Zpomalený pc...

Zpráva

Tomakatre321 · #1 Příspěvek od **Tomakatre321** » 19 zář 2017 18:29

Ahoj, mám problém se zpomaleným pc... když jsem nechal AVG zkontrolovat počítač nalezlo to tam trojský koně a další různý "havěti" Ale bohužel abych to smazal bych si musel koupit nějakou extra verzi... tak se zeptám zde co s tím

Děkuji...

log

Logfile of random's system information tool 1.10 (written by random/random)
Run by Tom at 2017-09-19 19:06:01
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 252 GB (26%) free of 954 GB
Total RAM: 3326 MB (63% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:08:00, on 19.9.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17344)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\AVG Web TuneUp\vprot.exe
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Gaming Keyboard\Monitor.EXE
C:\Program Files\AVG\Framework\Common\avguix.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Gaming Keyboard\OSD.exe
C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe
C:\Windows\System32\StikyNot.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Tom\Downloads\RSIT (1).exe
C:\Program Files\trend micro\Tom.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {51a86bb3-6602-4c85-92a5-130ee4864f13} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll
O2 - BHO: Protector by IB Helper - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Protector by IB\Extension32.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll
O2 - BHO: Funmoods Helper Object - {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - C:\Program Files\Funmoods\1.5.23.22\bh\escort.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MIF5BA~1\Office14\URLREDIR.DLL
O2 - BHO: Softonic Helper Object - {E87806B5-E908-45FD-AF5E-957D83E58E68} - C:\Program Files\Softonic\softonic\1.5.11.5\bh\softonic.dll
O2 - BHO: SMTTB2009 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\HyperCam Toolbar\tbcore3.dll (file missing)
O3 - Toolbar: Softonic Toolbar - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Program Files\Softonic\softonic\1.5.11.5\softonicTlbr.dll
O3 - Toolbar: Funmoods Toolbar - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - C:\Program Files\Funmoods\1.5.23.22\escorTlbr.dll
O3 - Toolbar: HyperCam Toolbar - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files\HyperCam Toolbar\tbcore3.dll (file missing)
O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Web TuneUp\vprot.exe"
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [Cm108Sound] RunDll32 cm108.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [AvgUi] "C:\Program Files\AVG\Framework\Common\avguirnx.exe" /lps=fmw
O4 - HKLM\..\Run: [Gaming Keyboard] "C:\Program Files\Gaming Keyboard\Monitor.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [HydraVisionDesktopManager] "C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe"
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MIF5BA~1\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/v ... .2.5.7.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/s ... wflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\3.5.0\ViProtocol.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: ASGT - Unknown owner - C:\Windows\System32\ASGT.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Framework\Common\avgsvcx.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe
O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files\WildTangent Games\App\GamesAppIntegrationService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NitroPDFReaderDriverCreatorReadSpool2 (NitroReaderDriverReadSpool2) - Nitro PDF Software - C:\Program Files\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files\Origin\OriginClientService.exe
O23 - Service: Origin Web Helper Service - Electronic Arts - C:\Program Files\Origin\OriginWebHelperService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: SafetyNut Manager (SafetyNutManager) - Unknown owner - C:\Program Files\Movies Toolbar\SafetyNut\SafetyNutManager.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: vToolbarUpdater40.3.8 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\40.3.8\ToolbarUpdater.exe
O23 - Service: WtuSystemSupport - Unknown owner - C:\Program Files\AVG Web TuneUp\WtuSystemSupport.exe

--
End of file - 11068 bytes

======Scheduled tasks folder======

C:\Windows\tasks\HQ-Video-Pro-1.4-chromeinstaller.job - C:\Program Files\HQ-Video-Pro-1.4\HQ-Video-Pro-1.4-chromeinstaller.exe /rawdata=Vg650YD4A2pPiIJlCHWhpgAnQPZP4TqJmLTnKgb+SGxzQNZ1F2jkgAJ/v/8hJcTMbR6fxk5q7/4s1nttGu0s7ZNl97XzT25MC7R9rqYegnVtuY1qM/GMvpdeQrwLZqesE2GdKIRMAh7ZreW5VBAh8aGazNLSulzT4T8A2hDiLbwUnMMewHluA1CvEDBPR70Hirp/9PIk7ujbH65SLsmzT1gBL0a4FS0umz+qI13c6pP478ZO6JrvIH649VuwsrXrclMzay1TeCq5bBqw6SR7QtNEkSUrQDmR1J/ZHRfKgbQgwDwlKm8R0Y2oPHWiuupJvv7juC17r7upRQoFdUmN+BGRcw2M+RcXWm6gdxPKwRec020LYcT7svsX23XRSnGckvIbwGz7xkM1i93xpajiusEgIYDCWmLsFrY6P8gXJKFtvWfM9+FyuBndWCQK63KoPU9tpfGd5BNYcZiY9JuEDYXfkcVdNjII80HNZnHmGYccxsU2nE14gIxbCj510c6BGdDz4c1+TVCTGTYeZEWn/lreXPx9w2rMdggp1rThb3EoV6BiUJWSBtKEjBY9MTlLieYbr7t0T1hvlqxPQmKxHviwgMrWtijLofpn8ZZ5pCBE9gsMKXeuYhjesVjNsOy7tcrQqkDi60yC4Of1K896F4KtGKDXAIRX+e2pqHvqRL5IKRTB1yXVJftTgm8CfMUW0XtWyGE/+GEsfkDLwJArq5WRKWzvt9F+VXt6OmMbSTnRu5Jbir3EnSFJxYaAdFIDTlRS3LvKagKuZirGMo1Lnnq8s7zZQQFW7d0E53+KDT9S34+wU55NrVdgZ2zVTkIWowUxlvhD8G2qDeOdZOr+p6VuumU9gFVfroCKGF1hrY3WIQd3yZFh3clYPLUWnhE09QyMXA+/ui23cfbWV/1xrzLDe1XVnWb+8l5gWISiZmr3i8tx/1HbKCpcGL1AgDAUNXDbtTMYEBPRhYSokvmXoFm2wWhp3a4q4NofsnTDjvRV8hsGuQ0U4gB9S6soll9kd9Z+FM4bYU3rddYBOqHqvomkauLSAIQOcBYuTUp8MAJLEqtmNz1yuCQnv12TzhqlNjVSZiUQ1t2uFljjx2deD/Bj4s0/QXUaeyuLsVTRiygWPIQMjhQY46xhWRvNlVKukTzEVMF6ZbPgsgGGhx5vQ0ZwMoIpMfgm7k1cUVf6erFWPvTeGRpQ8sCnapNFu+ZLOIAfCbFOEP+l/GXB8DanqquMksW4Cc/OQQNA6HZ2+W0W5KQdjmGoKncOOmeYxlwfuAayTJPw11qCbeqec7SvCMLpUMW059foqqf4Ue+h983Eucvks4DCW8ZvXN7BW9AZGeJGp+5as3AdPYZuBZSnwQ==
C:\Windows\tasks\HQ-Video-Pro-1.4-codedownloader.job - C:\Program Files\HQ-Video-Pro-1.4\HQ-Video-Pro-1.4-codedownloader.exe /reinstallapp /runfrom=task /agentregpath='HQ-Video-Pro-1.4' /appid=52920 /srcid='001186' /subid='0' /zdata='0' /bic=FD43D030B61B47DDBF6B9564CF2A95F2IE /verifier=f1bff96c59713a6f70a07cbeabb309cc /installerversion=1_34_2_13 /installerfullversion=1.34.2.13 /installationtime=1394267978 /statsdomain=http://stats.srvstatsdata.com /errorsdomain=http://errors.srvstatsdata.com /codedownloaddomain=http://app-static.crossrider.com /defbro=ch /allusers /autoupdateulr='http://update.srvstatsdata.com/ie_code_ ... pdate.json' /runfrom='task' /externallog=''
C:\Windows\tasks\HQ-Video-Pro-1.4-firefoxinstaller.job - C:\Program Files\HQ-Video-Pro-1.4\HQ-Video-Pro-1.4-firefoxinstaller.exe /installxpi /agentregpath='HQ-Video-Pro-1.4' /extensionfilepath='C:\Program Files\HQ-Video-Pro-1.4\52920.xpi' /appid=52920 /srcid='001186' /subid='0' /zdata='0' /bic=FD43D030B61B47DDBF6B9564CF2A95F2IE /verifier=f1bff96c59713a6f70a07cbeabb309cc /installerversion=1_34_2_13 /installerfullversion=1.34.2.13 /installationtime=1394267978 /statsdomain=http://stats.srvstatsdata.com /errorsdomain=http://errors.srvstatsdata.com /waitforbrowser=300 /extensionid=f6b78e05-0819-4914-a9b1-53baf8fa3cd8@5f1a7616-ab87-4cb2-b56e-1218d848ce49.com /extensionversion=0.93 /prefsbranch=af6b78e0508194914a9b153baf8fa3cd85f1a7616ab874cb2b56e1218d848ce49com52920 /updateurl=https://w9u6a2p6.ssl.hwcdn.net/plugin/f ... /52920.rdf /extensionname='HQ-Video-Pro-1.4' /extensiondesc='HQ Videos is an add-on for your Internet browser that enhances your online experience by displaying online videos in their highest quality format available.' /publishername='HQ-Video' /defbro=ch /allusers /allprofiles /checkfflist /autoupdateulr='http://update.srvstatsdata.com/ff_agent ... pdate.json' /runfrom='task' /externallog=''
C:\Windows\tasks\weDownload-chromeinstaller.job - C:\Program Files\weDownload\weDownload-chromeinstaller.exe /installcrx /agentregpath='weDownload' /extensionfilepath='C:\Program Files\weDownload\45820.crx' /appid=45820 /srcid='000656' /subid='verticals-' /zdata='0' /bic=452D3CB8A75E4A1BAB71FA31B38E777DIE /verifier=e7f5c25da7b6d646664c35193f7d215f /installerversion=1_31_153 /installerfullversion=1.31.153.0 /installationtime=1387787532 /statsdomain=http://stats.srvstatsdata.com /errorsdomain=http://errors.srvstatsdata.com /waitforbrowser=300 /extensionid=fhhamfkcejhlnpojdpnjbmcfkpnadlpn /extensionversion=1.25.17 /extensionpublickey=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCzuFJQVMp+rlE0WeKkopiJ4TC1coIUYXJFjvl8o/Bss8RgmaXZ+w0Bk4/8/3af2KDSCG4nW+UCRmwO9IviRB+ovVE3xFdyGHRCIBqkCTvEZyBHV7HOov6ZPTNsj1lsAZ6b8uWodcvRo22vN0hlaaLHXK7vq0JbFic8fjfY65kKdQIDAQAB /allusers /allprofiles /externallog=''
C:\Windows\tasks\weDownload-updater.job - C:\Program Files\weDownload\weDownload-updater.exe /runupdater /agentregpath='weDownload' /appid=45820 /srcid='000656' /subid='verticals-' /zdata='0' /bic=452D3CB8A75E4A1BAB71FA31B38E777DIE /verifier=e7f5c25da7b6d646664c35193f7d215f /installerversion=1_31_153 /installationtime=1387787532 /statsdomain=http://stats.srvstatsdata.com /errorsdomain=http://errors.srvstatsdata.com /monetizationdomain=http://stats.syncstatsdata.com /geoserviceurl=http://ipgeoapi.com/ /updatejsondomain=http://update.srvstatsdata.com /updaterversion=2 /externallog=''

=========Mozilla firefox=========

ProfilePath - C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\32xoduj0.default

prefs.js - "browser.startup.homepage" - "http:/google"
prefs.js - "keyword.URL" - "http://dts.search.ask.com/sr?src=ffb&gc ... PN10640&q="

"{1E73965B-8B48-48be-9C8D-68B920ABC1C4}"=C:\Program Files\AVG\AVG2012\Firefox4\
"{336D0C35-8A85-403a-B9D2-65C292C39087}"=C:\Program Files\Protector by IB\Firefox
"{F53C93F1-07D5-430c-86D4-C9531B27DFAF}"=C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin]
"Description"=
"Path"=C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.8\\npsitesafety.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/npbattlelog,version=2.6.2]
"Description"=
"Path"=C:\Program Files\Battlelog Web Plugins\2.6.2\npbattlelog.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/npbattlelog,version=2.7.0]
"Description"=
"Path"=C:\Program Files\Battlelog Web Plugins\2.7.0\npbattlelog.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/npbattlelog,version=2.7.1]
"Description"=
"Path"=C:\Program Files\Battlelog Web Plugins\2.7.1\npbattlelog.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App V2 Presence Detector Plugin
"Path"=C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\NitroPDF]
"Description"=NitroPDF Web Browser Plugin
"Path"=C:\Program Files\Nitro PDF\Reader 2\npnitromozilla.dll

