hodně pomalý ntb

Zpráva

tomaskolik · #1 Příspěvek od **tomaskolik** » 09 zář 2015 18:20

Zdravím! Prosímo kontrolu. Ntb je hodně zpomalený a dlouho nabíhá.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Katerina at 2015-09-09 19:19:05
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 8 GB (19%) free of 40 GB
Total RAM: 3062 MB (51% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:19:38, on 9.9.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18015)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\GWX\GWX.exe
C:\Program Files\Lenovo\TrackPoint\tp4serv.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Users\Katerina\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files\Opera\31.0.1889.174\opera.exe
C:\Program Files\Opera\31.0.1889.174\opera_crashreporter.exe
C:\Program Files\Opera\31.0.1889.174\opera.exe
C:\Program Files\Opera\31.0.1889.174\opera.exe
C:\Program Files\Opera\31.0.1889.174\opera.exe
C:\Program Files\Opera\31.0.1889.174\opera.exe
C:\Program Files\Opera\31.0.1889.174\opera.exe
C:\Program Files\Opera\31.0.1889.174\opera.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Katerina\Desktop\RSIT.exe
C:\Program Files\trend micro\Katerina.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.alawarhry.cz/?pid=6
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.alawarhry.cz/?pid=6
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [TrackPointSrv] C:\Program Files\Lenovo\TrackPoint\tp4serv.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Katerina\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\ThinkPad\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\ThinkPad\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{117965C1-FBA4-4373-9869-7FD5E7D2DEB4}: NameServer = 78.136.128.4 78.136.128.12
O17 - HKLM\System\CCS\Services\Tcpip\..\{26866656-A152-4BDD-A2C1-7795F2F50DFA}: NameServer = 78.136.128.4 78.136.128.12
O17 - HKLM\System\CCS\Services\Tcpip\..\{4421F736-70C0-4F33-8811-5B02A3BCD094}: NameServer = 78.136.128.4 78.136.128.12
O17 - HKLM\System\CCS\Services\Tcpip\..\{5FFD65D7-D7BC-4585-AED8-394F5F61C7DB}: NameServer = 78.136.128.4 78.136.128.12
O17 - HKLM\System\CCS\Services\Tcpip\..\{8F71D24D-65BD-42B5-B2C5-4AC72D3CC0F4}: NameServer = 78.136.128.4 78.136.128.12
O17 - HKLM\System\CCS\Services\Tcpip\..\{A928253E-F76D-4C9A-AE4C-34C1D52CB999}: NameServer = 78.136.128.4 78.136.128.12
O17 - HKLM\System\CCS\Services\Tcpip\..\{B77323AE-7C9A-4F3A-98F7-5E0A2D9F53E5}: NameServer = 78.136.128.4 78.136.128.12
O17 - HKLM\System\CCS\Services\Tcpip\..\{E6ED8549-9D96-4C87-9582-AC99AD536766}: NameServer = 78.136.128.4 78.136.128.12
O17 - HKLM\System\CS1\Services\Tcpip\..\{117965C1-FBA4-4373-9869-7FD5E7D2DEB4}: NameServer = 78.136.128.4 78.136.128.12
O17 - HKLM\System\CS2\Services\Tcpip\..\{117965C1-FBA4-4373-9869-7FD5E7D2DEB4}: NameServer = 78.136.128.4 78.136.128.12
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\Windows\system32\AEADISRV.EXE
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Lenovo PM Service (IBMPMSVC) - Lenovo. - C:\Windows\system32\ibmpmsvc.exe
O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
O23 - Service: OpenVPN Service (OpenVPNService) - The OpenVPN Project - C:\Program Files\OpenVPN\bin\openvpnserv.exe
O23 - Service: Lenovo Hotkey Client Loader (TPHKLOAD) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
O23 - Service: On Screen Display (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe

