: 2.2.1.1043
Databáze malwaru: v2016.09.28.09
Databáze rootkitů: v2016.09.26.02
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 8
CPU: x64
Souborový systém: NTFS
Uživatel: Barbora

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 516312
Uplynulý čas: 3 hod, 12 min, 21 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 3
PUP.Optional.CrossRider, HKLM\SOFTWARE\CLASSES\INTERFACE\{55555555-5555-5555-5555-550655175552}, , [abde6b0c2a7054e28714f1fa25dfd729],
PUP.Optional.CrossRider, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{55555555-5555-5555-5555-550655175552}, , [2564c5b2a6f477bfabf09a51768e768a],
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{55555555-5555-5555-5555-550655175552}, , [4c3d98df524863d36932c02b44c09f61],

Hodnoty registru: 4
PUP.Optional.CrossRider, HKLM\SOFTWARE\CLASSES\INTERFACE\{55555555-5555-5555-5555-550655175552}, ICrossriderBHO, , [abde6b0c2a7054e28714f1fa25dfd729]
PUP.Optional.CrossRider, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{55555555-5555-5555-5555-550655175552}, ICrossriderBHO, , [2564c5b2a6f477bfabf09a51768e768a]
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{55555555-5555-5555-5555-550655175552}, ICrossriderBHO, , [4c3d98df524863d36932c02b44c09f61]
PUP.Optional.CrossRider.Generic, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN\FEATURECONTROL\FEATURE_BROWSER_EMULATION|Internet Speed Checker-bg.exe, 8000, , [a1e8c2b55941d363a77f39be996af10f]

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 1
Adware.FileFinder, C:\$RECYCLE.BIN\S-1-5-21-4254934038-780234969-2913759268-1001\$RU6B6X8.exe, , [1376a8cffe9cd660e168766b09fb946c],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

[Márty84]

Vsechny nalezy nechte odstranit. Po odstraneni a restartu pc test s MBAM zopakujte (tentokrat staci jen sken hrozeb - bude rychlejsi, at vime, jestli se to nevraci. Napiste vysledek testu a podle nej zvolim dalsi postup. Pokud bude vysledek bez nalezu, pokracujte hned dalsim krokem...


Jelikoz disk nevypada dobre...
Udelejte kontrolu programem HD Tune
Stahnete http://www.slunecnice.cz/sw/hd-tune/ , nainstalujte a spustte jako spravce (pokud vam pri instalaci nabidne nejaky doplnek, odmitnete ho!)
V tom okne kliknete na posledni zalozku - Error Scan (pokud bude zatrzeny quick scan, tak zatrzitko zruste) a kliknete na Start.
Kontrola bude nejakou dobu trvat. Dejte vedet, jestli tam bylo nejake cervene policko.
Taky se podivejte na zalozku Health a opiste mi (vyfotte), co se tam pise. Melo by tam byt OK http://www.google.cz/imgres?um=1&hl=cs& ... s:20,i:143

[tekke]

Z Malwarebytes mi pokaždý spadne celej comp když se teď snažím skenovat
HD Tune vyhodil tohle:

[tekke]

[Márty84]

Disk je bohuzel poskozeny, ma vadne sektory. Muze to byt pricina problemu. Pocitac samozrejme muzeme docistit, ale nemusi to mit zadny ucinek


MBAM zkuste spustit v nouzovem rezimu. Pokud to nepujde ani tam, dejte logy z FRST...


Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach
(Kdyby nesel Launcher stahnout, dejte logy jen ze samotneho FRST, tedy bez pouziti Launcheru)

[tekke]

