Zpomalené PC, vyskakující okna v prohlížeči

Zpráva

Mikel43 · #1 Příspěvek od **Mikel43** » 06 črc 2015 17:34

Prosím o pomoc s mým PC. Je hrozně zpomalený a v Chromu mi pořád vyskakují reklamní okna. Posílám log. Děkuji.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-07-2015
Ran by Michal (administrator) on MICHAL on 06-07-2015 18:27:34
Running from C:\Users\Michal\Desktop
Loaded Profiles: Michal (Available Profiles: Michal)
Platform: Windows 8 Pro (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 10 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Nero AG) D:\Programy\HTC Sync Manager\HSMServiceEntry.exe
() D:\Programy\HTC Sync Manager\HTC Sync\adb.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(Microsoft Corporation) C:\Windows\slsvc.exe
() C:\Windows\PersonalizeEnabler.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
() C:\Users\Michal\AppData\Roaming\HTC\CODEXi\Steam
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2015-02-22] (Realtek Semiconductor)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [702768 2014-12-17] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-04-17] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55568 2014-12-08] (Raptr, Inc)
HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [5768992 2015-02-02] (IObit)
HKLM-x32\...\Run: [Speedup_umh] => C:\Program Files (x86)\Avira\AviraSpeedup\Speedup_umh.exe [194832 2015-06-17] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [130864 2015-05-21] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-4006744411-223884911-2588912305-1001\...\Run: [DAEMON Tools Lite] => D:\Programy\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-4006744411-223884911-2588912305-1001\...\Run: [Advanced SystemCare 7] => D:\Programy\Advanced SystemCare 7\ASCTray.exe [2281248 2014-08-22] (IObit)
HKU\S-1-5-21-4006744411-223884911-2588912305-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Michal\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-4006744411-223884911-2588912305-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Michal\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-4006744411-223884911-2588912305-1001\...\MountPoints2: {1b7befa9-95f9-11e2-be69-1c6f65c062c7} - "F:\setup.exe"
HKU\S-1-5-21-4006744411-223884911-2588912305-1001\...\MountPoints2: {9c2df75a-1477-11e3-be8a-1c6f65c062c7} - "G:\HTC_Sync_Manager_PC.exe"
AppInit_DLLs: c:\progra~3\bitguard\2.7.1769.27\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\loader.dll => c:\progra~3\bitguard\2.7.1769.27\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\loader.dll File not found
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GamePark klient 2.lnk [2013-06-30]
ShortcutTarget: GamePark klient 2.lnk -> D:\Hry\GamePark2\gpcl.exe (Allstar Group, s.r.o.)
Startup: C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CPP - CalcServer.lnk [2014-05-10]
ShortcutTarget: CPP - CalcServer.lnk -> C:\CPP\CppKalkulacky\CppCalcServer.exe (Pražská softwarová s.r.o.)
Startup: C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Kooperativa - PDF Server.lnk [2013-11-13]
ShortcutTarget: Kooperativa - PDF Server.lnk -> D:\Programy\Práce\KoopP7BNExtern\KoopPDFServerSA.exe (Pražská softwarová s.r.o.)
Startup: C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk [2013-05-04]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-4006744411-223884911-2588912305-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-search.com/?affID=1198 ... 6F65C062C7
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> D:\Programy\IObit Uninstaller\UninstallExplorer64.dll [2014-09-14] (IObit)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-02] (Oracle Corporation)
BHO-x32: Advanced SystemCare Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2014-10-17] (IObit)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-02] (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{16D6EEE9-3B82-420E-8953-81EE51DE7CDF}: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\2joa0w1q.default
FF DefaultSearchEngine: Google
FF SelectedSearchEngine: Google
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll [2013-03-26] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll [2013-03-26] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> D:\Programy\Picasa\Picasa3\npPicasa3.dll [2014-03-11] (Google, Inc.)
FF Plugin-x32: @IObit.com/np_Asc_Plugin -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\np_Asc_plugin.dll [2013-07-17] (IObit)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-02] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-02] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Extension: Avira Browser Safety - C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\2joa0w1q.default\Extensions\abs@avira.com [2014-08-07]
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\2joa0w1q.default\Extensions\iobitascsurfingprotection@iobit.com [2015-02-05]
FF Extension: Seznam lištička - C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\2joa0w1q.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2015-06-28]
FF Extension: No Name - C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\2joa0w1q.default\extensions\searchffv2@gmail.com [not found]
StartMenuInternet: FIREFOX.EXE - D:\Programy\Mozilla Firefox\firefox.exe

