notebook se asi zbláznil, sám od sebe se probouzí + BSOD

[cocinella]

Kvůli netio.sys to bylo i poprvé, bylo to tam napsáno, než se ntb zrestartoval. To bylo při sledování seriálu, podruhé to bylo při doběhnutí kontroly a otevření prohlížeče kvůli tomu, jak dostat z programu ten log. Jinak ccleaner a nic takového nepoužívám.

Jdu teda znova spustit tu kontrolu, mám vybrat i disk D, kde mám jenom fotky atd.? V tom návodu ho zaškrknutý neměli, tak teď nevím. Předtím zaškrknutý byl a jeho prohledání trvalo většinu času z těch 4 hodin.

[Márty84]

Nechte radeji zkontrolovat i Decko. At je jistota, ze se tam neco neschovava

Pak bude potreba zkontrolovat, zda mate vsechny ovladace aktualni. Ale nejprve odstranime tu havet

[cocinella]

OK, a bude to spíš těma ovladačema, nebo nějaký hw problém? Mám tento ntb totiž krátce.

[cocinella]

Kontrola doběhla a tady je ten log: http://leteckaposta.cz/386380634
Děkuju moc za váš čas.

[Márty84]

bude to spíš těma ovladačema, nebo nějaký hw problém?

Nemyslim, ze je to HW problem, ale uplne vyloucit to zatim nemuzu. Ten notas byl zakoupeny s Windows 10?


Vsechny nalezy nechte odstranit. Po restartu pc test s MBAM zopakujte (tentokrat staci jen Sken hrozeb - bude rychlejsi), at vime, jestli se to nevraci. Napiste vysledek testu a podle nej se zaridime dale.

[cocinella]

Nene, byly tam puvodne windows 8 a po nejake aktualizaci najednou w10.
Mazani probiha, snad to pujde rychleji nez scan.

[cocinella]

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 23. 8. 2016
Čas skenování: 15:17
Protokol: scan2.txt
Správce: Ano

Verze: 2.2.1.1043
Databáze malwaru: v2016.08.23.07
Databáze rootkitů: v2016.08.15.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 10
CPU: x64
Souborový systém: NTFS
Uživatel: elisk_000

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 368756
Uplynulý čas: 21 min, 46 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 0
(Nenalezeny žádné škodlivé položky)

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

[Márty84]

Postupujte podle navodu kolegy

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

• Ulozte nejlepe na plochu
• Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
• Probehne vytvoreni zalohy a nasledne prohledavani
• Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Postupujte podle navodu kolegy

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
• Do okna vlozte skript nize

• Kód: Vybrat vše

  autoclean;
  autoclean;
  resethosts;
  emptyclsid;
  IEdefaults;
  FFdefaults;
  CHRdefaults;
  emptyIEcache;
  emptyFFcache;
  emptyCHRcache;
  emptyalltemp;
  emptyflash;
  emptyjava;
  emptyrecycle.bin;

• Nasledne kliknete na Run Script
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

[cocinella]

Tady je ten první:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.7 (07.03.2016)
Operating System: Windows 10 Home x64
Ran by elisk_000 (Administrator) on Łt 23. 08. 2016 at 20:05:03,00
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 2

Successfully deleted: C:\Users\elisk_000\AppData\Roaming\elex-tech (Folder)
Successfully deleted: C:\Program Files (x86)\elex-tech (Folder)



Registry: 2

Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Łt 23. 08. 2016 at 20:07:03,04
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[cocinella]

Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by elisk_000 on Łt 23. 08. 2016 at 20:09:20,98.
Microsoft Windows 10 Home 10.0.14393 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\elisk_000\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

23. 8. 2016 20:10:13 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\AGEIA Technologies deleted successfully
C:\Program Files\McAfee deleted successfully
C:\PROGRA~3\Comms deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\Users\elisk_000\AppData\Local\ActiveSync deleted successfully
C:\Users\elisk_000\AppData\Local\NetworkTiles deleted successfully
C:\Users\ELIKA~1\AppData\Local\ActiveSync deleted successfully
C:\Users\ELIKA~1\AppData\Local\EmieSiteList deleted successfully
C:\Users\ELIKA~1\AppData\Local\EmieUserList deleted successfully
C:\Users\ELIKA~1\AppData\Local\NetworkTiles deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\PROGRA~2\AGEIA Technologies not found
C:\PROGRA~3\SetStretch.VBS deleted
C:\PROGRA~3\{705643FB-7321-4623-B9D5-661E9A537A11} deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\ELIKA~1\AppData\Local\CrashRpt deleted

==== Chromium Look ======================


Chrome Media Router - elisk_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm
AdBlock - ELIKA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
Docs - ELIKA~1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake

==== Chromium Startpages ======================

C:\Users\ELIKA~1\AppData\Local\Google\Chrome\User Data\Default\Preferences
"homepage": "http://www.nicesearches.com?type=hp&ts= ... 2o4o8o0e7g",
"startup_urls": [ "http://www.nicesearches.com?type=hp&ts= ... 2o4o8o0e7g" ]


==== Chromium Fix ======================

C:\Users\elisk_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_adjustingbeauty.blogspot.cz_0.localstorage deleted successfully
C:\Users\elisk_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_adjustingbeauty.blogspot.cz_0.localstorage-journal deleted successfully
C:\Users\elisk_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage deleted successfully
C:\Users\elisk_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage-journal deleted successfully
C:\Users\elisk_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_airzip2.inspsearch.com_0.localstorage deleted successfully
C:\Users\elisk_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_airzip2.inspsearch.com_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} - No_Url_Value
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTer ... ORM=IE8SRC

