zpomalený notebook

Zpráva

dinospages · #1 Příspěvek od **dinospages** » 16 čer 2018 07:26

Dobrý den rádci, dostal se mi do rukou notebook o kterém majitel tvrdí že je pomalý já jsem nic extra neshledal na prvni dojem, pru spusteni prohližeče to bere ponekdu vice výkonu a obcas jede i disk na 100% nejakou dobu nevim zda je to majitelem popisovany problem.

zde zasílám log, díky za kontrolu:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06.06.2018 01
Ran by Jana DvoĹ™ĂˇkovĂˇ (administrator) on TOSCHIBA (16-06-2018 08:18:06)
Running from C:\Users\Jana DvoĹ™ĂˇkovĂˇ\Desktop
Loaded Profiles: Jana DvoĹ™ĂˇkovĂˇ & Administrator (Available Profiles: Jana DvoĹ™ĂˇkovĂˇ & Administrator)
Platform: Windows 8.1 Connected (Update) (X64) Language: ÄŚeĹˇtina (ÄŚeskĂˇ republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
() C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.8\ToolbarUpdater.exe
(Toshiba Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\WINDOWS\System32\igfxsrvc.exe
(Intel Corporation) C:\WINDOWS\System32\hkcmd.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\WINDOWS\System32\igfxpers.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
(OrdinarySoft) C:\Program Files\Start Menu X\StartMenuX.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
(TOSHIBA) C:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TDUSrv64.exe
() C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\WINDOWS\System32\Taskmgr.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(SpoleÄŤnost TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Jana DvoĹ™ĂˇkovĂˇ\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [] => [X]
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-10-08] (TOSHIBA Corporation)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [179288 2014-01-04] (TOSHIBA Corporation)
HKLM\...\Run: [TSSSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [296008 2013-10-21] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [354144 2013-08-13] (TOSHIBA Corporation)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [291568 2018-05-18] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [KeNotify] => C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34160 2013-08-05] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [516512 2013-07-23] (TOSHIBA)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2195968 2018-03-22] ()
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-957095468-1113487514-4108400307-1001\...\Run: [StartMenuX] => C:\Program Files\Start Menu X\StartMenuX.exe [7673664 2013-11-20] (OrdinarySoft)
HKU\S-1-5-21-957095468-1113487514-4108400307-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [17074688 2018-04-12] (Piriform Ltd)
HKU\S-1-5-21-957095468-1113487514-4108400307-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53130368 2016-05-17] (Skype Technologies S.A.)
HKU\S-1-5-21-957095468-1113487514-4108400307-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [11776 2014-10-28] (Microsoft Corporation)
HKU\S-1-5-21-957095468-1113487514-4108400307-500\...\Run: [] => [X]

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{032AB102-706A-4609-8B59-0F1ED51FAEC1}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{B3B763F5-CD45-4FA0-AD84-D04D8C482EA6}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKU\S-1-5-21-957095468-1113487514-4108400307-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid=%7BF19AD5BE-F368-4AA0-A25F-283CDD39B98D%7D&mid=03f631d7c85147cda11bc98618cd94bb-2d9c86aa76bb2040cfbdc941f89ecae290cc2f7b&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0215pi&pr=fr&d=2015-03-29%2013:47:16&v=4.2.4.155&pid=wtu&sg=&sap=hp
HKU\S-1-5-21-957095468-1113487514-4108400307-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com/?pc=TEJB
HKU\S-1-5-21-957095468-1113487514-4108400307-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://toshiba.eu/symbaloo_c
HKU\S-1-5-21-957095468-1113487514-4108400307-500\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://toshiba13.msn.com/?pc=TEJB
HKU\S-1-5-21-957095468-1113487514-4108400307-500\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com/?pc=TEJB
HKU\S-1-5-21-957095468-1113487514-4108400307-500\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://toshiba.eu/symbaloo_c
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-957095468-1113487514-4108400307-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-957095468-1113487514-4108400307-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-957095468-1113487514-4108400307-1001 -> {45EE3644-A616-4B68-BFA2-EF4FE3E9D993} URL =
SearchScopes: HKU\S-1-5-21-957095468-1113487514-4108400307-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={F19AD5BE-F368-4AA0-A25F-283CDD39B98D}&mid=03f631d7c85147cda11bc98618cd94bb-2d9c86aa76bb2040cfbdc941f89ecae290cc2f7b&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0117tb&pr=fr&d=2015-03-29 13:47:16&v=4.3.6.255&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-957095468-1113487514-4108400307-500 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-957095468-1113487514-4108400307-500 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.3.9.626\AVG Web TuneUp.dll [2018-03-22] (AVG)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2017-04-04] (Google Inc.)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.3.9.626\AVG Web TuneUp.dll [2018-03-22] (AVG)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2017-04-04] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2017-04-04] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2017-04-04] (Google Inc.)

FireFox:
========
FF DefaultProfile: 2ibn9w7q.default
FF ProfilePath: C:\Users\Jana DvoĹ™ĂˇkovĂˇ\AppData\Roaming\Mozilla\Firefox\Profiles\2ibn9w7q.default [2018-06-16]
FF Homepage: Mozilla\Firefox\Profiles\2ibn9w7q.default -> hxxps://mysearch.avg.com/?rvt=1
FF HomepageOverride: Mozilla\Firefox\Profiles\2ibn9w7q.default -> Enabled: avg@toolbar
FF NewTabOverride: Mozilla\Firefox\Profiles\2ibn9w7q.default -> Enabled: avg@toolbar
FF Extension: (AVG Web TuneUp) - C:\Users\Jana DvoĹ™ĂˇkovĂˇ\AppData\Roaming\Mozilla\Firefox\Profiles\2ibn9w7q.default\Extensions\avg@toolbar.xpi [2018-03-23]
FF Extension: (Google Translator for Firefox) - C:\Users\Jana DvoĹ™ĂˇkovĂˇ\AppData\Roaming\Mozilla\Firefox\Profiles\2ibn9w7q.default\Extensions\translator@zoli.bod.xpi [2017-12-12]
FF Extension: (Adblock Plus) - C:\Users\Jana DvoĹ™ĂˇkovĂˇ\AppData\Roaming\Mozilla\Firefox\Profiles\2ibn9w7q.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-05-17]
FF SearchPlugin: C:\Users\Jana DvoĹ™ĂˇkovĂˇ\AppData\Roaming\Mozilla\Firefox\Profiles\2ibn9w7q.default\searchplugins\avg-secure-search.xml [2018-03-23]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll [2015-03-29] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-03-29] ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.8\\npsitesafety.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-05] ()

