VIRY.CZ

Dobrý den.
Na začátku tohoto měsíce mi začala blbnout moje integrovaná webkamera na mém notebooku. Začalo to tím, že se mi prostě najednou začala vypínat a zapínat když jsem jí měl spuštěnou při hovorech na google hangoutu nebo na skypu. Nadále to pokračovalo a zkoušel jsem zjistit na internetu co s tím. Tam jsem našel driver pro svou kameru v notebooku a nainstaloval jsem ho, vypadalo to, že to funguje a na chvilku to šlo ovsem, kdyz jsem měl video hovor tak zachvilku opět vypadla a začalo to být spíše horší. Mám windows 8.1 a tam to testuji na appce kamera. V nastavení pro webkameru se mi neukazují žádné aplikace na povoleni a předevčírem začala blbnout opravdu hodne (viz video). Jedna z možností čím to můze byt jsem zjistil je, že se mi někdo hackuje do kamery. Ve správci zařízení se mění název kamery z HD webkamera na SPCA2082 PC Camera. Prosím o pomoc, nevím si s tím už rady..

Zdravím!
Pro začátek dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .

Tady to máte.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:17-08-2015
Ran by Michal (administrator) on TOWER (18-08-2015 19:43:53)
Running from C:\Users\Michal\Desktop
Loaded Profiles: Michal (Available Profiles: Michal)
Platform: Windows 8.1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareService.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodag.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareTray.exe
(Akamai Technologies, Inc.) C:\Users\Michal\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Michal\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\msosync.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.99\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.99\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.99\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.99\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.99\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.99\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.99\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.99\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.99\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.99\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.99\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.99\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.99\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.99\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.99\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.99\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.99\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.99\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.99\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.99\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.99\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.99\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.99\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.99\opera.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.99\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.99\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.99\opera.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(forum.viry.cz) C:\Users\Michal\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2890056 2013-09-06] (ELAN Microelectronics Corp.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [OODefragTray] => C:\Program Files\OO Software\Defrag\oodtray.exe [3942216 2011-01-25] (O&O Software GmbH)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13647576 2013-08-27] (Realtek Semiconductor)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareTray.exe [9549808 2015-06-24] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-09-15] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-09-07] (Qualcomm®Atheros®)
HKU\S-1-5-21-3027682064-225603362-3254189001-1001\...\Run: [Facebook Update] => C:\Users\Michal\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-09-17] (Facebook Inc.)
HKU\S-1-5-21-3027682064-225603362-3254189001-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Michal\AppData\Local\Akamai\netsession_win.exe [4691384 2015-07-23] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3027682064-225603362-3254189001-1001\...\Run: [Google Update] => C:\Users\Michal\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-09-21] (Google Inc.)
HKU\S-1-5-21-3027682064-225603362-3254189001-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [479744 2014-11-19] (Microsoft Corporation)
HKU\S-1-5-21-3027682064-225603362-3254189001-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8418584 2015-07-17] (Piriform Ltd)
HKU\S-1-5-21-3027682064-225603362-3254189001-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53655680 2015-07-28] (Skype Technologies S.A.)
