cse google custom search, avast hlásí Win64:malware-gen

Zpráva

#16 Příspěvek od **Márty84** » 13 lis 2016 20:26

Dejte novy log z FRST

kladelko · #17 Příspěvek od **kladelko** » 13 lis 2016 21:01

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-11-2016
Ran by Ondra (administrator) on ONDRA-PC (12-11-2016 20:57:42)
Running from C:\Users\Ondra\Desktop
Loaded Profiles: Ondra (Available Profiles: Ondra)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
(Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(VIA Technologies, Inc.) C:\Program Files\VIA XHCI UASP Utility\usb3Monitor.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Spotify Ltd) C:\Users\Ondra\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_ep64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [4689072 2013-12-26] (VIA)
HKLM\...\Run: [VIAxHCUtl] => C:\Program Files\VIA XHCI UASP Utility\usb3Monitor
HKLM\...\Run: [rundll32] => C:\Windows\system32\rundll32.exe "C:\Program Files\TextEnhance\TextEnhance.dll",_
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [8029064 2016-10-04] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [309184 2012-03-28] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2015-02-24] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9044392 2016-11-08] (AVAST Software)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58584 2016-09-28] (Raptr, Inc)
HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [71440 2016-03-25] (Plays.tv, LLC)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKU\S-1-5-21-3083710393-1039411083-1544633742-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8698584 2016-04-15] (Piriform Ltd)
HKU\S-1-5-21-3083710393-1039411083-1544633742-1001\...\Run: [Spotify Web Helper] => C:\Users\Ondra\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1523312 2016-09-05] (Spotify Ltd)
HKU\S-1-5-21-3083710393-1039411083-1544633742-1001\...\MountPoints2: {277f2be3-a584-11e4-824e-806e6f6e6963} - "E:\setup.exe"
HKU\S-1-5-21-3083710393-1039411083-1544633742-1001\...\MountPoints2: {632c186c-a735-11e4-825b-fcaa140e8b57} - "H:\setup.exe"
HKU\S-1-5-21-3083710393-1039411083-1544633742-1001\...\MountPoints2: {d8c8005b-5c77-11e6-829b-fcaa140e8b57} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3083710393-1039411083-1544633742-1001\...\MountPoints2: {d8c80081-5c77-11e6-829b-fcaa140e8b57} - "F:\HiSuiteDownLoader.exe"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-10-23] (AVAST Software)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-3083710393-1039411083-1544633742-1001] => www.fusker.lv:80
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{7F0FCF88-397D-41B8-B8DB-7ECB45A936C6}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKU\S-1-5-21-3083710393-1039411083-1544633742-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=12454
SearchScopes: HKU\S-1-5-21-3083710393-1039411083-1544633742-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3083710393-1039411083-1544633742-1001 -> {4425733E-5E13-4D82-9BF7-467E2308A3EA} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2016-10-24] (Oracle Corporation)
BHO: Spyware Terminator 2015 Internet Guard -> {82A76710-4F98-4957-92BE-99648A4E2475} -> C:\PROGRA~2\SPYWAR~1\STINTE~2.DLL => No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-11-03] (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-10-24] (Oracle Corporation)
BHO-x32: Spyware Terminator 2015 Internet Guard -> {82A76710-4F98-4957-92BE-99648A4E2475} -> C:\PROGRA~2\SPYWAR~1\STINTE~1.DLL => No File
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-11-03] (AVAST Software)
DPF: HKLM {AA570693-00E2-4907-B6F1-60A1199B030C} hxxps://juniper.net/dana-cached/sc/JuniperSetupClient64.cab
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} hxxps://sslvpn.cez.cz/dana-cached/sc/JuniperSetupClient.cab
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-03-28] (Citrix Systems, Inc.)

FireFox:
========
FF DefaultProfile: 2usg47ko.default
FF ProfilePath: C:\Users\Ondra\AppData\Roaming\Mozilla\Firefox\Profiles\2usg47ko.default [2016-11-12]
FF NewTab: Mozilla\Firefox\Profiles\2usg47ko.default -> about:newtab
FF Homepage: Mozilla\Firefox\Profiles\2usg47ko.default -> about:home
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-11-08]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-11-08]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll [2016-11-08] ()
FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-10-24] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-10-24] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-08] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1225195.dll [2016-09-20] (Adobe Systems, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-11-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-11-11] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\CCMSDK.dll [2012-03-28] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\cgpcfg.dll [2012-03-28] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\CgpCore.dll [2012-03-28] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\confmgr.dll [2012-03-28] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ctxlogging.dll [2012-03-28] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ctxmui.dll [2012-03-28] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\icafile.dll [2012-03-28] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\icalogon.dll [2012-03-28] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npicaN.dll [2012-03-28] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\sslsdk_b.dll [2012-03-19] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\TcpPServ.dll [2012-03-28] (Citrix Systems, Inc.)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\all-gemius.js [2016-04-24]

