vracejici se havet

Zpráva

laserd · #31 Příspěvek od **laserd** » 29 čer 2016 15:32

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-06-2016
Ran by Natálka (administrator) on NATALKA-PC (29-06-2016 16:24:45)
Running from C:\Users\Natálka\Desktop
Loaded Profiles: Natálka (Available Profiles: UpdatusUser & Natálka & Guest)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Microsoft Corp.) C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corp.) C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe
(IObit) C:\Program Files (x86)\IObit\Smart Defrag 4\SmartDefrag.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(© 2015 Microsoft Corporation) C:\Users\Natálka\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Spotify Ltd) C:\Users\Natálka\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(ASUS) C:\Windows\AsScrPro.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFTips.exe
(IObit) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Facebook Inc.) C:\Users\Natálka\AppData\Local\Facebook\Update\FacebookUpdate.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(forum.viry.cz) C:\Users\Natálka\Desktop\FRST-OlderVersion\FRSTLauncher.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1419008 2016-06-09] (Realtek Semiconductor)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [617120 2011-03-13] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379552 2011-03-13] (Atheros Commnucations)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16418560 2016-06-09] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-05-02] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-17] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1601536 2010-09-24] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6108752 2015-11-13] (AVAST Software)
HKLM-x32\...\Run: [ASUS Screen Saver Protector] => C:\Windows\AsScrPro.exe
HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [5889824 2015-07-28] (IObit)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [186640 2016-06-21] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2087264 2014-09-11] (Wondershare)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565448 2016-04-05] (LogMeIn Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-06-16] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1906600563-3070068863-906702074-1002\...\Run: [Advanced SystemCare 8] => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe [2429728 2015-04-08] (IObit)
HKU\S-1-5-21-1906600563-3070068863-906702074-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8461224 2015-09-16] (Piriform Ltd)
HKU\S-1-5-21-1906600563-3070068863-906702074-1002\...\Run: [GoogleChromeAutoLaunch_C9105BC79D5B215260CF3DEF3F985202] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [941720 2016-06-15] (Google Inc.)
HKU\S-1-5-21-1906600563-3070068863-906702074-1002\...\Run: [BingSvc] => C:\Users\Natálka\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-12-01] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-1906600563-3070068863-906702074-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [26424448 2016-06-15] (Skype Technologies S.A.)
HKU\S-1-5-21-1906600563-3070068863-906702074-1002\...\Run: [C] => cmd /c(@attrib -H -R -S C:\Windows\system32\GroupPolicy\Machine\Registry.pol >nul)&(@copy/b/y C:\Windows\system32\GroupPolicy\Machine\R C:\Windows\system32\GroupPolicy\Machine\Registry.pol >nul)&(@att (the data entry has 99 more characters).
HKU\S-1-5-21-1906600563-3070068863-906702074-1002\...\Run: [Spotify Web Helper] => C:\Users\Natálka\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1525360 2016-04-15] (Spotify Ltd)
HKU\S-1-5-21-1906600563-3070068863-906702074-1002\...\Run: [Spotify] => C:\Users\Natálka\AppData\Roaming\Spotify\Spotify.exe [6855280 2016-04-15] (Spotify Ltd)
HKU\S-1-5-21-1906600563-3070068863-906702074-1002\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files (x86)\DAEMON Tools Lite\DTAgent.exe [4299968 2016-06-22] (Disc Soft Ltd)
HKU\S-1-5-21-1906600563-3070068863-906702074-1002\...\MountPoints2: H - H:\PXRoute.exe
HKU\S-1-5-21-1906600563-3070068863-906702074-1002\...\MountPoints2: I - I:\PXRoute.exe
HKU\S-1-5-21-1906600563-3070068863-906702074-1002\...\MountPoints2: J - J:\PXRoute.exe
HKU\S-1-5-21-1906600563-3070068863-906702074-1002\...\MountPoints2: K - K:\PXRoute.exe
HKU\S-1-5-21-1906600563-3070068863-906702074-1002\...\MountPoints2: {1e6b85fd-e9cd-11e4-a34e-5404a6254a6b} - I:\PXRoute.exe
HKU\S-1-5-21-1906600563-3070068863-906702074-1002\...\MountPoints2: {1e6b8600-e9cd-11e4-a34e-5404a6254a6b} - J:\PXRoute.exe
HKU\S-1-5-21-1906600563-3070068863-906702074-1002\...\MountPoints2: {1e6b8603-e9cd-11e4-a34e-5404a6254a6b} - K:\PXRoute.exe
HKU\S-1-5-21-1906600563-3070068863-906702074-1002\...\MountPoints2: {670658ef-e5f9-11e4-8e6a-5404a6254a6b} - H:\PXRoute.exe
HKU\S-1-5-21-1906600563-3070068863-906702074-1002\...\MountPoints2: {6fca8da3-3305-11e1-bd51-5404a6254a6b} - F:\Install.exe
HKU\S-1-5-21-1906600563-3070068863-906702074-1002\...\MountPoints2: {919c87b9-3d4f-11e6-a659-5404a6254a6b} - G:\setup.exe
HKU\S-1-5-21-1906600563-3070068863-906702074-1002\...\MountPoints2: {978bf2c8-15a8-11e5-a3d6-5404a6254a6b} - L:\autorun.exe
HKU\S-1-5-21-1906600563-3070068863-906702074-1002\...\MountPoints2: {d8a6858b-1e40-11e5-81c2-5404a6254a6b} - M:\setup.exe
HKU\S-1-5-18\...\Run: [Advanced SystemCare 8] => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe [2429728 2015-04-08] (IObit)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-07-20] (AVAST Software)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{9DC98FF8-CDC9-4EE0-8173-0BF04B5A7D3C}: [NameServer] 192.168.1.254 192.168.0.1
Tcpip\..\Interfaces\{9DC98FF8-CDC9-4EE0-8173-0BF04B5A7D3C}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-1906600563-3070068863-906702074-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SK2M&ocid=SK2MDHP&osmkt=en-ww
HKU\S-1-5-21-1906600563-3070068863-906702074-1002\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.google.com/?trackid=sp-006
HKU\S-1-5-21-1906600563-3070068863-906702074-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxps://www.google.com/?trackid=sp-006
URLSearchHook: [S-1-5-21-1906600563-3070068863-906702074-1002] ATTENTION => Default URLSearchHook is missing
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7ASUT
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-1906600563-3070068863-906702074-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3C} URL = hxxp://smartsputnik.ru/?ri=1&uid=85edab7e3a5ffe166d4c3220e891b7d2&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1906600563-3070068863-906702074-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SK2MDF&PC=SK2M ... -SearchBox
SearchScopes: HKU\S-1-5-21-1906600563-3070068863-906702074-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3C} URL = hxxp://smartsputnik.ru/?ri=1&uid=85edab7e3a5ffe166d4c3220e891b7d2&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1906600563-3070068863-906702074-1002 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKU\S-1-5-21-1906600563-3070068863-906702074-1002 -> {54928D73-7F8C-4BBD-8EB9-9105ACBBFFFB} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1906600563-3070068863-906702074-1002 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-1906600563-3070068863-906702074-1002 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-07-20] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-06-27] (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-03-13] (Atheros Commnucations)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-20] (AVAST Software)
BHO-x32: Pomocná služba pro přihlášení ke službě Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-06-27] (Oracle Corporation)
DPF: HKLM-x32 {26CF0ECA-50B9-411D-BA37-86BD6AD53382} hxxps://www.starstable.com/plugin/PXStudioRuntimeAX.cab
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Natálka\AppData\Roaming\Mozilla\Firefox\Profiles\4ojy3lw5.default-1441434506023
FF DefaultSearchEngine: Google
FF SelectedSearchEngine: Google
FF Homepage: about:blank
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-15] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-15] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1223183.dll [No File]
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-06-26] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-06-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-06-27] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @nprotect.com/keycrypt -> C:\Windows\system32\npkfxmp.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2013-09-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1906600563-3070068863-906702074-1002: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Natálka\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-1906600563-3070068863-906702074-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Natálka\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-25] (Unity Technologies ApS)
FF Extension: Star Stable Online - C:\Users\Natálka\AppData\Roaming\Mozilla\Firefox\Profiles\4ojy3lw5.default-1441434506023\Extensions\plugin@starstable.com [2015-09-05] [not signed]
FF Extension: Skype - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-05-25]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-10]