Startup: C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\iMindMap7 Preloader.lnk [2014-10-23]
ShortcutTarget: iMindMap7 Preloader.lnk -> C:\Users\Michal\.thinkbuzan\imindmap7\preload\iMindMap7_Preloader.exe (No File)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-3027682064-225603362-3254189001-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2503} URL = hxxp://www.default-search.net/search?sid=503&a ... earchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2503} URL = hxxp://www.default-search.net/search?sid=503&a ... earchTerms}
SearchScopes: HKU\S-1-5-21-3027682064-225603362-3254189001-1001 -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2503} URL = hxxp://www.default-search.net/search?sid=503&a ... earchTerms}
SearchScopes: HKU\S-1-5-21-3027682064-225603362-3254189001-1001 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2503} URL = hxxp://www.default-search.net/search?sid=503&a ... earchTerms}
SearchScopes: HKU\S-1-5-21-3027682064-225603362-3254189001-1001 -> {AB786015-C03A-4B0A-82DD-B3D57AD1E6D3} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-06-09] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-07-19] (Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-19] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-07-19] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-19] (Oracle Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 10.0.0.254
Tcpip\..\Interfaces\{DED0503E-5EA0-4A7E-B401-81E5C6E9C2CD}: [DhcpNameServer] 192.168.1.1 10.0.0.254
Tcpip\..\Interfaces\{F6F2E754-D290-4E7D-8C11-CEFA5BCE93A0}: [DhcpNameServer] 192.11.128.24

FireFox:
========
FF ProfilePath: C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\ayw5alez.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-12] ()
FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-19] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-19] (Oracle Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-12] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-07-11] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-19] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll [2011-03-09] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-10-21] (Microsoft Corporation)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin HKU\S-1-5-21-3027682064-225603362-3254189001-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Michal\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-3027682064-225603362-3254189001-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Michal\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-3027682064-225603362-3254189001-1001: @talk.google.com/O1DPlugin -> C:\Users\Michal\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-3027682064-225603362-3254189001-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Michal\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-3027682064-225603362-3254189001-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Michal\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Michal\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Michal\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Extension: Pin It Button - C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\ayw5alez.default\Extensions\jid1-YcMV6ngYmQRA2w@jetpack.xpi [2015-05-27]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [not found]

Chrome:
=======
CHR HomePage: Default -> hxxp://start.icq.com/
CHR StartupUrls: Default -> "hxxp://www.delta-search.com/?affID=119776&babs ... 0F6E7B6D58", "hxxp://websearch.helpmefindyour.info/?pid=320&r=2013/03/28&hid=574941508&lg=EN&cc=CZ", "hxxp://start.mysearchdial.com/?f=1&a=solimmsd&cd=2XzuyEtN2Y1L1QzuyE0CtD0FyC0EyB0ByC0DyDzztB0AtB0CtN0D0Tzu0CyDtAyEtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1B1F1I1L1H1H1B1Q&cr=933047986&ir=", "hxxp://websearch.searchboxes.info/?pid=500&r=2013/07/25&hid=1001939323&lg=EN&cc=CZ&unqvl=28"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-17]
CHR Extension: (Google Docs) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-17]
CHR Extension: (Google Drive) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-17]
CHR Extension: (Please enter your password) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2015-01-20]
CHR Extension: (YouTube) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-17]
CHR Extension: (Google Search) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-17]
CHR Extension: (Google Sheets) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-17]
CHR Extension: (AdBlock) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-01-20]
CHR Extension: (Google Mail Checker) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2015-01-20]
CHR Extension: (Google Wallet) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-17]
CHR Extension: (Gmail) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-17]

Opera:
=======
OPR Extension: (unexploredtechnologies) - C:\Users\Michal\AppData\Roaming\Opera Software\Opera Stable\Extensions\akolddhpfpfcljglcklbfkihhbjnjodb [2015-04-02]
OPR Extension: (adblockforopera) - C:\Users\Michal\AppData\Roaming\Opera Software\Opera Stable\Extensions\aobdicepooefnbaeokijohmhjlleamfj [2014-10-07]
OPR Extension: (Please enter your password) - C:\Users\Michal\AppData\Roaming\Opera Software\Opera Stable\Extensions\ccbdoklfbpcifppcfahmmpmbkfdjjccm [2014-10-07]
OPR Extension: (inbasic) - C:\Users\Michal\AppData\Roaming\Opera Software\Opera Stable\Extensions\flkijckbigolpahbkklilflpmkalfohc [2015-04-19]
OPR Extension: (stormbreakerbg) - C:\Users\Michal\AppData\Roaming\Opera Software\Opera Stable\Extensions\jmbefbhbhjgnjbegmnhmakmmldnfogcd [2015-02-04]
OPR Extension: (escape75) - C:\Users\Michal\AppData\Roaming\Opera Software\Opera Stable\Extensions\omhcddilnfoiiplehpjihipcocdplljn [2015-04-02]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-09-15] (Advanced Micro Devices, Inc.) [File not signed]
S4 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [312448 2013-09-07] (Windows (R) Win 7 DDK provider) [File not signed]
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-11-19] (Microsoft Corporation)
S4 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [3058944 2014-08-06] (Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2753720 2015-07-01] (Microsoft Corporation)
S4 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [663592 2013-07-06] (Acer Incorporated)
S4 ETDService; C:\Program Files\Elantech\ETDService.exe [101192 2013-09-06] (ELAN Microelectronics Corp.)