==== Reset Google Chrome ======================

C:\Users\elisk_000\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\elisk_000\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\ELIKA~1\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\ELIKA~1\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\ELIKA~1\AppData\Local\Google\Chrome\User Data\Profile 1\Preferences was reset successfully
C:\Users\ELIKA~1\AppData\Local\Google\Chrome\User Data\Profile 1\Secure Preferences was reset successfully
C:\Users\elisk_000\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\elisk_000\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\ELIKA~1\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\ELIKA~1\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\ELIKA~1\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data was reset successfully
C:\Users\ELIKA~1\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data-journal was reset successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\elisk_000\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\elisk_000\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\Users\ELIKA~1\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\elisk_000\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\elisk_000\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\Users\ELIKA~1\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\ELIKA~1\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\elisk_000\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\ELIKA~1\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\ELIKA~1\AppData\Local\Google\Chrome\User Data\Profile 1\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=26 folders=22 116201986 bytes)

==== Empty Temp Folders ======================

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\ELISK_~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on Łt 23. 08. 2016 at 20:26:18,82 ======================

[Márty84]

Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach
(Kdyby nesel Launcher stahnout, dejte logy jen ze samotneho FRST, tedy bez pouziti Launcheru)

[cocinella]

Running from C:\Users\elisk_000\Desktop
Loaded Profiles: elisk_000 (Available Profiles: elisk_000)
Platform: Windows 10 Home Version 1607 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Flexera Software, Inc.) C:\Program Files (x86)\Common Files\Scia\LicenceServer\FlexnetServer\lmadmin.exe
(Flexera Software, Inc.) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Nemetschek SCIA) C:\Program Files (x86)\Common Files\Scia\LicenceServer\FlexnetServer\scia\SCIA.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.102.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\APRP\aprp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
() C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\ASUSWSLoader.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1804360 2016-03-22] (NVIDIA Corporation)
HKLM\...\Run: [LifeChat] => C:\Program Files\Microsoft LifeChat\LifeChat.exe [371712 2009-09-24] (Microsoft Corporation)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-07-16] (Microsoft Corporation)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\ASUSWSLoader.exe [63296 2014-08-20] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 109.105.46.3
Tcpip\..\Interfaces\{443aab0f-9e7a-4682-8970-27634181e77a}: [DhcpNameServer] 192.168.24.1
Tcpip\..\Interfaces\{7d7b640c-37aa-4ba7-a7d9-3eabbca9905f}: [DhcpNameServer] 109.105.46.3

Internet Explorer:
==================
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKU\S-1-5-21-544186402-2627704980-2657497335-1004 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-544186402-2627704980-2657497335-1004 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2016-03-11] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2016-03-11] (Oracle Corporation)

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-544186402-2627704980-2657497335-1004 -> hxxp://www.google.com

