Notebook Packard Bell - procesor běží na 100%

Zpráva

Kaminek · #1 Příspěvek od **Kaminek** » 16 črc 2016 15:41

Dobrý den všem, náš notebook se velice zpomalil, hodně se zasekává neschopen běžných drobností...
Procesor v tyto chvíle běží na 100%
Můžete se prosím podívat do logu z Hijakcthis?
Během vytváření logu hlásí tuto hlášku:
For some reason your system denied write access to th host file. If any hijacked domains are in this file, hijack this my not be able to fix this:
click run and type:
notepad C Windows System32 drivers etc hosts

Děkuji

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:28:27, on 16.7.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18347)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
C:\Users\Kateřinka\Downloads\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.b1.org/?bsrc=hmior&chid=c167991
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg.com/?cid={5FCE7C4A ... 2015-12-10 08:01:30&v=4.2.8.608&pid=wtu&sg=&sap=hp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office12\GR469A~1.DLL
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Web TuneUp - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Web TuneUp\4.3.1.831\AVG Web TuneUp.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\Av\avuirunnerx.exe" C:\Program Files (x86)\AVG\Av\avgui.exe
O4 - HKLM\..\Run: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe" /lps=fmw
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Web TuneUp\vprot.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [EEDSpeedLauncher] rundll32.exe C:\Windows\system32\eed_ec.dll,SpeedLauncher
O4 - HKUS\S-1-5-18\..\Run: [EEDSpeedLauncher] rundll32.exe C:\Windows\system32\eed_ec.dll,SpeedLauncher (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [EEDSpeedLauncher] rundll32.exe C:\Windows\system32\eed_ec.dll,SpeedLauncher (User 'Default user')
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} - http://www.sibelius.com/download/softwa ... Plugin.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~3\Office12\GRA32A~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe Active File Monitor V8 (AdobeActiveFileMonitor8.0) - Adobe Systems Incorporated - c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AvgAMPS - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgamps.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgfwsa.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: lmab_device - Unknown owner - C:\Windows\SysWOW64\LMabcoms.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Updater Service - Acer Group - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater40.3.1 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.1\ToolbarUpdater.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: WtuSystemSupport - Unknown owner - C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe

--
End of file - 10360 bytes

#2 Příspěvek od **Rudy** » 16 črc 2016 17:18

Zdravím!
Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 . HijackThis je už dávno za zenitem.

Kaminek · #3 Příspěvek od **Kaminek** » 16 črc 2016 22:19

Aaaha,, ok, dalo mu to zahulit,ale schřoupnul to
moc děkuji za pomoc.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-07-2016
Ran by Kateřinka (administrator) on KAT-PC (16-07-2016 21:49:29)
Running from C:\Users\Kateřinka\Downloads
Loaded Profiles: Kateřinka (Available Profiles: Kateřinka)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(Software602 a.s.) C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgfwsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe
(Acer Group) C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.1\ToolbarUpdater.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
() C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11057768 2010-07-06] (Realtek Semiconductor)
HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [649608 2010-04-13] (ELAN Microelectronic Corp.)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [861216 2010-06-12] (Acer Incorporated)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [462712 2012-03-09] ()
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-04-13] (Intel Corporation)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [975952 2010-08-10] (Dritek System Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [6723856 2016-06-29] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [186640 2016-06-21] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [1941064 2016-05-16] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-458667207-1595923144-4194804358-1000\...\Run: [EEDSpeedLauncher] => rundll32.exe C:\Windows\system32\eed_ec.dll,SpeedLauncher
HKU\S-1-5-21-458667207-1595923144-4194804358-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [899584 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [EEDSpeedLauncher] => rundll32.exe C:\Windows\system32\eed_ec.dll,SpeedLauncher

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 91.225.84.26 91.225.84.30 8.8.8.8
Tcpip\..\Interfaces\{3C77AD8E-3438-4BCB-B94C-42FFCE31B94D}: [DhcpNameServer] 91.225.84.26 91.225.84.30 8.8.8.8

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-458667207-1595923144-4194804358-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-458667207-1595923144-4194804358-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={5FCE7C4A-8745-443C-96F1-4ECB5FBC3A7B}&mid=449453daadfd47d089864b4908c104d5-0c8e85403c5a5c6d28b2a03e65c50c8123759241&lang=cs&ds=AVG&coid=avgtbavg&cmpid=1215av&pr=fr&d=2015-12-10 08:01:30&v=4.2.8.608&pid=wtu&sg=&sap=hp
HKU\S-1-5-21-458667207-1595923144-4194804358-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.b1.org/?bsrc=hmior&chid=c167991
SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-458667207-1595923144-4194804358-1000 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={5FCE7C4A-8745-443C-96F1-4ECB5FBC3A7B}&mid=449453daadfd47d089864b4908c104d5-0c8e85403c5a5c6d28b2a03e65c50c8123759241&lang=cs&ds=AVG&coid=avgtbavg&cmpid=1215tb&pr=fr&d=2015-12-10 08:01:30&v=4.2.8.608&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-458667207-1595923144-4194804358-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-458667207-1595923144-4194804358-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={5FCE7C4A-8745-443C-96F1-4ECB5FBC3A7B}&mid=449453daadfd47d089864b4908c104d5-0c8e85403c5a5c6d28b2a03e65c50c8123759241&lang=cs&ds=AVG&coid=avgtbavg&cmpid=1215tb&pr=fr&d=2015-12-10 08:01:30&v=4.2.8.608&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2013-05-13] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-05-13] (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO-x32: Pomocník pro přihlášení ke službě Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.3.1.831\AVG Web TuneUp.dll [2016-05-16] (AVG)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-04-05] (Sun Microsystems, Inc.)
Toolbar: HKU\S-1-5-21-458667207-1595923144-4194804358-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {A8F2B9BD-A6A0-486A-9744-18920D898429} hxxp://www.sibelius.com/download/software/win/ ... Plugin.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Kateřinka\AppData\Roaming\Mozilla\Firefox\Profiles\d43fnyuk.default
FF SearchEngineOrder.1: Search Results
FF SelectedSearchEngine: Google
FF Homepage: hxxp://seznam.cz
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-13] ()
FF Plugin: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\system32\npDeployJava1.dll [2013-05-13] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-05-13] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-13] ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.1\\npsitesafety.dll [No File]
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2011-03-24] (Google)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll [2011-04-05] (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-04-16] (Microsoft Corporation)
FF Plugin-x32: @software602.cz/602XML Filler -> C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll [2012-08-06] (Software602 a.s.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-06-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-458667207-1595923144-4194804358-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Kateřinka\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-11-07] (Unity Technologies ApS)
FF user.js: detected! => C:\Users\Kateřinka\AppData\Roaming\Mozilla\Firefox\Profiles\d43fnyuk.default\user.js [2016-04-13]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-06-23] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Kateřinka\AppData\Roaming\Mozilla\Firefox\Profiles\d43fnyuk.default\searchplugins\avg-secure-search.xml [2016-05-16]
FF Extension: AniWeather - C:\Users\Kateřinka\AppData\Roaming\Mozilla\Firefox\Profiles\d43fnyuk.default\extensions\{4176DFF4-4698-11DE-BEEB-45DA55D89593}.xpi [2016-04-28]
FF Extension: AVG Web TuneUp - C:\Users\Kateřinka\AppData\Roaming\Mozilla\Firefox\Profiles\d43fnyuk.default\Extensions\avg@toolbar.xpi [2016-05-16]
FF Extension: New Tab - C:\Users\Kateřinka\AppData\Roaming\Mozilla\Firefox\Profiles\d43fnyuk.default\Extensions\{C4A4F5A0-4B89-4392-AFAC-D58010E349AF}.xpi [2013-06-10] [not signed]

Chrome:
=======
CHR HomePage: Default -> search.ask.com/?gct=hp
CHR StartupUrls: Default -> "hxxp://www.searchnu.com/406?appid=757"
CHR DefaultSearchURL: Default -> hxxp://www.search.ask.com/web?q={searchTerms}
CHR DefaultSearchKeyword: Default -> search.ask.com
CHR DefaultSuggestURL: Default -> hxxp://ssmsp.ask.com/query?sstype=prefix&li=ff&q={searchTerms}
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\pdf.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\gcswf32.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll => No File
CHR Plugin: (Java Deployment Toolkit 6.0.240.7) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U24) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll => No File
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll => No File
CHR Profile: C:\Users\Kateřinka\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (AVG Secure Search) - C:\Users\Kateřinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2016-03-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Kateřinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-10]
CHR HKLM\...\Chrome\Extension: [aaaaadgepjkdffhjbkfjgnnffnfcffbg] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-458667207-1595923144-4194804358-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [chfdnecihphmhljaaejmgoiahnihplgn] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [aaaaadgepjkdffhjbkfjgnnffnfcffbg] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s.)
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [637944 2016-06-29] (AVG Technologies CZ, s.r.o.)
R2 avgfws; C:\Program Files (x86)\AVG\Av\avgfwsa.exe [2007608 2016-06-29] (AVG Technologies CZ, s.r.o.)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5251808 2016-06-29] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1080080 2016-06-21] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [712792 2016-06-29] (AVG Technologies CZ, s.r.o.)
R2 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [868896 2010-06-12] (Acer Incorporated)
R2 GREGService; C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [23584 2010-01-08] (Acer Incorporated)
S3 lmab_device; C:\Windows\SysWOW64\LMabcoms.exe [452608 2005-06-14] () [File not signed]
R2 NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe [255744 2010-06-29] (NewTech Infosystems, Inc.)
R2 Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [243232 2010-01-29] (Acer Group)
R2 vToolbarUpdater40.3.1; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.1\ToolbarUpdater.exe [1323080 2016-05-16] (AVG Secure Search)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [1223752 2016-04-12] ()