Chrome:
=======
CHR Profile: C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default [2016-11-12]
CHR Extension: (Prezentace Google) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-11-11]
CHR Extension: (Dokumenty Google) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-11-11]
CHR Extension: (Disk Google) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-11-11]
CHR Extension: (YouTube) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-11]
CHR Extension: (Avast SafePrice) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-11-11]
CHR Extension: (Tabulky Google) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-11-11]
CHR Extension: (Dokumenty Google offline) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-11-11]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-11-11]
CHR Extension: (Gmail) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-11-11]
CHR Extension: (Chrome Media Router) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-11-11]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-07-15] (Advanced Micro Devices, Inc.) [File not signed]
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-10-23] (AVAST Software)
S2 HuaweiHiSuiteService64.exe; C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe [191688 2016-05-25] () [File not signed]
S3 Origin Client Service; D:\Progsl\Origin\OriginClientService.exe [2104840 2016-02-04] (Electronic Arts)
R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [32528 2016-03-25] (Plays.tv, LLC)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2012-12-11] (VIA Technologies, Inc.)
S3 vmicvss; C:\Windows\System32\ICSvc.dll [524800 2014-10-29] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S2 ST2012_Svc; "C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe" [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-20] (Advanced Micro Devices)
R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [22240 2013-10-28] ()
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-10-23] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-10-23] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-10-23] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-10-23] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-10-23] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2016-11-03] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513632 2016-11-03] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-10-23] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-11-03] (AVAST Software)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [118848 2016-08-09] (Advanced Micro Devices)
R3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 ew_usbccgpfilter; C:\Windows\System32\drivers\ew_usbccgpfilter.sys [18816 2016-05-25] (Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2016-05-25] (Huawei Technologies Co., Ltd.)
S3 libusb0; C:\Windows\system32\DRIVERS\libusb0.sys [44480 2011-05-17] (hxxp://libusb-win32.sourceforge.net)
R1 NEOFLTR_817_41041; C:\Windows\system32\Drivers\NEOFLTR_817_41041.SYS [108344 2015-12-18] (Pulse Secure, LLC)
R2 sp_rsdrv2; C:\Windows\System32\DRIVERS\stflt.sys [51496 2011-08-24] (Windows (R) Win 7 DDK provider)
R3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
S1 UsbCharger; C:\Windows\System32\DRIVERS\UsbCharger.sys [22240 2013-10-24] ()
R3 VUSB3HUB; C:\Windows\System32\drivers\ViaHub3.sys [227840 2013-08-12] (VIA Technologies, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
R3 xhcdrv; C:\Windows\System32\drivers\xhcdrv.sys [295424 2013-08-12] (VIA Technologies, Inc.)
S3 cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x64.sys [X]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-11-12 20:57 - 2016-11-12 20:57 - 00021303 _____ C:\Users\Ondra\Desktop\FRST.txt
2016-11-12 18:32 - 2016-11-12 18:32 - 00522240 _____ (OldTimer Tools) C:\Users\Ondra\Downloads\OTM.exe
2016-11-12 18:32 - 2016-11-12 18:32 - 00522240 _____ (OldTimer Tools) C:\Users\Ondra\Desktop\OTM.exe
2016-11-12 18:32 - 2016-11-12 18:32 - 00000000 ____D C:\_OTM
2016-11-12 18:08 - 2016-10-28 22:04 - 00828408 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-11-12 18:08 - 2016-10-28 22:04 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-11-11 14:12 - 2016-10-27 19:53 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-11-11 14:12 - 2016-10-27 19:51 - 02896384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-11-11 14:12 - 2016-10-27 19:37 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-11-11 14:12 - 2016-10-27 19:28 - 25763328 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-11-11 14:12 - 2016-10-27 19:19 - 06047744 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-11-11 14:12 - 2016-10-27 18:57 - 01033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-11-11 14:12 - 2016-10-27 18:47 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-11-11 14:12 - 2016-10-27 18:46 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-11-11 14:12 - 2016-10-27 18:46 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-11-11 14:12 - 2016-10-27 18:44 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-11-11 14:12 - 2016-10-27 18:17 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-11-11 14:12 - 2016-10-27 18:16 - 02920448 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-11-11 14:12 - 2016-10-27 18:03 - 01543680 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-11-11 14:12 - 2016-10-27 17:54 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-11-11 14:12 - 2016-10-27 16:05 - 20304896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-11-11 14:12 - 2016-10-25 15:11 - 04169216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-11-11 14:12 - 2016-10-22 18:35 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-11-11 14:12 - 2016-10-22 18:27 - 02287616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-11-11 14:12 - 2016-10-22 18:21 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-11-11 14:12 - 2016-10-22 17:51 - 00880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-11-11 14:12 - 2016-10-22 17:45 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-11-11 14:12 - 2016-10-22 17:45 - 00330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-11-11 14:12 - 2016-10-22 17:44 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-11-11 14:12 - 2016-10-22 17:43 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-11-11 14:12 - 2016-10-22 17:30 - 13654016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-11-11 14:12 - 2016-10-22 17:12 - 02444800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-11-11 14:12 - 2016-10-22 17:09 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-11-11 14:12 - 2016-10-22 17:09 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-11-11 14:12 - 2016-10-09 23:59 - 00551256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2016-11-11 14:12 - 2016-10-09 00:12 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-11-11 14:12 - 2016-10-08 23:53 - 03754496 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2016-11-11 14:12 - 2016-10-08 23:21 - 01445376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-11-11 14:12 - 2016-10-08 23:02 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-11-11 14:12 - 2016-10-08 22:49 - 02410496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2016-11-11 14:12 - 2016-10-08 02:34 - 01660040 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-11-11 14:12 - 2016-10-08 02:34 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-11-11 14:12 - 2016-10-01 01:22 - 07444312 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-11-11 14:12 - 2016-09-14 02:53 - 01663184 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-11-11 14:12 - 2016-09-09 23:52 - 00921944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refs.sys