--
End of file - 7124 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player PPAPI Notifier.job - C:\Windows\system32\Macromed\Flash\FlashUtil32_18_0_0_232_pepper.exe -check pepperplugin
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-01 565304]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-07-01 5515496]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2009-05-18 1314816]
"TrackPointSrv"=C:\Program Files\Lenovo\TrackPoint\tp4serv.exe [2009-11-24 93032]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-08-06 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-08-06 173592]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-08-06 150552]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"cz.seznam.software.szndesktop"=C:\Users\Katerina\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07 998104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner.exe [2015-02-19 5503768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate]
C:\Users\Katerina\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PSQLLauncher]
C:\Program Files\ThinkVantage Fingerprint Software\launcher.exe [2013-03-05 56104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Windows\system32\qttask.exe [2014-02-23 98304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive]
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2009-05-27 85160]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
C:\PROGRA~1\ThinkPad\BLUETO~1\BTTray.exe [2011-01-24 804128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-08-06 217600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\psfus]
C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll [2013-03-05 101160]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"VIDC.FFDS"=ff_vfw.dll
"VIDC.FMVC"=fmcodec.dll
"vidc.avrn"=C:\PROGRA~1\ACEMEG~1\SystemS\AVIDAV~1.DLL
"vidc.advj"=C:\PROGRA~1\ACEMEG~1\SystemS\AVIDAV~1.DLL
"vidc.mszh"=C:\PROGRA~1\ACEMEG~1\SystemS\avimszh.dll
"vidc.zlib"=C:\PROGRA~1\ACEMEG~1\SystemS\avizlib.dll
"vidc.cscd"=C:\PROGRA~1\ACEMEG~1\SystemS\camcodec.dll
"vidc.cvid"=C:\PROGRA~1\ACEMEG~1\SystemS\iccvid.dll
"msacm.trspch"=C:\PROGRA~1\ACEMEG~1\SystemS\tssoft32.acm
"vidc.em2v"=C:\PROGRA~1\ACEMEG~1\SystemS\etxcodec.dll
"vidc.mkvc"=C:\PROGRA~1\ACEMEG~1\SystemS\kmvidc32.dll
"vidc.hfyu"=C:\PROGRA~1\ACEMEG~1\SystemS\huffyuv.dll
"msacm.lameacm"=C:\PROGRA~1\ACEMEG~1\SystemS\lameacm.acm
"msacm.lhacm"=C:\PROGRA~1\ACEMEG~1\SystemS\lhacm.acm
"msacm.l3acm"=C:\PROGRA~1\ACEMEG~1\SystemS\l3codecp.acm
"vidc.sjpg"=C:\PROGRA~1\ACEMEG~1\SystemS\pmjpeg32.dll
"vidc.dmb2"=C:\PROGRA~1\ACEMEG~1\SystemS\pmjpeg32.dll
"vidc.gepj"=C:\PROGRA~1\ACEMEG~1\SystemS\pmjpeg32.dll
"vidc.qpeg"=C:\PROGRA~1\ACEMEG~1\SystemS\Qpeg32.dll
"vidc.q1.0"=C:\PROGRA~1\ACEMEG~1\SystemS\Qpeg32.dll
"msacm.sl_anet"=C:\PROGRA~1\ACEMEG~1\SystemS\sl_anet.acm
"vidc.tscc"=C:\PROGRA~1\ACEMEG~1\SystemS\tsccvid.dll
"vidc.vifp"=C:\PROGRA~1\ACEMEG~1\SystemS\vfcodec.dll
"vidc.wrpr"=C:\PROGRA~1\ACEMEG~1\SystemS\aviwrap.dll
"vidc.wnv1"=C:\PROGRA~1\ACEMEG~1\SystemS\wnvplay1.dll
"vidc.advs"=C:\PROGRA~1\ACEMEG~1\SystemS\Adaptec\Dvc.dll
"vidc.aflc"=C:\PROGRA~1\ACEMEG~1\SystemS\Autodesk\FLCCOD~1.DLL
"vidc.afli"=C:\PROGRA~1\ACEMEG~1\SystemS\Autodesk\FLCCOD~1.DLL
"vidc.aasc"=C:\PROGRA~1\ACEMEG~1\SystemS\Autodesk\Aasc32.dll
"vidc.aas4"=C:\PROGRA~1\ACEMEG~1\SystemS\Autodesk\Aasc32.dll
"vidc.asv1"=C:\PROGRA~1\ACEMEG~1\SystemS\ASUS\asusasv1.dll
"vidc.asv2"=C:\PROGRA~1\ACEMEG~1\SystemS\ASUS\asusasv2.dll
"vidc.asvx"=C:\PROGRA~1\ACEMEG~1\SystemS\ASUS\asusasv2.dll
"vidc.vcr1"=C:\PROGRA~1\ACEMEG~1\SystemS\ATI\ativcr1.dll
"vidc.vcr2"=C:\PROGRA~1\ACEMEG~1\SystemS\ATI\ativcr2.dll
"vidc.yv12"=C:\PROGRA~1\ACEMEG~1\SystemS\ATI\atiyuv12.DLL
"vidc.mwv1"=C:\PROGRA~1\ACEMEG~1\SystemS\Aware\icmw_32.dll
"vidc.bt20"=C:\PROGRA~1\ACEMEG~1\SystemS\BROOKT~1\btvvc32.drv
"vidc.y41p"=C:\PROGRA~1\ACEMEG~1\SystemS\BROOKT~1\btvvc32.drv
"msacm.pcdv"=C:\PROGRA~1\ACEMEG~1\SystemS\Canopus\pcdv.acm
"vidc.cdvc"=C:\PROGRA~1\ACEMEG~1\SystemS\Canopus\CSCCDVC.DLL
"vidc.ddvc"=C:\PROGRA~1\ACEMEG~1\SystemS\Canopus\CSCdvsd.DLL
"vidc.png1"=C:\PROGRA~1\ACEMEG~1\SystemS\Core\COREPN~1.DLL
"msacm.CoreFLAC_ACM"=C:\PROGRA~1\ACEMEG~1\SystemS\Core\COREFL~1.ACM
"vidc.davc"=C:\PROGRA~1\ACEMEG~1\SystemS\dicas\davcvfw.dll
"vidc.div3"=C:\PROGRA~1\ACEMEG~1\SystemS\DivX\DivXc32.dll
"vidc.div5"=C:\PROGRA~1\ACEMEG~1\SystemS\DivX\DivXc32.dll
"vidc.mpg3"=C:\PROGRA~1\ACEMEG~1\SystemS\DivX\DivXc32.dll
"vidc.div4"=C:\PROGRA~1\ACEMEG~1\SystemS\DivX\DivXc32f.dll
"vidc.div6"=C:\PROGRA~1\ACEMEG~1\SystemS\DivX\DivXc32f.dll
"vidc.ap41"=C:\PROGRA~1\ACEMEG~1\SystemS\DivX\DivXc32f.dll
"vidc.dvx4"=C:\PROGRA~1\ACEMEG~1\SystemS\DivX\divx4.dll
"vidc.divx"=C:\PROGRA~1\ACEMEG~1\SystemS\DivX\DivX520.dll
"msacm.divxa32"=C:\PROGRA~1\ACEMEG~1\SystemS\DivX\divxa32.acm
"vidc.frwd"=C:\PROGRA~1\ACEMEG~1\SystemS\Forward\frwd.dll
"vidc.frwt"=C:\PROGRA~1\ACEMEG~1\SystemS\Forward\frwd.dll
"vidc.frwa"=C:\PROGRA~1\ACEMEG~1\SystemS\Forward\frwt.dll
"vidc.frwu"=C:\PROGRA~1\ACEMEG~1\SystemS\Forward\frwu.dll
"vidc.glzw"=C:\PROGRA~1\ACEMEG~1\SystemS\Gabest\GLZW.dll
"vidc.gpeg"=C:\PROGRA~1\ACEMEG~1\SystemS\Gabest\GPEG.dll
"vidc.i263"=C:\PROGRA~1\ACEMEG~1\SystemS\Intel\i263_32.drv
"vidc.iv30"=C:\PROGRA~1\ACEMEG~1\SystemS\Intel\ir32_32.dll
"vidc.iv31"=C:\PROGRA~1\ACEMEG~1\SystemS\Intel\ir32_32.dll
"vidc.iv32"=C:\PROGRA~1\ACEMEG~1\SystemS\Intel\ir32_32.dll
"vidc.iv33"=C:\PROGRA~1\ACEMEG~1\SystemS\Intel\ir32_32.dll
"vidc.iv34"=C:\PROGRA~1\ACEMEG~1\SystemS\Intel\ir32_32.dll
"vidc.iv35"=C:\PROGRA~1\ACEMEG~1\SystemS\Intel\ir32_32.dll
"vidc.iv36"=C:\PROGRA~1\ACEMEG~1\SystemS\Intel\ir32_32.dll
"vidc.iv37"=C:\PROGRA~1\ACEMEG~1\SystemS\Intel\ir32_32.dll
"vidc.iv38"=C:\PROGRA~1\ACEMEG~1\SystemS\Intel\ir32_32.dll
"vidc.iv39"=C:\PROGRA~1\ACEMEG~1\SystemS\Intel\ir32_32.dll
"vidc.iv40"=C:\PROGRA~1\ACEMEG~1\SystemS\Intel\ir41_32.dll
"vidc.iv41"=C:\PROGRA~1\ACEMEG~1\SystemS\Intel\ir41_32.dll
"vidc.iv42"=C:\PROGRA~1\ACEMEG~1\SystemS\Intel\ir41_32.dll
"vidc.iv43"=C:\PROGRA~1\ACEMEG~1\SystemS\Intel\ir41_32.dll
"vidc.iv44"=C:\PROGRA~1\ACEMEG~1\SystemS\Intel\ir41_32.dll
"vidc.iv45"=C:\PROGRA~1\ACEMEG~1\SystemS\Intel\ir41_32.dll
"vidc.iv46"=C:\PROGRA~1\ACEMEG~1\SystemS\Intel\ir41_32.dll
"vidc.iv47"=C:\PROGRA~1\ACEMEG~1\SystemS\Intel\ir41_32.dll
"vidc.iv48"=C:\PROGRA~1\ACEMEG~1\SystemS\Intel\ir41_32.dll
"vidc.iv49"=C:\PROGRA~1\ACEMEG~1\SystemS\Intel\ir41_32.dll
"vidc.iv50"=C:\PROGRA~1\ACEMEG~1\SystemS\Intel\ir50_32.dll
"vidc.iyuv"=C:\PROGRA~1\ACEMEG~1\SystemS\Intel\iyuv_32.dll
"vidc.yvu9"=C:\PROGRA~1\ACEMEG~1\SystemS\Intel\Iyvu9_32.dll
"vidc.ir21"=C:\PROGRA~1\ACEMEG~1\SystemS\Intel\IR21_R.DLL
"vidc.rt21"=C:\PROGRA~1\ACEMEG~1\SystemS\Intel\IR21_R.DLL
"msacm.imc"=C:\PROGRA~1\ACEMEG~1\SystemS\Intel\IMC32.ACM
"vidc.lead"=C:\PROGRA~1\ACEMEG~1\SystemS\LEAD\LCODCCMP.DLL

