zpomalený NTB

Zpráva

hankeys · #1 Příspěvek od **hankeys** » 04 říj 2016 12:48

zdravím, poslední dobou mám dost zpomalený NTB, procesor a disk vytěžuje "hostitel služby"

vkládám log z FRST

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03-10-2016
Ran by Hankeys (administrator) on LENOVO (04-10-2016 13:45:25)
Running from C:\Users\Hankeys\Desktop
Loaded Profiles: Hankeys (Available Profiles: Hankeys)
Platform: Windows 8.1 Pro (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVerMedia) C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
() C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
(AVerMedia TECHNOLOGIES, Inc.) C:\Program Files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Zabbix SIA) C:\Program Files\Zabbix Agent\zabbix_agentd.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ACD Systems) C:\Program Files\ACD Systems\ACDSee Pro\7.0\acdIDInTouch2.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(WebGear Ltd, New Zealand + Create Software + Stru.be + saller.NET + Big-R) C:\Program Files (x86)\GO Contact Sync Mod\GOContactSync.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(AVerMedia TECHNOLOGIES, Inc.) C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Telefónica I+D) C:\Program Files (x86)\O2\O2CZ\EMMSN.exe
(Telefónica I+D) C:\Program Files (x86)\O2\Nori\Nori.exe
(ALTAP) C:\Program Files\Altap Salamander\salamand.exe
(Google Inc.) C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe
(ALTAP) C:\Program Files\Altap Salamander\utils\salmon.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\OUTLOOK.EXE
(Google Inc.) C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe
(MetaQuotes Software Corp.) C:\MetaTrader Admiral Markets\terminal.exe
(Google Inc.) C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(forum.viry.cz) C:\Users\Hankeys\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2685072 2015-05-08] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1570672 2015-05-08] (NVIDIA Corporation)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM\...\Run: [ACPW07EN] => C:\Program Files\ACD Systems\ACDSee Pro\7.0\acdIDInTouch2.exe [1813832 2014-03-18] (ACD Systems)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12921488 2012-09-14] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-09-14] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-09-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [GoPro Studio Importer] => C:\Program Files (x86)\GoPro\Tools\Importer\GoPro Importer.exe [3217672 2015-07-02] (GoPro)
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [508656 2012-07-25] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKU\S-1-5-21-3293060449-512507974-3953459309-1001\...\Run: [Google Update] => C:\Users\Hankeys\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc.)
HKU\S-1-5-21-3293060449-512507974-3953459309-1001\...\Run: [GoogleContactSync] => C:\Program Files (x86)\GO Contact Sync Mod\GOContactSync.exe [2094592 2015-11-01] (WebGear Ltd, New Zealand + Create Software + Stru.be + saller.NET + Big-R)
HKU\S-1-5-21-3293060449-512507974-3953459309-1001\...\Run: [GoogleChromeAutoLaunch_F725E5E3515E85A3BB9E9A62A93ED533] => C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe [966760 2016-09-25] (Google Inc.)
HKU\S-1-5-21-3293060449-512507974-3953459309-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23375200 2016-07-29] (Google)
HKU\S-1-5-21-3293060449-512507974-3953459309-1001\...\MountPoints2: {1a665e5d-1f3f-11e6-82da-dc0ea1ee4adb} - "F:\AutoRun.exe" 
HKU\S-1-5-21-3293060449-512507974-3953459309-1001\...\MountPoints2: {72a6b02b-eb3c-11e5-82cf-9c4e3617c5f8} - "F:\AutoRun.exe" 
HKU\S-1-5-21-3293060449-512507974-3953459309-1001\...\MountPoints2: {90e56abc-4b49-11e6-82e4-dc0ea1ee4adb} - "F:\AutoRun.exe" 
HKU\S-1-5-21-3293060449-512507974-3953459309-1001\...\MountPoints2: {b5b365e7-53e2-11e6-82e6-dc0ea1ee4adb} - "F:\AutoRun.exe" 
HKU\S-1-5-21-3293060449-512507974-3953459309-1001\...\MountPoints2: {b5b36dae-53e2-11e6-82e6-dc0ea1ee4adb} - "F:\AutoRun.exe" 
HKU\S-1-5-21-3293060449-512507974-3953459309-1001\...\MountPoints2: {b5b36df5-53e2-11e6-82e6-dc0ea1ee4adb} - "F:\AutoRun.exe" 
HKU\S-1-5-21-3293060449-512507974-3953459309-1001\...\MountPoints2: {b9a06547-4de9-11e4-825b-446d5785e023} - "F:\AutoRun.exe" 
HKU\S-1-5-21-3293060449-512507974-3953459309-1001\...\MountPoints2: {ba92cbe2-5235-11e6-82e4-dc0ea1ee4adb} - "F:\AutoRun.exe" 
HKU\S-1-5-21-3293060449-512507974-3953459309-1001\...\MountPoints2: {cd42a4ea-367d-11e5-82a2-446d5785e023} - "F:\AutoRun.exe" 
HKU\S-1-5-21-3293060449-512507974-3953459309-1001\...\MountPoints2: {f76ccf48-3856-11e4-8253-446d5785e023} - "F:\AutoRun.exe" 
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [176064 2015-05-12] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [154256 2015-05-12] (NVIDIA Corporation)
IFEO\SppExtComObj.exe: [Debugger] C:\Windows\SECOH-QAD.exe
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
ShellIconOverlayIdentifiers: [HardLinkMenu] -> {0A479751-02BC-11d3-A855-0004AC2568AA} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2016-04-19] (Hermann Schinagl)
ShellIconOverlayIdentifiers: [IconOverlayHardLink] -> {0A479751-02BC-11d3-A855-0004AC2568DD} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2016-04-19] (Hermann Schinagl)
ShellIconOverlayIdentifiers: [IconOverlaySymbolicLink] -> {0A479751-02BC-11d3-A855-0004AC2568EE} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2016-04-19] (Hermann Schinagl)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVer HID Receiver.lnk [2016-06-13]
ShortcutTarget: AVer HID Receiver.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVerQuick.lnk [2016-06-13]
ShortcutTarget: AVerQuick.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe (AVerMedia TECHNOLOGIES, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GoPro Importer.lnk [2015-02-14]
ShortcutTarget: GoPro Importer.lnk -> C:\Program Files (x86)\GoPro\Tools\Importer\GoPro Importer.exe (GoPro)
Startup: C:\Users\Hankeys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Odeslat do OneNote.lnk [2016-03-10]
ShortcutTarget: Odeslat do OneNote.lnk -> C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{11352C0B-2EED-4327-8592-04E3DF65CEE9}: [DhcpNameServer] 194.228.41.65 194.228.41.113
Tcpip\..\Interfaces\{828869BE-0E61-40AC-AA70-946A4AC26021}: [NameServer] 194.228.211.33 160.218.161.60
Tcpip\..\Interfaces\{D42EE2C4-CFA6-4350-8891-77A911C17FAD}: [DhcpNameServer] 194.228.41.65 194.228.41.113
Tcpip\..\Interfaces\{D6B27A5F-575D-4280-9810-542799D81282}: [DhcpNameServer] 192.168.1.1 8.8.8.8

Internet Explorer:
==================
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-11-18] (Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-07-25] (Oracle Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-25] (Oracle Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-04-20] (IvoSoft)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-11-10] (Microsoft Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-04-20] (IvoSoft)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-04-01] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)

FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-09-11] [not signed]
FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-25] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-25] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-09-19] (Adobe Systems)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-18] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-30] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-30] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN)
FF Plugin-x32: @vmware.com/vmrc,version=2.5.0.00000 -> C:\Program Files (x86)\Common Files\VMware\VMware VMRC Plug-in\Firefox\np-vmware-vmrc.dll [2013-07-25] (VMware, Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2014-05-08] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-09-19] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3293060449-512507974-3953459309-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Hankeys\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-12-03] (Citrix Online)
FF Plugin HKU\S-1-5-21-3293060449-512507974-3953459309-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Hankeys\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-30] (Google Inc.)
FF Plugin HKU\S-1-5-21-3293060449-512507974-3953459309-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Hankeys\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-30] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-11-18] (Microsoft Corporation)

