VIRY.CZ

Zdravím, známy mi odporučil vašu stranku, kedže niesom si istý či mam noťas čistý, odkedy mi naň decká chodia som spozoroval, že je pomalší či už prehliadač alebo celkovo hocičo na ňom... vopred vďaka

-----------

Logfile of random's system information tool 1.10 (written by random/random)
Run by Michal at 2015-03-04 23:09:26
Microsoft Windows 8.1 so službou Bing
System drive C: has 106 GB (55%) free of 191 GB
Total RAM: 3983 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:09:32, on 4.3.2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17416)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\AVG\AVG2015\avgui.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
C:\Program Files\trend micro\Michal.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com/?pc=ASJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus13.msn.com/?pc=ASJB
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
O4 - HKLM\..\Run: [WebStorage] C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\ASUSWSLoader.exe
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Shifters] C:\Program Files (x86)\Shifters Anticheat\protokol.exe shifters://
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
O23 - Service: Asus WebStorage Windows Service - ASUS Cloud Corporation - C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Realtek11nSU - Realtek - C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 8658 bytes

======Listing Processes======




c:\PROGRA~2\AVG\AVG2015\avgrsa.exe /boot
C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe /pipeName=c2feea3f-0200-0000-0bcf-3162036df47d /binaryPath="C:\Program Files (x86)\AVG\AVG2015\"

wininit.exe

winlogon.exe

C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe"
"C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
"C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe"
dashost.exe {12ef1816-5237-4c79-8b8a47abce9ad6db}
"C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgemca.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
C:\Windows\Explorer.EXE
KBFiltr.exe
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\skydrive.exe -Embedding
"C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtWlan.exe" /H
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
taskhostex.exe
"C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe"

"C:\Windows\system32\igfxsrvc.exe" -Embedding
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
ctfmon.exe
"C:\Program Files\CCleaner\CCleaner64.exe" /monitor
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX4
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Windows\System32\SettingSyncHost.exe" -Embedding

"C:\Windows\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3536.0.789611585\811486159" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,18,39 --gpu-vendor-id=0x8086 --gpu-device-id=0x0f31 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.3408 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=sk --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group16 pct:1g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/QUIC/EnabledForLargePopulation/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled-default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_17/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/group_01/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="3536.7.477706135\360789842" /prefetch:673131151
"C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Michal\Music\33-Hozier---Take-Me-To-Church.mp3"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 560 564 572 65536 568
"C:\Users\Michal\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\1014avUpdateInfo.job - C:\ProgramData\Avg_Update_1014av\1014av_AVG-Secure-Search-Update.exe /SETINFO /CMPID=1014av /INFORETRY=3
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2014-02-19 391152]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2014-02-19 771568]
"Persistence"=C:\Windows\system32\igfxpers.exe [2014-02-19 770544]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2014-02-25 134784]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-12-12 7394584]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"AdobeBridge"= []
"Shifters"=C:\Program Files (x86)\Shifters Anticheat\protokol.exe [2015-02-19 10240]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"ASUSPRP"=C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2014-04-23 1080992]
"WebStorage"=C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\ASUSWSLoader.exe [2014-02-25 63296]
"AVG_UI"=C:\Program Files (x86)\AVG\AVG2015\avgui.exe [2014-12-18 3667472]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2014-02-25 134784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2014-01-16 624640]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableCAD"=1
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave4"=wdmaud.drv
"mixer4"=wdmaud.drv
"midi4"=wdmaud.drv
"vidc.mjpg"=bdmjpeg64.dll
"vidc.mpeg"=bdmpegv64.dll
"msacm.bdmpeg"=bdmpega64.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-03-04 23:09:26 ----D---- C:\rsit
2015-03-04 23:09:26 ----D---- C:\Program Files\trend micro
2015-02-27 17:23:28 ----A---- C:\Windows\system32\Windows.Globalization.dll
2015-02-27 17:23:27 ----A---- C:\Windows\SYSWOW64\Windows.Globalization.dll
2015-02-27 17:23:27 ----A---- C:\Windows\SYSWOW64\GlobCollationHost.dll
2015-02-27 17:23:27 ----A---- C:\Windows\system32\GlobCollationHost.dll
2015-02-19 19:49:05 ----D---- C:\Users\Michal\AppData\Roaming\Shifters Anticheat
2015-02-19 19:48:57 ----D---- C:\Program Files (x86)\Shifters Anticheat
2015-02-13 18:05:17 ----D---- C:\Users\Michal\AppData\Roaming\HandBrake
2015-02-13 09:30:33 ----A---- C:\Windows\system32\jscript9.dll
2015-02-13 09:29:33 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-02-11 16:50:45 ----D---- C:\Users\Michal\AppData\Roaming\Audacity
2015-02-11 16:44:46 ----D---- C:\Users\Michal\AppData\Roaming\BANDISOFT
2015-02-11 16:44:11 ----D---- C:\Program Files (x86)\BandiMPEG1
2015-02-11 16:08:58 ----D---- C:\Users\Michal\AppData\Roaming\MMFApplications
2015-02-11 14:02:14 ----A---- C:\Windows\system32\schannel.dll
2015-02-11 14:02:13 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-02-11 14:02:12 ----A---- C:\Windows\system32\scesrv.dll
2015-02-11 14:02:11 ----A---- C:\Windows\SYSWOW64\scesrv.dll
2015-02-11 14:02:10 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-02-11 14:02:09 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-02-11 14:02:09 ----A---- C:\Windows\system32\ntdll.dll
2015-02-11 14:02:08 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-02-11 14:02:08 ----A---- C:\Windows\SYSWOW64\user.exe
2015-02-11 14:02:08 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-02-11 14:02:08 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-02-11 14:02:08 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-02-11 14:02:08 ----A---- C:\Windows\system32\wow64cpu.dll
2015-02-11 14:02:08 ----A---- C:\Windows\system32\wow64.dll
2015-02-11 14:02:08 ----A---- C:\Windows\system32\ntvdm64.dll
2015-02-11 14:02:05 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2015-02-11 14:02:05 ----A---- C:\Windows\system32\WindowsCodecs.dll
2015-02-11 14:02:01 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-02-11 14:02:01 ----A---- C:\Windows\system32\drivers\cng.sys
2015-02-11 14:02:01 ----A---- C:\Windows\system32\certcli.dll
2015-02-11 14:02:00 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-02-11 14:02:00 ----A---- C:\Windows\SYSWOW64\certcli.dll
2015-02-11 14:02:00 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-02-11 14:02:00 ----A---- C:\Windows\system32\msaudite.dll
2015-02-11 14:02:00 ----A---- C:\Windows\system32\lsasrv.dll
2015-02-11 14:02:00 ----A---- C:\Windows\system32\adtschema.dll
2015-02-11 14:01:28 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2015-02-11 14:01:28 ----A---- C:\Windows\system32\oleaut32.dll
2015-02-11 14:01:18 ----A---- C:\Windows\system32\mshtml.dll
2015-02-11 14:01:17 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-02-11 14:01:13 ----A---- C:\Windows\system32\ieframe.dll
2015-02-11 14:01:12 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-02-11 14:01:09 ----A---- C:\Windows\system32\iertutil.dll
2015-02-11 14:01:08 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-02-11 14:01:08 ----A---- C:\Windows\system32\wininet.dll
2015-02-11 14:01:08 ----A---- C:\Windows\system32\vbscript.dll
2015-02-11 14:01:08 ----A---- C:\Windows\system32\jscript.dll
2015-02-11 14:01:07 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-02-11 14:01:07 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-02-11 14:01:07 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-02-11 14:01:07 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-02-11 14:01:07 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-02-11 14:01:07 ----A---- C:\Windows\system32\msfeeds.dll
2015-02-11 14:01:07 ----A---- C:\Windows\system32\dxtmsft.dll
2015-02-11 14:01:06 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-02-11 14:01:06 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2015-02-11 14:01:06 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-02-11 14:01:06 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2015-02-11 14:01:06 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2015-02-11 14:01:06 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-02-11 14:01:06 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-02-11 14:01:06 ----A---- C:\Windows\system32\webcheck.dll
2015-02-11 14:01:06 ----A---- C:\Windows\system32\urlmon.dll
2015-02-11 14:01:06 ----A---- C:\Windows\system32\mshtmled.dll
2015-02-11 14:01:06 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-02-11 14:01:06 ----A---- C:\Windows\system32\inetcomm.dll
2015-02-11 14:01:06 ----A---- C:\Windows\system32\iedkcs32.dll
2015-02-11 14:01:06 ----A---- C:\Windows\system32\ieapfltr.dll
2015-02-11 14:01:06 ----A---- C:\Windows\system32\ie4uinit.exe
2015-02-11 14:01:06 ----A---- C:\Windows\system32\actxprxy.dll
2015-02-11 14:00:47 ----A---- C:\Windows\system32\sppobjs.dll
2015-02-11 14:00:45 ----A---- C:\Windows\system32\win32k.sys
2015-02-09 16:33:18 ----D---- C:\Program Files (x86)\Lavalys
2015-02-07 15:46:35 ----D---- C:\ProgramData\PACE Anti-Piracy
2015-02-07 15:46:34 ----D---- C:\Users\Michal\AppData\Roaming\PACE Anti-Piracy
2015-02-07 15:34:06 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2015-02-07 15:33:18 ----D---- C:\Program Files\Adobe
2015-02-07 15:30:18 ----N---- C:\Windows\system32\drivers\cdr4_xp.sys
2015-02-07 15:30:17 ----N---- C:\Windows\system32\drivers\PxHlpa64.sys
2015-02-07 15:30:17 ----N---- C:\Windows\system32\drivers\cdralw2k.sys
2015-02-07 15:30:11 ----D---- C:\Program Files (x86)\My Company Name
2015-02-07 15:24:11 ----D---- C:\Program Files\Common Files\Adobe
2015-02-05 21:01:20 ----D---- C:\download
2015-02-05 21:01:10 ----D---- C:\ProgramData\WEBZEN