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (No Name) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-29]
CHR Extension: (No Name) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-29]
CHR Extension: (No Name) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-29]
CHR Extension: (No Name) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2015-06-29]
CHR Extension: (No Name) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2015-06-29]
CHR Extension: (No Name) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-06-29]
CHR Extension: (No Name) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-29]
CHR Extension: (No Name) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-29]
CHR Extension: (Google Wallet) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (No Name) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2015-06-29]
CHR Extension: (No Name) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-29]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AdvancedSystemCareService7; D:\Programy\Advanced SystemCare 7\ASCService.exe [893216 2014-08-18] (IObit)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-12-17] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-12-17] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [208632 2015-05-21] (Avira Operations GmbH & Co. KG)
R2 HTCMonitorService; D:\Programy\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-04-12] (Nero AG)
S2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [344864 2015-01-27] (IObit)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2724128 2015-01-16] (IObit)
S2 MBAMScheduler; D:\Programy\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
S2 MBAMService; D:\Programy\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 Origin Client Service; D:\Programy\Origin\OriginClientService.exe [1997168 2015-06-08] (Electronic Arts)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2013-03-26] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [214520 2015-06-28] ()
R2 slsvc; C:\Windows\slsvc.exe [10240 2012-09-25] (Microsoft Corporation) [File not signed]
S2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2967864 2015-05-15] (AVG Technologies)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16024 2015-01-31] (Microsoft Corporation)
S2 a28a497d; "C:\Windows\system32\rundll32.exe" "c:\Program Files (x86)\systemdevelop\systemdevelop.dll",serv
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [215040 2013-12-19] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-14] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131608 2014-10-14] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-10-07] (Avira Operations GmbH & Co. KG)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2013-03-26] (DT Soft Ltd)
S3 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2014-11-10] (IObit)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-02-22] (REALiX(tm))
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
S3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2014-11-10] (IObit.com)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [14112 2015-05-15] (TuneUp Software)
S3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2014-11-10] (IObit.com)
R3 xusb22; C:\Windows\System32\drivers\xusb22.sys [89088 2012-07-26] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-06 18:27 - 2015-07-06 18:28 - 00017255 _____ C:\Users\Michal\Desktop\FRST.txt
2015-07-06 18:26 - 2015-07-06 18:27 - 00000000 ____D C:\FRST
2015-07-06 18:24 - 2015-07-06 18:24 - 02112512 _____ (Farbar) C:\Users\Michal\Desktop\FRST64.exe
2015-07-06 18:21 - 2015-07-06 18:21 - 00000000 ____D C:\rsit
2015-07-06 18:21 - 2015-07-06 18:21 - 00000000 ____D C:\Program Files\trend micro
2015-07-06 18:20 - 2015-07-06 18:20 - 01222144 _____ C:\Users\Michal\Desktop\RSITx64.exe
2015-07-06 17:42 - 2015-07-06 17:42 - 00000024 _____ C:\Users\Michal\AppData\Roaming\appdataFr25.bin
2015-07-06 17:34 - 2015-07-06 17:34 - 00001137 _____ C:\Users\Michal\Desktop\Malware.txt
2015-07-06 17:00 - 2015-07-06 17:00 - 00000746 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-07-06 17:00 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-07-06 17:00 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-07-06 17:00 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-06-29 13:37 - 2015-06-29 13:37 - 00002762 _____ C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2015-06-29 12:36 - 2015-06-29 12:36 - 00000103 _____ C:\Windows\setupact.log
2015-06-29 12:36 - 2015-06-29 12:36 - 00000000 _____ C:\Windows\setuperr.log
2015-06-29 12:34 - 2015-06-29 12:34 - 00000000 ____D C:\AMD
2015-06-29 12:30 - 2015-07-06 17:44 - 00138632 _____ C:\Windows\PFRO.log
2015-06-29 12:29 - 2015-06-29 12:29 - 00000000 _____ C:\asc_rdflag
2015-06-28 14:24 - 2015-07-06 17:36 - 00000000 ____D C:\Program Files (x86)\SystemDevelop
2015-06-28 14:23 - 2015-07-06 17:34 - 00000000 ____D C:\Program Files (x86)\Notable PDF
2015-06-28 14:23 - 2015-07-06 17:34 - 00000000 ____D C:\Program Files (x86)\CeutThePrIcei
2015-06-28 14:22 - 2015-07-06 17:34 - 00000000 ____D C:\Program Files (x86)\CCutTheePrice
2015-06-28 14:21 - 2015-06-28 14:21 - 00000382 _____ C:\Windows\Tasks\ExpertLingo.job
2015-06-28 14:21 - 2015-06-28 14:21 - 00000000 ____D C:\ProgramData\{5cde2ef2-f49a-73a5-5cde-e2ef2f49bbcb}
2015-06-28 14:16 - 2015-06-28 14:01 - 00214520 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2015-06-28 14:01 - 2015-06-28 14:01 - 00214520 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2015-06-28 13:49 - 2015-07-06 12:26 - 00000000 ____D C:\Users\Michal\AppData\Roaming\Seznam.cz
2015-06-28 13:49 - 2015-06-28 13:49 - 00000000 ____D C:\Program Files (x86)\Seznam.cz
2015-06-28 11:46 - 2015-06-28 11:46 - 00000000 ____D C:\Users\Michal\Documents\FIFA MANAGER 14
2015-06-28 10:51 - 2015-06-28 10:51 - 00000000 ____D C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
2015-06-28 10:17 - 2015-06-28 10:17 - 00002235 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015.lnk
2015-06-28 10:17 - 2015-06-28 10:17 - 00000000 ____D C:\Users\Michal\AppData\Roaming\AVG
2015-06-28 10:17 - 2015-06-28 10:17 - 00000000 ____D C:\Program Files (x86)\AVG
2015-06-28 10:17 - 2015-05-15 15:57 - 00041784 _____ (AVG Technologies) C:\Windows\system32\TURegOpt.exe
2015-06-28 10:17 - 2015-05-15 15:57 - 00030520 _____ (AVG Technologies) C:\Windows\system32\authuitu.dll
2015-06-28 10:17 - 2015-05-15 15:57 - 00025912 _____ (AVG Technologies) C:\Windows\SysWOW64\authuitu.dll
2015-06-28 10:16 - 2015-06-28 10:51 - 00000000 ____D C:\Users\Michal\Downloads\Nano Man_ Utility Fog
2015-06-28 10:16 - 2015-06-28 10:16 - 00000000 ____D C:\Users\Michal\AppData\Local\Avg
2015-06-28 10:15 - 2015-06-28 14:16 - 00000000 ____D C:\Users\Michal\AppData\Roaming\uTorrent
2015-06-28 10:15 - 2015-06-28 10:19 - 00000000 ____D C:\ProgramData\AVG
2015-06-28 09:48 - 2015-06-28 09:48 - 05331968 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2015-06-28 09:48 - 2015-06-28 09:48 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2015-06-28 09:48 - 2015-06-28 09:48 - 00527704 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-06-28 09:48 - 2015-06-28 09:48 - 00368640 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2015-06-28 09:47 - 2015-06-28 09:47 - 00410739 _____ C:\Windows\system32\ApnDatabase.xml
2015-06-28 09:46 - 2015-06-28 09:46 - 00478296 _____ C:\Windows\SysWOW64\locale.nls
2015-06-28 09:46 - 2015-06-28 09:46 - 00478296 _____ C:\Windows\system32\locale.nls
2015-06-28 09:36 - 2015-06-28 09:36 - 00000224 _____ C:\Windows\Tasks\ASC7_SkipUac_Michal.job
2015-06-26 21:58 - 2015-06-20 05:48 - 00792024 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-26 21:58 - 2015-06-20 05:48 - 00177624 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-25 22:39 - 2015-06-25 22:39 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-06-22 16:57 - 2015-06-22 16:57 - 00003340 _____ C:\Windows\System32\Tasks\AviraSpeedup
2015-06-15 19:02 - 2015-05-28 04:04 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-06-15 19:02 - 2015-05-28 04:03 - 02237440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-15 19:02 - 2015-05-28 04:03 - 01409024 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-15 19:02 - 2015-05-28 04:03 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2015-06-15 19:02 - 2015-05-28 04:03 - 00601600 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-15 19:02 - 2015-05-28 04:03 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2015-06-15 19:02 - 2015-05-28 04:02 - 19291136 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-15 19:02 - 2015-05-28 04:02 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-15 19:02 - 2015-05-28 04:02 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-06-15 19:02 - 2015-05-28 04:02 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-15 19:02 - 2015-05-28 04:01 - 15415808 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-15 19:02 - 2015-05-28 04:01 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-15 19:02 - 2015-05-28 04:01 - 02656768 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-15 19:02 - 2015-05-28 04:01 - 00949760 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-06-15 19:02 - 2015-05-28 04:01 - 00856064 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-15 19:02 - 2015-05-28 04:01 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-15 19:02 - 2015-05-28 04:01 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-15 19:02 - 2015-05-28 04:01 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-15 19:02 - 2015-05-28 04:01 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2015-06-15 19:02 - 2015-05-28 04:01 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-06-15 19:02 - 2015-05-28 04:01 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-15 19:02 - 2015-05-28 04:01 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-06-15 19:02 - 2015-05-28 04:00 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-15 19:02 - 2015-05-28 02:45 - 01763328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-06-15 19:02 - 2015-05-28 02:45 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-06-15 19:02 - 2015-05-28 02:45 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-06-15 19:02 - 2015-05-28 02:45 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2015-06-15 19:02 - 2015-05-28 02:44 - 14383104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-06-15 19:02 - 2015-05-28 02:44 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-06-15 19:02 - 2015-05-28 02:44 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-06-15 19:02 - 2015-05-28 02:44 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-06-15 19:02 - 2015-05-28 02:43 - 13771776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-06-15 19:02 - 2015-05-28 02:43 - 02865152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-06-15 19:02 - 2015-05-28 02:43 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-06-15 19:02 - 2015-05-28 02:43 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-06-15 19:02 - 2015-05-28 02:43 - 00737280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-06-15 19:02 - 2015-05-28 02:43 - 00690176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-06-15 19:02 - 2015-05-28 02:43 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-06-15 19:02 - 2015-05-28 02:43 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-06-15 19:02 - 2015-05-28 02:43 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-06-15 19:02 - 2015-05-28 02:43 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2015-06-15 19:02 - 2015-05-28 02:43 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-06-15 19:02 - 2015-05-28 02:43 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-06-15 19:02 - 2015-05-28 02:43 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-06-15 19:02 - 2015-05-28 02:24 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-15 19:02 - 2015-05-28 02:23 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-06-15 19:02 - 2015-05-28 02:22 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2015-06-15 19:02 - 2015-05-28 02:20 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2015-06-15 19:02 - 2015-05-28 02:00 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-15 19:02 - 2015-05-28 01:55 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-06-15 19:02 - 2015-05-28 00:14 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2015-06-15 19:00 - 2015-05-09 01:39 - 00981504 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-15 19:00 - 2015-05-08 22:05 - 00668160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-06-15 18:59 - 2015-05-22 22:46 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-15 18:59 - 2015-05-22 22:44 - 01020928 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-15 18:59 - 2015-05-22 22:44 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-15 18:59 - 2015-05-22 22:44 - 00422912 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-15 18:59 - 2015-05-22 22:44 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-15 18:59 - 2015-05-22 22:44 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-15 18:59 - 2015-05-22 22:44 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-15 18:59 - 2015-05-21 20:07 - 04067840 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-15 18:59 - 2015-05-21 15:08 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-15 18:59 - 2015-04-25 05:41 - 00541696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-06-15 18:59 - 2015-04-25 01:13 - 00652288 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-11 17:53 - 2015-06-11 17:53 - 00003180 _____ C:\Windows\System32\Tasks\SmartDefrag4_Update
2015-06-11 17:53 - 2015-06-11 17:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 4
2015-06-11 17:53 - 2015-01-10 15:32 - 00128288 _____ (IObit) C:\Windows\SysWOW64\IObitSmartDefragExtension.dll
2015-06-11 17:53 - 2015-01-10 15:32 - 00128288 _____ (IObit) C:\Windows\system32\IObitSmartDefragExtension.dll
2015-06-11 17:53 - 2014-06-04 15:17 - 00021184 _____ (IObit) C:\Windows\system32\Drivers\SmartDefragDriver.sys
2015-06-09 21:35 - 2015-06-09 21:35 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\cryptcatsvc.dll
2015-06-09 19:56 - 2015-07-06 17:47 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-09 19:56 - 2015-07-06 17:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-06-09 19:56 - 2015-06-09 19:56 - 00000000 ____D C:\ProgramData\Malwarebytes