Chrome:
=======
CHR Profile: C:\Users\Natálka\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Avast Online Security) - C:\Users\Natálka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-06-28]
CHR Extension: (Skype) - C:\Users\Natálka\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-06-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Natálka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-28]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-20]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-05-25]
StartMenuInternet: Google Chrome.NIEBI6IFSULBCZDUVM7KEBW3G4 - C:\Users\Natálka\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AbAdminService; C:\Program Files (x86)\ToolbarTerminator\AbAdminService.exe [30984 2014-10-21] (Ascora GmbH)
R2 AdvancedSystemCareService8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [821024 2015-08-05] (IObit)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-03-13] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [74912 2011-03-13] (Atheros Commnucations) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-07-20] (AVAST Software)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1080080 2016-06-21] (AVG Technologies CZ, s.r.o.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1467072 2016-06-22] (Disc Soft Ltd)
S3 Disc Soft Ultra Bus Service; C:\Program Files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe [1378576 2014-12-09] (Disc Soft Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368 2016-05-02] (NVIDIA Corporation)
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [882464 2015-07-17] (IObit)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2934048 2015-10-09] (IObit)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2016-04-05] (LogMeIn, Inc.)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-05-02] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-05-02] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-05-02] (NVIDIA Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S4 wlcrasvc; C:\Program Files (x86)\Windows Live\Mesh\wlcrasvc.exe [57184 2010-09-22] (Microsoft Corporation)
R2 wlidsvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2286976 2010-09-21] (Microsoft Corp.)
S2 TuneUp.UtilitiesSvc; no ImagePath