Addition:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-09-2016
Ran by Barbora (29-09-2016 19:10:38)
Running from C:\Users\Barbora\Desktop
Windows 8 (X64) (2014-01-08 15:25:54)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4254934038-780234969-2913759268-500 - Administrator - Disabled)
Barbora (S-1-5-21-4254934038-780234969-2913759268-1001 - Administrator - Enabled) => C:\Users\Barbora
Guest (S-1-5-21-4254934038-780234969-2913759268-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4254934038-780234969-2913759268-1003 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: McAfee Anti-Virus and Antispyware (Disabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG AntiVirus Free Edition 2015 (Disabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: McAfee Anti-Virus and Antispyware (Disabled - Out of date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2015 (Disabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
FW: McAfee Firewall (Disabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.009.20071 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 3.4.117.01527 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 3.4.117.01527 - Alcor Micro Corp.) Hidden
ASUS Instant Connect (HKLM-x32\...\{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}) (Version: 1.2.8 - ASUS)
ASUS InstantOn (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 3.0.5 - ASUS)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.13 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.9 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.1.7 - ASUS)
ASUS S200 Product Demo (HKLM-x32\...\{5E396FE4-6110-41C9-9B1F-2F30A4A13715}) (Version: 1.0.0 - ASUS)
ASUS Screen Saver (HKLM\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.1 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0002 - ASUS)
ASUS Tutor (HKLM-x32\...\{58172D66-2F69-4215-9AEC-ED8196023736}) (Version: 1.0.8 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.5 - ASUS)
ASUS VivoBook (HKLM\...\{04FDBE69-F9FD-42A2-9008-E5CE7F60C6BE}) (Version: 1.0.26 - ASUS)
ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.10.123 - ASUS Cloud Corporation)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.7 - Atheros Communications Inc.)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0027 - ASUS)
ATLAS.ti 6.2 (HKLM-x32\...\{B570FF9B-8119-4A5A-80D5-EBC38EC2C8B7}) (Version: 06.02.25 - ATLAS.ti Scientific Software Development GmbH)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.6201 - AVG Technologies CZ, s.r.o.)
AVG 2015 (Version: 15.0.4545 - AVG Technologies CZ, s.r.o.) Hidden
AVG 2015 (Version: 15.0.4656 - AVG Technologies CZ, s.r.o.) Hidden
AVG 2015 (Version: 15.0.6201 - AVG Technologies CZ, s.r.o.) Hidden
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.69.1079 - AB Team, d.o.o.)
CrystalDiskInfo 7.0.3 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 7.0.3 - Crystal Dew World)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
f4 2012 (HKLM-x32\...\f42012) (Version: - audiotranskription.de)
f4 3.1.0 (HKLM-x32\...\f4) (Version: 3.1.0 - MAXqda)
Fotogaléria (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotótár (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Free Alarm Clock 3.1.0 (HKLM-x32\...\{8ED5A2F1-338F-4608-8AF7-BCD1ADC1E1F7}_is1) (Version: 3.1 - Comfort Software Group)
Galeria fotografii (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
GoldWave v5.70 (HKLM-x32\...\GoldWave v5.70) (Version: 5.70 - GoldWave Inc.)
Google Books Downloader version 2.6 (HKLM-x32\...\{216729B6-014A-F413-814F-F17F74FBA113}_is1) (Version: 2.6 - GBOOKSDOWNLOADER.COM)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 53.0.2785.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Guitar Pro 4.0 (HKLM-x32\...\Guitar Pro 4.0) (Version: - )
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version: - EFD Software)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 6.0.7.1084 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2875 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
LibreOffice 4.2.5.2 (HKLM-x32\...\{93AD8CBD-C32E-4318-90BB-A294BE2D712C}) (Version: 4.2.5.2 - The Document Foundation)
Malwarebytes Anti-Malware verze 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 47.0.1 (x86 cs) (HKLM-x32\...\Mozilla Firefox 47.0.1 (x86 cs)) (Version: 47.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.1.6018 - Mozilla)
Music AlarmClock v2.1.0 (HKLM-x32\...\{BEEB434F-CAFE-4708-BE3A-7C61587FA8C8}) (Version: 2.1.0 - B. Whittington Yuille)
MyBitCast 2.0 (HKLM-x32\...\MyBitCast) (Version: 2.0 - ASUS)
OpenOffice 4.0.1 (HKLM-x32\...\{220C463A-2890-4C7F-B97C-C49FE175B849}) (Version: 4.01.9714 - Apache Software Foundation)
OpenVPN 2.3.2-I003 (HKLM-x32\...\OpenVPN) (Version: 2.3.2-I003 - )
OpenVPN 32-bit (HKLM-x32\...\{3751A1FE-68A3-48A4-85C2-61CC7E2CFCFE}) (Version: 1.1.0 - ÚVT MU)
Opera Stable 40.0.2308.62 (HKLM-x32\...\Opera 40.0.2308.62) (Version: 40.0.2308.62 - Opera Software)
PDF Editor 4 (HKLM-x32\...\PDF Editor 4) (Version: - )
Podstawowe programy Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.218 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6798 - Realtek Semiconductor Corp.)
RonyaSoft Poster Designer (Poster Forge) 2.01 (HKLM-x32\...\RonyaSoft Poster Designer (Poster Forge)) (Version: 2.01 - RonyaSoft)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype Web Plugin (HKLM-x32\...\{0A95D1F2-BF33-43E7-A32B-E8089182EAE7}) (Version: 7.23.0.54 - Skype Technologies S.A.)
Skype™ 7.26 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.26.101 - Skype Technologies S.A.)
SumatraPDF (HKLM-x32\...\SumatraPDF) (Version: 3.1.1 - Krzysztof Kowalczyk)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 8.51 - Ghisler Software GmbH)
TuxGuitar (HKLM-x32\...\TuxGuitar 1.3.2) (Version: 1.3.2 - TuxGuitar)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.1 - ASUS)
WinRAR 5.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4254934038-780234969-2913759268-1001_Classes\CLSID\{49ACECA8-A1DF-467E-8FED-CCC810B1434E}\localserver32 -> C:\Users\Barbora\AppData\Local\SkypePlugin\7.23.0.54\GatewayVersion-x64.exe (Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-4254934038-780234969-2913759268-1001_Classes\CLSID\{7E3A041F-59E4-45ED-85BB-0DC57685CC7B}\InprocServer32 -> C:\Users\Barbora\AppData\Local\SkypePlugin\7.23.0.54\GatewayActiveX-x64.dll (Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-4254934038-780234969-2913759268-1001_Classes\CLSID\{CBF9CD8C-2714-4F36-B76A-43E6C7547BC2}\localserver32 -> C:\Users\Barbora\AppData\Local\SkypePlugin\7.23.0.54\EdgeCalling.exe (Skype Technologies S.A.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2776C3CD-D75E-4DBB-B4C6-3C6FE2B631DA} - System32\Tasks\Opera scheduled Autoupdate 1472469328 => C:\Program Files (x86)\Opera\launcher.exe [2016-09-21] (Opera Software)
Task: {560AF676-BF0D-425C-94CC-284B6F72C922} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {5DCD60CD-9172-41B6-A207-8F6F12DF5181} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-08-22] (ASUSTeK Computer Inc.)
Task: {75F89CF5-06FC-43BF-BE0D-CDACEA4B3623} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-09-18] (ASUSTek Computer Inc.)
Task: {89B900D4-5178-42FB-A877-DD828B180B30} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2012-11-29] ()
Task: {8C77653B-D6D2-46D8-B614-29C0F8F3EF55} - \ASUS Patch for Touch Panel -> No File <==== ATTENTION
Task: {957B23DC-520B-4091-9837-2C758C7CB286} - System32\Tasks\ASUS VivoBook => C:\Program Files\ASUS\ASUS VivoBook\VivoBook.exe [2012-12-25] (ASUSTeK Computer Inc.)
Task: {96CF44BD-8AB7-4336-BBFB-1DDDF4A7BC05} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2012-11-29] (ASUS)
Task: {BA5F9748-D02F-45A7-885B-3427D69F8DAD} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-09-16] (Adobe Systems Incorporated)
Task: {F58DFED1-5B2E-4236-81E9-8BB4B756E400} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {F5C87699-7E56-423E-A3D6-796F47D72B92} - System32\Tasks\Smart PC Cleaner Schedule => C:\Program Files (x86)\Smart PC Cleaner\SPCSchedule.exe
Task: {F7FC6E9B-1148-45F7-B2AC-51737A711BAD} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-08-24] (ASUS)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Public\Desktop\f4.lnk -> C:\Program Files (x86)\f4\f4.bat ()

ShortcutWithArgument: C:\Users\Barbora\Desktop\Spouštěč aplikací Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
ShortcutWithArgument: C:\Users\Barbora\AppData\Local\Google\Chrome\User Data\Spouštěč aplikací Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
ShortcutWithArgument: C:\Users\Barbora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Spouštěč aplikací Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
ShortcutWithArgument: C:\Users\Barbora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Online budík.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=bgnmojbefoplnleefojcghjopmopidaj
ShortcutWithArgument: C:\Users\Barbora\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Spouštěč aplikací Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list