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [163072 2016-05-13] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [73480 2016-06-06] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [310016 2016-06-09] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [261376 2016-06-01] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [260352 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [249088 2016-06-02] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [52992 2016-06-01] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [280320 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 Avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [76544 2016-06-01] (AVG Technologies CZ, s.r.o.)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 ezplay; C:\Windows\System32\Drivers\ezplay.sys [118400 2014-05-03] (VSO Software)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-04-18] () [File not signed]
S3 s0016bus; C:\Windows\System32\DRIVERS\s0016bus.sys [115240 2008-05-16] (MCCI Corporation)
S3 s0016mdfl; C:\Windows\System32\DRIVERS\s0016mdfl.sys [19496 2008-05-16] (MCCI Corporation)
S3 s0016mdm; C:\Windows\System32\DRIVERS\s0016mdm.sys [158760 2008-05-16] (MCCI Corporation)
S3 s0016mgmt; C:\Windows\System32\DRIVERS\s0016mgmt.sys [137256 2008-05-16] (MCCI Corporation)
S3 s0016nd5; C:\Windows\System32\DRIVERS\s0016nd5.sys [34344 2008-05-16] (MCCI Corporation)
S3 s0016obex; C:\Windows\System32\DRIVERS\s0016obex.sys [136744 2008-05-16] (MCCI Corporation)
S3 s0016unic; C:\Windows\System32\DRIVERS\s0016unic.sys [151592 2008-05-16] (MCCI Corporation)
U5 usbser; C:\Windows\System32\Drivers\usbser.sys [33280 2013-08-29] (Microsoft Corporation)
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]
S1 SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-16 21:49 - 2016-07-16 22:02 - 00020412 _____ C:\Users\Kateřinka\Downloads\FRST.txt
2016-07-16 21:48 - 2016-07-16 21:49 - 00000000 ____D C:\FRST
2016-07-16 21:46 - 2016-07-16 21:46 - 02391040 _____ (Farbar) C:\Users\Kateřinka\Downloads\FRST64.exe
2016-07-16 16:23 - 2016-07-16 16:23 - 00388608 _____ (Trend Micro Inc.) C:\Users\Kateřinka\Downloads\hijackthis.exe
2016-07-15 22:51 - 2016-07-16 00:07 - 00000733 _____ C:\Users\Kateřinka\Desktop\avgrep.txt
2016-07-15 22:48 - 2016-07-15 22:49 - 00184426 _____ C:\Windows\ntbtlog.txt
2016-07-15 21:29 - 2016-07-15 21:29 - 00003408 ____N C:\bootsqm.dat
2016-07-13 06:46 - 2016-07-14 15:09 - 19527360 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2016-07-06 20:15 - 2016-07-06 20:33 - 00000000 ____D C:\Users\Kateřinka\Desktop\Rakousko Dita Blumau 07_2016
2016-06-28 16:27 - 2016-06-30 20:51 - 00000000 ____D C:\Users\Kateřinka\Documents\Byliny
2016-06-27 18:49 - 2016-06-29 20:21 - 00000862 _____ C:\Users\Public\Desktop\AVG.lnk
2016-06-19 14:15 - 2016-06-19 14:15 - 00150010 _____ C:\Users\Kateřinka\Downloads\rpttab5020001.pdf
2016-06-19 14:15 - 2016-06-19 14:15 - 00150010 _____ C:\Users\Kateřinka\Downloads\rpttab5020001(2).pdf
2016-06-19 14:15 - 2016-06-19 14:15 - 00150010 _____ C:\Users\Kateřinka\Downloads\rpttab5020001(1).pdf
2016-06-17 16:58 - 2016-05-18 18:10 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-06-17 16:58 - 2016-05-18 18:09 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-06-17 16:58 - 2016-05-12 19:20 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-06-17 16:58 - 2016-05-12 19:20 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-06-17 16:58 - 2016-05-12 19:15 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-06-17 16:58 - 2016-05-12 19:15 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-06-17 16:58 - 2016-05-12 19:15 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-06-17 16:58 - 2016-05-12 19:15 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-06-17 16:58 - 2016-05-12 19:15 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-06-17 16:58 - 2016-05-12 19:14 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-06-17 16:58 - 2016-05-12 19:14 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-06-17 16:58 - 2016-05-12 19:14 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-06-17 16:58 - 2016-05-12 19:14 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-06-17 16:58 - 2016-05-12 19:14 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-06-17 16:58 - 2016-05-12 19:14 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-06-17 16:58 - 2016-05-12 19:14 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-06-17 16:58 - 2016-05-12 19:14 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-06-17 16:58 - 2016-05-12 19:14 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-06-17 16:58 - 2016-05-12 19:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-06-17 16:58 - 2016-05-12 19:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-06-17 16:58 - 2016-05-12 19:14 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-06-17 16:58 - 2016-05-12 19:14 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-06-17 16:58 - 2016-05-12 19:14 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-06-17 16:58 - 2016-05-12 17:18 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-06-17 16:58 - 2016-05-12 17:18 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-06-17 16:58 - 2016-05-12 17:18 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-06-17 16:58 - 2016-05-12 17:18 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-06-17 16:58 - 2016-05-12 17:18 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-06-17 16:58 - 2016-05-12 17:18 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-06-17 16:58 - 2016-05-12 17:18 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-06-17 16:58 - 2016-05-12 17:18 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-06-17 16:58 - 2016-05-12 17:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-06-17 16:58 - 2016-05-12 17:18 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-06-17 16:58 - 2016-05-12 17:18 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-06-17 16:58 - 2016-05-12 17:18 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-06-17 16:58 - 2016-05-12 17:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-06-17 16:58 - 2016-05-12 17:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-06-17 16:58 - 2016-05-12 17:18 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-06-17 16:58 - 2016-05-12 17:18 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-06-17 16:58 - 2016-05-12 17:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-06-17 16:58 - 2016-05-12 16:58 - 00464896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-06-17 16:58 - 2016-05-12 16:58 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-06-17 16:58 - 2016-05-12 16:58 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-06-17 16:58 - 2016-05-12 16:58 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-06-17 16:58 - 2016-05-12 16:58 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-06-17 16:58 - 2016-05-12 16:58 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-06-17 16:58 - 2016-05-12 16:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-06-17 16:58 - 2016-05-12 16:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-06-17 16:58 - 2016-05-12 16:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-06-17 16:58 - 2016-05-12 15:05 - 00459640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-06-17 16:58 - 2016-05-12 15:05 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2016-06-17 16:58 - 2016-05-12 15:04 - 00249352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2016-06-17 16:57 - 2016-06-06 18:58 - 00041704 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-06-17 16:57 - 2016-06-06 18:50 - 01204224 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-06-17 16:57 - 2016-06-03 15:05 - 01413120 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-06-17 16:57 - 2016-05-27 15:06 - 00569856 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-06-17 16:57 - 2016-05-27 15:06 - 00544256 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-06-17 16:57 - 2016-05-27 15:06 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-06-17 16:57 - 2016-05-27 15:06 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-06-17 16:57 - 2016-05-22 15:06 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-06-17 16:57 - 2016-05-14 00:15 - 00382184 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-06-17 16:57 - 2016-05-14 00:09 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-06-17 16:57 - 2016-05-14 00:09 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-06-17 16:57 - 2016-05-14 00:09 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-06-17 16:57 - 2016-05-14 00:09 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-06-17 16:57 - 2016-05-13 23:54 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-06-17 16:57 - 2016-05-13 23:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-06-17 16:57 - 2016-05-13 23:49 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-06-17 16:57 - 2016-05-13 23:49 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-06-17 16:57 - 2016-05-13 23:27 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-06-17 16:57 - 2016-05-12 19:15 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\winipsec.dll
2016-06-17 16:57 - 2016-05-12 19:14 - 00794624 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2016-06-17 16:57 - 2016-05-12 19:14 - 00502272 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2016-06-17 16:57 - 2016-05-12 19:14 - 00373760 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2016-06-17 16:57 - 2016-05-12 19:14 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2016-06-17 16:57 - 2016-05-12 19:14 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2016-06-17 16:57 - 2016-05-12 17:18 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\polstore.dll
2016-06-17 16:57 - 2016-05-12 17:18 - 00079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2016-06-17 16:57 - 2016-05-12 17:18 - 00070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winipsec.dll
2016-06-17 16:57 - 2016-05-12 17:18 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FwRemoteSvr.dll
2016-06-17 16:57 - 2016-05-12 17:03 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-06-17 16:57 - 2016-05-11 19:02 - 00483840 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2016-06-17 16:57 - 2016-05-11 19:02 - 00444928 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-06-17 16:57 - 2016-05-11 19:02 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2016-06-17 16:57 - 2016-05-11 19:02 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2016-06-17 16:57 - 2016-05-11 17:19 - 00363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2016-06-17 16:57 - 2016-05-11 17:19 - 00351744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2016-06-17 16:57 - 2016-05-11 17:19 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2016-06-17 16:57 - 2016-05-11 17:19 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll
2016-06-17 16:57 - 2016-05-11 17:11 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2016-06-17 16:57 - 2016-05-11 17:01 - 00026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netbtugc.exe
2016-06-17 16:57 - 2016-05-11 16:58 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2016-06-17 16:57 - 2016-04-09 08:58 - 14186496 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-06-17 16:57 - 2016-04-09 08:57 - 01867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-06-17 16:57 - 2016-04-09 08:54 - 12881408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-06-17 16:57 - 2016-04-09 08:54 - 01499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-06-17 16:57 - 2016-04-09 07:53 - 03231232 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-06-17 16:57 - 2016-04-09 07:44 - 02973184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-06-17 16:57 - 2016-03-09 21:00 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2016-06-17 16:57 - 2016-03-09 20:40 - 00316416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2016-06-17 16:56 - 2016-05-24 01:37 - 00394960 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-06-17 16:56 - 2016-05-24 00:54 - 00346312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-06-17 16:56 - 2016-05-21 19:28 - 25802752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-06-17 16:56 - 2016-05-21 18:57 - 20341248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-06-17 16:56 - 2016-05-21 00:27 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-06-17 16:56 - 2016-05-21 00:27 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-06-17 16:56 - 2016-05-21 00:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-06-17 16:56 - 2016-05-21 00:10 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-06-17 16:56 - 2016-05-21 00:09 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-06-17 16:56 - 2016-05-21 00:09 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-06-17 16:56 - 2016-05-21 00:09 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-06-17 16:56 - 2016-05-21 00:08 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-06-17 16:56 - 2016-05-21 00:08 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-06-17 16:56 - 2016-05-21 00:02 - 06051328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-06-17 16:56 - 2016-05-21 00:00 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-06-17 16:56 - 2016-05-20 23:59 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-06-17 16:56 - 2016-05-20 23:57 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-06-17 16:56 - 2016-05-20 23:57 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-06-17 16:56 - 2016-05-20 23:57 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-06-17 16:56 - 2016-05-20 23:56 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-06-17 16:56 - 2016-05-20 23:56 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-06-17 16:56 - 2016-05-20 23:55 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-06-17 16:56 - 2016-05-20 23:54 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-06-17 16:56 - 2016-05-20 23:54 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-06-17 16:56 - 2016-05-20 23:54 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-06-17 16:56 - 2016-05-20 23:54 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-06-17 16:56 - 2016-05-20 23:50 - 02287104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-06-17 16:56 - 2016-05-20 23:49 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-06-17 16:56 - 2016-05-20 23:48 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-06-17 16:56 - 2016-05-20 23:45 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-06-17 16:56 - 2016-05-20 23:45 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-06-17 16:56 - 2016-05-20 23:44 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-06-17 16:56 - 2016-05-20 23:44 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-06-17 16:56 - 2016-05-20 23:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-06-17 16:56 - 2016-05-20 23:41 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-06-17 16:56 - 2016-05-20 23:33 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-06-17 16:56 - 2016-05-20 23:33 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-06-17 16:56 - 2016-05-20 23:32 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-06-17 16:56 - 2016-05-20 23:29 - 13815808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-06-17 16:56 - 2016-05-20 23:28 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-06-17 16:56 - 2016-05-20 23:27 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-06-17 16:56 - 2016-05-20 23:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-06-17 16:56 - 2016-05-20 23:26 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-06-17 16:56 - 2016-05-20 23:25 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-06-17 16:56 - 2016-05-20 23:23 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-06-17 16:56 - 2016-05-20 23:23 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-06-17 16:56 - 2016-05-20 23:22 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-06-17 16:56 - 2016-05-20 23:21 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-06-17 16:56 - 2016-05-20 23:19 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-06-17 16:56 - 2016-05-20 23:14 - 04610048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-06-17 16:56 - 2016-05-20 23:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-06-17 16:56 - 2016-05-20 23:11 - 15420928 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-06-17 16:56 - 2016-05-20 23:11 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-06-17 16:56 - 2016-05-20 23:09 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-06-17 16:56 - 2016-05-20 23:09 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-06-17 16:56 - 2016-05-20 23:08 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-06-17 16:56 - 2016-05-20 23:08 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-06-17 16:56 - 2016-05-20 23:07 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-06-17 16:56 - 2016-05-20 23:07 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-06-17 16:56 - 2016-05-20 23:06 - 02131968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-06-17 16:56 - 2016-05-20 22:46 - 02597888 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-06-17 16:56 - 2016-05-20 22:42 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-06-17 16:56 - 2016-05-20 22:38 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-06-17 16:56 - 2016-05-20 22:38 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-06-17 16:56 - 2016-05-20 22:34 - 01544192 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-06-17 16:56 - 2016-05-20 22:23 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-06-17 16:56 - 2016-04-14 18:46 - 00114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-06-17 16:56 - 2016-04-14 18:42 - 03243520 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-06-17 16:56 - 2016-04-14 18:42 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-06-17 16:56 - 2016-04-14 18:42 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-06-17 16:56 - 2016-04-14 18:42 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-06-17 16:56 - 2016-04-14 18:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2016-06-17 16:56 - 2016-04-14 17:33 - 02365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-06-17 16:56 - 2016-04-14 17:33 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-06-17 16:56 - 2016-04-14 17:33 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2016-06-17 16:56 - 2016-04-14 17:33 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2016-06-17 16:56 - 2016-04-14 17:19 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-06-17 16:56 - 2016-04-14 17:11 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-16 22:09 - 2013-05-13 17:34 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-07-16 21:54 - 2011-06-02 07:28 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-16 21:52 - 2009-07-14 06:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-07-16 21:52 - 2009-07-14 06:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-07-16 21:39 - 2012-04-01 12:37 - 00000000 ____D C:\ProgramData\MFAData
2016-07-16 16:27 - 2011-03-30 23:36 - 00000000 ____D C:\Users\Kateřinka\AppData\Local\VirtualStore
2016-07-16 12:20 - 2011-06-02 07:28 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-16 00:09 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-07-15 22:49 - 2013-06-20 16:43 - 04720640 ___SH C:\Users\Kateřinka\Desktop\Thumbs.db
2016-07-15 21:18 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-07-15 21:17 - 2015-08-26 18:58 - 00000000 ____D C:\Users\Kateřinka\AppData\Roaming\Audacity
2016-07-15 18:49 - 2014-03-31 10:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2016-07-14 19:24 - 2013-05-13 17:37 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2016-07-14 18:43 - 2015-10-25 14:49 - 00000000 ____D C:\Users\Kateřinka\AppData\Local\AvgSetupLog
2016-07-14 18:40 - 2012-11-08 19:34 - 00003072 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2016-07-14 15:11 - 2013-05-13 17:34 - 00004582 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-07-14 15:10 - 2013-05-13 17:34 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-07-14 15:10 - 2011-05-26 21:32 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-07-14 15:09 - 2011-01-25 09:45 - 00672424 _____ C:\Windows\system32\perfh005.dat
2016-07-14 15:09 - 2011-01-25 09:45 - 00142988 _____ C:\Windows\system32\perfc005.dat
2016-07-14 15:09 - 2009-07-14 07:13 - 01593374 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-13 22:31 - 2015-06-07 13:48 - 00000000 ____D C:\Users\Kateřinka\Documents\Automatická kresba
2016-07-13 06:48 - 2016-05-16 19:09 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-07-13 06:46 - 2011-12-18 22:43 - 00000000 ____D C:\Windows\system32\Macromed
2016-07-13 06:46 - 2010-08-27 10:23 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-06-30 22:21 - 2014-06-21 20:06 - 00000000 ____D C:\Users\Kateřinka\Documents\Knihy Walker
2016-06-30 22:01 - 2015-11-14 16:24 - 00000000 ____D C:\Users\Kateřinka\Documents\Foto mobil carta camera
2016-06-30 22:01 - 2015-11-14 16:14 - 00000000 ____D C:\Users\Kateřinka\Documents\foto mobil carta
2016-06-30 22:01 - 2014-12-11 22:48 - 00000000 ____D C:\Users\Kateřinka\Documents\Flash černá vysouvací
2016-06-29 20:21 - 2016-04-13 07:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2016-06-27 07:24 - 2012-05-08 18:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-06-26 07:46 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2016-06-26 07:43 - 2011-04-04 17:40 - 00000000 ____D C:\Users\Kateřinka\AppData\Local\ElevatedDiagnostics
2016-06-24 07:33 - 2012-10-28 18:29 - 00000000 ____D C:\Users\Kateřinka\Documents\Drive Green
2016-06-24 07:33 - 2012-05-26 22:23 - 01035776 ___SH C:\Users\Kateřinka\Documents\Thumbs.db
2016-06-23 09:52 - 2016-04-12 07:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-06-21 12:13 - 2012-03-04 19:28 - 00485032 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-06-19 21:26 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2016-06-18 16:04 - 2011-06-02 07:28 - 00002167 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-18 10:39 - 2009-07-14 06:45 - 00417056 _____ C:\Windows\system32\FNTCACHE.DAT
2016-06-18 10:32 - 2014-12-12 19:40 - 00000000 ____D C:\Windows\system32\appraiser
2016-06-18 09:57 - 2013-07-30 07:06 - 00000000 ____D C:\Windows\system32\MRT
2016-06-18 09:38 - 2011-04-06 21:01 - 142482544 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Files in the root of some directories =======