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareService.exe [716664 2015-06-24] ()
S4 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [457768 2013-08-03] (Acer Incorporate)
R2 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [3051848 2011-01-25] (O&O Software GmbH)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2015-07-24] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [671512 2014-12-22] (Wacom Technology, Corp.)
S2 0177001411017149mcinstcleanup; no ImagePath
S2 IMFservice; no ImagePath
S2 PowerMon; no ImagePath

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3881472 2015-01-15] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [222720 2014-03-11] (Advanced Micro Devices)
R3 avc3; C:\Windows\System32\DRIVERS\avc3.sys [727592 2014-08-21] (BitDefender)
R3 avchv; C:\Windows\system32\DRIVERS\avchv.sys [261496 2014-08-21] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [601360 2014-08-21] (BitDefender)
R1 BdfNdisf; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Firewall Engine\1.6.0.0\Drivers\bdfndisf6.sys [97816 2014-07-10] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Firewall Engine\1.6.0.0\Drivers\bdfwfpf.sys [107080 2014-07-10] (BitDefender LLC)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-07] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 EagleX64; no ImagePath
S3 FileMonitor; no ImagePath
R3 gzflt; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.98.0\gzflt.sys [155912 2015-01-22] (BitDefender LLC)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2014-12-29] (REALiX(tm))
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
S3 RegFilter; no ImagePath
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit)
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [452040 2015-01-22] (BitDefender S.R.L.)
S3 UrlFilter; no ImagePath
S3 WinRing0_1_2_0; no ImagePath
S3 xhunter1; no ImagePath
S2 APXACC; \SystemRoot\system32\DRIVERS\appexDrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-18 19:43 - 2015-08-18 19:45 - 00022553 _____ C:\Users\Michal\Desktop\FRST.txt
2015-08-18 19:43 - 2015-08-18 19:44 - 00000000 ____D C:\FRST
2015-08-18 19:37 - 2015-08-18 19:37 - 00112640 _____ (forum.viry.cz) C:\Users\Michal\Desktop\FRSTLauncher.exe
2015-08-18 19:35 - 2015-08-18 19:35 - 02173440 _____ (Farbar) C:\Users\Michal\Desktop\FRST64.exe
2015-08-18 16:45 - 2015-08-18 17:24 - 00000000 ____D C:\Users\Michal\Desktop\Blueforum
2015-08-18 14:44 - 2015-08-18 14:44 - 00000116 _____ C:\Windows\setupact.log
2015-08-18 14:44 - 2015-08-18 14:44 - 00000000 _____ C:\Windows\setuperr.log
2015-08-18 10:04 - 2015-08-18 10:06 - 13191115 _____ C:\Users\Michal\Downloads\VIDEO0097.mp4
2015-08-18 09:46 - 2015-06-10 00:39 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS
2015-08-18 09:46 - 2015-06-10 00:39 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthenum.sys
2015-08-18 09:46 - 2015-06-10 00:38 - 01201664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2015-08-18 09:46 - 2015-05-01 03:13 - 06521800 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2015-08-18 09:46 - 2015-05-01 03:13 - 01488000 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2015-08-18 09:46 - 2015-05-01 03:13 - 00261376 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2015-08-18 09:34 - 2015-08-17 16:19 - 09112792 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\rtsuvc.sys
2015-08-17 16:19 - 2015-08-17 16:19 - 00000000 ____D C:\Users\Michal\Desktop\Realtek_PC_Camera_6.2.9200.10275
2015-08-17 10:04 - 2015-08-17 10:04 - 00000000 ____D C:\ProgramData\ATI
2015-08-17 00:07 - 2015-08-17 00:08 - 17364912 _____ C:\Users\Michal\Downloads\realtek_web_camera_6_2_9200_10275_driver.zip