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-06 18:03 - 2013-03-26 10:57 - 01975809 _____ C:\Windows\WindowsUpdate.log
2015-07-06 18:00 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru
2015-07-06 17:59 - 2013-03-26 13:42 - 00000000 ____D C:\ProgramData\Origin
2015-07-06 17:45 - 2013-09-08 23:28 - 00000000 ____D C:\Users\Michal\AppData\Local\HTC MediaHub
2015-07-06 17:45 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-06 17:44 - 2013-03-26 10:59 - 00000000 _____ C:\Windows\system32\Drivers\lvuvc.hs
2015-07-06 17:43 - 2012-07-26 07:26 - 00786432 ___SH C:\Windows\system32\config\BBI
2015-07-06 17:34 - 2014-08-08 10:18 - 00000000 ____D C:\ProgramData\APN
2015-07-06 17:10 - 2013-08-01 14:39 - 00000000 ____D C:\Users\Michal\AppData\Roaming\Sp@rrow
2015-07-06 17:10 - 2013-03-26 12:57 - 00000000 ____D C:\Users\Michal\AppData\Roaming\DAEMON Tools Lite
2015-07-06 17:08 - 2013-03-26 12:58 - 00000000 ____D C:\Users\Michal\AppData\Roaming\Babylon
2015-07-06 13:54 - 2013-03-25 17:50 - 00000000 ____D C:\Users\Michal\Desktop\Save her
2015-07-06 13:47 - 2014-11-24 18:21 - 00000000 ____D C:\Users\Michal\Desktop\Stahování MR
2015-07-06 13:20 - 2013-03-26 12:52 - 00000000 ____D C:\Users\Michal\Desktop\Programy
2015-07-03 15:05 - 2014-06-01 23:15 - 00000000 ____D C:\ProgramData\ProductData
2015-07-02 18:52 - 2013-03-26 10:57 - 00000000 ____D C:\Users\Michal
2015-07-02 18:08 - 2012-07-26 12:01 - 00726246 _____ C:\Windows\system32\perfh005.dat
2015-07-02 18:08 - 2012-07-26 12:01 - 00147800 _____ C:\Windows\system32\perfc005.dat
2015-07-02 18:08 - 2012-07-26 09:28 - 01714430 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-01 22:33 - 2013-03-26 10:57 - 00000000 ____D C:\Users\Michal\AppData\Local\VirtualStore
2015-06-29 13:42 - 2013-03-26 11:05 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4006744411-223884911-2588912305-1001
2015-06-29 12:29 - 2014-06-16 10:44 - 84324352 _____ C:\Windows\system32\config\SOFTWARE.iodefrag.bak
2015-06-29 12:29 - 2014-06-16 10:44 - 00389120 _____ C:\Windows\system32\config\DEFAULT.iodefrag.bak
2015-06-29 12:29 - 2014-06-16 10:44 - 00036864 _____ C:\Windows\system32\config\SAM.iodefrag.bak
2015-06-29 12:29 - 2014-06-16 10:44 - 00024576 _____ C:\Windows\system32\config\SECURITY.iodefrag.bak
2015-06-28 14:24 - 2015-02-16 16:40 - 00000000 ____D C:\ProgramData\7183002502049596652
2015-06-28 14:01 - 2014-11-21 12:13 - 00214520 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2015-06-28 10:50 - 2013-03-26 12:48 - 03937280 ___SH C:\Users\Michal\Desktop\Thumbs.db
2015-06-28 10:22 - 2013-04-26 16:41 - 00000000 ____D C:\Users\Michal\AppData\Local\Pinnacle
2015-06-28 10:22 - 2013-03-26 17:29 - 00000000 ____D C:\Users\Michal\AppData\Roaming\Nero
2015-06-28 10:22 - 2013-03-26 11:16 - 00000000 ____D C:\Users\Michal\AppData\Local\Microsoft Help
2015-06-28 10:21 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\Sysprep
2015-06-28 10:07 - 2014-09-10 16:23 - 00001136 _____ C:\Users\Michal\AppData\Local\MRDownloader.nast
2015-06-28 09:48 - 2012-07-26 09:59 - 00000000 ____D C:\Windows\CbsTemp
2015-06-22 22:02 - 2015-02-20 11:51 - 00002185 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-06-22 16:58 - 2015-02-20 11:42 - 00000000 ____D C:\Users\Michal\AppData\Local\AviraSpeedup
2015-06-22 16:58 - 2015-02-20 11:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviraSpeedup
2015-06-18 22:27 - 2013-10-05 20:15 - 00000000 ____D C:\ProgramData\Package Cache
2015-06-18 22:27 - 2013-03-26 13:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-06-18 22:27 - 2013-03-26 13:05 - 00000000 ____D C:\Program Files (x86)\Avira
2015-06-18 22:26 - 2013-03-26 13:05 - 00000000 ____D C:\ProgramData\Avira
2015-06-16 22:43 - 2015-04-23 20:37 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-16 22:43 - 2015-04-23 20:37 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-16 22:43 - 2013-08-29 20:07 - 00000000 ____D C:\Windows\system32\MRT
2015-06-16 22:38 - 2013-03-27 22:18 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-16 18:14 - 2013-03-26 14:28 - 00000000 ____D C:\Users\Michal\Documents\Madden NFL 08
2015-06-15 19:38 - 2013-03-26 12:53 - 00000000 ____D C:\Users\Michal\Desktop\Hry
2015-06-15 19:28 - 2013-03-26 11:16 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-15 19:17 - 2015-03-19 18:20 - 00499032 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-15 19:15 - 2015-02-28 00:07 - 39403520 _____ C:\Windows\system32\config\COMPONENTS.iodefrag.bak
2015-06-11 17:53 - 2013-08-14 14:45 - 00000000 ____D C:\Program Files (x86)\IObit
2015-06-11 17:52 - 2013-03-26 13:24 - 00000000 ____D C:\Users\Michal\AppData\Roaming\IObit
2015-06-09 20:15 - 2014-09-14 16:40 - 00000000 ____D C:\Users\Michal\AppData\Roaming\Browser Extensions
2015-06-08 18:27 - 2015-04-22 13:40 - 00000000 ____D C:\Users\Public\Speedup Sessions