2014-05-03 10:38 - 2014-05-03 10:38 - 0007833 _____ () C:\Users\Kateřinka\AppData\Roaming\ezplay.cat
2014-05-03 10:38 - 2014-05-03 10:38 - 0001126 _____ () C:\Users\Kateřinka\AppData\Roaming\ezplay.inf
2014-05-03 10:38 - 2014-05-03 10:38 - 0000125 _____ () C:\Users\Kateřinka\AppData\Roaming\ezplay.ini
2014-05-03 10:39 - 2014-05-03 10:39 - 0000034 _____ () C:\Users\Kateřinka\AppData\Roaming\ezplay.log
2014-05-03 10:38 - 2014-05-03 10:38 - 0118400 _____ (VSO Software) C:\Users\Kateřinka\AppData\Roaming\ezplay.sys
2014-07-10 13:23 - 2014-07-10 14:48 - 0000000 _____ () C:\Users\Kateřinka\AppData\Roaming\FileIn.cns
2014-07-10 13:23 - 2014-07-10 14:48 - 0000000 _____ () C:\Users\Kateřinka\AppData\Roaming\FileOut.cns
2014-05-03 10:38 - 2015-01-03 13:28 - 0099384 _____ () C:\Users\Kateřinka\AppData\Roaming\inst.exe
2014-05-03 10:38 - 2015-01-03 13:28 - 0007859 _____ () C:\Users\Kateřinka\AppData\Roaming\pcouffin.cat
2014-05-03 10:38 - 2015-01-03 13:28 - 0001167 _____ () C:\Users\Kateřinka\AppData\Roaming\pcouffin.inf
2014-05-03 10:38 - 2015-01-03 13:28 - 0000055 _____ () C:\Users\Kateřinka\AppData\Roaming\pcouffin.log
2014-05-03 10:38 - 2015-01-03 13:28 - 0082816 _____ (VSO Software) C:\Users\Kateřinka\AppData\Roaming\pcouffin.sys
2014-11-24 21:46 - 2014-11-24 21:46 - 0599726 _____ () C:\Users\Kateřinka\AppData\Roaming\Scorch_Install.log
2013-10-27 20:08 - 2013-10-27 20:08 - 0004608 _____ () C:\Users\Kateřinka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-04-08 22:07 - 2011-04-08 22:07 - 0000078 _____ () C:\ProgramData\lmab.log

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-07-08 19:23

==================== End of FRST.txt ============================

#4 Příspěvek od **Rudy** » 17 črc 2016 10:12

Teď spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

Kaminek · #5 Příspěvek od **Kaminek** » 17 črc 2016 12:04

Ještě raděj blbuvzdorně, po "Clean" se vypsal tento log.
Dle instrukcí mám dát "čištění"? Nebo mám čekat co Vy na to?
jen aby nebylo něco blbě...

# AdwCleaner v5.201 - Log vytvořen 17/07/2016 v 11:47:57
# Aktualizováno 30/06/2016 by ToolsLib
# Databáze : 2016-07-16.1 [Server]
# Operační system : Windows 7 Home Premium Service Pack 1 (X64)
# Uživatelské jméno : Kateřinka - KAT-PC
# Spuštěno z : C:\Users\Kateřinka\Downloads\adwcleaner_5.201.exe
# Nastavení : Sken
# Podpora : https://toolslib.net/forum

***** [ Služby ] *****

Služba Nalezeno : WtuSystemSupport
Služba Nalezeno : vToolbarUpdater40.3.1

***** [ Složky ] *****

Složka Nalezeno : C:\ProgramData\apn
Složka Nalezeno : C:\ProgramData\Ask
Složka Nalezeno : C:\ProgramData\AVG Secure Search
Složka Nalezeno : C:\ProgramData\AVG Security Toolbar
Složka Nalezeno : C:\ProgramData\Browser Manager
Složka Nalezeno : C:\ProgramData\avg web tuneup
Složka Nalezeno : C:\ProgramData\Application Data\apn
Složka Nalezeno : C:\ProgramData\Application Data\Ask
Složka Nalezeno : C:\ProgramData\Application Data\AVG Secure Search
Složka Nalezeno : C:\ProgramData\Application Data\AVG Security Toolbar
Složka Nalezeno : C:\ProgramData\Application Data\Browser Manager
Složka Nalezeno : C:\ProgramData\Application Data\avg web tuneup
Složka Nalezeno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
Složka Nalezeno : C:\Program Files (x86)\AVG Secure Search
Složka Nalezeno : C:\Program Files (x86)\myfree codec
Složka Nalezeno : C:\Program Files (x86)\Search Results Toolbar
Složka Nalezeno : C:\Program Files (x86)\avg web tuneup
Složka Nalezeno : C:\Program Files (x86)\Common Files\AVG Secure Search
Složka Nalezeno : C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\AVG Secure Search
Složka Nalezeno : C:\Users\Kateřinka\AppData\Local\AVG Secure Search
Složka Nalezeno : C:\Users\Kateřinka\AppData\Local\b1e
Složka Nalezeno : C:\Users\Kateřinka\AppData\Local\avg web tuneup
Složka Nalezeno : C:\Users\Kateřinka\AppData\Roaming\B1Toolbar
Složka Nalezeno : C:\Users\Kateřinka\AppData\Roaming\b1toolbar
Složka Nalezeno : C:\Users\Kateřinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn
Složka Nalezeno : C:\Program Files\Common Files\AVG Secure Search