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-07-20] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-07-20] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-07-20] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-07-20] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1059656 2015-11-13] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449992 2015-11-13] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150160 2015-07-20] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-07-20] (AVAST Software)
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [310728 2016-03-05] ()
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-06-27] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-06-27] (Disc Soft Ltd)
R3 dtultrascsibus; C:\Windows\System32\DRIVERS\dtultrascsibus.sys [30352 2015-01-04] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2015-03-25] (IObit)
S3 HmseUsb; C:\Windows\System32\DRIVERS\HmseUsb.sys [40184 2010-07-23] (Renesas Technology Corp.)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-01-07] (REALiX(tm))
S3 InputFilter_Hid_FlexDef2b; C:\Windows\System32\DRIVERS\InputFilter_FlexDef2b.sys [17920 2010-06-19] (Siliten)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [42696 2011-12-30] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-05-02] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2015-03-25] (IObit.com)
R3 RTSUER; C:\Windows\System32\Drivers\RtsUer.sys [413912 2016-06-09] (Realsil Semiconductor Corporation)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2013-04-29] () [File not signed]
S3 TuneUpUtilitiesDrv; no ImagePath
R3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2015-03-25] (IObit.com)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-06-29 16:24 - 2016-06-29 16:25 - 00029562 _____ C:\Users\Natálka\Desktop\FRST.txt
2016-06-29 16:24 - 2016-06-29 16:24 - 00000000 ____D C:\Users\Natálka\Desktop\FRST-OlderVersion
2016-06-28 19:21 - 2016-06-28 19:21 - 00001514 _____ C:\Users\Natálka\Desktop\Hřebčín.lnk
2016-06-28 19:21 - 2016-06-28 19:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TopCD
2016-06-28 18:55 - 2016-06-28 18:58 - 182634496 _____ C:\Users\Natálka\Downloads\Hrebcin-u-Bileho-potoka (2).iso
2016-06-28 18:53 - 2016-06-28 18:53 - 00000000 ____D C:\Windows\IObit
2016-06-28 18:44 - 2016-06-28 18:44 - 00003416 ____N C:\bootsqm.dat
2016-06-28 18:41 - 2016-06-28 18:41 - 00000000 __SHD C:\found.002
2016-06-28 18:12 - 2016-06-28 18:19 - 00043089 _____ C:\Users\Natálka\Desktop\adwlog.txt
2016-06-28 13:38 - 2016-06-28 13:39 - 03703360 _____ C:\Users\Natálka\Desktop\adwcleaner_5.200.exe
2016-06-27 20:28 - 2016-06-27 20:28 - 00692072 _____ (Disc Soft Ltd.) C:\Users\Natálka\Downloads\DTLiteInstaller (2).exe
2016-06-27 20:25 - 2016-06-27 20:29 - 00047672 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtliteusbbus.sys
2016-06-27 20:25 - 2016-06-27 20:25 - 00692072 _____ (Disc Soft Ltd.) C:\Users\Natálka\Downloads\DTLiteInstaller (1).exe
2016-06-27 20:19 - 2016-06-27 20:20 - 04046848 _____ (Sproing Interactive Media GmbH) C:\Users\Natálka\Downloads\hrebcin-u-bileho-potoka (1)
2016-06-27 20:04 - 2016-06-27 20:17 - 182634496 _____ C:\Users\Natálka\Downloads\Hřebčín-u-Bílého-potoka.iso
2016-06-27 20:03 - 2016-06-27 20:03 - 00000000 ____D C:\Users\Public\Documents\Daemon Tools Images
2016-06-27 20:02 - 2016-06-27 20:25 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Lite
2016-06-27 20:02 - 2016-06-27 20:24 - 00030264 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtlitescsibus.sys
2016-06-27 20:02 - 2016-06-27 20:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2016-06-27 20:00 - 2016-06-27 20:00 - 00692072 _____ (Disc Soft Ltd.) C:\Users\Natálka\Downloads\DTLiteInstaller.exe
2016-06-27 19:36 - 2016-06-29 16:24 - 00000000 ____D C:\FRST
2016-06-27 19:30 - 2016-06-29 16:24 - 02389504 _____ (Farbar) C:\Users\Natálka\Desktop\FRST64.exe
2016-06-27 17:59 - 2016-06-27 17:59 - 00013640 _____ C:\Users\Natálka\Documents\cc_20160627_175909.reg
2016-06-14 18:35 - 2016-06-14 18:43 - 367869792 _____ C:\Users\Natálka\Downloads\Photoshop_12_LS1.zip.part
2016-06-14 16:47 - 2016-06-14 16:47 - 00374784 _____ C:\Users\Natálka\Downloads\Star Stable Hack Downloader.rar
2016-06-12 11:43 - 2016-06-12 12:53 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-06-11 16:46 - 2016-06-11 16:46 - 00001339 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2016-06-11 16:31 - 2016-06-11 16:31 - 00000000 ____D C:\Users\Natálka\AppData\Local\NVIDIA Corporation
2016-06-11 16:28 - 2016-06-11 16:54 - 00000000 ____D C:\Users\Natálka\AppData\Local\NVIDIA
2016-06-11 16:28 - 2016-06-11 16:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-06-11 16:28 - 2016-05-02 07:39 - 01377800 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2016-06-11 16:28 - 2016-05-02 07:39 - 01316184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2016-06-11 16:28 - 2016-05-02 07:38 - 01767944 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2016-06-11 16:28 - 2016-05-02 07:38 - 01756608 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2016-06-11 16:28 - 2016-05-02 07:38 - 00112032 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2016-06-11 16:25 - 2016-06-11 16:26 - 00000000 ____D C:\ProgramData\Package Cache
2016-06-11 16:22 - 2016-04-14 07:38 - 00113216 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2016-06-11 16:22 - 2016-04-14 07:38 - 00102976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2016-06-11 16:22 - 2016-04-14 07:38 - 00056384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2016-06-11 16:19 - 2016-06-11 16:20 - 45000176 _____ (NVIDIA Corporation) C:\Users\Natálka\Downloads\GeForce_Experience_v2.11.3.5(1).exe
2016-06-10 16:04 - 2016-06-10 16:04 - 00000000 ____D C:\Users\Natálka\AppData\Local\{5328FAD3-773C-4B4F-AA73-F65F1EABD972}
2016-06-10 13:49 - 2016-06-10 13:50 - 45000176 _____ (NVIDIA Corporation) C:\Users\Natálka\Downloads\GeForce_Experience_v2.11.3.5.exe
2016-06-09 18:11 - 2016-06-09 18:11 - 72203792 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2016-06-09 18:11 - 2016-06-09 18:11 - 14057256 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2016-06-09 18:11 - 2016-06-09 18:11 - 13120760 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO3064.dll
2016-06-09 18:11 - 2016-06-09 18:11 - 12986528 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO4064.dll