==================== Files in the root of some directories =======

2015-07-06 17:42 - 2015-07-06 17:42 - 0000024 _____ () C:\Users\Michal\AppData\Roaming\appdataFr25.bin
2013-05-02 15:17 - 2013-05-02 15:17 - 0099384 _____ () C:\Users\Michal\AppData\Roaming\inst.exe
2013-05-02 15:17 - 2013-05-02 15:17 - 0007859 _____ () C:\Users\Michal\AppData\Roaming\pcouffin.cat
2013-05-02 15:17 - 2013-05-02 15:17 - 0001167 _____ () C:\Users\Michal\AppData\Roaming\pcouffin.inf
2013-05-02 15:17 - 2013-05-02 15:17 - 0000034 _____ () C:\Users\Michal\AppData\Roaming\pcouffin.log
2013-05-02 15:17 - 2013-05-02 15:17 - 0082816 _____ (VSO Software) C:\Users\Michal\AppData\Roaming\pcouffin.sys
2014-06-19 20:46 - 2014-06-19 20:46 - 0000024 _____ () C:\Users\Michal\AppData\Roaming\temp.ini
2014-02-27 17:15 - 2014-02-27 17:15 - 0004608 _____ () C:\Users\Michal\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-11-21 12:01 - 2015-04-14 23:46 - 0004065 _____ () C:\Users\Michal\AppData\Local\MRDownloader.err
2014-09-10 16:23 - 2015-06-28 10:07 - 0001136 _____ () C:\Users\Michal\AppData\Local\MRDownloader.nast
2013-04-13 21:34 - 2014-06-07 00:37 - 0006758 _____ () C:\Users\Michal\AppData\Local\SRDownloader.err
2013-03-26 13:58 - 2014-06-07 00:37 - 0001136 _____ () C:\Users\Michal\AppData\Local\SRDownloader.nast
2015-02-22 12:26 - 2015-02-22 12:26 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\Michal\AppData\Local\Temp\avgnt.exe
C:\Users\Michal\AppData\Local\Temp\KMP_3.9.1.136.exe
C:\Users\Michal\AppData\Local\Temp\tmpE3D8.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-07-06 13:10

==================== End of log ============================

#2 Příspěvek od **Rudy** » 06 črc 2015 17:58

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

Mikel43 · #3 Příspěvek od **Mikel43** » 06 črc 2015 18:14

U scanu se program zasekl a po znovu spuštění už to nenašlo jednu chybu kterou to při prvním našlo. Zde je log druhého scanu

# AdwCleaner v4.207 - Log vytvořen 06/07/2015 v 19:06:38
# Aktualizováno 21/06/2015 by Xplode
# Databáze : 2015-07-05.2 [Server]
# Operační system : Windows 8 Pro (x64)
# Uživatelské jméno : Michal - MICHAL
# Spuštěno z : C:\Users\Michal\Desktop\adwcleaner_4.207.exe
# Nastavení : Čištění

***** [ Služby ] *****

***** [ Soubory / Složky ] *****

***** [ Naplánované úlohy ] *****

***** [ Zástupci ] *****

***** [ Registry ] *****

***** [ Prohlížeče ] *****

-\\ Internet Explorer v10.0.9200.17377

-\\ Mozilla Firefox v27.0 (cs)

-\\ Google Chrome v43.0.2357.130

[C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Homepage] : management","nativeMessaging","searchProvider","startupPages","storage","tabs","webRequest","webRequestBlocking"],"explicit_host":["hxxp://*/*","hxxps://*/*"],"manifest_permissions":[]},"commands":{},"content_settings":[],"creation_flags":9,"events":[],"from_bookmark":false,"from_webstore":true,"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13067336902527311","lastpingday":"13067251193741993","location":6,"manifest":{"background":{"scripts":["apnAPI.js","settings/assets.js","settings/redirect.js"]},"chrome_settings_overrides":{"homepage":"hxxp://www.search.ask.com/?gct=hp

-\\ Chromium v

*************************

AdwCleaner[R0].txt - [6416 bytů] - [06/07/2015 19:03:27]
AdwCleaner[R1].txt - [1657 bytů] - [06/07/2015 19:06:27]
AdwCleaner[S0].txt - [6053 bytů] - [06/07/2015 19:03:42]
AdwCleaner[S1].txt - [1581 bytů] - [06/07/2015 19:06:38]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1639 bytů] ##########

#4 Příspěvek od **Rudy** » 06 črc 2015 19:43

Dejte nový log FRST.

Mikel43 · #5 Příspěvek od **Mikel43** » 06 črc 2015 19:50

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-07-2015
Ran by Michal (administrator) on MICHAL on 06-07-2015 20:46:15
Running from C:\Users\Michal\Desktop
Loaded Profiles: Michal (Available Profiles: Michal)
Platform: Windows 8 Pro (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 10 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IObit) D:\Programy\Advanced SystemCare 7\ASCService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Nero AG) D:\Programy\HTC Sync Manager\HSMServiceEntry.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Malwarebytes Corporation) D:\Programy\Malwarebytes Anti-Malware\mbamscheduler.exe
() D:\Programy\HTC Sync Manager\HTC Sync\adb.exe
(Malwarebytes Corporation) D:\Programy\Malwarebytes Anti-Malware\mbamservice.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(Microsoft Corporation) C:\Windows\slsvc.exe
() C:\Windows\PersonalizeEnabler.exe
(AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Malwarebytes Corporation) D:\Programy\Malwarebytes Anti-Malware\mbam.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe
(AVG) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(IObit) D:\Programy\Advanced SystemCare 7\ASCTray.exe
() C:\Users\Michal\AppData\Roaming\HTC\CODEXi\Steam