2016-11-11 14:12 - 2016-09-09 14:38 - 00446124 _____ C:\Windows\system32\ApnDatabase.xml
2016-11-11 14:12 - 2016-09-08 15:00 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-11-11 14:12 - 2016-09-07 23:07 - 01988096 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-11-11 14:12 - 2016-09-07 22:59 - 01754112 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2016-11-11 14:12 - 2016-09-07 22:59 - 01377792 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-11-11 14:12 - 2016-09-07 22:57 - 01560064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2016-11-11 14:12 - 2016-09-07 22:56 - 01491456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2016-11-11 14:12 - 2016-09-01 15:33 - 00342528 _____ (Microsoft Corporation) C:\Windows\system32\SessEnv.dll
2016-11-11 14:12 - 2016-09-01 15:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SessEnv.dll
2016-11-11 14:12 - 2016-08-30 03:03 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdtcprx.dll
2016-11-11 14:12 - 2016-08-25 21:50 - 00747008 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2016-11-11 14:12 - 2016-08-22 14:34 - 01628672 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2016-11-11 14:12 - 2016-08-12 22:47 - 15431168 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-11-11 14:12 - 2016-08-12 21:52 - 13317120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-11-11 14:12 - 2016-08-12 02:58 - 02315496 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2016-11-11 14:12 - 2016-08-12 02:58 - 01946176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2016-11-11 14:12 - 2016-08-03 16:42 - 01317888 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
2016-11-11 14:12 - 2016-08-03 16:36 - 01102848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2016-11-11 14:12 - 2016-07-30 18:12 - 02896384 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2016-11-11 14:12 - 2016-07-30 17:36 - 02537472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2016-11-11 14:11 - 2016-11-02 21:48 - 00372568 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-11-11 14:11 - 2016-11-02 21:48 - 00315224 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-11-11 14:11 - 2016-11-02 15:03 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-11-11 14:11 - 2016-11-02 15:00 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-11-11 14:11 - 2016-10-27 19:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-11-11 14:11 - 2016-10-27 19:07 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2016-11-11 14:11 - 2016-10-27 19:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-11-11 14:11 - 2016-10-27 18:49 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-11-11 14:11 - 2016-10-22 18:34 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-11-11 14:11 - 2016-10-22 17:58 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-11-11 14:11 - 2016-10-22 17:57 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2016-11-11 14:11 - 2016-10-22 17:56 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-11-11 14:11 - 2016-10-22 17:46 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-11-11 14:11 - 2016-10-13 20:06 - 01385280 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2016-11-11 14:11 - 2016-10-13 20:06 - 01124376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2016-11-11 14:11 - 2016-10-12 09:01 - 00377176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2016-11-11 14:11 - 2016-10-11 21:21 - 00497448 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2016-11-11 14:11 - 2016-10-11 21:21 - 00399776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2016-11-11 14:11 - 2016-10-11 19:34 - 00247296 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2016-11-11 14:11 - 2016-10-11 18:47 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2016-11-11 14:11 - 2016-10-11 17:55 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
2016-11-11 14:11 - 2016-10-10 22:17 - 00444248 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-11-11 14:11 - 2016-10-10 22:17 - 00333656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-11-11 14:11 - 2016-10-08 23:18 - 00840704 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2016-11-11 14:11 - 2016-10-08 23:07 - 00332288 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2016-11-11 14:11 - 2016-10-08 22:21 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2016-11-11 14:11 - 2016-10-04 21:39 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2016-11-11 14:11 - 2016-10-04 21:23 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-11-11 14:11 - 2016-10-04 21:08 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2016-11-11 14:11 - 2016-10-04 21:08 - 00077824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-11-11 14:11 - 2016-09-17 19:16 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll
2016-11-11 14:11 - 2016-09-17 18:21 - 00089600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adsmsext.dll
2016-11-11 14:11 - 2016-09-14 02:53 - 01523208 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-11-11 14:11 - 2016-09-14 02:53 - 01490112 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-11-11 14:11 - 2016-09-14 02:53 - 01358952 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2016-11-11 14:11 - 2016-09-12 23:03 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\offreg.dll
2016-11-11 14:11 - 2016-09-12 22:01 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offreg.dll
2016-11-11 14:11 - 2016-09-09 23:14 - 00275800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2016-11-11 14:11 - 2016-09-09 15:15 - 00269824 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll
2016-11-11 14:11 - 2016-09-09 15:09 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DafPrintProvider.dll
2016-11-11 14:11 - 2016-09-09 15:04 - 00864256 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-11-11 14:11 - 2016-09-09 15:03 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\iscsiwmi.dll
2016-11-11 14:11 - 2016-09-09 15:02 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iscsiwmi.dll