2016-06-09 18:11 - 2016-06-09 18:11 - 07172920 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2016-06-09 18:11 - 2016-06-09 18:11 - 06343320 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICV3apo.dll
2016-06-09 18:11 - 2016-06-09 18:11 - 05777704 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICV2apo.dll
2016-06-09 18:11 - 2016-06-09 18:11 - 05576400 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2016-06-09 18:11 - 2016-06-09 18:11 - 05289952 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll
2016-06-09 18:11 - 2016-06-09 18:11 - 04803840 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2016-06-09 18:11 - 2016-06-09 18:11 - 03299832 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE2.dll
2016-06-09 18:11 - 2016-06-09 18:11 - 03283248 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2016-06-09 18:11 - 2016-06-09 18:11 - 03198720 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2016-06-09 18:11 - 2016-06-09 18:11 - 03152591 _____ C:\Windows\system32\Drivers\rtkSSTsetting.dat
2016-06-09 18:11 - 2016-06-09 18:11 - 03081808 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2016-06-09 18:11 - 2016-06-09 18:11 - 02894976 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2016-06-09 18:11 - 2016-06-09 18:11 - 02714568 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RltkAPO.dll
2016-06-09 18:11 - 2016-06-09 18:11 - 02190992 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE.dll
2016-06-09 18:11 - 2016-06-09 18:11 - 02110600 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2016-06-09 18:11 - 2016-06-09 18:11 - 02050184 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2016-06-09 18:11 - 2016-06-09 18:11 - 02049664 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2016-06-09 18:11 - 2016-06-09 18:11 - 01943624 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
2016-06-09 18:11 - 2016-06-09 18:11 - 01435152 _____ (Synopsys, Inc.) C:\Windows\system32\SRRPTR64.dll
2016-06-09 18:11 - 2016-06-09 18:11 - 01382240 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2016-06-09 18:11 - 2016-06-09 18:11 - 01356512 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2016-06-09 18:11 - 2016-06-09 18:11 - 01334384 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO64.dll
2016-06-09 18:11 - 2016-06-09 18:11 - 01330072 _____ (DTS, Inc.) C:\Windows\system32\slcnt64.dll
2016-06-09 18:11 - 2016-06-09 18:11 - 01022872 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
2016-06-09 18:11 - 2016-06-09 18:11 - 01003864 _____ (Nahimic Inc) C:\Windows\system32\NahimicAPONSControl.dll
2016-06-09 18:11 - 2016-06-09 18:11 - 00998032 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll
2016-06-09 18:11 - 2016-06-09 18:11 - 00965032 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2016-06-09 18:11 - 2016-06-09 18:11 - 00931624 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2016-06-09 18:11 - 2016-06-09 18:11 - 00927424 _____ (Sound Research, Corp.) C:\Windows\system32\SEHDRA64.dll
2016-06-09 18:11 - 2016-06-09 18:11 - 00923752 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll
2016-06-09 18:11 - 2016-06-09 18:11 - 00888480 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll
2016-06-09 18:11 - 2016-06-09 18:11 - 00873472 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2016-06-09 18:11 - 2016-06-09 18:11 - 00716104 _____ (Sound Research, Corp.) C:\Windows\system32\SECOMN64.dll
2016-06-09 18:11 - 2016-06-09 18:11 - 00689888 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2016-06-09 18:11 - 2016-06-09 18:11 - 00677680 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2016-06-09 18:11 - 2016-06-09 18:11 - 00596120 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll
2016-06-09 18:11 - 2016-06-09 18:11 - 00589080 _____ (Sound Research, Corp.) C:\Windows\SysWOW64\SECOMN32.DLL
2016-06-09 18:11 - 2016-06-09 18:11 - 00532384 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2016-06-09 18:11 - 2016-06-09 18:11 - 00467168 _____ (Synopsys, Inc.) C:\Windows\system32\SRAPO64.dll
2016-06-09 18:11 - 2016-06-09 18:11 - 00450128 _____ (Sound Research, Corp.) C:\Windows\system32\SEAPO64.dll
2016-06-09 18:11 - 2016-06-09 18:11 - 00447720 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2016-06-09 18:11 - 2016-06-09 18:11 - 00387320 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2016-06-09 18:11 - 2016-06-09 18:11 - 00381416 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM64.dll
2016-06-09 18:11 - 2016-06-09 18:11 - 00343712 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2016-06-09 18:11 - 2016-06-09 18:11 - 00341160 _____ (Synopsys, Inc.) C:\Windows\SysWOW64\SRCOM.dll
2016-06-09 18:11 - 2016-06-09 18:11 - 00341160 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM.dll
2016-06-09 18:11 - 2016-06-09 18:11 - 00321720 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2016-06-09 18:11 - 2016-06-09 18:11 - 00321720 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2016-06-09 18:11 - 2016-06-09 18:11 - 00258504 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2016-06-09 18:11 - 2016-06-09 18:11 - 00231920 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2016-06-09 18:11 - 2016-06-09 18:11 - 00224264 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaemaxapo64.dll
2016-06-09 18:11 - 2016-06-09 18:11 - 00221976 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2016-06-09 18:11 - 2016-06-09 18:11 - 00214840 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2016-06-09 18:11 - 2016-06-09 18:11 - 00209536 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2016-06-09 18:11 - 2016-06-09 18:11 - 00192992 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2016-06-09 18:11 - 2016-06-09 18:11 - 00172584 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll
2016-06-09 18:11 - 2016-06-09 18:11 - 00166208 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2016-06-09 18:11 - 2016-06-09 18:11 - 00158704 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2016-06-09 18:11 - 2016-06-09 18:11 - 00151792 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2016-06-09 18:11 - 2016-06-09 18:11 - 00134208 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2016-06-09 18:11 - 2016-06-09 18:11 - 00110984 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2016-06-09 18:11 - 2016-06-09 18:11 - 00090920 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2016-06-09 18:11 - 2016-06-09 18:11 - 00088352 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2016-06-09 18:11 - 2016-06-09 18:11 - 00088328 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2016-06-09 18:11 - 2016-06-09 18:11 - 00084624 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2016-06-09 18:11 - 2016-06-09 18:11 - 00083632 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2016-06-09 18:11 - 2016-06-09 18:11 - 00075544 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2016-06-09 18:11 - 2016-06-09 18:11 - 00023704 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2016-06-09 18:10 - 2016-06-09 18:11 - 02823280 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO7064.dll