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-09-09 05:14:29 ----SHD---- C:\Config.Msi
2015-09-08 23:48:35 ----A---- C:\Windows\system32\dwmcore.dll
2015-09-08 23:48:34 ----A---- C:\Windows\system32\dwmapi.dll
2015-09-08 23:48:32 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-09-08 23:48:32 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-09-08 23:48:32 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-09-08 23:48:31 ----A---- C:\Windows\system32\urlmon.dll
2015-09-08 23:48:31 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-09-08 23:48:31 ----A---- C:\Windows\system32\iernonce.dll
2015-09-08 23:48:31 ----A---- C:\Windows\system32\iedkcs32.dll
2015-09-08 23:48:31 ----A---- C:\Windows\system32\ie4uinit.exe
2015-09-08 23:48:30 ----A---- C:\Windows\system32\jsproxy.dll
2015-09-08 23:48:30 ----A---- C:\Windows\system32\jscript9diag.dll
2015-09-08 23:48:30 ----A---- C:\Windows\system32\ieUnatt.exe
2015-09-08 23:48:30 ----A---- C:\Windows\system32\ieapfltr.dll
2015-09-08 23:48:30 ----A---- C:\Windows\system32\dxtmsft.dll
2015-09-08 23:48:29 ----A---- C:\Windows\system32\msfeeds.dll
2015-09-08 23:48:27 ----A---- C:\Windows\system32\msrating.dll
2015-09-08 23:48:27 ----A---- C:\Windows\system32\iesetup.dll
2015-09-08 23:48:26 ----A---- C:\Windows\system32\wininet.dll
2015-09-08 23:48:26 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-09-08 23:48:25 ----A---- C:\Windows\system32\dxtrans.dll
2015-09-08 23:48:24 ----A---- C:\Windows\system32\ieui.dll
2015-09-08 23:48:24 ----A---- C:\Windows\system32\ieframe.dll
2015-09-08 23:48:21 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-09-08 23:48:21 ----A---- C:\Windows\system32\mshtmled.dll
2015-09-08 23:48:20 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-09-08 23:48:19 ----A---- C:\Windows\system32\iertutil.dll
2015-09-08 23:48:18 ----A---- C:\Windows\system32\mshtml.dll
2015-09-08 23:48:16 ----A---- C:\Windows\system32\vbscript.dll
2015-09-08 23:48:16 ----A---- C:\Windows\system32\jscript.dll
2015-09-08 23:48:15 ----A---- C:\Windows\system32\jscript9.dll
2015-09-08 23:47:56 ----A---- C:\Windows\system32\consent.exe
2015-09-08 23:47:56 ----A---- C:\Windows\system32\authui.dll
2015-09-08 23:47:55 ----A---- C:\Windows\system32\appinfo.dll
2015-09-08 23:47:35 ----A---- C:\Windows\system32\wucltux.dll
2015-09-08 23:47:34 ----A---- C:\Windows\system32\wuwebv.dll
2015-09-08 23:47:34 ----A---- C:\Windows\system32\wudriver.dll
2015-09-08 23:47:34 ----A---- C:\Windows\system32\wuaueng.dll
2015-09-08 23:47:34 ----A---- C:\Windows\system32\wuauclt.exe
2015-09-08 23:47:34 ----A---- C:\Windows\system32\wuapp.exe
2015-09-08 23:47:34 ----A---- C:\Windows\system32\wuapi.dll
2015-09-08 23:47:34 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-09-08 23:47:33 ----A---- C:\Windows\system32\wups2.dll
2015-09-08 23:47:33 ----A---- C:\Windows\system32\wups.dll
2015-09-08 23:47:33 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-09-08 23:47:17 ----A---- C:\Windows\system32\tzres.dll
2015-08-14 04:09:56 ----D---- C:\Windows\rescache
2015-08-13 16:21:33 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-08-13 16:21:31 ----A---- C:\Windows\system32\ntdll.dll
2015-08-13 16:21:30 ----A---- C:\Windows\system32\sysmain.dll
2015-08-13 16:21:30 ----A---- C:\Windows\system32\ntkrnlpa.exe
2015-08-13 16:21:30 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2015-08-13 16:21:29 ----A---- C:\Windows\system32\lsasrv.dll
2015-08-13 16:21:28 ----A---- C:\Windows\system32\srcore.dll
2015-08-13 16:21:28 ----A---- C:\Windows\system32\rstrui.exe
2015-08-13 16:21:28 ----A---- C:\Windows\system32\kerberos.dll
2015-08-13 16:21:28 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-08-13 16:21:27 ----A---- C:\Windows\system32\smss.exe
2015-08-13 16:21:27 ----A---- C:\Windows\system32\schannel.dll
2015-08-13 16:21:27 ----A---- C:\Windows\system32\rpcrt4.dll
2015-08-13 16:21:27 ----A---- C:\Windows\system32\msv1_0.dll
2015-08-13 16:21:27 ----A---- C:\Windows\system32\csrsrv.dll
2015-08-13 16:21:26 ----A---- C:\Windows\system32\wdigest.dll
2015-08-13 16:21:26 ----A---- C:\Windows\system32\TSpkg.dll
2015-08-13 16:21:26 ----A---- C:\Windows\system32\sspicli.dll
2015-08-13 16:21:26 ----A---- C:\Windows\system32\srclient.dll
2015-08-13 16:21:26 ----A---- C:\Windows\system32\ncrypt.dll
2015-08-13 16:21:26 ----A---- C:\Windows\system32\lsass.exe
2015-08-13 16:21:26 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-08-13 16:21:26 ----A---- C:\Windows\system32\cryptbase.dll
2015-08-13 16:21:26 ----A---- C:\Windows\system32\auditpol.exe
2015-08-13 16:21:25 ----A---- C:\Windows\system32\sspisrv.dll
2015-08-13 16:21:25 ----A---- C:\Windows\system32\secur32.dll
2015-08-13 16:21:25 ----A---- C:\Windows\system32\msmmsp.dll
2015-08-13 16:21:25 ----A---- C:\Windows\system32\credssp.dll
2015-08-13 16:21:24 ----A---- C:\Windows\system32\msobjs.dll
2015-08-13 16:21:24 ----A---- C:\Windows\system32\msaudite.dll
2015-08-13 16:21:24 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-08-13 16:21:24 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-08-13 16:21:24 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-08-13 16:21:24 ----A---- C:\Windows\system32\apisetschema.dll
2015-08-13 16:21:24 ----A---- C:\Windows\system32\adtschema.dll
2015-08-12 03:02:02 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-11 22:43:16 ----A---- C:\Windows\system32\generaltel.dll
2015-08-11 22:43:15 ----A---- C:\Windows\system32\invagent.dll
2015-08-11 22:43:15 ----A---- C:\Windows\system32\devinv.dll
2015-08-11 22:43:15 ----A---- C:\Windows\system32\appraiser.dll
2015-08-11 22:43:15 ----A---- C:\Windows\system32\acmigration.dll
2015-08-11 22:43:14 ----A---- C:\Windows\system32\aeinv.dll
2015-08-11 22:43:12 ----A---- C:\Windows\system32\aepdu.dll
2015-08-11 22:43:11 ----A---- C:\Windows\system32\CompatTelRunner.exe
2015-08-11 22:40:57 ----A---- C:\Windows\system32\WebClnt.dll
2015-08-11 22:40:57 ----A---- C:\Windows\system32\davclnt.dll
2015-08-11 22:40:54 ----A---- C:\Windows\system32\notepad.exe
2015-08-11 22:40:54 ----A---- C:\Windows\notepad.exe
2015-08-11 22:34:20 ----A---- C:\Windows\system32\FntCache.dll
2015-08-11 22:34:20 ----A---- C:\Windows\system32\DWrite.dll
2015-08-11 22:34:20 ----A---- C:\Windows\system32\atmfd.dll
2015-08-11 22:34:18 ----A---- C:\Windows\system32\win32k.sys
2015-08-11 22:34:17 ----A---- C:\Windows\system32\lpk.dll
2015-08-11 22:34:17 ----A---- C:\Windows\system32\dciman32.dll
2015-08-11 22:34:17 ----A---- C:\Windows\system32\d3d10warp.dll
2015-08-11 22:34:17 ----A---- C:\Windows\system32\atmlib.dll
2015-08-11 22:34:16 ----A---- C:\Windows\system32\fontsub.dll
2015-08-11 22:21:47 ----A---- C:\Windows\system32\mstscax.dll
2015-08-11 22:21:45 ----A---- C:\Windows\system32\wksprt.exe
2015-08-11 22:21:45 ----A---- C:\Windows\system32\tsgqec.dll
2015-08-11 22:21:45 ----A---- C:\Windows\system32\rdvidcrl.dll
2015-08-11 22:21:36 ----A---- C:\Windows\system32\shell32.dll
2015-08-11 22:21:26 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-08-11 22:20:43 ----A---- C:\Windows\system32\basesrv.dll
2015-08-11 22:18:47 ----A---- C:\Windows\system32\msxml3.dll
2015-08-11 22:18:46 ----A---- C:\Windows\system32\msxml6.dll
2015-08-11 22:18:45 ----A---- C:\Windows\system32\msxml6r.dll
2015-08-11 22:18:45 ----A---- C:\Windows\system32\msxml3r.dll