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-01-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2016-03-11] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2016-03-11] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\elisk_000\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\elisk_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-08-23]
CHR Extension: (Dokumenty Google) - C:\Users\elisk_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-23]
CHR Extension: (Disk Google) - C:\Users\elisk_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-23]
CHR Extension: (YouTube) - C:\Users\elisk_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-23]
CHR Extension: (Tabulky Google) - C:\Users\elisk_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-23]
CHR Extension: (Dokumenty Google offline) - C:\Users\elisk_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-24]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\elisk_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-23]
CHR Extension: (Gmail) - C:\Users\elisk_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-23]
CHR Extension: (Chrome Media Router) - C:\Users\elisk_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-23]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-23] (SUPERAntiSpyware.com)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe [71168 2014-08-20] (ASUS Cloud Corporation) [File not signed]
R2 esifsvc; C:\Windows\SysWOW64\esif_uf.exe [1037568 2014-09-18] (Intel Corporation)
R2 hasplms; C:\Windows\system32\hasplms.exe [4665168 2015-09-24] (SafeNet Inc.)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [372152 2015-12-08] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496 2015-01-06] (Intel Corporation)
R2 lmadmin; C:\Program Files (x86)\Common Files\Scia\LicenceServer\FlexnetServer\lmadmin.exe [6587728 2011-08-05] (Flexera Software, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
S2 Wisaroc; C:\Windows\Wisaroc.exe [1686020 2010-11-08] (Remak) [File not signed]
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2014-09-28] (Atheros) [File not signed]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [98296 2015-12-14] (ASUS Corporation)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [38720 2014-09-18] (Intel Corporation)
R3 dptf_pch; C:\Windows\System32\drivers\dptf_pch.sys [38208 2014-09-18] (Intel Corporation)
R3 esif_lf; C:\Windows\System32\drivers\esif_lf.sys [216360 2014-09-18] (Intel Corporation)
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [350552 2015-09-24] (SafeNet Inc.)
R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [79016 2014-08-26] (Intel Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2015-01-06] (Intel Corporation)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-08-24 08:40 - 2016-08-24 08:40 - 00014611 _____ C:\Users\elisk_000\Desktop\FRST.txt
2016-08-24 08:39 - 2016-08-24 08:40 - 00000000 ____D C:\FRST
2016-08-24 08:38 - 2016-08-24 08:38 - 00112640 _____ (forum.viry.cz) C:\Users\elisk_000\Downloads\Nepotvrzeno 713345.crdownload
2016-08-24 08:38 - 2016-08-24 08:38 - 00112640 _____ (forum.viry.cz) C:\Users\elisk_000\Downloads\Nepotvrzeno 544298.crdownload
2016-08-24 08:37 - 2016-08-24 08:39 - 02396672 _____ (Farbar) C:\Users\elisk_000\Desktop\FRST64.exe
2016-08-24 08:37 - 2016-08-24 08:37 - 00112640 _____ (forum.viry.cz) C:\Users\elisk_000\Downloads\Nepotvrzeno 331497.crdownload
2016-08-23 20:23 - 2016-08-23 20:09 - 00024064 _____ C:\WINDOWS\zoek-delete.exe
2016-08-23 20:08 - 2016-08-23 20:22 - 00000000 ____D C:\zoek_backup
2016-08-23 20:08 - 2016-08-23 20:08 - 01309184 _____ C:\Users\elisk_000\Desktop\zoek.exe
2016-08-23 20:07 - 2016-08-23 20:07 - 00000981 _____ C:\Users\elisk_000\Desktop\JRT.txt
2016-08-23 20:04 - 2016-08-23 20:04 - 01610560 _____ (Malwarebytes) C:\Users\elisk_000\Downloads\JRT.exe
2016-08-22 19:52 - 2016-08-23 15:17 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-08-22 19:51 - 2016-08-23 15:13 - 00001173 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-08-22 19:51 - 2016-08-22 19:51 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-08-22 19:51 - 2016-08-22 19:51 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-08-22 19:51 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-08-22 19:51 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-08-22 19:51 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-08-22 19:49 - 2016-08-22 19:51 - 22851472 _____ (Malwarebytes ) C:\Users\elisk_000\Downloads\mbam-setup-2.2.1.1043.exe
2016-08-22 14:56 - 2016-08-22 15:00 - 00000000 ____D C:\AdwCleaner
2016-08-22 14:54 - 2016-08-22 14:56 - 03784256 _____ C:\Users\elisk_000\Desktop\adwcleaner_6.000.exe
2016-08-19 21:30 - 2016-08-19 22:10 - 361329658 _____ C:\Users\elisk_000\Downloads\Devious-Maids---S04E01---Once-More-Unto-the-Bleach-CZ-tit.avi
2016-08-19 20:42 - 2016-08-19 21:09 - 368955392 _____ C:\Users\elisk_000\Downloads\Pripady.detektiva.Murdocha.S01E01.Sila.DVB-TRip.XviD.cz-iNG.avi
2016-08-19 20:31 - 2016-08-19 20:42 - 174572827 _____ C:\Users\elisk_000\Downloads\Případy-detektiva-Murdocha-01x01-Síla.mp4
2016-08-11 12:21 - 2016-08-11 12:22 - 18362171 _____ C:\Users\elisk_000\Downloads\hypermarkety_2016_08_10.pdf
2016-08-09 20:33 - 2016-08-09 20:34 - 01222144 _____ C:\Users\elisk_000\Downloads\RSITx64 (1).exe
2016-08-09 20:26 - 2016-08-02 10:48 - 22219328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-08-09 20:26 - 2016-08-02 10:44 - 00151232 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-08-09 20:26 - 2016-08-02 10:44 - 00114192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2016-08-09 20:26 - 2016-08-02 10:20 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-08-09 20:26 - 2016-08-02 09:58 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-08-09 20:26 - 2016-08-02 09:55 - 03617280 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-08-09 20:26 - 2016-08-02 06:51 - 20965240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-08-09 20:26 - 2016-08-02 06:37 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-08-09 20:26 - 2016-08-02 06:33 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-08-09 20:26 - 2016-08-02 06:27 - 07623168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-08-09 20:26 - 2016-08-02 06:25 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2016-08-09 20:26 - 2016-08-02 06:25 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-08-09 20:26 - 2016-08-02 06:23 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2016-08-09 20:26 - 2016-08-02 06:13 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-08-09 20:26 - 2016-08-02 06:09 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2016-08-09 20:25 - 2016-08-02 10:58 - 00168800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-08-09 20:25 - 2016-08-02 10:53 - 02745224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-08-09 20:25 - 2016-08-02 10:52 - 00619368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-08-09 20:25 - 2016-08-02 10:48 - 00241496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2016-08-09 20:25 - 2016-08-02 10:23 - 22572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-08-09 20:25 - 2016-08-02 10:21 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2016-08-09 