======List of files/folders modified in the last 1 month======

2015-03-04 23:09:26 ----RD---- C:\Program Files
2015-03-04 23:08:53 ----D---- C:\Windows\Prefetch
2015-03-04 23:07:43 ----AD---- C:\Windows\Temp
2015-03-04 23:01:46 ----D---- C:\Windows\Inf
2015-03-04 23:00:03 ----D---- C:\Windows\system32\sru
2015-03-04 22:58:43 ----D---- C:\Program Files (x86)\Steam
2015-03-04 22:56:59 ----D---- C:\Users\Michal\AppData\Roaming\TS3Client
2015-03-04 22:52:13 ----RD---- C:\Windows\System32
2015-03-04 22:52:13 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-03-04 21:02:18 ----D---- C:\Windows\system32\config
2015-03-04 21:00:18 ----D---- C:\Windows\Microsoft.NET
2015-03-04 13:11:41 ----RSD---- C:\Windows\assembly
2015-03-04 13:11:24 ----D---- C:\Windows\WinSxS
2015-03-04 13:09:42 ----D---- C:\Windows\debug
2015-03-04 13:03:26 ----D---- C:\ProgramData\MFAData
2015-03-03 14:21:07 ----HD---- C:\Program Files\WindowsApps
2015-03-03 14:21:07 ----D---- C:\Windows\AppReadiness
2015-03-03 14:12:31 ----HD---- C:\ProgramData
2015-03-03 14:12:31 ----D---- C:\Windows\system32\Tasks
2015-03-03 14:12:30 ----D---- C:\Windows\Tasks
2015-03-02 21:00:26 ----D---- C:\Users\Michal\AppData\Roaming\uTorrent
2015-03-02 20:29:05 ----D---- C:\Windows\SoftwareDistribution
2015-03-02 20:29:05 ----AD---- C:\Windows
2015-02-28 18:30:11 ----D---- C:\Windows\SysWOW64
2015-02-27 18:00:33 ----D---- C:\Windows\CbsTemp
2015-02-27 00:02:07 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2015-02-27 00:01:57 ----SHD---- C:\System Volume Information
2015-02-25 01:28:10 ----D---- C:\Users\Michal\AppData\Roaming\vlc
2015-02-25 00:02:02 ----SHD---- C:\Windows\Installer
2015-02-22 11:37:03 ----D---- C:\Windows\system32\catroot
2015-02-22 11:37:01 ----D---- C:\Windows\system32\catroot2
2015-02-22 11:36:22 ----D---- C:\Windows\system32\drivers
2015-02-22 11:36:21 ----D---- C:\Windows\system32\DriverStore
2015-02-22 11:16:56 ----D---- C:\Program Files (x86)\Common Files
2015-02-22 11:16:52 ----RD---- C:\Program Files (x86)
2015-02-21 20:34:33 ----D---- C:\Windows\system32\NDF
2015-02-20 18:07:27 ----SD---- C:\Users\Michal\AppData\Roaming\Microsoft
2015-02-14 02:55:29 ----D---- C:\Windows\rescache
2015-02-12 00:58:12 ----D---- C:\Windows\SYSWOW64\en-US
2015-02-12 00:58:12 ----D---- C:\Windows\system32\en-US
2015-02-12 00:58:11 ----D---- C:\Windows\apppatch
2015-02-11 14:58:38 ----D---- C:\Windows\system32\MRT
2015-02-11 14:46:08 ----A---- C:\Windows\system32\MRT.exe
2015-02-09 17:38:11 ----D---- C:\Windows\LiveKernelReports
2015-02-07 15:47:01 ----D---- C:\Users\Michal\AppData\Roaming\Adobe
2015-02-07 15:34:07 ----D---- C:\ProgramData\Adobe
2015-02-07 15:28:48 ----D---- C:\Program Files (x86)\Adobe
2015-02-07 15:28:41 ----RSD---- C:\Windows\Fonts
2015-02-07 15:25:08 ----D---- C:\Program Files\Common Files\microsoft shared
2015-02-07 15:24:11 ----D---- C:\Program Files\Common Files

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2014-11-18 203544]
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2014-07-18 313624]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2014-10-05 124184]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2014-06-18 31512]
R0 BTATH_BUS;@oem21.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\Windows\System32\drivers\btath_bus.sys [2014-02-25 35016]
R0 MBI;@oem8.inf,%MBI.SVCDESC%;Intel(R) Sideband Fabric Device Service; C:\Windows\System32\drivers\MBI.sys [2013-10-28 29464]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2011-11-03 56208]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2013-07-02 19768]
R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2014-06-18 153368]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2014-12-08 260888]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2014-08-28 243480]
R1 Avgwfpa;AVG Firewall Driver; C:\Windows\system32\DRIVERS\avgwfpa.sys [2014-09-24 277784]
R1 dtsoftbus01;@oem50.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\Windows\System32\drivers\dtsoftbus01.sys [2015-02-04 283064]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R3 AiCharger;ASUS Charger Driver; C:\Windows\system32\DRIVERS\AiCharger.sys [2014-03-27 17152]
R3 AthBTPort;@oem24.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2014-02-25 89800]
R3 athr;@oem20.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athwbx.sys [2014-03-06 3892224]
R3 ATP;@oem17.inf,%PS2.DeviceDesc%;ASUS Input Device; C:\Windows\System32\drivers\AsusTP.sys [2014-03-31 71952]
R3 BTATH_A2DP;@oem23.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2014-02-25 355528]
R3 btath_avdt;@oem23.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\Windows\system32\drivers\btath_avdt.sys [2014-02-25 118984]
R3 BTATH_HCRP;@oem26.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\Windows\System32\drivers\btath_hcrp.sys [2014-02-25 179432]
R3 BTATH_LWFLT;@oem28.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2014-02-25 77464]
R3 BTATH_RCP;@oem30.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\Windows\System32\drivers\btath_rcp.sys [2014-02-25 137928]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2014-02-25 598216]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\Windows\System32\drivers\BthEnum.sys [2013-08-22 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\Windows\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\System32\drivers\bthpan.sys [2014-07-24 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2014-03-18 81920]
R3 GPIO;@oem10.inf,%GPIO.SVCDESC%;Intel SoC GPIO Controller Driver; C:\Windows\System32\drivers\iaiogpioe.sys [2013-11-11 31232]
R3 HIDSwitch;@oem27.inf,%ASSW.DisplayName%;ASUS Wireless Radio Control; C:\Windows\System32\drivers\AsHIDSwitch64.sys [2013-10-08 20280]
R3 iaioi2c;@oem9.inf,%Driver_Service.Desc%;I2C Controller Service; C:\Windows\System32\drivers\iaioi2ce.sys [2013-11-11 67584]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-01-16 4222976]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-07-01 4002008]
R3 IntcDAud;@oem12.inf,%IntcDAud.SvcDesc%;Intel(R) Zvuk pre obrazovky; C:\Windows\system32\DRIVERS\IntcDAud.sys [2014-01-16 450520]
R3 iwdbus;@oem15.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\Windows\System32\drivers\iwdbus.sys [2013-12-27 27032]
R3 kbfiltr;@oem25.inf,%kbfiltr.SvcDesc%;Keyboard Filter; C:\Windows\System32\drivers\kbfiltr.sys [2012-08-06 17280]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2014-03-18 167424]
R3 RSBASTOR;@oem19.inf,%Rts5208%;Realtek PCIE CardReader Driver - BA; C:\Windows\system32\DRIVERS\RtsBaStor.sys [2013-07-12 309976]
R3 RTL8168;@oem18.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2014-01-08 848088]
R3 RTL8192su;@net8192su64.inf,%RTL8192su.DeviceDesc.DispName%;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\RTL8192su.sys [2010-03-10 626208]
R3 TXEIx64;@oem11.inf,%TEE_SvcDesc%;Intel(R) Trusted Execution Engine Interface ; C:\Windows\System32\drivers\TXEIx64.sys [2014-01-15 88592]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-08-22 212224]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S0 Avgboota;AVG Early Launch Anti-Malware Driver; C:\Windows\system32\DRIVERS\avgboota.sys [2013-09-04 20496]
S0 iaStorA;iaStorA; C:\Windows\System32\drivers\iaStorA.sys [2013-12-16 632168]
S3 AgereSoftModem;@mdmags64.inf,%FullProductName%;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2013-06-18 1146880]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2014-07-24 1200640]
S3 e1iexpress;@net1ic64.inf,%e1iExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\Windows\system32\DRIVERS\e1i63x64.sys [2013-06-18 460288]
S3 intaud_WaveExtensible;@oem14.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2013-12-27 38296]
S3 NETwNs64;@netwsw00.inf,___ %NIC_Service_DispName_WIN7_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\Netwsw00.sys [2013-06-18 11518976]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe [2014-03-26 115512]
R2 Asus WebStorage Windows Service;Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe [2014-02-25 71680]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2014-02-25 319104]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2011-11-21 96896]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [2014-12-18 3432976]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [2014-12-18 298080]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 GamesAppIntegrationService;GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2014-01-28 227904]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [2013-07-01 733696]
R2 Realtek11nSU;Realtek11nSU; C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe [2010-01-21 45056]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-23 107912]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-02-19 279024]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2014-12-26 654848]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-03-18 43696]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-23 107912]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [2013-07-01 822232]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-02-19 835776]
S3 SwitchBoard;Adobe SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