======List of files/folders modified in the last 1 month======

2015-09-09 19:19:36 ----RSD---- C:\Windows\assembly
2015-09-09 19:19:17 ----D---- C:\Windows\Prefetch
2015-09-09 19:19:12 ----D---- C:\Program Files\trend micro
2015-09-09 19:18:54 ----D---- C:\Windows\Temp
2015-09-09 19:15:01 ----D---- C:\Windows\Microsoft.NET
2015-09-09 19:12:11 ----D---- C:\Windows\winsxs
2015-09-09 19:11:46 ----D---- C:\Windows\system32\config
2015-09-09 19:11:06 ----D---- C:\Windows\system32\en-US
2015-09-09 19:11:06 ----D---- C:\Windows\System32
2015-09-09 19:11:06 ----D---- C:\Windows\PolicyDefinitions
2015-09-09 19:11:03 ----D---- C:\Program Files\Internet Explorer
2015-09-09 19:10:59 ----D---- C:\Windows\system32\cs-CZ
2015-09-09 12:00:51 ----SHD---- C:\Windows\Installer
2015-09-09 03:52:51 ----SHD---- C:\System Volume Information
2015-09-09 03:06:55 ----D---- C:\Windows\ehome
2015-09-08 23:44:03 ----D---- C:\Windows\system32\catroot2
2015-09-04 13:58:41 ----D---- C:\Windows\inf
2015-09-04 13:58:41 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-08-28 08:56:41 ----D---- C:\Program Files
2015-08-28 08:56:36 ----D---- C:\Windows\Tasks
2015-08-27 01:45:54 ----D---- C:\Users\Katerina\AppData\Roaming\Audacity
2015-08-22 16:49:29 ----D---- C:\Program Files\Opera
2015-08-22 16:49:27 ----D---- C:\Windows\system32\Tasks
2015-08-14 04:09:56 ----D---- C:\Windows
2015-08-14 03:19:04 ----D---- C:\Windows\system32\drivers\cs-CZ
2015-08-14 03:19:04 ----D---- C:\Windows\system32\drivers
2015-08-13 00:52:52 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2015-08-12 03:25:46 ----SD---- C:\Windows\system32\CompatTel
2015-08-12 03:25:46 ----D---- C:\Windows\system32\appraiser
2015-08-12 03:25:46 ----D---- C:\Windows\AppPatch

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-07-01 49904]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-07-01 209048]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-07-01 81728]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-07-01 787760]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-07-01 428120]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-03-06 243128]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2009-02-17 24232]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-07-01 24144]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-07-01 74976]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-07-01 106912]
R2 irda;IrDA Protocol; C:\Windows\system32\DRIVERS\irda.sys [2009-07-14 96768]
R2 smihlp;SMI Helper Driver (smihlp); \??\C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [2011-05-30 11976]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2015-07-01 220752]
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys [2009-05-18 381440]
R3 e1express;Intel(R) PRO/1000 – ovladač PCI Express síťového připojení; C:\Windows\system32\DRIVERS\e1e6032.sys [2009-07-14 211456]
R3 IBMPMDRV;IBMPMDRV; C:\Windows\system32\DRIVERS\ibmpmdrv.sys [2014-02-27 45880]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-08-06 4786688]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-14 4231168]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-20 84992]
R3 tap0901;TAP-Windows Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2013-08-22 35288]
R3 Tp4Track;PS/2 TrackPoint Driver; C:\Windows\system32\DRIVERS\tp4track.sys [2009-11-24 23152]
R3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2009-05-23 29696]
R3 WinUsb;WinUSB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2010-04-09 45736]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2010-01-15 86056]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2010-01-15 108072]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 29472]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-01-15 18472]
S3 dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 131072]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-20 16384]
S3 dot4usb;Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 36864]
S3 NSCIRDA;NSC Infrared Device Driver; C:\Windows\system32\DRIVERS\nscirda.sys [2008-01-19 30720]
S3 PCASp60;PCASp60 NDIS Protocol Driver; C:\Windows\System32\Drivers\PCASp60.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 49152]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 27136]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 vwmfbus;Vertex Wireless Composite Device driver (WDM); C:\Windows\system32\DRIVERS\vwmfbus.sys [2009-11-11 98560]
S3 vwmfdiag;Vertex Wireless Diagnostic Monitor Port Driver (WDM); C:\Windows\system32\DRIVERS\vwmfdiag.sys [2009-11-11 100224]
S3 vwmfmdfl;~Vertex Wireless CDC Modem Filter~; C:\Windows\system32\DRIVERS\vwmfmdfl.sys [2009-11-11 14848]
S3 vwmfmdm;Vertex Wireless CDC Modem Driver; C:\Windows\system32\DRIVERS\vwmfmdm.sys [2009-11-11 123776]
S3 vwmfserd;Vertex Wireless Device Management Port Driver (WDM); C:\Windows\system32\DRIVERS\vwmfserd.sys [2009-11-11 100224]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
R2 AEADIFilters;Andrea ADI Filters Service; C:\Windows\system32\AEADISRV.EXE [2008-07-15 90112]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-07-01 343336]
R2 btwdins;Bluetooth Service; C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe [2011-01-24 628000]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 IBMPMSVC;Lenovo PM Service; C:\Windows\system32\ibmpmsvc.exe [2014-02-27 56664]
R2 Irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 TPHKLOAD;Lenovo Hotkey Client Loader; C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe [2013-05-24 116216]
R2 TPHKSVC;On Screen Display; C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe [2013-05-22 125504]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2015-07-01 3207800]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S2 LENOVO.MICMUTE;Lenovo Microphone Mute; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [2013-05-22 127072]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-13 269000]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-08-15 102912]
S3 OpenVPNService;OpenVPN Service; C:\Program Files\OpenVPN\bin\openvpnserv.exe [2013-08-22 32568]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-12-07 1343400]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

#2 Příspěvek od **Márty84** » 09 zář 2015 20:18

Zdravim

Pokud tam neni zamerne, odinstalujte Seznam Software.