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2015-02-22] (Realtek Semiconductor)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [702768 2014-12-17] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-04-17] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55568 2014-12-08] (Raptr, Inc)
HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [5768992 2015-02-02] (IObit)
HKLM-x32\...\Run: [Speedup_umh] => C:\Program Files (x86)\Avira\AviraSpeedup\Speedup_umh.exe [194832 2015-06-17] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [130864 2015-05-21] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-4006744411-223884911-2588912305-1001\...\Run: [DAEMON Tools Lite] => D:\Programy\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-4006744411-223884911-2588912305-1001\...\Run: [Advanced SystemCare 7] => D:\Programy\Advanced SystemCare 7\ASCTray.exe [2281248 2014-08-22] (IObit)
HKU\S-1-5-21-4006744411-223884911-2588912305-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Michal\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-4006744411-223884911-2588912305-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Michal\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-4006744411-223884911-2588912305-1001\...\MountPoints2: {1b7befa9-95f9-11e2-be69-1c6f65c062c7} - "F:\setup.exe"
HKU\S-1-5-21-4006744411-223884911-2588912305-1001\...\MountPoints2: {9c2df75a-1477-11e3-be8a-1c6f65c062c7} - "G:\HTC_Sync_Manager_PC.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GamePark klient 2.lnk [2013-06-30]
ShortcutTarget: GamePark klient 2.lnk -> D:\Hry\GamePark2\gpcl.exe (Allstar Group, s.r.o.)
Startup: C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CPP - CalcServer.lnk [2014-05-10]
ShortcutTarget: CPP - CalcServer.lnk -> C:\CPP\CppKalkulacky\CppCalcServer.exe (Pražská softwarová s.r.o.)
Startup: C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Kooperativa - PDF Server.lnk [2013-11-13]
ShortcutTarget: Kooperativa - PDF Server.lnk -> D:\Programy\Práce\KoopP7BNExtern\KoopPDFServerSA.exe (Pražská softwarová s.r.o.)
Startup: C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk [2013-05-04]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-4006744411-223884911-2588912305-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-search.com/?affID=1198 ... 6F65C062C7
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> D:\Programy\IObit Uninstaller\UninstallExplorer64.dll [2014-09-14] (IObit)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-02] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-02] (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{16D6EEE9-3B82-420E-8953-81EE51DE7CDF}: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\2joa0w1q.default
FF DefaultSearchEngine: Google
FF SelectedSearchEngine: Google
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll [2013-03-26] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll [2013-03-26] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> D:\Programy\Picasa\Picasa3\npPicasa3.dll [2014-03-11] (Google, Inc.)
FF Plugin-x32: @IObit.com/np_Asc_Plugin -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\np_Asc_plugin.dll [2013-07-17] (IObit)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-02] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-02] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Extension: Avira Browser Safety - C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\2joa0w1q.default\Extensions\abs@avira.com [2014-08-07]
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\2joa0w1q.default\Extensions\iobitascsurfingprotection@iobit.com [2015-02-05]
FF Extension: No Name - C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\2joa0w1q.default\extensions\searchffv2@gmail.com [not found]
StartMenuInternet: FIREFOX.EXE - D:\Programy\Mozilla Firefox\firefox.exe