-----------------EOF-----------------

Zdravim

Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.

opäť zdravím, tu je log

# AdwCleaner v4.111 - Logfile created 06/03/2015 at 03:15:38
# Updated 18/02/2015 by Xplode
# Database : 2015-03-05.1 [Server]
# Operating system : Windows 8.1 Connected (x64)
# Username : Michal - MISO
# Running from : C:\Users\Michal\Desktop\adwcleaner_4.111.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\apn

***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A2D81E70-2A98-4A08-A628-94388B063C5E}
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Google Chrome v40.0.2214.115

[C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}

*************************

AdwCleaner[R0].txt - [1124 bytes] - [06/03/2015 03:11:19]
AdwCleaner[S0].txt - [1060 bytes] - [06/03/2015 03:15:38]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1119 bytes] ##########

Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 6.3.2015
Čas skenování: 11:47:30
Protokol: qwer.txt
Správce: Ano

Verze: 2.00.4.1028
Databáze malwaru: v2015.03.06.02
Databáze rootkitů: v2015.02.25.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Sebeobrany: Vypnuto

OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: Michal

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 569521
Uplynulý čas: 2 hod, 33 min, 3 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Žádné zákerné zjištěny položek)

Moduly: 0
(Žádné zákerné zjištěny položek)

Klíče registru: 0
(Žádné zákerné zjištěny položek)

Hodnoty registru: 0
(Žádné zákerné zjištěny položek)

Data registru: 0
(Žádné zákerné zjištěny položek)

Složky: 0
(Žádné zákerné zjištěny položek)

Soubory: 2
PUP.RiskwareTool.CK, D:\Program Files (x86)\Adobe Premiere Pro CS6\amtlib.dll, , [bb8f172bbad0e94d61e1347b16ecc43c],
Trojan.Agent.OL, D:\Program Files (x86)\Bandicam\Crack.exe, , [e4668fb31278a5917300fff93cc6916f],

Fyzické sektory: 0
(Žádné zákerné zjištěny položek)


(end)

Nalezy doporucuji hodit do karanteny, pak muzete MBAM odinstalovat.

Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach

zdravím, ospravedlňujem sa že meškám ale tu je... v prílohe je addition.txt

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Michal (administrator) on MISO on 11-03-2015 14:49:22
Running from C:\Users\Michal\Desktop
Loaded Profiles: Michal (Available profiles: Michal)
Platform: Windows 8.1 Connected (X64) OS Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(Apple Computer, Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Realtek) C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtWLan.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [1080992 2014-04-23] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\ASUSWSLoader.exe [63296 2014-02-25] ()
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3667472 2014-12-18] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [134784 2014-02-25] ( (Atheros Communications))
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-3052728683-791047638-3597169863-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-3052728683-791047638-3597169863-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-3052728683-791047638-3597169863-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3052728683-791047638-3597169863-1001\...\MountPoints2: {2c9f03cd-9153-11e4-8264-3010b386d08d} - "F:\LGAutoRun.exe"
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.2.301\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.2.301\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.2.301\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3052728683-791047638-3597169863-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus13.msn.com/?pc=ASJB
HKU\S-1-5-21-3052728683-791047638-3597169863-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com/?pc=ASJB
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR Profile: C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-23]
CHR Extension: (Google Docs) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-23]
CHR Extension: (Google Drive) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-23]
CHR Extension: (YouTube) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-23]
CHR Extension: (Google Search) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-23]
CHR Extension: (Google Sheets) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-23]
CHR Extension: (Google Wallet) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-23]
CHR Extension: (Gmail) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-23]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe [71680 2014-02-25] (ASUS Cloud Corporation) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [319104 2014-02-25] (Windows (R) Win 7 DDK provider) [File not signed]
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3432976 2014-12-18] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [298080 2014-12-18] (AVG Technologies CZ, s.r.o.)
R2 Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [229376 2006-02-28] (Apple Computer, Inc.) [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2014-12-26] (Macrovision Europe Ltd.) [File not signed]
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-01-28] (WildTangent)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation)
R2 Realtek11nSU; C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe [45056 2010-01-21] (Realtek) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2014-02-25] (Atheros) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3892224 2014-03-06] (Qualcomm Atheros Communications, Inc.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [71952 2014-03-31] (ASUS Corporation)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-04] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [260888 2014-12-08] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [203544 2014-11-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [313624 2014-07-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [124184 2014-10-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [277784 2014-09-24] (AVG Technologies CZ, s.r.o.)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-02-25] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2015-02-04] (Disc Soft Ltd)
R3 GPIO; C:\Windows\System32\drivers\iaiogpioe.sys [31232 2013-11-11] (Intel Corporation)
R3 iaioi2c; C:\Windows\System32\drivers\iaioi2ce.sys [67584 2013-11-11] (Intel Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )
R0 MBI; C:\Windows\System32\drivers\MBI.sys [29464 2013-10-28] (Intel Corporation)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
U0 msahci; system32\drivers\msahci.sys