Stahnete crystal disk info http://sourceforge.jp/projects/crystald ... 5_0_0.zip/
Spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)

Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner[C?].txt ). Ten mi sem zkopirujte.

tomaskolik · #3 Příspěvek od **tomaskolik** » 10 zář 2015 17:09

Zdravím,

seznam software je tam schvalně (pošťák)

----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 7 Home Premium Edition SP1 [6.1 Build 7601] (x86)
Date : 2015/09/10 18:01:25

-- Controller Map ----------------------------------------------------------
+ ATA Channel 0 (0) [ATA]
- ST9160301AS ATA Device
- ATA Channel 1 (1) [ATA]
+ Intel(R) ICH7-M Family Serial ATA Storage Controller - 27C4 [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
+ Virtual CloneDrive [SCSI]
- ELBY CLONEDRIVE SCSI CdRom Device

-- Disk List ---------------------------------------------------------------
(1) ST9160301AS : 160,0 GB [0/0/0, pd1] - st

----------------------------------------------------------------------------
(1) ST9160301AS
----------------------------------------------------------------------------
Model : ST9160301AS
Firmware : 0001SDM2
Serial Number : 5XT05Z4Q
Disk Size : 160,0 GB (8,4/137,4/160,0)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 312581808
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 4
Transfer Mode : SATA/150
Power On Hours : 20870 hod.
Power On Count : 4596 krát
Host Reads : 636 GB
Host Writes : 991 GB
Temparature : 37 C (98 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 8080h [ON]
AAM Level : D0FEh [ON]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 103 _82 __6 00000051ABAC Počet chyb čtení
03 _99 _99 _85 000000000000 Čas na roztočení ploten
04 _95 _95 _20 000000001469 Počet spuštění/zastavení
05 100 100 _36 000000000000 Počet přemapovaných sektorů
07 _73 _60 _30 000D0E530458 Počet chybných hledání
09 _77 _77 __0 000000005186 Hodin v činnosti
0A 100 100 _97 000000000000 Počet opakovaných pokusů o roztočení ploten
0C _96 _96 _20 0000000011F4 Počet cyklů zapnutí zařízení
B8 100 100 _99 000000000000 Ukončovacích chyb
BB __1 __1 __0 0000000056D1 Ohlášeno neopravitelných chyb
BC 100 _96 __0 000200020037 Časový limit příkazu
BD 100 100 __0 000000000000 Vysoká rychlost zápisu
BE _63 _45 _45 000025180025 Teplota toku vzduchu
BF 100 100 __0 0000000002BC Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 000000000000 Počet vypnutí disku
C1 __1 __1 __0 00000009CAFA Počet cyklů načítání/vymazání
C2 _37 _55 __0 000200000025 Teplota
C3 _75 _57 __0 00000051ABAC Počet oprav chybného čtení
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
F0 100 253 __0 DF0300003E25 Čas nastavování hlaviček - v hodinách
F1 100 253 __0 00007BF60BAF Total LBAs Written
F2 100 253 __0 00004F83220B Total LBAs Read
FE 100 100 __0 000000000000 Ochrana proti pádu

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 3558 3558 5430 355A 3451
020: 0000 4000 0004 3030 3031 4D32 4D32 5354 3931 3630
030: 3330 3141 5320 2020 2020 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0200 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 0702 0702 0000 0048 0048
080: 01F0 0029 746B 7F09 6123 BE09 BE09 6123 207F 001A
090: 001A 8080 FFFE 0000 D0FE 0000 0000 0000 0000 0000
100: 9EB0 12A1 0000 0000 0000 0000 0000 0000 5000 C500
110: 1BF2 2931 0000 0000 0000 0000 0000 0000 0000 401E
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 9EB0
130: 12A1 9EB0 12A1 2020 0002 0100 0100 5000 3C06 3C0A
140: 0000 0078 0000 0008 0000 001F 001F 0280 0000 0000
150: 0008 0000 0000 0000 0000 0000 0000 0000 4C00 8000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 103F 103F 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 1010 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 F3A5

# AdwCleaner v5.007 - Logfile created 10/09/2015 at 18:03:48
# Updated 08/09/2015 by Xplode
# Database : 2015-09-08.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x86)
# Username : Katerina - KATERINA-PC
# Running from : C:\Users\Katerina\Desktop\adwcleaner_5.007.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

***** [ Folders ] *****

***** [ Files ] *****

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

***** [ Registry ] *****

***** [ Web browsers ] *****

*************************

:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [636 bytes] ##########

#4 Příspěvek od **Márty84** » 10 zář 2015 17:38

Disk hlasi spoustu chyb. I to muze byt pricina problemu. Uvidime po docisteni.

Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

tomaskolik · #5 Příspěvek od **tomaskolik** » 11 zář 2015 04:53

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 10.9.2015
Čas skenování: 20:36
Protokol: kjk.txt
Správce: Ano

Verze: 2.1.8.1057
Databáze malwaru: v2015.09.10.07
Databáze rootkitů: v2015.08.16.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x86
Souborový systém: NTFS
Uživatel: Katerina

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 403462
Uplynulý čas: 1 hod, 30 min, 44 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 0
(Nenalezeny žádné škodlivé položky)

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)

(end)

#6 Příspěvek od **Márty84** » 11 zář 2015 08:19

MBAM muzete odinstalovat

Udelejte kontrolu programem HD Tune
Stahnete http://www.slunecnice.cz/sw/hd-tune/ , nainstalujte a spustte jako spravce (pokud vam pri instalaci nabidne nejaky doplnek, odmitnete ho!)
V tom okne kliknete na posledni zalozku - Error Scan (pokud bude zatrzeny quick scan, tak zatrzitko zruste) a kliknete na Start.
Kontrola bude nejakou dobu trvat. Dejte vedet, jestli tam bylo nejake cervene policko.
Taky se podivejte na zalozku Health a opiste mi (vyfotte), co se tam pise. Melo by tam byt OK http://www.google.cz/imgres?um=1&hl=cs& ... s:20,i:143

Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach

tomaskolik · #7 Příspěvek od **tomaskolik** » 11 zář 2015 17:29

zadny cerveny ctverecek

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:10-09-2015 01
Ran by Katerina (administrator) on KATERINA-PC (11-09-2015 18:16:05)
Running from C:\Users\Katerina\Desktop
Loaded Profiles: Katerina (Available Profiles: Katerina)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Authentec Inc.) C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\Windows\System32\AEADISRV.EXE
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
() C:\Users\Katerina\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Opera Software) C:\Program Files\Opera\31.0.1889.174\opera.exe
(Opera Software) C:\Program Files\Opera\31.0.1889.174\opera_crashreporter.exe
(Opera Software) C:\Program Files\Opera\31.0.1889.174\opera.exe
(Opera Software) C:\Program Files\Opera\31.0.1889.174\opera.exe
(Opera Software) C:\Program Files\Opera\31.0.1889.174\opera.exe
(Opera Software) C:\Program Files\Opera\31.0.1889.174\opera.exe
(Opera Software) C:\Program Files\Opera\31.0.1889.174\opera.exe
(Opera Software) C:\Program Files\Opera\31.0.1889.174\opera.exe
(Opera Software) C:\Program Files\Opera\31.0.1889.174\opera.exe
(forum.viry.cz) C:\Users\Katerina\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-07-01] (Avast Software s.r.o.)
HKLM\...\Run: [SoundMAXPnP] => C:\Program Files\Analog Devices\Core\smax4pnp.exe [1314816 2009-05-18] (Analog Devices, Inc.)
Winlogon\Notify\psfus: C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll [2013-03-05] (Authentec Inc.)
HKU\S-1-5-21-647228223-2171512834-1984284345-1000\...\Run: [] => [X]
HKU\S-1-5-21-647228223-2171512834-1984284345-1000\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Katerina\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
Lsa: [Notification Packages] scecli C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-07-01] (Avast Software s.r.o.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{117965C1-FBA4-4373-9869-7FD5E7D2DEB4}: [NameServer] 78.136.128.4 78.136.128.12
Tcpip\..\Interfaces\{26866656-A152-4BDD-A2C1-7795F2F50DFA}: [NameServer] 78.136.128.4 78.136.128.12
Tcpip\..\Interfaces\{2FF1D5B9-6ABE-46E1-A36A-A431195D4E5A}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{4421F736-70C0-4F33-8811-5B02A3BCD094}: [NameServer] 78.136.128.4 78.136.128.12
Tcpip\..\Interfaces\{5FFD65D7-D7BC-4585-AED8-394F5F61C7DB}: [NameServer] 78.136.128.4 78.136.128.12
Tcpip\..\Interfaces\{8F71D24D-65BD-42B5-B2C5-4AC72D3CC0F4}: [NameServer] 78.136.128.4 78.136.128.12
Tcpip\..\Interfaces\{A7C43364-1F9B-48D4-8AF2-AC1A658E7466}: [DhcpNameServer] 147.251.6.10 147.251.4.33
Tcpip\..\Interfaces\{A928253E-F76D-4C9A-AE4C-34C1D52CB999}: [NameServer] 78.136.128.4 78.136.128.12
Tcpip\..\Interfaces\{B77323AE-7C9A-4F3A-98F7-5E0A2D9F53E5}: [NameServer] 78.136.128.4 78.136.128.12
Tcpip\..\Interfaces\{E6ED8549-9D96-4C87-9582-AC99AD536766}: [NameServer] 78.136.128.4 78.136.128.12
Tcpip\..\Interfaces\{FC12FC5F-D364-42A4-AE57-FC7CEDFFD166}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.alawarhry.cz/?pid=6
HKU\S-1-5-21-647228223-2171512834-1984284345-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.alawarhry.cz/?pid=6
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-01] (Avast Software s.r.o.)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-12] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @real.com/nppl3260;version=6.0.11.2027 -> C:\Program Files\ACE Mega CoDecS Pack\SystemS\RealMedia\Browser\plugins\nppl3260.dll [2004-11-09] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.1040 -> C:\Program Files\ACE Mega CoDecS Pack\SystemS\RealMedia\Browser\plugins\nprpjplug.dll [2004-11-09] (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-28] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-28] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-12-07]

Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Katerina\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Katerina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-07]
CHR Extension: (Google Drive) - C:\Users\Katerina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-07]
CHR Extension: (YouTube) - C:\Users\Katerina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-07]
CHR Extension: (Google Search) - C:\Users\Katerina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-07]
CHR Extension: (Avast Online Security) - C:\Users\Katerina\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-12-07]
CHR Extension: (Google Wallet) - C:\Users\Katerina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-07]
CHR Extension: (Gmail) - C:\Users\Katerina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-07]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-01]

Opera:
=======
OPR Extension: (Opera Software) - C:\Users\Katerina\AppData\Roaming\Opera Software\Opera Stable\Extensions\encfpfilknmenlmjemepncnlbbjlabkc [2013-12-07]
OPR Extension: (Translate) - C:\Users\Katerina\AppData\Roaming\Opera Software\Opera Stable\Extensions\ibnombjmjocaccigcefonnipcnlaeaed [2013-12-28]
OPR Extension: (Adblock Plus) - C:\Users\Katerina\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2013-12-28]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-07-01] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3207800 2015-07-01] (Avast Software)
S2 LENOVO.MICMUTE; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [127072 2013-05-22] (Lenovo Group Limited)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [32568 2013-08-22] (The OpenVPN Project)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [52736 2009-06-22] (Hewlett-Packard) [File not signed]
R2 TPHKLOAD; C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe [116216 2013-05-24] (Lenovo Group Limited)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24144 2015-07-01] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [74976 2015-07-01] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-07-01] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49904 2015-07-01] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787760 2015-07-01] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [428120 2015-07-01] (Avast Software s.r.o.)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [106912 2015-07-01] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [209048 2015-07-01] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2014-03-06] (Disc Soft Ltd)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [24232 2009-02-17] (Elaborate Bytes AG)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-06-18] (Malwarebytes Corporation)
R2 smihlp; C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [11976 2011-05-30] (Authentec Inc.)
R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [35288 2013-08-22] (The OpenVPN Project)
R3 Tp4Track; C:\Windows\System32\DRIVERS\tp4track.sys [23152 2009-11-24] (Lenovo Group Limited)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220752 2015-07-01] (Avast Software)
S3 vwmfbus; C:\Windows\System32\DRIVERS\vwmfbus.sys [98560 2009-11-11] (MCCI Corporation)
S3 vwmfdiag; C:\Windows\System32\DRIVERS\vwmfdiag.sys [100224 2009-11-11] (MCCI Corporation)
S3 vwmfmdfl; C:\Windows\System32\DRIVERS\vwmfmdfl.sys [14848 2009-11-11] (MCCI Corporation)
S3 vwmfmdm; C:\Windows\System32\DRIVERS\vwmfmdm.sys [123776 2009-11-11] (MCCI Corporation)
S3 vwmfserd; C:\Windows\System32\DRIVERS\vwmfserd.sys [100224 2009-11-11] (MCCI Corporation)
S3 PCASp60; System32\Drivers\PCASp60.sys [X]
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-14] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-11 18:16 - 2015-09-11 18:16 - 00012575 _____ C:\Users\Katerina\Desktop\FRST.txt
2015-09-11 18:15 - 2015-09-11 18:16 - 00000000 ____D C:\FRST
2015-09-11 18:15 - 2015-09-11 18:15 - 00112640 _____ (forum.viry.cz) C:\Users\Katerina\Desktop\FRSTLauncher.exe
2015-09-11 18:12 - 2015-09-11 18:13 - 01692672 _____ (Farbar) C:\Users\Katerina\Desktop\FRST.exe
2015-09-11 18:11 - 2015-09-11 18:11 - 00002250 _____ C:\Users\Katerina\Desktop\hdtune.txt
2015-09-11 17:12 - 2015-09-11 17:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune
2015-09-11 17:12 - 2015-09-11 17:12 - 00000000 ____D C:\Program Files\HD Tune
2015-09-11 17:09 - 2015-09-11 17:09 - 08000768 _____ C:\Users\Katerina\Desktop\hdtune_255.exe
2015-09-11 05:52 - 2015-09-11 05:52 - 00001159 _____ C:\Users\Katerina\Desktop\kjk.txt
2015-09-10 20:35 - 2015-09-10 20:36 - 00098520 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-09-10 20:35 - 2015-09-10 20:35 - 00001020 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-09-10 20:34 - 2015-09-10 20:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-09-10 20:34 - 2015-09-10 20:34 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-09-10 20:34 - 2015-09-10 20:34 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2015-09-10 20:34 - 2015-06-18 08:41 - 00094936 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-09-10 20:34 - 2015-06-18 08:41 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-09-10 20:34 - 2015-06-18 08:41 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-09-10 20:33 - 2015-09-10 20:33 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Katerina\Desktop\mbam-setup-2.1.8.1057.exe
2015-09-10 17:59 - 2015-09-10 17:59 - 01660416 _____ C:\Users\Katerina\Desktop\adwcleaner_5.007.exe
2015-09-10 17:58 - 2015-09-10 17:58 - 01496172 _____ C:\Users\Katerina\Desktop\CrystalDiskInfo5_0_0.zip
2015-09-09 19:45 - 2015-09-10 18:05 - 00000168 _____ C:\Windows\setupact.log
2015-09-09 19:45 - 2015-09-09 19:45 - 00000000 _____ C:\Windows\setuperr.log
2015-09-09 19:18 - 2015-09-09 19:18 - 01107968 _____ C:\Users\Katerina\Desktop\RSIT.exe
2015-09-08 23:49 - 2015-09-02 04:48 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-09-08 23:49 - 2015-09-02 04:48 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-09-08 23:49 - 2015-09-02 04:48 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-09-08 23:49 - 2015-09-02 04:48 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-09-08 23:49 - 2015-09-02 03:36 - 02384896 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-09-08 23:49 - 2015-09-02 03:33 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-09-08 23:49 - 2015-08-27 19:58 - 01391104 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-09-08 23:49 - 2015-08-27 19:58 - 01241088 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-09-08 23:49 - 2015-08-27 19:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-09-08 23:49 - 2015-08-27 19:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-09-08 23:49 - 2015-08-05 19:41 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-09-08 23:49 - 2015-08-05 19:40 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-09-08 23:49 - 2015-08-05 19:40 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-09-08 23:49 - 2015-08-04 19:48 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-09-08 23:49 - 2015-08-04 19:47 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-09-08 23:49 - 2015-08-04 19:47 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-09-08 23:49 - 2015-08-04 19:46 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-09-08 23:49 - 2015-08-04 19:46 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-09-08 23:49 - 2015-08-04 18:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-09-08 23:49 - 2015-07-22 19:57 - 03934656 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-09-08 23:49 - 2015-07-22 19:53 - 00937984 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-09-08 23:49 - 2015-07-22 18:38 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-09-08 23:48 - 2015-08-18 03:14 - 00344168 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-09-08 23:48 - 2015-08-15 08:06 - 19856896 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-09-08 23:48 - 2015-08-15 07:53 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-09-08 23:48 - 2015-08-15 07:53 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-09-08 23:48 - 2015-08-15 07:40 - 00504832 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-09-08 23:48 - 2015-08-15 07:40 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-09-08 23:48 - 2015-08-15 07:39 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-09-08 23:48 - 2015-08-15 07:39 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-09-08 23:48 - 2015-08-15 07:38 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-09-08 23:48 - 2015-08-15 07:35 - 02279424 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-09-08 23:48 - 2015-08-15 07:33 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-09-08 23:48 - 2015-08-15 07:32 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-09-08 23:48 - 2015-08-15 07:30 - 00479232 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-09-08 23:48 - 2015-08-15 07:29 - 00665600 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-09-08 23:48 - 2015-08-15 07:29 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-09-08 23:48 - 