20:25 - 2016-08-02 10:21 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2016-08-09 20:25 - 2016-08-02 10:20 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-08-09 20:25 - 2016-08-02 10:15 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2016-08-09 20:25 - 2016-08-02 10:15 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-08-09 20:25 - 2016-08-02 10:14 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2016-08-09 20:25 - 2016-08-02 10:13 - 01081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-08-09 20:25 - 2016-08-02 10:12 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-08-09 20:25 - 2016-08-02 10:11 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-08-09 20:25 - 2016-08-02 10:11 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-08-09 20:25 - 2016-08-02 10:10 - 00509952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-08-09 20:25 - 2016-08-02 10:09 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-08-09 20:25 - 2016-08-02 10:07 - 23682048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-08-09 20:25 - 2016-08-02 10:07 - 09125888 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-08-09 20:25 - 2016-08-02 10:03 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-08-09 20:25 - 2016-08-02 10:00 - 05511168 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2016-08-09 20:25 - 2016-08-02 09:59 - 08124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-08-09 20:25 - 2016-08-02 09:57 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-08-09 20:25 - 2016-08-02 09:56 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-08-09 20:25 - 2016-08-02 09:56 - 01785856 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-08-09 20:25 - 2016-08-02 09:56 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-08-09 20:25 - 2016-08-02 09:55 - 01508864 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-08-09 20:25 - 2016-08-02 09:52 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2016-08-09 20:25 - 2016-08-02 06:56 - 02251440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-08-09 20:25 - 2016-08-02 06:47 - 00079536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2016-08-09 20:25 - 2016-08-02 06:39 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2016-08-09 20:25 - 2016-08-02 06:37 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2016-08-09 20:25 - 2016-08-02 06:36 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-08-09 20:25 - 2016-08-02 06:30 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-08-09 20:25 - 2016-08-02 06:28 - 19423232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-08-09 20:25 - 2016-08-02 06:26 - 19417600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-08-09 20:25 - 2016-08-02 06:26 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-08-09 20:25 - 2016-08-02 06:16 - 06044672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-08-09 20:25 - 2016-08-02 06:13 - 01600512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-08-09 20:25 - 2016-08-02 06:12 - 02999296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-08-07 19:37 - 2016-08-07 19:37 - 00388608 _____ (Trend Micro Inc.) C:\Users\elisk_000\Downloads\hijackthis.exe
2016-08-07 19:36 - 2016-08-07 19:36 - 01222144 _____ C:\Users\elisk_000\Downloads\RSITx64.exe
2016-08-07 19:18 - 2016-08-07 19:18 - 02239373 _____ (EFD Software ) C:\Users\elisk_000\Downloads\hdtunepro_560_trial.exe
2016-08-07 19:18 - 2016-08-07 19:18 - 00642632 _____ (EFD Software ) C:\Users\elisk_000\Downloads\hdtune_255.exe
2016-08-07 19:18 - 2016-08-07 19:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune
2016-08-07 19:18 - 2016-08-07 19:18 - 00000000 ____D C:\Program Files (x86)\HD Tune
2016-08-07 19:09 - 2016-08-23 10:22 - 00000000 ____D C:\WINDOWS\Minidump
2016-08-06 17:21 - 2016-08-06 17:21 - 00000000 ____D C:\Users\elisk_000\AppData\Roaming\SUPERAntiSpyware.com
2016-08-06 00:02 - 2016-08-05 23:35 - 00000000 ___DC C:\WINDOWS\Panther
2016-08-05 23:58 - 2016-08-05 23:58 - 02190688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-08-05 23:58 - 2016-08-05 23:58 - 01708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2016-08-05 23:58 - 2016-08-05 23:58 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-08-05 23:58 - 2016-08-05 23:58 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-08-05 23:58 - 2016-08-05 23:58 - 01418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-08-05 23:58 - 2016-08-05 23:58 - 01265424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-08-05 23:58 - 2016-08-05 23:58 - 01260384 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-08-05 23:58 - 2016-08-05 23:58 - 00843104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-08-05 23:58 - 2016-08-05 23:58 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-08-05 23:58 - 2016-08-05 23:58 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-08-05 23:58 - 2016-08-05 23:58 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-08-05 23:58 - 2016-08-05 23:58 - 00389000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2016-08-05 23:58 - 2016-08-05 23:58 - 00297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2016-08-05 23:58 - 2016-08-05 23:58 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-08-05 23:58 - 2016-08-05 23:58 - 00062816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2016-08-05 23:57 - 2016-08-05 23:57 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-08-05 23:53 - 2016-08-05 23:53 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2016-08-05 23:53 - 2016-08-05 23:53 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-08-05 23:53 - 2016-08-05 23:53 - 00000000 ____D C:\Program Files\MSBuild
2016-08-05 23:53 - 2016-08-05 23:53 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-08-05 23:53 - 2016-08-05 23:17 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-08-05 23:53 - 2016-05-25 15:31 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-08-05 23:53 - 2016-05-25 15:31 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-08-05 23:53 - 2016-05-25 15:31 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-08-05 23:53 - 2016-05-25 12:03 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2016-08-05 23:53 - 2016-05-25 12:03 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-08-05 23:53 - 2016-05-25 12:03 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2016-08-05 23:40 - 2016-08-05 23:40 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-08-05 23:36 - 2016-08-05 23:48 - 00000000 ____D C:\Users\elisk_000\AppData\Local\ConnectedDevicesPlatform
2016-08-05 23:36 - 2016-08-05 23:36 - 00000020 ___SH C:\Users\elisk_000\ntuser.ini
2016-08-05 23:35 - 2016-08-05 23:35 - 00000000 _SHDL C:\Users\Default\Šablony
2016-08-05 23:35 - 2016-08-05 23:35 - 00000000 _SHDL C:\Users\Default\Soubory cookie
2016-08-05 23:35 - 2016-08-05 23:35 - 00000000 _SHDL C:\Users\Default\Poslední
2016-08-05 23:35 - 2016-08-05 23:35 - 00000000 _SHDL C:\Users\Default\Okolní tiskárny
2016-08-05 23:35 - 2016-08-05 23:35 - 00000000 _SHDL C:\Users\Default\Okolní síť
2016-08-05 23:35 - 2016-08-05 23:35 - 00000000 _SHDL C:\Users\Default\Nabídka Start
2016-08-05 23:35 - 2016-08-05 23:35 - 00000000 _SHDL C:\Users\Default\Dokumenty
2016-08-05 23:35 - 2016-08-05 23:35 - 00000000 _SHDL C:\Users\Default\Documents\Obrázky