***** [ Soubory ] *****

Soubor Nalezeno : C:\Users\Kateřinka\AppData\Roaming\Mozilla\Firefox\Profiles\d43fnyuk.default\extensions\{C4A4F5A0-4B89-4392-AFAC-D58010E349AF}.xpi
Soubor Nalezeno : C:\Users\Kateřinka\AppData\Roaming\Mozilla\Firefox\Profiles\d43fnyuk.default\extensions\Avg@toolbar.xpi
Soubor Nalezeno : C:\Users\Kateřinka\AppData\Roaming\Mozilla\Firefox\Profiles\d43fnyuk.default\searchplugins\avg-secure-search.xml
Soubor Nalezeno : C:\Users\Kateřinka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_aaaaadgepjkdffhjbkfjgnnffnfcffbg_0.localstorage
Soubor Nalezeno : C:\Users\Kateřinka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aaaaadgepjkdffhjbkfjgnnffnfcffbg

***** [ DLL ] *****

***** [ WMI ] *****

***** [ Zástupci ] *****

***** [ Naplánované úlohy ] *****

***** [ Registry ] *****

Klíč Nalezeno : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Klíč Nalezeno : HKLM\SOFTWARE\Clients\StartMenuInternet\Torch
Klíč Nalezeno : HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
Klíč Nalezeno : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Applications\iLividSetup-r757-n-bf.exe
Klíč Nalezeno : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaadgepjkdffhjbkfjgnnffnfcffbg
Klíč Nalezeno : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaadgepjkdffhjbkfjgnnffnfcffbg
Klíč Nalezeno : HKCU\Software\Google\Chrome\Extensions\chfdnecihphmhljaaejmgoiahnihplgn
Klíč Nalezeno : HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd
Klíč Nalezeno : HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1
Klíč Nalezeno : HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi
Klíč Nalezeno : HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi.1
Klíč Nalezeno : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Klíč Nalezeno : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Klíč Nalezeno : HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj
Klíč Nalezeno : HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj.1
Klíč Nalezeno : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Klíč Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{4BC8AD89-AC5F-4DBD-A38F-C355C7DD33D7}
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíč Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíč Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Klíč Nalezeno : HKCU\Software\ilivid
Klíč Nalezeno : HKCU\Software\torch
Klíč Nalezeno : HKLM\SOFTWARE\iLividSRTB
Klíč Nalezeno : HKLM\SOFTWARE\PIP
Klíč Nalezeno : HKLM\SOFTWARE\torch
Klíč Nalezeno : HKLM\SOFTWARE\AVG Tuneup
Klíč Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}
Klíč Nalezeno : HKU\.DEFAULT\Software\AVG Secure Search
Klíč Nalezeno : HKU\S-1-5-21-458667207-1595923144-4194804358-1000\Software\ilivid
Klíč Nalezeno : HKU\S-1-5-21-458667207-1595923144-4194804358-1000\Software\torch
Klíč Nalezeno : HKU\S-1-5-18\Software\AVG Secure Search
Data Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxps://mysearch.avg.com/?cid={5FCE7C4A-8745-443C-96F1-4ECB5FBC3A7B}&mid=449453daadfd47d089864b4908c104d5-0c8e85403c5a5c6d28b2a03e65c50c8123759241&lang=cs&ds=AVG&coid=avgtbavg&cmpid=1215av&pr=fr&d=2015-12-10 08:01:30&v=4.2.8.608&pid=wtu&sg=&sap=hp
Data Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page] - hxxp://search.b1.org/?bsrc=hmior&chid=c167991
Data Nalezeno : HKU\S-1-5-21-458667207-1595923144-4194804358-1000\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxps://mysearch.avg.com/?cid={5FCE7C4A-8745-443C-96F1-4ECB5FBC3A7B}&mid=449453daadfd47d089864b4908c104d5-0c8e85403c5a5c6d28b2a03e65c50c8123759241&lang=cs&ds=AVG&coid=avgtbavg&cmpid=1215av&pr=fr&d=2015-12-10 08:01:30&v=4.2.8.608&pid=wtu&sg=&sap=hp
Data Nalezeno : HKU\S-1-5-21-458667207-1595923144-4194804358-1000\Software\Microsoft\Internet Explorer\Main [Search Page] - hxxp://search.b1.org/?bsrc=hmior&chid=c167991
Klíč Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Data Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - {95B7759C-8C7F-4BF1-B163-73684A933233}
Klíč Nalezeno : HKU\S-1-5-21-458667207-1595923144-4194804358-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Data Nalezeno : HKU\S-1-5-21-458667207-1595923144-4194804358-1000\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - {95B7759C-8C7F-4BF1-B163-73684A933233}
Hodnota Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]

***** [ Prohlížeče ] *****

[C:\Users\Kateřinka\AppData\Roaming\Mozilla\Firefox\Profiles\d43fnyuk.default\prefs.js] Nalezeno : user_pref("extensions.toolbar.mindspark.hp.enabled", false);
[C:\Users\Kateřinka\AppData\Roaming\Mozilla\Firefox\Profiles\d43fnyuk.default\prefs.js] Nalezeno : user_pref("extensions.toolbar.mindspark.lastInstalled", "onlinemapfinder@mindspark.com");
[C:\Users\Kateřinka\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Nalezeno : search-results.com
[C:\Users\Kateřinka\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Nalezeno : hxxp://www.searchnu.com/406?appid=757
[C:\Users\Kateřinka\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Nalezeno : aaaaadgepjkdffhjbkfjgnnffnfcffbg
[C:\Users\Kateřinka\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Nalezeno : chfdnecihphmhljaaejmgoiahnihplgn

*************************

C:\AdwCleaner\AdwCleaner[S1].txt - [8978 bytů] - [17/07/2016 11:47:57]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [9051 bytů] ##########

#6 Příspěvek od **Rudy** » 17 črc 2016 12:21

V ADW jste neklikl na >vyčistit<. ADW nemazal. Zkuste spustit ještě jednou.

Kaminek · #7 Příspěvek od **Kaminek** » 17 črc 2016 12:37

ano, tady log po smazání a restartu PC:

# AdwCleaner v5.201 - Log vytvořen 17/07/2016 v 13:20:15
# Aktualizováno 30/06/2016 by ToolsLib
# Databáze : 2016-07-16.1 [Server]
# Operační system : Windows 7 Home Premium Service Pack 1 (X64)
# Uživatelské jméno : Kateřinka - KAT-PC
# Spuštěno z : C:\Users\Kateřinka\Downloads\adwcleaner_5.201.exe
# Nastavení : Čištění
# Podpora : https://toolslib.net/forum

***** [ Služby ] *****

[-] Služba Smazáno : WtuSystemSupport
[-] Služba Smazáno : vToolbarUpdater40.3.1

***** [ Složky ] *****

[-] Složka Smazáno : C:\ProgramData\apn
[-] Složka Smazáno : C:\ProgramData\Ask
[-] Složka Smazáno : C:\ProgramData\AVG Secure Search
[-] Složka Smazáno : C:\ProgramData\AVG Security Toolbar
[+] Složka Smazáno : C:\ProgramData\Browser Manager
[-] Složka Smazáno : C:\ProgramData\avg web tuneup
[#] Složka Smazáno : C:\ProgramData\Application Data\apn
[#] Složka Smazáno : C:\ProgramData\Application Data\Ask
[#] Složka Smazáno : C:\ProgramData\Application Data\AVG Secure Search
[#] Složka Smazáno : C:\ProgramData\Application Data\AVG Security Toolbar
[#] Složka Smazáno : C:\ProgramData\Application Data\Browser Manager
[#] Složka Smazáno : C:\ProgramData\Application Data\avg web tuneup
[-] Složka Smazáno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
[-] Složka Smazáno : C:\Program Files (x86)\AVG Secure Search
[-] Složka Smazáno : C:\Program Files (x86)\myfree codec
[-] Složka Smazáno : C:\Program Files (x86)\Search Results Toolbar
[-] Složka Smazáno : C:\Program Files (x86)\avg web tuneup
[-] Složka Smazáno : C:\Program Files (x86)\Common Files\AVG Secure Search
[-] Složka Smazáno : C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\AVG Secure Search
[-] Složka Smazáno : C:\Users\Kateřinka\AppData\Local\AVG Secure Search
[-] Složka Smazáno : C:\Users\Kateřinka\AppData\Local\b1e
[-] Složka Smazáno : C:\Users\Kateřinka\AppData\Local\avg web tuneup
[-] Složka Smazáno : C:\Users\Kateřinka\AppData\Roaming\B1Toolbar
[#] Složka Smazáno : C:\Users\Kateřinka\AppData\Roaming\b1toolbar
[-] Složka Smazáno : C:\Users\Kateřinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn
[-] Složka Smazáno : C:\Program Files\Common Files\AVG Secure Search

***** [ Soubory ] *****

[-] Soubor Smazáno : C:\Users\Kateřinka\AppData\Roaming\Mozilla\Firefox\Profiles\d43fnyuk.default\extensions\{C4A4F5A0-4B89-4392-AFAC-D58010E349AF}.xpi
[-] Soubor Smazáno : C:\Users\Kateřinka\AppData\Roaming\Mozilla\Firefox\Profiles\d43fnyuk.default\extensions\Avg@toolbar.xpi
[-] Soubor Smazáno : C:\Users\Kateřinka\AppData\Roaming\Mozilla\Firefox\Profiles\d43fnyuk.default\searchplugins\avg-secure-search.xml
[-] Soubor Smazáno : C:\Users\Kateřinka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_aaaaadgepjkdffhjbkfjgnnffnfcffbg_0.localstorage
[-] Soubor Smazáno : C:\Users\Kateřinka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aaaaadgepjkdffhjbkfjgnnffnfcffbg

***** [ DLLs ] *****

***** [ WMI ] *****

***** [ Zástupci ] *****

***** [ Naplánované úlohy ] *****

***** [ Registry ] *****

[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
[-] Klíč Smazáno : HKLM\SOFTWARE\Clients\StartMenuInternet\Torch
[-] Klíč Smazáno : HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
[-] Klíč Smazáno : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Applications\iLividSetup-r757-n-bf.exe
[-] Klíč Smazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaadgepjkdffhjbkfjgnnffnfcffbg
[-] Klíč Smazáno : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaadgepjkdffhjbkfjgnnffnfcffbg
[-] Klíč Smazáno : HKCU\Software\Google\Chrome\Extensions\chfdnecihphmhljaaejmgoiahnihplgn
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi.1
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj.1
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
[-] Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{4BC8AD89-AC5F-4DBD-A38F-C355C7DD33D7}
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Klíč Smazáno : HKCU\Software\ilivid
[-] Klíč Smazáno : HKCU\Software\torch
[-] Klíč Smazáno : HKLM\SOFTWARE\iLividSRTB
[-] Klíč Smazáno : HKLM\SOFTWARE\PIP
[-] Klíč Smazáno : HKLM\SOFTWARE\torch
[-] Klíč Smazáno : HKLM\SOFTWARE\AVG Tuneup
[-] Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}
[-] Klíč Smazáno : HKU\.DEFAULT\Software\AVG Secure Search
[-] Data Obnoveno : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Obnoveno : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
[-] Data Obnoveno : HKU\S-1-5-21-458667207-1595923144-4194804358-1000\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Obnoveno : HKU\S-1-5-21-458667207-1595923144-4194804358-1000\Software\Microsoft\Internet Explorer\Main [Search Page]
[-] Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Data Obnoveno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Data Obnoveno : HKU\S-1-5-21-458667207-1595923144-4194804358-1000\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Hodnota Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]