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-11 14:49 - 2015-03-11 14:50 - 00013887 _____ () C:\Users\Michal\Desktop\FRST.txt
2015-03-11 14:48 - 2015-03-11 14:49 - 00000000 ____D () C:\FRST
2015-03-11 14:47 - 2015-03-11 14:47 - 02095616 _____ (Farbar) C:\Users\Michal\Desktop\FRST64.exe
2015-03-10 00:58 - 2015-03-10 02:11 - 00000000 ____D () C:\Users\Michal\Downloads\The Hobbit The Battle of the Five Armies (2014)
2015-03-09 18:08 - 2015-03-09 18:08 - 15525466 _____ () C:\Users\Michal\Desktop\scandalized2.rar
2015-03-09 18:06 - 2015-03-09 18:06 - 03000421 _____ () C:\Users\Michal\Downloads\tomzy5ky.rar
2015-03-09 16:53 - 2015-03-09 16:53 - 00080036 _____ () C:\Users\Michal\Downloads\_7227-.zip
2015-03-09 16:53 - 2006-12-06 07:49 - 00088388 _____ () C:\Users\Michal\Downloads\aim_map2.nav
2015-03-09 16:53 - 2003-02-18 02:07 - 00000213 _____ () C:\Users\Michal\Downloads\aim_map2.txt
2015-03-09 16:53 - 2003-02-18 01:59 - 00191244 _____ () C:\Users\Michal\Downloads\aim_map2.bsp
2015-03-08 20:14 - 2015-03-08 20:14 - 00272357 _____ () C:\Users\Michal\Downloads\ss.rar
2015-03-08 17:02 - 2015-03-08 17:03 - 18758570 _____ () C:\Users\Michal\Downloads\cupnukelaki.rar
2015-03-08 16:52 - 2015-03-08 16:53 - 21790361 _____ () C:\Users\Michal\Downloads\nukecup5n5buki.zip
2015-03-07 18:24 - 2015-03-07 18:24 - 00019347 _____ () C:\Users\Michal\Downloads\ServerBrowser.vdf
2015-03-07 17:18 - 2009-08-28 10:34 - 00000000 ____D () C:\Users\Michal\Desktop\Stronghold Crusader
2015-03-07 14:45 - 2015-03-07 14:45 - 00000000 ____D () C:\Users\Michal\Downloads\du
2015-03-06 11:41 - 2015-03-06 11:41 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-06 11:40 - 2015-03-06 11:40 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Michal\Downloads\mbam-setup-2-0-3-1025.exe
2015-03-06 03:10 - 2015-03-06 03:15 - 00000000 ____D () C:\AdwCleaner
2015-03-05 21:32 - 2015-03-05 21:39 - 00000701 _____ () C:\Users\Michal\Desktop\Anticheat.lnk
2015-03-05 21:32 - 2015-03-05 21:32 - 00000000 ____D () C:\Program Files (x86)\Shifters Anticheat
2015-03-05 21:31 - 2015-03-05 21:32 - 02003968 _____ (SHIFTERS.eu) C:\Users\Michal\Downloads\Anticheat_utilita.exe
2015-03-05 09:55 - 2015-03-05 11:31 - 785247627 _____ () C:\Users\Michal\Downloads\Stronghold-Crusader-CZ-full.rar
2015-03-04 23:09 - 2015-03-04 23:09 - 00000000 ____D () C:\rsit
2015-03-04 23:09 - 2015-03-04 23:09 - 00000000 ____D () C:\Program Files\trend micro
2015-03-04 23:08 - 2015-03-04 23:08 - 01222144 _____ () C:\Users\Michal\Downloads\RSITx64.exe
2015-03-02 21:04 - 2015-03-10 16:53 - 00000000 ____D () C:\Users\Michal\Downloads\walking dead
2015-03-02 20:29 - 2015-03-11 14:11 - 01028830 _____ () C:\Windows\WindowsUpdate.log
2015-02-27 17:23 - 2014-12-13 22:28 - 00513488 _____ () C:\Windows\SysWOW64\locale.nls
2015-02-27 17:23 - 2014-12-13 22:28 - 00513488 _____ () C:\Windows\system32\locale.nls
2015-02-27 17:23 - 2014-10-29 02:27 - 01200128 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2015-02-27 17:23 - 2014-10-29 02:27 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\GlobCollationHost.dll
2015-02-27 17:23 - 2014-10-29 02:04 - 00868352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2015-02-27 17:23 - 2014-10-29 02:04 - 00200704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GlobCollationHost.dll
2015-02-27 02:19 - 2015-02-27 02:19 - 00000218 _____ () C:\Users\Michal\Desktop\Half-Life.url
2015-02-27 00:08 - 2015-02-27 00:08 - 00000767 _____ () C:\Users\Public\Desktop\Counter-Strike 1.6 Non-Steam.lnk
2015-02-27 00:08 - 2015-02-27 00:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6 Non-Steam patch v36
2015-02-27 00:04 - 2015-02-27 00:07 - 15756870 _____ (Portál soe.cz ) C:\Users\Michal\Downloads\cs-1.6-Patch-36-protokol-48.exe
2015-02-27 00:02 - 2015-02-27 00:02 - 00000659 _____ () C:\Users\Public\Desktop\Counter-Strike 1.6.lnk
2015-02-26 23:49 - 2015-02-26 23:58 - 302548481 _____ (InstallShield Software Corporation) C:\Users\Michal\Downloads\Counter-Strike-1-6_1.6.exe
2015-02-26 23:42 - 2015-02-26 23:42 - 00000000 ____D () C:\Users\Michal\Downloads\Nový priečinok
2015-02-24 23:45 - 2015-03-05 20:58 - 00000000 ____D () C:\Users\Michal\Downloads\The Grand Budapest Hotel (2014)
2015-02-24 17:46 - 2015-03-03 00:04 - 00001531 _____ () C:\Users\Michal\Desktop\Nový textový dokument.txt
2015-02-22 11:36 - 2015-02-22 11:36 - 00000748 _____ () C:\Users\Public\Desktop\Intel(R) HD Graphics Control Panel.lnk
2015-02-22 11:30 - 2015-02-22 11:31 - 00000000 ____D () C:\Users\Michal\Desktop\Nový priečinok (2)
2015-02-21 23:06 - 2015-02-21 23:06 - 00000000 ____D () C:\Users\Michal\Documents\TwoWorlds Files
2015-02-20 11:13 - 2015-02-20 11:13 - 00000000 ____D () C:\Users\Michal\AppData\Local\Steam
2015-02-20 01:42 - 2015-02-20 01:42 - 00000220 _____ () C:\Users\Michal\Desktop\Two Worlds Epic Edition.url
2015-02-20 01:41 - 2015-02-20 01:41 - 00000222 _____ () C:\Users\Michal\Desktop\Commander Conquest of the Americas Gold.url
2015-02-20 01:39 - 2015-02-20 01:39 - 00000222 _____ () C:\Users\Michal\Desktop\Pirates of Black Cove Gold.url
2015-02-20 01:39 - 2015-02-20 01:39 - 00000222 _____ () C:\Users\Michal\Desktop\Knights and Merchants.url
2015-02-20 01:37 - 2015-02-20 01:37 - 00000222 _____ () C:\Users\Michal\Desktop\KnightShift.url
2015-02-20 01:36 - 2015-02-20 01:36 - 00000222 _____ () C:\Users\Michal\Desktop\East India Company Gold.url