C:\Program Files\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\32xoduj0.default\extensions\
089c3b22-a366-427a-be95-d9074d9a4088@gmail.com
f6b78e05-0819-4914-a9b1-53baf8fa3cd8@5f1a7616-ab87-4cb2-b56e-1218d848ce49.com
{75656794-AB59-4712-BFBC-5D816D56F3BC}
{9A7DF664-82DC-020F-C190-9A665AF83389}

C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\32xoduj0.default\searchplugins\
Ask.xml
avg-secure-search.xml
WebSearch.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31332EEF-CB9F-458F-AFEB-D30E9A66B6BA}]
AVG Do Not Track - C:\Program Files\AVG\AVG2012\avgdtiex.dll [2015-05-19 938496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087}]
Protector by IB - C:\Program Files\Protector by IB\Extension32.dll [2012-04-24 163328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG2012\avgssie.dll [2015-05-19 1418752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}]
Funmoods Helper Object - C:\Program Files\Funmoods\1.5.23.22\bh\escort.dll [2012-11-09 243664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files\Windows Live\Companion\companioncore.dll [2011-05-13 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09 4502400]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MIF5BA~1\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E87806B5-E908-45FD-AF5E-957D83E58E68}]
Softonic Helper Object - C:\Program Files\Softonic\softonic\1.5.11.5\bh\softonic.dll [2012-01-11 241872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}]
SMTTB2009 Class - C:\Program Files\HyperCam Toolbar\tbcore3.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5018CFD2-804D-4C99-9F81-25EAEA2769DE} - Softonic Toolbar - C:\Program Files\Softonic\softonic\1.5.11.5\softonicTlbr.dll [2012-01-11 250064]
{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - Funmoods Toolbar - C:\Program Files\Funmoods\1.5.23.22\escorTlbr.dll [2012-11-09 251856]
{338B4DFE-2E2C-4338-9E41-E176D497299E} - HyperCam Toolbar - C:\Program Files\HyperCam Toolbar\tbcore3.dll []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"vProt"=C:\Program Files\AVG Web TuneUp\vprot.exe [2017-07-08 2184776]
"AVG_TRAY"=C:\Program Files\AVG\AVG2012\avgtray.exe [2015-05-19 2598912]
"Cm108Sound"=RunDll32 cm108.cpl,CMICtrlWnd []
"AvgUi"=C:\Program Files\AVG\Framework\Common\avguirnx.exe [2016-12-06 220944]
"Gaming Keyboard"=C:\Program Files\Gaming Keyboard\Monitor.exe [2014-01-16 479232]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"HydraVisionDesktopManager"=C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe [2013-12-06 389120]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2009-07-14 354304]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2017-02-14 27545056]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe]
"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"msacm.siren"=sirenacm.dll
"vidc.mjpg"=bdmjpeg.dll
"vidc.mpeg"=bdmpegv.dll
"msacm.bdmpeg"=bdmpega.acm
"VIDC.FPS1"=frapsvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"vidc.tscc"=C:\Windows\system32\tsccvid.dll
"vidc.tsc2"=C:\Windows\system32\tsc2_codec32.dll
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux3"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2017-09-19 19:06:01 ----D---- C:\rsit
2017-09-19 19:06:01 ----D---- C:\Program Files\trend micro
2017-09-19 17:53:21 ----D---- C:\Windows\system32\appraiser
2017-09-18 11:17:26 ----A---- C:\Windows\system32\tbs.dll
2017-09-18 11:17:26 ----A---- C:\Windows\system32\fveapibase.dll
2017-09-18 11:17:26 ----A---- C:\Windows\system32\fveapi.dll
2017-09-18 09:24:41 ----A---- C:\Windows\system32\nlasvc.dll
2017-09-18 07:45:25 ----A---- C:\Windows\system32\WMPhoto.dll
2017-09-18 01:27:54 ----A---- C:\Windows\system32\charmap.exe
2017-09-18 01:27:15 ----A---- C:\Windows\system32\mapistub.dll
2017-09-18 01:27:15 ----A---- C:\Windows\system32\mapi32.dll
2017-09-18 01:27:15 ----A---- C:\Windows\system32\fixmapi.exe
2017-09-18 01:23:36 ----A---- C:\Windows\system32\ntkrnlpa.exe
2017-09-18 01:23:29 ----A---- C:\Windows\system32\schannel.dll
2017-09-18 01:23:29 ----A---- C:\Windows\system32\ntoskrnl.exe
2017-09-18 01:23:29 ----A---- C:\Windows\system32\ntdll.dll
2017-09-18 01:23:29 ----A---- C:\Windows\system32\msv1_0.dll
2017-09-18 01:23:29 ----A---- C:\Windows\system32\lsasrv.dll
2017-09-18 01:23:29 ----A---- C:\Windows\system32\kerberos.dll
2017-09-18 01:23:28 ----A---- C:\Windows\system32\rpcrt4.dll
2017-09-18 01:23:28 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2017-09-18 01:23:25 ----A---- C:\Windows\system32\wdigest.dll
2017-09-18 01:23:25 ----A---- C:\Windows\system32\TSpkg.dll
2017-09-18 01:23:25 ----A---- C:\Windows\system32\sspisrv.dll
2017-09-18 01:23:25 ----A---- C:\Windows\system32\sspicli.dll
2017-09-18 01:23:25 ----A---- C:\Windows\system32\srcore.dll
2017-09-18 01:23:25 ----A---- C:\Windows\system32\srclient.dll
2017-09-18 01:23:25 ----A---- C:\Windows\system32\smss.exe
2017-09-18 01:23:25 ----A---- C:\Windows\system32\secur32.dll
2017-09-18 01:23:25 ----A---- C:\Windows\system32\rstrui.exe
2017-09-18 01:23:25 ----A---- C:\Windows\system32\ncrypt.dll
2017-09-18 01:23:25 ----A---- C:\Windows\system32\msobjs.dll
2017-09-18 01:23:25 ----A---- C:\Windows\system32\msaudite.dll
2017-09-18 01:23:25 ----A---- C:\Windows\system32\lsass.exe
2017-09-18 01:23:25 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2017-09-18 01:23:25 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2017-09-18 01:23:25 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2017-09-18 01:23:25 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2017-09-18 01:23:25 ----A---- C:\Windows\system32\drivers\cng.sys
2017-09-18 01:23:25 ----A---- C:\Windows\system32\csrsrv.dll
2017-09-18 01:23:25 ----A---- C:\Windows\system32\cryptbase.dll
2017-09-18 01:23:25 ----A---- C:\Windows\system32\credssp.dll
2017-09-18 01:23:25 ----A---- C:\Windows\system32\basesrv.dll
2017-09-18 01:23:25 ----A---- C:\Windows\system32\auditpol.exe
2017-09-18 01:23:25 ----A---- C:\Windows\system32\apisetschema.dll
2017-09-18 01:23:25 ----A---- C:\Windows\system32\adtschema.dll
2017-09-18 01:18:23 ----A---- C:\Windows\system32\cewmdm.dll
2017-09-18 01:18:07 ----A---- C:\Windows\system32\devinv.dll
2017-09-18 01:18:07 ----A---- C:\Windows\system32\CompatTelRunner.exe
2017-09-18 01:18:07 ----A---- C:\Windows\system32\centel.dll
2017-09-18 01:18:07 ----A---- C:\Windows\system32\aitstatic.exe
2017-09-18 01:18:04 ----A---- C:\Windows\system32\generaltel.dll
2017-09-18 01:18:01 ----A---- C:\Windows\system32\invagent.dll
2017-09-18 01:18:01 ----A---- C:\Windows\system32\acmigration.dll
2017-09-18 01:17:42 ----A---- C:\Windows\system32\appraiser.dll
2017-09-18 01:17:42 ----A---- C:\Windows\system32\aepic.dll
2017-09-18 01:17:42 ----A---- C:\Windows\system32\aeinv.dll
2017-09-18 01:17:27 ----A---- C:\Windows\system32\ws2_32.dll
2017-09-18 01:17:27 ----A---- C:\Windows\system32\winhttp.dll
2017-09-18 01:17:27 ----A---- C:\Windows\system32\netbtugc.exe
2017-09-18 01:17:27 ----A---- C:\Windows\system32\mswsock.dll
2017-09-18 01:17:27 ----A---- C:\Windows\system32\drivers\netbt.sys
2017-09-18 01:14:46 ----A---- C:\Windows\system32\msmpeg2adec.dll
2017-09-18 01:14:38 ----A---- C:\Windows\system32\WMVDECOD.DLL
2017-09-18 01:14:19 ----A---- C:\Windows\system32\mf.dll
2017-09-18 01:14:00 ----A---- C:\Windows\system32\WMADMOD.DLL
2017-09-18 01:13:52 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2017-09-18 01:13:52 ----A---- C:\Windows\system32\MSMPEG2ENC.DLL
2017-09-18 01:13:51 ----A---- C:\Windows\system32\WMVSDECD.DLL
2017-09-18 01:13:51 ----A---- C:\Windows\system32\WMADMOE.DLL
2017-09-18 01:13:51 ----A---- C:\Windows\system32\quartz.dll
2017-09-18 01:13:51 ----A---- C:\Windows\system32\evr.dll
2017-09-18 01:13:47 ----A---- C:\Windows\system32\COLORCNV.DLL
2017-09-18 01:13:43 ----A---- C:\Windows\system32\wmpmde.dll
2017-09-18 01:13:39 ----A---- C:\Windows\system32\WMVENCOD.DLL
2017-09-18 01:13:36 ----A---- C:\Windows\system32\WMVXENCD.DLL
2017-09-18 01:13:36 ----A---- C:\Windows\system32\mfplat.dll
2017-09-18 01:13:36 ----A---- C:\Windows\system32\mcmde.dll
2017-09-18 01:13:36 ----A---- C:\Windows\system32\devenum.dll
2017-09-18 01:13:35 ----A---- C:\Windows\system32\WMVSENCD.DLL
2017-09-18 01:13:35 ----A---- C:\Windows\system32\qdvd.dll
2017-09-18 01:13:35 ----A---- C:\Windows\system32\MPG4DECD.DLL
2017-09-18 01:13:35 ----A---- C:\Windows\system32\MP43DECD.DLL
2017-09-18 01:13:35 ----A---- C:\Windows\system32\MFWMAAEC.DLL
2017-09-18 01:13:32 ----A---- C:\Windows\system32\WMALFXGFXDSP.dll
2017-09-18 01:13:32 ----A---- C:\Windows\system32\qasf.dll
2017-09-18 01:13:32 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2017-09-18 01:13:28 ----A---- C:\Windows\system32\WMSPDMOE.DLL
2017-09-18 01:13:21 ----A---- C:\Windows\system32\VIDRESZR.DLL
2017-09-18 01:13:21 ----A---- C:\Windows\system32\SysFxUI.dll
2017-09-18 01:13:21 ----A---- C:\Windows\system32\rrinstaller.exe
2017-09-18 01:13:21 ----A---- C:\Windows\system32\RESAMPLEDMO.DLL
2017-09-18 01:13:21 ----A---- C:\Windows\system32\MP4SDECD.DLL
2017-09-18 01:13:21 ----A---- C:\Windows\system32\MP3DMOD.DLL
2017-09-18 01:13:21 ----A---- C:\Windows\system32\mfvdsp.dll
2017-09-18 01:13:21 ----A---- C:\Windows\system32\mfps.dll
2017-09-18 01:13:21 ----A---- C:\Windows\system32\mfpmp.exe
2017-09-18 01:13:21 ----A---- C:\Windows\system32\drivers\portcls.sys
2017-09-18 01:13:17 ----A---- C:\Windows\system32\drivers\drmk.sys
2017-09-18 01:12:47 ----A---- C:\Windows\system32\mferror.dll
2017-09-18 01:12:47 ----A---- C:\Windows\system32\ksuser.dll
2017-09-18 01:12:47 ----A---- C:\Windows\system32\drivers\drmkaud.sys
2017-09-18 01:11:48 ----A---- C:\Windows\system32\msxml6.dll
2017-09-18 01:11:48 ----A---- C:\Windows\system32\msxml3.dll
2017-09-18 01:11:26 ----A---- C:\Windows\system32\msxml3r.dll
2017-09-18 01:11:25 ----A---- C:\Windows\system32\msxml6r.dll
2017-09-18 01:10:55 ----A---- C:\Windows\system32\scesrv.dll
2017-09-18 01:10:28 ----A---- C:\Windows\system32\comctl32.dll
2017-09-17 23:56:53 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2017-09-17 21:11:19 ----A---- C:\Windows\system32\termsrv.dll
2017-09-17 09:38:07 ----SHD---- C:\found.003
2017-09-17 08:56:06 ----N---- C:\bootsqm.dat
2017-09-17 08:54:03 ----SHD---- C:\found.002