2015-08-15 07:29 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-09-08 23:48 - 2015-08-15 07:29 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-09-08 23:48 - 2015-08-15 07:24 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-09-08 23:48 - 2015-08-15 07:21 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-09-08 23:48 - 2015-08-15 07:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-09-08 23:48 - 2015-08-15 07:14 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-09-08 23:48 - 2015-08-15 07:12 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-09-08 23:48 - 2015-08-15 07:11 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-09-08 23:48 - 2015-08-15 07:10 - 04520448 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-09-08 23:48 - 2015-08-15 07:04 - 12857344 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-09-08 23:48 - 2015-08-15 07:02 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-09-08 23:48 - 2015-08-15 07:02 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-09-08 23:48 - 2015-08-15 07:01 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-09-08 23:48 - 2015-08-15 07:01 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-09-08 23:48 - 2015-08-15 06:43 - 01951232 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-09-08 23:48 - 2015-08-15 06:39 - 01310720 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-09-08 23:48 - 2015-08-15 06:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-09-08 23:48 - 2015-07-22 19:57 - 03989952 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-09-08 23:48 - 2015-07-22 19:57 - 00137664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-09-08 23:48 - 2015-07-22 19:57 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-09-08 23:48 - 2015-07-22 19:54 - 01308160 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-09-08 23:48 - 2015-07-22 19:53 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-09-08 23:48 - 2015-07-22 19:53 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-09-08 23:48 - 2015-07-22 19:53 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-09-08 23:48 - 2015-07-22 19:53 - 00635392 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-09-08 23:48 - 2015-07-22 19:53 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-09-08 23:48 - 2015-07-22 19:53 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-09-08 23:48 - 2015-07-22 19:53 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-09-08 23:48 - 2015-07-22 19:53 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-09-08 23:48 - 2015-07-22 19:53 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-09-08 23:48 - 2015-07-22 19:53 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-09-08 23:48 - 2015-07-22 19:53 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-09-08 23:48 - 2015-07-22 19:53 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-09-08 23:48 - 2015-07-22 19:53 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-09-08 23:48 - 2015-07-22 19:53 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-09-08 23:48 - 2015-07-22 19:53 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-09-08 23:48 - 2015-07-22 19:53 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-09-08 23:48 - 2015-07-22 19:53 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-09-08 23:48 - 2015-07-22 19:53 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-09-08 23:48 - 2015-07-22 19:52 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-09-08 23:48 - 2015-07-22 19:52 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-09-08 23:48 - 2015-07-22 19:52 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-09-08 23:48 - 2015-07-22 19:52 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-09-08 23:48 - 2015-07-22 19:47 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-09-08 23:48 - 2015-07-22 19:46 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-09-08 23:48 - 2015-07-22 19:42 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-09-08 23:48 - 2015-07-22 19:42 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-09-08 23:48 - 2015-07-22 18:34 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-09-08 23:48 - 2015-07-22 18:34 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-09-08 23:48 - 2015-07-22 18:33 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-09-08 23:48 - 2015-07-09 19:42 - 01372160 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-09-08 23:48 - 2015-07-09 19:42 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-09-08 23:47 - 2015-08-26 19:56 - 02953728 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-09-08 23:47 - 2015-08-26 19:56 - 02061824 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-09-08 23:47 - 2015-08-26 19:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-09-08 23:47 - 2015-08-26 19:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-09-08 23:47 - 2015-08-26 19:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-09-08 23:47 - 2015-08-26 19:56 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-09-08 23:47 - 2015-08-26 19:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-09-08 23:47 - 2015-08-26 19:55 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-09-08 23:47 - 2015-08-26 19:55 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-09-08 23:47 - 2015-08-26 19:55 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-09-08 23:47 - 2015-08-26 19:55 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-09-08 23:47 - 2015-07-15 04:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-09-08 23:47 - 2015-06-25 11:48 - 00105408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-09-08 23:47 - 2015-06-25 11:44 - 01805824 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-09-08 23:47 - 2015-06-25 11:44 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-09-06 21:55 - 2015-09-06 21:55 - 00000000 ____D C:\Users\Katerina\Desktop\William-Shakespeare---Večer-tříkrálový.mluvene-slovo.CZ
2015-09-06 21:55 - 2015-09-06 21:55 - 00000000 ____D C:\Users\Katerina\Desktop\William-Shakespeare---Macbeth.mluvene-slovo.CZ
2015-09-04 13:28 - 2015-09-04 13:28 - 00000000 ____D C:\Users\Katerina\Desktop\Mluvené-slovo---Giovanni-Boccaccio---Dekameron
2015-08-26 12:49 - 2011-03-19 06:02 - 00000000 ____D C:\Users\Katerina\Desktop\Leary Denis - Rakovinu nevyléčíš
2015-08-25 14:11 - 2015-08-31 15:20 - 00021504 _____ C:\Users\Katerina\Desktop\štítky.xls
2015-08-24 13:28 - 2015-07-17 20:40 - 00000000 ____D C:\Users\Katerina\Desktop\Foto
2015-08-20 20:19 - 2015-08-20 20:19 - 00000000 ____D C:\Users\Katerina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zařízení Bluetooth
2015-08-14 04:09 - 2015-09-10 18:35 - 00000000 ____D C:\Windows\rescache
2015-08-13 16:21 - 2015-07-15 19:59 - 00078784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-13 16:21 - 2015-07-15 19:55 - 01159168 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-13 16:21 - 2015-07-15 19:54 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-08-12 03:02 - 2015-07-30 15:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-11 18:08 - 2013-12-07 20:18 - 01484462 _____ C:\Windows\WindowsUpdate.log
2015-09-11 18:01 - 2015-05-15 23:44 - 00000940 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-11 17:51 - 2013-12-08 14:30 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-09-11 17:06 - 2015-02-25 21:06 - 00000000 ____D C:\Users\Katerina\Desktop\Akcičky
2015-09-11 16:16 - 2015-04-06 23:07 - 00002992 _____ C:\Users\Katerina\Desktop\NAS 2.lnk
2015-09-11 15:32 - 2009-07-14 06:34 - 00028944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-09-11 15:32 - 2009-07-14 06:34 - 00028944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-09-11 10:41 - 2015-05-15 23:44 - 00000936 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-10 18:05 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-10 18:03 - 2015-03-15 14:22 - 00000000 ____D C:\AdwCleaner
2015-09-09 20:39 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2015-09-09 20:38 - 2010-11-20 23:01 - 01608000 _____ C:\Windows\system32\PerfStringBackup.INI
2015-09-09 19:45 - 2009-07-14 06:33 - 00291392 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-09 19:43 - 2011-04-12 03:46 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-09 19:42 - 2013-12-13 18:24 - 00000000 ____D C:\Users\Katerina\AppData\Roaming\Media Player Classic
2015-09-09 19:41 - 2013-12-18 17:34 - 00000000 ____D C:\Windows\Minidump
2015-09-09 19:19 - 2015-03-15 00:14 - 00000000 ____D C:\Program Files\trend micro
2015-09-06 01:44 - 2015-07-16 20:17 - 00000958 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2015-08-27 01:45 - 2014-04-01 14:42 - 00000000 ____D C:\Users\Katerina\AppData\Roaming\Audacity
2015-08-22 16:49 - 2013-12-07 20:33 - 00000000 ____D C:\Program Files\Opera
2015-08-13 00:52 - 2013-12-08 14:29 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-08-13 00:52 - 2013-12-08 14:29 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-08-12 03:25 - 2014-12-11 10:04 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-12 03:25 - 2014-04-23 03:00 - 00000000 ___SD C:\Windows\system32\CompatTel