2016-08-05 23:35 - 2016-08-05 23:35 - 00000000 _SHDL C:\Users\Default\Documents\Hudba
2016-08-05 23:35 - 2016-08-05 23:35 - 00000000 _SHDL C:\Users\Default\Documents\Filmy
2016-08-05 23:35 - 2016-08-05 23:35 - 00000000 _SHDL C:\Users\Default\Data aplikací
2016-08-05 23:35 - 2016-08-05 23:35 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2016-08-05 23:35 - 2016-08-05 23:35 - 00000000 _SHDL C:\Users\Default\AppData\Local\Data aplikací
2016-08-05 23:35 - 2016-08-05 23:35 - 00000000 _SHDL C:\Users\Default User\Documents\Obrázky
2016-08-05 23:35 - 2016-08-05 23:35 - 00000000 _SHDL C:\Users\Default User\Documents\Hudba
2016-08-05 23:35 - 2016-08-05 23:35 - 00000000 _SHDL C:\Users\Default User\Documents\Filmy
2016-08-05 23:35 - 2016-08-05 23:35 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2016-08-05 23:35 - 2016-08-05 23:35 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Data aplikací
2016-08-05 23:35 - 2016-08-05 23:35 - 00000000 ____D C:\ProgramData\USOShared
2016-08-05 23:33 - 2016-08-05 23:34 - 00007623 _____ C:\WINDOWS\diagwrn.xml
2016-08-05 23:33 - 2016-08-05 23:34 - 00007623 _____ C:\WINDOWS\diagerr.xml
2016-08-05 23:25 - 2016-08-23 20:24 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-08-05 23:25 - 2016-08-23 12:01 - 00003550 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1
2016-08-05 23:25 - 2016-08-23 12:01 - 00003540 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2
2016-08-05 23:25 - 2016-08-05 23:25 - 00003484 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-08-05 23:25 - 2016-08-05 23:25 - 00003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-08-05 23:25 - 2016-08-05 23:25 - 00003298 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1457718220
2016-08-05 23:25 - 2016-08-05 23:25 - 00003260 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-08-05 23:25 - 2016-08-05 23:25 - 00002862 _____ C:\WINDOWS\System32\Tasks\ASUS Smart Gesture Launcher
2016-08-05 23:25 - 2016-08-05 23:25 - 00002810 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-544186402-2627704980-2657497335-1001
2016-08-05 23:25 - 2016-08-05 23:25 - 00002782 _____ C:\WINDOWS\System32\Tasks\ATK Package 36D18D69AFC3
2016-08-05 23:25 - 2016-08-05 23:25 - 00002748 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-544186402-2627704980-2657497335-500
2016-08-05 23:25 - 2016-08-05 23:25 - 00002744 _____ C:\WINDOWS\System32\Tasks\Update Checker
2016-08-05 23:25 - 2016-08-05 23:25 - 00002588 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
2016-08-05 23:25 - 2016-08-05 23:25 - 00002226 _____ C:\WINDOWS\System32\Tasks\McAfee Remediation (Prepare)
2016-08-05 23:25 - 2016-08-05 23:25 - 00002188 _____ C:\WINDOWS\System32\Tasks\ASUS USB Charger Plus
2016-08-05 23:25 - 2016-08-05 23:25 - 00002174 _____ C:\WINDOWS\System32\Tasks\RTKCPL
2016-08-05 23:25 - 2016-08-05 23:25 - 00002086 _____ C:\WINDOWS\System32\Tasks\{16EC854A-7649-4E27-8C1D-16A442D6E9A8}
2016-08-05 23:25 - 2016-08-05 23:25 - 00002064 _____ C:\WINDOWS\System32\Tasks\LifeChatTask
2016-08-05 23:25 - 2016-08-05 23:25 - 00002054 _____ C:\WINDOWS\System32\Tasks\ASUS Splendid ACMON
2016-08-05 23:25 - 2016-08-05 23:25 - 00000000 ____D C:\WINDOWS\System32\Tasks\ASUS
2016-08-05 23:22 - 2016-08-06 18:19 - 00000248 _____ C:\Users\Public\Documents\report.dat
2016-08-05 23:22 - 2016-08-05 23:22 - 00000000 ____D C:\Users\Public\Documents\chrome
2016-08-05 23:16 - 2016-08-23 15:14 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-08-05 23:13 - 2016-08-05 23:17 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2016-08-05 23:11 - 2016-08-23 22:23 - 00000000 ____D C:\Users\elisk_000
2016-08-05 23:11 - 2016-08-05 23:11 - 00000000 _SHDL C:\Users\elisk_000\Šablony
2016-08-05 23:11 - 2016-08-05 23:11 - 00000000 _SHDL C:\Users\elisk_000\Soubory cookie
2016-08-05 23:11 - 2016-08-05 23:11 - 00000000 _SHDL C:\Users\elisk_000\Poslední
2016-08-05 23:11 - 2016-08-05 23:11 - 00000000 _SHDL C:\Users\elisk_000\Okolní tiskárny
2016-08-05 23:11 - 2016-08-05 23:11 - 00000000 _SHDL C:\Users\elisk_000\Okolní síť
2016-08-05 23:11 - 2016-08-05 23:11 - 00000000 _SHDL C:\Users\elisk_000\Nabídka Start
2016-08-05 23:11 - 2016-08-05 23:11 - 00000000 _SHDL C:\Users\elisk_000\Dokumenty
2016-08-05 23:11 - 2016-08-05 23:11 - 00000000 _SHDL C:\Users\elisk_000\Documents\Obrázky
2016-08-05 23:11 - 2016-08-05 23:11 - 00000000 _SHDL C:\Users\elisk_000\Documents\Hudba
2016-08-05 23:11 - 2016-08-05 23:11 - 00000000 _SHDL C:\Users\elisk_000\Documents\Filmy
2016-08-05 23:11 - 2016-08-05 23:11 - 00000000 _SHDL C:\Users\elisk_000\Data aplikací
2016-08-05 23:11 - 2016-08-05 23:11 - 00000000 _SHDL C:\Users\elisk_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2016-08-05 23:11 - 2016-08-05 23:11 - 00000000 _SHDL C:\Users\elisk_000\AppData\Local\Data aplikací
2016-08-05 23:07 - 2016-08-05 23:07 - 00000000 ____D C:\ProgramData\NVIDIA
2016-08-05 23:07 - 2016-08-05 23:07 - 00000000 ____D C:\Program Files\Common Files\Atheros
2016-08-05 23:07 - 2016-02-15 09:25 - 06367288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-08-05 23:07 - 2016-02-15 09:25 - 02990016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-08-05 23:07 - 2016-02-15 09:25 - 02563128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-08-05 23:07 - 2016-02-15 09:25 - 00945600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-08-05 23:07 - 2016-02-15 09:25 - 00530368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-08-05 23:07 - 2016-02-15 09:25 - 00393784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-08-05 23:07 - 2016-02-15 09:25 - 00083512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-08-05 23:07 - 2016-02-15 09:25 - 00071224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-08-05 23:07 - 2016-02-11 17:36 - 06172297 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-08-05 23:06 - 2016-08-24 08:34 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-08-05 23:06 - 2016-08-05 23:13 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-08-05 23:06 - 2016-08-05 23:13 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-08-05 23:06 - 2016-08-05 23:13 - 00000000 ____D C:\Program Files\Intel
2016-08-05 23:06 - 2016-08-05 23:06 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2016-08-05 23:06 - 2016-07-16 13:41 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-08-05 23:06 - 2015-12-08 10:28 - 00103968 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2016-08-05 23:06 - 2015-12-08 10:28 - 00099872 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2016-08-05 23:05 - 2016-08-05 23:05 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2016-08-05 23:05 - 2016-08-05 23:05 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2016-08-05 23:05 - 2016-08-05 23:05 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2016-08-05 23:05 - 2016-08-05 23:05 - 00000000 ____D C:\Program Files\Realtek
2016-08-05 23:03 - 2016-08-23 21:19 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-08-05 23:03 - 2016-08-12 18:10 - 00344256 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-08-05 23:03 - 2016-08-05 23:03 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-08-01 19:13 - 2016-08-01 19:13 - 00007608 _____ C:\Users\elisk_000\AppData\Local\Resmon.ResmonCfg