2015-08-12 12:45 - 2015-07-30 16:04 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 12:45 - 2015-07-30 15:48 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 12:30 - 2015-08-08 15:55 - 00794088 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-12 12:30 - 2015-08-08 15:55 - 00179688 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-12 11:02 - 2015-07-29 01:24 - 00025776 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-12 11:02 - 2015-07-28 16:24 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-12 11:02 - 2015-07-28 16:24 - 01116160 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-12 11:02 - 2015-07-28 16:24 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-12 11:02 - 2015-07-28 16:24 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-12 11:02 - 2015-07-28 16:24 - 00437248 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-12 11:02 - 2015-07-28 16:24 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-12 11:02 - 2015-07-07 11:40 - 00270168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2015-08-12 11:02 - 2015-07-07 11:40 - 00114520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2015-08-12 11:02 - 2015-07-07 11:40 - 00044560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2015-08-12 11:02 - 2015-06-12 19:03 - 18823680 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2015-08-12 11:02 - 2015-06-12 18:36 - 15159296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2015-08-12 11:02 - 2015-06-09 20:27 - 00411133 _____ C:\Windows\system32\ApnDatabase.xml
2015-08-12 11:01 - 2015-07-14 23:59 - 01113944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-08-12 11:01 - 2015-07-14 23:59 - 00487256 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2015-08-12 11:01 - 2015-07-14 23:59 - 00393560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2015-08-12 11:01 - 2015-06-11 22:12 - 02476376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-08-12 11:01 - 2015-06-11 22:12 - 00428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-08-12 08:45 - 2015-07-19 03:58 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-08-12 08:45 - 2015-07-18 20:51 - 03704320 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-08-12 08:45 - 2015-07-18 20:31 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-08-12 08:45 - 2015-07-18 20:31 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-08-12 08:45 - 2015-07-18 20:31 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-08-12 08:45 - 2015-07-18 20:29 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-08-12 08:45 - 2015-07-18 20:29 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-08-12 08:45 - 2015-07-18 20:29 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-08-12 08:45 - 2015-07-18 20:28 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-08-12 08:45 - 2015-07-18 20:12 - 02228736 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-08-12 08:45 - 2015-07-18 20:10 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-08-12 08:45 - 2015-07-18 20:09 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-08-12 08:45 - 2015-07-10 20:19 - 01101824 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-08-12 08:45 - 2015-07-10 19:14 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-08-12 08:45 - 2015-07-10 19:13 - 07032320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-12 08:45 - 2015-07-10 18:31 - 06213120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-12 08:44 - 2015-07-16 23:14 - 25192448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-12 08:44 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-12 08:44 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-12 08:44 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-12 08:44 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-12 08:44 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-12 08:44 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-12 08:44 - 2015-07-16 22:20 - 19870208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-12 08:44 - 2015-07-16 21:53 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-08-12 08:44 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-12 08:44 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-08-12 08:44 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-12 08:44 - 2015-07-16 21:45 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-08-12 08:44 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-08-12 08:44 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-12 08:44 - 2015-07-16 21:38 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-08-12 08:44 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-12 08:44 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-12 08:44 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-12 08:44 - 2015-07-16 21:14 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-08-12 08:44 - 