==================== Files in the root of some directories =======

2014-04-24 00:24 - 2014-11-07 04:33 - 0006144 _____ () C:\Users\Katerina\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

Some files in TEMP:
====================
C:\Users\Katerina\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\system32\Macromed\Flash\FlashUtil32_18_0_0_232_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\ProgramData\TEMP:488F7244

==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Katerina\Desktop" je 2664 MB.

***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PSQLLauncher
"C:\Program Files\ThinkVantage Fingerprint Software\launcher.exe" /startup [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
"C:\Windows\system32\qttask.exe" -atboottime [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrackPointSrv
C:\Program Files\Lenovo\TrackPoint\tp4serv.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive
"C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk
C:\PROGRA~1\ThinkPad\BLUETO~1\BTTray.exe

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

HD Tune: ST9160301AS Health

ID Current Worst ThresholdData Status
(01) Raw Read Error Rate 118 82 6 185239434 Ok
(03) Spin Up Time 99 99 85 0 Ok
(04) Start/Stop Count 95 95 20 5231 Ok
(05) Reallocated Sector Count 100 100 36 0 Ok
(07) Seek Error Rate 73 60 30 240664976 Ok
(09) Power On Hours Count 77 77 0 20881 Ok
(0A) Spin Retry Count 100 100 97 0 Ok
(0C) Power Cycle Count 96 96 20 4601 Ok
(B8) (unknown attribute) 100 100 99 0 Ok
(BB) (unknown attribute) 1 1 0 22225 Ok
(BC) (unknown attribute) 100 96 0 131127 Ok
(BD) (unknown attribute) 100 100 0 0 Ok
(BE) Airflow Temperature 56 45 45 757137452 Ok
(BF) G-sense Error Rate 100 100 0 700 Ok
(C0) Power Off Retract Count 100 100 0 0 Ok
(C1) Load Cycle Count 1 1 0 641987 Ok
(C2) Temperature 44 55 0 44 Ok
(C3) Hardware ECC Recovered 69 57 0 185239434 Ok
(C5) Current Pending Sector 100 100 0 0 Ok
(C6) Offline Uncorrectable 100 100 0 0 Ok
(C7) Ultra DMA CRC Error Count 200 200 0 0 Ok
(F0) Head Flying Hours 100 253 0 15920 Ok
(F1) (unknown attribute) 100 253 0 2093006325 Ok
(F2) (unknown attribute) 100 253 0 1696927691 Ok
(FE) (unknown attribute) 100 100 0 0 Ok

Power On Time : 20881
Health Status : Ok

#8 Příspěvek od **Márty84** » 11 zář 2015 19:51

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Katerina\Desktop" je 2664 MB.

Velikost plochy by nemela presahovat 200 - 300 MB! Brzdi to chod pc. Cili ji trosku uklidte a na plochu dejte jen zastupce. Jen pozor na obcasnou chybu, ze uzivatele maji na plose slozku, v ni dalsi a v ni dalsi a do te to schovaji. To je sice hezke, ale plochu to nezmensi, jen je to v jinem supliku

Vypnete trvale Windows Defender.

Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

HKU\S-1-5-21-647228223-2171512834-1984284345-1000\...\Run: [] => [X]
HKU\S-1-5-21-647228223-2171512834-1984284345-1000\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Katerina\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()

Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\system32\Macromed\Flash\FlashUtil32_18_0_0_232_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-13 269000]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28 144200]

DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PSQLLauncher
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task

Hosts:
EmptyTemp:
Reboot:
End

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.

tomaskolik · #9 Příspěvek od **tomaskolik** » 12 zář 2015 16:22

Fix result of Farbar Recovery Scan Tool (x86) Version:12-09-2015
Ran by Katerina (2015-09-12 17:15:03) Run:1
Running from C:\Users\Katerina\Desktop
Loaded Profiles: Katerina (Available Profiles: Katerina)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKU\S-1-5-21-647228223-2171512834-1984284345-1000\...\Run: [] => [X]
HKU\S-1-5-21-647228223-2171512834-1984284345-1000\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Katerina\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()

Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\system32\Macromed\Flash\FlashUtil32_18_0_0_232_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-13 269000]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28 144200]

DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PSQLLauncher
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKU\S-1-5-21-647228223-2171512834-1984284345-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully.
HKU\S-1-5-21-647228223-2171512834-1984284345-1000\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.szndesktop => value removed successfully.
C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => moved successfully
C:\Windows\Tasks\Adobe Flash Player Updater.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
AdobeARMservice => service removed successfully.
gupdate => service removed successfully.
AdobeFlashPlayerUpdateSvc => service removed successfully.
gupdatem => service removed successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM => key removed successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PSQLLauncher => key removed successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task => key removed successfully.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 220.5 MB temporary data Removed.

The system needed a reboot.

==== End of Fixlog 17:16:03 ====

#10 Příspěvek od **Márty84** » 12 zář 2015 18:28

Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

vyosek píše: DelFix https://toolslib.net/downloads/finish/2/
Stahnete a spustte

Ponechte zatrzitkou pouze u volby Remove disinfection tools

Kliknete na Run

Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)

Defragmentujte disk(y) (SSD Disky ne!)
Stahnete program Defraggler https://www.piriform.com/defraggler/download/standard
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.

Pak napiste, jak to s pc vypada.

7.11. pro neaktivitu

http://forum.viry.cz/viewtopic.php?f=12&t=123975

VIRY.CZ

hodně pomalý ntb

hodně pomalý ntb

Re: hodně pomalý ntb

Re: hodně pomalý ntb

Re: hodně pomalý ntb

Re: hodně pomalý ntb

Re: hodně pomalý ntb

Re: hodně pomalý ntb

Re: hodně pomalý ntb

Re: hodně pomalý ntb

Re: hodně pomalý ntb