2015-02-20 01:34 - 2015-02-20 01:34 - 00000222 _____ () C:\Users\Michal\Desktop\Enclave.url
2015-02-19 19:49 - 2015-02-19 20:11 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Shifters Anticheat
2015-02-13 18:08 - 2015-02-13 18:08 - 00000710 _____ () C:\Users\Michal\Desktop\Handbrake.lnk
2015-02-13 18:08 - 2015-02-13 18:08 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Handbrake
2015-02-13 18:05 - 2015-02-13 19:22 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\HandBrake
2015-02-13 18:04 - 2015-02-13 18:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Handbrake
2015-02-13 14:08 - 2015-02-13 14:08 - 00000000 ____D () C:\Users\Michal\Documents\Adobe Premiere Pro Auto-Save
2015-02-13 09:30 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-13 09:29 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-12 11:51 - 2015-02-13 14:28 - 00000000 ____D () C:\Users\Michal\Documents\Adobe Premiere Pro Preview Files
2015-02-11 20:35 - 2015-02-13 14:14 - 01170619 _____ () C:\Users\Michal\Documents\FNF-LP.prproj
2015-02-11 16:50 - 2015-02-11 19:13 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\Audacity
2015-02-11 16:44 - 2015-02-11 16:44 - 00000725 _____ () C:\Users\Michal\Desktop\Bandicam.lnk
2015-02-11 16:44 - 2015-02-11 16:44 - 00000000 ____D () C:\Users\Michal\Documents\Bandicam
2015-02-11 16:44 - 2015-02-11 16:44 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\BANDISOFT
2015-02-11 16:44 - 2015-02-11 16:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandicam
2015-02-11 16:44 - 2015-02-11 16:44 - 00000000 ____D () C:\Program Files (x86)\BandiMPEG1
2015-02-11 16:40 - 2015-02-11 16:40 - 00000738 _____ () C:\Users\Public\Desktop\Audacity.lnk
2015-02-11 16:40 - 2015-02-11 16:40 - 00000738 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2015-02-11 16:26 - 2015-02-11 16:26 - 00000000 ____D () C:\Users\Michal\Documents\LP
2015-02-11 16:08 - 2015-02-11 16:08 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\MMFApplications
2015-02-11 14:02 - 2015-01-15 23:43 - 00563504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-11 14:02 - 2015-01-15 23:43 - 00177984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-11 14:02 - 2015-01-14 05:22 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-02-11 14:02 - 2015-01-14 04:53 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-02-11 14:02 - 2015-01-13 23:11 - 01762840 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-11 14:02 - 2015-01-13 23:04 - 01489072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-11 14:02 - 2015-01-10 10:10 - 07472960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-11 14:02 - 2015-01-10 10:10 - 01733440 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-02-11 14:02 - 2015-01-10 09:28 - 01498360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-02-11 14:02 - 2015-01-10 08:00 - 00430080 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-11 14:02 - 2015-01-10 07:38 - 00359424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-11 14:02 - 2014-12-09 04:45 - 00393728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-11 14:02 - 2014-12-09 02:56 - 00538624 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-11 14:02 - 2014-10-29 03:51 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-11 14:02 - 2014-10-29 03:50 - 00736768 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-11 14:02 - 2014-10-29 03:06 - 00736768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-11 14:02 - 2014-10-29 03:06 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-11 14:02 - 2014-10-29 03:02 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-02-11 14:02 - 2014-10-29 03:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-02-11 14:02 - 2014-10-29 02:57 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-02-11 14:02 - 2014-10-29 02:31 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-11 14:02 - 2014-10-29 02:15 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-02-11 14:02 - 2014-10-29 02:15 - 00005632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-02-11 14:02 - 2014-10-29 02:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-02-11 14:02 - 2014-10-29 02:13 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-02-11 14:02 - 2014-10-29 02:13 - 00008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-02-11 14:01 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-11 14:01 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-11 14:01 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-11 14:01 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-11 14:01 - 2015-01-12 03:34 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-02-11 14:01 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-11 14:01 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-11 14:01 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-11 14:01 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-11 14:01 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-11 14:01 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-11 14:01 - 2015-01-12 02:58 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-02-11 14:01 - 2015-01-12 02:55 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-02-11 14:01 - 2015-01-12 02:51 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-02-11 14:01 