2015-07-16 21:13 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-08-12 08:44 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-12 08:44 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-12 08:44 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-12 08:44 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-12 08:44 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-12 08:44 - 2015-07-16 20:52 - 01048576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-08-12 08:44 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-08-12 08:44 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-12 08:44 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-12 08:44 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-08-12 08:43 - 2015-07-16 02:29 - 07458648 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-12 08:43 - 2015-07-16 02:29 - 01735000 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-12 08:43 - 2015-07-16 02:29 - 00101720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-12 08:43 - 2015-07-16 02:28 - 01499920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-12 08:43 - 2015-07-10 19:54 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-12 08:43 - 2015-07-02 00:19 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-12 08:43 - 2015-07-02 00:16 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-12 08:43 - 2015-07-01 23:37 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-12 08:43 - 2015-07-01 23:35 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-12 08:41 - 2015-07-14 05:22 - 02529880 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-12 08:41 - 2015-07-14 05:21 - 01901776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-12 08:41 - 2015-07-13 21:46 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-12 08:41 - 2015-07-13 21:45 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-12 08:41 - 2015-07-10 19:42 - 02345472 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-12 08:41 - 2015-07-10 18:47 - 01556992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-12 08:41 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-12 08:41 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-12 08:41 - 2015-07-09 18:30 - 00212992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-12 08:41 - 2015-05-12 02:24 - 00536920 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-08-12 08:40 - 2015-07-29 16:37 - 01994752 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-12 08:40 - 2015-07-29 16:30 - 01381888 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-12 08:40 - 2015-07-29 16:23 - 01559552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-12 08:40 - 2015-07-24 20:57 - 04177408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-12 08:40 - 2015-07-24 20:57 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-12 08:40 - 2015-07-24 20:52 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-12 08:40 - 2015-07-24 19:27 - 00301568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-12 08:40 - 2015-07-24 19:23 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-10 11:19 - 2015-08-10 11:19 - 00000000 ____D C:\Users\Michal\AppData\Local\The_Aspect
2015-08-06 16:07 - 2015-08-06 16:07 - 00003824 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1411072749
2015-08-06 16:07 - 2015-08-06 16:07 - 00001027 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-08-05 19:26 - 2015-08-05 19:26 - 00000000 ____D C:\Windows\System32\Tasks\WiseCleaner
2015-08-03 01:08 - 2015-08-03 01:08 - 06609608 _____ (Piriform Ltd) C:\Users\Michal\Downloads\ccsetup508.exe
2015-07-24 13:57 - 2015-07-24 13:57 - 00271200 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2015-07-24 13:57 - 2015-07-24 13:57 - 00271200 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2015-07-24 13:43 - 2015-07-24 13:43 - 00000000 ____D C:\Users\Michal\AppData\Local\PunkBuster
2015-07-22 11:18 - 2015-07-22 11:21 - 00000000 ____D C:\Users\Michal\AppData\Roaming\SmartSteamEmu
2015-07-22 10:49 - 2015-07-22 10:52 - 00001067 _____ C:\Users\Michal\.lmmsrc.xml
2015-07-22 10:47 - 2015-07-22 10:47 - 00000000 ____D C:\Users\Michal\lmms
2015-07-22 10:46 - 2015-07-22 10:46 - 00001292 _____ C:\Users\Michal\Desktop\LMMS.lnk
2015-07-22 10:45 - 2015-07-22 10:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LMMS 1.1.3