======List of files/folders modified in the last 1 month======

2017-09-19 19:06:01 ----RD---- C:\Program Files
2017-09-19 19:05:35 ----D---- C:\Windows\system32\drivers
2017-09-19 19:05:08 ----D---- C:\Windows\Microsoft.NET
2017-09-19 19:04:28 ----RSD---- C:\Windows\assembly
2017-09-19 18:52:25 ----D---- C:\Users\Tom\AppData\Roaming\Skype
2017-09-19 18:34:19 ----D---- C:\Windows\system32\config
2017-09-19 18:31:30 ----D---- C:\Windows\Temp
2017-09-19 18:11:26 ----D---- C:\Windows\System32
2017-09-19 18:11:26 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-09-19 18:11:25 ----D---- C:\Windows\inf
2017-09-19 18:11:15 ----D---- C:\Windows\winsxs
2017-09-19 18:07:26 ----D---- C:\Windows\Prefetch
2017-09-19 17:58:44 ----D---- C:\Windows\system32\wdi
2017-09-19 17:55:25 ----D---- C:\Windows\system32\wbem
2017-09-19 17:55:25 ----D---- C:\Windows\system32\drivers\cs-CZ
2017-09-19 17:55:25 ----D---- C:\Windows\Logs
2017-09-19 17:54:47 ----D---- C:\Windows\system32\cs-CZ
2017-09-19 17:53:33 ----SD---- C:\Windows\system32\CompatTel
2017-09-19 17:53:33 ----D---- C:\Windows\AppCompat
2017-09-19 17:53:20 ----SD---- C:\ProgramData\Microsoft
2017-09-19 17:53:20 ----D---- C:\Windows\AppPatch
2017-09-19 17:50:45 ----D---- C:\Windows\system32\DriverStore
2017-09-19 17:29:44 ----D---- C:\Windows\system32\MRT
2017-09-19 17:26:17 ----AC---- C:\Windows\system32\MRT.exe
2017-09-19 17:20:26 ----SHD---- C:\Windows\Installer
2017-09-19 17:20:16 ----SHD---- C:\Config.Msi
2017-09-19 16:30:33 ----D---- C:\ProgramData\Microsoft Help
2017-09-19 16:22:25 ----SHD---- C:\System Volume Information
2017-09-19 14:01:35 ----D---- C:\Windows\system32\drivers\AVG
2017-09-18 17:29:14 ----D---- C:\Users\Tom\AppData\Roaming\newnext.me
2017-09-18 12:10:22 ----D---- C:\Windows\system32\catroot2
2017-09-18 07:17:02 ----D---- C:\Program Files\Microsoft Silverlight
2017-09-17 16:38:12 ----D---- C:\Windows\Minidump
2017-09-17 16:37:58 ----D---- C:\Windows
2017-08-29 09:53:40 ----D---- C:\Program Files\Google

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHX;AVGIDSHX; C:\Windows\system32\DRIVERS\avgidshx.sys [2015-05-19 25352]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx86.sys [2015-05-19 34184]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 SI3132;SiI-3132 SATALink Controller; C:\Windows\system32\DRIVERS\SI3132.sys [2007-10-03 80424]
R0 SiFilter;SATALink driver accelerator; C:\Windows\system32\DRIVERS\SiWinAcc.sys [2007-10-03 19240]
R0 SiRemFil;SATALink External Device Filter; C:\Windows\system32\DRIVERS\SiRemFil.sys [2007-10-03 15400]
R1 AsIO;AsIO; C:\Windows\system32\drivers\AsIO.sys [2009-08-04 11296]
R1 AsUpIO;AsUpIO; C:\Windows\system32\drivers\AsUpIO.sys [2009-07-06 11448]
R1 Avgldx86;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx86.sys [2015-05-19 250632]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx86.sys [2015-11-18 42760]
R1 Avgtdix;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdix.sys [2015-05-19 302472]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-03-22 242240]
R1 F06DEFF2-5B9C-490D-910F-35D3A91196222;F06DEFF2-5B9C-490D-910F-35D3A91196222; \??\C:\Program Files\Movies Toolbar\SafetyNut\configmgrc1.cfg [2014-04-13 31104]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.5.0; C:\Windows\system32\DRIVERS\AegisP.sys [2011-10-23 21035]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R2 RMCAST;@%SystemRoot%\system32\wshrm.dll,-102; C:\Windows\system32\DRIVERS\RMCAST.sys [2010-11-20 117760]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-12-06 11527680]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-12-06 501248]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW73.sys [2013-09-24 77312]
R3 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdriverx.sys [2015-05-19 142600]
R3 AVGIDSFilter;AVGIDSFilter; C:\Windows\system32\DRIVERS\avgidsfilterx.sys [2015-05-19 26504]
R3 AVGIDSShim;AVGIDSShim; C:\Windows\system32\DRIVERS\avgidsshimx.sys [2015-05-19 19976]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2011-12-30 6504]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x32.sys [2009-07-14 347264]
R3 USBPNPA;USB PnP Sound Device Interface; C:\Windows\system32\drivers\CM108.sys [2013-02-01 3234816]
R4 IOMap;IOMap; \??\C:\Windows\system32\drivers\IOMap.sys []
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 amdiox86;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox86.sys []
S3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2010-01-28 100352]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2011-05-13 39272]
S3 h643331;h643331; C:\Windows\system32\drivers\h643331.sys []
S3 hid3331;hid3331; C:\Windows\system32\drivers\hid3331.sys [2008-05-19 41336]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2012-06-11 19072]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 27192]
S3 RTL8187;Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\rtl8187.sys [2010-01-07 375808]
S3 RTLWUSB;Realtek RTL8187 Wireless 802.11g 54Mbps USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\RTL8187.sys [2010-01-07 375808]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 SjyPkt;SjyPkt; \??\C:\Windows\System32\Drivers\SjyPkt.sys [2006-03-31 13532]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2013-08-29 28160]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-12-06 209408]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-12-06 276992]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 ASGT;ASGT; C:\Windows\System32\ASGT.exe [2012-01-17 55296]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe [2015-05-19 5176832]
R2 avgsvc;AVG Service; C:\Program Files\AVG\Framework\Common\avgsvcx.exe [2016-12-06 935184]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2012\avgwdsvc.exe [2015-05-19 198616]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
R2 NitroReaderDriverReadSpool2;NitroPDFReaderDriverCreatorReadSpool2; C:\Program Files\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe [2011-06-21 196912]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2014-11-25 76152]
R2 simptcp;@%SystemRoot%\system32\simptcp.dll,-200; C:\Windows\System32\tcpsvcs.exe [2009-07-14 9216]
R2 vToolbarUpdater40.3.8;vToolbarUpdater40.3.8; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\40.3.8\ToolbarUpdater.exe [2017-07-08 1354824]
R2 W3SVC;@%windir%\system32\inetsrv\iisres.dll,-30003; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 1713536]
R2 WtuSystemSupport;WtuSystemSupport; C:\Program Files\AVG Web TuneUp\WtuSystemSupport.exe [2017-07-08 981576]
R3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S2 Origin Web Helper Service;Origin Web Helper Service; C:\Program Files\Origin\OriginWebHelperService.exe [2017-07-25 3149672]
S2 SafetyNutManager;SafetyNut Manager; C:\Program Files\Movies Toolbar\SafetyNut\SafetyNutManager.exe []
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2017-01-16 317400]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2011-05-13 1492840]
S3 GamesAppIntegrationService;GamesAppIntegrationService; C:\Program Files\WildTangent Games\App\GamesAppIntegrationService.exe [2013-11-09 227936]
S3 GamesAppService;GamesAppService; C:\Program Files\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-09-19 108032]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2017-07-26 175560]
S3 Origin Client Service;Origin Client Service; C:\Program Files\Origin\OriginClientService.exe [2017-07-25 2169696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2012-06-11 724376]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2015-12-14 836176]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-10-06 1343400]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-04-04 63928]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2014-04-11 45744]
S4 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2011-06-20 73728]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-10-09 3275136]
S4 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service; C:\Program Files\Spyware Terminator\st_rsser.exe [2012-09-07 587472]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]

-----------------EOF-----------------

#2 Příspěvek od **Rudy** » 19 zář 2017 18:31

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

Tomakatre321 · #3 Příspěvek od **Tomakatre321** » 20 zář 2017 15:27

Tak program jsem stáhl, dal jsem scan a clean (podle návodu) a po chvíli mi vyskočí tabulka: program přestal pracovat... Co s tím?

#4 Příspěvek od **Rudy** » 20 zář 2017 16:27

Je to sice divné, ale zkuste ho spustit v nouz. režimu.

Tomakatre321 · #5 Příspěvek od **Tomakatre321** » 21 zář 2017 14:21

Tak ani v nouzovém režimu (se sítí) program nefunguje... vždy se po chvíli samovolně vypne...

#6 Příspěvek od **Rudy** » 21 zář 2017 16:14

To je divné. Dejte tedy log FRST: https://forum.viry.cz/viewtopic.php?f=13&t=152707 .