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (No Name) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-29]
CHR Extension: (No Name) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-29]
CHR Extension: (No Name) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-29]
CHR Extension: (No Name) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2015-06-29]
CHR Extension: (No Name) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2015-06-29]
CHR Extension: (No Name) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-06-29]
CHR Extension: (No Name) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-29]
CHR Extension: (No Name) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-29]
CHR Extension: (Google Wallet) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (No Name) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2015-06-29]
CHR Extension: (No Name) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-29]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdvancedSystemCareService7; D:\Programy\Advanced SystemCare 7\ASCService.exe [893216 2014-08-18] (IObit)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-12-17] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-12-17] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [208632 2015-05-21] (Avira Operations GmbH & Co. KG)
R2 HTCMonitorService; D:\Programy\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-04-12] (Nero AG)
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [344864 2015-01-27] (IObit)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2724128 2015-01-16] (IObit)
R2 MBAMScheduler; D:\Programy\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
R2 MBAMService; D:\Programy\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 Origin Client Service; D:\Programy\Origin\OriginClientService.exe [1997168 2015-06-08] (Electronic Arts)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2013-03-26] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [214520 2015-06-28] ()
R2 slsvc; C:\Windows\slsvc.exe [10240 2012-09-25] (Microsoft Corporation) [File not signed]
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2967864 2015-05-15] (AVG Technologies)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16024 2015-01-31] (Microsoft Corporation)
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [215040 2013-12-19] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-14] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131608 2014-10-14] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-10-07] (Avira Operations GmbH & Co. KG)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2013-03-26] (DT Soft Ltd)
S3 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2014-11-10] (IObit)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-02-22] (REALiX(tm))
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-07-06] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
S3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2014-11-10] (IObit.com)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [14112 2015-05-15] (TuneUp Software)
S3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2014-11-10] (IObit.com)
R3 xusb22; C:\Windows\System32\drivers\xusb22.sys [89088 2012-07-26] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-06 20:46 - 2015-07-06 20:46 - 00001718 _____ C:\Users\Michal\Desktop\AdwCleaner[S1].txt
2015-07-06 19:01 - 2015-07-06 19:06 - 00000000 ____D C:\AdwCleaner
2015-07-06 19:00 - 2015-07-06 19:00 - 02244096 _____ C:\Users\Michal\Desktop\adwcleaner_4.207.exe
2015-07-06 18:29 - 2015-07-06 18:31 - 00044403 _____ C:\Users\Michal\Desktop\Addition.txt
2015-07-06 18:27 - 2015-07-06 20:46 - 00017788 _____ C:\Users\Michal\Desktop\FRST.txt
2015-07-06 18:26 - 2015-07-06 20:46 - 00000000 ____D C:\FRST
2015-07-06 18:24 - 2015-07-06 18:24 - 02112512 _____ (Farbar) C:\Users\Michal\Desktop\FRST64.exe
2015-07-06 18:21 - 2015-07-06 18:21 - 00000000 ____D C:\rsit
2015-07-06 18:21 - 2015-07-06 18:21 - 00000000 ____D C:\Program Files\trend micro
2015-07-06 18:20 - 2015-07-06 18:20 - 01222144 _____ C:\Users\Michal\Desktop\RSITx64.exe
2015-07-06 17:42 - 2015-07-06 17:42 - 00000024 _____ C:\Users\Michal\AppData\Roaming\appdataFr25.bin
2015-07-06 17:34 - 2015-07-06 17:34 - 00001137 _____ C:\Users\Michal\Desktop\Malware.txt
2015-07-06 17:00 - 2015-07-06 17:00 - 00000746 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-07-06 17:00 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-07-06 17:00 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-07-06 17:00 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-06-29 13:37 - 2015-06-29 13:37 - 00002762 _____ C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2015-06-29 12:36 - 2015-06-29 12:36 - 00000103 _____ C:\Windows\setupact.log
2015-06-29 12:36 - 2015-06-29 12:36 - 00000000 _____ C:\Windows\setuperr.log
2015-06-29 12:34 - 2015-06-29 12:34 - 00000000 ____D C:\AMD
2015-06-29 12:30 - 2015-07-06 17:44 - 00138632 _____ C:\Windows\PFRO.log
2015-06-29 12:29 - 2015-06-29 12:29 - 00000000 _____ C:\asc_rdflag
2015-06-28 14:24 - 2015-07-06 17:36 - 00000000 ____D C:\Program Files (x86)\SystemDevelop
2015-06-28 14:23 - 2015-07-06 17:34 - 00000000 ____D C:\Program Files (x86)\Notable PDF
2015-06-28 14:21 - 2015-06-28 14:21 - 00000382 _____ C:\Windows\Tasks\ExpertLingo.job
2015-06-28 14:16 - 2015-06-28 14:01 - 00214520 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2015-06-28 14:01 - 2015-06-28 14:01 - 00214520 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2015-06-28 13:49 - 2015-07-06 12:26 - 00000000 ____D C:\Users\Michal\AppData\Roaming\Seznam.cz
2015-06-28 13:49 - 2015-06-28 13:49 - 00000000 ____D C:\Program Files (x86)\Seznam.cz
2015-06-28 11:46 - 2015-06-28 11:46 - 00000000 ____D C:\Users\Michal\Documents\FIFA MANAGER 14
2015-06-28 10:51 - 2015-06-28 10:51 - 00000000 ____D C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
2015-06-28 10:17 - 2015-06-28 10:17 - 00002235 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015.lnk
2015-06-28 10:17 - 2015-06-28 10:17 - 00000000 ____D C:\Users\Michal\AppData\Roaming\AVG
2015-06-28 10:17 - 2015-06-28 10:17 - 00000000 ____D C:\Program Files (x86)\AVG
2015-06-28 10:17 - 2015-05-15 15:57 - 00041784 _____ (AVG Technologies) C:\Windows\system32\TURegOpt.exe
2015-06-28 10:17 - 2015-05-15 15:57 - 00030520 _____ (AVG Technologies) C:\Windows\system32\authuitu.dll
2015-06-28 10:17 - 2015-05-15 15:57 - 00025912 _____ (AVG Technologies) C:\Windows\SysWOW64\authuitu.dll
2015-06-28 10:16 - 2015-06-28 10:51 - 00000000 ____D C:\Users\Michal\Downloads\Nano Man_ Utility Fog
2015-06-28 10:16 - 2015-06-28 10:16 - 00000000 ____D C:\Users\Michal\AppData\Local\Avg
2015-06-28 10:15 - 2015-06-28 14:16 - 00000000 ____D C:\Users\Michal\AppData\Roaming\uTorrent
2015-06-28 10:15 - 2015-06-28 10:19 - 00000000 ____D C:\ProgramData\AVG
2015-06-28 09:48 - 2015-06-28 09:48 - 05331968 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2015-06-28 09:48 - 2015-06-28 09:48 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2015-06-28 09:48 - 2015-06-28 09:48 - 00527704 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-06-28 09:48 - 2015-06-28 09:48 - 00368640 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2015-06-28 09:47 - 2015-06-28 09:47 - 00410739 _____ C:\Windows\system32\ApnDatabase.xml
2015-06-28 09:46 - 2015-06-28 09:46 - 00478296 _____ C:\Windows\SysWOW64\locale.nls
2015-06-28 09:46 - 2015-06-28 09:46 - 00478296 _____ C:\Windows\system32\locale.nls
2015-06-28 09:36 - 2015-06-28 09:36 - 00000224 _____ C:\Windows\Tasks\ASC7_SkipUac_Michal.job
2015-06-26 21:58 - 2015-06-20 05:48 - 00792024 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-26 21:58 - 2015-06-20 05:48 - 00177624 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-25 22:39 - 2015-06-25 22:39 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-06-22 16:57 - 2015-06-22 16:57 - 00003340 _____ C:\Windows\System32\Tasks\AviraSpeedup
2015-06-15 19:02 - 2015-05-28 04:04 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-06-15 19:02 - 2015-05-28 04:03 - 02237440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-15 19:02 - 2015-05-28 04:03 - 01409024 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-15 19:02 - 2015-05-28 04:03 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2015-06-15 19:02 - 2015-05-28 04:03 - 00601600 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-15 19:02 - 2015-05-28 04:03 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2015-06-15 19:02 - 2015-05-28 04:02 - 19291136 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-15 19:02 - 2015-05-28 04:02 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-15 19:02 - 2015-05-28 04:02 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-06-15 19:02 - 2015-05-28 04:02 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-15 19:02 - 2015-05-28 04:01 - 15415808 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-15 19:02 - 2015-05-28 04:01 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-15 19:02 - 2015-05-28 04:01 - 02656768 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-15 19:02 - 2015-05-28 04:01 - 00949760 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-06-15 19:02 - 2015-05-28 04:01 - 00856064 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-15 19:02 - 2015-05-28 04:01 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-15 19:02 - 2015-05-28 04:01 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-15 19:02 - 2015-05-28 04:01 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-15 19:02 - 2015-05-28 04:01 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2015-06-15 19:02 - 2015-05-28 04:01 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-06-15 19:02 - 2015-05-28 04:01 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-15 19:02 - 2015-05-28 04:01 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-06-15 19:02 - 2015-05-28 04:00 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-15 19:02 - 2015-05-28 02:45 - 01763328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-06-15 19:02 - 2015-05-28 02:45 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-06-15 19:02 - 2015-05-28 02:45 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-06-15 19:02 - 2015-05-28 02:45 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2015-06-15 19:02 - 2015-05-28 02:44 - 14383104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-06-15 19:02 - 2015-05-28 02:44 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-06-15 19:02 - 2015-05-28 02:44 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-06-15 19:02 - 2015-05-28 02:44 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-06-15 19:02 - 2015-05-28 02:43 - 13771776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-06-15 19:02 - 2015-05-28 02:43 - 02865152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-06-15 19:02 - 2015-05-28 02:43 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-06-15 19:02 - 2015-05-28 02:43 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-06-15 19:02 - 2015-05-28 02:43 - 00737280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-06-15 19:02 - 2015-05-28 02:43 - 00690176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-06-15 19:02 - 2015-05-28 02:43 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-06-15 19:02 - 2015-05-28 02:43 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-06-15 19:02 - 2015-05-28 02:43 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-06-15 19:02 - 2015-05-28 02:43 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2015-06-15 19:02 - 2015-05-28 02:43 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-06-15 19:02 - 2015-05-28 02:43 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-06-15 19:02 - 2015-05-28 02:43 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-06-15 19:02 - 2015-05-28 02:24 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-15 19:02 - 2015-05-28 02:23 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-06-15 19:02 - 2015-05-28 02:22 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2015-06-15 19:02 - 2015-05-28 02:20 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2015-06-15 19:02 - 2015-05-28 02:00 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-15 19:02 - 2015-05-28 01:55 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-06-15 19:02 - 2015-05-28 00:14 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2015-06-15 19:00 - 2015-05-09 01:39 - 00981504 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-15 19:00 - 2015-05-08 22:05 - 00668160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-06-15 18:59 - 2015-05-22 22:46 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-15 18:59 - 2015-05-22 22:44 - 01020928 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-15 18:59 - 2015-05-22 22:44 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-15 18:59 - 2015-05-22 22:44 - 00422912 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-15 18:59 - 2015-05-22 22:44 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-15 18:59 - 2015-05-22 22:44 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-15 18:59 - 2015-05-22 22:44 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-15 18:59 - 2015-05-21 20:07 - 04067840 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-15 18:59 - 2015-05-21 15:08 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-15 18:59 - 2015-04-25 05:41 - 00541696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-06-15 18:59 - 2015-04-25 01:13 - 00652288 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-11 17:53 - 2015-06-11 17:53 - 00003180 _____ C:\Windows\System32\Tasks\SmartDefrag4_Update
2015-06-11 17:53 - 2015-06-11 17:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 4
2015-06-11 17:53 - 2015-01-10 15:32 - 00128288 _____ (IObit) C:\Windows\SysWOW64\IObitSmartDefragExtension.dll
2015-06-11 17:53 - 2015-01-10 15:32 - 00128288 _____ (IObit) C:\Windows\system32\IObitSmartDefragExtension.dll
2015-06-11 17:53 - 2014-06-04 15:17 - 00021184 _____ (IObit) C:\Windows\system32\Drivers\SmartDefragDriver.sys
2015-06-09 21:35 - 2015-06-09 21:35 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\cryptcatsvc.dll
2015-06-09 19:56 - 2015-07-06 19:41 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-09 19:56 - 2015-07-06 17:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-06-09 19:56 - 2015-06-09 19:56 - 00000000 ____D C:\ProgramData\Malwarebytes