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default [2016-10-04]
CHR Extension: (Překladač Google) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2015-11-18]
CHR Extension: (Prezentace Google) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-04]
CHR Extension: (Magic Actions for YouTube™) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2016-09-28]
CHR Extension: (Angry Birds) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2014-12-15]
CHR Extension: (Dokumenty Google) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04]
CHR Extension: (Disk Google) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (Glow) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\bekmjjakgojplnhahcilegeiklenjbgb [2014-09-10]
CHR Extension: (Save the trees (print & screenshot)) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjlcapbgbcnfkifgclinapfbkielnmdi [2014-09-10]
CHR Extension: (YouTube) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (History 2) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\cahejgbbfgmlmjgdjlibphdjeldhagkp [2014-09-10]
CHR Extension: (Vyhledávání Google) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Tampermonkey) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2016-09-02]
CHR Extension: (Adobe Acrobat) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2016-09-12]
CHR Extension: (Kalendář Google) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2015-10-13]
CHR Extension: (Save As MHTML) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\eomfifclcdpkaghkehajpolkdnkmegfa [2016-05-09]
CHR Extension: (Tabulky Google) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-04]
CHR Extension: (Dokumenty Google offline) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Close Tab by Left Border) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdoplfhlfoagdghmfamhnakmjjffeila [2014-09-17]
CHR Extension: (My Klips - Read Now, Read Later) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkpekaddkiibmnedmbgbpfmegmpfmbai [2014-09-10]
CHR Extension: (goo.gl URL Shortener) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\iblijlcdoidgdpfknkckljiocdbnlagk [2015-05-14]
CHR Extension: (Invite All Friends on Facebook) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\inmmhkeajgflmokoaaoadgkhhmibjbpj [2016-09-18]
CHR Extension: (Speed Dial 2) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik [2016-05-30]
CHR Extension: (Skype) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-09-22]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-01-30]
CHR Extension: (Super Drag) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbjeigngkfagmefkkkmhaeechmohhneo [2014-09-10]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-13]
CHR Extension: (Facebook Chat Pop-Outs) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnocoggcoknkjehhjjpanophojgknbpd [2016-03-03]
CHR Extension: (Auto-Translate) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\obgoiaeapddkeekbocomnjlckbbfapmk [2015-12-29]
CHR Extension: (Gmail) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30]
CHR Extension: (Chrome Media Router) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-22]
CHR HKU\S-1-5-21-3293060449-512507974-3953459309-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-05-08]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-05-25]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVerRemote; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [360448 2011-08-19] (AVerMedia) [File not signed]
R2 AVerScheduleService; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [403456 2011-04-01] () [File not signed]
R2 AVerUpdateServer; C:\Program Files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe [167936 2011-10-31] (AVerMedia TECHNOLOGIES, Inc.) [File not signed]
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-09-04] (Broadcom Corporation.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-08] (NVIDIA Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-21] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1884304 2015-05-08] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22997648 2015-05-08] (NVIDIA Corporation)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [38240 2016-05-10] (The OpenVPN Project)
S2 SerialService; C:\ProgramData\Extra Control\serclient.exe [6146603 2012-12-12] () [File not signed]
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [977088 2014-03-02] () [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7500048 2016-09-20] (TeamViewer GmbH)
S3 vmicvss; C:\Windows\System32\ICSvc.dll [524800 2014-10-29] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 Zabbix Agent; C:\Program Files\Zabbix Agent\zabbix_agentd.exe [434176 2016-05-18] (Zabbix SIA) [File not signed]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AVerFx2hbtv64; C:\Windows\system32\drivers\AVerFx2hbtv64.sys [691968 2012-09-19] (AVerMedia TECHNOLOGIES, Inc.)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-09-04] (Broadcom Corporation.)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-09-09] (Disc Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 Huawei; C:\Windows\system32\DRIVERS\ewdcsc.sys [32768 2010-10-08] (Huawei Tech. Co., Ltd.)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3344352 2013-07-08] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-08] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-14] (Synaptics Incorporated)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 WinDivert1.1; C:\Program Files\KMSpico\WinDivert.sys [35376 2014-09-09] (Basil Projects)
U0 aswVmm; no ImagePath
S3 hwusbdev; \SystemRoot\system32\DRIVERS\ewusbdev.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-10-04 13:45 - 2016-10-04 13:46 - 00030830 _____ C:\Users\Hankeys\Desktop\FRST.txt
2016-10-04 13:44 - 2016-10-04 13:45 - 00000000 ____D C:\FRST
2016-10-04 13:43 - 2016-10-04 13:43 - 00112640 _____ (forum.viry.cz) C:\Users\Hankeys\Desktop\FRSTLauncher.exe
2016-10-04 13:42 - 2016-10-04 13:42 - 00112640 _____ (forum.viry.cz) C:\Users\Hankeys\Downloads\FRSTLauncher.exe
2016-10-04 13:40 - 2016-10-04 13:40 - 02404864 _____ (Farbar) C:\Users\Hankeys\Desktop\FRST64.exe
2016-10-04 13:15 - 2016-10-04 13:15 - 00000686 _____ C:\Users\Public\Desktop\Quant Analyzer 4.lnk
2016-10-04 13:15 - 2016-10-04 13:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quant Analyzer 4
2016-10-03 08:42 - 2016-10-03 08:42 - 00000651 _____ C:\Users\Hankeys\Desktop\SQ2.lnk
2016-09-28 09:31 - 2016-09-28 09:31 - 00002224 _____ C:\Users\Hankeys\Desktop\GitKraken.lnk
2016-09-27 07:45 - 2011-01-30 12:20 - 00212992 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_juwwanecm.sys
2016-09-27 07:45 - 2011-01-30 12:19 - 00098816 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jucdcacm.sys
2016-09-27 07:45 - 2011-01-30 12:19 - 00086016 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jubusenum.sys
2016-09-27 07:45 - 2011-01-30 12:19 - 00069632 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jucdcecm.sys
2016-09-27 07:45 - 2011-01-30 12:19 - 00028672 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_juextctrl.sys
2016-09-27 07:45 - 2010-12-23 03:48 - 00421376 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbwwan.sys
2016-09-27 07:45 - 2010-10-08 10:59 - 00032768 _____ (Huawei Tech. Co., Ltd.) C:\Windows\system32\Drivers\ewdcsc.sys
2016-09-27 07:45 - 2010-09-26 12:09 - 00022016 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_hwupgrade.sys
2016-09-27 07:45 - 2010-08-06 01:43 - 01001472 _____ (DiBcom SA) C:\Windows\system32\Drivers\mod7700.sys
2016-09-27 07:45 - 2010-07-27 03:52 - 00117248 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_hwusbdev.sys
2016-09-27 07:45 - 2010-03-20 06:06 - 00013952 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_usbenumfilter.sys
2016-09-27 06:59 - 2016-09-27 06:59 - 00001055 _____ C:\Users\Public\Desktop\O2 Průvodce připojením.lnk
2016-09-27 06:57 - 2016-09-27 06:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\O2
2016-09-27 06:57 - 2016-09-27 06:57 - 00000000 ____D C:\Program Files (x86)\O2
2016-09-21 23:05 - 2016-09-21 23:17 - 00000000 ____D C:\StrategyQuant3
2016-09-06 07:12 - 2016-10-04 13:09 - 00000000 ____D C:\StrategyQuant4Alpha