2016-11-11 14:11 - 2016-09-08 21:41 - 00121176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tm.sys
2016-11-11 14:11 - 2016-09-08 15:00 - 00138240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2016-11-11 14:11 - 2016-09-03 19:20 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\iscsidsc.dll
2016-11-11 14:11 - 2016-09-03 19:06 - 00151040 _____ (Microsoft Corporation) C:\Windows\system32\iscsiexe.dll
2016-11-11 14:11 - 2016-09-03 18:21 - 00055296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iscsidsc.dll
2016-11-11 14:11 - 2016-09-03 17:12 - 00512512 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2016-11-11 14:11 - 2016-09-03 17:05 - 01094656 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2016-11-11 14:11 - 2016-09-03 16:58 - 00397824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2016-11-11 14:11 - 2016-09-02 15:05 - 00306176 _____ (Microsoft Corporation) C:\Windows\system32\pdh.dll
2016-11-11 14:11 - 2016-09-02 15:05 - 00262144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pdh.dll
2016-11-11 14:11 - 2016-09-01 15:33 - 00377856 _____ (Microsoft Corporation) C:\Windows\system32\vmrdvcore.dll
2016-11-11 14:11 - 2016-08-30 15:11 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\dab.dll
2016-11-11 14:11 - 2016-08-30 03:45 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\xolehlp.dll
2016-11-11 14:11 - 2016-08-30 03:18 - 00871936 _____ (Microsoft Corporation) C:\Windows\system32\msdtcprx.dll
2016-11-11 14:11 - 2016-08-30 03:18 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xolehlp.dll
2016-11-11 14:11 - 2016-08-25 20:40 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2016-11-11 14:11 - 2016-08-13 01:05 - 09323008 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-11-11 14:11 - 2016-08-13 01:03 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifibus.sys
2016-11-11 14:11 - 2016-08-13 01:02 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwififlt.sys
2016-11-11 14:11 - 2016-08-13 01:01 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifimp.sys
2016-11-11 14:11 - 2016-08-12 23:35 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\rastapi.dll
2016-11-11 14:11 - 2016-08-12 23:19 - 09323008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-11-11 14:11 - 2016-08-12 22:17 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastapi.dll
2016-11-11 14:11 - 2016-08-11 19:33 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\parport.sys
2016-11-11 14:11 - 2016-08-11 19:33 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\serial.sys
2016-11-11 14:11 - 2016-08-11 19:33 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\serenum.sys
2016-11-11 14:11 - 2016-08-11 18:17 - 01574912 _____ (Microsoft Corporation) C:\Windows\system32\wbengine.exe
2016-11-11 14:11 - 2016-08-11 06:46 - 00420184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2016-11-11 14:11 - 2016-08-03 16:36 - 00289792 _____ (Microsoft Corporation) C:\Windows\system32\PlayToDevice.dll
2016-11-11 14:11 - 2016-08-03 16:33 - 00215552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToDevice.dll
2016-11-11 14:11 - 2016-07-26 14:40 - 00162850 _____ C:\Windows\SysWOW64\C_932.NLS
2016-11-11 14:11 - 2016-07-26 14:40 - 00162850 _____ C:\Windows\system32\C_932.NLS
2016-11-11 14:11 - 2016-07-23 19:18 - 01220096 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2016-11-11 14:11 - 2016-07-23 19:12 - 00954880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2016-11-11 14:07 - 2016-08-27 20:44 - 22360288 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-11-11 14:07 - 2016-08-27 20:44 - 02755504 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-11-11 14:07 - 2016-08-27 20:44 - 00133256 _____ (Microsoft Corporation) C:\Windows\system32\RestoreOptIn.exe
2016-11-11 14:07 - 2016-08-27 19:26 - 19789232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-11-11 14:07 - 2016-08-27 19:26 - 02411048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-11-11 14:07 - 2016-08-27 19:26 - 00113656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RestoreOptIn.exe
2016-11-11 14:07 - 2016-08-27 17:33 - 02881536 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2016-11-11 14:07 - 2016-08-27 17:11 - 01049600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2016-11-11 14:07 - 2016-08-27 17:09 - 14466560 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2016-11-11 14:07 - 2016-08-27 16:55 - 12879360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2016-11-11 14:07 - 2016-08-20 23:24 - 02778624 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-11-11 14:07 - 2016-08-20 23:12 - 02463744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-11-11 13:53 - 2016-11-12 20:57 - 00000000 ____D C:\FRST
2016-11-11 13:51 - 2016-11-11 13:51 - 02411520 _____ (Farbar) C:\Users\Ondra\Desktop\FRST64.exe
2016-11-11 13:51 - 2016-11-11 13:51 - 00112640 _____ (forum.viry.cz) C:\Users\Ondra\Downloads\Nepotvrzeno 738277.crdownload
2016-11-11 13:50 - 2016-11-11 13:51 - 02411520 _____ (Farbar) C:\Users\Ondra\Downloads\FRST64.exe
2016-11-11 13:49 - 2016-11-12 20:54 - 00000968 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-11-11 13:49 - 2016-11-12 18:34 - 00000964 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-11-11 13:49 - 2016-11-11 13:49 - 00003940 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-11-11 13:49 - 2016-11-11 13:49 - 00003704 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-11-11 13:49 - 2016-11-11 13:49 - 00002297 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-11-11 13:49 - 2016-11-11 13:49 - 00002285 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-11-11 10:40 - 2016-11-11 10:43 - 00002334 _____ C:\Windows\wininit.ini
2016-11-11 00:33 - 2016-11-11 00:33 - 01115112 _____ (Crawler Group ) C:\Users\Ondra\Downloads\SpywareTerminatorSetup.exe
2016-11-11 00:25 - 2016-11-11 00:25 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Ondra\Downloads\spybot-2.4 (1).exe
2016-11-10 18:06 - 2016-11-10 17:48 - 00024064 _____ C:\Windows\zoek-delete.exe
2016-11-10 17:48 - 2016-11-10 18:04 - 00000000 ____D C:\zoek_backup
2016-11-10 17:48 - 2016-11-10 17:48 - 01309184 _____ C:\Users\Ondra\Downloads\zoek.exe
2016-11-10 17:48 - 2016-11-10 17:48 - 01309184 _____ C:\Users\Ondra\Desktop\zoek.exe
2016-11-10 17:45 - 2016-11-10 17:44 - 01631928 _____ (Malwarebytes) C:\Users\Ondra\Desktop\JRT.exe
2016-11-10 17:44 - 2016-11-10 17:44 - 01631928 _____ (Malwarebytes) C:\Users\Ondra\Downloads\JRT.exe
2016-11-09 23:29 - 2016-11-09 23:29 - 00001147 _____ C:\Users\Ondra\Desktop\mbam1.txt
2016-11-09 16:35 - 2016-11-09 21:40 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-11-09 16:34 - 2016-11-09 16:34 - 00001124 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-11-09 16:34 - 2016-11-09 16:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-11-09 16:34 - 2016-11-09 16:34 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-11-09 16:34 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-11-09 16:34 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-11-09 16:34 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-11-09 16:33 - 2016-11-09 16:40 - 00888832 _____ (Malwarebytes ) C:\Users\Ondra\Downloads\Nepotvrzeno 81265.crdownload