***** [ Prohlížeče ] *****

[-] [C:\Users\Kateřinka\AppData\Roaming\Mozilla\Firefox\Profiles\d43fnyuk.default\prefs.js] Smazáno : user_pref("extensions.toolbar.mindspark.hp.enabled", false);
[-] [C:\Users\Kateřinka\AppData\Roaming\Mozilla\Firefox\Profiles\d43fnyuk.default\prefs.js] Smazáno : user_pref("extensions.toolbar.mindspark.lastInstalled", "onlinemapfinder@mindspark.com");
[-] [C:\Users\Kateřinka\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Smazáno : search-results.com
[-] [C:\Users\Kateřinka\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Smazáno : hxxp://www.searchnu.com/406?appid=757
[-] [C:\Users\Kateřinka\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Smazáno : aaaaadgepjkdffhjbkfjgnnffnfcffbg
[-] [C:\Users\Kateřinka\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Smazáno : chfdnecihphmhljaaejmgoiahnihplgn

*************************

:: "Tracing" klíče smazány
:: Nastavení Winsock vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [8360 bytů] - [17/07/2016 13:20:15]
C:\AdwCleaner\AdwCleaner[S1].txt - [9134 bytů] - [17/07/2016 11:47:57]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [8506 bytů] ##########

#8 Příspěvek od **Rudy** » 17 črc 2016 16:10

Teď je to v pořádku. Dejte nový log FRST.

Kaminek · #9 Příspěvek od **Kaminek** » 17 črc 2016 20:59

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-07-2016 03
Ran by Kateřinka (administrator) on KAT-PC (17-07-2016 19:59:02)
Running from C:\Users\Kateřinka\Downloads
Loaded Profiles: Kateřinka (Available Profiles: Kateřinka)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
(Software602 a.s.) C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgfwsa.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Acer Group) C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\Windows\splwow64.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11057768 2010-07-06] (Realtek Semiconductor)
HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [649608 2010-04-13] (ELAN Microelectronic Corp.)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [861216 2010-06-12] (Acer Incorporated)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [462712 2012-03-09] ()
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-04-13] (Intel Corporation)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [975952 2010-08-10] (Dritek System Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [6723856 2016-06-29] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [186640 2016-06-21] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-458667207-1595923144-4194804358-1000\...\Run: [EEDSpeedLauncher] => rundll32.exe C:\Windows\system32\eed_ec.dll,SpeedLauncher
HKU\S-1-5-18\...\Run: [EEDSpeedLauncher] => rundll32.exe C:\Windows\system32\eed_ec.dll,SpeedLauncher

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 91.225.84.26 91.225.84.30 8.8.8.8
Tcpip\..\Interfaces\{3C77AD8E-3438-4BCB-B94C-42FFCE31B94D}: [DhcpNameServer] 91.225.84.26 91.225.84.30 8.8.8.8

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-458667207-1595923144-4194804358-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-458667207-1595923144-4194804358-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-458667207-1595923144-4194804358-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2013-05-13] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-05-13] (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO-x32: Pomocník pro přihlášení ke službě Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-04-05] (Sun Microsystems, Inc.)
Toolbar: HKU\S-1-5-21-458667207-1595923144-4194804358-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {A8F2B9BD-A6A0-486A-9744-18920D898429} hxxp://www.sibelius.com/download/software/win/ ... Plugin.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Kateřinka\AppData\Roaming\Mozilla\Firefox\Profiles\d43fnyuk.default
FF SearchEngineOrder.1: Search Results
FF SelectedSearchEngine: Google
FF Homepage: hxxp://seznam.cz
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-13] ()
FF Plugin: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\system32\npDeployJava1.dll [2013-05-13] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-05-13] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-13] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2011-03-24] (Google)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll [2011-04-05] (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-04-16] (Microsoft Corporation)
FF Plugin-x32: @software602.cz/602XML Filler -> C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll [2012-08-06] (Software602 a.s.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-06-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-458667207-1595923144-4194804358-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Kateřinka\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-11-07] (Unity Technologies ApS)
FF user.js: detected! => C:\Users\Kateřinka\AppData\Roaming\Mozilla\Firefox\Profiles\d43fnyuk.default\user.js [2016-04-13]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-06-23] (Adobe Systems Inc.)
FF Extension: AniWeather - C:\Users\Kateřinka\AppData\Roaming\Mozilla\Firefox\Profiles\d43fnyuk.default\extensions\{4176DFF4-4698-11DE-BEEB-45DA55D89593}.xpi [2016-04-28]