2016-06-09 18:10 - 2016-06-09 18:10 - 10521552 _____ (Intel Corporation) C:\Windows\system32\IntelSSTAPO.dll
2016-06-09 18:10 - 2016-06-09 18:10 - 07096192 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2016-06-09 18:10 - 2016-06-09 18:10 - 06264640 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64AF3.dll
2016-06-09 18:10 - 2016-06-09 18:10 - 05338936 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv211.dll
2016-06-09 18:10 - 2016-06-09 18:10 - 03282032 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2016-06-09 18:10 - 2016-06-09 18:10 - 02437144 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv201.dll
2016-06-09 18:10 - 2016-06-09 18:10 - 01965816 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2016-06-09 18:10 - 2016-06-09 18:10 - 01959608 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64AF3.dll
2016-06-09 18:10 - 2016-06-09 18:10 - 01780624 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2016-06-09 18:10 - 2016-06-09 18:10 - 01601952 _____ (Conexant Systems Inc.) C:\Windows\system32\CX64APO.dll
2016-06-09 18:10 - 2016-06-09 18:10 - 01591064 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2016-06-09 18:10 - 2016-06-09 18:10 - 01508936 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2016-06-09 18:10 - 2016-06-09 18:10 - 01421104 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO6064.dll
2016-06-09 18:10 - 2016-06-09 18:10 - 01211840 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
2016-06-09 18:10 - 2016-06-09 18:10 - 01186168 _____ (Intel Corporation) C:\Windows\system32\IntelSstCApoPropPage.dll
2016-06-09 18:10 - 2016-06-09 18:10 - 01164336 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2016-06-09 18:10 - 2016-06-09 18:10 - 01060504 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOProp.dll
2016-06-09 18:10 - 2016-06-09 18:10 - 00743968 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2016-06-09 18:10 - 2016-06-09 18:10 - 00727440 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2016-06-09 18:10 - 2016-06-09 18:10 - 00708320 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2016-06-09 18:10 - 2016-06-09 18:10 - 00678192 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2016-06-09 18:10 - 2016-06-09 18:10 - 00618192 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
2016-06-09 18:10 - 2016-06-09 18:10 - 00574760 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2016-06-09 18:10 - 2016-06-09 18:10 - 00514528 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
2016-06-09 18:10 - 2016-06-09 18:10 - 00504312 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2016-06-09 18:10 - 2016-06-09 18:10 - 00500560 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
2016-06-09 18:10 - 2016-06-09 18:10 - 00471336 _____ (ICEpower a/s) C:\Windows\system32\ICEsoundAPO64.dll
2016-06-09 18:10 - 2016-06-09 18:10 - 00445408 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2016-06-09 18:10 - 2016-06-09 18:10 - 00441272 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2016-06-09 18:10 - 2016-06-09 18:10 - 00428232 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
2016-06-09 18:10 - 2016-06-09 18:10 - 00416512 _____ (Harman) C:\Windows\system32\HMUI.dll
2016-06-09 18:10 - 2016-06-09 18:10 - 00370840 _____ (Dolby Laboratories) C:\Windows\system32\HiFiDAX2API.dll
2016-06-09 18:10 - 2016-06-09 18:10 - 00366128 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\HMAPO.dll
2016-06-09 18:10 - 2016-06-09 18:10 - 00362056 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64AF3.dll
2016-06-09 18:10 - 2016-06-09 18:10 - 00360352 _____ (Harman) C:\Windows\system32\HMClariFi.dll
2016-06-09 18:10 - 2016-06-09 18:10 - 00330568 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2016-06-09 18:10 - 2016-06-09 18:10 - 00327464 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2016-06-09 18:10 - 2016-06-09 18:10 - 00310424 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64F3.dll
2016-06-09 18:10 - 2016-06-09 18:10 - 00272720 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2016-06-09 18:10 - 2016-06-09 18:10 - 00253904 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2016-06-09 18:10 - 2016-06-09 18:10 - 00253872 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2016-06-09 18:10 - 2016-06-09 18:10 - 00252880 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2016-06-09 18:10 - 2016-06-09 18:10 - 00203848 _____ (Harman) C:\Windows\system32\HMHVS.dll
2016-06-09 18:10 - 2016-06-09 18:10 - 00190944 _____ (Harman) C:\Windows\system32\HMEQ_Voice.dll
2016-06-09 18:10 - 2016-06-09 18:10 - 00190944 _____ (Harman) C:\Windows\system32\HMEQ.dll
2016-06-09 18:10 - 2016-06-09 18:10 - 00179608 _____ (Harman) C:\Windows\system32\HMLimiter.dll
2016-06-09 18:10 - 2016-06-09 18:10 - 00122328 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2016-06-09 18:10 - 2016-06-09 18:10 - 00118600 _____ C:\Windows\system32\AcpiServiceVnA64.dll
2016-06-09 18:10 - 2016-06-09 18:10 - 00118600 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2016-06-09 18:10 - 2016-06-09 18:10 - 00105312 _____ C:\Windows\system32\audioLibVc.dll
2016-06-09 18:10 - 2016-06-09 18:10 - 00065792 _____ (Harman) C:\Windows\system32\HarmanAudioInterface.dll
2016-06-09 18:08 - 2016-06-09 18:08 - 04330200 _____ (TODO: <Company name>) C:\Windows\RtCRU64.exe
2016-06-09 18:08 - 2016-06-09 18:08 - 01027840 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2016-06-09 18:08 - 2016-06-09 18:08 - 00413912 _____ (Realsil Semiconductor Corporation) C:\Windows\system32\Drivers\RtsUer.sys
2016-06-09 18:08 - 2016-06-09 18:08 - 00082544 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2016-06-09 18:04 - 2016-06-09 18:05 - 04162560 _____ (Qualcomm Atheros Communications, Inc.) C:\Windows\system32\Drivers\athrx.sys