2015-07-22 10:44 - 2015-07-22 10:45 - 00000000 ____D C:\Program Files\LMMS
2015-07-22 10:26 - 2015-07-22 10:53 - 00000000 ____D C:\Users\Michal\Desktop\Music Making
2015-07-21 14:44 - 2015-08-18 19:34 - 01311492 _____ C:\Windows\WindowsUpdate.log
2015-07-19 13:24 - 2015-07-05 12:08 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-07-19 08:24 - 2015-07-19 08:24 - 00000000 _____ C:\Windows\SysWOW64\REN48CE.tmp
2015-07-19 08:24 - 2015-07-19 08:23 - 00206944 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2015-07-19 08:24 - 2015-07-19 08:23 - 00206432 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2015-07-19 08:24 - 2015-07-19 08:23 - 00110688 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-18 19:46 - 2014-12-13 12:20 - 00004814 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for TOWER-Michal Tower
2015-08-18 19:38 - 2014-09-18 07:25 - 00000000 __RDO C:\Users\Michal\SkyDrive
2015-08-18 19:37 - 2015-07-16 00:31 - 00000978 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3027682064-225603362-3254189001-1001UA.job
2015-08-18 19:32 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2015-08-18 19:24 - 2015-05-12 21:25 - 00000000 ____D C:\Users\Michal\AppData\Roaming\Skype
2015-08-18 19:22 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru
2015-08-18 17:31 - 2014-05-09 08:33 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2015-08-18 16:40 - 2014-10-31 18:11 - 00000185 _____ C:\Users\Michal\Desktop\DA + MS.txt
2015-08-18 15:56 - 2014-05-09 09:02 - 00748236 _____ C:\Windows\system32\perfh005.dat
2015-08-18 15:56 - 2014-05-09 09:02 - 00156200 _____ C:\Windows\system32\perfc005.dat
2015-08-18 15:56 - 2013-09-06 09:08 - 01771710 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-18 15:28 - 2014-09-17 17:21 - 00003812 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{50720F4B-C978-4FFD-8DDD-47873DEEDF86}
2015-08-18 14:45 - 2015-07-16 09:43 - 00002375 _____ C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2015-08-18 14:44 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-18 09:49 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2015-08-18 09:41 - 2014-09-17 20:46 - 00000000 ____D C:\Users\Michal\AppData\Local\CrashDumps
2015-08-18 09:34 - 2015-01-19 20:02 - 00000000 ____D C:\Program Files (x86)\Realtek
2015-08-18 00:36 - 2015-07-16 00:31 - 00000926 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3027682064-225603362-3254189001-1001Core.job
2015-08-17 16:26 - 2014-09-19 18:52 - 00000000 ____D C:\Users\Michal\AppData\Roaming\vlc
2015-08-17 09:58 - 2014-05-09 08:38 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-08-17 00:13 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-08-16 16:23 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2015-08-16 15:46 - 2014-12-13 12:04 - 00000000 ____D C:\Users\Michal\Desktop\I-Life
2015-08-16 15:20 - 2015-03-12 23:22 - 00000000 ____D C:\Users\Michal\Downloads\INPUT, KNOWLEDGE
2015-08-13 18:33 - 2014-09-18 18:05 - 00004448 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-08-13 11:14 - 2014-09-18 07:22 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3027682064-225603362-3254189001-1001
2015-08-13 07:20 - 2013-08-22 16:44 - 05174904 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-12 23:11 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-12 23:11 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-12 23:11 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-12 23:11 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-12 12:43 - 2014-09-18 18:01 - 00000000 ____D C:\Windows\system32\MRT
2015-08-12 12:33 - 2014-09-18 18:01 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-12 12:30 - 2015-04-15 07:30 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-12 12:30 - 2014-11-19 01:08 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-12 12:30 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-12 12:30 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-12 08:12 - 2014-09-19 19:01 - 00000000 ____D C:\Users\Michal\AppData\Local\Akamai
2015-08-09 10:23 - 2015-04-19 14:14 - 00000000 ____D C:\ProgramData\Skype
2015-08-08 14:20 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\LiveKernelReports