Chrome:
=======
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\pdf.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\gcswf32.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll => No File
CHR Plugin: (Java Deployment Toolkit 6.0.240.7) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U24) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll => No File
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll => No File
CHR Profile: C:\Users\Kateřinka\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Kateřinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-10]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s.)
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [637944 2016-06-29] (AVG Technologies CZ, s.r.o.)
R2 avgfws; C:\Program Files (x86)\AVG\Av\avgfwsa.exe [2007608 2016-06-29] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5251808 2016-06-29] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1080080 2016-06-21] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [712792 2016-06-29] (AVG Technologies CZ, s.r.o.)
R2 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [868896 2010-06-12] (Acer Incorporated)
R2 GREGService; C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [23584 2010-01-08] (Acer Incorporated)
S3 lmab_device; C:\Windows\SysWOW64\LMabcoms.exe [452608 2005-06-14] () [File not signed]
R2 NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe [255744 2010-06-29] (NewTech Infosystems, Inc.)
R2 Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [243232 2010-01-29] (Acer Group)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [163072 2016-05-13] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [73480 2016-06-06] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [310016 2016-06-09] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [261376 2016-06-01] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [260352 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [249088 2016-06-02] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [52992 2016-06-01] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [280320 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 Avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [76544 2016-06-01] (AVG Technologies CZ, s.r.o.)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 ezplay; C:\Windows\System32\Drivers\ezplay.sys [118400 2014-05-03] (VSO Software)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-04-18] () [File not signed]
S3 s0016bus; C:\Windows\System32\DRIVERS\s0016bus.sys [115240 2008-05-16] (MCCI Corporation)
S3 s0016mdfl; C:\Windows\System32\DRIVERS\s0016mdfl.sys [19496 2008-05-16] (MCCI Corporation)
S3 s0016mdm; C:\Windows\System32\DRIVERS\s0016mdm.sys [158760 2008-05-16] (MCCI Corporation)
S3 s0016mgmt; C:\Windows\System32\DRIVERS\s0016mgmt.sys [137256 2008-05-16] (MCCI Corporation)
S3 s0016nd5; C:\Windows\System32\DRIVERS\s0016nd5.sys [34344 2008-05-16] (MCCI Corporation)
S3 s0016obex; C:\Windows\System32\DRIVERS\s0016obex.sys [136744 2008-05-16] (MCCI Corporation)
S3 s0016unic; C:\Windows\System32\DRIVERS\s0016unic.sys [151592 2008-05-16] (MCCI Corporation)
U5 usbser; C:\Windows\System32\Drivers\usbser.sys [33280 2013-08-29] (Microsoft Corporation)
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]
S1 SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-17 19:59 - 2016-07-17 20:11 - 00016763 _____ C:\Users\Kateřinka\Downloads\FRST.txt
2016-07-17 19:54 - 2016-07-17 19:56 - 00000000 ____D C:\Users\Kateřinka\Downloads\FRST-OlderVersion
2016-07-17 11:40 - 2016-07-17 13:20 - 00000000 ____D C:\AdwCleaner
2016-07-17 11:35 - 2016-07-17 11:39 - 03712064 _____ C:\Users\Kateřinka\Downloads\adwcleaner_5.201.exe
2016-07-16 22:45 - 2016-07-16 22:51 - 00040572 _____ C:\Users\Kateřinka\Downloads\Addition.txt
2016-07-16 21:48 - 2016-07-17 19:59 - 00000000 ____D C:\FRST
2016-07-16 21:46 - 2016-07-17 19:54 - 02391040 _____ (Farbar) C:\Users\Kateřinka\Downloads\FRST64.exe
2016-07-16 16:23 - 2016-07-16 16:23 - 00388608 _____ (Trend Micro Inc.) C:\Users\Kateřinka\Downloads\hijackthis.exe
2016-07-15 22:48 - 2016-07-15 22:49 - 00184426 _____ C:\Windows\ntbtlog.txt
2016-07-15 21:29 - 2016-07-15 21:29 - 00003408 ____N C:\bootsqm.dat
2016-07-13 06:46 - 2016-07-14 15:09 - 19527360 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2016-06-28 16:27 - 2016-06-30 20:51 - 00000000 ____D C:\Users\Kateřinka\Documents\Byliny
2016-06-27 18:49 - 2016-06-29 20:21 - 00000862 _____ C:\Users\Public\Desktop\AVG.lnk
2016-06-19 14:15 - 2016-06-19 14:15 - 00150010 _____ C:\Users\Kateřinka\Downloads\rpttab5020001.pdf
2016-06-19 14:15 - 2016-06-19 14:15 - 00150010 _____ C:\Users\Kateřinka\Downloads\rpttab5020001(2).pdf
2016-06-19 14:15 - 2016-06-19 14:15 - 00150010 _____ C:\Users\Kateřinka\Downloads\rpttab5020001(1).pdf
2016-06-17 16:58 - 2016-05-18 18:10 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-06-17 16:58 - 2016-05-18 18:09 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-06-17 16:58 - 2016-05-12 19:20 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-06-17 16:58 - 2016-05-12 19:20 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-06-17 16:58 - 2016-05-12 19:15 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-06-17 16:58 - 2016-05-12 19:15 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-06-17 16:58 - 2016-05-12 19:15 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-06-17 16:58 - 2016-05-12 19:15 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-06-17 16:58 - 2016-05-12 19:15 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-06-17 16:58 - 2016-05-12 19:14 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-06-17 16:58 - 2016-05-12 19:14 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-06-17 16:58 - 2016-05-12 19:14 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-06-17 16:58 - 2016-05-12 19:14 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-06-17 16:58 - 2016-05-12 19:14 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-06-17 16:58 - 2016-05-12 19:14 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-06-17 16:58 - 2016-05-12 19:14 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-06-17 16:58 - 2016-05-12 19:14 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-06-17 16:58 - 2016-05-12 19:14 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-06-17 16:58 - 2016-05-12 19:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-06-17 16:58 - 2016-05-12 19:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-06-17 16:58 - 2016-05-12 19:14 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-06-17 16:58 - 2016-05-12 19:14 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-06-17 16:58 - 2016-05-12 19:14 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-06-17 16:58 - 2016-05-12 17:18 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-06-17 16:58 - 2016-05-12 17:18 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-06-17 16:58 - 2016-05-12 17:18 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-06-17 16:58 - 2016-05-12 17:18 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-06-17 16:58 - 2016-05-12 17:18 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-06-17 16:58 - 2016-05-12 17:18 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-06-17 16:58 - 2016-05-12 17:18 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-06-17 16:58 - 2016-05-12 17:18 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-06-17 16:58 - 2016-05-12 17:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-06-17 16:58 - 2016-05-12 17:18 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-06-17 16:58 - 2016-05-12 17:18 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-06-17 16:58 - 2016-05-12 17:18 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-06-17 16:58 - 2016-05-12 17:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-06-17 16:58 - 2016-05-12 17:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-06-17 16:58 - 2016-05-12 17:18 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-06-17 16:58 - 2016-05-12 17:18 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-06-17 16:58 - 2016-05-12 17:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-06-17 16:58 - 2016-05-12 16:58 - 00464896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-06-17 16:58 - 2016-05-12 16:58 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-06-17 16:58 - 2016-05-12 16:58 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-06-17 16:58 - 2016-05-12 16:58 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-06-17 16:58 - 2016-05-12 16:58 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-06-17 16:58 - 2016-05-12 16:58 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-06-17 16:58 - 2016-05-12 16:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-06-17 16:58 - 2016-05-12 16:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-06-17 16:58 - 2016-05-12 16:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-06-17 16:58 - 2016-05-12 15:05 - 00459640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-06-17 16:58 - 2016-05-12 15:05 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2016-06-17 16:58 - 2016-05-12 15:04 - 00249352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2016-06-17 16:57 - 2016-06-06 18:58 - 00041704 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-06-17 16:57 - 2016-06-06 18:50 - 01204224 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-06-17 16:57 - 2016-06-03 15:05 - 01413120 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-06-17 16:57 - 2016-05-27 15:06 - 00569856 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-06-17 16:57 - 2016-05-27 15:06 - 00544256 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-06-17 16:57 - 2016-05-27 15:06 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-06-17 16:57 - 2016-05-27 15:06 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-06-17 16:57 - 2016-05-22 15:06 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-06-17 16:57 - 2016-05-14 00:15 - 00382184 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-06-17 16:57 - 2016-05-14 00:09 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-06-17 16:57 - 2016-05-14 00:09 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-06-17 16:57 - 2016-05-14 00:09 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-06-17 16:57 - 2016-05-14 00:09 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-06-17 16:57 - 2016-05-13 23:54 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-06-17 16:57 - 2016-05-13 23:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-06-17 16:57 - 2016-05-13 23:49 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-06-17 16:57 - 2016-05-13 23:49 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-06-17 16:57 - 2016-05-13 23:27 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-06-17 16:57 - 2016-05-12 19:15 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\winipsec.dll
2016-06-17 16:57 - 2016-05-12 19:14 - 00794624 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2016-06-17 16:57 - 2016-05-12 19:14 - 00502272 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2016-06-17 16:57 - 2016-05-12 19:14 - 00373760 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2016-06-17 16:57 - 2016-05-12 19:14 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2016-06-17 16:57 - 2016-05-12 19:14 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2016-06-17 16:57 - 2016-05-12 17:18 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\polstore.dll
2016-06-17 16:57 - 2016-05-12 17:18 - 00079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2016-06-17 16:57 - 2016-05-12 17:18 - 00070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winipsec.dll
2016-06-17 16:57 - 2016-05-12 17:18 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FwRemoteSvr.dll
2016-06-17 16:57 - 2016-05-12 17:03 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-06-17 16:57 - 2016-05-11 19:02 - 00483840 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2016-06-17 16:57 - 2016-05-11 19:02 - 00444928 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-06-17 16:57 - 2016-05-11 19:02 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2016-06-17 16:57 - 2016-05-11 19:02 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2016-06-17 16:57 - 2016-05-11 17:19 - 00363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2016-06-17 16:57 - 2016-05-11 17:19 - 00351744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2016-06-17 16:57 - 2016-05-11 17:19 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2016-06-17 16:57 - 2016-05-11 17:19 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll
2016-06-17 16:57 - 2016-05-11 17:11 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2016-06-17 16:57 - 2016-05-11 17:01 - 00026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netbtugc.exe
2016-06-17 16:57 - 2016-05-11 16:58 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2016-06-17 16:57 - 2016-04-09 08:58 - 14186496 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-06-17 16:57 - 2016-04-09 08:57 - 01867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-06-17 16:57 - 2016-04-09 08:54 - 12881408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-06-17 16:57 - 2016-04-09 08:54 - 01499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-06-17 16:57 - 2016-04-09 07:53 - 03231232 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-06-17 16:57 - 2016-04-09 07:44 - 02973184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-06-17 16:57 - 2016-03-09 21:00 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2016-06-17 16:57 - 2016-03-09 20:40 - 00316416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2016-06-17 16:56 - 2016-05-24 01:37 - 00394960 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-06-17 16:56 - 2016-05-24 00:54 - 00346312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-06-17 16:56 - 2016-05-21 19:28 - 25802752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-06-17 16:56 - 2016-05-21 18:57 - 20341248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-06-17 16:56 - 2016-05-21 00:27 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-06-17 16:56 - 2016-05-21 00:27 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-06-17 16:56 - 2016-05-21 00:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-06-17 16:56 - 2016-05-21 00:10 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-06-17 16:56 - 2016-05-21 00:09 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-06-17 16:56 - 2016-05-21 00:09 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-06-17 16:56 - 2016-05-21 00:09 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-06-17 16:56 - 2016-05-21 00:08 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-06-17 16:56 - 2016-05-21 00:08 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-06-17 16:56 - 2016-05-21 00:02 - 06051328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-06-17 16:56 - 2016-05-21 00:00 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-06-17 16:56 - 2016-05-20 23:59 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-06-17 16:56 - 2016-05-20 23:57 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-06-17 16:56 - 2016-05-20 23:57 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-06-17 16:56 - 2016-05-20 23:57 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-06-17 16:56 - 2016-05-20 23:56 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-06-17 16:56 - 2016-05-20 23:56 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-06-17 16:56 - 2016-05-20 23:55 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-06-17 16:56 - 2016-05-20 23:54 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-06-17 16:56 - 2016-05-20 23:54 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-06-17 16:56 - 2016-05-20 23:54 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-06-17 16:56 - 2016-05-20 23:54 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-06-17 16:56 - 2016-05-20 23:50 - 02287104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-06-17 16:56 - 2016-05-20 23:49 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-06-17 16:56 - 2016-05-20 23:48 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-06-17 16:56 - 2016-05-20 23:45 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-06-17 16:56 - 2016-05-20 23:45 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-06-17 16:56 - 2016-05-20 23:44 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-06-17 16:56 - 2016-05-20 23:44 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-06-17 16:56 - 2016-05-20 23:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-06-17 16:56 - 2016-05-20 23:41 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-06-17 16:56 - 2016-05-20 23:33 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-06-17 16:56 - 2016-05-20 23:33 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-06-17 16:56 - 2016-05-20 23:32 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-06-17 16:56 - 2016-05-20 23:29 - 13815808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-06-17 16:56 - 2016-05-20 23:28 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-06-17 16:56 - 2016-05-20 23:27 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-06-17 16:56 - 2016-05-20 23:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-06-17 16:56 - 2016-05-20 23:26 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-06-17 16:56 - 2016-05-20 23:25 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-06-17 16:56 - 2016-05-20 23:23 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-06-17 16:56 - 2016-05-20 23:23 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-06-17 16:56 - 2016-05-20 23:22 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-06-17 16:56 - 2016-05-20 23:21 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-06-17 16:56 - 2016-05-20 23:19 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-06-17 16:56 - 2016-05-20 23:14 - 04610048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-06-17 16:56 - 2016-05-20 23:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-06-17 16:56 - 2016-05-20 23:11 - 15420928 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-06-17 16:56 - 2016-05-20 23:11 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-06-17 16:56 - 2016-05-20 23:09 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-06-17 16:56 - 2016-05-20 23:09 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-06-17 16:56 - 2016-05-20 23:08 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-06-17 16:56 - 2016-05-20 23:08 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-06-17 16:56 - 2016-05-20 23:07 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-06-17 16:56 - 2016-05-20 23:07 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-06-17 16:56 - 2016-05-20 23:06 - 02131968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-06-17 16:56 - 2016-05-20 22:46 - 02597888 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-06-17 16:56 - 2016-05-20 22:42 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-06-17 16:56 - 2016-05-20 22:38 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-06-17 16:56 - 2016-05-20 22:38 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-06-17 16:56 - 2016-05-20 22:34 - 01544192 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-06-17 16:56 - 2016-05-20 22:23 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-06-17 16:56 - 2016-04-14 18:46 - 00114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-06-17 16:56 - 2016-04-14 18:42 - 03243520 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-06-17 16:56 - 2016-04-14 18:42 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-06-17 16:56 - 2016-04-14 18:42 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-06-17 16:56 - 2016-04-14 18:42 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-06-17 16:56 - 2016-04-14 18:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2016-06-17 16:56 - 2016-04-14 17:33 - 02365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-06-17 16:56 - 2016-04-14 17:33 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-06-17 16:56 - 2016-04-14 17:33 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2016-06-17 16:56 - 2016-04-14 17:33 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2016-06-17 16:56 - 2016-04-14 17:19 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-06-17 16:56 - 2016-04-14 17:11 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-17 20:10 - 2013-05-13 17:34 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-07-17 19:56 - 2009-07-14 06:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-07-17 19:56 - 2009-07-14 06:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-07-17 19:55 - 2012-04-01 12:37 - 00000000 ____D C:\ProgramData\MFAData
2016-07-17 19:54 - 2011-06-02 07:28 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-17 13:35 - 2015-06-07 13:48 - 00000000 ____D C:\Users\Kateřinka\Documents\Automatická kresba
2016-07-17 13:28 - 2011-06-02 07:28 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-17 13:27 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-07-17 10:24 - 2013-06-20 16:43 - 04734464 ___SH C:\Users\Kateřinka\Desktop\Thumbs.db
2016-07-17 08:56 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-07-16 23:16 - 2012-06-11 23:28 - 00000000 ____D C:\Users\Kateřinka\AppData\Roaming\vlc
2016-07-16 16:27 - 2011-03-30 23:36 - 00000000 ____D C:\Users\Kateřinka\AppData\Local\VirtualStore
2016-07-15 21:17 - 2015-08-26 18:58 - 00000000 ____D C:\Users\Kateřinka\AppData\Roaming\Audacity
2016-07-15 18:49 - 2014-03-31 10:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2016-07-14 19:24 - 2013-05-13 17:37 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2016-07-14 18:43 - 2015-10-25 14:49 - 00000000 ____D C:\Users\Kateřinka\AppData\Local\AvgSetupLog
2016-07-14 18:40 - 2012-11-08 19:34 - 00003072 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2016-07-14 15:11 - 2013-05-13 17:34 - 00004582 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-07-14 15:10 - 2013-05-13 17:34 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-07-14 15:10 - 2011-05-26 21:32 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-07-14 15:09 - 2011-01-25 09:45 - 00672424 _____ C:\Windows\system32\perfh005.dat
2016-07-14 15:09 - 2011-01-25 09:45 - 00142988 _____ C:\Windows\system32\perfc005.dat
2016-07-14 15:09 - 2009-07-14 07:13 - 01593374 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-13 06:48 - 2016-05-16 19:09 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-07-13 06:46 - 2011-12-18 22:43 - 00000000 ____D C:\Windows\system32\Macromed
2016-07-13 06:46 - 2010-08-27 10:23 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-06-30 22:21 - 2014-06-21 20:06 - 00000000 ____D C:\Users\Kateřinka\Documents\Knihy Walker
2016-06-30 22:01 - 2015-11-14 16:24 - 00000000 ____D C:\Users\Kateřinka\Documents\Foto mobil carta camera
2016-06-30 22:01 - 2015-11-14 16:14 - 00000000 ____D C:\Users\Kateřinka\Documents\foto mobil carta
2016-06-30 22:01 - 2014-12-11 22:48 - 00000000 ____D C:\Users\Kateřinka\Documents\Flash černá vysouvací
2016-06-29 20:21 - 2016-04-13 07:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2016-06-27 07:24 - 2012-05-08 18:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-06-26 07:46 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2016-06-26 07:43 - 2011-04-04 17:40 - 00000000 ____D C:\Users\Kateřinka\AppData\Local\ElevatedDiagnostics
2016-06-24 07:33 - 2012-10-28 18:29 - 00000000 ____D C:\Users\Kateřinka\Documents\Drive Green
2016-06-24 07:33 - 2012-05-26 22:23 - 01035776 ___SH C:\Users\Kateřinka\Documents\Thumbs.db
2016-06-23 09:52 - 2016-04-12 07:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-06-21 12:13 - 2012-03-04 19:28 - 00485032 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-06-19 21:26 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2016-06-18 16:04 - 2011-06-02 07:28 - 00002167 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-18 10:39 - 2009-07-14 06:45 - 00417056 _____ C:\Windows\system32\FNTCACHE.DAT
2016-06-18 10:32 - 2014-12-12 19:40 - 00000000 ____D C:\Windows\system32\appraiser
2016-06-18 09:57 - 2013-07-30 07:06 - 00000000 ____D C:\Windows\system32\MRT
2016-06-18 09:38 - 2011-04-06 21:01 - 142482544 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Files in the root of some directories =======