Tomakatre321 · #7 Příspěvek od **Tomakatre321** » 22 zář 2017 15:49

Log FRST

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 20-09-2017
Ran by Tom (administrator) on TOM-PC (22-09-2017 15:40:18)
Running from C:\Users\Tom\Desktop
Loaded Profiles: Tom (Available Profiles: Tom & DefaultAppPool)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgcsrvx.exe
() C:\Program Files\AVG Web TuneUp\WtuSystemSupport.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
() C:\Windows\System32\ASGT.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avgsvcx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgwdsvc.exe
(Nitro PDF Software) C:\Program Files\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe
() C:\Program Files\AVG Web TuneUp\vprot.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgtray.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avguix.exe
() C:\Program Files\Gaming Keyboard\Monitor.EXE
(AMD) C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe
() C:\Program Files\Gaming Keyboard\OSD.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgemcx.exe
() C:\Windows\System32\PnkBstrA.exe
(Microsoft Corporation) C:\Windows\System32\TCPSVCS.EXE
(AVG Secure Search) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\40.3.8\ToolbarUpdater.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgidsagent.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\ndp461-kb3102433-x86-x64-enu.exe
(Microsoft Corporation) C:\e318cc6c6c3c263a8b0ce604\Setup.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgui.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgcfgex.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Temp\100A5455-EA0F-491D-B0AF-7DFED7D1F702\DismHost.exe
(forum.viry.cz) C:\Users\Tom\Desktop\FRSTLauncher(1).exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [vProt] => C:\Program Files\AVG Web TuneUp\vprot.exe [2184776 2017-07-08] ()
HKLM\...\Run: [AVG_TRAY] => C:\Program Files\AVG\AVG2012\avgtray.exe [2598912 2015-05-19] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [Cm108Sound] => RunDll32 cm108.cpl,CMICtrlWnd
HKLM\...\Run: [AvgUi] => C:\Program Files\AVG\Framework\Common\avguirnx.exe [220944 2016-12-06] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [Gaming Keyboard] => C:\Program Files\Gaming Keyboard\Monitor.exe [479232 2014-01-16] ()
HKU\S-1-5-21-1921459583-1451030928-2003145020-1001\...\Run: [HydraVisionDesktopManager] => C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe [389120 2013-12-06] (AMD)
HKU\S-1-5-21-1921459583-1451030928-2003145020-1001\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [27545056 2017-02-14] (Skype Technologies S.A.)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
HKLM\...\AppCertDlls: [x64] -> c:\program files\movies toolbar\safetynut\x64\safetycrt.dll
BootExecute: autocheck autochk * C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{97F47DC9-DD6F-4684-9F1C-6507B429F244}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{D561ED77-5617-4980-B354-2DAD0613A795}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKU\S-1-5-21-1921459583-1451030928-2003145020-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.cz/
URLSearchHook: HKU\S-1-5-21-1921459583-1451030928-2003145020-1001 - (No Name) - {51a86bb3-6602-4c85-92a5-130ee4864f13} - No File
SearchScopes: HKLM -> DefaultScope {B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B} URL = hxxp://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=download&chnl=download&cd=2XzuyEtN2Y1L1QzutDtDtC0Ezz0CtD0E0C0D0EyE0D0A0CzztN0D0Tzu0CtAtCyEtN1L2XzutBtFtBtFtDtFtAyEyE&cr=1526359974
SearchScopes: HKLM -> {52db1893-8a90-4192-aede-08e00b8f8473} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=102&systemid=473&v=a12349-313&apn_uid=5235129924234533&apn_dtid=BND101&o=APN10640&apn_ptnrs=AG1&q={searchTerms}
SearchScopes: HKLM -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2776682
SearchScopes: HKLM -> {B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B} URL = hxxp://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=download&chnl=download&cd=2XzuyEtN2Y1L1QzutDtDtC0Ezz0CtD0E0C0D0EyE0D0A0CzztN0D0Tzu0CtAtCyEtN1L2XzutBtFtBtFtDtFtAyEyE&cr=1526359974
SearchScopes: HKLM -> {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10005&barid={A611F910-12F7-11E2-96DA-001E8C0ECDE4}
SearchScopes: HKU\S-1-5-21-1921459583-1451030928-2003145020-1001 -> DefaultScope {F141CDB2-754F-4F1C-879C-A25245821219} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1921459583-1451030928-2003145020-1001 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/?q={searchTerms}&affID=112454&babsrc=SP_ss&mntrId=40f7dac80000000000000015af514a9f
SearchScopes: HKU\S-1-5-21-1921459583-1451030928-2003145020-1001 -> {52db1893-8a90-4192-aede-08e00b8f8473} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=102&systemid=473&v=a12349-313&apn_uid=5235129924234533&apn_dtid=BND101&o=APN10640&apn_ptnrs=AG1&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1921459583-1451030928-2003145020-1001 -> {82199464-25E8-43F0-9971-6D81EB93F13D} URL = hxxp://search.softonic.com/MON00005/tb_v1?q={searchTerms}&SearchSource=4&cc=
SearchScopes: HKU\S-1-5-21-1921459583-1451030928-2003145020-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://isearch.avg.com/search?cid=&mid=0fdf1790272d47d185a2d15ce9b5a36c-20c18dae6398f3cc63feef487347ac8400cbb78c&lang=cz&ds=AVG&pr=fr&d=&v=&pid=AVG&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1921459583-1451030928-2003145020-1001 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2776682
SearchScopes: HKU\S-1-5-21-1921459583-1451030928-2003145020-1001 -> {B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B} URL = hxxp://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=download&chnl=download&cd=2XzuyEtN2Y1L1QzutDtDtC0Ezz0CtD0E0C0D0EyE0D0A0CzztN0D0Tzu0CtAtCyEtN1L2XzutBtFtBtFtDtFtAyEyE&cr=1526359974
SearchScopes: HKU\S-1-5-21-1921459583-1451030928-2003145020-1001 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.toolksearchbook.info/?l=1&q={searchTerms}&pid=945&r=2014/01/23&hid=7898053438724905762&lg=EN&cc=CZ&unqvl=46
SearchScopes: HKU\S-1-5-21-1921459583-1451030928-2003145020-1001 -> {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = hxxp://mystart.incredibar.com/mb139/?search={searchTerms}&loc=IB_DS&a=6R8qTpVoGs&i=26
SearchScopes: HKU\S-1-5-21-1921459583-1451030928-2003145020-1001 -> {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10005&barid={A611F910-12F7-11E2-96DA-001E8C0ECDE4}
SearchScopes: HKU\S-1-5-21-1921459583-1451030928-2003145020-1001 -> {F141CDB2-754F-4F1C-879C-A25245821219} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04] (Adobe Systems Incorporated)
BHO: AVG Do Not Track -> {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} -> C:\Program Files\AVG\AVG2012\avgdtiex.dll [2015-05-19] (AVG Technologies CZ, s.r.o.)
BHO: Protector by IB -> {336D0C35-8A85-403a-B9D2-65C292C39087} -> C:\Program Files\Protector by IB\Extension32.dll [2012-04-24] ()
BHO: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> C:\Program Files\AVG\AVG2012\avgssie.dll [2015-05-19] (AVG Technologies CZ, s.r.o.)
BHO: Funmoods Helper Object -> {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} -> C:\Program Files\Funmoods\1.5.23.22\bh\escort.dll [2012-11-09] (Funmoods BHO)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll [2011-05-13] (Microsoft Corporation)
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09] (Skype Technologies S.A.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Softonic Helper Object -> {E87806B5-E908-45FD-AF5E-957D83E58E68} -> C:\Program Files\Softonic\softonic\1.5.11.5\bh\softonic.dll [2012-01-11] (Softonic.com)
BHO: SMTTB2009 Class -> {FCBCCB87-9224-4B8D-B117-F56D924BEB18} -> C:\Program Files\HyperCam Toolbar\tbcore3.dll => No File
Toolbar: HKLM - Softonic Toolbar - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Program Files\Softonic\softonic\1.5.11.5\softonicTlbr.dll [2012-01-11] (Softonic.com)
Toolbar: HKLM - Funmoods Toolbar - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - C:\Program Files\Funmoods\1.5.23.22\escorTlbr.dll [2012-11-09] (Funmoods)
Toolbar: HKLM - HyperCam Toolbar - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files\HyperCam Toolbar\tbcore3.dll No File
Toolbar: HKU\S-1-5-21-1921459583-1451030928-2003145020-1001 -> No Name - {51A86BB3-6602-4C85-92A5-130EE4864F13} - No File
Toolbar: HKU\S-1-5-21-1921459583-1451030928-2003145020-1001 -> No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} - No File
DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.7.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll [2015-05-19] (AVG Technologies CZ, s.r.o.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09] (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2017-01-02] (Skype Technologies)
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\3.5.0\ViProtocol.dll [2015-12-11] (AVG Secure Search)

FireFox:
========
FF ProfilePath: C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\sugo2jom.default-1442642166674 [2017-09-22]
FF Extension: (Skype Click to Call) - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2017-07-26] [not signed]
FF Extension: (Skype Click to Call) - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2017-07-26] [not signed]
FF HKLM\...\Firefox\Extensions: [{1E73965B-8B48-48be-9C8D-68B920ABC1C4}] - C:\Program Files\AVG\AVG2012\Firefox4
FF Extension: (AVG Safe Search) - C:\Program Files\AVG\AVG2012\Firefox4 [2016-06-03] [not signed]
FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\Protector by IB\Firefox
FF Extension: (Protector by IB) - C:\Program Files\Protector by IB\Firefox [2012-05-05] [not signed]
FF HKLM\...\Firefox\Extensions: [{F53C93F1-07D5-430c-86D4-C9531B27DFAF}] - C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack
FF Extension: (AVG Do Not Track) - C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack [2015-07-24] [not signed]
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\Ask.xml [2014-05-04]
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\wtu-secure-search.xml [2017-07-08]
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [2012-02-21] (Adobe Systems, Inc.)
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.8\\npsitesafety.dll [No File]
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files\Battlelog Web Plugins\2.6.2\npbattlelog.dll [No File]
FF Plugin: @esn/npbattlelog,version=2.7.0 -> C:\Program Files\Battlelog Web Plugins\2.7.0\npbattlelog.dll [2015-03-10] (EA Digital Illusions CE AB)
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2015-10-09] (Google, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-05] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-05] (Google Inc.)
FF Plugin: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll [2013-11-19] ()
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2012-04-04] (Adobe Systems Inc.)
FF Plugin: NitroPDF -> C:\Program Files\Nitro PDF\Reader 2\npnitromozilla.dll [2011-06-21] ( )
FF Plugin HKU\S-1-5-21-1921459583-1451030928-2003145020-1001: @my.com/Games -> C:\Users\Tom\AppData\Local\MyComGames\NPMyComDetector.dll [2016-01-29] (MY.COM B.V.)
FF Plugin HKU\S-1-5-21-1921459583-1451030928-2003145020-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Tom\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-07-21] (Unity Technologies ApS)