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-06 20:00 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru
2015-07-06 19:45 - 2013-03-26 10:57 - 02008233 _____ C:\Windows\WindowsUpdate.log
2015-07-06 19:08 - 2013-09-08 23:28 - 00000000 ____D C:\Users\Michal\AppData\Local\HTC MediaHub
2015-07-06 19:08 - 2013-03-26 10:59 - 00000000 _____ C:\Windows\system32\Drivers\lvuvc.hs
2015-07-06 19:08 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-06 17:59 - 2013-03-26 13:42 - 00000000 ____D C:\ProgramData\Origin
2015-07-06 17:43 - 2012-07-26 07:26 - 00786432 ___SH C:\Windows\system32\config\BBI
2015-07-06 17:10 - 2013-08-01 14:39 - 00000000 ____D C:\Users\Michal\AppData\Roaming\Sp@rrow
2015-07-06 17:10 - 2013-03-26 12:57 - 00000000 ____D C:\Users\Michal\AppData\Roaming\DAEMON Tools Lite
2015-07-06 13:54 - 2013-03-25 17:50 - 00000000 ____D C:\Users\Michal\Desktop\Save her
2015-07-06 13:47 - 2014-11-24 18:21 - 00000000 ____D C:\Users\Michal\Desktop\Stahování MR
2015-07-06 13:20 - 2013-03-26 12:52 - 00000000 ____D C:\Users\Michal\Desktop\Programy
2015-07-03 15:05 - 2014-06-01 23:15 - 00000000 ____D C:\ProgramData\ProductData
2015-07-02 18:52 - 2013-03-26 10:57 - 00000000 ____D C:\Users\Michal
2015-07-02 18:08 - 2012-07-26 12:01 - 00726246 _____ C:\Windows\system32\perfh005.dat
2015-07-02 18:08 - 2012-07-26 12:01 - 00147800 _____ C:\Windows\system32\perfc005.dat
2015-07-02 18:08 - 2012-07-26 09:28 - 01714430 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-01 22:33 - 2013-03-26 10:57 - 00000000 ____D C:\Users\Michal\AppData\Local\VirtualStore
2015-06-29 13:42 - 2013-03-26 11:05 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4006744411-223884911-2588912305-1001
2015-06-29 12:29 - 2014-06-16 10:44 - 84324352 _____ C:\Windows\system32\config\SOFTWARE.iodefrag.bak
2015-06-29 12:29 - 2014-06-16 10:44 - 00389120 _____ C:\Windows\system32\config\DEFAULT.iodefrag.bak
2015-06-29 12:29 - 2014-06-16 10:44 - 00036864 _____ C:\Windows\system32\config\SAM.iodefrag.bak
2015-06-29 12:29 - 2014-06-16 10:44 - 00024576 _____ C:\Windows\system32\config\SECURITY.iodefrag.bak
2015-06-28 14:01 - 2014-11-21 12:13 - 00214520 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2015-06-28 10:50 - 2013-03-26 12:48 - 03937280 ___SH C:\Users\Michal\Desktop\Thumbs.db
2015-06-28 10:22 - 2013-04-26 16:41 - 00000000 ____D C:\Users\Michal\AppData\Local\Pinnacle
2015-06-28 10:22 - 2013-03-26 17:29 - 00000000 ____D C:\Users\Michal\AppData\Roaming\Nero
2015-06-28 10:22 - 2013-03-26 11:16 - 00000000 ____D C:\Users\Michal\AppData\Local\Microsoft Help
2015-06-28 10:21 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\Sysprep
2015-06-28 10:07 - 2014-09-10 16:23 - 00001136 _____ C:\Users\Michal\AppData\Local\MRDownloader.nast
2015-06-28 09:48 - 2012-07-26 09:59 - 00000000 ____D C:\Windows\CbsTemp
2015-06-22 22:02 - 2015-02-20 11:51 - 00002185 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-06-22 16:58 - 2015-02-20 11:42 - 00000000 ____D C:\Users\Michal\AppData\Local\AviraSpeedup
2015-06-22 16:58 - 2015-02-20 11:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviraSpeedup
2015-06-18 22:27 - 2013-10-05 20:15 - 00000000 ____D C:\ProgramData\Package Cache
2015-06-18 22:27 - 2013-03-26 13:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-06-18 22:27 - 2013-03-26 13:05 - 00000000 ____D C:\Program Files (x86)\Avira
2015-06-18 22:26 - 2013-03-26 13:05 - 00000000 ____D C:\ProgramData\Avira
2015-06-16 22:43 - 2015-04-23 20:37 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-16 22:43 - 2015-04-23 20:37 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-16 22:43 - 2013-08-29 20:07 - 00000000 ____D C:\Windows\system32\MRT
2015-06-16 22:38 - 2013-03-27 22:18 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-16 18:14 - 2013-03-26 14:28 - 00000000 ____D C:\Users\Michal\Documents\Madden NFL 08
2015-06-15 19:38 - 2013-03-26 12:53 - 00000000 ____D C:\Users\Michal\Desktop\Hry
2015-06-15 19:28 - 2013-03-26 11:16 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-15 19:17 - 2015-03-19 18:20 - 00499032 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-15 19:15 - 2015-02-28 00:07 - 39403520 _____ C:\Windows\system32\config\COMPONENTS.iodefrag.bak
2015-06-11 17:53 - 2013-08-14 14:45 - 00000000 ____D C:\Program Files (x86)\IObit
2015-06-11 17:52 - 2013-03-26 13:24 - 00000000 ____D C:\Users\Michal\AppData\Roaming\IObit
2015-06-08 18:27 - 2015-04-22 13:40 - 00000000 ____D C:\Users\Public\Speedup Sessions