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-06-29 16:25 - 2013-04-24 16:55 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-06-29 16:16 - 2015-02-05 19:59 - 00000000 ____D C:\Users\Natálka\AppData\Roaming\Skype
2016-06-29 16:02 - 2015-12-02 13:29 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-29 15:43 - 2009-07-14 06:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-06-29 15:43 - 2009-07-14 06:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-06-29 15:38 - 2015-12-02 13:29 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-29 15:38 - 2015-10-06 15:02 - 00000000 ____D C:\Program Files (x86)\Opera
2016-06-28 20:10 - 2015-09-24 17:18 - 00000862 _____ C:\Users\Public\Desktop\AVG.lnk
2016-06-28 20:10 - 2015-09-24 17:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2016-06-28 18:55 - 2015-11-15 20:07 - 00002112 _____ C:\Users\Public\Desktop\Driver Booster 3.lnk
2016-06-28 18:55 - 2014-01-15 07:40 - 00000000 ____D C:\ProgramData\ProductData
2016-06-28 18:53 - 2015-11-15 20:07 - 00003250 _____ C:\Windows\System32\Tasks\Driver Booster Scheduler
2016-06-28 18:53 - 2015-11-15 20:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 3
2016-06-28 18:53 - 2014-03-18 12:53 - 00002882 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (Natálka)
2016-06-28 18:52 - 2016-04-15 21:40 - 00000000 ____D C:\Users\Natálka\AppData\Roaming\Spotify
2016-06-28 18:52 - 2012-07-05 20:59 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-06-28 18:51 - 2011-12-30 20:03 - 00000000 ____D C:\Users\Natálka\AppData\Local\CrashDumps
2016-06-28 18:50 - 2016-04-15 21:41 - 00000000 ____D C:\Users\Natálka\AppData\Local\Spotify
2016-06-28 18:50 - 2016-01-15 19:59 - 00000000 ____D C:\Users\Natálka\AppData\Local\LogMeIn Hamachi
2016-06-28 18:46 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-28 18:29 - 2016-03-05 17:10 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-06-28 18:01 - 2015-07-09 12:13 - 00660480 ___SH C:\Users\Natálka\Downloads\Thumbs.db
2016-06-28 18:01 - 2015-01-23 19:47 - 00170496 ___SH C:\Users\Natálka\Documents\Thumbs.db
2016-06-28 17:55 - 2015-01-04 17:13 - 00002912 _____ C:\Windows\System32\Tasks\Uninstaller_SkipUac_Natálka
2016-06-28 14:47 - 2015-09-25 15:15 - 00000000 ____D C:\Users\Public\StarStableOnline
2016-06-28 13:54 - 2013-07-17 07:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-06-28 13:43 - 2015-10-21 09:10 - 00000000 ____D C:\AdwCleaner
2016-06-27 20:33 - 2015-01-04 16:19 - 00000000 ____D C:\Users\Natálka\AppData\Local\Disc_Soft_Ltd
2016-06-27 20:33 - 2011-12-30 19:05 - 00000000 ____D C:\Users\Natálka\AppData\Roaming\DAEMON Tools Lite
2016-06-27 20:29 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-06-27 20:22 - 2012-01-07 13:00 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2016-06-27 20:05 - 2015-11-21 01:43 - 00002157 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-27 20:05 - 2015-11-21 01:43 - 00002145 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-06-27 19:56 - 2015-02-05 19:59 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-06-27 19:56 - 2015-02-05 19:59 - 00000000 ____D C:\ProgramData\Skype
2016-06-27 19:46 - 2014-01-10 10:58 - 00000000 ____D C:\ProgramData\Oracle
2016-06-27 19:45 - 2015-07-21 10:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-06-27 19:45 - 2013-05-09 13:50 - 00000000 ____D C:\Program Files (x86)\Java
2016-06-27 19:44 - 2016-02-07 11:30 - 00000000 ____D C:\Users\Natálka\.oracle_jre_usage
2016-06-27 19:44 - 2015-07-21 10:27 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-06-27 18:20 - 2012-06-14 15:49 - 00000000 ____D C:\Users\Natálka\AppData\Local\ElevatedDiagnostics
2016-06-27 18:20 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2016-06-27 17:53 - 2015-09-25 13:24 - 00002143 _____ C:\Users\Public\Desktop\Advanced SystemCare 8.lnk
2016-06-12 08:37 - 2011-10-24 17:25 - 00045056 _____ C:\Windows\system32\acovcnt.exe
2016-06-11 21:56 - 2013-06-02 17:28 - 00000000 ____D C:\Users\Natálka\AppData\Roaming\.minecraft
2016-06-11 16:54 - 2011-10-24 17:11 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-06-11 16:28 - 2011-10-24 17:11 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-06-11 16:28 - 2011-10-24 17:10 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-06-09 18:23 - 2015-11-15 20:25 - 00003180 _____ C:\Windows\System32\Tasks\RtHDVBg_ListenToDevice
2016-06-09 18:23 - 2015-11-15 20:25 - 00003146 _____ C:\Windows\System32\Tasks\RTKCPL
2016-06-09 18:17 - 2015-11-15 20:24 - 00000000 ____D C:\Windows\system32\DAX2
2016-06-09 18:16 - 2011-10-24 17:14 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2016-06-09 18:08 - 2011-10-24 17:16 - 00116304 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2016-06-09 18:07 - 2011-02-19 07:36 - 00683820 _____ C:\Windows\system32\perfh005.dat
2016-06-09 18:07 - 2011-02-19 07:36 - 00146724 _____ C:\Windows\system32\perfc005.dat
2016-06-09 18:07 - 2009-07-14 07:13 - 01623998 _____ C:\Windows\system32\PerfStringBackup.INI
2016-06-05 17:21 - 2013-05-15 06:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive

==================== Files in the root of some directories =======

2015-04-14 18:28 - 2015-04-14 18:28 - 0004387 _____ () C:\Users\Natálka\AppData\Roaming\fakhrujepe4GONdL3WM
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Natálka\AppData\Roaming\yxeJBbd
2013-03-06 20:28 - 2016-04-28 15:08 - 0014336 _____ () C:\Users\Natálka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-05-29 15:47 - 2016-05-29 15:47 - 0000857 _____ () C:\Users\Natálka\AppData\Local\recently-used.xbel
2012-07-21 15:56 - 2013-12-26 17:48 - 0000040 ___SH () C:\ProgramData\.zreglib
2015-11-15 20:24 - 2015-11-15 20:24 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2011-04-01 11:21 - 2010-07-07 01:10 - 0131472 _____ () C:\ProgramData\FullRemove.exe
2011-10-24 17:30 - 2011-10-24 17:30 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2011-10-24 17:29 - 2011-10-24 17:30 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log

Some files in TEMP:
====================
C:\Users\Guest\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
C:\Users\Natálka\AppData\Local\Temp\avguirn_08767465493.exe
C:\Users\Natálka\AppData\Local\Temp\jre-8u91-windows-au.exe
C:\Users\Natálka\AppData\Local\Temp\libeay32.dll
C:\Users\Natálka\AppData\Local\Temp\msvcr120.dll
C:\Users\Natálka\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: IObit Malware Fighter (Enabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Nat�lka\Desktop" je 8 MB.