2014-05-03 10:38 - 2014-05-03 10:38 - 0007833 _____ () C:\Users\Kateřinka\AppData\Roaming\ezplay.cat
2014-05-03 10:38 - 2014-05-03 10:38 - 0001126 _____ () C:\Users\Kateřinka\AppData\Roaming\ezplay.inf
2014-05-03 10:38 - 2014-05-03 10:38 - 0000125 _____ () C:\Users\Kateřinka\AppData\Roaming\ezplay.ini
2014-05-03 10:39 - 2014-05-03 10:39 - 0000034 _____ () C:\Users\Kateřinka\AppData\Roaming\ezplay.log
2014-05-03 10:38 - 2014-05-03 10:38 - 0118400 _____ (VSO Software) C:\Users\Kateřinka\AppData\Roaming\ezplay.sys
2014-07-10 13:23 - 2014-07-10 14:48 - 0000000 _____ () C:\Users\Kateřinka\AppData\Roaming\FileIn.cns
2014-07-10 13:23 - 2014-07-10 14:48 - 0000000 _____ () C:\Users\Kateřinka\AppData\Roaming\FileOut.cns
2014-05-03 10:38 - 2015-01-03 13:28 - 0099384 _____ () C:\Users\Kateřinka\AppData\Roaming\inst.exe
2014-05-03 10:38 - 2015-01-03 13:28 - 0007859 _____ () C:\Users\Kateřinka\AppData\Roaming\pcouffin.cat
2014-05-03 10:38 - 2015-01-03 13:28 - 0001167 _____ () C:\Users\Kateřinka\AppData\Roaming\pcouffin.inf
2014-05-03 10:38 - 2015-01-03 13:28 - 0000055 _____ () C:\Users\Kateřinka\AppData\Roaming\pcouffin.log
2014-05-03 10:38 - 2015-01-03 13:28 - 0082816 _____ (VSO Software) C:\Users\Kateřinka\AppData\Roaming\pcouffin.sys
2014-11-24 21:46 - 2014-11-24 21:46 - 0599726 _____ () C:\Users\Kateřinka\AppData\Roaming\Scorch_Install.log
2013-10-27 20:08 - 2013-10-27 20:08 - 0004608 _____ () C:\Users\Kateřinka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-04-08 22:07 - 2011-04-08 22:07 - 0000078 _____ () C:\ProgramData\lmab.log

Some files in TEMP:
====================
C:\Users\Kateřinka\AppData\Local\Temp\libeay32.dll
C:\Users\Kateřinka\AppData\Local\Temp\msvcr120.dll
C:\Users\Kateřinka\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-07-08 19:23

==================== End of FRST.txt ============================

#10 Příspěvek od **Rudy** » 17 črc 2016 21:22

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-458667207-1595923144-4194804358-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-458667207-1595923144-4194804358-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-458667207-1595923144-4194804358-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Toolbar: HKU\S-1-5-21-458667207-1595923144-4194804358-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\pdf.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\gcswf32.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll => No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll => No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll => No File
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Users\Kateřinka\AppData\Local\Temp
End

Uložte do C:\Users\Kateřinka\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Kaminek · #11 Příspěvek od **Kaminek** » 18 črc 2016 16:41

tak vám nevím, vložilo se do toho avg, frst to shodilo, pak jsem ho deaktivovala a zkusila znovu. snad se to povedlo....
pc je rychlejší, ale cpu je pernamentně na 100%.
Ještě sem dám prntscrn plochy v raru, jak vypadá náš "správce úloh" - to taky asi není normální....
díky moc Katka
........................

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-07-2016 03
Ran by Kateřinka (administrator) on KAT-PC (18-07-2016 16:57:06)
Running from C:\Users\Kateřinka\Downloads\FRST-OlderVersion
Loaded Profiles: Kateřinka (Available Profiles: Kateřinka)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
(Software602 a.s.) C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgfwsa.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Acer Group) C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11057768 2010-07-06] (Realtek Semiconductor)
HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [649608 2010-04-13] (ELAN Microelectronic Corp.)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [861216 2010-06-12] (Acer Incorporated)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [462712 2012-03-09] ()
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-04-13] (Intel Corporation)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [975952 2010-08-10] (Dritek System Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [6723856 2016-06-29] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [186640 2016-06-21] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-458667207-1595923144-4194804358-1000\...\Run: [EEDSpeedLauncher] => rundll32.exe C:\Windows\system32\eed_ec.dll,SpeedLauncher
HKU\S-1-5-18\...\Run: [EEDSpeedLauncher] => rundll32.exe C:\Windows\system32\eed_ec.dll,SpeedLauncher

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 91.225.84.26 91.225.84.30 8.8.8.8
Tcpip\..\Interfaces\{3C77AD8E-3438-4BCB-B94C-42FFCE31B94D}: [DhcpNameServer] 91.225.84.26 91.225.84.30 8.8.8.8

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-458667207-1595923144-4194804358-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-458667207-1595923144-4194804358-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-458667207-1595923144-4194804358-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2013-05-13] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-05-13] (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO-x32: Pomocník pro přihlášení ke službě Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-04-05] (Sun Microsystems, Inc.)
Toolbar: HKU\S-1-5-21-458667207-1595923144-4194804358-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {A8F2B9BD-A6A0-486A-9744-18920D898429} hxxp://www.sibelius.com/download/software/win/ ... Plugin.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Kateřinka\AppData\Roaming\Mozilla\Firefox\Profiles\d43fnyuk.default
FF SearchEngineOrder.1: Search Results
FF SelectedSearchEngine: Google
FF Homepage: hxxp://seznam.cz
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-13] ()
FF Plugin: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\system32\npDeployJava1.dll [2013-05-13] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-05-13] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-13] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2011-03-24] (Google)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll [2011-04-05] (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-04-16] (Microsoft Corporation)
FF Plugin-x32: @software602.cz/602XML Filler -> C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll [2012-08-06] (Software602 a.s.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-06-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-458667207-1595923144-4194804358-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Kateřinka\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-11-07] (Unity Technologies ApS)
FF user.js: detected! => C:\Users\Kateřinka\AppData\Roaming\Mozilla\Firefox\Profiles\d43fnyuk.default\user.js [2016-04-13]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-06-23] (Adobe Systems Inc.)
FF Extension: AniWeather - C:\Users\Kateřinka\AppData\Roaming\Mozilla\Firefox\Profiles\d43fnyuk.default\extensions\{4176DFF4-4698-11DE-BEEB-45DA55D89593}.xpi [2016-04-28]