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-10-04 13:42 - 2014-09-10 14:04 - 00000000 ____D C:\Users\Hankeys\AppData\Roaming\ClassicShell
2016-10-04 13:35 - 2015-02-05 08:54 - 00000984 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3293060449-512507974-3953459309-1001UA.job
2016-10-04 13:34 - 2014-03-18 17:33 - 01754592 _____ C:\Windows\system32\PerfStringBackup.INI
2016-10-04 13:34 - 2014-03-18 16:54 - 00743142 _____ C:\Windows\system32\perfh005.dat
2016-10-04 13:34 - 2014-03-18 16:54 - 00152856 _____ C:\Windows\system32\perfc005.dat
2016-10-04 13:34 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf
2016-10-04 13:32 - 2016-01-30 16:07 - 00000000 ___RD C:\Users\Hankeys\Disk Google
2016-10-04 13:30 - 2014-09-09 22:26 - 00000000 ____D C:\Users\Hankeys\Documents\Soubory aplikace Outlook
2016-10-04 13:25 - 2014-09-09 20:21 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3293060449-512507974-3953459309-1001
2016-10-04 13:20 - 2016-01-25 20:16 - 00000000 ____D C:\ProgramData\Extra Control
2016-10-04 13:19 - 2014-12-17 17:50 - 00000000 ____D C:\ProgramData\AVAST Software
2016-10-04 13:19 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-10-04 13:16 - 2016-03-10 22:52 - 00000000 ____D C:\QuantAnalyzer4
2016-10-04 13:09 - 2016-06-28 21:30 - 00000000 ____D C:\Users\Hankeys\Zorro
2016-10-04 13:04 - 2016-08-09 17:34 - 00000000 ____D C:\Program Files (x86)\RAMDisk
2016-10-04 12:51 - 2015-06-04 10:37 - 00000684 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-3293060449-512507974-3953459309-1001.job
2016-10-04 12:49 - 2015-01-02 09:49 - 00000588 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3293060449-512507974-3953459309-1001.job
2016-10-04 12:48 - 2014-09-10 14:43 - 00000000 ____D C:\Users\Hankeys\AppData\Roaming\GoContactSyncMOD
2016-10-04 12:38 - 2016-03-10 22:39 - 00000000 ____D C:\StrategyQuant
2016-10-04 12:35 - 2015-02-05 08:54 - 00000932 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3293060449-512507974-3953459309-1001Core.job
2016-10-04 08:40 - 2014-09-09 20:35 - 00003970 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{4826E594-2A27-4CFA-98B9-542F03BAC25A}
2016-10-04 08:14 - 2014-09-09 20:15 - 00000000 ____D C:\Users\Hankeys\AppData\Local\Packages
2016-10-04 08:12 - 2016-01-25 19:19 - 00002314 ____H C:\Users\Hankeys\Documents\Default.rdp
2016-10-04 08:03 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\FxsTmp
2016-10-03 22:47 - 2014-09-10 09:38 - 00002398 _____ C:\Users\Hankeys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-03 21:38 - 2016-07-25 20:25 - 00000000 ____D C:\sikulix
2016-10-03 20:01 - 2016-05-04 19:01 - 00000000 ____D C:\Users\Hankeys\AppData\Roaming\Skype
2016-10-03 19:35 - 2016-07-27 20:16 - 00000000 ____D C:\Users\Hankeys\AppData\Roaming\VMware
2016-10-03 17:25 - 2014-09-09 21:41 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-10-03 15:28 - 2016-06-27 21:51 - 00000000 ____D C:\Users\Hankeys\AppData\Roaming\RStudio
2016-10-03 15:28 - 2016-06-27 21:47 - 00000000 ____D C:\Users\Hankeys\AppData\Local\RStudio-Desktop
2016-10-03 15:27 - 2016-07-25 21:10 - 00000000 ____D C:\Strategie
2016-10-03 14:28 - 2016-03-11 11:36 - 00000000 ____D C:\StrategyQuant2
2016-09-30 19:04 - 2016-05-25 13:54 - 00000983 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-09-30 19:04 - 2016-05-25 13:54 - 00000971 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk
2016-09-30 16:32 - 2016-01-28 20:02 - 00000000 ____D C:\Users\Hankeys\AppData\Roaming\MT Intelligence
2016-09-30 07:44 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-09-27 08:12 - 2014-12-17 17:54 - 00969560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.147495686132807
2016-09-27 08:12 - 2014-12-17 17:54 - 00513496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.147495686581210
2016-09-26 20:39 - 2016-05-24 15:59 - 00000000 ____D C:\Users\Hankeys\AppData\Local\Power BI
2016-09-26 11:16 - 2016-05-18 21:50 - 00000000 ____D C:\TRADING
2016-09-25 20:05 - 2014-09-10 08:16 - 00000000 ____D C:\Users\Hankeys\AppData\Local\Deployment
2016-09-24 14:11 - 2014-09-11 21:08 - 00000000 ____D C:\Users\Hankeys\AppData\Local\CrashDumps
2016-09-23 19:53 - 2016-05-04 19:01 - 00000000 ____D C:\ProgramData\Skype
2016-09-21 17:46 - 2016-05-10 17:20 - 00000000 ____D C:\Users\Hankeys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Axosoft, LLC
2016-09-21 17:46 - 2016-05-10 17:19 - 00000000 ____D C:\Users\Hankeys\AppData\Local\gitkraken
2016-09-19 14:07 - 2015-06-04 10:37 - 00003684 _____ C:\Windows\System32\Tasks\G2MUploadTask-S-1-5-21-3293060449-512507974-3953459309-1001
2016-09-19 14:07 - 2014-12-03 18:24 - 00003588 _____ C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-3293060449-512507974-3953459309-1001
2016-09-14 08:47 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-09-14 08:47 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2016-09-13 07:32 - 2016-05-10 17:20 - 00000000 ____D C:\Users\Hankeys\AppData\Roaming\GitKraken
2016-09-13 07:32 - 2016-05-10 17:20 - 00000000 ____D C:\Users\Hankeys\AppData\Roaming\.gitkraken
2016-09-12 08:12 - 2014-09-09 20:15 - 00000000 ____D C:\Users\Hankeys
2016-09-12 08:11 - 2015-12-04 08:49 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2016-09-12 08:10 - 2016-04-24 20:12 - 00000000 ____D C:\Jts
2016-09-12 08:10 - 2014-09-30 14:53 - 00000000 ____D C:\Program Files (x86)\BOSSAFX
2016-09-12 08:06 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\registration
2016-09-12 08:04 - 2014-09-09 20:35 - 00000000 __RHD C:\MSOCache
2016-09-06 10:13 - 2016-03-10 22:58 - 00000000 ____D C:\SQ_EAWizard
2016-09-04 21:19 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI(76)

==================== Files in the root of some directories =======

2015-02-10 21:56 - 2015-02-12 09:56 - 0099384 _____ () C:\Users\Hankeys\AppData\Roaming\inst.exe
2015-02-10 21:56 - 2015-02-12 09:56 - 0007859 _____ () C:\Users\Hankeys\AppData\Roaming\pcouffin.cat
2015-02-10 21:56 - 2015-02-12 09:56 - 0001167 _____ () C:\Users\Hankeys\AppData\Roaming\pcouffin.inf
2015-02-10 21:56 - 2015-02-12 09:56 - 0000055 _____ () C:\Users\Hankeys\AppData\Roaming\pcouffin.log
2015-02-10 21:56 - 2015-02-12 09:56 - 0082816 _____ (VSO Software) C:\Users\Hankeys\AppData\Roaming\pcouffin.sys
2016-04-19 11:12 - 2016-04-19 11:12 - 0007606 _____ () C:\Users\Hankeys\AppData\Local\Resmon.ResmonCfg
2014-09-09 21:24 - 2014-09-09 21:24 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\Hankeys\AppData\Local\Temp\DataCard_Setup64.exe
C:\Users\Hankeys\AppData\Local\Temp\gtapi_signed.dll
C:\Users\Hankeys\AppData\Local\Temp\i4jdel0.exe
C:\Users\Hankeys\AppData\Local\Temp\i4jdel1.exe
C:\Users\Hankeys\AppData\Local\Temp\ResetDevice.exe
C:\Users\Hankeys\AppData\Local\Temp\sqlite-3.8.10.1-1750b6f0-ffa8-4e7f-b5e3-8d261518b7b8-sqlitejdbc.dll
C:\Users\Hankeys\AppData\Local\Temp\sqlite-3.8.10.1-176b117f-caed-41a2-9604-e1bba4a2ae87-sqlitejdbc.dll
C:\Users\Hankeys\AppData\Local\Temp\sqlite-3.8.10.1-27cd5c85-28ca-4061-858d-c2c24d7625af-sqlitejdbc.dll
C:\Users\Hankeys\AppData\Local\Temp\sqlite-3.8.10.1-336b6492-b8b8-4091-800e-20d5736c7fda-sqlitejdbc.dll
C:\Users\Hankeys\AppData\Local\Temp\sqlite-3.8.10.1-60f7be35-e61d-4e0b-9818-f324a3b416ca-sqlitejdbc.dll
C:\Users\Hankeys\AppData\Local\Temp\sqlite-3.8.10.1-6728b659-3bd5-428f-af48-fd398eba1e19-sqlitejdbc.dll
C:\Users\Hankeys\AppData\Local\Temp\sqlite-3.8.10.1-972c8959-687a-4215-9e6d-bad286656581-sqlitejdbc.dll
C:\Users\Hankeys\AppData\Local\Temp\sqlite-3.8.10.1-a63843c0-b230-4d1d-8b22-c32ad40c9d03-sqlitejdbc.dll
C:\Users\Hankeys\AppData\Local\Temp\sqlite-3.8.10.1-ffdd3f1f-376c-40d4-b19d-9035e4e4a88c-sqlitejdbc.dll
C:\Users\Hankeys\AppData\Local\Temp\{35848409-518C-47CD-A3AC-A57F0A6B3605}-52.0.2743.116_51.0.2704.103_chrome_updater.exe
C:\Users\USER~1.AVE\AppData\Local\Temp\RegCheck.exe