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> mysearch.avg.com
CHR StartupUrls: Default -> "hxxps://www.google.cz/"
CHR DefaultSearchURL: Default -> hxxps://mysearch.avg.com/search?rvt=1&sap=dsp&q={searchTerms}
CHR DefaultSearchKeyword: Default -> hxxps://mysearch.avg.com
CHR DefaultSuggestURL: Default -> hxxps://toolbar.avg.com/acp?q={searchTerms}&o=1
CHR Profile: C:\Users\Jana DvoĹ™ĂˇkovĂˇ\AppData\Local\Google\Chrome\User Data\Default [2018-06-16]
CHR Extension: (Slides) - C:\Users\Jana DvoĹ™ĂˇkovĂˇ\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-26]
CHR Extension: (Docs) - C:\Users\Jana DvoĹ™ĂˇkovĂˇ\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-26]
CHR Extension: (Google Drive) - C:\Users\Jana DvoĹ™ĂˇkovĂˇ\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Jana DvoĹ™ĂˇkovĂˇ\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-14]
CHR Extension: (AVG Secure Search) - C:\Users\Jana DvoĹ™ĂˇkovĂˇ\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2017-02-14]
CHR Extension: (Google Search) - C:\Users\Jana DvoĹ™ĂˇkovĂˇ\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-01]
CHR Extension: (Sheets) - C:\Users\Jana DvoĹ™ĂˇkovĂˇ\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-26]
CHR Extension: (Google Docs Offline) - C:\Users\Jana DvoĹ™ĂˇkovĂˇ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-24]
CHR Extension: (Skype) - C:\Users\Jana DvoĹ™ĂˇkovĂˇ\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-12-29]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jana DvoĹ™ĂˇkovĂˇ\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-06-15]
CHR Extension: (Gmail) - C:\Users\Jana DvoĹ™ĂˇkovĂˇ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30]
CHR Extension: (Chrome Media Router) - C:\Users\Jana DvoĹ™ĂˇkovĂˇ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-15]
CHR HKU\S-1-5-21-957095468-1113487514-4108400307-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [chfdnecihphmhljaaejmgoiahnihplgn] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [319104 2014-03-18] (Windows (R) Win 7 DDK provider) [File not signed]
R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [318328 2018-05-18] (AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe [7670672 2018-05-18] (AVG Technologies CZ, s.r.o.)
R2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [21840 2014-03-03] ()
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-02-25] (WildTangent)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation)
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [120392 2015-11-17] (Toshiba Europe GmbH)
R2 vToolbarUpdater40.3.8; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.8\ToolbarUpdater.exe [1371136 2018-03-22] (AVG Secure Search)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [811520 2018-03-22] ()