Chrome:
=======
CHR Profile: C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default [2017-09-22]
CHR Extension: (Prezentace Google) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-09-21]
CHR Extension: (Dokumenty Google) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-09-21]
CHR Extension: (Disk Google) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-09-21]
CHR Extension: (YouTube) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-09-21]
CHR Extension: (New Tab) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpglkicenollcignonpgiafdgfeehoj [2017-09-17] [UpdateUrl: hxxp://update.funmoods.com/speeddial/update.xml?bu=sf] <==== ATTENTION
CHR Extension: (Tabulky Google) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-09-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-09-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-17]
CHR Extension: (Gmail) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-09-21]
CHR Extension: (Chrome Media Router) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-17]
CHR HKLM\...\Chrome\Extension: [ajhcekcffkpnaednoeoegnmnjdlnjjmg] - C:\ProgramData\Bcool\ajhcekcffkpnaednoeoegnmnjdlnjjmg.crx [2012-04-24]
CHR HKLM\...\Chrome\Extension: [bbjciahceamgodcoidkjpchnokgfpphh] - C:\Users\Tom\AppData\Local\funmoods.crx <not found>
CHR HKLM\...\Chrome\Extension: [cjpglkicenollcignonpgiafdgfeehoj] - C:\Users\Tom\AppData\Local\funmoods-speeddial_sf.crx [2012-11-09]
CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Protector by IB\source.crx [2012-05-05]
CHR HKLM\...\Chrome\Extension: [jcpbbbapaiahneeinklkepfjemkkhhhj] - C:\ProgramData\ADDICT-THING\jcpbbbapaiahneeinklkepfjemkkhhhj.crx [2012-05-05]
CHR HKLM\...\Chrome\Extension: [jmfkcklnlgedgbglfkkgedjfmejoahla] - C:\Program Files\AVG\AVG2012\Chrome\safesearch.crx [2012-07-26]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-10-09]
CHR HKLM\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\Program Files\AVG\AVG2012\Chrome\donottrack.crx [2015-05-19]
CHR HKU\S-1-5-21-1921459583-1451030928-2003145020-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjciahceamgodcoidkjpchnokgfpphh] - C:\Users\Tom\AppData\Local\funmoods.crx <not found>
CHR HKU\S-1-5-21-1921459583-1451030928-2003145020-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [cjpglkicenollcignonpgiafdgfeehoj] - C:\Users\Tom\AppData\Local\funmoods-speeddial_sf.crx [2012-11-09]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [276992 2013-12-06] (Advanced Micro Devices, Inc.) [File not signed]
R2 ASGT; C:\Windows\System32\ASGT.exe [55296 2012-01-17] () [File not signed]
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe [5176832 2015-05-19] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files\AVG\Framework\Common\avgsvcx.exe [935184 2016-12-06] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2012\avgwdsvc.exe [198616 2015-05-19] (AVG Technologies CZ, s.r.o.)
S3 GamesAppIntegrationService; C:\Program Files\WildTangent Games\App\GamesAppIntegrationService.exe [227936 2013-11-09] (WildTangent)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S4 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2011-06-20] (Hewlett-Packard Company) [File not signed]
R2 NitroReaderDriverReadSpool2; C:\Program Files\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe [196912 2011-06-21] (Nitro PDF Software)
S3 Origin Client Service; C:\Program Files\Origin\OriginClientService.exe [2169696 2017-07-25] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files\Origin\OriginWebHelperService.exe [3149672 2017-07-25] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2014-11-25] ()
S4 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3275136 2013-10-09] (Skype Technologies S.A.)
S4 ST2012_Svc; C:\Program Files\Spyware Terminator\st_rsser.exe [587472 2012-09-07] (Crawler.com)
R2 vToolbarUpdater40.3.8; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\40.3.8\ToolbarUpdater.exe [1354824 2017-07-08] (AVG Secure Search)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files\AVG Web TuneUp\WtuSystemSupport.exe [981576 2017-07-08] ()
S2 SafetyNutManager; C:\Program Files\Movies Toolbar\SafetyNut\SafetyNutManager.exe [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AegisP; C:\Windows\System32\DRIVERS\AegisP.sys [21035 2011-10-23] (Meetinghouse Data Communications) [File not signed]
R1 AsIO; C:\Windows\System32\drivers\AsIO.sys [11296 2009-08-04] ()
R1 AsUpIO; C:\Windows\System32\drivers\AsUpIO.sys [11448 2009-07-06] ()
R3 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [142600 2015-05-19] (AVG Technologies CZ, s.r.o. )
R3 AVGIDSFilter; C:\Windows\System32\DRIVERS\avgidsfilterx.sys [26504 2015-05-19] (AVG Technologies CZ, s.r.o. )
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [25352 2015-05-19] (AVG Technologies CZ, s.r.o. )
R3 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [19976 2015-05-19] (AVG Technologies CZ, s.r.o. )
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [250632 2015-05-19] (AVG Technologies CZ, s.r.o.)
R1 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [42760 2015-11-18] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [34184 2015-05-19] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [302472 2015-05-19] (AVG Technologies CZ, s.r.o.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2012-03-22] (DT Soft Ltd)
R1 F06DEFF2-5B9C-490D-910F-35D3A91196222; C:\Program Files\Movies Toolbar\SafetyNut\configmgrc1.cfg [31104 2014-04-13] (Somoto LTD)
S3 hid3331; C:\Windows\System32\drivers\hid3331.sys [41336 2008-05-19] ( )
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [6504 2011-12-30] ()
S3 RTL8187; C:\Windows\System32\DRIVERS\rtl8187.sys [375808 2010-01-07] (Realtek Semiconductor Corporation )
S3 RTLWUSB; C:\Windows\System32\DRIVERS\RTL8187.sys [375808 2010-01-07] (Realtek Semiconductor Corporation )
R0 SI3132; C:\Windows\System32\DRIVERS\SI3132.sys [80424 2007-10-03] (Silicon Image, Inc)
R0 SiFilter; C:\Windows\System32\DRIVERS\SiWinAcc.sys [19240 2007-10-03] (Silicon Image, Inc)
R0 SiRemFil; C:\Windows\System32\DRIVERS\SiRemFil.sys [15400 2007-10-03] (Silicon Image, Inc)
S3 SjyPkt; C:\Windows\System32\Drivers\SjyPkt.sys [13532 2006-03-31] (Windows (R) 2000 DDK provider) [File not signed]
R3 USBPNPA; C:\Windows\System32\drivers\CM108.sys [3234816 2013-02-01] (C-Media Electronics Inc)
S3 amdiox86; system32\DRIVERS\amdiox86.sys [X]
S3 h643331; system32\drivers\h643331.sys [X]
R4 IOMap; \??\C:\Windows\system32\drivers\IOMap.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-09-22 15:40 - 2017-09-22 15:58 - 000026346 _____ C:\Users\Tom\Desktop\FRST.txt
2017-09-22 14:26 - 2017-09-22 14:35 - 000112640 _____ (forum.viry.cz) C:\Users\Tom\Desktop\FRSTLauncher(1).exe
2017-09-22 14:15 - 2017-09-22 14:18 - 000112640 _____ (forum.viry.cz) C:\Users\Tom\Desktop\FRSTLauncher.exe
2017-09-22 13:56 - 2017-09-22 13:57 - 000000555 _____ C:\Users\Tom\Downloads\FRST.txt
2017-09-22 13:53 - 2017-09-22 13:53 - 000112640 _____ (forum.viry.cz) C:\Users\Tom\Downloads\Nepotvrzeno 906404.crdownload
2017-09-22 13:51 - 2017-09-22 13:56 - 000000000 ____D C:\FRST
2017-09-22 13:44 - 2017-09-22 13:46 - 001796096 _____ (Farbar) C:\Users\Tom\Desktop\FRST.exe
2017-09-21 14:28 - 2017-09-21 14:47 - 000055950 _____ C:\Windows\ntbtlog.txt
2017-09-20 15:15 - 2017-09-20 15:16 - 008182736 _____ (Malwarebytes) C:\Users\Tom\Downloads\adwcleaner_7.0.2.1 (1).exe
2017-09-20 15:03 - 2017-09-22 13:11 - 000000000 ____D C:\AdwCleaner
2017-09-20 15:00 - 2017-09-20 15:01 - 008182736 _____ (Malwarebytes) C:\Users\Tom\Desktop\adwcleaner_7.0.2.1.exe
2017-09-19 21:19 - 2017-09-19 21:19 - 000000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2017-09-19 21:19 - 2017-09-19 21:19 - 000000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2017-09-19 19:06 - 2017-09-19 19:08 - 000000000 ____D C:\rsit
2017-09-19 19:06 - 2017-09-19 19:08 - 000000000 ____D C:\Program Files\trend micro
2017-09-19 19:05 - 2017-09-19 19:05 - 001107968 _____ C:\Users\Tom\Downloads\RSIT (1).exe
2017-09-19 18:33 - 2017-09-19 18:33 - 001107968 _____ C:\Users\Tom\Downloads\RSIT.exe
2017-09-19 17:53 - 2017-09-19 17:53 - 000000000 ____D C:\Windows\system32\appraiser
2017-09-18 15:38 - 2015-07-09 19:42 - 001372160 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2017-09-18 15:38 - 2015-07-09 19:42 - 000067584 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2017-09-18 15:04 - 2014-12-11 19:47 - 000046592 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2017-09-18 12:39 - 2015-07-30 19:57 - 001987584 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2017-09-18 12:39 - 2015-07-30 19:57 - 001251328 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2017-09-18 12:39 - 2015-07-30 19:57 - 000909824 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2017-09-18 12:39 - 2015-07-30 19:57 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2017-09-18 12:39 - 2015-07-30 19:57 - 000034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2017-09-18 12:39 - 2015-07-30 19:57 - 000026624 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2017-09-18 12:39 - 2015-07-30 19:57 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2017-09-18 12:39 - 2015-07-30 18:52 - 002384384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-09-18 12:39 - 2015-07-30 18:49 - 000299520 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2017-09-18 12:38 - 2015-07-22 19:53 - 000937984 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2017-09-18 12:38 - 2015-07-22 19:53 - 000635392 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2017-09-18 12:38 - 2015-07-22 18:38 - 000041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2017-09-18 11:52 - 2015-05-25 20:00 - 000364544 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2017-09-18 11:51 - 2015-05-25 20:01 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2017-09-18 11:51 - 2015-05-25 20:00 - 000082944 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2017-09-18 11:51 - 2015-05-25 20:00 - 000040448 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2017-09-18 11:51 - 2015-05-25 20:00 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2017-09-18 11:51 - 2015-05-25 20:00 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2017-09-18 11:45 - 2015-10-13 18:31 - 000338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2017-09-18 11:45 - 2015-10-13 18:31 - 000074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2017-09-18 11:17 - 2016-02-05 20:44 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2017-09-18 11:17 - 2016-02-05 19:33 - 000015360 _____ (Microsoft Corporation) C:\Windows\system32\tbs.dll
2017-09-18 11:17 - 2015-06-03 22:22 - 000355456 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2017-09-18 10:42 - 2016-03-09 20:34 - 000216064 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2017-09-18 10:07 - 2015-10-13 06:50 - 000712640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2017-09-18 10:05 - 2015-11-03 20:55 - 000179712 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
2017-09-18 09:41 - 2015-04-11 05:07 - 000054656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2017-09-18 09:40 - 2015-03-04 06:16 - 000249784 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2017-09-18 09:40 - 2015-03-04 06:10 - 000058880 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2017-09-18 09:29 - 2016-08-29 17:12 - 012880384 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-09-18 09:28 - 2016-08-29 17:12 - 001806848 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2017-09-18 09:28 - 2016-08-29 17:12 - 001499648 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2017-09-18 09:28 - 2016-08-29 16:55 - 002972672 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2017-09-18 09:24 - 2014-12-06 05:50 - 000242688 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2017-09-18 08:07 - 2016-01-22 08:06 - 000169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-09-18 08:07 - 2016-01-22 08:04 - 000535040 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2017-09-18 08:07 - 2016-01-22 08:02 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-09-18 08:07 - 2016-01-22 07:59 - 000686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-09-18 08:06 - 2016-01-22 08:13 - 003993536 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2017-09-18 08:06 - 2016-01-22 08:13 - 003938752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-09-18 08:06 - 2016-01-22 08:09 - 001310232 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-09-18 08:06 - 2016-01-22 08:06 - 000400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2017-09-18 08:06 - 2016-01-22 08:06 - 000171520 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-09-18 08:06 - 2016-01-22 08:06 - 000065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-09-18 08:06 - 2016-01-22 08:06 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2017-09-18 08:06 - 2016-01-22 08:05 - 000654336 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-09-18 08:06 - 2016-01-22 08:05 - 000251392 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-09-18 08:06 - 2016-01-22 08:02 - 000553472 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-09-18 08:06 - 2016-01-22 08:02 - 000259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-09-18 08:06 - 2016-01-22 08:02 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-09-18 08:06 - 2016-01-22 08:02 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-09-18 08:06 - 2016-01-22 07:59 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-09-18 08:06 - 2016-01-22 07:59 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2017-09-18 08:06 - 2016-01-22 07:59 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-09-18 08:06 - 2016-01-22 07:59 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-09-18 08:06 - 2016-01-22 07:59 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-09-18 08:06 - 2016-01-22 07:59 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-09-18 08:06 - 2016-01-22 07:59 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-09-18 08:06 - 2016-01-22 07:59 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-09-18 08:06 - 2016-01-22 07:59 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-09-18 08:06 - 2016-01-22 07:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-09-18 08:06 - 2016-01-22 07:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-09-18 08:06 - 2016-01-22 07:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-09-18 08:06 - 2016-01-22 07:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-09-18 08:06 - 2016-01-22 07:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-09-18 08:06 - 2016-01-22 07:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-09-18 08:06 - 2016-01-22 07:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-09-18 08:06 - 2016-01-22 07:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-09-18 08:06 - 2016-01-22 07:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-09-18 08:06 - 2016-01-22 07:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-09-18 08:06 - 2016-01-22 07:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-09-18 08:06 - 2016-01-22 07:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-09-18 08:06 - 2016-01-22 07:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-09-18 08:06 - 2016-01-22 07:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-09-18 08:06 - 2016-01-22 07:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-09-18 08:06 - 2016-01-22 07:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-09-18 08:06 - 2016-01-22 07:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-09-18 08:06 - 2016-01-22 07:07 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-09-18 08:06 - 2016-01-22 07:00 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2017-09-18 08:06 - 2016-01-22 06:53 - 000225792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-09-18 08:06 - 2016-01-22 06:53 - 000124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-09-18 08:06 - 2016-01-22 06:53 - 000098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-09-18 08:06 - 2016-01-22 06:51 - 000069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2017-09-18 08:06 - 2016-01-22 06:51 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-09-18 08:06 - 2016-01-22 06:51 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-09-18 08:06 - 2016-01-22 06:51 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-09-18 08:06 - 2016-01-22 06:51 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-09-18 08:05 - 2016-01-22 08:13 - 000138176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-09-18 08:05 - 2016-01-22 08:13 - 000067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-09-18 08:05 - 2016-01-22 08:06 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-09-18 08:05 - 2016-01-22 08:05 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-09-18 08:05 - 2016-01-22 08:02 - 001060864 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-09-18 08:05 - 2016-01-22 08:02 - 000872448 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-09-18 08:05 - 2016-01-22 08:02 - 000293888 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-09-18 08:05 - 2016-01-22 08:02 - 000176128 _____ (Microsoft Corporation) C:\Windows\system32\msorcl32.dll
2017-09-18 08:05 - 2016-01-22 07:59 - 000038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-09-18 08:05 - 2016-01-22 06:51 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-09-18 08:05 - 2016-01-22 06:51 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-09-18 08:05 - 2016-01-22 06:51 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-09-18 08:05 - 2015-09-23 15:09 - 000371920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2017-09-18 08:04 - 2016-01-22 08:04 - 000642048 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2017-09-18 08:04 - 2016-01-22 08:02 - 000114176 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2017-09-18 08:04 - 2016-01-22 07:59 - 000642560 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2017-09-18 08:04 - 2016-01-22 07:01 - 000271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2017-09-18 08:04 - 2015-09-23 15:09 - 000251000 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2017-09-18 07:46 - 2016-07-07 17:20 - 001309928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2017-09-18 07:46 - 2016-07-07 17:20 - 000240872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2017-09-18 07:46 - 2016-07-07 17:20 - 000187624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2017-09-18 07:46 - 2016-07-07 16:57 - 000035840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2017-09-18 07:46 - 2016-07-01 17:13 - 000741888 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2017-09-18 07:46 - 2016-07-01 17:13 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2017-09-18 07:46 - 2016-07-01 16:50 - 000313856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2017-09-18 07:46 - 2016-07-01 16:50 - 000310784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2017-09-18 07:46 - 2016-07-01 16:50 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2017-09-18 07:45 - 2015-02-04 04:54 - 000417792 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2017-09-18 01:34 - 2015-01-09 01:44 - 000419936 _____ C:\Windows\system32\locale.nls
2017-09-18 01:33 - 2016-01-21 02:51 - 000057280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2017-09-18 01:32 - 2015-04-18 04:56 - 000342016 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-09-18 01:30 - 2015-04-13 05:19 - 000259072 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2017-09-18 01:30 - 2014-12-19 04:43 - 000164864 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2017-09-18 01:29 - 2015-12-08 23:53 - 000509952 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2017-09-18 01:29 - 2015-11-05 21:02 - 000014848 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
2017-09-18 01:29 - 2015-11-05 11:48 - 000117760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2017-09-18 01:29 - 2014-10-25 03:32 - 000067584 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2017-09-18 01:28 - 2015-02-03 05:12 - 000171520 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2017-09-18 01:27 - 2015-11-14 00:50 - 000076800 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll
2017-09-18 01:27 - 2015-11-14 00:50 - 000076800 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll
2017-09-18 01:27 - 2015-11-14 00:49 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\fixmapi.exe
2017-09-18 01:27 - 2014-10-30 03:45 - 000155136 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2017-09-18 01:23 - 2015-07-15 04:55 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2017-09-18 01:18 - 2017-05-03 17:15 - 000081640 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2017-09-18 01:18 - 2017-05-03 15:05 - 000505856 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2017-09-18 01:18 - 2017-05-03 15:05 - 000446464 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2017-09-18 01:18 - 2017-05-03 15:05 - 000275456 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2017-09-18 01:18 - 2017-05-03 15:05 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2017-09-18 01:18 - 2017-05-03 15:05 - 000104960 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2017-09-18 01:18 - 2017-03-23 04:06 - 001602048 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2017-09-18 01:18 - 2015-06-02 01:47 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2017-09-18 01:17 - 2017-05-03 17:10 - 000987648 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2017-09-18 01:17 - 2017-05-03 15:05 - 001327616 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2017-09-18 01:17 - 2017-05-03 15:05 - 000182784 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2017-09-18 01:17 - 2016-05-11 17:19 - 000351744 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2017-09-18 01:17 - 2016-05-11 17:19 - 000231424 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2017-09-18 01:17 - 2016-05-11 17:19 - 000206336 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2017-09-18 01:17 - 2016-05-11 17:01 - 000026624 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2017-09-18 01:17 - 2016-05-11 16:52 - 000188928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2017-09-18 01:14 - 2015-12-08 23:54 - 001620992 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2017-09-18 01:14 - 2015-12-08 23:54 - 000902144 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2017-09-18 01:14 - 2015-12-08 23:53 - 003209728 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2017-09-18 01:14 - 2015-12-08 23:53 - 000970240 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
2017-09-18 01:13 - 2015-12-08 23:54 - 002285056 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2017-09-18 01:13 - 2015-12-08 23:54 - 001568768 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2017-09-18 01:13 - 2015-12-08 23:54 - 001325056 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2017-09-18 01:13 - 2015-12-08 23:54 - 001202688 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll
2017-09-18 01:13 - 2015-12-08 23:54 - 000815616 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2017-09-18 01:13 - 2015-12-08 23:54 - 000740352 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2017-09-18 01:13 - 2015-12-08 23:54 - 000739328 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2017-09-18 01:13 - 2015-12-08 23:54 - 000665088 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2017-09-18 01:13 - 2015-12-08 23:54 - 000541184 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2017-09-18 01:13 - 2015-12-08 23:54 - 000358400 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2017-09-18 01:13 - 2015-12-08 23:54 - 000154112 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2017-09-18 01:13 - 2015-12-08 23:53 - 001329664 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2017-09-18 01:13 - 2015-12-08 23:53 - 000829952 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2017-09-18 01:13 - 2015-12-08 23:53 - 000728576 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
2017-09-18 01:13 - 2015-12-08 23:53 - 000609280 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2017-09-18 01:13 - 2015-12-08 23:53 - 000519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2017-09-18 01:13 - 2015-12-08 23:53 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2017-09-18 01:13 - 2015-12-08 23:53 - 000415744 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2017-09-18 01:13 - 2015-12-08 23:53 - 000354816 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2017-09-18 01:13 - 2015-12-08 23:53 - 000338944 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2017-09-18 01:13 - 2015-12-08 23:53 - 000241152 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2017-09-18 01:13 - 2015-12-08 23:53 - 000241152 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2017-09-18 01:13 - 2015-12-08 23:53 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2017-09-18 01:13 - 2015-12-08 23:53 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
2017-09-18 01:13 - 2015-12-08 23:53 - 000193536 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2017-09-18 01:13 - 2015-12-08 23:53 - 000153600 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2017-09-18 01:13 - 2015-12-08 23:53 - 000103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2017-09-18 01:13 - 2015-12-08 23:53 - 000079872 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2017-09-18 01:13 - 2015-12-08 23:53 - 000067584 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2017-09-18 01:13 - 2015-12-08 23:53 - 000053248 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2017-09-18 01:13 - 2015-12-08 23:53 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2017-09-18 01:13 - 2015-12-08 23:53 - 000023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2017-09-18 01:13 - 2015-12-08 23:43 - 000081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2017-09-18 01:13 - 2015-12-08 23:11 - 000177152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2017-09-18 01:12 - 2015-12-08 23:53 - 000004608 _____ (Microsoft Corporation) C:\Windows\system32\ksuser.dll
2017-09-18 01:12 - 2015-12-08 23:50 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2017-09-18 01:12 - 2015-12-08 23:11 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys
2017-09-18 01:11 - 2015-07-15 04:55 - 001390592 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2017-09-18 01:11 - 2015-07-15 04:55 - 001241088 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2017-09-18 01:11 - 2015-07-15 04:51 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2017-09-18 01:11 - 2015-07-15 04:51 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2017-09-18 01:10 - 2015-04-24 19:56 - 000530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2017-09-18 01:10 - 2014-12-08 04:46 - 000308224 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2017-09-17 23:56 - 2015-07-30 15:13 - 000103120 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2017-09-17 21:11 - 2014-10-14 03:50 - 000523776 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2017-09-17 16:38 - 2017-09-17 16:38 - 000143928 _____ C:\Windows\Minidump\091717-121165-01.dmp
2017-09-17 09:38 - 2017-09-17 09:38 - 000000000 __SHD C:\found.003
2017-09-17 09:21 - 2017-09-17 10:10 - 000000000 ____D C:\Users\Tom\AppData\Local\Google
2017-09-17 08:56 - 2017-09-17 08:56 - 000006640 ____N C:\bootsqm.dat
2017-09-17 08:54 - 2017-09-17 08:54 - 000000000 __SHD C:\found.002
2017-08-31 09:59 - 2017-08-31 10:01 - 565197193 _____ C:\Users\Tom\Downloads\korean-random.zip
2017-08-31 09:33 - 2017-08-31 09:36 - 246234244 _____ C:\Users\Tom\Downloads\Skins_Esthete_1.zip
2017-08-30 12:08 - 2017-08-30 12:08 - 000143928 _____ C:\Windows\Minidump\083017-44772-01.dmp
2017-08-29 10:24 - 2017-08-29 10:24 - 000000000 ___HD C:\Users\Tom\Desktop\.picasaoriginals
2017-08-29 09:56 - 2017-08-29 09:56 - 000001068 _____ C:\Users\Public\Desktop\Picasa 3.lnk
2017-08-29 09:54 - 2017-08-29 09:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2017-08-29 09:52 - 2017-08-29 09:52 - 021170376 _____ C:\Users\Tom\Downloads\picasa39-setup.exe
2017-08-29 09:49 - 2017-08-29 10:11 - 000000000 ____D C:\Users\Tom\Desktop\fb
2017-08-28 11:20 - 2017-08-28 11:20 - 000028672 _____ C:\Users\Tom\Downloads\jawa-50-renovace-malovane-spz (1).zip