==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3293060449-512507974-3953459309-1001.job => C:\Users\Hankeys\AppData\Local\Citrix\GoToMeeting\5573\g2mupdate.exe
Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-3293060449-512507974-3953459309-1001.job => C:\Users\Hankeys\AppData\Local\Citrix\GoToMeeting\5573\g2mupload.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3293060449-512507974-3953459309-1001Core.job => C:\Users\Hankeys\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3293060449-512507974-3953459309-1001UA.job => C:\Users\Hankeys\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

  
***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Hankeys\Desktop" je 1029 MB.
 
 
***** Startup Programs *****
 
 
***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    EnableFirewall    REG_DWORD    0x1
    DisableNotifications    REG_DWORD    0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    EnableFirewall    REG_DWORD    0x1
    DisableNotifications    REG_DWORD    0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\Program Files (x86)\\FlashGet Network\\FlashGet 3\\FlashGet3.exe"="C:\\Program Files (x86)\\FlashGet Network\\FlashGet 3\\FlashGet3.exe:*:Enabled:Flashget3"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
 
***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

 
==================== End Of Log ==============================

#2 Příspěvek od **Rudy** » 04 říj 2016 16:20

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

hankeys · #3 Příspěvek od **hankeys** » 04 říj 2016 16:49

Kód: Vybrat vše

# AdwCleaner v6.020 - Log soubor vytvořen 04/10/2016 na 17:35:50
# Aktualizováno dne 14/09/2016 z ToolsLib
# Databáze : 2016-10-03.1 [Server]
# Operační systém : Windows 8.1 Pro  (X64)
# Uživatelské jméno : Hankeys - LENOVO
# Beží od : C:\Users\Hankeys\Desktop\adwcleaner_6.020.exe
# Mod: Čištění
# Podpora : https://toolslib.net/forum



***** [ Služby ] *****



***** [ Adresáře ] *****



***** [ Soubory ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Zástupce ] *****



***** [ Plánovač úloh ] *****



***** [ Registry ] *****

[-] Klíč smazán:HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2974C985-8151-4DE5-B23C-B875F0A8522F}
[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2974C985-8151-4DE5-B23C-B875F0A8522F}
[-] Klíč smazán:HKU\S-1-5-21-3293060449-512507974-3953459309-1001\Software\Conduit
[#] Klíč smazán po restartování:HKCU\Software\Conduit
[#] Klíč smazán po restartování:[x64] HKCU\Software\Conduit
[-] Klíč smazán:HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[-] Klíč smazán:HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
[#] Klíč smazán po restartování:[x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[#] Klíč smazán po restartování:[x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com


***** [ Prohlížeče ] *****



*************************

:: "Tracing" klíč smazán
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [1631 Bajtů] - [04/10/2016 17:35:50]
C:\AdwCleaner\AdwCleaner[S0].txt - [2084 Bajtů] - [04/10/2016 17:35:33]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1779 Bajtů] ##########

#4 Příspěvek od **Rudy** » 04 říj 2016 17:46

Dejte nový log FRST.

hankeys · #5 Příspěvek od **hankeys** » 04 říj 2016 18:19

Kód: Vybrat vše

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03-10-2016
Ran by Hankeys (administrator) on LENOVO (04-10-2016 19:16:30)
Running from C:\Users\Hankeys\Desktop
Loaded Profiles: Hankeys (Available Profiles: Hankeys)
Platform: Windows 8.1 Pro (Update) (X64) Language: ??e??tina (??esk?? republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVerMedia) C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
() C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
(AVerMedia TECHNOLOGIES, Inc.) C:\Program Files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Zabbix SIA) C:\Program Files\Zabbix Agent\zabbix_agentd.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(ACD Systems) C:\Program Files\ACD Systems\ACDSee Pro\7.0\acdIDInTouch2.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(WebGear Ltd, New Zealand + Create Software + Stru.be + saller.NET + Big-R) C:\Program Files (x86)\GO Contact Sync Mod\GOContactSync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(AVerMedia TECHNOLOGIES, Inc.) C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google Inc.) C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\OUTLOOK.EXE
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(forum.viry.cz) C:\Users\Hankeys\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2685072 2015-05-08] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1570672 2015-05-08] (NVIDIA Corporation)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM\...\Run: [ACPW07EN] => C:\Program Files\ACD Systems\ACDSee Pro\7.0\acdIDInTouch2.exe [1813832 2014-03-18] (ACD Systems)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12921488 2012-09-14] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-09-14] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-09-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [GoPro Studio Importer] => C:\Program Files (x86)\GoPro\Tools\Importer\GoPro Importer.exe [3217672 2015-07-02] (GoPro)
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [508656 2012-07-25] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKU\S-1-5-21-3293060449-512507974-3953459309-1001\...\Run: [Google Update] => C:\Users\Hankeys\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc.)
HKU\S-1-5-21-3293060449-512507974-3953459309-1001\...\Run: [GoogleContactSync] => C:\Program Files (x86)\GO Contact Sync Mod\GOContactSync.exe [2094592 2015-11-01] (WebGear Ltd, New Zealand + Create Software + Stru.be + saller.NET + Big-R)
HKU\S-1-5-21-3293060449-512507974-3953459309-1001\...\Run: [GoogleChromeAutoLaunch_F725E5E3515E85A3BB9E9A62A93ED533] => C:\Users\Hankeys\AppData\Local\Google\Chrome\Application\chrome.exe [966760 2016-09-25] (Google Inc.)
HKU\S-1-5-21-3293060449-512507974-3953459309-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23375200 2016-07-29] (Google)
HKU\S-1-5-21-3293060449-512507974-3953459309-1001\...\MountPoints2: {1a665e5d-1f3f-11e6-82da-dc0ea1ee4adb} - "F:\AutoRun.exe" 
HKU\S-1-5-21-3293060449-512507974-3953459309-1001\...\MountPoints2: {72a6b02b-eb3c-11e5-82cf-9c4e3617c5f8} - "F:\AutoRun.exe" 
HKU\S-1-5-21-3293060449-512507974-3953459309-1001\...\MountPoints2: {90e56abc-4b49-11e6-82e4-dc0ea1ee4adb} - "F:\AutoRun.exe" 
HKU\S-1-5-21-3293060449-512507974-3953459309-1001\...\MountPoints2: {b5b365e7-53e2-11e6-82e6-dc0ea1ee4adb} - "F:\AutoRun.exe" 
HKU\S-1-5-21-3293060449-512507974-3953459309-1001\...\MountPoints2: {b5b36dae-53e2-11e6-82e6-dc0ea1ee4adb} - "F:\AutoRun.exe" 
HKU\S-1-5-21-3293060449-512507974-3953459309-1001\...\MountPoints2: {b5b36df5-53e2-11e6-82e6-dc0ea1ee4adb} - "F:\AutoRun.exe" 
HKU\S-1-5-21-3293060449-512507974-3953459309-1001\...\MountPoints2: {b9a06547-4de9-11e4-825b-446d5785e023} - "F:\AutoRun.exe" 
HKU\S-1-5-21-3293060449-512507974-3953459309-1001\...\MountPoints2: {ba92cbe2-5235-11e6-82e4-dc0ea1ee4adb} - "F:\AutoRun.exe" 
HKU\S-1-5-21-3293060449-512507974-3953459309-1001\...\MountPoints2: {cd42a4ea-367d-11e5-82a2-446d5785e023} - "F:\AutoRun.exe" 
HKU\S-1-5-21-3293060449-512507974-3953459309-1001\...\MountPoints2: {f76ccf48-3856-11e4-8253-446d5785e023} - "F:\AutoRun.exe" 
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [176064 2015-05-12] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [154256 2015-05-12] (NVIDIA Corporation)
IFEO\SppExtComObj.exe: [Debugger] C:\Windows\SECOH-QAD.exe
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
ShellIconOverlayIdentifiers: [HardLinkMenu] -> {0A479751-02BC-11d3-A855-0004AC2568AA} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2016-04-19] (Hermann Schinagl)
ShellIconOverlayIdentifiers: [IconOverlayHardLink] -> {0A479751-02BC-11d3-A855-0004AC2568DD} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2016-04-19] (Hermann Schinagl)
ShellIconOverlayIdentifiers: [IconOverlaySymbolicLink] -> {0A479751-02BC-11d3-A855-0004AC2568EE} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll [2016-04-19] (Hermann Schinagl)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVer HID Receiver.lnk [2016-06-13]
ShortcutTarget: AVer HID Receiver.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVerQuick.lnk [2016-06-13]
ShortcutTarget: AVerQuick.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe (AVerMedia TECHNOLOGIES, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GoPro Importer.lnk [2015-02-14]
ShortcutTarget: GoPro Importer.lnk -> C:\Program Files (x86)\GoPro\Tools\Importer\GoPro Importer.exe (GoPro)
Startup: C:\Users\Hankeys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Odeslat do OneNote.lnk [2016-03-10]
ShortcutTarget: Odeslat do OneNote.lnk -> C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 194.228.41.65 194.228.41.113
Tcpip\..\Interfaces\{11352C0B-2EED-4327-8592-04E3DF65CEE9}: [DhcpNameServer] 194.228.41.65 194.228.41.113
Tcpip\..\Interfaces\{D42EE2C4-CFA6-4350-8891-77A911C17FAD}: [DhcpNameServer] 194.228.41.65 194.228.41.113
Tcpip\..\Interfaces\{D6B27A5F-575D-4280-9810-542799D81282}: [DhcpNameServer] 192.168.1.1 8.8.8.8