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\WINDOWS\system32\DRIVERS\athwbx.sys [3888640 2014-02-14] (Qualcomm Atheros Communications, Inc.)
R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [189032 2018-05-18] (AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdrivera.sys [220600 2018-05-18] (AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsha.sys [192536 2018-05-18] (AVG Technologies CZ, s.r.o.)
R0 avgblog; C:\WINDOWS\System32\drivers\avgbloga.sys [336848 2018-05-18] (AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniva.sys [50776 2018-05-18] (AVG Technologies CZ, s.r.o.)
S3 avgHwid; C:\WINDOWS\System32\drivers\avgHwid.sys [39352 2018-05-18] (AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [151504 2018-05-18] (AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [103744 2018-05-18] (AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [78352 2018-05-18] (AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [1020112 2018-05-18] (AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [452904 2018-05-18] (AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [198368 2018-05-18] (AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [373944 2018-05-18] (AVG Technologies CZ, s.r.o.)
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [291544 2014-01-03] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [31472 2014-02-20] (Synaptics Incorporated)
R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [33168 2013-11-01] (Windows (R) Win 7 DDK provider)
R3 TXEIx64; C:\WINDOWS\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-06-16 08:18 - 2018-06-16 08:18 - 000019095 _____ C:\Users\Jana DvoĹ™ĂˇkovĂˇ\Desktop\FRST.txt
2018-06-16 08:17 - 2018-06-16 08:18 - 000000000 ____D C:\FRST
2018-06-16 08:14 - 2018-06-15 23:08 - 000112640 _____ (forum.viry.cz) C:\Users\Jana DvoĹ™ĂˇkovĂˇ\Desktop\FRSTLauncher.exe
2018-06-16 07:59 - 2018-06-16 07:59 - 002413056 _____ (Farbar) C:\Users\Jana DvoĹ™ĂˇkovĂˇ\Desktop\FRST64.exe
2018-06-15 23:28 - 2018-06-15 23:28 - 000031676 _____ C:\Users\Jana DvoĹ™ĂˇkovĂˇ\Documents\cc_20180615_232830.reg
2018-06-15 23:28 - 2018-06-15 23:28 - 000007596 _____ C:\Users\Jana DvoĹ™ĂˇkovĂˇ\AppData\Local\Resmon.ResmonCfg
2018-06-14 14:28 - 2018-06-14 14:28 - 001174927 _____ C:\Users\Jana DvoĹ™ĂˇkovĂˇ\Downloads\prilohy_9841.zip
2018-06-14 14:25 - 2018-06-14 14:25 - 001903729 _____ C:\Users\Jana DvoĹ™ĂˇkovĂˇ\Downloads\prilohy_9839.zip
2018-06-13 16:25 - 2018-05-24 22:10 - 025742848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-06-13 16:25 - 2018-05-24 21:38 - 005779968 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-06-13 16:25 - 2018-05-24 21:34 - 020286976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-06-13 16:25 - 2018-05-24 21:32 - 000794624 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-06-13 16:25 - 2018-05-24 21:06 - 000662016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-06-13 16:25 - 2018-05-24 20:56 - 000381440 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-06-13 16:25 - 2018-05-24 20:55 - 000809472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-06-13 16:25 - 2018-05-24 20:55 - 000728064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2018-06-13 16:25 - 2018-05-24 20:53 - 015283200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-06-13 16:25 - 2018-05-24 20:53 - 002135552 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-06-13 16:25 - 2018-05-24 20:39 - 000696320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-06-13 16:25 - 2018-05-24 20:38 - 013679616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-06-13 16:25 - 2018-05-22 22:45 - 000027480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\uefi.sys
2018-06-13 16:25 - 2018-05-22 22:39 - 001676064 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-06-13 16:25 - 2018-05-14 22:47 - 002334624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-06-13 16:25 - 2018-05-14 22:47 - 000244304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-06-13 16:25 - 2018-05-14 22:33 - 001308352 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-06-13 16:25 - 2018-05-14 21:57 - 002324752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-06-13 16:25 - 2018-05-14 21:17 - 000032640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2018-06-13 16:25 - 2018-05-14 21:04 - 000240128 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2018-06-13 16:25 - 2018-05-14 20:05 - 000517120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2018-06-13 16:25 - 2018-05-14 19:57 - 000672768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2018-06-13 16:25 - 2018-05-14 19:51 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2018-06-13 16:25 - 2018-05-12 14:11 - 000532664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-06-13 16:25 - 2018-05-12 14:06 - 000567152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-06-13 16:25 - 2018-05-12 13:51 - 002014040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-06-13 16:25 - 2018-05-12 13:51 - 000923480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2018-06-13 16:25 - 2018-05-05 12:05 - 001543800 _____ (Microsoft Corporation) C:\WINDOWS\system32\webservices.dll
2018-06-13 16:25 - 2018-05-05 11:15 - 001178136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll
2018-06-13 16:25 - 2018-05-05 09:38 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2018-06-13 16:25 - 2018-05-05 09:23 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2018-06-13 16:25 - 2018-04-07 09:43 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2018-06-13 16:25 - 2018-04-07 09:09 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2018-06-13 16:25 - 2018-04-07 08:34 - 002255360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-06-13 16:25 - 2018-04-07 08:15 - 001942016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-06-13 16:25 - 2018-04-05 10:47 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc63.sys
2018-06-13 16:25 - 2018-04-05 10:38 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetVscCoinstall.dll
2018-06-13 16:25 - 2018-03-28 18:06 - 002608640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2018-06-13 16:25 - 2018-03-28 18:05 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2018-06-13 16:25 - 2018-03-28 17:26 - 002170880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2018-06-13 16:25 - 2018-03-28 17:24 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll
2018-06-13 16:24 - 2018-05-24 21:44 - 000578048 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-06-13 16:24 - 2018-05-24 21:16 - 000499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-06-13 16:24 - 2018-05-24 21:03 - 001033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2018-06-13 16:24 - 2018-05-24 20:44 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2018-06-13 16:24 - 2018-05-24 20:42 - 004496896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-06-13 16:24 - 2018-05-24 20:39 - 003241472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-06-13 16:24 - 2018-05-24 20:38 - 002060288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2018-06-13 16:24 - 2018-05-24 20:38 - 000333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-06-13 16:24 - 2018-05-24 20:29 - 001546240 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-06-13 16:24 - 2018-05-24 20:19 - 002767872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-06-13 16:24 - 2018-05-24 20:17 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-06-13 16:24 - 2018-05-24 20:15 - 001314304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-06-13 16:24 - 2018-05-24 20:14 - 000710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-06-13 16:24 - 2018-05-22 22:56 - 007406944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-06-13 16:24 - 2018-05-22 21:13 - 000251392 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2018-06-13 16:24 - 2018-05-12 12:08 - 000445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2018-06-13 16:24 - 2018-05-10 20:04 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2018-06-13 16:24 - 2018-04-07 09:48 - 000685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2018-06-13 16:24 - 2018-04-07 09:47 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2018-06-13 16:24 - 2018-03-28 18:33 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll
2018-06-13 16:24 - 2018-03-28 18:21 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmplpxy.dll
2018-05-18 09:59 - 2018-05-18 09:58 - 000377584 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-06-16 08:15 - 2014-05-06 02:41 - 000791822 _____ C:\WINDOWS\system32\perfh015.dat
2018-06-16 08:15 - 2014-05-06 02:41 - 000160594 _____ C:\WINDOWS\system32\perfc015.dat
2018-06-16 08:15 - 2014-05-06 02:19 - 000736908 _____ C:\WINDOWS\system32\perfh00E.dat
2018-06-16 08:15 - 2014-05-06 02:19 - 000174822 _____ C:\WINDOWS\system32\perfc00E.dat
2018-06-16 08:15 - 2014-05-06 01:37 - 000734510 _____ C:\WINDOWS\system32\perfh005.dat
2018-06-16 08:15 - 2014-05-06 01:37 - 000148820 _____ C:\WINDOWS\system32\perfc005.dat
2018-06-16 08:15 - 2014-03-18 02:47 - 003603266 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-06-16 08:15 - 2013-08-22 06:36 - 000000000 ____D C:\WINDOWS\Inf
2018-06-16 07:53 - 2015-05-24 09:32 - 000000000 ____D C:\Users\Jana DvoĹ™ĂˇkovĂˇ\AppData\Local\Avg
2018-06-16 07:52 - 2016-11-18 20:28 - 000000000 ____D C:\Users\Jana DvoĹ™ĂˇkovĂˇ\AppData\LocalLow\Mozilla
2018-06-16 07:52 - 2015-07-28 10:21 - 000000000 ____D C:\Users\Jana DvoĹ™ĂˇkovĂˇ\AppData\Roaming\Skype
2018-06-15 23:39 - 2013-08-22 07:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-06-15 23:34 - 2016-11-18 15:59 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-06-15 23:34 - 2015-09-02 18:12 - 000000000 ____D C:\ProgramData\AVG
2018-06-15 23:34 - 2015-03-29 13:37 - 000000000 ____D C:\Program Files (x86)\AVG
2018-06-15 23:34 - 2015-02-23 16:58 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-06-15 23:34 - 2013-08-22 06:25 - 000262144 ___SH C:\WINDOWS\system32\config\BBI
2018-06-15 23:22 - 2017-06-29 19:12 - 000000000 ____D C:\Users\Jana DvoĹ™ĂˇkovĂˇ\AppData\Roaming\MPC-HC
2018-06-15 22:21 - 2015-02-23 14:06 - 000003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-957095468-1113487514-4108400307-1001
2018-06-15 22:13 - 2018-04-12 13:30 - 000004128 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2018-06-15 22:13 - 2017-04-04 13:49 - 000004174 _____ C:\WINDOWS\System32\Tasks\Antivirus Emergency Update
2018-06-15 22:09 - 2013-08-22 08:20 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-06-14 14:41 - 2017-09-26 23:49 - 000000000 ____D C:\Users\Jana DvoĹ™ĂˇkovĂˇ\Desktop\TonĂÄŤek
2018-06-13 07:51 - 2015-02-23 17:09 - 000002255 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-06-13 07:51 - 2015-02-23 17:09 - 000002214 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-06-07 14:44 - 2015-02-23 16:58 - 000001182 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-06-05 12:19 - 2018-03-22 12:57 - 000835056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-06-05 12:19 - 2018-03-22 12:57 - 000179704 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-05-29 11:23 - 2016-01-15 13:45 - 000000000 ____D C:\Users\Jana DvoĹ™ĂˇkovĂˇ\Desktop\Barborka
2018-05-18 21:23 - 2013-08-22 08:36 - 000000000 ____D C:\WINDOWS\rescache
2018-05-18 10:05 - 2014-05-22 15:33 - 000003386 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2018-05-18 10:05 - 2014-05-22 15:33 - 000003258 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2018-05-18 09:58 - 2018-02-15 12:00 - 000189032 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArPot.sys
2018-05-18 09:58 - 2017-04-04 13:48 - 001020112 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSnx.sys
2018-05-18 09:58 - 2017-04-04 13:48 - 000452904 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys
2018-05-18 09:58 - 2017-04-04 13:48 - 000373944 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgVmm.sys
2018-05-18 09:58 - 2017-04-04 13:48 - 000198368 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgStm.sys
2018-05-18 09:58 - 2017-04-04 13:48 - 000151504 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys
2018-05-18 09:58 - 2017-04-04 13:48 - 000103744 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRdr2.sys
2018-05-18 09:58 - 2017-04-04 13:48 - 000078352 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRvrt.sys
2018-05-18 09:58 - 2017-04-04 13:48 - 000039352 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgHwid.sys
2018-05-18 09:57 - 2017-04-04 13:48 - 000336848 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbloga.sys
2018-05-18 09:57 - 2017-04-04 13:48 - 000220600 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsdrivera.sys
2018-05-18 09:57 - 2017-04-04 13:48 - 000192536 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsha.sys
2018-05-18 09:57 - 2017-04-04 13:48 - 000050776 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbuniva.sys
2018-05-17 04:26 - 2013-08-22 07:44 - 000337800 _____ C:\WINDOWS\system32\FNTCACHE.DAT