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-08-24 08:35 - 2016-06-14 12:52 - 00000165 _____ C:\Users\elisk_000\AppData\Roaming\sp_data.sys
2016-08-24 08:34 - 2016-06-14 12:52 - 00000000 __SHD C:\Users\elisk_000\IntelGraphicsProfiles
2016-08-23 22:22 - 2016-06-14 19:55 - 00000000 ____D C:\Users\elisk_000\AppData\Roaming\Skype
2016-08-23 20:38 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-08-23 20:31 - 2016-07-17 00:25 - 00483026 _____ C:\WINDOWS\system32\perfh005.dat
2016-08-23 20:31 - 2016-07-17 00:25 - 00091192 _____ C:\WINDOWS\system32\perfc005.dat
2016-08-23 20:31 - 2016-06-14 12:03 - 01528280 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-08-23 20:24 - 2016-07-16 08:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2016-08-23 15:14 - 2016-04-11 09:02 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-08-23 15:14 - 2016-03-11 19:43 - 00001122 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-08-23 15:14 - 2016-03-11 17:17 - 00002274 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-08-23 15:13 - 2016-06-26 11:06 - 00002200 _____ C:\Users\Public\Desktop\The Sims 2.lnk
2016-08-23 15:13 - 2016-06-21 06:56 - 00000833 _____ C:\Users\elisk_000\Desktop\Stažené soubory.lnk
2016-08-23 15:13 - 2016-06-14 12:56 - 00002438 _____ C:\Users\elisk_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-08-23 15:13 - 2016-05-22 19:55 - 00001084 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-08-23 15:13 - 2016-03-18 20:37 - 00002658 _____ C:\Users\Public\Desktop\Skype.lnk
2016-08-23 15:13 - 2016-03-11 17:17 - 00002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-08-23 15:11 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Web
2016-08-23 15:10 - 2016-03-15 11:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MX360 series
2016-08-23 14:23 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-08-23 14:22 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-08-22 23:59 - 2016-06-01 08:45 - 899317056 _____ C:\WINDOWS\MEMORY.DMP
2016-08-22 23:30 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache
2016-08-22 22:02 - 2016-05-22 20:17 - 00000000 ____D C:\Program Files (x86)\Reipotion
2016-08-22 15:00 - 2016-05-27 19:37 - 00000000 ____D C:\WINDOWS\system32\log
2016-08-22 14:59 - 2016-05-25 08:28 - 00000000 ____D C:\ProgramData\PwinpP
2016-08-12 18:44 - 2015-09-07 19:30 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-08-12 18:08 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-08-12 18:08 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2016-08-12 18:08 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2016-08-12 18:08 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\et-EE
2016-08-12 18:08 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\es-MX
2016-08-12 18:08 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\en-GB
2016-08-12 18:08 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-08-12 18:08 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-08-12 18:08 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2016-08-10 19:17 - 2016-03-12 06:33 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-08-10 19:13 - 2016-03-12 06:33 - 147640136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-08-09 20:34 - 2016-03-12 19:39 - 00000000 ____D C:\Program Files\trend micro
2016-08-07 19:37 - 2016-06-14 12:52 - 00000000 ____D C:\Users\elisk_000\AppData\Local\VirtualStore
2016-08-07 19:18 - 2016-03-18 21:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune Pro
2016-08-07 19:18 - 2016-03-18 21:03 - 00000000 ____D C:\Program Files (x86)\HD Tune Pro
2016-08-06 11:16 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\appcompat
2016-08-06 00:02 - 2016-07-16 13:47 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-08-05 23:53 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2016-08-05 23:53 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-08-05 23:50 - 2016-06-14 12:52 - 00000000 ____D C:\Users\elisk_000\AppData\Local\Packages
2016-08-05 23:44 - 2016-06-14 12:56 - 00000000 ___RD C:\Users\elisk_000\OneDrive
2016-08-05 23:35 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\USOPrivate
2016-08-05 23:35 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows NT
2016-08-05 23:34 - 2016-07-16 08:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2016-08-05 23:32 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-08-05 23:32 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Registration
2016-08-05 23:32 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2016-08-05 23:25 - 2016-06-14 12:01 - 00023020 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-08-05 23:24 - 2016-07-16 13:47 - 00000000 __RSD C:\WINDOWS\Media
2016-08-05 23:24 - 2016-07-16 13:47 - 00000000 __RHD C:\Users\Public\Libraries
2016-08-05 23:18 - 2015-10-30 20:35 - 00000000 ____D C:\WINDOWS\ShellNew
2016-08-05 23:17 - 2016-05-22 19:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-08-05 23:17 - 2016-05-06 21:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2016-08-05 23:17 - 2016-04-27 20:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-08-05 23:17 - 2016-04-12 10:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2016-08-05 23:17 - 2016-03-31 08:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AeroCAD
2016-08-05 23:17 - 2016-03-18 20:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2016-08-05 23:17 - 2016-03-15 13:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-08-05 23:17 - 2016-03-14 11:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-08-05 23:17 - 2016-03-12 09:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Headset
2016-08-05 23:17 - 2016-03-12 08:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GRAPHISOFT
2016-08-05 23:17 - 2016-03-11 19:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-08-05 23:17 - 2016-03-11 18:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SCIA Engineer 15.3
2016-08-05 23:17 - 2016-03-11 17:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerZip 7.0
2016-08-05 23:17 - 2016-03-11 17:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SCIA Licence Server
2016-08-05 23:17 - 2015-03-24 18:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek
2016-08-05 23:17 - 2015-03-24 18:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2016-08-05 23:17 - 2014-10-21 06:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2016-08-05 23:16 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-08-05 23:16 - 2015-10-30 08:28 - 00000000 ____D C:\Users\Default.migrated
2016-08-05 23:14 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2016-08-05 23:14 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2016-08-05 23:14 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\et-EE
2016-08-05 23:14 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB
2016-08-05 23:14 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\spool
2016-08-05 23:14 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-08-05 23:14 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-08-05 23:14 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2016-08-05 23:14 - 2016-03-15 11:58 - 00000000 ___HD C:\WINDOWS\system32\CanonIJ Uninstaller Information
2016-08-05 23:14 - 2015-03-24 18:46 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2016-08-05 23:14 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2016-08-05 23:14 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2016-08-05 23:13 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\InputMethod
2016-08-05 23:13 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-08-05 23:13 - 2016-06-26 11:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES
2016-08-05 23:13 - 2016-03-18 20:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-08-05 23:13 - 2015-03-24 18:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICEpower
2016-08-05 23:13 - 2014-10-21 06:30 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-08-05 23:10 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-08-05 23:07 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-08-05 23:07 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\MiracastView
2016-08-05 23:07 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Help
2016-08-05 22:32 - 2016-03-11 17:16 - 00000972 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-05 21:51 - 2016-06-14 11:58 - 00000806 _____ C:\Users\Public\Documents\report (2).dat
2016-08-04 20:13 - 2016-03-11 19:42 - 00000000 ____D C:\Program Files (x86)\Opera
2016-07-31 17:06 - 2016-03-11 17:35 - 00000000 ____D C:\ProgramData\FLEXnet
2016-07-29 20:27 - 2016-03-11 17:16 - 00000968 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-27 21:25 - 2016-03-11 18:52 - 00504488 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe