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-11 14:01 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-11 14:01 - 2015-01-12 02:48 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-11 14:01 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-11 14:01 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-11 14:01 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-11 14:01 - 2015-01-12 02:34 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-02-11 14:01 - 2015-01-12 02:30 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-02-11 14:01 - 2015-01-12 02:27 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-02-11 14:01 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-11 14:01 - 2015-01-12 02:25 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-02-11 14:01 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-11 14:01 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-11 14:01 - 2015-01-12 02:23 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-11 14:01 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-11 14:01 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-11 14:01 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-11 14:01 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-11 14:01 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-11 14:01 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-11 14:01 - 2014-12-19 09:57 - 00788680 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-11 14:01 - 2014-12-19 09:25 - 00602776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-11 14:01 - 2014-12-09 00:12 - 00391526 _____ () C:\Windows\system32\ApnDatabase.xml
2015-02-11 14:00 - 2015-01-19 19:42 - 01487976 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2015-02-11 14:00 - 2015-01-10 09:22 - 04175872 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-09 16:38 - 2015-02-09 16:38 - 00000000 ____D () C:\Users\Michal\AppData\Local\Intel_Corporation
2015-02-09 16:33 - 2015-02-09 16:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys
2015-02-09 16:33 - 2015-02-09 16:33 - 00000000 ____D () C:\Program Files (x86)\Lavalys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-11 14:48 - 2014-12-24 17:41 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-03-11 14:40 - 2014-12-24 23:16 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\TS3Client
2015-03-11 14:25 - 2014-12-23 13:15 - 00000954 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-11 14:00 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sru
2015-03-11 12:37 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-03-11 12:35 - 2013-08-22 16:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-03-11 12:25 - 2014-12-23 13:40 - 00000000 ____D () C:\ProgramData\MFAData
2015-03-11 12:24 - 2014-12-23 13:14 - 00003958 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{B9C1F22B-3B4B-422A-8EF1-B1630414684D}
2015-03-11 12:23 - 2014-12-23 11:42 - 00000000 __RDO () C:\Users\Michal\OneDrive
2015-03-11 12:23 - 2014-12-23 11:37 - 00000093 _____ () C:\Users\Michal\AppData\Roaming\sp_data.sys
2015-03-11 12:22 - 2014-12-23 13:15 - 00000950 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-11 00:17 - 2014-12-27 02:06 - 00000000 ____D () C:\Users\Michal\AppData\Local\CrashDumps
2015-03-10 14:08 - 2014-12-23 13:25 - 00819200 ___SH () C:\Users\Michal\Desktop\Thumbs.db
2015-03-10 02:26 - 2014-03-18 16:25 - 00863592 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-10 02:11 - 2014-12-25 01:51 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\vlc
2015-03-10 01:49 - 2014-12-25 01:09 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\uTorrent
2015-03-08 15:47 - 2014-12-23 13:23 - 00000000 ____D () C:\Users\Michal\AppData\Roaming\XnView
2015-03-07 15:17 - 2014-12-23 11:40 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3052728683-791047638-3597169863-1001
2015-03-06 03:17 - 2013-08-22 15:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-06 03:16 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-03-05 12:02 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-03-05 09:36 - 2014-12-23 15:07 - 00000000 ____D () C:\Program Files (x86)\ImperiaMu Game Client
2015-03-02 21:04 - 2014-12-26 13:11 - 00034816 ___SH () C:\Users\Michal\Downloads\Thumbs.db
2015-02-27 00:02 - 2014-10-10 04:41 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-02-26 03:38 - 2014-12-23 11:32 - 00000000 ____D () C:\Users\Michal
2015-02-22 11:36 - 2014-10-10 04:38 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-02-21 21:04 - 2015-01-06 21:33 - 00000000 ____D () C:\Users\Michal\Desktop\ja
2015-02-21 20:34 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\NDF
2015-02-20 23:48 - 2014-12-23 13:40 - 00000000 ____D () C:\Users\Michal\AppData\Local\Avg2015
2015-02-20 15:41 - 2015-01-19 19:39 - 00000000 ____D () C:\Users\Michal\Desktop\Nový priečinok
2015-02-20 10:28 - 2014-12-23 13:17 - 00002217 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-02-14 02:55 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\rescache
2015-02-12 11:21 - 2013-08-22 15:44 - 05219568 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-11 14:58 - 2014-12-24 17:18 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-11 14:46 - 2014-12-24 17:18 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-09 17:38 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\LiveKernelReports