==================== Files in the root of some directories =======

2018-06-15 23:28 - 2018-06-15 23:28 - 000007596 _____ () C:\Users\Jana DvoĹ™ĂˇkovĂˇ\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus (Enabled - Up to date) {C50510DE-367A-330C-FD5C-556ACFB11243}
AS: AVG Antivirus (Enabled - Up to date) {7E64F13A-1040-3C82-C7EC-6E18B43658FE}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Jana Dvoý kov \Desktop" je 2641 MB.

***** Startup Programs *****

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

#2 Příspěvek od **Rudy** » 16 čer 2018 12:45

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

dinospages · #3 Příspěvek od **dinospages** » 17 čer 2018 06:23

# -------------------------------
# Malwarebytes AdwCleaner 7.2.0.0
# -------------------------------
# Build: 06-05-2018
# Database: 2018-06-15.3
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 06-17-2018
# Duration: 00:00:32
# OS: Windows 8.1 Connected
# Cleaned: 33
# Failed: 1

***** [ Services ] *****

Deleted vToolbarUpdater40.3.8
Deleted WtuSystemSupport

***** [ Folders ] *****

Deleted C:\avg web tuneup
Deleted C:\ProgramData\avg web tuneup
Deleted C:\Program Files\avg web tuneup
Deleted C:\Program Files (x86)\avg web tuneup
Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\avg web tuneup
Deleted C:\Users\Jana Dvořáková\AppData\Local\avg web tuneup
Deleted C:\Users\Jana Dvořáková\AppData\LocalLow\avg web tuneup
Deleted C:\ProgramData\AVG Security Toolbar
Deleted C:\ProgramData\AVG Secure Search
Deleted C:\Program Files\Common Files\AVG Secure Search
Deleted C:\Program Files (x86)\Common Files\AVG Secure Search
Deleted C:\Users\Administrator\AppData\Local\Packages\windows_ie_ac_001\AC\AVG Web TuneUp
Deleted C:\Users\Jana Dvořáková\AppData\Local\Packages\windows_ie_ac_001\AC\AVG Web TuneUp

***** [ Files ] *****

Deleted C:\Users\Jana Dvořáková\AppData\Roaming\Mozilla\Firefox\Profiles\2ibn9w7q.default\searchplugins\avg-secure-search.xml

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\APPDATALOW\SOFTWARE\AMAZON\Amazon1ButtonApp
Deleted HKCU\Software\AVG Tuneup
Deleted HKLM\Software\Wow6432Node\AVG Tuneup
Deleted HKLM\Software\Wow6432Node\Google\Chrome\NativeMessagingHosts\avgsh
Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{4BC8AD89-AC5F-4DBD-A38F-C355C7DD33D7}
Deleted HKLM\Software\Classes\TypeLib\{4BC8AD89-AC5F-4DBD-A38F-C355C7DD33D7}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Deleted HKLM\Software\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Deleted HKLM\Software\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Internet Explorer\DOMStorage\mysearch.avg.com
Deleted HKCU\Software\Microsoft\Internet Explorer\Main|Start Page

***** [ Chromium (and derivatives) ] *****

Deleted AVG Web TuneUp

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

Deleted AVG Web TuneUp

***** [ Firefox URLs ] *****

Not Deleted mysearch.avg.com
Deleted https://mysearch.avg.com/?rvt=1

*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [4031 octets] - [17/06/2018 07:02:26]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

#4 Příspěvek od **Rudy** » 17 čer 2018 09:13

Dejte nový log FRST.