Internet Explorer:
==================
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-11-18] (Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-07-25] (Oracle Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-25] (Oracle Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-04-20] (IvoSoft)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-11-10] (Microsoft Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-04-20] (IvoSoft)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-04-01] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)

FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-09-11] [not signed]
FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-25] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-25] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-09-19] (Adobe Systems)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-18] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-30] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-30] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN)
FF Plugin-x32: @vmware.com/vmrc,version=2.5.0.00000 -> C:\Program Files (x86)\Common Files\VMware\VMware VMRC Plug-in\Firefox\np-vmware-vmrc.dll [2013-07-25] (VMware, Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2014-05-08] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-09-19] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3293060449-512507974-3953459309-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Hankeys\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-12-03] (Citrix Online)
FF Plugin HKU\S-1-5-21-3293060449-512507974-3953459309-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Hankeys\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-30] (Google Inc.)
FF Plugin HKU\S-1-5-21-3293060449-512507974-3953459309-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Hankeys\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-30] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-11-18] (Microsoft Corporation)

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default [2016-10-04]
CHR Extension: (P??eklada?? Google) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2015-11-18]
CHR Extension: (Prezentace Google) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-04]
CHR Extension: (Magic Actions for YouTube???) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2016-09-28]
CHR Extension: (Angry Birds) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2014-12-15]
CHR Extension: (Dokumenty Google) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04]
CHR Extension: (Disk Google) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (Glow) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\bekmjjakgojplnhahcilegeiklenjbgb [2014-09-10]
CHR Extension: (Save the trees (print & screenshot)) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjlcapbgbcnfkifgclinapfbkielnmdi [2014-09-10]
CHR Extension: (YouTube) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (History 2) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\cahejgbbfgmlmjgdjlibphdjeldhagkp [2014-09-10]
CHR Extension: (Vyhled??v??n?? Google) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Tampermonkey) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2016-09-02]
CHR Extension: (Adobe Acrobat) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2016-09-12]
CHR Extension: (Kalend???? Google) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2015-10-13]
CHR Extension: (Save As MHTML) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\eomfifclcdpkaghkehajpolkdnkmegfa [2016-05-09]
CHR Extension: (Tabulky Google) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-04]
CHR Extension: (Dokumenty Google offline) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Close Tab by Left Border) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdoplfhlfoagdghmfamhnakmjjffeila [2014-09-17]
CHR Extension: (My Klips - Read Now, Read Later) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkpekaddkiibmnedmbgbpfmegmpfmbai [2014-09-10]
CHR Extension: (goo.gl URL Shortener) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\iblijlcdoidgdpfknkckljiocdbnlagk [2015-05-14]
CHR Extension: (Invite All Friends on Facebook) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\inmmhkeajgflmokoaaoadgkhhmibjbpj [2016-09-18]
CHR Extension: (Speed Dial 2) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik [2016-05-30]
CHR Extension: (Skype) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-09-22]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-01-30]
CHR Extension: (Super Drag) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbjeigngkfagmefkkkmhaeechmohhneo [2014-09-10]
CHR Extension: (Platby Internetov??ho obchodu Chrome) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-13]
CHR Extension: (Facebook Chat Pop-Outs) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnocoggcoknkjehhjjpanophojgknbpd [2016-03-03]
CHR Extension: (Auto-Translate) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\obgoiaeapddkeekbocomnjlckbbfapmk [2015-12-29]
CHR Extension: (Gmail) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30]
CHR Extension: (Chrome Media Router) - C:\Users\Hankeys\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-22]
CHR HKU\S-1-5-21-3293060449-512507974-3953459309-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-05-08]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-05-25]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVerRemote; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [360448 2011-08-19] (AVerMedia) [File not signed]
R2 AVerScheduleService; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [403456 2011-04-01] () [File not signed]
R2 AVerUpdateServer; C:\Program Files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe [167936 2011-10-31] (AVerMedia TECHNOLOGIES, Inc.) [File not signed]
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-09-04] (Broadcom Corporation.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-08] (NVIDIA Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-21] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1884304 2015-05-08] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22997648 2015-05-08] (NVIDIA Corporation)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [38240 2016-05-10] (The OpenVPN Project)
S2 SerialService; C:\ProgramData\Extra Control\serclient.exe [6146603 2012-12-12] () [File not signed]
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [977088 2014-03-02] () [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7500048 2016-09-20] (TeamViewer GmbH)
S3 vmicvss; C:\Windows\System32\ICSvc.dll [524800 2014-10-29] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 Zabbix Agent; C:\Program Files\Zabbix Agent\zabbix_agentd.exe [434176 2016-05-18] (Zabbix SIA) [File not signed]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AVerFx2hbtv64; C:\Windows\system32\drivers\AVerFx2hbtv64.sys [691968 2012-09-19] (AVerMedia TECHNOLOGIES, Inc.)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-09-04] (Broadcom Corporation.)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-09-09] (Disc Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 Huawei; C:\Windows\system32\DRIVERS\ewdcsc.sys [32768 2010-10-08] (Huawei Tech. Co., Ltd.)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3344352 2013-07-08] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-08] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-14] (Synaptics Incorporated)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 WinDivert1.1; C:\Program Files\KMSpico\WinDivert.sys [35376 2014-09-09] (Basil Projects)
U0 aswVmm; no ImagePath
S3 hwusbdev; \SystemRoot\system32\DRIVERS\ewusbdev.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-10-04 17:30 - 2016-10-04 17:35 - 00000000 ____D C:\AdwCleaner
2016-10-04 17:30 - 2016-10-04 17:30 - 03861056 _____ C:\Users\Hankeys\Desktop\adwcleaner_6.020.exe
2016-10-04 13:45 - 2016-10-04 19:17 - 00030890 _____ C:\Users\Hankeys\Desktop\FRST.txt
2016-10-04 13:44 - 2016-10-04 13:45 - 00000000 ____D C:\FRST
2016-10-04 13:43 - 2016-10-04 13:43 - 00112640 _____ (forum.viry.cz) C:\Users\Hankeys\Desktop\FRSTLauncher.exe
2016-10-04 13:42 - 2016-10-04 13:42 - 00112640 _____ (forum.viry.cz) C:\Users\Hankeys\Downloads\FRSTLauncher.exe
2016-10-04 13:40 - 2016-10-04 13:40 - 02404864 _____ (Farbar) C:\Users\Hankeys\Desktop\FRST64.exe
2016-10-04 13:15 - 2016-10-04 13:15 - 00000686 _____ C:\Users\Public\Desktop\Quant Analyzer 4.lnk
2016-10-04 13:15 - 2016-10-04 13:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quant Analyzer 4
2016-10-03 08:42 - 2016-10-03 08:42 - 00000651 _____ C:\Users\Hankeys\Desktop\SQ2.lnk
2016-09-28 09:31 - 2016-09-28 09:31 - 00002224 _____ C:\Users\Hankeys\Desktop\GitKraken.lnk
2016-09-27 07:45 - 2011-01-30 12:20 - 00212992 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_juwwanecm.sys
2016-09-27 07:45 - 2011-01-30 12:19 - 00098816 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jucdcacm.sys
2016-09-27 07:45 - 2011-01-30 12:19 - 00086016 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jubusenum.sys
2016-09-27 07:45 - 2011-01-30 12:19 - 00069632 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jucdcecm.sys
2016-09-27 07:45 - 2011-01-30 12:19 - 00028672 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_juextctrl.sys
2016-09-27 07:45 - 2010-12-23 03:48 - 00421376 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbwwan.sys
2016-09-27 07:45 - 2010-10-08 10:59 - 00032768 _____ (Huawei Tech. Co., Ltd.) C:\Windows\system32\Drivers\ewdcsc.sys
2016-09-27 07:45 - 2010-09-26 12:09 - 00022016 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_hwupgrade.sys
2016-09-27 07:45 - 2010-08-06 01:43 - 01001472 _____ (DiBcom SA) C:\Windows\system32\Drivers\mod7700.sys
2016-09-27 07:45 - 2010-07-27 03:52 - 00117248 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_hwusbdev.sys
2016-09-27 07:45 - 2010-03-20 06:06 - 00013952 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_usbenumfilter.sys
2016-09-27 06:59 - 2016-09-27 06:59 - 00001055 _____ C:\Users\Public\Desktop\O2 Pr??vodce p??ipojen??m.lnk
2016-09-27 06:57 - 2016-09-27 06:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\O2
2016-09-27 06:57 - 2016-09-27 06:57 - 00000000 ____D C:\Program Files (x86)\O2
2016-09-21 23:05 - 2016-09-21 23:17 - 00000000 ____D C:\StrategyQuant3
2016-09-06 07:12 - 2016-10-04 13:09 - 00000000 ____D C:\StrategyQuant4Alpha