==================== Loaded Modules (Whitelisted) ==============

2012-11-29 19:15 - 2012-11-29 19:15 - 00171224 _____ () C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
2012-08-24 19:26 - 2012-08-24 19:26 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2012-07-25 22:44 - 2012-07-25 22:35 - 00046592 _____ () C:\Windows\system32\WinMetadata\Windows.Graphics.winmd
2012-12-28 14:07 - 2012-12-28 14:07 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2012-12-28 14:04 - 2012-12-28 14:04 - 00084480 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2012-12-28 14:09 - 2012-12-28 14:09 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2013-03-18 19:39 - 2012-06-25 12:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2016-09-15 03:07 - 2016-09-14 02:38 - 01806152 _____ () C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.116\libglesv2.dll
2016-09-15 03:07 - 2016-09-14 02:38 - 00094024 _____ () C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.116\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Barbora\Downloads\Garance.jpeg:3or4kl4x13tuuug3Byamue2s4b [83]
AlternateDataStreams: C:\Users\Barbora\Downloads\Garance.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\Barbora\Downloads\smlouva.jpeg:3or4kl4x13tuuug3Byamue2s4b [83]
AlternateDataStreams: C:\Users\Barbora\Downloads\smlouva.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\Barbora\Downloads\smlouvaa.jpeg:3or4kl4x13tuuug3Byamue2s4b [83]
AlternateDataStreams: C:\Users\Barbora\Downloads\smlouvaa.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\Barbora\Downloads\smlouva_bos.jpeg:3or4kl4x13tuuug3Byamue2s4b [83]
AlternateDataStreams: C:\Users\Barbora\Downloads\smlouva_bos.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-4254934038-780234969-2913759268-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-4254934038-780234969-2913759268-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-4254934038-780234969-2913759268-1001\...\008k.com -> http://www.008k.com
IE restricted site: HKU\S-1-5-21-4254934038-780234969-2913759268-1001\...\00hq.com -> http://www.00hq.com
IE restricted site: HKU\S-1-5-21-4254934038-780234969-2913759268-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-4254934038-780234969-2913759268-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-4254934038-780234969-2913759268-1001\...\0scan.com -> http://www.0scan.com
IE restricted site: HKU\S-1-5-21-4254934038-780234969-2913759268-1001\...\1-2005-search.com -> http://www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-4254934038-780234969-2913759268-1001\...\1-domains-registrations.com -> http://www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-4254934038-780234969-2913759268-1001\...\1000gratisproben.com -> http://www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-4254934038-780234969-2913759268-1001\...\1001namen.com -> http://www.1001namen.com
IE restricted site: HKU\S-1-5-21-4254934038-780234969-2913759268-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-4254934038-780234969-2913759268-1001\...\100sexlinks.com -> http://www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-4254934038-780234969-2913759268-1001\...\10sek.com -> http://www.10sek.com
IE restricted site: HKU\S-1-5-21-4254934038-780234969-2913759268-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-4254934038-780234969-2913759268-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-4254934038-780234969-2913759268-1001\...\123fporn.info -> http://www.123fporn.info
IE restricted site: HKU\S-1-5-21-4254934038-780234969-2913759268-1001\...\123haustiereundmehr.com -> http://www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-4254934038-780234969-2913759268-1001\...\123moviedownload.com -> http://www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-4254934038-780234969-2913759268-1001\...\123simsen.com -> http://www.123simsen.com

There are 7864 more sites.


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4254934038-780234969-2913759268-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Barbora\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\asus.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\Run32: => "mcui_exe"
HKLM\...\StartupApproved\Run32: => "mcpltui_exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{EE1E9DB0-229C-4E4D-AB74-642FAA08F87E}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{D0FA0F34-2B11-4B51-BE43-943BD88E7185}] => (Allow) LPort=2869
FirewallRules: [{43A4B368-FEBD-4F53-870A-9EB533D56567}] => (Allow) LPort=1900
FirewallRules: [{FCB41EC6-F080-47B3-8BF5-15BE0D383E8C}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{70BC997B-6AC4-4A14-AEBF-AE0852142EC2}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [TCP Query User{6D4A33E3-90F8-4933-8ACC-60220F9B7F3C}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{CFB6E9C0-2B05-4399-9495-E320D7BAE474}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{F7AFD572-3748-423F-8F2D-41B5D1406673}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C51CB818-8F77-466E-9630-A22F5257E8ED}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{FF4B3E1C-1CFE-4BE4-BCC9-7E8C7EBFC937}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Block) C:\program files (x86)\libreoffice 4\program\soffice.bin
FirewallRules: [UDP Query User{6DD32585-AE3A-42EE-84FC-7D548585F3BA}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Block) C:\program files (x86)\libreoffice 4\program\soffice.bin
FirewallRules: [{EC65688E-4BE0-4758-97E3-094FC856770E}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{B7E3C2F6-0D7E-4707-9055-F6A3D804CF6B}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{634BAECB-A9D6-456B-B934-52BB7982A997}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{717CC108-FBEA-4E71-9FAA-4E716070E5F7}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{30F9D34D-4152-4BEF-9D30-C3EE6737E0C8}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{99B12DF8-DB80-4A57-B868-002155A376CA}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{498CD4FA-ACF8-49DE-B83E-3C36666CD028}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{F658BF03-49A8-4598-8403-8E95437C6C84}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{91A8E7C7-4211-4454-A03A-79B5BEAA70B9}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{AD32E63F-06B8-454E-8E11-19AC1FA979FF}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{15A9FDB9-E3AA-45EE-A86A-49546456563F}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{C92B43DD-0CC7-489E-A57C-000C05A46C4D}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{6D16B000-EC42-485B-A14E-E337A51EEE25}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{AF964A9B-A980-4139-B96F-7EC653ED3436}C:\users\barbora\appdata\local\skypeplugin\pluginhost.exe] => (Allow) C:\users\barbora\appdata\local\skypeplugin\pluginhost.exe
FirewallRules: [UDP Query User{4851420A-C42D-4581-BF2B-56B4DA7E6905}C:\users\barbora\appdata\local\skypeplugin\pluginhost.exe] => (Allow) C:\users\barbora\appdata\local\skypeplugin\pluginhost.exe
FirewallRules: [{7E27B6D1-12CB-401D-A258-2F210CEBD49B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

25-09-2016 19:00:46 Windows Zálohování

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/29/2016 02:15:08 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program wwahost.exe verze 6.2.9200.16420 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 12ac

Čas spuštění: 01d219e674f86832

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Windows\system32\wwahost.exe

ID hlášení: bfd93048-85d9-11e6-bf87-2cd05a730ff3

Úplný název chybujícího balíčku: microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe

ID aplikace související s chybujícím balíčkem: Microsoft.WindowsLive.ModernPhotos

Error: (09/29/2016 02:14:55 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: ASUS)
Description: Balíček microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe se ukončil, protože jeho pozastavování trvalo moc dlouho.