==================== Files in the root of some directories =======

2014-12-23 11:37 - 2015-03-11 12:23 - 0000093 _____ () C:\Users\Michal\AppData\Roaming\sp_data.sys
2014-10-10 04:42 - 2014-10-10 04:42 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-12-23 15:41 - 2014-12-23 15:41 - 0000016 _____ () C:\ProgramData\mntemp
2014-04-23 09:53 - 2012-09-07 12:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2014-04-23 09:53 - 2009-07-22 11:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2014-04-23 09:53 - 2012-09-07 12:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS

Files to move or delete:
====================
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-08 13:59

==================== End Of Log ============================

Napiste mi velikost adresare plochy (C:\Users\Michal\Plocha)



Otevrete si poznamkovy blok a zkopirujte do nej tento skript Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.

veľkosť pracovnej plochy je 2,71 GB + prikladám log

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-03-2015
Ran by Michal at 2015-03-12 00:50:13 Run:1
Running from C:\Users\Michal\Desktop
Loaded Profiles: Michal (Available profiles: Michal)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKU\S-1-5-21-3052728683-791047638-3597169863-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-3052728683-791047638-3597169863-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-3052728683-791047638-3597169863-1001\...\Run: [AdobeBridge] => [X]

HKU\S-1-5-21-3052728683-791047638-3597169863-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus13.msn.com/?pc=ASJB
HKU\S-1-5-21-3052728683-791047638-3597169863-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com/?pc=ASJB

S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-23 107912]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-23 107912]