dinospages · #5 Příspěvek od **dinospages** » 17 čer 2018 10:19

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06.06.2018 01
Ran by Jana DvoĹ™ĂˇkovĂˇ (administrator) on TOSCHIBA (17-06-2018 02:16:04)
Running from C:\Users\Jana DvoĹ™ĂˇkovĂˇ\Desktop
Loaded Profiles: Jana DvoĹ™ĂˇkovĂˇ (Available Profiles: Jana DvoĹ™ĂˇkovĂˇ & Administrator)
Platform: Windows 8.1 Connected (Update) (X64) Language: ÄŚeĹˇtina (ÄŚeskĂˇ republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
() C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Toshiba Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\WINDOWS\System32\igfxsrvc.exe
(Intel Corporation) C:\WINDOWS\System32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\System32\igfxpers.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(OrdinarySoft) C:\Program Files\Start Menu X\StartMenuX.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
(TOSHIBA) C:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TDUSrv64.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(SpoleÄŤnost TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(forum.viry.cz) C:\Users\Jana DvoĹ™ĂˇkovĂˇ\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [] => [X]
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-10-08] (TOSHIBA Corporation)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [179288 2014-01-04] (TOSHIBA Corporation)
HKLM\...\Run: [TSSSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [296008 2013-10-21] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [354144 2013-08-13] (TOSHIBA Corporation)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [291568 2018-05-18] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [KeNotify] => C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34160 2013-08-05] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [516512 2013-07-23] (TOSHIBA)
HKLM-x32\...\Run: [vProt] => "C:\Program Files (x86)\AVG Web TuneUp\vprot.exe"
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-957095468-1113487514-4108400307-1001\...\Run: [StartMenuX] => C:\Program Files\Start Menu X\StartMenuX.exe [7673664 2013-11-20] (OrdinarySoft)
HKU\S-1-5-21-957095468-1113487514-4108400307-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [17074688 2018-04-12] (Piriform Ltd)
HKU\S-1-5-21-957095468-1113487514-4108400307-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53130368 2016-05-17] (Skype Technologies S.A.)
HKU\S-1-5-21-957095468-1113487514-4108400307-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [11776 2014-10-28] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{032AB102-706A-4609-8B59-0F1ED51FAEC1}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{B3B763F5-CD45-4FA0-AD84-D04D8C482EA6}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKU\S-1-5-21-957095468-1113487514-4108400307-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com/?pc=TEJB
HKU\S-1-5-21-957095468-1113487514-4108400307-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://toshiba.eu/symbaloo_c
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-957095468-1113487514-4108400307-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-957095468-1113487514-4108400307-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-957095468-1113487514-4108400307-1001 -> {45EE3644-A616-4B68-BFA2-EF4FE3E9D993} URL =
SearchScopes: HKU\S-1-5-21-957095468-1113487514-4108400307-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={F19AD5BE-F368-4AA0-A25F-283CDD39B98D}&mid=03f631d7c85147cda11bc98618cd94bb-2d9c86aa76bb2040cfbdc941f89ecae290cc2f7b&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0117tb&pr=fr&d=2015-03-29 13:47:16&v=4.3.6.255&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.3.9.626\AVG Web TuneUp.dll => No File
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2017-04-04] (Google Inc.)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.3.9.626\AVG Web TuneUp.dll => No File
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2017-04-04] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2017-04-04] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2017-04-04] (Google Inc.)

FireFox:
========
FF DefaultProfile: 2ibn9w7q.default
FF ProfilePath: C:\Users\Jana DvoĹ™ĂˇkovĂˇ\AppData\Roaming\Mozilla\Firefox\Profiles\2ibn9w7q.default [2018-06-17]
FF Homepage: Mozilla\Firefox\Profiles\2ibn9w7q.default -> hxxps://www.google.com/
FF HomepageOverride: Mozilla\Firefox\Profiles\2ibn9w7q.default -> Enabled: avg@toolbar
FF NewTabOverride: Mozilla\Firefox\Profiles\2ibn9w7q.default -> Enabled: avg@toolbar
FF Extension: (Google Translator for Firefox) - C:\Users\Jana DvoĹ™ĂˇkovĂˇ\AppData\Roaming\Mozilla\Firefox\Profiles\2ibn9w7q.default\Extensions\translator@zoli.bod.xpi [2017-12-12]
FF Extension: (Adblock Plus) - C:\Users\Jana DvoĹ™ĂˇkovĂˇ\AppData\Roaming\Mozilla\Firefox\Profiles\2ibn9w7q.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-05-17]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll [2015-03-29] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-03-29] ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.8\\npsitesafety.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-05] ()