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-10-04 19:04 - 2014-09-09 22:26 - 00000000 ____D C:\Users\Hankeys\Documents\Soubory aplikace Outlook
2016-10-04 18:51 - 2015-06-04 10:37 - 00000684 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-3293060449-512507974-3953459309-1001.job
2016-10-04 18:49 - 2015-01-02 09:49 - 00000588 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3293060449-512507974-3953459309-1001.job
2016-10-04 18:35 - 2015-02-05 08:54 - 00000984 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3293060449-512507974-3953459309-1001UA.job
2016-10-04 18:06 - 2014-12-03 18:24 - 00000000 ____D C:\Users\Hankeys\AppData\Local\Citrix
2016-10-04 17:40 - 2016-01-30 16:07 - 00000000 ___RD C:\Users\Hankeys\Disk Google
2016-10-04 17:37 - 2016-01-25 20:16 - 00000000 ____D C:\ProgramData\Extra Control
2016-10-04 17:36 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-10-04 17:14 - 2014-09-09 20:15 - 00000000 ____D C:\Users\Hankeys\AppData\Local\Packages
2016-10-04 16:40 - 2014-09-09 20:21 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3293060449-512507974-3953459309-1001
2016-10-04 16:36 - 2016-07-25 21:10 - 00000000 ____D C:\Strategie
2016-10-04 16:27 - 2014-09-10 14:04 - 00000000 ____D C:\Users\Hankeys\AppData\Roaming\ClassicShell
2016-10-04 14:40 - 2014-09-09 20:35 - 00003970 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{4826E594-2A27-4CFA-98B9-542F03BAC25A}
2016-10-04 14:38 - 2016-03-10 22:39 - 00000000 ____D C:\StrategyQuant
2016-10-04 13:34 - 2014-03-18 17:33 - 01754592 _____ C:\Windows\system32\PerfStringBackup.INI
2016-10-04 13:34 - 2014-03-18 16:54 - 00743142 _____ C:\Windows\system32\perfh005.dat
2016-10-04 13:34 - 2014-03-18 16:54 - 00152856 _____ C:\Windows\system32\perfc005.dat
2016-10-04 13:34 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf
2016-10-04 13:19 - 2014-12-17 17:50 - 00000000 ____D C:\ProgramData\AVAST Software
2016-10-04 13:16 - 2016-03-10 22:52 - 00000000 ____D C:\QuantAnalyzer4
2016-10-04 13:09 - 2016-06-28 21:30 - 00000000 ____D C:\Users\Hankeys\Zorro
2016-10-04 13:04 - 2016-08-09 17:34 - 00000000 ____D C:\Program Files (x86)\RAMDisk
2016-10-04 12:48 - 2014-09-10 14:43 - 00000000 ____D C:\Users\Hankeys\AppData\Roaming\GoContactSyncMOD
2016-10-04 12:35 - 2015-02-05 08:54 - 00000932 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3293060449-512507974-3953459309-1001Core.job
2016-10-04 08:12 - 2016-01-25 19:19 - 00002314 ____H C:\Users\Hankeys\Documents\Default.rdp
2016-10-04 08:03 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\FxsTmp
2016-10-03 22:47 - 2014-09-10 09:38 - 00002398 _____ C:\Users\Hankeys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-03 21:38 - 2016-07-25 20:25 - 00000000 ____D C:\sikulix
2016-10-03 20:01 - 2016-05-04 19:01 - 00000000 ____D C:\Users\Hankeys\AppData\Roaming\Skype
2016-10-03 19:35 - 2016-07-27 20:16 - 00000000 ____D C:\Users\Hankeys\AppData\Roaming\VMware
2016-10-03 17:25 - 2014-09-09 21:41 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-10-03 15:28 - 2016-06-27 21:51 - 00000000 ____D C:\Users\Hankeys\AppData\Roaming\RStudio
2016-10-03 15:28 - 2016-06-27 21:47 - 00000000 ____D C:\Users\Hankeys\AppData\Local\RStudio-Desktop
2016-10-03 14:28 - 2016-03-11 11:36 - 00000000 ____D C:\StrategyQuant2
2016-09-30 19:04 - 2016-05-25 13:54 - 00000983 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-09-30 19:04 - 2016-05-25 13:54 - 00000971 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk
2016-09-30 16:32 - 2016-01-28 20:02 - 00000000 ____D C:\Users\Hankeys\AppData\Roaming\MT Intelligence
2016-09-30 07:44 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-09-27 08:12 - 2014-12-17 17:54 - 00969560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.147495686132807
2016-09-27 08:12 - 2014-12-17 17:54 - 00513496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.147495686581210
2016-09-26 20:39 - 2016-05-24 15:59 - 00000000 ____D C:\Users\Hankeys\AppData\Local\Power BI
2016-09-26 11:16 - 2016-05-18 21:50 - 00000000 ____D C:\TRADING
2016-09-25 20:05 - 2014-09-10 08:16 - 00000000 ____D C:\Users\Hankeys\AppData\Local\Deployment
2016-09-24 14:11 - 2014-09-11 21:08 - 00000000 ____D C:\Users\Hankeys\AppData\Local\CrashDumps
2016-09-23 19:53 - 2016-05-04 19:01 - 00000000 ____D C:\ProgramData\Skype
2016-09-21 17:46 - 2016-05-10 17:20 - 00000000 ____D C:\Users\Hankeys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Axosoft, LLC
2016-09-21 17:46 - 2016-05-10 17:19 - 00000000 ____D C:\Users\Hankeys\AppData\Local\gitkraken
2016-09-19 14:07 - 2015-06-04 10:37 - 00003684 _____ C:\Windows\System32\Tasks\G2MUploadTask-S-1-5-21-3293060449-512507974-3953459309-1001
2016-09-19 14:07 - 2014-12-03 18:24 - 00003588 _____ C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-3293060449-512507974-3953459309-1001
2016-09-14 08:47 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-09-14 08:47 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2016-09-13 07:32 - 2016-05-10 17:20 - 00000000 ____D C:\Users\Hankeys\AppData\Roaming\GitKraken
2016-09-13 07:32 - 2016-05-10 17:20 - 00000000 ____D C:\Users\Hankeys\AppData\Roaming\.gitkraken
2016-09-12 08:12 - 2014-09-09 20:15 - 00000000 ____D C:\Users\Hankeys
2016-09-12 08:11 - 2015-12-04 08:49 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2016-09-12 08:10 - 2016-04-24 20:12 - 00000000 ____D C:\Jts
2016-09-12 08:10 - 2014-09-30 14:53 - 00000000 ____D C:\Program Files (x86)\BOSSAFX
2016-09-12 08:06 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\registration
2016-09-12 08:04 - 2014-09-09 20:35 - 00000000 __RHD C:\MSOCache
2016-09-06 10:13 - 2016-03-10 22:58 - 00000000 ____D C:\SQ_EAWizard
2016-09-04 21:19 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI(76)