Error: (09/28/2016 05:47:27 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů rdyboost. První čtyři bajty (DWORD) datové sekce obsahují kód chyby systému Windows.

Error: (09/28/2016 05:47:27 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu BITS v knihovně DLL C:\Windows\System32\bitsperf.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (09/28/2016 05:07:18 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny Failure to use DsRoleGetPrimaryDomainInformation for DC došlo k neočekávané chybě. hr= 0x800706ba, Server RPC není k dispozici.
.

Error: (09/28/2016 05:07:16 PM) (Source: Wininit) (EventID: 1015) (User: )
Description: Došlo k selhání kritického systémového procesu C:\Windows\system32\lsass.exe se stavovým kódem 255. Počítač je nyní nutné restartovat.

Error: (09/28/2016 05:07:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: lsass.exe, verze: 6.2.9200.16420, časové razítko: 0x505a9bdf
Název chybujícího modulu: lsasrv.dll, verze: 6.2.9200.16384, časové razítko: 0x5010890e
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000a9f18
ID chybujícího procesu: 0x484
Čas spuštění chybující aplikace: 0x01d20a58a335c278
Cesta k chybující aplikaci: C:\Windows\system32\lsass.exe
Cesta k chybujícímu modulu: C:\Windows\system32\lsasrv.dll
ID zprávy: 39987fc4-858d-11e6-bf85-2cd05a730ff3
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (09/28/2016 12:48:33 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: Problém zabránil odeslání dat programu Zlepšování softwaru a služeb na základě zkušeností uživatelů společnosti Microsoft, (chyba 80070005).

Error: (09/28/2016 11:55:27 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů rdyboost. První čtyři bajty (DWORD) datové sekce obsahují kód chyby systému Windows.

Error: (09/28/2016 12:34:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: szndesktop.exe, verze: 0.0.0.0, časové razítko: 0x55645b4f
Název chybujícího modulu: lightspeed.dll, verze: 0.0.0.0, časové razítko: 0x55645b39
Kód výjimky: 0xc0000005
Posun chyby: 0x00057580
ID chybujícího procesu: 0x15d4
Čas spuštění chybující aplikace: 0x01d20a59afff4497
Cesta k chybující aplikaci: C:\Users\Barbora\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
Cesta k chybujícímu modulu: C:\Users\Barbora\AppData\Roaming\Seznam.cz\bin\lightspeed.dll
ID zprávy: 980f1a8d-8502-11e6-bf85-2cd05a730ff3
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (09/29/2016 07:04:57 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Správce služeb se pokusil o opravnou akci (Restartovat službu) po nečekaném ukončení služby McAfee Firewall Core Service, ale tato akce selhala kvůli následující chybě:
%%1056 = Instance této služby je již spuštěna.

Error: (09/29/2016 07:03:56 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba McAfee Firewall Core Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (09/29/2016 07:03:56 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba McAfee Proxy Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (09/29/2016 07:03:56 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba McAfee Platform Services byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (09/29/2016 07:03:56 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba McAfee Home Network byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (09/29/2016 07:03:56 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba McAfee Validation Trust Protection Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (09/29/2016 01:35:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba McAfee Inc. mfeapfk neuspěla při spuštění v důsledku následující chyby:
%%1243 = Taková služba neexistuje.

Error: (09/29/2016 01:34:54 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: Počítač byl restartován z procesu kontroly chyb. Kontrola chyb: 0x0000007a (0x0000000000000004, 0x0000000000000000, 0xfffffa800a6ecd20, 0x000000007eadb498). Výpis byl uložen do: C:\Windows\MEMORY.DMP. ID hlášení:

Error: (09/29/2016 01:34:54 PM) (Source: BugCheck) (EventID: 1005) (User: )
Description: Ze souboru úplného výpisu nelze vytvořit soubor s minimálním výpisem.

Error: (09/29/2016 01:34:53 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (13:12:28, ‎29. ‎9. ‎2016) bylo neočekávané.


CodeIntegrity:
===================================
Date: 2016-08-29 20:30:07.006
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\clbcatq.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-08-29 20:30:06.961
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\clbcatq.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-08-29 20:30:06.915
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\clbcatq.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-08-29 20:30:06.870
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\clbcatq.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-08-29 20:30:06.826
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\clbcatq.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-08-29 20:30:06.773
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\clbcatq.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-08-29 20:30:06.688
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\clbcatq.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-08-29 20:30:06.631
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\clbcatq.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-08-29 20:30:06.585
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\clbcatq.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-08-29 20:30:06.540
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\clbcatq.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-3217U CPU @ 1.80GHz
Percentage of memory in use: 51%
Total physical RAM: 3981.59 MB
Available physical RAM: 1945.18 MB
Total Virtual: 8333.59 MB
Available Virtual: 6034.31 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:186.3 GB) (Free:21.28 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Data) (Fixed) (Total:258.15 GB) (Free:0.01 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 1FEB4A9B)

Partition: GPT.

==================== End of Addition.txt ============================

[tekke]

FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-09-2016
Ran by Barbora (administrator) on ASUS (29-09-2016 19:09:27)
Running from C:\Users\Barbora\Desktop
Loaded Profiles: Barbora (Available Profiles: Barbora)
Platform: Windows 8 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 10 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ASUS VivoBook\ASUSWakeupService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
() C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTeK Computer Inc.) C:\Program Files\ASUS\ASUS VivoBook\VivoBook.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe
(Comfort Software Group) C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Barbora\Downloads\FRSTLauncher.exe


==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13262480 2012-12-07] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1256080 2012-12-03] (Realtek Semiconductor)
HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\Windows\system32\DptfPolicyLpmServiceHelper.exe [27024 2013-01-18] (Intel Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-03-30] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2012-11-23] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\AsusWSPanel.exe [3423104 2012-08-31] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3820440 2016-04-21] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [129664 2012-12-28] (Qualcomm Atheros Commnucations)
HKU\S-1-5-21-4254934038-780234969-2913759268-1001\...\Run: [] => 0
HKU\S-1-5-21-4254934038-780234969-2913759268-1001\...\Run: [FreeAC] => C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe [1553688 2014-02-20] (Comfort Software Group)
HKU\S-1-5-21-4254934038-780234969-2913759268-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [29494400 2016-07-13] (Skype Technologies S.A.)
HKU\S-1-5-21-4254934038-780234969-2913759268-1001\...\MountPoints2: {40a73213-8b45-11e3-be80-2cd05a730ff3} - "F:\HTC_Sync_Manager_PC.exe"
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-4254934038-780234969-2913759268-1001] => 95.168.217.24:3128
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{A6D3C142-9ABF-470A-8B12-B87D6F5CEB69}: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{BD80C7CC-801B-44DB-9A73-F3E70CAE2E0F}: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{E5359DB0-8856-4EEA-8295-3054183C1D8E}: [DhcpNameServer] 147.251.6.10 147.251.4.33