Chrome:
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxps://www.google.cz/"
CHR Profile: C:\Users\Jana DvoĹ™ĂˇkovĂˇ\AppData\Local\Google\Chrome\User Data\Default [2018-06-17]
CHR Extension: (Slides) - C:\Users\Jana DvoĹ™ĂˇkovĂˇ\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-26]
CHR Extension: (Docs) - C:\Users\Jana DvoĹ™ĂˇkovĂˇ\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-26]
CHR Extension: (Google Drive) - C:\Users\Jana DvoĹ™ĂˇkovĂˇ\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Jana DvoĹ™ĂˇkovĂˇ\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-14]
CHR Extension: (AVG Web TuneUp) - C:\Users\Jana DvoĹ™ĂˇkovĂˇ\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2017-02-14]
CHR Extension: (Google Search) - C:\Users\Jana DvoĹ™ĂˇkovĂˇ\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-01]
CHR Extension: (Sheets) - C:\Users\Jana DvoĹ™ĂˇkovĂˇ\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-26]
CHR Extension: (Google Docs Offline) - C:\Users\Jana DvoĹ™ĂˇkovĂˇ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-24]
CHR Extension: (Skype) - C:\Users\Jana DvoĹ™ĂˇkovĂˇ\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-12-29]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jana DvoĹ™ĂˇkovĂˇ\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-06-15]
CHR Extension: (Gmail) - C:\Users\Jana DvoĹ™ĂˇkovĂˇ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30]
CHR Extension: (Chrome Media Router) - C:\Users\Jana DvoĹ™ĂˇkovĂˇ\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-15]
CHR HKU\S-1-5-21-957095468-1113487514-4108400307-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [chfdnecihphmhljaaejmgoiahnihplgn] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [319104 2014-03-18] (Windows (R) Win 7 DDK provider) [File not signed]
R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [318328 2018-05-18] (AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe [7670672 2018-05-18] (AVG Technologies CZ, s.r.o.)
R2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [21840 2014-03-03] ()
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-02-25] (WildTangent)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation)
R3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [120392 2015-11-17] (Toshiba Europe GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\WINDOWS\system32\DRIVERS\athwbx.sys [3888640 2014-02-14] (Qualcomm Atheros Communications, Inc.)
R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [189032 2018-05-18] (AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdrivera.sys [220600 2018-05-18] (AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsha.sys [192536 2018-05-18] (AVG Technologies CZ, s.r.o.)
R0 avgblog; C:\WINDOWS\System32\drivers\avgbloga.sys [336848 2018-05-18] (AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniva.sys [50776 2018-05-18] (AVG Technologies CZ, s.r.o.)
S3 avgHwid; C:\WINDOWS\System32\drivers\avgHwid.sys [39352 2018-05-18] (AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [151504 2018-05-18] (AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [103744 2018-05-18] (AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [78352 2018-05-18] (AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [1020112 2018-05-18] (AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [452904 2018-05-18] (AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [198368 2018-05-18] (AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [373944 2018-05-18] (AVG Technologies CZ, s.r.o.)
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [291544 2014-01-03] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [31472 2014-02-20] (Synaptics Incorporated)
R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [33168 2013-11-01] (Windows (R) Win 7 DDK provider)
R3 TXEIx64; C:\WINDOWS\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-06-17 07:00 - 2018-06-17 07:03 - 000000000 ____D C:\AdwCleaner
2018-06-17 06:59 - 2018-06-17 06:59 - 007372496 _____ (Malwarebytes) C:\Users\Jana DvoĹ™ĂˇkovĂˇ\Desktop\adwcleaner_7.2.0.exe
2018-06-16 08:18 - 2018-06-17 02:16 - 000016433 _____ C:\Users\Jana DvoĹ™ĂˇkovĂˇ\Desktop\FRST.txt
2018-06-16 08:17 - 2018-06-16 08:18 - 000000000 ____D C:\FRST
2018-06-16 08:14 - 2018-06-15 23:08 - 000112640 _____ (forum.viry.cz) C:\Users\Jana DvoĹ™ĂˇkovĂˇ\Desktop\FRSTLauncher.exe
2018-06-16 07:59 - 2018-06-16 07:59 - 002413056 _____ (Farbar) C:\Users\Jana DvoĹ™ĂˇkovĂˇ\Desktop\FRST64.exe
2018-06-15 23:28 - 2018-06-15 23:28 - 000031676 _____ C:\Users\Jana DvoĹ™ĂˇkovĂˇ\Documents\cc_20180615_232830.reg
2018-06-15 23:28 - 2018-06-15 23:28 - 000007596 _____ C:\Users\Jana DvoĹ™ĂˇkovĂˇ\AppData\Local\Resmon.ResmonCfg
2018-06-14 14:28 - 2018-06-14 14:28 - 001174927 _____ C:\Users\Jana DvoĹ™ĂˇkovĂˇ\Downloads\prilohy_9841.zip
2018-06-14 14:25 - 2018-06-14 14:25 - 001903729 _____ C:\Users\Jana DvoĹ™ĂˇkovĂˇ\Downloads\prilohy_9839.zip
2018-06-13 16:25 - 2018-05-24 22:10 - 025742848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-06-13 16:25 - 2018-05-24 21:38 - 005779968 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-06-13 16:25 - 2018-05-24 21:34 - 020286976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-06-13 16:25 - 2018-05-24 21:32 - 000794624 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-06-13 16:25 - 2018-05-24 21:06 - 000662016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-06-13 16:25 - 2018-05-24 20:56 - 000381440 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-06-13 16:25 - 2018-05-24 20:55 - 000809472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-06-13 16:25 - 2018-05-24 20:55 - 000728064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2018-06-13 16:25 - 2018-05-24 20:53 - 015283200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-06-13 16:25 - 2018-05-24 20:53 - 002135552 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-06-13 16:25 - 2018-05-24 20:39 - 000696320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-06-13 16:25 - 2018-05-24 20:38 - 013679616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-06-13 16:25 - 2018-05-22 22:45 - 000027480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\uefi.sys
2018-06-13 16:25 - 2018-05-22 22:39 - 001676064 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-06-13 16:25 - 2018-05-14 22:47 - 002334624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-06-13 16:25 - 2018-05-14 22:47 - 000244304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-06-13 16:25 - 2018-05-14 22:33 - 001308352 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-06-13 16:25 - 2018-05-14 21:57 - 002324752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-06-13 16:25 - 2018-05-14 21:17 - 000032640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2018-06-13 16:25 - 2018-05-14 21:04 - 000240128 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2018-06-13 16:25 - 2018-05-14 20:05 - 000517120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2018-06-13 16:25 - 2018-05-14 19:57 - 000672768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2018-06-13 16:25 - 2018-05-14 19:51 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2018-06-13 16:25 - 2018-05-12 14:11 - 000532664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-06-13 16:25 - 2018-05-12 14:06 - 000567152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-06-13 16:25 - 2018-05-12 13:51 - 002014040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-06-13 16:25 - 2018-05-12 13:51 - 000923480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2018-06-13 16:25 - 2018-05-05 12:05 - 001543800 _____ (Microsoft Corporation) C:\WINDOWS\system32\webservices.dll
2018-06-13 16:25 - 2018-05-05 11:15 - 001178136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll
2018-06-13 16:25 - 2018-05-05 09:38 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2018-06-13 16:25 - 2018-05-05 09:23 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2018-06-13 16:25 - 2018-04-07 09:43 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2018-06-13 16:25 - 2018-04-07 09:09 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2018-06-13 16:25 - 2018-04-07 08:34 - 002255360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-06-13 16:25 - 2018-04-07 08:15 - 001942016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-06-13 16:25 - 2018-04-05 10:47 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc63.sys
2018-06-13 16:25 - 2018-04-05 10:38 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetVscCoinstall.dll
2018-06-13 16:25 - 2018-03-28 18:06 - 002608640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2018-06-13 16:25 - 2018-03-28 18:05 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2018-06-13 16:25 - 2018-03-28 17:26 - 002170880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2018-06-13 16:25 - 2018-03-28 17:24 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll
2018-06-13 16:24 - 2018-05-24 21:44 - 000578048 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-06-13 16:24 - 2018-05-24 21:16 - 000499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-06-13 16:24 - 2018-05-24 21:03 - 001033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2018-06-13 16:24 - 2018-05-24 20:44 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2018-06-13 16:24 - 2018-05-24 20:42 - 004496896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-06-13 16:24 - 2018-05-24 20:39 - 003241472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-06-13 16:24 - 2018-05-24 20:38 - 002060288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2018-06-13 16:24 - 2018-05-24 20:38 - 000333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-06-13 16:24 - 2018-05-24 20:29 - 001546240 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-06-13 16:24 - 2018-05-24 20:19 - 002767872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-06-13 16:24 - 2018-05-24 20:17 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-06-13 16:24 - 2018-05-24 20:15 - 001314304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-06-13 16:24 - 2018-05-24 20:14 - 000710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-06-13 16:24 - 2018-05-22 22:56 - 007406944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-06-13 16:24 - 2018-05-22 21:13 - 000251392 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2018-06-13 16:24 - 2018-05-12 12:08 - 000445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2018-06-13 16:24 - 2018-05-10 20:04 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2018-06-13 16:24 - 2018-04-07 09:48 - 000685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2018-06-13 16:24 - 2018-04-07 09:47 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2018-06-13 16:24 - 2018-03-28 18:33 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll
2018-06-13 16:24 - 2018-03-28 18:21 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmplpxy.dll
2018-05-18 09:59 - 2018-05-18 09:58 - 000377584 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-06-17 07:09 - 2015-07-28 10:21 - 000000000 ____D C:\Users\Jana DvoĹ™ĂˇkovĂˇ\AppData\Roaming\Skype
2018-06-17 07:07 - 2013-08-22 07:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-06-17 07:05 - 2013-08-22 06:25 - 000262144 ___SH C:\WINDOWS\system32\config\BBI
2018-06-16 22:27 - 2015-02-24 12:08 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-06-16 22:22 - 2016-11-18 20:28 - 000000000 ____D C:\Users\Jana DvoĹ™ĂˇkovĂˇ\AppData\LocalLow\Mozilla
2018-06-16 22:20 - 2017-10-12 02:24 - 133315992 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-06-16 22:20 - 2015-02-24 12:08 - 133315992 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-06-16 08:20 - 2013-08-22 06:36 - 000000000 ____D C:\WINDOWS\Inf
2018-06-16 08:15 - 2014-05-06 02:41 - 000791822 _____ C:\WINDOWS\system32\perfh015.dat
2018-06-16 08:15 - 2014-05-06 02:41 - 000160594 _____ C:\WINDOWS\system32\perfc015.dat
2018-06-16 08:15 - 2014-05-06 02:19 - 000736908 _____ C:\WINDOWS\system32\perfh00E.dat
2018-06-16 08:15 - 2014-05-06 02:19 - 000174822 _____ C:\WINDOWS\system32\perfc00E.dat
2018-06-16 08:15 - 2014-05-06 01:37 - 000734510 _____ C:\WINDOWS\system32\perfh005.dat
2018-06-16 08:15 - 2014-05-06 01:37 - 000148820 _____ C:\WINDOWS\system32\perfc005.dat
2018-06-16 08:15 - 2014-03-18 02:47 - 003603266 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-06-16 07:53 - 2015-05-24 09:32 - 000000000 ____D C:\Users\Jana DvoĹ™ĂˇkovĂˇ\AppData\Local\Avg
2018-06-15 23:34 - 2016-11-18 15:59 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-06-15 23:34 - 2015-09-02 18:12 - 000000000 ____D C:\ProgramData\AVG
2018-06-15 23:34 - 2015-03-29 13:37 - 000000000 ____D C:\Program Files (x86)\AVG
2018-06-15 23:34 - 2015-02-23 16:58 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-06-15 23:22 - 2017-06-29 19:12 - 000000000 ____D C:\Users\Jana DvoĹ™ĂˇkovĂˇ\AppData\Roaming\MPC-HC
2018-06-15 22:21 - 2015-02-23 14:06 - 000003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-957095468-1113487514-4108400307-1001
2018-06-15 22:13 - 2018-04-12 13:30 - 000004128 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2018-06-15 22:13 - 2017-04-04 13:49 - 000004174 _____ C:\WINDOWS\System32\Tasks\Antivirus Emergency Update
2018-06-15 22:09 - 2013-08-22 08:20 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-06-14 14:41 - 2017-09-26 23:49 - 000000000 ____D C:\Users\Jana DvoĹ™ĂˇkovĂˇ\Desktop\TonĂÄŤek
2018-06-13 07:51 - 2015-02-23 17:09 - 000002255 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-06-13 07:51 - 2015-02-23 17:09 - 000002214 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-06-07 14:44 - 2015-02-23 16:58 - 000001182 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-06-05 12:19 - 2018-03-22 12:57 - 000835056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-06-05 12:19 - 2018-03-22 12:57 - 000179704 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-05-29 11:23 - 2016-01-15 13:45 - 000000000 ____D C:\Users\Jana DvoĹ™ĂˇkovĂˇ\Desktop\Barborka
2018-05-18 21:23 - 2013-08-22 08:36 - 000000000 ____D C:\WINDOWS\rescache
2018-05-18 10:05 - 2014-05-22 15:33 - 000003386 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2018-05-18 10:05 - 2014-05-22 15:33 - 000003258 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2018-05-18 09:58 - 2018-02-15 12:00 - 000189032 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArPot.sys
2018-05-18 09:58 - 2017-04-04 13:48 - 001020112 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSnx.sys
2018-05-18 09:58 - 2017-04-04 13:48 - 000452904 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys
2018-05-18 09:58 - 2017-04-04 13:48 - 000373944 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgVmm.sys
2018-05-18 09:58 - 2017-04-04 13:48 - 000198368 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgStm.sys
2018-05-18 09:58 - 2017-04-04 13:48 - 000151504 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys
2018-05-18 09:58 - 2017-04-04 13:48 - 000103744 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRdr2.sys
2018-05-18 09:58 - 2017-04-04 13:48 - 000078352 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRvrt.sys
2018-05-18 09:58 - 2017-04-04 13:48 - 000039352 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgHwid.sys
2018-05-18 09:57 - 2017-04-04 13:48 - 000336848 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbloga.sys
2018-05-18 09:57 - 2017-04-04 13:48 - 000220600 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsdrivera.sys
2018-05-18 09:57 - 2017-04-04 13:48 - 000192536 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsha.sys
2018-05-18 09:57 - 2017-04-04 13:48 - 000050776 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbuniva.sys