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-09-22 15:41 - 2014-03-08 10:41 - 000001478 _____ C:\Windows\Tasks\HQ-Video-Pro-1.4-codedownloader.job
2017-09-22 15:40 - 2014-03-08 10:40 - 000002564 _____ C:\Windows\Tasks\HQ-Video-Pro-1.4-firefoxinstaller.job
2017-09-22 15:39 - 2014-03-08 10:39 - 000003096 _____ C:\Windows\Tasks\HQ-Video-Pro-1.4-chromeinstaller.job
2017-09-22 15:32 - 2013-12-23 10:32 - 000001888 _____ C:\Windows\Tasks\weDownload-chromeinstaller.job
2017-09-22 15:32 - 2013-12-23 10:32 - 000001292 _____ C:\Windows\Tasks\weDownload-updater.job
2017-09-22 15:15 - 2011-09-29 23:57 - 001660600 _____ C:\Windows\system32\PerfStringBackup.INI
2017-09-22 15:15 - 2009-07-14 10:44 - 000711386 _____ C:\Windows\system32\perfh005.dat
2017-09-22 15:15 - 2009-07-14 10:44 - 000155026 _____ C:\Windows\system32\perfc005.dat
2017-09-22 15:15 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\inf
2017-09-22 14:43 - 2017-07-26 14:57 - 000000000 ____D C:\Users\Tom\AppData\LocalLow\Mozilla
2017-09-22 14:14 - 2017-07-26 12:35 - 000000000 ____D C:\Program Files\Mozilla Firefox
2017-09-22 13:38 - 2009-07-14 06:34 - 000013776 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-09-22 13:38 - 2009-07-14 06:34 - 000013776 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-09-22 13:30 - 2014-12-30 19:10 - 000000000 ____D C:\Users\Tom\AppData\Local\CrashDumps
2017-09-22 13:29 - 2013-04-15 17:10 - 000000000 ____D C:\Users\Tom\AppData\Roaming\Skype
2017-09-22 12:57 - 2009-07-14 06:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-09-21 14:04 - 2011-10-07 21:10 - 000000000 ____D C:\Windows\system32\Drivers\AVG
2017-09-20 14:11 - 2009-07-14 06:33 - 000440992 _____ C:\Windows\system32\FNTCACHE.DAT
2017-09-20 14:00 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\system32\AdvancedInstallers
2017-09-20 13:56 - 2009-07-14 04:37 - 000000000 ____D C:\Windows\AppCompat
2017-09-19 21:38 - 2009-07-14 04:37 - 000000000 ____D C:\Program Files\Common Files\System
2017-09-19 21:38 - 2009-07-14 04:04 - 000000478 _____ C:\Windows\win.ini
2017-09-19 17:53 - 2014-05-06 13:45 - 000000000 ___SD C:\Windows\system32\CompatTel
2017-09-19 17:29 - 2013-12-19 18:46 - 000000000 ____D C:\Windows\system32\MRT
2017-09-19 17:26 - 2011-10-06 21:49 - 135337392 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-09-18 17:29 - 2014-01-23 15:16 - 000000000 ____D C:\Users\Tom\AppData\Roaming\newnext.me
2017-09-18 16:07 - 2014-01-23 15:16 - 000000000 ____D C:\Users\Tom\AppData\Local\genienext
2017-09-18 07:17 - 2011-10-07 20:18 - 000000000 ____D C:\Program Files\Microsoft Silverlight
2017-09-18 01:18 - 2011-10-07 20:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-09-17 16:38 - 2012-10-18 15:26 - 000000000 ____D C:\Windows\Minidump
2017-09-17 16:37 - 2014-07-25 09:59 - 343085755 _____ C:\Windows\MEMORY.DMP
2017-08-29 09:53 - 2013-09-30 14:40 - 000000000 ____D C:\Program Files\Google
2017-08-29 08:17 - 2013-09-30 14:41 - 000002141 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-08-29 08:17 - 2013-09-30 14:41 - 000002129 _____ C:\Users\Public\Desktop\Google Chrome.lnk

==================== Files in the root of some directories =======

2014-05-30 15:23 - 2014-11-25 15:11 - 000138904 _____ () C:\Users\Tom\AppData\Roaming\PnkBstrK.sys
2016-03-16 16:28 - 2016-08-08 14:42 - 000004608 _____ () C:\Users\Tom\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-11-09 15:07 - 2012-11-09 15:07 - 000290500 _____ () C:\Users\Tom\AppData\Local\funmoods-speeddial_sf.crx
2017-05-19 15:16 - 2017-05-19 15:16 - 000000016 _____ () C:\ProgramData\mntemp
2017-05-19 15:16 - 2017-05-19 15:16 - 000005041 _____ () C:\ProgramData\mudtcpaz.vzs
2014-01-25 16:27 - 2014-01-25 16:27 - 000000000 _____ () C:\ProgramData\spds90.txt