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-4254934038-780234969-2913759268-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
HKU\S-1-5-21-4254934038-780234969-2913759268-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
SearchScopes: HKU\S-1-5-21-4254934038-780234969-2913759268-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-09-05] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-09-05] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-4254934038-780234969-2913759268-1001 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)

FireFox:
========
FF ProfilePath: C:\Users\Barbora\AppData\Roaming\Mozilla\Firefox\Profiles\zur9e26r.default
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-09-05] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-09-05] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-31] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-31] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [No File]
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems)
FF Plugin HKU\S-1-5-21-4254934038-780234969-2913759268-1001: SkypePlugin -> C:\Users\Barbora\AppData\Local\SkypePlugin\7.23.0.54\npGatewayNpapi.dll [2016-08-11] (Skype Technologies S.A.)
FF Plugin HKU\S-1-5-21-4254934038-780234969-2913759268-1001: SkypePlugin64 -> C:\Users\Barbora\AppData\Local\SkypePlugin\7.23.0.54\npGatewayNpapi-x64.dll [2016-08-11] (Skype Technologies S.A.)
FF Extension: (JavaScript on-off applet) - C:\Users\Barbora\AppData\Roaming\Mozilla\Firefox\Profiles\zur9e26r.default\extensions\{54e46280-0211-11e3-b778-0800200c9a66}.xpi [2016-09-05]
FF Extension: (Firefox Hotfix) - C:\Users\Barbora\AppData\Roaming\Mozilla\Firefox\Profiles\zur9e26r.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-05]
FF Extension: (Video DownloadHelper) - C:\Users\Barbora\AppData\Roaming\Mozilla\Firefox\Profiles\zur9e26r.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-09-05]
FF Extension: (Seznam lištička) - C:\Users\Barbora\AppData\Roaming\Mozilla\Firefox\Profiles\zur9e26r.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2016-09-28]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn => not found