2015-03-06 11:41 - 2015-03-06 11:41 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-06 11:40 - 2015-03-06 11:40 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Michal\Downloads\mbam-setup-2-0-3-1025.exe

Task: C:\Windows\Tasks\1014avUpdateInfo.job => C:\ProgramData\Avg_Update_1014av\1014av_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SwitchBoard => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\AdobeCS6ServiceManager => value deleted successfully.
HKU\S-1-5-21-3052728683-791047638-3597169863-1001\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => value deleted successfully.
HKU\S-1-5-21-3052728683-791047638-3597169863-1001\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value deleted successfully.
HKU\S-1-5-21-3052728683-791047638-3597169863-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value deleted successfully.
HKU\S-1-5-21-3052728683-791047638-3597169863-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKU\S-1-5-21-3052728683-791047638-3597169863-1001\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
SwitchBoard => Service deleted successfully.
gupdate => Service deleted successfully.
SkypeUpdate => Service deleted successfully.
gupdatem => Service deleted successfully.
C:\ProgramData\Malwarebytes => Moved successfully.
"C:\Users\Michal\Downloads\mbam-setup-2-0-3-1025.exe" => File/Directory not found.
C:\Windows\Tasks\1014avUpdateInfo.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 480.6 MB temporary data.


The system needed a reboot.

==== End of Fixlog 00:51:41 ====

miGGuel píše:veľkosť pracovnej plochy je 2,71 GB

Velikost plochy by nemela preshovat 200 - 300 MB! Brzdi to chod pc. Cili ji trosku uklidte a na plochu dejte jen zastupce. Jen pozor na obcasnou chybu, ze uzivatele maji na plose slozku, v ni dalsi a v ni dalsi a do te to schovaji. To je sice hezke, ale plochu to nezmensi, jen je to v jinem supliku



Stahnete crystal disk info http://sourceforge.jp/projects/crystald ... 5_0_0.zip/
Spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)



Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

vyosek píše: DelFix https://toolslib.net/downloads/finish/2/

• Stahnete a spustte
• Ponechte zatrzitkou pouze u volby Remove disinfection tools
• Kliknete na Run

Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)

Defragmentujte disk(y) (SSD Disky ne!)
Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.




Pak napiste, jak je na tom pc.

crystal disk info

----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 8 [6.2 Build 9200] (x64)
Date : 2015/03/13 15:41:42

-- Controller Map ----------------------------------------------------------
+ Intel(R) Pentium(R) processor N- and J-series / Intel(R) Celeron(R) processor N- and J-series AHCI - 0F23 [ATA]
- ST500LT012-1DG142
- MATSHITA DVD-RAM UJ8E2 S
- Microsoft Storage Spaces Controller [SCSI]

-- Disk List ---------------------------------------------------------------
(1) ST500LT012-1DG142 : 500,1 GB [0/0/0, pd1] - st

----------------------------------------------------------------------------
(1) ST500LT012-1DG142
----------------------------------------------------------------------------
Model : ST500LT012-1DG142
Firmware : 0003SDM1
Serial Number : W3P4EMND
Disk Size : 500,1 GB (8,4/137,4/500,1)
Buffer Size : Neznámy údaj
Queue Depth : 32
# of Sectors : 976773168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 4
Transfer Mode : SATA/600
Power On Hours : 1100 hod.
Power On Count : 121 krát
Host Reads : 1177 GB
Host Writes : 1356 GB
Temparature : 35 C (95 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 8080h [ON]
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 115 _99 __6 0000050F7660 Počet chyb čtení
03 _99 _99 __0 000000000000 Čas na roztočení ploten
04 100 100 _20 000000000079 Počet spuštění/zastavení
05 100 100 _36 000000000000 Počet přemapovaných sektorů
07 _75 _60 _30 000101C83D42 Počet chybných hledání
09 _99 _99 __0 76D50000044C Hodin v činnosti
0A 100 100 _97 000000000000 Počet opakovaných pokusů o roztočení ploten
0C 100 100 _20 000000000079 Počet cyklů zapnutí zařízení
B8 100 100 _99 000000000000 Ukončovacích chyb
BB 100 100 __0 000000000000 Ohlášeno neopravitelných chyb
BC 100 100 __0 000000000000 Časový limit příkazu
BD 100 100 __0 000000000000 Vysoká rychlost zápisu
BE _65 _52 _45 000024150023 Teplota toku vzduchu
BF 100 100 __0 00000000002C Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 000000000001 Počet vypnutí disku
C1 _91 _91 __0 000000004ABC Počet cyklů načítání/vymazání
C2 _35 _48 __0 000A00000023 Teplota
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
F0 _99 _99 __0 4B68000003F9 Čas nastavování hlaviček - v hodinách
F1 100 253 __0 0000A991AA97 Total LBAs Written
F2 100 253 __0 000093334341 Total LBAs Read
FE 100 100 __0 000000000000 Ochrana proti pádu

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 5733 5733 5034 454D 4E44
020: 0000 0000 0004 3030 3033 4D31 4D31 5354 3530 304C
030: 5430 3132 2D31 4447 3134 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0200 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 8F0E 8F0E 0004 0048 0040
080: 01F0 0029 746B 7D69 6163 BC49 BC49 6163 207F 002E
090: 002E 8080 FFFE 0000 D000 0000 0000 0000 0000 0000
100: 6030 3A38 0000 0000 0000 6003 6003 0000 5000 C500
110: 73AA DF30 0000 0000 0000 0000 0000 0000 0000 401E
120: 401E 0000 0000 0000 0000 0000 0000 0000 0029 6030
130: 3A38 6030 3A38 2020 0002 0108 0108 5000 3C06 3C0A
140: 0000 003C 0000 0008 0000 7CFF 7CFF 0280 0000 0000
150: 0008 0000 0000 0000 1028 4000 4000 0000 7500 8000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 1035 1035 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0002 0000 103F 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 1FA5

OK, tak ted ten zbytek a pak napiste, jak to s pc vypada


12.4. pro neaktivitu http://forum.viry.cz/viewtopic.php?f=12&t=123975