==================== Files in the root of some directories =======

2016-06-14 12:52 - 2016-08-24 08:35 - 0000165 _____ () C:\Users\elisk_000\AppData\Roaming\sp_data.sys
2016-08-01 19:13 - 2016-08-01 19:13 - 0007608 _____ () C:\Users\elisk_000\AppData\Local\Resmon.ResmonCfg
2016-08-05 23:05 - 2016-08-05 23:05 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-10-21 06:28 - 2012-09-07 13:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2014-10-21 06:28 - 2009-07-22 12:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe

Some files in TEMP:
====================
C:\Users\elisk_000\AppData\Local\Temp\SkypeSetup.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-08-17 21:09

==================== End of FRST.txt ============================

http://leteckaposta.cz/287712446

[Márty84]

Napiste mi velikost adresare plochy (C:\Users\elisk_000\Plocha)



Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)

Task: {0C3A3DB2-680E-46FD-B32D-EB51726AD0C0} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe [2015-11-03] (McAfee, Inc.)
Task: {0E891B1C-520D-4FE8-AF29-A7E27392C158} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {1AD06407-B69D-4351-ADE9-44AC83393AF1} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {306654CF-BDEE-42E7-AD8A-AD2404032665} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {433958D3-CF4B-467D-9F6E-1534A60D26DC} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {542C9981-A78F-41AE-893F-13FB9E228010} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {6FEFCF5F-37AD-4593-824C-86BAAF0E35CC} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {73663627-596D-4E1B-92E4-0B042F216063} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {7550162A-E490-4D7B-BE59-0541E1343A4E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {91465434-A0A3-450A-BFF7-43F13E09721D} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {92105B42-6695-43A2-9E6A-0754D272AD81} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {9F54D1B2-213A-4D33-90FD-F0F85EF9CEC1} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {BBFCEEB2-73F6-465A-90F6-AE0928F2D2A6} - \Thalepharck Reports -> No File <==== ATTENTION
Task: {C75F7A74-12BD-4232-8A5D-11FA531375EA} - \Browser Updater Task(Core) -> No File <==== ATTENTION
Task: {C7A45E65-EB7B-4A10-AD16-DFCF27350F32} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {CF497BD4-D0B6-4384-ABDE-819A48213869} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {EC6A4C90-AF40-446B-B96B-CE185E44903E} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {F3C29A7A-B4A2-4603-9919-93813439574B} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Hosts:
EmptyTemp:
Reboot:
End

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.