***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync
"C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate
"C:\Users\Nat�lka\AppData\Roaming\Seznam.cz\szninstall.exe" -c [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop
"C:\Users\Nat�lka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Ultra Agent
"C:\Program Files (x86)\DAEMON Tools Ultra\DTAgent.exe" -autorun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update
"C:\Users\Nat�lka\AppData\Local\Google\Update\GoogleUpdate.exe" /c [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OfficeSyncProcess
"C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce
"C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SonicMasterTray
C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateLBPShortCut
"C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateP2GoShortCut
"C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk
C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe -d [x]

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

#32 Příspěvek od **Rudy** » 29 čer 2016 18:15

Otevřte poznámkový blok a zkopírujte do něj:

Start
C:\Users\Natálka\AppData\Local\Facebook\Update
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-06-16] (Oracle Corporation)
HKU\S-1-5-21-1906600563-3070068863-906702074-1002\...\Run: [BingSvc] => C:\Users\Natálka\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-12-01] (© 2015 Microsoft Corporation)
C:\Users\Natálka\AppData\Local\Microsoft\BingSvc
HKU\S-1-5-21-1906600563-3070068863-906702074-1002\...\Run: [C] => cmd /c(@attrib -H -R -S C:\Windows\system32\GroupPolicy\Machine\Registry.pol >nul)&(@copy/b/y C:\Windows\system32\GroupPolicy\Machine\R C:\Windows\system32\GroupPolicy\Machine\Registry.pol >nul)&(@att (the data entry has 99 more characters).
HKU\S-1-5-21-1906600563-3070068863-906702074-1002\...\MountPoints2: H - H:\PXRoute.exe
HKU\S-1-5-21-1906600563-3070068863-906702074-1002\...\MountPoints2: I - I:\PXRoute.exe
HKU\S-1-5-21-1906600563-3070068863-906702074-1002\...\MountPoints2: J - J:\PXRoute.exe
HKU\S-1-5-21-1906600563-3070068863-906702074-1002\...\MountPoints2: K - K:\PXRoute.exe
HKU\S-1-5-21-1906600563-3070068863-906702074-1002\...\MountPoints2: {1e6b85fd-e9cd-11e4-a34e-5404a6254a6b} - I:\PXRoute.exe
HKU\S-1-5-21-1906600563-3070068863-906702074-1002\...\MountPoints2: {1e6b8600-e9cd-11e4-a34e-5404a6254a6b} - J:\PXRoute.exe
HKU\S-1-5-21-1906600563-3070068863-906702074-1002\...\MountPoints2: {1e6b8603-e9cd-11e4-a34e-5404a6254a6b} - K:\PXRoute.exe
HKU\S-1-5-21-1906600563-3070068863-906702074-1002\...\MountPoints2: {670658ef-e5f9-11e4-8e6a-5404a6254a6b} - H:\PXRoute.exe
HKU\S-1-5-21-1906600563-3070068863-906702074-1002\...\MountPoints2: {6fca8da3-3305-11e1-bd51-5404a6254a6b} - F:\Install.exe
HKU\S-1-5-21-1906600563-3070068863-906702074-1002\...\MountPoints2: {919c87b9-3d4f-11e6-a659-5404a6254a6b} - G:\setup.exe
HKU\S-1-5-21-1906600563-3070068863-906702074-1002\...\MountPoints2: {978bf2c8-15a8-11e5-a3d6-5404a6254a6b} - L:\autorun.exe
HKU\S-1-5-21-1906600563-3070068863-906702074-1002\...\MountPoints2: {d8a6858b-1e40-11e5-81c2-5404a6254a6b} - M:\setup.exe
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => No File
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-1906600563-3070068863-906702074-1002\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.google.com/?trackid=sp-006
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKU\.DEFAULT -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-1906600563-3070068863-906702074-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SK2MDF&PC=SK2M ... -SearchBox
SearchScopes: HKU\S-1-5-21-1906600563-3070068863-906702074-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3C} URL = hxxp://smartsputnik.ru/?ri=1&uid=85edab ... 891b7d2&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1906600563-3070068863-906702074-1002 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKU\S-1-5-21-1906600563-3070068863-906702074-1002 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-1906600563-3070068863-906702074-1002 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
c:\Program Files (x86)\Skype\Toolbars
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @nprotect.com/keycrypt -> C:\Windows\system32\npkfxmp.dll [No File]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-05-25]
S2 TuneUp.UtilitiesSvc; no ImagePath
S3 TuneUpUtilitiesDrv; no ImagePath
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Users\Natálka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\ProgramData\DP45977C.lfl
C:\Users\Guest\AppData\Local\Temp
C:\Users\Natálka\AppData\Local\Temp
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Doporučuji odinstalovat Advanced system care. Tento čistič vidí problémy i tam, kde nejsou a laik si jím snadno může poškodit systém.

VIRY.CZ

vracejici se havet

Re: vracejici se havet

Re: vracejici se havet