2016-11-09 16:24 - 2016-11-09 16:24 - 03910208 _____ C:\Users\Ondra\Downloads\adwcleaner_6.030.exe
2016-11-09 16:24 - 2016-11-09 16:24 - 03910208 _____ C:\Users\Ondra\Desktop\adwcleaner_6.030.exe
2016-11-09 16:23 - 2016-11-09 16:25 - 03037292 _____ C:\Users\Ondra\Downloads\Nepotvrzeno 915671.crdownload
2016-11-08 23:46 - 2016-11-12 18:31 - 00000000 ____D C:\Users\Ondra\AppData\Local\CrashDumps
2016-11-08 23:18 - 2016-11-08 23:27 - 00000000 ____D C:\Program Files\trend micro
2016-11-08 23:18 - 2016-11-08 23:23 - 00000000 ____D C:\rsit
2016-11-08 23:17 - 2016-11-08 23:17 - 01323520 _____ C:\Users\Ondra\Downloads\RSITx64.exe
2016-11-08 23:16 - 2016-11-08 23:38 - 00028272 _____ C:\Windows\system32\Drivers\TrueSight.sys
2016-11-08 23:16 - 2016-11-08 23:16 - 00000876 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2016-11-08 23:16 - 2016-11-08 23:16 - 00000000 ____D C:\ProgramData\RogueKiller
2016-11-08 23:16 - 2016-11-08 23:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2016-11-08 23:16 - 2016-11-08 23:16 - 00000000 ____D C:\Program Files\RogueKiller
2016-11-08 23:15 - 2016-11-08 23:16 - 34114800 _____ (Adlice Software ) C:\Users\Ondra\Downloads\setup.exe
2016-11-08 19:13 - 2016-10-23 20:30 - 00391496 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-11-07 23:17 - 2016-11-07 23:17 - 00000000 _____ C:\Recovery.txt
2016-11-07 18:49 - 2016-11-11 00:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyware Terminator 2015
2016-11-07 18:49 - 2016-11-07 23:37 - 00000000 ____D C:\Users\Ondra\AppData\LocalLow\Spyware Terminator
2016-11-07 17:05 - 2016-11-07 17:05 - 00000000 _____ C:\autoexec.bat
2016-11-06 23:09 - 2016-11-08 00:05 - 00000000 ____D C:\Program Files\BDServices
2016-11-04 22:44 - 2016-11-04 22:44 - 03910208 _____ C:\Users\Ondra\Downloads\AdwCleaner.exe
2016-11-04 22:38 - 2016-11-04 22:38 - 00000000 _____ C:\Users\Ondra\Downloads\iExplore_exe.gi5f6k4.partial
2016-11-04 02:16 - 2016-11-04 02:16 - 09981352 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2016-11-04 02:16 - 2016-11-04 02:16 - 09926536 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdvlk64.dll
2016-11-04 02:16 - 2016-11-04 02:16 - 09111520 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2016-11-04 02:16 - 2016-11-04 02:16 - 08847888 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2016-11-04 02:16 - 2016-11-04 02:16 - 08065928 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdvlk32.dll
2016-11-04 02:16 - 2016-11-04 02:16 - 07213248 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2016-11-04 02:16 - 2016-11-04 02:16 - 02481032 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amfrt64.dll
2016-11-04 02:16 - 2016-11-04 02:16 - 02163592 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amfrt32.dll
2016-11-04 02:16 - 2016-11-04 02:16 - 00462080 _____ C:\Windows\system32\amdmiracast.dll
2016-11-04 02:16 - 2016-11-04 02:16 - 00281992 _____ C:\Windows\system32\dgtrayicon.exe
2016-11-04 02:16 - 2016-11-04 02:16 - 00275336 _____ C:\Windows\system32\GameManager64.dll
2016-11-04 02:16 - 2016-11-04 02:16 - 00240008 _____ C:\Windows\SysWOW64\GameManager32.dll
2016-11-04 02:16 - 2016-11-04 02:16 - 00155016 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amduve64.dll
2016-11-04 02:16 - 2016-11-04 02:16 - 00151056 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2016-11-04 02:16 - 2016-11-04 02:16 - 00145400 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2016-11-04 02:16 - 2016-11-04 02:16 - 00141280 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdhcp64.dll
2016-11-04 02:16 - 2016-11-04 02:16 - 00139720 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2016-11-04 02:16 - 2016-11-04 02:16 - 00136584 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2016-11-04 02:16 - 2016-11-04 02:16 - 00134536 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amduve32.dll
2016-11-04 02:16 - 2016-11-04 02:16 - 00125288 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdhcp32.dll
2016-11-04 02:16 - 2016-11-04 02:16 - 00123776 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2016-11-04 02:16 - 2016-11-04 02:16 - 00117640 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2016-11-04 02:16 - 2016-11-04 02:16 - 00109856 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2016-11-04 02:16 - 2016-11-04 02:16 - 00109856 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2016-11-04 02:16 - 2016-11-04 02:16 - 00092328 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2016-11-04 02:16 - 2016-11-04 02:16 - 00092328 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2016-11-04 02:16 - 2016-11-04 02:16 - 00059784 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2016-11-04 02:16 - 2016-11-04 02:16 - 00020360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\detoured.dll
2016-11-04 02:16 - 2016-11-04 02:16 - 00020360 _____ (Microsoft Corporation) C:\Windows\system32\detoured.dll
2016-11-04 02:15 - 2016-11-04 02:15 - 48824712 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll
2016-11-04 02:15 - 2016-11-04 02:15 - 15728008 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2016-11-04 02:15 - 2016-11-04 02:15 - 14318984 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2016-11-04 02:15 - 2016-11-04 02:15 - 09311624 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle64.dll
2016-11-04 02:15 - 2016-11-04 02:15 - 07363976 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll
2016-11-04 02:15 - 2016-11-04 02:15 - 01333128 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2016-11-04 02:15 - 2016-11-04 02:15 - 01279400 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2016-11-04 02:15 - 2016-11-04 02:15 - 00998280 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxx.dll
2016-11-04 02:15 - 2016-11-04 02:15 - 00842120 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdlvr64.dll
2016-11-04 02:15 - 2016-11-04 02:15 - 00677256 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdlvr32.dll
2016-11-04 02:15 - 2016-11-04 02:15 - 00525704 _____ (AMD) C:\Windows\system32\atieclxx.exe
2016-11-04 02:15 - 2016-11-04 02:15 - 00520072 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2016-11-04 02:15 - 2016-11-04 02:15 - 00458632 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2016-11-04 02:15 - 2016-11-04 02:15 - 00402312 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2016-11-04 02:15 - 2016-11-04 02:15 - 00349064 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIODE.exe
2016-11-04 02:15 - 2016-11-04 02:15 - 00305544 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdacpksd.sys
2016-11-04 02:15 - 2016-11-04 02:15 - 00289160 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2016-11-04 02:15 - 2016-11-04 02:15 - 00286600 _____ (AMD) C:\Windows\system32\atitmm64.dll