[cocinella]

Na ploše mám 7,24 MB.

Tady je ten log:
Fix result of Farbar Recovery Scan Tool (x64) Version: 21-08-2016 01
Ran by elisk_000 (24-08-2016 11:39:02) Run:1
Running from C:\Users\elisk_000\Desktop
Loaded Profiles: elisk_000 (Available Profiles: elisk_000)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)

Task: {0C3A3DB2-680E-46FD-B32D-EB51726AD0C0} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe [2015-11-03] (McAfee, Inc.)
Task: {0E891B1C-520D-4FE8-AF29-A7E27392C158} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {1AD06407-B69D-4351-ADE9-44AC83393AF1} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {306654CF-BDEE-42E7-AD8A-AD2404032665} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {433958D3-CF4B-467D-9F6E-1534A60D26DC} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {542C9981-A78F-41AE-893F-13FB9E228010} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {6FEFCF5F-37AD-4593-824C-86BAAF0E35CC} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {73663627-596D-4E1B-92E4-0B042F216063} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {7550162A-E490-4D7B-BE59-0541E1343A4E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {91465434-A0A3-450A-BFF7-43F13E09721D} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {92105B42-6695-43A2-9E6A-0754D272AD81} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {9F54D1B2-213A-4D33-90FD-F0F85EF9CEC1} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {BBFCEEB2-73F6-465A-90F6-AE0928F2D2A6} - \Thalepharck Reports -> No File <==== ATTENTION
Task: {C75F7A74-12BD-4232-8A5D-11FA531375EA} - \Browser Updater Task(Core) -> No File <==== ATTENTION
Task: {C7A45E65-EB7B-4A10-AD16-DFCF27350F32} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {CF497BD4-D0B6-4384-ABDE-819A48213869} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {EC6A4C90-AF40-446B-B96B-CE185E44903E} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {F3C29A7A-B4A2-4603-9919-93813439574B} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\GrooveMonitor => value removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0C3A3DB2-680E-46FD-B32D-EB51726AD0C0}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0C3A3DB2-680E-46FD-B32D-EB51726AD0C0}" => key removed successfully
C:\WINDOWS\System32\Tasks\McAfee Remediation (Prepare) => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\McAfee Remediation (Prepare)" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0E891B1C-520D-4FE8-AF29-A7E27392C158}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0E891B1C-520D-4FE8-AF29-A7E27392C158}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1AD06407-B69D-4351-ADE9-44AC83393AF1}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1AD06407-B69D-4351-ADE9-44AC83393AF1}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{306654CF-BDEE-42E7-AD8A-AD2404032665}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{306654CF-BDEE-42E7-AD8A-AD2404032665}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{433958D3-CF4B-467D-9F6E-1534A60D26DC}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{433958D3-CF4B-467D-9F6E-1534A60D26DC}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-Weekend" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{542C9981-A78F-41AE-893F-13FB9E228010}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{542C9981-A78F-41AE-893F-13FB9E228010}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6FEFCF5F-37AD-4593-824C-86BAAF0E35CC}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6FEFCF5F-37AD-4593-824C-86BAAF0E35CC}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{73663627-596D-4E1B-92E4-0B042F216063}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{73663627-596D-4E1B-92E4-0B042F216063}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7550162A-E490-4D7B-BE59-0541E1343A4E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7550162A-E490-4D7B-BE59-0541E1343A4E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{91465434-A0A3-450A-BFF7-43F13E09721D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{91465434-A0A3-450A-BFF7-43F13E09721D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{92105B42-6695-43A2-9E6A-0754D272AD81}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{92105B42-6695-43A2-9E6A-0754D272AD81}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9F54D1B2-213A-4D33-90FD-F0F85EF9CEC1}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9F54D1B2-213A-4D33-90FD-F0F85EF9CEC1}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BBFCEEB2-73F6-465A-90F6-AE0928F2D2A6}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BBFCEEB2-73F6-465A-90F6-AE0928F2D2A6}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Thalepharck Reports" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C75F7A74-12BD-4232-8A5D-11FA531375EA}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C75F7A74-12BD-4232-8A5D-11FA531375EA}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Browser Updater Task(Core)" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C7A45E65-EB7B-4A10-AD16-DFCF27350F32}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C7A45E65-EB7B-4A10-AD16-DFCF27350F32}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CF497BD4-D0B6-4384-ABDE-819A48213869}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CF497BD4-D0B6-4384-ABDE-819A48213869}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\rundetector" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{EC6A4C90-AF40-446B-B96B-CE185E44903E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EC6A4C90-AF40-446B-B96B-CE185E44903E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F3C29A7A-B4A2-4603-9919-93813439574B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F3C29A7A-B4A2-4603-9919-93813439574B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => key removed successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 3062608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 12914948 B
Java, Flash, Steam htmlcache => 714 B
Windows/system/drivers => 420401 B
Edge => 13824 B
Chrome => 732651401 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 10916 B
NetworkService => 71746 B
elisk_000 => 42503294 B

RecycleBin => 0 B
EmptyTemp: => 755 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 11:39:15 ====

[Márty84]

Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

DelFix https://toolslib.net/downloads/finish/2/

• Stahnete a spustte
• Ponechte zatrzitkou pouze u volby Remove disinfection tools
• Kliknete na Run

Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)

Defragmentujte disk(y) (SSD Disky ne!)
Stahnete program Defraggler https://www.piriform.com/defraggler/download/standard
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.




Pak napiste, jak to s pc vypada.