Chrome:
=======
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\pdf.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\gcswf32.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll => No File
CHR Plugin: (Java Deployment Toolkit 6.0.240.7) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U24) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll => No File
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll => No File
CHR Profile: C:\Users\Kateřinka\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Kateřinka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-10]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s.)
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [637944 2016-06-29] (AVG Technologies CZ, s.r.o.)
R2 avgfws; C:\Program Files (x86)\AVG\Av\avgfwsa.exe [2007608 2016-06-29] (AVG Technologies CZ, s.r.o.)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5251808 2016-06-29] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1080080 2016-06-21] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [712792 2016-06-29] (AVG Technologies CZ, s.r.o.)
R2 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [868896 2010-06-12] (Acer Incorporated)
R2 GREGService; C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [23584 2010-01-08] (Acer Incorporated)
S3 lmab_device; C:\Windows\SysWOW64\LMabcoms.exe [452608 2005-06-14] () [File not signed]
R2 NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe [255744 2010-06-29] (NewTech Infosystems, Inc.)
R2 Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [243232 2010-01-29] (Acer Group)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [163072 2016-05-13] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [73480 2016-06-06] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [310016 2016-06-09] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [261376 2016-06-01] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [260352 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [249088 2016-06-02] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [52992 2016-06-01] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [280320 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 Avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [76544 2016-06-01] (AVG Technologies CZ, s.r.o.)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 ezplay; C:\Windows\System32\Drivers\ezplay.sys [118400 2014-05-03] (VSO Software)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-04-18] () [File not signed]
S3 s0016bus; C:\Windows\System32\DRIVERS\s0016bus.sys [115240 2008-05-16] (MCCI Corporation)
S3 s0016mdfl; C:\Windows\System32\DRIVERS\s0016mdfl.sys [19496 2008-05-16] (MCCI Corporation)
S3 s0016mdm; C:\Windows\System32\DRIVERS\s0016mdm.sys [158760 2008-05-16] (MCCI Corporation)
S3 s0016mgmt; C:\Windows\System32\DRIVERS\s0016mgmt.sys [137256 2008-05-16] (MCCI Corporation)
S3 s0016nd5; C:\Windows\System32\DRIVERS\s0016nd5.sys [34344 2008-05-16] (MCCI Corporation)
S3 s0016obex; C:\Windows\System32\DRIVERS\s0016obex.sys [136744 2008-05-16] (MCCI Corporation)
S3 s0016unic; C:\Windows\System32\DRIVERS\s0016unic.sys [151592 2008-05-16] (MCCI Corporation)
U5 usbser; C:\Windows\System32\Drivers\usbser.sys [33280 2013-08-29] (Microsoft Corporation)
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]
S1 SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-18 16:44 - 2016-07-18 16:44 - 00002100 _____ C:\Users\Kateřinka\Downloads\fixlist.txt
2016-07-17 19:59 - 2016-07-18 16:48 - 00016621 _____ C:\Users\Kateřinka\Downloads\FRST.txt
2016-07-17 19:54 - 2016-07-18 16:57 - 00000000 ____D C:\Users\Kateřinka\Downloads\FRST-OlderVersion
2016-07-17 11:40 - 2016-07-17 13:20 - 00000000 ____D C:\AdwCleaner
2016-07-17 11:35 - 2016-07-17 11:39 - 03712064 _____ C:\Users\Kateřinka\Downloads\adwcleaner_5.201.exe
2016-07-16 22:45 - 2016-07-17 20:31 - 00040944 _____ C:\Users\Kateřinka\Downloads\Addition.txt
2016-07-16 21:48 - 2016-07-18 16:56 - 00000000 ____D C:\FRST
2016-07-16 16:23 - 2016-07-16 16:23 - 00388608 _____ (Trend Micro Inc.) C:\Users\Kateřinka\Downloads\hijackthis.exe
2016-07-15 22:48 - 2016-07-15 22:49 - 00184426 _____ C:\Windows\ntbtlog.txt
2016-07-15 21:29 - 2016-07-15 21:29 - 00003408 ____N C:\bootsqm.dat
2016-07-13 06:46 - 2016-07-14 15:09 - 19527360 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2016-06-28 16:27 - 2016-06-30 20:51 - 00000000 ____D C:\Users\Kateřinka\Documents\Byliny
2016-06-27 18:49 - 2016-06-29 20:21 - 00000862 _____ C:\Users\Public\Desktop\AVG.lnk
2016-06-19 14:15 - 2016-06-19 14:15 - 00150010 _____ C:\Users\Kateřinka\Downloads\rpttab5020001.pdf
2016-06-19 14:15 - 2016-06-19 14:15 - 00150010 _____ C:\Users\Kateřinka\Downloads\rpttab5020001(2).pdf
2016-06-19 14:15 - 2016-06-19 14:15 - 00150010 _____ C:\Users\Kateřinka\Downloads\rpttab5020001(1).pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-18 17:09 - 2013-05-13 17:34 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-07-18 16:54 - 2011-06-02 07:28 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-18 16:45 - 2009-07-14 06:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-07-18 16:45 - 2009-07-14 06:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-07-18 16:43 - 2012-04-01 12:37 - 00000000 ____D C:\ProgramData\MFAData
2016-07-18 16:43 - 2011-06-02 07:28 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-17 13:35 - 2015-06-07 13:48 - 00000000 ____D C:\Users\Kateřinka\Documents\Automatická kresba
2016-07-17 13:27 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-07-17 10:24 - 2013-06-20 16:43 - 04734464 ___SH C:\Users\Kateřinka\Desktop\Thumbs.db
2016-07-17 08:56 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-07-16 23:16 - 2012-06-11 23:28 - 00000000 ____D C:\Users\Kateřinka\AppData\Roaming\vlc
2016-07-16 16:27 - 2011-03-30 23:36 - 00000000 ____D C:\Users\Kateřinka\AppData\Local\VirtualStore
2016-07-15 21:17 - 2015-08-26 18:58 - 00000000 ____D C:\Users\Kateřinka\AppData\Roaming\Audacity
2016-07-15 18:49 - 2014-03-31 10:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2016-07-14 19:24 - 2013-05-13 17:37 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2016-07-14 18:43 - 2015-10-25 14:49 - 00000000 ____D C:\Users\Kateřinka\AppData\Local\AvgSetupLog
2016-07-14 18:40 - 2012-11-08 19:34 - 00003072 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2016-07-14 15:11 - 2013-05-13 17:34 - 00004582 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-07-14 15:10 - 2013-05-13 17:34 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-07-14 15:10 - 2011-05-26 21:32 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-07-14 15:09 - 2011-01-25 09:45 - 00672424 _____ C:\Windows\system32\perfh005.dat
2016-07-14 15:09 - 2011-01-25 09:45 - 00142988 _____ C:\Windows\system32\perfc005.dat
2016-07-14 15:09 - 2009-07-14 07:13 - 01593374 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-13 06:48 - 2016-05-16 19:09 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-07-13 06:46 - 2011-12-18 22:43 - 00000000 ____D C:\Windows\system32\Macromed
2016-07-13 06:46 - 2010-08-27 10:23 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-06-30 22:21 - 2014-06-21 20:06 - 00000000 ____D C:\Users\Kateřinka\Documents\Knihy Walker
2016-06-30 22:01 - 2015-11-14 16:24 - 00000000 ____D C:\Users\Kateřinka\Documents\Foto mobil carta camera
2016-06-30 22:01 - 2015-11-14 16:14 - 00000000 ____D C:\Users\Kateřinka\Documents\foto mobil carta
2016-06-30 22:01 - 2014-12-11 22:48 - 00000000 ____D C:\Users\Kateřinka\Documents\Flash černá vysouvací
2016-06-29 20:21 - 2016-04-13 07:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2016-06-27 07:24 - 2012-05-08 18:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-06-26 07:46 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2016-06-26 07:43 - 2011-04-04 17:40 - 00000000 ____D C:\Users\Kateřinka\AppData\Local\ElevatedDiagnostics
2016-06-24 07:33 - 2012-10-28 18:29 - 00000000 ____D C:\Users\Kateřinka\Documents\Drive Green
2016-06-24 07:33 - 2012-05-26 22:23 - 01035776 ___SH C:\Users\Kateřinka\Documents\Thumbs.db
2016-06-23 09:52 - 2016-04-12 07:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-06-21 12:13 - 2012-03-04 19:28 - 00485032 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-06-19 21:26 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2016-06-18 16:04 - 2011-06-02 07:28 - 00002167 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-18 10:39 - 2009-07-14 06:45 - 00417056 _____ C:\Windows\system32\FNTCACHE.DAT
2016-06-18 10:32 - 2014-12-12 19:40 - 00000000 ____D C:\Windows\system32\appraiser
2016-06-18 09:57 - 2013-07-30 07:06 - 00000000 ____D C:\Windows\system32\MRT
2016-06-18 09:38 - 2011-04-06 21:01 - 142482544 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Files in the root of some directories =======

2014-05-03 10:38 - 2014-05-03 10:38 - 0007833 _____ () C:\Users\Kateřinka\AppData\Roaming\ezplay.cat
2014-05-03 10:38 - 2014-05-03 10:38 - 0001126 _____ () C:\Users\Kateřinka\AppData\Roaming\ezplay.inf
2014-05-03 10:38 - 2014-05-03 10:38 - 0000125 _____ () C:\Users\Kateřinka\AppData\Roaming\ezplay.ini
2014-05-03 10:39 - 2014-05-03 10:39 - 0000034 _____ () C:\Users\Kateřinka\AppData\Roaming\ezplay.log
2014-05-03 10:38 - 2014-05-03 10:38 - 0118400 _____ (VSO Software) C:\Users\Kateřinka\AppData\Roaming\ezplay.sys
2014-07-10 13:23 - 2014-07-10 14:48 - 0000000 _____ () C:\Users\Kateřinka\AppData\Roaming\FileIn.cns
2014-07-10 13:23 - 2014-07-10 14:48 - 0000000 _____ () C:\Users\Kateřinka\AppData\Roaming\FileOut.cns
2014-05-03 10:38 - 2015-01-03 13:28 - 0099384 _____ () C:\Users\Kateřinka\AppData\Roaming\inst.exe
2014-05-03 10:38 - 2015-01-03 13:28 - 0007859 _____ () C:\Users\Kateřinka\AppData\Roaming\pcouffin.cat
2014-05-03 10:38 - 2015-01-03 13:28 - 0001167 _____ () C:\Users\Kateřinka\AppData\Roaming\pcouffin.inf
2014-05-03 10:38 - 2015-01-03 13:28 - 0000055 _____ () C:\Users\Kateřinka\AppData\Roaming\pcouffin.log
2014-05-03 10:38 - 2015-01-03 13:28 - 0082816 _____ (VSO Software) C:\Users\Kateřinka\AppData\Roaming\pcouffin.sys
2014-11-24 21:46 - 2014-11-24 21:46 - 0599726 _____ () C:\Users\Kateřinka\AppData\Roaming\Scorch_Install.log
2013-10-27 20:08 - 2013-10-27 20:08 - 0004608 _____ () C:\Users\Kateřinka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-04-08 22:07 - 2011-04-08 22:07 - 0000078 _____ () C:\ProgramData\lmab.log

Some files in TEMP:
====================
C:\Users\Kateřinka\AppData\Local\Temp\libeay32.dll
C:\Users\Kateřinka\AppData\Local\Temp\msvcr120.dll
C:\Users\Kateřinka\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-07-08 19:23

==================== End of FRST.txt ============================

#12 Příspěvek od **Rudy** » 18 črc 2016 17:22

Vše bylo smazáno. Taskmanager signalizuje spuštění FRST, což je v pořádku. Který proces nejvíce zatěžuje systém?

Kaminek · #13 Příspěvek od **Kaminek** » 18 črc 2016 17:44

no to já právě nevím,když se podíváte pozorně, tak tam právě procesy vůbec nejsou,chybí tam lišta i se záložkami není tam ani lišta na zavření, nejde se na nic podívat, jen na spuštěné programy. a zavírat to musím přes lištu dole, pravou myší a křížkem. to už jsme se právě chtěli podívat, co ho zatěžuje, ale není kam se podívat

Kaminek · #14 Příspěvek od **Kaminek** » 18 črc 2016 18:12

povedlo se mi to přehodit na procesy...

#15 Příspěvek od **Rudy** » 18 črc 2016 18:18

Zkuste povypínat všechna rozšíření a doplňky firefoxu.

VIRY.CZ

Notebook Packard Bell - procesor běží na 100%

Notebook Packard Bell - procesor běží na 100%

Re: Notebook Packard Bell - procesor běží na 100%

Re: Notebook Packard Bell - procesor běží na 100%

Re: Notebook Packard Bell - procesor běží na 100%

Re: Notebook Packard Bell - procesor běží na 100%

Re: Notebook Packard Bell - procesor běží na 100%

Re: Notebook Packard Bell - procesor běží na 100%

Re: Notebook Packard Bell - procesor běží na 100%

Re: Notebook Packard Bell - procesor běží na 100%

Re: Notebook Packard Bell - procesor běží na 100%

Re: Notebook Packard Bell - procesor běží na 100%

Re: Notebook Packard Bell - procesor běží na 100%

Re: Notebook Packard Bell - procesor běží na 100%

Re: Notebook Packard Bell - procesor běží na 100%

Re: Notebook Packard Bell - procesor běží na 100%