2016-11-04 02:15 - 2016-11-04 02:15 - 00269192 _____ C:\Windows\system32\clinfo.exe
2016-11-04 02:15 - 2016-11-04 02:15 - 00267656 _____ C:\Windows\system32\hsa-thunk64.dll
2016-11-04 02:15 - 2016-11-04 02:15 - 00248200 _____ C:\Windows\system32\amdgfxinfo64.dll
2016-11-04 02:15 - 2016-11-04 02:15 - 00233352 _____ C:\Windows\SysWOW64\hsa-thunk.dll
2016-11-04 02:15 - 2016-11-04 02:15 - 00230280 _____ C:\Windows\system32\atieah64.exe
2016-11-04 02:15 - 2016-11-04 02:15 - 00221064 _____ C:\Windows\SysWOW64\amdgfxinfo32.dll
2016-11-04 02:15 - 2016-11-04 02:15 - 00208264 _____ C:\Windows\SysWOW64\atieah32.exe
2016-11-04 02:15 - 2016-11-04 02:15 - 00201608 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2016-11-04 02:15 - 2016-11-04 02:15 - 00160136 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2016-11-04 02:15 - 2016-11-04 02:15 - 00135048 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2016-11-04 02:15 - 2016-11-04 02:15 - 00129416 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2016-11-04 02:15 - 2016-11-04 02:15 - 00122760 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2016-11-04 02:15 - 2016-11-04 02:15 - 00112520 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2016-11-04 02:15 - 2016-11-04 02:15 - 00110472 _____ (AMD) C:\Windows\system32\atimuixx.dll
2016-11-04 02:15 - 2016-11-04 02:15 - 00108936 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2016-11-04 02:15 - 2016-11-04 02:15 - 00107400 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2016-11-04 02:15 - 2016-11-04 02:15 - 00107400 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2016-11-04 02:15 - 2016-11-04 02:15 - 00103304 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2016-11-04 02:15 - 2016-11-04 02:15 - 00082824 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmcl64.dll
2016-11-04 02:15 - 2016-11-04 02:15 - 00078728 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2016-11-04 02:15 - 2016-11-04 02:15 - 00072072 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2016-11-04 02:15 - 2016-11-04 02:15 - 00068488 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2016-11-04 02:15 - 2016-11-04 02:15 - 00067464 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIODCLI.exe
2016-11-04 02:15 - 2016-11-04 02:15 - 00066952 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl6.dll
2016-11-04 02:15 - 2016-11-04 02:15 - 00066440 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmcl32.dll
2016-11-04 02:15 - 2016-11-04 02:15 - 00065416 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2016-11-04 02:15 - 2016-11-04 02:15 - 00054664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl.dll
2016-11-04 02:14 - 2016-11-04 02:14 - 33241992 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2016-11-04 02:14 - 2016-11-04 02:14 - 27489672 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl12cl64.dll
2016-11-04 02:14 - 2016-11-04 02:14 - 27292040 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2016-11-04 02:14 - 2016-11-04 02:14 - 00200584 _____ C:\Windows\system32\amdhdl64.dll
2016-11-04 02:14 - 2016-11-04 02:14 - 00180616 _____ C:\Windows\SysWOW64\amdhdl32.dll
2016-11-04 02:13 - 2016-11-04 02:13 - 26558976 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2016-11-04 01:47 - 2016-11-04 01:47 - 03437632 _____ C:\Windows\system32\atiumd6a.cap
2016-11-04 01:43 - 2016-11-04 01:43 - 03471376 _____ C:\Windows\SysWOW64\atiumdva.cap
2016-11-04 01:23 - 2016-11-04 01:23 - 00759128 _____ C:\Windows\SysWOW64\atiapfxx.blb
2016-11-04 01:23 - 2016-11-04 01:23 - 00759128 _____ C:\Windows\system32\atiapfxx.blb
2016-11-03 07:05 - 2016-11-08 19:20 - 00003890 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1478153121
2016-11-03 07:05 - 2016-11-03 07:05 - 00000000 ____D C:\Users\Ondra\AppData\Roaming\AVAST Software
2016-10-31 23:22 - 2016-10-31 23:22 - 00000000 ____D C:\Users\Ondra\AppData\LocalLow\F-Secure
2016-10-31 23:15 - 2016-11-03 07:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\F-Secure
2016-10-31 23:15 - 2016-10-31 23:15 - 00000000 ____D C:\Program Files (x86)\F-Secure
2016-10-28 01:11 - 2016-10-28 01:11 - 00001874 _____ C:\Users\Ondra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\avast! antivirus.lnk
2016-10-26 22:21 - 2016-11-03 07:51 - 00000000 ____D C:\ProgramData\F-Secure
2016-10-26 22:21 - 2016-10-31 23:35 - 00000000 ____D C:\Users\Ondra\AppData\Local\F-Secure
2016-10-26 22:21 - 2016-10-26 22:21 - 00863712 _____ (F-Secure Corporation) C:\Users\Ondra\Downloads\F-Secure-Safe-Network-Installer.exe
2016-10-23 20:30 - 2016-10-23 20:30 - 00053208 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-10-23 20:26 - 2016-11-08 19:20 - 00001065 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone 1 Browser.lnk
2016-10-23 20:26 - 2016-10-25 15:57 - 00003890 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1477250763
2016-10-23 00:41 - 2016-11-11 00:29 - 00000000 ____D C:\AdwCleaner
2016-10-22 23:57 - 2016-10-23 20:08 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-10-22 23:57 - 2016-10-22 23:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Secure Connection
2016-10-22 23:57 - 2016-10-22 23:57 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2016-10-21 19:22 - 2016-10-21 19:22 - 00177280 _____ C:\Windows\system32\ativce03.dat
2016-10-21 19:22 - 2016-10-21 19:22 - 00175584 _____ C:\Windows\system32\amde31a.dat
2016-10-21 18:00 - 2016-10-21 18:00 - 00166560 _____ C:\Windows\system32\amde34b.dat
2016-10-21 18:00 - 2016-10-21 18:00 - 00166560 _____ C:\Windows\system32\amde34a.dat
2016-10-21 15:11 - 2016-10-21 15:31 - 1970917509 _____ C:\Users\Ondra\Downloads\Teorie.tygra.2016.1080p.WEBRip.XviD.AC3.CZ.mkv
2016-10-20 23:11 - 2016-10-21 02:40 - 1939696254 _____ C:\Users\Ondra\Downloads\Ganster-Ka------cz-2015.avi
2016-10-20 22:34 - 2016-10-20 23:08 - 917744569 _____ C:\Users\Ondra\Downloads\firo896.mkv
2016-10-20 22:30 - 2016-10-20 22:47 - 1430293464 _____ C:\Users\Ondra\Downloads\Ganster-ka-Afričan-cz-dabing.avi
2016-10-20 19:49 - 2016-10-20 19:49 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-10-20 19:47 - 2016-10-20 20:01 - 1131028014 _____ C:\Users\Ondra\Downloads\Okresní-přebor-_-Poslední-zápas-Pepika-Hnátka-2012CZ.avi
2016-10-20 17:10 - 2016-10-20 17:10 - 00100832 _____ C:\Windows\system32\ativce02.dat
2016-10-20 16:48 - 2016-10-20 17:06 - 1439502082 _____ C:\Users\Ondra\Downloads\Spotlight---Sledovačka-2015,-CZ-tit.avi
2016-10-20 16:45 - 2016-10-20 16:54 - 786749320 _____ C:\Users\Ondra\Downloads\Danska_divka_-The_Danish_Girl-(2015)CZ.avi
2016-10-18 22:44 - 2016-10-18 22:44 - 00045568 _____ C:\Users\Ondra\Downloads\rozvrh_v_hale_a_tělocv_2016-17_stav_11.10.2016.xls
2016-10-16 09:33 - 2016-10-16 09:33 - 00000000 ____D C:\Program Files\Adware-Removal-Tool
2016-10-14 20:36 - 2016-10-14 20:36 - 00118320 _____ C:\Windows\system32\kapp_ci.sbin