Some files in TEMP:
====================
2016-03-18 20:22 - 2012-11-09 15:07 - 000397312 _____ (Setup © ) C:\Users\Tom\AppData\Local\Temp\29344uninstall.exe
2012-12-02 14:43 - 2012-11-09 15:07 - 000397312 _____ (Setup © ) C:\Users\Tom\AppData\Local\Temp\99448uninstall.exe
2006-10-17 03:36 - 2006-10-17 03:36 - 000569344 _____ (Electronic Arts Inc.) C:\Users\Tom\AppData\Local\Temp\AutoRun.exe
2013-08-25 13:15 - 2006-10-13 10:01 - 000528384 _____ (Electronic Arts Inc.) C:\Users\Tom\AppData\Local\Temp\AutoRunGUI.dll
2016-08-22 16:24 - 2016-07-20 14:01 - 000186640 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Tom\AppData\Local\Temp\avguirn_081297688133.exe
2016-07-28 07:57 - 2016-06-21 18:49 - 000186640 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Tom\AppData\Local\Temp\avguirn_081689669267.exe
2016-04-08 13:52 - 2016-02-18 13:09 - 000179624 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Tom\AppData\Local\Temp\avguirn_081710276232.exe
2016-04-19 06:51 - 2016-03-23 16:57 - 000186640 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Tom\AppData\Local\Temp\avguirn_081956434508.exe
2016-01-15 19:16 - 2015-12-08 08:23 - 000091048 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Tom\AppData\Local\Temp\avguirn_082139841591.exe
2016-06-23 19:31 - 2016-05-18 13:03 - 000186640 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Tom\AppData\Local\Temp\avguirn_08370406262.exe
2016-05-11 14:57 - 2016-04-14 17:29 - 000186640 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Tom\AppData\Local\Temp\avguirn_08654936333.exe
2016-01-05 20:01 - 2015-11-12 17:54 - 000091048 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Tom\AppData\Local\Temp\avguirn_08685297470.exe
2015-11-18 14:57 - 2015-10-16 14:30 - 000091048 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Tom\AppData\Local\Temp\avguirn_08874825647.exe
2012-11-19 09:33 - 2012-11-19 09:33 - 004291696 _____ (http://www.Bandisoft.com) C:\Users\Tom\AppData\Local\Temp\bdfilters.dll
2014-07-09 17:16 - 2010-02-26 10:45 - 000077312 _____ (Microsoft Corporation) C:\Users\Tom\AppData\Local\Temp\devcon.exe
2014-08-03 18:03 - 2014-08-03 18:03 - 000204800 _____ (Sony DADC Austria AG) C:\Users\Tom\AppData\Local\Temp\drm_dyndata_7380012.dll
2013-05-18 12:49 - 2016-08-21 10:34 - 000208896 _____ (Sony DADC Austria AG) C:\Users\Tom\AppData\Local\Temp\drm_dyndata_7400008.dll
2013-08-25 13:15 - 2006-10-13 10:01 - 000720896 _____ () C:\Users\Tom\AppData\Local\Temp\EAInstall.dll
2014-02-22 16:24 - 2014-02-22 16:24 - 017858952 _____ (Adobe Systems Incorporated) C:\Users\Tom\AppData\Local\Temp\fp_pl_pfs_installer-1.exe
2014-05-08 14:03 - 2014-05-08 14:03 - 017931952 _____ (Adobe Systems Incorporated) C:\Users\Tom\AppData\Local\Temp\fp_pl_pfs_installer-2.exe
2012-12-21 13:50 - 2012-12-21 13:51 - 016363960 _____ (Adobe Systems Incorporated) C:\Users\Tom\AppData\Local\Temp\fp_pl_pfs_installer.exe
2014-03-08 10:39 - 2014-03-08 10:39 - 006636103 _____ (Ojpcdlef) C:\Users\Tom\AppData\Local\Temp\hq-video-pro-1-4.exe
2011-10-20 23:51 - 2011-10-20 23:51 - 003039360 _____ (Electronic Arts, Inc.) C:\Users\Tom\AppData\Local\Temp\installerdll180056.dll
2011-10-20 23:51 - 2011-10-20 23:51 - 003039360 _____ (Electronic Arts, Inc.) C:\Users\Tom\AppData\Local\Temp\installerdll199821.dll
2011-10-20 23:51 - 2011-10-20 23:51 - 003039360 _____ (Electronic Arts, Inc.) C:\Users\Tom\AppData\Local\Temp\installerdll204766.dll
2011-10-20 23:51 - 2011-10-20 23:51 - 003039360 _____ (Electronic Arts, Inc.) C:\Users\Tom\AppData\Local\Temp\installerdll487081.dll
2011-10-20 23:51 - 2011-10-20 23:51 - 003039360 _____ (Electronic Arts, Inc.) C:\Users\Tom\AppData\Local\Temp\installerdll684750.dll
2011-10-20 23:51 - 2011-10-20 23:51 - 003039360 _____ (Electronic Arts, Inc.) C:\Users\Tom\AppData\Local\Temp\installerdll8944426.dll
2014-04-10 13:46 - 2014-04-10 13:46 - 008580632 _____ (Somoto LTD) C:\Users\Tom\AppData\Local\Temp\MoviesToolbarSetup_Somoto.exe
2011-10-19 23:24 - 2011-10-19 23:24 - 000336280 ____R (Microsoft Corporation) C:\Users\Tom\AppData\Local\Temp\rootsupd.exe
2011-10-20 23:52 - 2011-10-20 23:52 - 046985240 _____ (Electronic Arts, Inc.) C:\Users\Tom\AppData\Local\Temp\Setup.exe
2013-06-23 07:16 - 2017-09-04 12:46 - 058782680 _____ (Skype Technologies S.A.) C:\Users\Tom\AppData\Local\Temp\SkypeSetup.exe
2011-11-03 16:13 - 2011-11-03 16:13 - 001786688 _____ () C:\Users\Tom\AppData\Local\Temp\sonarinst.exe
2012-12-02 14:15 - 2012-03-27 09:24 - 004398376 _____ (Conduit Ltd.) C:\Users\Tom\AppData\Local\Temp\tbBrot.dll
2014-01-23 15:13 - 2013-03-12 10:59 - 000275552 ___RS (Tarma Software Research Pty Ltd) C:\Users\Tom\AppData\Local\Temp\Tsu0E8EC289.dll
2014-02-12 15:26 - 2014-02-12 15:26 - 000905296 _____ (BitTorrent Inc.) C:\Users\Tom\AppData\Local\Temp\utt550D.tmp.exe
2016-03-25 10:49 - 2016-03-25 10:49 - 002094080 _____ (BitTorrent Inc.) C:\Users\Tom\AppData\Local\Temp\uttABF5.tmp.exe
2011-10-19 23:24 - 2011-10-19 23:24 - 005673816 _____ (Microsoft Corporation) C:\Users\Tom\AppData\Local\Temp\vcredist_x64.exe
2011-10-19 23:24 - 2017-01-28 11:59 - 013977352 _____ (Microsoft Corporation) C:\Users\Tom\AppData\Local\Temp\vcredist_x86.exe
2011-10-19 23:24 - 2011-10-19 23:24 - 002585872 _____ (Microsoft Corporation) C:\Users\Tom\AppData\Local\Temp\WindowsInstaller-KB893803-v2-x86.exe
2015-11-21 20:07 - 2015-11-21 20:07 - 000000000 _____ () C:\Users\Tom\AppData\Local\Temp\_383C.exe
2013-04-11 14:07 - 2013-04-11 14:07 - 000000000 _____ () C:\Users\Tom\AppData\Local\Temp\_979D.exe
2006-05-24 19:10 - 2006-05-24 19:10 - 000455600 ____R (Macrovision Corporation) C:\Users\Tom\AppData\Local\Temp\_is40E6.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

==================== Scheduled Tasks (whitelisted) ==================

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: AVG AntiVirus Free Edition 2012 (Disabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2012 (Disabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Tom\Desktop" je 32701 MB.

***** Startup Programs *****

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

#8 Příspěvek od **Rudy** » 22 zář 2017 16:41

Otevřte poznámkový blok a zkopírujte do něj:

Start
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
SearchScopes: HKLM -> {52db1893-8a90-4192-aede-08e00b8f8473} URL = hxxp://dts.search.ask.com/sr?src=ieb&gc ... nrs=AG1&q={searchTerms}
SearchScopes: HKLM -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2776682
SearchScopes: HKLM -> {B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B} URL = hxxp://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=download&chnl=download&cd=2XzuyEtN2Y1L1QzutDtDtC0Ezz0CtD0E0C0D0EyE0D0A0CzztN0D0Tzu0CtAtCyEtN1L2XzutBtFtBtFtDtFtAyEyE&cr=1526359974
SearchScopes: HKLM -> {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10005&barid={A611F910-12F7-11E2-96DA-001E8C0ECDE4}
SearchScopes: HKU\S-1-5-21-1921459583-1451030928-2003145020-1001 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/?q={searchTerms}&affID=112454&babsrc=SP_ss&mntrId=40f7dac80000000000000015af514a9f
SearchScopes: HKU\S-1-5-21-1921459583-1451030928-2003145020-1001 -> {52db1893-8a90-4192-aede-08e00b8f8473} URL = hxxp://dts.search.ask.com/sr?src=ieb&gc ... nrs=AG1&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1921459583-1451030928-2003145020-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://isearch.avg.com/search?cid=&mid= ... sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1921459583-1451030928-2003145020-1001 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2776682
SearchScopes: HKU\S-1-5-21-1921459583-1451030928-2003145020-1001 -> {B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B} URL = hxxp://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=download&chnl=download&cd=2XzuyEtN2Y1L1QzutDtDtC0Ezz0CtD0E0C0D0EyE0D0A0CzztN0D0Tzu0CtAtCyEtN1L2XzutBtFtBtFtDtFtAyEyE&cr=1526359974
SearchScopes: HKU\S-1-5-21-1921459583-1451030928-2003145020-1001 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.toolksearchbook.info/?l=1&q={searchTerms}&pid=945&r=2014/01/23&hid=7898053438724905762&lg=EN&cc=CZ&unqvl=46
SearchScopes: HKU\S-1-5-21-1921459583-1451030928-2003145020-1001 -> {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = hxxp://mystart.incredibar.com/mb139/?search={searchTerms}&loc=IB_DS&a=6R8qTpVoGs&i=26
SearchScopes: HKU\S-1-5-21-1921459583-1451030928-2003145020-1001 -> {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10005&barid={A611F910-12F7-11E2-96DA-001E8C0ECDE4}
BHO: Funmoods Helper Object -> {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} -> C:\Program Files\Funmoods\1.5.23.22\bh\escort.dll [2012-11-09] (Funmoods BHO)
C:\Program Files\Funmoods
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09] (Skype Technologies S.A.)
BHO: SMTTB2009 Class -> {FCBCCB87-9224-4B8D-B117-F56D924BEB18} -> C:\Program Files\HyperCam Toolbar\tbcore3.dll => No File
Toolbar: HKLM - Funmoods Toolbar - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - C:\Program Files\Funmoods\1.5.23.22\escorTlbr.dll [2012-11-09] (Funmoods)
Toolbar: HKLM - HyperCam Toolbar - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files\HyperCam Toolbar\tbcore3.dll No File
Toolbar: HKU\S-1-5-21-1921459583-1451030928-2003145020-1001 -> No Name - {51A86BB3-6602-4C85-92A5-130EE4864F13} - No File
Toolbar: HKU\S-1-5-21-1921459583-1451030928-2003145020-1001 -> No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} - No File
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlm.tools.akamai.com/dlmanager/v ... .2.5.7.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09] (Skype Technologies S.A.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\Ask.xml [2014-05-04]
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\wtu-secure-search.xml [2017-07-08]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
CHR HKU\S-1-5-21-1921459583-1451030928-2003145020-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjciahceamgodcoidkjpchnokgfpphh] - C:\Users\Tom\AppData\Local\funmoods.crx <not found>
CHR HKU\S-1-5-21-1921459583-1451030928-2003145020-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [cjpglkicenollcignonpgiafdgfeehoj] - C:\Users\Tom\AppData\Local\funmoods-speeddial_sf.crx [2012-11-09]
C:\Users\Tom\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Users\Tom\AppData\Local\Temp
HQ-Video-Pro-1.4 (HKLM\...\HQ-Video-Pro-1.4) (Version: 1.34.2.13 - HQ-Video) <==== ATTENTION
Optimizer Pro v3.0 (HKLM\...\Optimizer Pro_is1) (Version: 3.0 - PC Utilities Pro) <==== ATTENTION
Task: {10D24D82-9972-452E-9333-46CF02FFD3B2} - System32\Tasks\HQ-Video-Pro-1.4-firefoxinstaller => C:\Program Files\HQ-Video-Pro-1.4\HQ-Video-Pro-1.4-firefoxinstaller.exe <==== ATTENTION
Task: {2851FCD1-7670-405C-BC6A-EE6AC804BDE1} - System32\Tasks\{FCF9A8DA-30FE-4CD6-8B8F-4C7D7CDDB0CB} => C:\Windows\system32\pcalua.exe -a C:\instalace\1985WDM_3713\AD1985\Setup.exe -d C:\instalace\1985WDM_3713\AD1985

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Z logu:

Velikost slozky "C:\Users\Tom\Desktop" je 32701 MB.

To je říliš mnoho a může to způsobovat zpomalení startu systému. Vytvořte v C:\Users\Tom novou složku, do níž přesuňte všechna data z plochy (kromě zástupců). Na plochu si pak dejte zástupce té složky pro snazší přístup.

Tomakatre321 · #9 Příspěvek od **Tomakatre321** » 24 zář 2017 12:36

zde je log.. jinak dnes už se pc načetl normální rychlostí (fixlist jsem ukládal v pátek, dnes jen fix v FRST....)