Chrome:
=======
CHR HomePage: Default -> mysearch.avg.com/?rvt=1
CHR DefaultSearchURL: Default -> hxxps://mysearch.avg.com/search?rvt=1&sap=dsp&q={searchTerms}
CHR DefaultSearchKeyword: Default -> https://mysearch.avg.com
CHR DefaultSuggestURL: Default -> hxxps://toolbar.avg.com/acp?q={searchTerms}&o=1
CHR Profile: C:\Users\Barbora\AppData\Local\Google\Chrome\User Data\Default [2016-09-29]
CHR Extension: (Prezentace Google) - C:\Users\Barbora\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-05]
CHR Extension: (Bandzone.cz MP3 Download) - C:\Users\Barbora\AppData\Local\Google\Chrome\User Data\Default\Extensions\adicpanjnjbpmhpcamgmihddcifhhceg [2015-05-07]
CHR Extension: (Dokumenty Google) - C:\Users\Barbora\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-05]
CHR Extension: (Disk Google) - C:\Users\Barbora\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (Online budĂ­k) - C:\Users\Barbora\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnmojbefoplnleefojcghjopmopidaj [2015-05-23]
CHR Extension: (Volání přes Skype) - C:\Users\Barbora\AppData\Local\Google\Chrome\User Data\Default\Extensions\blakpkgjpemejpbmfiglncklihnhjkij [2016-08-29]
CHR Extension: (YouTube) - C:\Users\Barbora\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (AVG Secure Search) - C:\Users\Barbora\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2016-09-28]
CHR Extension: (Vyhledávání Google) - C:\Users\Barbora\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-31]
CHR Extension: (Tabulky Google) - C:\Users\Barbora\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-05]
CHR Extension: (FoxyProxy Standard) - C:\Users\Barbora\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcknhkkoolaabfmlnjonogaaifnjlfnp [2015-05-04]
CHR Extension: (Dokumenty Google offline) - C:\Users\Barbora\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-17]
CHR Extension: (AdBlock) - C:\Users\Barbora\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-09-21]
CHR Extension: (Invite All Friends on Facebook) - C:\Users\Barbora\AppData\Local\Google\Chrome\User Data\Default\Extensions\inmmhkeajgflmokoaaoadgkhhmibjbpj [2016-09-20]
CHR Extension: (Friend Inviter PRO 2016 - Invite All Friends) - C:\Users\Barbora\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjgfeibcphdoepjnmplpgbnpkngnmdmn [2016-07-31]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Barbora\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-05]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Barbora\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2016-09-06]
CHR Extension: (Gmail) - C:\Users\Barbora\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\Barbora\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-26]
CHR Extension: (RSS Feed Reader) - C:\Users\Barbora\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnjaodmkngahhkoihejjehlcdlnohgmp [2016-07-05]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [226944 2012-12-28] (Qualcomm Atheros Commnucations) [File not signed]
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3647384 2016-04-21] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [336152 2016-04-21] (AVG Technologies CZ, s.r.o.)
R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [31632 2013-01-18] (Intel Corporation)
R2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [33168 2013-01-18] (Intel Corporation)
R2 DptfPolicyLpmService; C:\Windows\system32\DptfPolicyLpmService.exe [39824 2013-01-18] (Intel Corporation)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S3 McAWFwk; c:\Program Files\mcafee\msc\McAWFwk.exe [332080 2012-01-26] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-01-27] (McAfee, Inc.)
R2 mfevtp; C:\windows\system32\mfevtps.exe [185792 2014-01-27] (McAfee, Inc.)
S3 OpenVPNService; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [32568 2013-08-22] (The OpenVPN Project)
S3 vmicvss; C:\Windows\System32\ICSvc.dll [336384 2012-07-26] (Microsoft Corporation)
R2 WakeupService; C:\Program Files\ASUS\ASUS VivoBook\ASUSWakeupService.exe [45488 2012-12-20] (ASUSTek Computer Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-12-28] (Atheros) [File not signed]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ATP; C:\Windows\System32\drivers\AsusTP.sys [65784 2013-01-16] (ASUS Corporation)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [21152 2015-03-27] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162784 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [315312 2015-12-16] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [299440 2016-01-13] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [296368 2015-12-16] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [378336 2015-05-07] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [255920 2016-01-22] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [40928 2015-03-20] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [304560 2015-08-04] (AVG Technologies CZ, s.r.o.)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2012-12-28] (Qualcomm Atheros)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70592 2014-01-27] (McAfee, Inc.)
R3 DptfDevDram; C:\Windows\system32\DRIVERS\DptfDevDram.sys [107920 2013-01-18] (Intel Corporation)
R3 DptfDevFan; C:\Windows\system32\DRIVERS\DptfDevFan.sys [43408 2013-01-18] (Intel Corporation)
R3 DptfDevGen; C:\Windows\system32\DRIVERS\DptfDevGen.sys [65424 2013-01-18] (Intel Corporation)
R3 DptfDevPch; C:\Windows\system32\DRIVERS\DptfDevPch.sys [97680 2013-01-18] (Intel Corporation)
R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [229776 2013-01-18] (Intel Corporation)
R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [363920 2013-01-18] (Intel Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3265256 2012-11-23] (Broadcom Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-09-29] (Malwarebytes)
S2 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [180272 2014-01-27] (McAfee, Inc.)
R2 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311600 2014-01-27] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69352 2014-01-27] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [520696 2014-01-27] (McAfee, Inc.)
R2 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [783864 2014-01-27] (McAfee, Inc.)
R2 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [344688 2014-01-27] (McAfee, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [36288 2013-07-02] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [247216 2013-07-02] (Microsoft Corporation)
U0 msahci; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-09-29 19:09 - 2016-09-29 19:09 - 00024063 _____ C:\Users\Barbora\Desktop\FRST.txt
2016-09-29 19:09 - 2016-09-29 19:09 - 00000000 ____D C:\FRST
2016-09-29 19:08 - 2016-09-29 19:08 - 02404352 _____ (Farbar) C:\Users\Barbora\Desktop\FRST64.exe
2016-09-29 19:06 - 2016-09-29 19:06 - 00112640 _____ (forum.viry.cz) C:\Users\Barbora\Downloads\FRSTLauncher.exe
2016-09-29 13:51 - 2016-09-29 13:51 - 08101056 _____ C:\Users\Barbora\Downloads\hdtune_255.exe
2016-09-29 13:51 - 2016-09-29 13:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune
2016-09-29 13:51 - 2016-09-29 13:51 - 00000000 ____D C:\Program Files (x86)\HD Tune
2016-09-29 11:34 - 2016-09-29 11:34 - 00489162 _____ C:\Users\Barbora\Downloads\POKYNY NA CESTU - Turkmenistan.pdf
2016-09-29 02:19 - 2016-09-29 02:19 - 00025674 _____ C:\Users\Barbora\Downloads\dfgh.jpeg
2016-09-29 01:17 - 2016-09-29 01:17 - 00000000 __SHD C:\found.023
2016-09-28 19:02 - 2016-09-28 19:02 - 22851472 _____ (Malwarebytes ) C:\Users\Barbora\Downloads\mbam-setup-2.2.1.1043.exe
2016-09-28 18:58 - 2016-09-28 18:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2016-09-28 18:58 - 2016-09-28 18:58 - 00000000 ____D C:\Program Files (x86)\CrystalDiskInfo
2016-09-28 18:54 - 2016-09-28 18:54 - 11407001 _____ C:\Users\Barbora\Downloads\CrystalDiskInfo7_0_3-en.exe
2016-09-28 18:51 - 2016-09-28 18:51 - 03861056 _____ C:\Users\Barbora\Downloads\adwcleaner_6.020 (1).exe
2016-09-28 17:39 - 2016-09-28 17:40 - 03861056 _____ C:\Users\Barbora\Downloads\adwcleaner_6.020.exe
2016-09-28 17:19 - 2016-09-28 17:19 - 01222144 _____ C:\Users\Barbora\Downloads\RSITx64 (3).exe
2016-09-28 00:51 - 2016-09-28 00:51 - 01165648 _____ C:\Users\Barbora\Downloads\Jonathan Garrett-Turkmen - English Dictionary-Peace Corps Turkmenistan (1996).pdf
2016-09-28 00:50 - 2016-09-28 00:50 - 02034856 _____ C:\Users\Barbora\Downloads\Tyson, Clark-Turkmen Language Manual (1993).pdf
2016-09-28 00:32 - 2016-09-28 00:32 - 00328479 _____ C:\Users\Barbora\Downloads\greasemonkey-3.9-fx.xpi
2016-09-28 00:23 - 2016-09-28 00:23 - 00148992 _____ () C:\Users\Barbora\Downloads\GoogleBookDownloader.exe
2016-09-27 23:58 - 2016-09-27 23:59 - 13401226 _____ C:\Users\Barbora\Downloads\turkmen.zip
2016-09-27 23:44 - 2016-09-27 23:45 - 08008475 _____ C:\Users\Barbora\Downloads\ub_bc_audio (1).zip