==================== Files in the root of some directories =======

2015-02-10 21:56 - 2015-02-12 09:56 - 0099384 _____ () C:\Users\Hankeys\AppData\Roaming\inst.exe
2015-02-10 21:56 - 2015-02-12 09:56 - 0007859 _____ () C:\Users\Hankeys\AppData\Roaming\pcouffin.cat
2015-02-10 21:56 - 2015-02-12 09:56 - 0001167 _____ () C:\Users\Hankeys\AppData\Roaming\pcouffin.inf
2015-02-10 21:56 - 2015-02-12 09:56 - 0000055 _____ () C:\Users\Hankeys\AppData\Roaming\pcouffin.log
2015-02-10 21:56 - 2015-02-12 09:56 - 0082816 _____ (VSO Software) C:\Users\Hankeys\AppData\Roaming\pcouffin.sys
2016-04-19 11:12 - 2016-04-19 11:12 - 0007606 _____ () C:\Users\Hankeys\AppData\Local\Resmon.ResmonCfg
2014-09-09 21:24 - 2014-09-09 21:24 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\Hankeys\AppData\Local\Temp\DataCard_Setup64.exe
C:\Users\Hankeys\AppData\Local\Temp\gtapi_signed.dll
C:\Users\Hankeys\AppData\Local\Temp\i4jdel0.exe
C:\Users\Hankeys\AppData\Local\Temp\i4jdel1.exe
C:\Users\Hankeys\AppData\Local\Temp\libeay32.dll
C:\Users\Hankeys\AppData\Local\Temp\msvcr120.dll
C:\Users\Hankeys\AppData\Local\Temp\ResetDevice.exe
C:\Users\Hankeys\AppData\Local\Temp\sqlite-3.8.10.1-1750b6f0-ffa8-4e7f-b5e3-8d261518b7b8-sqlitejdbc.dll
C:\Users\Hankeys\AppData\Local\Temp\sqlite-3.8.10.1-176b117f-caed-41a2-9604-e1bba4a2ae87-sqlitejdbc.dll
C:\Users\Hankeys\AppData\Local\Temp\sqlite-3.8.10.1-27cd5c85-28ca-4061-858d-c2c24d7625af-sqlitejdbc.dll
C:\Users\Hankeys\AppData\Local\Temp\sqlite-3.8.10.1-336b6492-b8b8-4091-800e-20d5736c7fda-sqlitejdbc.dll
C:\Users\Hankeys\AppData\Local\Temp\sqlite-3.8.10.1-60f7be35-e61d-4e0b-9818-f324a3b416ca-sqlitejdbc.dll
C:\Users\Hankeys\AppData\Local\Temp\sqlite-3.8.10.1-6728b659-3bd5-428f-af48-fd398eba1e19-sqlitejdbc.dll
C:\Users\Hankeys\AppData\Local\Temp\sqlite-3.8.10.1-972c8959-687a-4215-9e6d-bad286656581-sqlitejdbc.dll
C:\Users\Hankeys\AppData\Local\Temp\sqlite-3.8.10.1-a63843c0-b230-4d1d-8b22-c32ad40c9d03-sqlitejdbc.dll
C:\Users\Hankeys\AppData\Local\Temp\sqlite-3.8.10.1-ffdd3f1f-376c-40d4-b19d-9035e4e4a88c-sqlitejdbc.dll
C:\Users\Hankeys\AppData\Local\Temp\sqlite3.dll
C:\Users\Hankeys\AppData\Local\Temp\{35848409-518C-47CD-A3AC-A57F0A6B3605}-52.0.2743.116_51.0.2704.103_chrome_updater.exe
C:\Users\USER~1.AVE\AppData\Local\Temp\RegCheck.exe


==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3293060449-512507974-3953459309-1001.job => C:\Users\Hankeys\AppData\Local\Citrix\GoToMeeting\5573\g2mupdate.exe
Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-3293060449-512507974-3953459309-1001.job => C:\Users\Hankeys\AppData\Local\Citrix\GoToMeeting\5573\g2mupload.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3293060449-512507974-3953459309-1001Core.job => C:\Users\Hankeys\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3293060449-512507974-3953459309-1001UA.job => C:\Users\Hankeys\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

  
***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Hankeys\Desktop" je 1033 MB.
 
 
***** Startup Programs *****
 
 
***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    EnableFirewall    REG_DWORD    0x1
    DisableNotifications    REG_DWORD    0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    EnableFirewall    REG_DWORD    0x1
    DisableNotifications    REG_DWORD    0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\Program Files (x86)\\FlashGet Network\\FlashGet 3\\FlashGet3.exe"="C:\\Program Files (x86)\\FlashGet Network\\FlashGet 3\\FlashGet3.exe:*:Enabled:Flashget3"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
 
***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

 
==================== End Of Log ==============================

#6 Příspěvek od **Rudy** » 04 říj 2016 18:34

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKU\S-1-5-21-3293060449-512507974-3953459309-1001\...\MountPoints2: {1a665e5d-1f3f-11e6-82da-dc0ea1ee4adb} - "F:\AutoRun.exe"
HKU\S-1-5-21-3293060449-512507974-3953459309-1001\...\MountPoints2: {72a6b02b-eb3c-11e5-82cf-9c4e3617c5f8} - "F:\AutoRun.exe"
HKU\S-1-5-21-3293060449-512507974-3953459309-1001\...\MountPoints2: {90e56abc-4b49-11e6-82e4-dc0ea1ee4adb} - "F:\AutoRun.exe"
HKU\S-1-5-21-3293060449-512507974-3953459309-1001\...\MountPoints2: {b5b365e7-53e2-11e6-82e6-dc0ea1ee4adb} - "F:\AutoRun.exe"
HKU\S-1-5-21-3293060449-512507974-3953459309-1001\...\MountPoints2: {b5b36dae-53e2-11e6-82e6-dc0ea1ee4adb} - "F:\AutoRun.exe"
HKU\S-1-5-21-3293060449-512507974-3953459309-1001\...\MountPoints2: {b5b36df5-53e2-11e6-82e6-dc0ea1ee4adb} - "F:\AutoRun.exe"
HKU\S-1-5-21-3293060449-512507974-3953459309-1001\...\MountPoints2: {b9a06547-4de9-11e4-825b-446d5785e023} - "F:\AutoRun.exe"
HKU\S-1-5-21-3293060449-512507974-3953459309-1001\...\MountPoints2: {ba92cbe2-5235-11e6-82e4-dc0ea1ee4adb} - "F:\AutoRun.exe"
HKU\S-1-5-21-3293060449-512507974-3953459309-1001\...\MountPoints2: {cd42a4ea-367d-11e5-82a2-446d5785e023} - "F:\AutoRun.exe"
HKU\S-1-5-21-3293060449-512507974-3953459309-1001\...\MountPoints2: {f76ccf48-3856-11e4-8253-446d5785e023} - "F:\AutoRun.exe"
IFEO\SppExtComObj.exe: [Debugger] C:\Windows\SECOH-QAD.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
C:\Program Files (x86)\Skype\Toolbars
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
U0 aswVmm; no ImagePath
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3293060449-512507974-3953459309-1001UA.job
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3293060449-512507974-3953459309-1001Core.job
C:\ProgramData\DP45977C.lfl
C:\Users\Hankeys\AppData\Local\Temp
C:\Users\USER~1.AVE\AppData\Local\Temp
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