Fix result of Farbar Recovery Scan Tool (x86) Version: 24-09-2017
Ran by Tom (24-09-2017 11:03:29) Run:1
Running from C:\Users\Tom\Desktop
Loaded Profiles: Tom (Available Profiles: Tom & DefaultAppPool)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
SearchScopes: HKLM -> {52db1893-8a90-4192-aede-08e00b8f8473} URL = hxxp://dts.search.ask.com/sr?src=ieb&gc ... nrs=AG1&q={searchTerms}
SearchScopes: HKLM -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2776682
SearchScopes: HKLM -> {B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B} URL = hxxp://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=download&chnl=download&cd=2XzuyEtN2Y1L1QzutDtDtC0Ezz0CtD0E0C0D0EyE0D0A0CzztN0D0Tzu0CtAtCyEtN1L2XzutBtFtBtFtDtFtAyEyE&cr=1526359974
SearchScopes: HKLM -> {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10005&barid={A611F910-12F7-11E2-96DA-001E8C0ECDE4}
SearchScopes: HKU\S-1-5-21-1921459583-1451030928-2003145020-1001 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/?q={searchTerms}&affID=112454&babsrc=SP_ss&mntrId=40f7dac80000000000000015af514a9f
SearchScopes: HKU\S-1-5-21-1921459583-1451030928-2003145020-1001 -> {52db1893-8a90-4192-aede-08e00b8f8473} URL = hxxp://dts.search.ask.com/sr?src=ieb&gc ... nrs=AG1&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1921459583-1451030928-2003145020-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://isearch.avg.com/search?cid=&mid= ... sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1921459583-1451030928-2003145020-1001 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2776682
SearchScopes: HKU\S-1-5-21-1921459583-1451030928-2003145020-1001 -> {B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B} URL = hxxp://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=download&chnl=download&cd=2XzuyEtN2Y1L1QzutDtDtC0Ezz0CtD0E0C0D0EyE0D0A0CzztN0D0Tzu0CtAtCyEtN1L2XzutBtFtBtFtDtFtAyEyE&cr=1526359974
SearchScopes: HKU\S-1-5-21-1921459583-1451030928-2003145020-1001 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.toolksearchbook.info/?l=1&q={searchTerms}&pid=945&r=2014/01/23&hid=7898053438724905762&lg=EN&cc=CZ&unqvl=46
SearchScopes: HKU\S-1-5-21-1921459583-1451030928-2003145020-1001 -> {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = hxxp://mystart.incredibar.com/mb139/?search={searchTerms}&loc=IB_DS&a=6R8qTpVoGs&i=26
SearchScopes: HKU\S-1-5-21-1921459583-1451030928-2003145020-1001 -> {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10005&barid={A611F910-12F7-11E2-96DA-001E8C0ECDE4}
BHO: Funmoods Helper Object -> {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} -> C:\Program Files\Funmoods\1.5.23.22\bh\escort.dll [2012-11-09] (Funmoods BHO)
C:\Program Files\Funmoods
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09] (Skype Technologies S.A.)
BHO: SMTTB2009 Class -> {FCBCCB87-9224-4B8D-B117-F56D924BEB18} -> C:\Program Files\HyperCam Toolbar\tbcore3.dll => No File
Toolbar: HKLM - Funmoods Toolbar - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - C:\Program Files\Funmoods\1.5.23.22\escorTlbr.dll [2012-11-09] (Funmoods)
Toolbar: HKLM - HyperCam Toolbar - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files\HyperCam Toolbar\tbcore3.dll No File
Toolbar: HKU\S-1-5-21-1921459583-1451030928-2003145020-1001 -> No Name - {51A86BB3-6602-4C85-92A5-130EE4864F13} - No File
Toolbar: HKU\S-1-5-21-1921459583-1451030928-2003145020-1001 -> No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} - No File
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlm.tools.akamai.com/dlmanager/v ... .2.5.7.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09] (Skype Technologies S.A.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\Ask.xml [2014-05-04]
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\wtu-secure-search.xml [2017-07-08]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
CHR HKU\S-1-5-21-1921459583-1451030928-2003145020-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjciahceamgodcoidkjpchnokgfpphh] - C:\Users\Tom\AppData\Local\funmoods.crx <not found>
CHR HKU\S-1-5-21-1921459583-1451030928-2003145020-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [cjpglkicenollcignonpgiafdgfeehoj] - C:\Users\Tom\AppData\Local\funmoods-speeddial_sf.crx [2012-11-09]
C:\Users\Tom\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Users\Tom\AppData\Local\Temp
HQ-Video-Pro-1.4 (HKLM\...\HQ-Video-Pro-1.4) (Version: 1.34.2.13 - HQ-Video) <==== ATTENTION
Optimizer Pro v3.0 (HKLM\...\Optimizer Pro_is1) (Version: 3.0 - PC Utilities Pro) <==== ATTENTION
Task: {10D24D82-9972-452E-9333-46CF02FFD3B2} - System32\Tasks\HQ-Video-Pro-1.4-firefoxinstaller => C:\Program Files\HQ-Video-Pro-1.4\HQ-Video-Pro-1.4-firefoxinstaller.exe <==== ATTENTION
Task: {2851FCD1-7670-405C-BC6A-EE6AC804BDE1} - System32\Tasks\{FCF9A8DA-30FE-4CD6-8B8F-4C7D7CDDB0CB} => C:\Windows\system32\pcalua.exe -a C:\instalace\1985WDM_3713\AD1985\Setup.exe -d C:\instalace\1985WDM_3713\AD1985

EmptyTemp:
End

*****************

HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\bitguard.exe => key removed successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\bprotect.exe => key removed successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\bpsvc.exe => key removed successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\browserdefender.exe => key removed successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\browserprotect.exe => key removed successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\browsersafeguard.exe => key removed successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\dprotectsvc.exe => key removed successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\jumpflip => key removed successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\protectedsearch.exe => key removed successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\searchinstaller.exe => key removed successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\searchprotection.exe => key removed successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\searchprotector.exe => key removed successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\searchsettings.exe => key removed successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\searchsettings64.exe => key removed successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\snapdo.exe => key removed successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\stinst32.exe => key removed successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\stinst64.exe => key removed successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\umbrella.exe => key removed successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\utiljumpflip.exe => key removed successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\volaro => key removed successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\vonteera => key removed successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\websteroids.exe => key removed successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\websteroidsservice.exe => key removed successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{52db1893-8a90-4192-aede-08e00b8f8473} => key removed successfully.
HKLM\Software\Classes\CLSID\{52db1893-8a90-4192-aede-08e00b8f8473} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} => key removed successfully.
HKLM\Software\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B} => key removed successfully.
HKLM\Software\Classes\CLSID\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} => key removed successfully.
HKLM\Software\Classes\CLSID\{EEE6C360-6118-11DC-9C72-001320C79847} => key not found.
HKU\S-1-5-21-1921459583-1451030928-2003145020-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => key removed successfully.
HKLM\Software\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => key not found.
HKU\S-1-5-21-1921459583-1451030928-2003145020-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{52db1893-8a90-4192-aede-08e00b8f8473} => key removed successfully.
HKLM\Software\Classes\CLSID\{52db1893-8a90-4192-aede-08e00b8f8473} => key not found.
HKU\S-1-5-21-1921459583-1451030928-2003145020-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} => key removed successfully.
HKLM\Software\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => key not found.
HKU\S-1-5-21-1921459583-1451030928-2003145020-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} => key removed successfully.
HKLM\Software\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b} => key not found.
HKU\S-1-5-21-1921459583-1451030928-2003145020-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B} => key removed successfully.
HKLM\Software\Classes\CLSID\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B} => key not found.
HKU\S-1-5-21-1921459583-1451030928-2003145020-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} => key removed successfully.
HKLM\Software\Classes\CLSID\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} => key not found.
HKU\S-1-5-21-1921459583-1451030928-2003145020-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A} => key removed successfully.
HKLM\Software\Classes\CLSID\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A} => key not found.
HKU\S-1-5-21-1921459583-1451030928-2003145020-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} => key removed successfully.
HKLM\Software\Classes\CLSID\{EEE6C360-6118-11DC-9C72-001320C79847} => key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} => key removed successfully.
HKLM\Software\Classes\CLSID\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} => key removed successfully.
C:\Program Files\Funmoods => moved successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} => key removed successfully.
HKLM\Software\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18} => key removed successfully.
HKLM\Software\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} => value removed successfully.
HKLM\Software\Classes\CLSID\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{338B4DFE-2E2C-4338-9E41-E176D497299E} => value removed successfully.
HKLM\Software\Classes\CLSID\{338B4DFE-2E2C-4338-9E41-E176D497299E} => key removed successfully.
HKU\S-1-5-21-1921459583-1451030928-2003145020-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{51A86BB3-6602-4C85-92A5-130EE4864F13} => value removed successfully.
HKLM\Software\Classes\CLSID\{51A86BB3-6602-4C85-92A5-130EE4864F13} => key not found.
HKU\S-1-5-21-1921459583-1451030928-2003145020-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EEE6C35B-6118-11DC-9C72-001320C79847} => value removed successfully.
HKLM\Software\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847} => key not found.
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{4871A87A-BFDD-4106-8153-FFDE2BAC2967} => key removed successfully.
HKLM\Software\Classes\CLSID\{4871A87A-BFDD-4106-8153-FFDE2BAC2967} => key removed successfully.
HKLM\Software\Classes\PROTOCOLS\Handler\skype-ie-addon-data => key removed successfully.
HKLM\Software\Classes\CLSID\{91774881-D725-4E58-B298-07617B9B86A8} => key removed successfully.
C:\Program Files\mozilla firefox\browser\searchplugins\Ask.xml => moved successfully
C:\Program Files\mozilla firefox\browser\searchplugins\wtu-secure-search.xml => moved successfully
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => key removed successfully.
HKU\S-1-5-21-1921459583-1451030928-2003145020-1001\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh => key removed successfully.
HKU\S-1-5-21-1921459583-1451030928-2003145020-1001\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj => key removed successfully.
C:\Users\Tom\AppData\Local\funmoods-speeddial_sf.crx => moved successfully
C:\Users\Tom\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully

"C:\Users\Tom\AppData\Local\Temp" folder move:

Could not move "C:\Users\Tom\AppData\Local\Temp" => Scheduled to move on reboot.

HQ-Video-Pro-1.4 (HKLM\...\HQ-Video-Pro-1.4) (Version: 1.34.2.13 - HQ-Video) <==== ATTENTION => Error: No automatic fix found for this entry.
Optimizer Pro v3.0 (HKLM\...\Optimizer Pro_is1) (Version: 3.0 - PC Utilities Pro) <==== ATTENTION => Error: No automatic fix found for this entry.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{10D24D82-9972-452E-9333-46CF02FFD3B2} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{10D24D82-9972-452E-9333-46CF02FFD3B2} => key removed successfully.
C:\Windows\System32\Tasks\HQ-Video-Pro-1.4-firefoxinstaller => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HQ-Video-Pro-1.4-firefoxinstaller => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2851FCD1-7670-405C-BC6A-EE6AC804BDE1} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2851FCD1-7670-405C-BC6A-EE6AC804BDE1} => key removed successfully.
C:\Windows\System32\Tasks\{FCF9A8DA-30FE-4CD6-8B8F-4C7D7CDDB0CB} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{FCF9A8DA-30FE-4CD6-8B8F-4C7D7CDDB0CB} => key removed successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 19700709 B
Java, Flash, Steam htmlcache => 150597716 B
Windows/system/drivers => 1140672740 B
Edge => 0 B
Chrome => 27027733 B
Firefox => 380743248 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 21257173 B
LocalService => 132244 B
NetworkService => 66488 B
Tom => 6630161629 B
DefaultAppPool => 0 B

RecycleBin => 9381556 B
EmptyTemp: => 7.8 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 24-09-2017 12:56:32)

C:\Users\Tom\AppData\Local\Temp => moved successfully

==== End of Fixlog 12:56:39 ====

#10 Příspěvek od **Rudy** » 24 zář 2017 14:30

Vše smazáno. To jsem rád, že už je to OK. Jinak žádný problém?

Tomakatre321 · #11 Příspěvek od **Tomakatre321** » 02 říj 2017 14:10

Tak jsem z toho nějakej zmatenej.... hned po odvirování se pc načítal normálně, ale teď se systém načte bežnou rychlostí ale plocha se načítá něco kolem 20ti minut... + něco mi asi zpomaluje internet protože se vše načítá docela dlouho (na jiných pc je to v pořádku...)

#12 Příspěvek od **Rudy** » 02 říj 2017 15:31

Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

Tomakatre321 · #13 Příspěvek od **Tomakatre321** » 16 říj 2017 13:14

Nevím jestli dělám spravný sken, protože odkaz mě přesměroval na malwarebytes, tam jsem stáhl free verzi a teď dělám threat scan je to tak dobře?

#14 Příspěvek od **Rudy** » 16 říj 2017 17:17

Předpokládám, že ano. MBAM je zkratka z Malwarebytes antimalware. Dejte, prosím, log a uvidíme.

Tomakatre321 · #15 Příspěvek od **Tomakatre321** » 16 říj 2017 19:26

Tak jsem asi de*il... protože nevím jak to udělat, po dokončení threat skenu mi tu vyběhla havěť a ne log.. :/

VIRY.CZ

Zpomalený pc...

Zpomalený pc...

Re: Zpomalený pc...

Re: Zpomalený pc...

Re: Zpomalený pc...

Re: Zpomalený pc...

Re: Zpomalený pc...

Re: Zpomalený pc...

Re: Zpomalený pc...

Re: Zpomalený pc...

Re: Zpomalený pc...

Re: Zpomalený pc...

Re: Zpomalený pc...

Re: Zpomalený pc...

Re: Zpomalený pc...

Re: Zpomalený pc...