2016-09-27 23:44 - 2016-09-27 23:44 - 01053287 _____ C:\Users\Barbora\Downloads\ub_bc_pdf.zip
2016-09-27 21:17 - 2016-09-27 21:17 - 04947968 _____ C:\Users\Barbora\Downloads\russko-turkmenskiy-razgovornik-gulnara-hudayberdieva.iso
2016-09-26 02:12 - 2016-09-26 02:23 - 354608034 _____ C:\Users\Barbora\Downloads\CREATIVE DESPITE WAR_ english subtitles-SD.mp4
2016-09-25 14:50 - 2016-09-25 14:50 - 00046592 _____ C:\Users\Barbora\Downloads\POKLADNA FF (8).xls
2016-09-22 15:09 - 2016-09-22 15:09 - 00158396 _____ C:\Users\Barbora\Downloads\PROFESIACZ_CV_2335842_cz (2) (1) (1).pdf
2016-09-20 21:50 - 2016-09-20 21:50 - 00059081 _____ C:\Users\Barbora\Downloads\50shades_cover_letter.pdf
2016-09-19 15:04 - 2016-09-19 15:04 - 00266046 _____ C:\Users\Barbora\Downloads\12091342.pdf
2016-09-19 15:00 - 2016-09-19 15:00 - 00272806 _____ C:\Users\Barbora\Downloads\12091298.pdf
2016-09-19 14:09 - 2016-09-19 14:09 - 00045056 _____ C:\Users\Barbora\Downloads\POKLADNA FF (7).xls
2016-09-18 14:18 - 2016-09-18 14:18 - 00365081 _____ C:\Users\Barbora\Downloads\em_partnerstvi_web.pdf
2016-09-16 17:33 - 2016-09-16 17:34 - 00904238 _____ C:\Users\Barbora\Downloads\SERS-D-16-00437.pdf
2016-09-15 03:37 - 2016-09-15 03:37 - 00904726 _____ C:\Users\Barbora\Downloads\SERS-S-16-00507 (1).pdf
2016-09-15 03:31 - 2016-09-15 03:31 - 01106185 _____ C:\Users\Barbora\Downloads\SERS-S-16-00507.pdf
2016-09-14 23:53 - 2016-09-14 23:53 - 00066376 _____ C:\Users\Barbora\Downloads\SERS_Disclosure of interest 2011.pdf
2016-09-14 18:18 - 2016-09-14 18:18 - 00036352 _____ C:\Users\Barbora\Downloads\alibi_dotaznik (2).xls
2016-09-14 17:01 - 2016-09-14 17:01 - 00186644 _____ C:\Users\Barbora\Downloads\LaTeX.zip
2016-09-14 17:01 - 2016-09-14 17:01 - 00157890 _____ C:\Users\Barbora\Downloads\sv-journ.zip
2016-09-13 13:53 - 2016-09-13 13:53 - 00043420 _____ C:\Users\Barbora\Downloads\Santa Cruz - We Are The Ones To Fall (guitar pro) (2)m.gp3
2016-09-12 19:59 - 2016-09-12 19:59 - 00028412 _____ C:\Users\Barbora\Downloads\Green Day - Wake Me Up When September Ends (guitar pro).gp4
2016-09-12 19:59 - 2016-09-12 19:59 - 00000000 ____D C:\Users\Barbora\.tuxguitar-1.3.2
2016-09-12 19:59 - 2016-09-12 19:59 - 00000000 ____D C:\Users\Barbora\.swt
2016-09-12 19:58 - 2016-09-12 19:58 - 00043717 _____ C:\Users\Barbora\Downloads\Green Day - Wake Me Up When September Ends (guitar pro).gp5
2016-09-12 19:56 - 2016-09-12 19:56 - 00002094 _____ C:\Users\Public\Desktop\TuxGuitar.lnk
2016-09-12 19:56 - 2016-09-12 19:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuxGuitar
2016-09-12 19:55 - 2016-09-12 19:56 - 00000000 ____D C:\Program Files (x86)\tuxguitar-1.3.2
2016-09-12 19:50 - 2016-09-12 19:54 - 137202590 _____ (TuxGuitar) C:\Users\Barbora\Downloads\tuxguitar-1.3.2-windows-x86-installer.exe
2016-09-12 19:48 - 2016-09-12 19:48 - 00060248 _____ C:\Users\Barbora\Downloads\Santa Cruz - We Are The Ones To Fall (guitar pro) (2).gp5
2016-09-12 19:47 - 2016-09-12 19:47 - 00060248 _____ C:\Users\Barbora\Downloads\Santa Cruz - We Are The Ones To Fall (guitar pro) (1).gp5
2016-09-11 20:26 - 2016-09-11 20:26 - 00045056 _____ C:\Users\Barbora\Downloads\POKLADNA FF (6).xls
2016-09-10 17:24 - 2016-09-10 17:24 - 00060248 _____ C:\Users\Barbora\Downloads\Santa Cruz - We Are The Ones To Fall (guitar pro).gp5
2016-09-10 17:24 - 2016-09-10 17:24 - 00007952 _____ C:\Users\Barbora\Downloads\Santa Cruz - Aiming High (guitar pro).gp5
2016-09-09 07:11 - 2016-09-09 07:12 - 00284896 _____ C:\Windows\Minidump\090916-68203-01.dmp
2016-09-07 11:28 - 2016-09-07 11:28 - 00150206 _____ C:\Users\Barbora\Downloads\PROFESIACZ_CV_2206173_en (2).pdf
2016-09-07 11:26 - 2016-09-07 11:26 - 00151053 _____ C:\Users\Barbora\Downloads\PROFESIACZ_CV_2206173_en (1).pdf
2016-09-07 11:24 - 2016-09-07 11:25 - 00151043 _____ C:\Users\Barbora\Downloads\PROFESIACZ_CV_2206173_en.pdf
2016-09-07 11:01 - 2016-09-07 11:01 - 00158559 _____ C:\Users\Barbora\Downloads\PROFESIACZ_CV_2335842_cz (3).pdf
2016-09-05 15:01 - 2016-09-28 17:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-09-05 01:09 - 2016-09-12 19:59 - 00000000 ____D C:\Users\Barbora\.oracle_jre_usage
2016-09-05 01:09 - 2016-09-05 01:09 - 00000000 ____D C:\Users\Barbora\AppData\Roaming\Sun
2016-09-05 01:08 - 2016-09-05 15:28 - 00000000 ____D C:\ProgramData\Oracle
2016-09-05 00:58 - 2016-09-05 00:58 - 00739904 _____ (Oracle Corporation) C:\Users\Barbora\Downloads\jxpiinstall(1).exe
2016-09-02 12:16 - 2016-09-02 12:16 - 00014174 _____ C:\Users\Barbora\Desktop\vai_KONEC.gp4
2016-08-31 10:38 - 2016-08-31 10:38 - 00134144 _____ C:\Users\Barbora\Downloads\cestovni smlouva_GOODPLACES (3).xls
2016-08-31 10:21 - 2016-08-31 10:58 - 00109568 _____ C:\Users\Barbora\Downloads\cestovni smlouva_GOODPLACES (2).xls
2016-08-30 15:05 - 2016-08-30 15:07 - 00000000 ____D C:\Users\Barbora\Downloads\zasilka-KSYCCLJGERN52DMN
2016-08-30 12:53 - 2016-08-30 13:14 - 499152626 _____ C:\Users\Barbora\Downloads\zasilka-KSYCCLJGERN52DMN.zip
2016-08-30 12:06 - 2016-08-30 12:06 - 01222144 _____ C:\Users\Barbora\Downloads\RSITx64 (2).exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-09-29 19:07 - 2014-08-07 12:50 - 07788032 ___SH C:\Users\Barbora\Downloads\Thumbs.db
2016-09-29 19:05 - 2014-12-06 20:35 - 00000970 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-09-29 19:05 - 2014-12-06 20:35 - 00000966 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-09-29 13:50 - 2016-08-29 12:44 - 00000000 ____D C:\Users\Barbora\AppData\Roaming\Skype
2016-09-29 13:39 - 2012-08-02 20:06 - 00734914 _____ C:\Windows\system32\perfh005.dat
2016-09-29 13:39 - 2012-08-02 20:06 - 00150950 _____ C:\Windows\system32\perfc005.dat
2016-09-29 13:39 - 2012-07-26 09:28 - 01714430 _____ C:\Windows\system32\PerfStringBackup.INI
2016-09-29 13:39 - 2012-07-26 07:37 - 00000000 ____D C:\Windows\Inf
2016-09-29 13:37 - 2014-01-08 17:28 - 00000062 _____ C:\Users\Barbora\AppData\Roaming\sp_data.sys
2016-09-29 13:34 - 2014-04-10 09:26 - 00000000 ____D C:\Windows\Minidump
2016-09-29 13:34 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-09-29 13:05 - 2015-05-18 00:21 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-09-29 12:18 - 2014-12-05 18:42 - 00000000 ____D C:\ProgramData\MFAData
2016-09-29 12:17 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\ELAM
2016-09-29 12:11 - 2012-07-26 07:26 - 00786432 ___SH C:\Windows\system32\config\BBI
2016-09-29 02:09 - 2014-01-08 17:31 - 00000000 ____D C:\Users\Barbora\Documents\Bluetooth Folder
2016-09-29 00:39 - 2014-04-11 16:13 - 00517632 ___SH C:\Users\Barbora\Documents\Thumbs.db
2016-09-28 19:03 - 2015-05-18 00:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-09-28 19:03 - 2015-05-18 00:21 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-09-28 19:02 - 2016-08-29 18:47 - 00000000 ____D C:\AdwCleaner
2016-09-28 18:56 - 2014-12-04 15:52 - 00000000 ____D C:\Users\Barbora\AppData\Roaming\Seznam.cz
2016-09-28 18:55 - 2016-06-14 11:07 - 00000000 ____D C:\Program Files (x86)\Seznam.cz
2016-09-28 17:47 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\security
2016-09-28 17:20 - 2016-08-08 23:37 - 00000000 ____D C:\rsit
2016-09-28 17:19 - 2016-08-08 23:37 - 00000000 ____D C:\Program Files\trend micro
2016-09-28 17:12 - 2014-04-14 11:25 - 00121856 ___SH C:\Users\Barbora\Desktop\Thumbs.db
2016-09-28 17:11 - 2014-01-08 17:31 - 00000000 ____D C:\Users\Barbora\AppData\Roaming\Atheros
2016-09-28 17:09 - 2015-05-07 00:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-09-28 17:06 - 2015-04-28 01:57 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-09-28 00:34 - 2014-01-27 19:47 - 00000000 ____D C:\Users\Barbora\AppData\Local\CrashDumps
2016-09-25 16:20 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2016-09-25 16:19 - 2012-07-26 10:12 - 00000000 ___HD C:\Program Files\WindowsApps
2016-09-22 16:12 - 2016-08-29 13:15 - 00003838 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1472469328
2016-09-22 16:12 - 2016-08-29 13:15 - 00001053 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-09-22 16:12 - 2016-08-29 13:15 - 00000000 ____D C:\Program Files (x86)\Opera
2016-09-15 03:07 - 2014-12-06 20:36 - 00002197 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-09-15 03:07 - 2014-12-06 20:36 - 00002185 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-09-15 02:47 - 2014-01-08 17:26 - 00000000 ____D C:\Users\Barbora\AppData\Local\VirtualStore
2016-09-15 00:55 - 2014-09-02 15:34 - 00000000 ___RD C:\Users\Barbora\Documents\Scanned Documents
2016-09-12 19:59 - 2014-01-08 17:24 - 00000000 ____D C:\Users\Barbora
2016-09-05 01:08 - 2014-02-18 22:09 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-09-05 01:08 - 2014-02-18 22:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-09-05 01:08 - 2014-02-18 22:09 - 00000000 ____D C:\Program Files (x86)\Java