hankeys · #7 Příspěvek od **hankeys** » 04 říj 2016 18:53

Kód: Vybrat vše

Fix result of Farbar Recovery Scan Tool (x64) Version: 03-10-2016
Ran by Hankeys (04-10-2016 19:45:25) Run:1
Running from C:\Users\Hankeys\Desktop
Loaded Profiles: Hankeys (Available Profiles: Hankeys)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKU\S-1-5-21-3293060449-512507974-3953459309-1001\...\MountPoints2: {1a665e5d-1f3f-11e6-82da-dc0ea1ee4adb} - "F:\AutoRun.exe"
HKU\S-1-5-21-3293060449-512507974-3953459309-1001\...\MountPoints2: {72a6b02b-eb3c-11e5-82cf-9c4e3617c5f8} - "F:\AutoRun.exe"
HKU\S-1-5-21-3293060449-512507974-3953459309-1001\...\MountPoints2: {90e56abc-4b49-11e6-82e4-dc0ea1ee4adb} - "F:\AutoRun.exe"
HKU\S-1-5-21-3293060449-512507974-3953459309-1001\...\MountPoints2: {b5b365e7-53e2-11e6-82e6-dc0ea1ee4adb} - "F:\AutoRun.exe"
HKU\S-1-5-21-3293060449-512507974-3953459309-1001\...\MountPoints2: {b5b36dae-53e2-11e6-82e6-dc0ea1ee4adb} - "F:\AutoRun.exe"
HKU\S-1-5-21-3293060449-512507974-3953459309-1001\...\MountPoints2: {b5b36df5-53e2-11e6-82e6-dc0ea1ee4adb} - "F:\AutoRun.exe"
HKU\S-1-5-21-3293060449-512507974-3953459309-1001\...\MountPoints2: {b9a06547-4de9-11e4-825b-446d5785e023} - "F:\AutoRun.exe"
HKU\S-1-5-21-3293060449-512507974-3953459309-1001\...\MountPoints2: {ba92cbe2-5235-11e6-82e4-dc0ea1ee4adb} - "F:\AutoRun.exe"
HKU\S-1-5-21-3293060449-512507974-3953459309-1001\...\MountPoints2: {cd42a4ea-367d-11e5-82a2-446d5785e023} - "F:\AutoRun.exe"
HKU\S-1-5-21-3293060449-512507974-3953459309-1001\...\MountPoints2: {f76ccf48-3856-11e4-8253-446d5785e023} - "F:\AutoRun.exe" 
IFEO\SppExtComObj.exe: [Debugger] C:\Windows\SECOH-QAD.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
C:\Program Files (x86)\Skype\Toolbars
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
U0 aswVmm; no ImagePath
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3293060449-512507974-3953459309-1001UA.job
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3293060449-512507974-3953459309-1001Core.job
C:\ProgramData\DP45977C.lfl
C:\Users\Hankeys\AppData\Local\Temp
C:\Users\USER~1.AVE\AppData\Local\Temp
End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
"HKU\S-1-5-21-3293060449-512507974-3953459309-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1a665e5d-1f3f-11e6-82da-dc0ea1ee4adb}" => key removed successfully
HKCR\CLSID\{1a665e5d-1f3f-11e6-82da-dc0ea1ee4adb} => key not found. 
"HKU\S-1-5-21-3293060449-512507974-3953459309-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{72a6b02b-eb3c-11e5-82cf-9c4e3617c5f8}" => key removed successfully
HKCR\CLSID\{72a6b02b-eb3c-11e5-82cf-9c4e3617c5f8} => key not found. 
"HKU\S-1-5-21-3293060449-512507974-3953459309-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{90e56abc-4b49-11e6-82e4-dc0ea1ee4adb}" => key removed successfully
HKCR\CLSID\{90e56abc-4b49-11e6-82e4-dc0ea1ee4adb} => key not found. 
"HKU\S-1-5-21-3293060449-512507974-3953459309-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b5b365e7-53e2-11e6-82e6-dc0ea1ee4adb}" => key removed successfully
HKCR\CLSID\{b5b365e7-53e2-11e6-82e6-dc0ea1ee4adb} => key not found. 
"HKU\S-1-5-21-3293060449-512507974-3953459309-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b5b36dae-53e2-11e6-82e6-dc0ea1ee4adb}" => key removed successfully
HKCR\CLSID\{b5b36dae-53e2-11e6-82e6-dc0ea1ee4adb} => key not found. 
"HKU\S-1-5-21-3293060449-512507974-3953459309-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b5b36df5-53e2-11e6-82e6-dc0ea1ee4adb}" => key removed successfully
HKCR\CLSID\{b5b36df5-53e2-11e6-82e6-dc0ea1ee4adb} => key not found. 
"HKU\S-1-5-21-3293060449-512507974-3953459309-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b9a06547-4de9-11e4-825b-446d5785e023}" => key removed successfully
HKCR\CLSID\{b9a06547-4de9-11e4-825b-446d5785e023} => key not found. 
"HKU\S-1-5-21-3293060449-512507974-3953459309-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ba92cbe2-5235-11e6-82e4-dc0ea1ee4adb}" => key removed successfully
HKCR\CLSID\{ba92cbe2-5235-11e6-82e4-dc0ea1ee4adb} => key not found. 
"HKU\S-1-5-21-3293060449-512507974-3953459309-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cd42a4ea-367d-11e5-82a2-446d5785e023}" => key removed successfully
HKCR\CLSID\{cd42a4ea-367d-11e5-82a2-446d5785e023} => key not found. 
"HKU\S-1-5-21-3293060449-512507974-3953459309-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f76ccf48-3856-11e4-8253-446d5785e023}" => key removed successfully
HKCR\CLSID\{f76ccf48-3856-11e4-8253-446d5785e023} => key not found. 
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\SppExtComObj.exe" => key removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => key removed successfully
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found. 
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
C:\Program Files (x86)\Skype\Toolbars => moved successfully
"HKCR\PROTOCOLS\Handler\skypec2c" => key removed successfully
"HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => key removed successfully
HKCR\Wow6432Node\PROTOCOLS\Handler\skypec2c => key not found. 
"HKCR\Wow6432Node\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => key removed successfully
c2cautoupdatesvc => Unable to stop service.
c2cautoupdatesvc => service removed successfully
c2cpnrsvc => Unable to stop service.
c2cpnrsvc => service removed successfully
aswVmm => service removed successfully
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3293060449-512507974-3953459309-1001UA.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3293060449-512507974-3953459309-1001Core.job => moved successfully
Could not move "C:\ProgramData\DP45977C.lfl" => Scheduled to move on reboot.

"C:\Users\Hankeys\AppData\Local\Temp" folder move:

Could not move "C:\Users\Hankeys\AppData\Local\Temp" => Scheduled to move on reboot.

C:\Users\USER~1.AVE\AppData\Local\Temp => moved successfully

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 04-10-2016 19:50:00)

C:\ProgramData\DP45977C.lfl => Is moved successfully
C:\Users\Hankeys\AppData\Local\Temp => moved successfully

==== End of Fixlog 19:50:02 ====

#8 Příspěvek od **Rudy** » 04 říj 2016 19:58

Smazáno. Nastala nějaká změna?

hankeys · #9 Příspěvek od **hankeys** » 04 říj 2016 20:03

jo, vyřešeno. Díky

#10 Příspěvek od **Rudy** » 04 říj 2016 20:21

Rádo se stalo!

VIRY.CZ

zpomalený NTB

zpomalený NTB

Re: zpomalený NTB

Re: zpomalený NTB

Re: zpomalený NTB

Re: zpomalený NTB

Re: zpomalený NTB

Re: zpomalený NTB

Re: zpomalený NTB

Re: zpomalený NTB

Re: zpomalený NTB