==================== Files in the root of some directories =======

2018-06-15 23:28 - 2018-06-15 23:28 - 000007596 _____ () C:\Users\Jana DvoĹ™ĂˇkovĂˇ\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: (TI31337900A) (Fixed) (Total:454.09 GB) (Free:414.76 GB) NTFS
\\?\Volume{10b82a79-f0e6-11e3-8f13-201a06d7b0fb}\ (System) (Fixed) (Total:1 GB) (Free:0.59 GB) NTFS

Available physical RAM: 1683.75 MB
Total physical RAM: 3982.88 MB
Percentage of memory in use: 57%

==================== MBR and Partition Table ==================

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus (Enabled - Up to date) {C50510DE-367A-330C-FD5C-556ACFB11243}
AS: AVG Antivirus (Enabled - Up to date) {7E64F13A-1040-3C82-C7EC-6E18B43658FE}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Jana Dvoý kov \Desktop" je 2648 MB.

***** Startup Programs *****

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

#6 Příspěvek od **Rudy** » 17 čer 2018 12:09

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM\...\Run: [] => [X]
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-957095468-1113487514-4108400307-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-957095468-1113487514-4108400307-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-957095468-1113487514-4108400307-1001 -> {45EE3644-A616-4B68-BFA2-EF4FE3E9D993} URL =
SearchScopes: HKU\S-1-5-21-957095468-1113487514-4108400307-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={F19AD5BE-F368-4AA0-A25F-283CDD39B98D}&
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.3.9.626\AVG Web TuneUp.dll => No File
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2017-04-04] (Google Inc.)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.3.9.626\AVG Web TuneUp.dll => No File
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2017-04-04] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2017-04-04] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2017-04-04] (Google Inc.)
FF HomepageOverride: Mozilla\Firefox\Profiles\2ibn9w7q.default -> Enabled: avg@toolbar
FF NewTabOverride: Mozilla\Firefox\Profiles\2ibn9w7q.default -> Enabled: avg@toolbar
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Z logu:

Velikost slozky "C:\Users\Jana Dvoý kov \Desktop" je 2648 MB.

To je příliš mnoho a může to způsobovat zpomalený start systému. Vytvořte v C:\Users\Jana Dvořáková novou složku, do níž přesuňte všechna data z plochy (kromě zástupců). Na plochu si pak dejte zástupce té složky pro snazší přístup.

dinospages · #7 Příspěvek od **dinospages** » 18 čer 2018 06:16

Fix result of Farbar Recovery Scan Tool (x64) Version: 06.06.2018 01
Ran by Jana Dvořáková (17-06-2018 21:29:08) Run:1
Running from C:\Users\Jana Dvořáková\Desktop
Loaded Profiles: Jana Dvořáková & Administrator (Available Profiles: Jana Dvořáková & Administrator)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\...\Run: [] => [X]
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-957095468-1113487514-4108400307-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-957095468-1113487514-4108400307-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-957095468-1113487514-4108400307-1001 -> {45EE3644-A616-4B68-BFA2-EF4FE3E9D993} URL =
SearchScopes: HKU\S-1-5-21-957095468-1113487514-4108400307-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={F19AD5BE-F368-4AA0-A25F-283CDD39B98D}&
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.3.9.626\AVG Web TuneUp.dll => No File
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2017-04-04] (Google Inc.)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.3.9.626\AVG Web TuneUp.dll => No File
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2017-04-04] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2017-04-04] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2017-04-04] (Google Inc.)
FF HomepageOverride: Mozilla\Firefox\Profiles\2ibn9w7q.default -> Enabled: avg@toolbar
FF NewTabOverride: Mozilla\Firefox\Profiles\2ibn9w7q.default -> Enabled: avg@toolbar
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => removed successfully
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
"HKU\S-1-5-21-957095468-1113487514-4108400307-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
"HKU\S-1-5-21-957095468-1113487514-4108400307-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => removed successfully
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
"HKU\S-1-5-21-957095468-1113487514-4108400307-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{45EE3644-A616-4B68-BFA2-EF4FE3E9D993}" => removed successfully
HKLM\Software\Classes\CLSID\{45EE3644-A616-4B68-BFA2-EF4FE3E9D993} => not found
"HKU\S-1-5-21-957095468-1113487514-4108400307-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}" => removed successfully
"HKLM\Software\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}" => removed successfully
HKLM\Software\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => not found
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => removed successfully
"HKLM\Software\Classes\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}" => removed successfully
"HKLM\Software\Wow6432Node\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => removed successfully
"HKLM\Software\Wow6432Node\Classes\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => removed successfully
"HKLM\Software\Classes\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => removed successfully
"HKLM\Software\Wow6432Node\Classes\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => removed successfully
"Firefox HomepageOverride (avg@toolbar) " => removed successfully
"Firefox NewTabOverride (avg@toolbar) " => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 12582912 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 11633522 B
Java, Flash, Steam htmlcache => 709 B
Windows/system/drivers => 352551 B
Edge => 0 B
Chrome => 13087707 B
Firefox => 61756157 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 3306 B
NetworkService => 7659520 B
Jana Dvořáková => 7341566 B
Administrator => 110698 B

RecycleBin => 0 B
EmptyTemp: => 109.2 MB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 21:29:57 ====

#8 Příspěvek od **Rudy** » 18 čer 2018 09:25

Smazáno. Nastala nějaká změna?

VIRY.CZ

zpomalený notebook

zpomalený notebook

Re: zpomalený notebook

Re: zpomalený notebook

Re: zpomalený notebook

Re: zpomalený notebook

Re: zpomalený notebook

Re: zpomalený notebook

Re: zpomalený notebook