==================== Files in the root of some directories =======

2014-12-23 20:23 - 2014-12-23 20:23 - 0000021 _____ () C:\Users\Barbora\AppData\Roaming\my_intel.sys
2014-01-08 17:28 - 2016-09-29 13:37 - 0000062 _____ () C:\Users\Barbora\AppData\Roaming\sp_data.sys
2012-11-23 15:06 - 2012-09-07 13:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2012-11-23 15:06 - 2009-07-22 12:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe

Some files in TEMP:
====================
C:\Users\Barbora\AppData\Local\Temp\libeay32.dll
C:\Users\Barbora\AppData\Local\Temp\msvcr120.dll
C:\Users\Barbora\AppData\Local\Temp\sqlite3.dll
C:\Users\Barbora\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe


==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: McAfee Anti-Virus and Antispyware (Disabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG AntiVirus Free Edition 2015 (Disabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: McAfee Anti-Virus and Antispyware (Disabled - Out of date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2015 (Disabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
FW: McAfee Firewall (Disabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Barbora\Desktop" je 139 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

[tekke]

Logy z FRST s Launcherem

Mě ten Malwarebytes jde spustit, ale cca po půl hodině skenování mi comp udělá divný zvuk a vždycky se celý vypne

[Márty84]

No ja se obavam, ze je to tim diskem a bez vymeny se to neobejde.

Jeste nez zacnu mazat, zeptam se, jake pouzivate zabezpeceni (antivir, firewall)? Vidim tam AVG, ale i McAfee.

[tekke]

Používám AVG. McAfee se snažím vypnout, ale občas se mi zapne - nějak se mi nepovedlo ho zbavit úplně.
Bez výměny disku? Mám noťas už po záruce, to se asi ani nevyplatí vyměňovat disk

[Márty84]

Mám noťas už po záruce, to se asi ani nevyplatí vyměňovat disk

To nevim, jestli se to vyplati, jakou cenu ma notas. Poradne to procistime a pak se uvidi. Kazdopadne, pokud nemate, co nejdrive zazalohujte dulezita data (fotky, dokumenty...).

Na odstraneni McAfee pouzijte jejich nastroj http://download.mcafee.com/products/lic ... s/MCPR.exe

Pak dejte novy log z FRST a budeme mazat.