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-11-12 20:41 - 2015-01-26 19:43 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-11-12 19:59 - 2016-04-25 19:20 - 00000958 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-11-12 18:57 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\rescache
2016-11-12 18:39 - 2014-03-18 16:33 - 01745984 _____ C:\Windows\system32\PerfStringBackup.INI
2016-11-12 18:39 - 2014-03-18 15:54 - 00738682 _____ C:\Windows\system32\perfh005.dat
2016-11-12 18:39 - 2014-03-18 15:54 - 00151404 _____ C:\Windows\system32\perfc005.dat
2016-11-12 18:39 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf
2016-11-12 18:35 - 2015-01-26 13:46 - 00000000 ____D C:\Users\Ondra\AppData\Roaming\Raptr
2016-11-12 18:34 - 2016-08-07 09:18 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2016-11-12 18:34 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-11-12 18:33 - 2016-09-18 09:20 - 00000000 ____D C:\Program Files\TextEnhance
2016-11-12 18:11 - 2015-01-26 19:25 - 00003970 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{817A01EA-6097-4DBA-843A-1B864A6F2B33}
2016-11-12 18:06 - 2015-01-26 12:45 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-11-12 18:06 - 2015-01-26 12:45 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-11-12 18:06 - 2013-08-22 15:44 - 00337768 _____ C:\Windows\system32\FNTCACHE.DAT
2016-11-12 00:12 - 2013-08-22 16:36 - 00000000 ___RD C:\Windows\ToastData
2016-11-11 20:10 - 2015-01-26 19:02 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3083710393-1039411083-1544633742-1001
2016-11-11 20:02 - 2016-05-29 19:34 - 00000000 ____D C:\Users\Ondra\AppData\Roaming\Seznam.cz
2016-11-11 20:01 - 2016-05-29 19:35 - 00000000 ____D C:\Program Files (x86)\Seznam.cz
2016-11-11 14:20 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp
2016-11-11 14:16 - 2015-01-26 13:06 - 141011376 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-11-11 14:16 - 2015-01-26 13:06 - 00000000 ____D C:\Windows\system32\MRT
2016-11-11 14:16 - 2015-01-26 12:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-11-11 13:49 - 2015-07-09 21:25 - 00000000 ____D C:\Users\Ondra\AppData\Local\Deployment
2016-11-11 13:49 - 2015-01-26 19:26 - 00000000 ____D C:\Users\Ondra\AppData\Local\Google
2016-11-11 13:49 - 2015-01-26 19:26 - 00000000 ____D C:\Program Files (x86)\Google
2016-11-11 10:44 - 2016-10-12 22:03 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-11-11 10:40 - 2016-10-12 22:03 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-11-11 00:17 - 2016-04-25 19:20 - 00003922 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-11-11 00:17 - 2015-01-26 19:43 - 00003802 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-11-11 00:17 - 2015-01-26 19:41 - 00000000 ____D C:\Users\Ondra\AppData\Local\Adobe
2016-11-11 00:17 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-11-11 00:17 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\Macromed
2016-11-10 18:07 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-11-10 18:04 - 2016-05-29 19:35 - 00000000 ____D C:\Users\Default\AppData\Local\Google
2016-11-10 18:04 - 2016-05-29 19:35 - 00000000 ____D C:\Users\Default User\AppData\Local\Google
2016-11-10 18:03 - 2013-08-22 16:36 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2016-11-08 23:37 - 2015-01-26 12:51 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-11-08 23:24 - 2015-01-26 18:56 - 00000000 ____D C:\Users\Ondra
2016-11-08 23:24 - 2015-01-26 13:41 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2016-11-08 19:20 - 2015-06-23 22:02 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-11-08 19:15 - 2015-05-08 21:58 - 00001944 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-11-08 19:14 - 2015-04-16 22:06 - 00003922 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-11-08 00:05 - 2016-10-06 20:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Settings
2016-11-08 00:05 - 2015-12-03 23:03 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2016-11-08 00:05 - 2015-01-27 21:38 - 00000000 ____D C:\Users\Ondra\AppData\Roaming\GHISLER
2016-11-08 00:05 - 2015-01-26 14:07 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-11-08 00:05 - 2015-01-26 14:07 - 00000000 ____D C:\Windows\system32\appraiser
2016-11-08 00:05 - 2013-08-22 16:36 - 00000000 __RSD C:\Windows\Media
2016-11-08 00:05 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\PolicyDefinitions
2016-11-08 00:04 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-11-08 00:02 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\registration
2016-11-08 00:02 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\system32\Sysprep
2016-11-06 22:37 - 2013-08-22 16:43 - 00000000 ____D C:\Windows\DigitalLocker
2016-11-04 02:16 - 2016-04-04 05:15 - 10977392 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2016-11-04 02:16 - 2014-11-21 03:09 - 00124776 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2016-11-04 02:16 - 2014-07-21 22:04 - 10959864 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
2016-11-04 02:16 - 2014-07-21 22:04 - 00170072 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
2016-11-04 02:15 - 2016-10-05 03:18 - 00892296 _____ (AMD) C:\Windows\system32\coinst_16.40.dll
2016-11-04 02:15 - 2014-11-21 03:09 - 00998280 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2016-11-04 02:15 - 2014-11-21 03:08 - 00175496 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2016-11-04 02:15 - 2014-07-21 22:04 - 01559048 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2016-11-04 02:14 - 2015-07-16 02:57 - 21640584 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl12cl.dll
2016-11-04 02:14 - 2014-11-21 03:32 - 38268808 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2016-11-04 00:34 - 2016-10-06 20:12 - 00000000 ____D C:\Users\Ondra\AppData\LocalLow\AMD
2016-11-04 00:31 - 2015-01-26 19:03 - 00000000 ____D C:\Program Files\AMD
2016-11-04 00:30 - 2015-01-26 19:03 - 00000000 ____D C:\AMD
2016-11-03 20:42 - 2015-11-09 23:42 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-11-03 07:59 - 2015-04-16 22:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-11-03 07:59 - 2015-04-16 22:03 - 00000000 ____D C:\Program Files\AVAST Software
2016-11-03 07:59 - 2015-01-27 22:45 - 00000000 ____D C:\ProgramData\AVAST Software
2016-11-03 07:59 - 2015-01-26 19:42 - 00000000 ____D C:\Program Files (x86)\Combined Community Codec Pack
2016-11-03 07:51 - 2015-01-26 13:36 - 00000000 ____D C:\Users\Ondra\AppData\Local\Mozilla
2016-11-03 07:05 - 2016-02-03 19:39 - 00001065 _____ C:\Users\Public\Desktop\Avast SafeZone Browser.lnk
2016-11-03 07:05 - 2015-04-16 22:05 - 00969184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2016-11-03 07:05 - 2015-04-16 22:05 - 00513632 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2016-11-03 07:05 - 2015-04-16 22:05 - 00293352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2016-11-03 07:04 - 2015-04-16 22:05 - 00513496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.147815310253110
2016-11-03 07:04 - 2015-04-16 22:05 - 00292704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys.147815310485912
2016-11-03 07:03 - 2015-04-16 22:05 - 00969560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.147815310062507
2016-10-24 21:23 - 2015-08-19 20:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-10-24 21:23 - 2015-08-19 20:06 - 00000000 ____D C:\Program Files\Java
2016-10-24 21:23 - 2015-01-26 19:38 - 00000000 ____D C:\ProgramData\Oracle
2016-10-24 21:22 - 2015-08-19 20:06 - 00110144 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2016-10-23 20:30 - 2016-02-03 19:37 - 00037144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2016-10-23 20:30 - 2015-04-16 22:05 - 00969560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.147725109082807
2016-10-23 20:30 - 2015-04-16 22:05 - 00513496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.147725109120310
2016-10-23 20:30 - 2015-04-16 22:05 - 00292704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys.147725109228112
2016-10-23 20:30 - 2015-04-16 22:05 - 00163416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-10-23 20:30 - 2015-04-16 22:05 - 00108816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-10-23 20:30 - 2015-04-16 22:05 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-10-23 20:30 - 2015-04-16 22:05 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-10-23 20:30 - 2015-04-16 22:05 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-10-23 20:21 - 2016-08-14 22:21 - 00000000 ____D C:\ProgramData\HandSetService
2016-10-23 20:20 - 2016-08-14 22:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HiSuite
2016-10-23 20:20 - 2016-08-14 22:21 - 00000000 ____D C:\Program Files (x86)\HiSuite
2016-10-23 20:20 - 2016-03-25 01:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-10-23 20:20 - 2016-03-25 01:03 - 00000000 ____D C:\Program Files\CCleaner
2016-10-23 20:20 - 2015-07-10 09:23 - 00000000 ____D C:\movies
2016-10-23 20:20 - 2015-01-27 22:55 - 00000000 ____D C:\Users\Ondra\AppData\Roaming\vlc
2016-10-23 20:20 - 2013-08-22 16:36 - 00000000 ___HD C:\Windows\ELAMBKUP
2016-10-23 20:17 - 2016-08-14 22:20 - 00000000 ____D C:\Users\Ondra\AppData\Local\Hisuite
2016-10-23 20:16 - 2015-12-03 23:03 - 00000000 ____D C:\Program Files\Common Files\AV
2016-10-22 23:57 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2016-10-22 09:31 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\ModemLogs
2016-10-20 15:48 - 2015-04-19 21:26 - 00000000 ____D C:\Windows\Minidump
2016-10-16 12:22 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\NDF
2016-10-14 16:20 - 2015-04-29 22:45 - 00000000 ____D C:\Users\Ondra\Downloads\a
2016-10-14 16:17 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppReadiness

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-11-10 18:18

==================== End of FRST.txt ============================

#18 Příspěvek od **Márty84** » 14 lis 2016 09:35

Proc mate v pc datum o jeden den pozadu?

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Ondra\Desktop" je 1712 MB.

Velikost plochy by nemela presahovat 200 - 300 MB! Brzdi to chod pc. Cili ji trosku uklidte a na plochu dejte jen zastupce. Jen pozor na obcasnou chybu, ze uzivatele maji na plose slozku, v ni dalsi a v ni dalsi a do te to schovaji. To je sice hezke, ale plochu to nezmensi, jen je to v jinem supliku

Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
HKLM\...\Run: [rundll32] => C:\Windows\system32\rundll32.exe "C:\Program Files\TextEnhance\TextEnhance.dll",_
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2015-02-24] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKU\S-1-5-21-3083710393-1039411083-1544633742-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8698584 2016-04-15] (Piriform Ltd)
HKU\S-1-5-21-3083710393-1039411083-1544633742-1001\...\Run: [Spotify Web Helper] => C:\Users\Ondra\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1523312 2016-09-05] (Spotify Ltd)

C:\Program Files\TextEnhance\TextEnhance.dll

BHO: Spyware Terminator 2015 Internet Guard -> {82A76710-4F98-4957-92BE-99648A4E2475} -> C:\PROGRA~2\SPYWAR~1\STINTE~2.DLL => No File
BHO-x32: Spyware Terminator 2015 Internet Guard -> {82A76710-4F98-4957-92BE-99648A4E2475} -> C:\PROGRA~2\SPYWAR~1\STINTE~1.DLL => No File

S2 ST2012_Svc; "C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe" [X]

2016-11-12 18:33 - 2016-09-18 09:20 - 00000000 ____D C:\Program Files\TextEnhance

Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_207_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Hosts:
EmptyTemp:
Reboot:
End

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.

kladelko · #19 Příspěvek od **kladelko** » 14 lis 2016 16:27

Opravil jsem datum v PC a odstranil nadbytečné soubory z plochy. Níže posílám log:

Fix result of Farbar Recovery Scan Tool (x64) Version: 12-11-2016
Ran by Ondra (14-11-2016 16:31:27) Run:2
Running from C:\Users\Ondra\Desktop
Loaded Profiles: Ondra (Available Profiles: Ondra)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
HKLM\...\Run: [rundll32] => C:\Windows\system32\rundll32.exe "C:\Program Files\TextEnhance\TextEnhance.dll",_
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2015-02-24] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKU\S-1-5-21-3083710393-1039411083-1544633742-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8698584 2016-04-15] (Piriform Ltd)
HKU\S-1-5-21-3083710393-1039411083-1544633742-1001\...\Run: [Spotify Web Helper] => C:\Users\Ondra\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1523312 2016-09-05] (Spotify Ltd)

C:\Program Files\TextEnhance\TextEnhance.dll

BHO: Spyware Terminator 2015 Internet Guard -> {82A76710-4F98-4957-92BE-99648A4E2475} -> C:\PROGRA~2\SPYWAR~1\STINTE~2.DLL => No File
BHO-x32: Spyware Terminator 2015 Internet Guard -> {82A76710-4F98-4957-92BE-99648A4E2475} -> C:\PROGRA~2\SPYWAR~1\STINTE~1.DLL => No File

S2 ST2012_Svc; "C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe" [X]

2016-11-12 18:33 - 2016-09-18 09:20 - 00000000 ____D C:\Program Files\TextEnhance

Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_207_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SpywareTerminatorShield => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SpywareTerminatorUpdater => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\rundll32 => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\KiesTrayAgent => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKU\S-1-5-21-3083710393-1039411083-1544633742-1001\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => value removed successfully
HKU\S-1-5-21-3083710393-1039411083-1544633742-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Spotify Web Helper => value removed successfully
"C:\Program Files\TextEnhance\TextEnhance.dll" => not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{82A76710-4F98-4957-92BE-99648A4E2475}" => key removed successfully
"HKCR\CLSID\{82A76710-4F98-4957-92BE-99648A4E2475}" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{82A76710-4F98-4957-92BE-99648A4E2475}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{82A76710-4F98-4957-92BE-99648A4E2475}" => key removed successfully
ST2012_Svc => service not found.
C:\Program Files\TextEnhance => moved successfully
C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => moved successfully
C:\Windows\Tasks\Adobe Flash Player Updater.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 35215457 B
Java, Flash, Steam htmlcache => 78143899 B
Windows/system/drivers => 0 B
Edge => 0 B
Chrome => 395361936 B
Firefox => 622592 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6956 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 11566 B
NetworkService => 0 B
Ondra => 8084554 B

RecycleBin => 0 B
EmptyTemp: => 501.5 MB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 16:31:54 ====

#20 Příspěvek od **Márty84** » 14 lis 2016 20:05

Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

vyosek píše: DelFix https://toolslib.net/downloads/finish/2/
Stahnete a spustte

Ponechte zatrzitkou pouze u volby Remove disinfection tools

Kliknete na Run

Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)

Defragmentujte disk(y) (SSD Disky ne!)
Stahnete program Defraggler https://www.piriform.com/defraggler/download/standard
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.

Pak napiste, jak to s pc vypada. Nastala nejaka zmena?

kladelko · #21 Příspěvek od **kladelko** » 14 lis 2016 23:13

Všechny potíže jsou vyřešeny, google custom search už není nežádoucí součástí využívaných prohlížečú (Chrome, IE) a Avast už nehlásí infekci v rundll32.exe. Chod PC se celkově zrychlil

Mockrát Vám děkuji!

#22 Příspěvek od **Márty84** » 15 lis 2016 19:35

To jsem rad

Nemate zac!

Mejte se a treba zase nekdy

VIRY.CZ

cse google custom search, avast hlásí Win64:malware-gen

Re: cse google custom search, avast hlásí Win64:malware-gen

Re: cse google custom search, avast hlásí Win64:malware-gen

Re: cse google custom search, avast hlásí Win64:malware-gen

Re: cse google custom search, avast hlásí Win64:malware-gen

Re: cse google custom search, avast hlásí Win64:malware-gen

Re: cse google custom search, avast hlásí Win64:malware-gen

Re: cse google custom search, avast hlásí Win64:malware-gen