==================== Files in the root of some directories =======

2015-07-06 17:42 - 2015-07-06 17:42 - 0000024 _____ () C:\Users\Michal\AppData\Roaming\appdataFr25.bin
2013-05-02 15:17 - 2013-05-02 15:17 - 0099384 _____ () C:\Users\Michal\AppData\Roaming\inst.exe
2013-05-02 15:17 - 2013-05-02 15:17 - 0007859 _____ () C:\Users\Michal\AppData\Roaming\pcouffin.cat
2013-05-02 15:17 - 2013-05-02 15:17 - 0001167 _____ () C:\Users\Michal\AppData\Roaming\pcouffin.inf
2013-05-02 15:17 - 2013-05-02 15:17 - 0000034 _____ () C:\Users\Michal\AppData\Roaming\pcouffin.log
2013-05-02 15:17 - 2013-05-02 15:17 - 0082816 _____ (VSO Software) C:\Users\Michal\AppData\Roaming\pcouffin.sys
2014-06-19 20:46 - 2014-06-19 20:46 - 0000024 _____ () C:\Users\Michal\AppData\Roaming\temp.ini
2014-02-27 17:15 - 2014-02-27 17:15 - 0004608 _____ () C:\Users\Michal\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-11-21 12:01 - 2015-04-14 23:46 - 0004065 _____ () C:\Users\Michal\AppData\Local\MRDownloader.err
2014-09-10 16:23 - 2015-06-28 10:07 - 0001136 _____ () C:\Users\Michal\AppData\Local\MRDownloader.nast
2013-04-13 21:34 - 2014-06-07 00:37 - 0006758 _____ () C:\Users\Michal\AppData\Local\SRDownloader.err
2013-03-26 13:58 - 2014-06-07 00:37 - 0001136 _____ () C:\Users\Michal\AppData\Local\SRDownloader.nast
2015-02-22 12:26 - 2015-02-22 12:26 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\Michal\AppData\Local\Temp\avgnt.exe
C:\Users\Michal\AppData\Local\Temp\KMP_3.9.1.136.exe
C:\Users\Michal\AppData\Local\Temp\Quarantine.exe
C:\Users\Michal\AppData\Local\Temp\sqlite3.dll
C:\Users\Michal\AppData\Local\Temp\tmpE3D8.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-07-06 13:10

==================== End of log ============================

#6 Příspěvek od **Rudy** » 06 črc 2015 21:07

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKU\S-1-5-21-4006744411-223884911-2588912305-1001\...\MountPoints2: {1b7befa9-95f9-11e2-be69-1c6f65c062c7} - "F:\setup.exe"
HKU\S-1-5-21-4006744411-223884911-2588912305-1001\...\MountPoints2: {9c2df75a-1477-11e3-be8a-1c6f65c062c7} - "G:\HTC_Sync_Manager_PC.exe"
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKU\S-1-5-21-4006744411-223884911-2588912305-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-search.com/?affID=1198 ... 6F65C062C7
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Extension: (No Name) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-29]
CHR Extension: (No Name) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-29]
CHR Extension: (No Name) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-29]
CHR Extension: (No Name) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2015-06-29]
CHR Extension: (No Name) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2015-06-29]
CHR Extension: (No Name) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-06-29]
CHR Extension: (No Name) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-29]
CHR Extension: (No Name) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-29]
CHR Extension: (No Name) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2015-06-29]
CHR Extension: (No Name) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-29]
C:\ProgramData\DP45977C.lfl
C:\Users\Michal\AppData\Local
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Doporučuji odinstalovat AdvancedSystemCare. Důvod: viewtopic.php?f=14&t=127320&hilit=iobit .

Mikel43 · #7 Příspěvek od **Mikel43** » 06 črc 2015 21:29

Advanced system care odinstalován a zde je log:

Fix result of Farbar Recovery Scan Tool (x64) Version:05-07-2015
Ran by Michal at 2015-07-06 22:28:23 Run:1
Running from C:\Users\Michal\Desktop
Loaded Profiles: Michal (Available Profiles: Michal)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKU\S-1-5-21-4006744411-223884911-2588912305-1001\...\MountPoints2: {1b7befa9-95f9-11e2-be69-1c6f65c062c7} - "F:\setup.exe"
HKU\S-1-5-21-4006744411-223884911-2588912305-1001\...\MountPoints2: {9c2df75a-1477-11e3-be8a-1c6f65c062c7} - "G:\HTC_Sync_Manager_PC.exe"
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKU\S-1-5-21-4006744411-223884911-2588912305-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-search.com/?affID=1198 ... 6F65C062C7
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Extension: (No Name) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-29]
CHR Extension: (No Name) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-29]
CHR Extension: (No Name) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-29]
CHR Extension: (No Name) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2015-06-29]
CHR Extension: (No Name) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2015-06-29]
CHR Extension: (No Name) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-06-29]
CHR Extension: (No Name) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-29]
CHR Extension: (No Name) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-29]
CHR Extension: (No Name) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2015-06-29]
CHR Extension: (No Name) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-29]
C:\ProgramData\DP45977C.lfl
C:\Users\Michal\AppData\Local
End
*****************

"HKU\S-1-5-21-4006744411-223884911-2588912305-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1b7befa9-95f9-11e2-be69-1c6f65c062c7}" => key removed successfully
HKCR\CLSID\{1b7befa9-95f9-11e2-be69-1c6f65c062c7} => key not found.
"HKU\S-1-5-21-4006744411-223884911-2588912305-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9c2df75a-1477-11e3-be8a-1c6f65c062c7}" => key removed successfully
HKCR\CLSID\{9c2df75a-1477-11e3-be8a-1c6f65c062c7} => key not found.
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
HKU\S-1-5-21-4006744411-223884911-2588912305-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
CHR dev: Chrome dev build detected! <======= ATTENTION => Error: No automatic fix found for this entry.
C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek => moved successfully.
C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake => moved successfully.
C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf => moved successfully.
C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig => moved successfully.
C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd => moved successfully.
C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo => moved successfully.
C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf => moved successfully.
C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap => moved successfully.
C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak => moved successfully.
C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia => moved successfully.
C:\ProgramData\DP45977C.lfl => moved successfully.
"C:\Users\Michal\AppData\Local" => Warning: FRST is scripted not to move this directory.

==== End of Fixlog 22:28:24 ====

#8 Příspěvek od **Rudy** » 07 črc 2015 18:00

Smazáno. Nastala nějaká změna?

Mikel43 · #9 Příspěvek od **Mikel43** » 07 črc 2015 19:43

PC už vypadá rychlejší, ale v chromu pořád občas vyskočí nežádoucí okno už při otevření googlu, či gmailu

#10 Příspěvek od **Rudy** » 07 črc 2015 20:25

Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

VIRY.CZ

Zpomalené PC, vyskakující okna v prohlížeči

Zpomalené PC, vyskakující okna v prohlížeči

Re: Zpomalené PC, vyskakující okna v prohlížeči

Re: Zpomalené PC, vyskakující okna v prohlížeči

Re: Zpomalené PC, vyskakující okna v prohlížeči

Re: Zpomalené PC, vyskakující okna v prohlížeči

Re: Zpomalené PC, vyskakující okna v prohlížeči

Re: Zpomalené PC, vyskakující okna v prohlížeči

Re: Zpomalené PC, vyskakující okna v prohlížeči

Re: Zpomalené PC, vyskakující okna v prohlížeči

Re: Zpomalené PC, vyskakující okna v prohlížeči