2015-08-06 16:07 - 2014-09-18 22:39 - 00000000 ____D C:\Program Files (x86)\Opera
2015-08-05 19:26 - 2015-05-09 12:04 - 00000000 ____D C:\Users\Michal\AppData\Roaming\WiseUpdate
2015-08-04 09:07 - 2015-01-19 19:50 - 00000000 ____D C:\Windows\system32\oodag
2015-08-03 09:23 - 2015-01-01 21:19 - 00000000 ____D C:\Users\Michal\Desktop\Inspiration
2015-08-03 01:10 - 2015-01-19 19:23 - 00000840 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-08-03 01:10 - 2015-01-19 19:23 - 00000000 ____D C:\Program Files\CCleaner
2015-08-02 13:18 - 2015-07-10 18:25 - 00000000 ___HD C:\$Windows.~BT
2015-08-02 11:25 - 2013-09-06 09:57 - 00000000 ____D C:\Windows\Panther
2015-07-26 14:58 - 2015-07-18 10:04 - 00000000 ____D C:\Users\Michal\Downloads\Universal Waite Deck
2015-07-25 13:30 - 2015-04-04 05:44 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-24 13:51 - 2014-10-13 11:05 - 00075136 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2015-07-24 13:49 - 2014-10-13 11:05 - 00271200 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2015-07-24 12:20 - 2015-05-24 11:41 - 00000000 ____D C:\Users\Michal\Downloads\GAMES
2015-07-24 10:57 - 2014-12-28 16:51 - 00000000 ____D C:\Users\Michal\Desktop\Visual Library
2015-07-22 21:33 - 2014-12-27 21:35 - 00000000 ____D C:\Users\Michal\Desktop\Sketchbook
2015-07-22 11:20 - 2015-06-11 21:24 - 00000000 ____D C:\Users\Michal\Documents\My Games
2015-07-22 10:49 - 2014-09-18 07:13 - 00000000 ____D C:\Users\Michal
2015-07-21 17:33 - 2014-10-01 06:51 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-07-21 17:33 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2015-07-19 16:11 - 2015-04-14 01:27 - 00000000 ____D C:\Users\Michal\Desktop\PERSPECTIVE - INPUT
2015-07-19 08:26 - 2015-02-02 08:16 - 00000000 ____D C:\ProgramData\Oracle
2015-07-19 08:25 - 2015-02-01 22:17 - 00000000 ____D C:\Program Files (x86)\Java
2015-07-19 08:23 - 2014-10-25 12:03 - 00321632 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2015-07-19 08:23 - 2014-09-21 20:58 - 00000000 ____D C:\Program Files\Java

==================== Files in the root of some directories =======

2014-10-13 11:07 - 2014-10-13 11:12 - 0000438 _____ () C:\Users\Michal\AppData\Roaming\apachesrvin.vbs
2014-10-13 11:07 - 2014-10-13 11:12 - 0000109 _____ () C:\Users\Michal\AppData\Roaming\die.bat
2015-01-01 13:48 - 2015-05-28 10:19 - 0000847 _____ () C:\Users\Michal\AppData\Roaming\PureRef.ini
2014-12-06 11:54 - 2014-12-06 11:54 - 0000094 _____ () C:\Users\Michal\AppData\Local\fusioncache.dat
2015-01-19 19:22 - 2015-01-19 19:23 - 0023476 _____ () C:\Users\Michal\AppData\Local\HWVendorDetection.log
2015-01-24 20:45 - 2015-01-24 20:45 - 0000218 _____ () C:\Users\Michal\AppData\Local\recently-used.xbel
2014-05-09 08:39 - 2014-05-09 08:39 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\DriverToolkit Autorun.job => C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3027682064-225603362-3254189001-1001Core.job => C:\Users\Michal\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3027682064-225603362-3254189001-1001UA.job => C:\Users\Michal\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Ad-Aware Antivirus (Enabled - Up to date) {D87B6541-12A1-DAEA-0033-9B8057AAB996}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Ad-Aware Antivirus (Enabled - Up to date) {631A84A5-349B-D564-3A83-A0F22C2DF32B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Ad-Aware Firewall (Disabled) {E040E464-58CE-DBB2-2B6C-32B5A979FEED}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Michal\Desktop" je 9221 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDVCPL
"c:\program files\realtek\audio\hda\ravcpl64.exe" -s [x]


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

# AdwCleaner v5.001 - Logfile created 18/08/2015 at 21:14:35
# Updated 17/08/2015 by Xplode
# Database : 2015-08-18.1 [Server]
# Operating system : Windows 8.1 (x64)
# Username : Michal - TOWER
# Running from : C:\Users\Michal\Desktop\adwcleaner_5.001.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Folders ] *****

[-] Folder Deleted : C:\Program Files (x86)\globalUpdate
[-] Folder Deleted : C:\ProgramData\apn
[-] Folder Deleted : C:\ProgramData\smdmf
[-] Folder Deleted : C:\Users\Michal\AppData\Local\globalUpdate
[-] Folder Deleted : C:\Users\Michal\AppData\Local\DriverToolkit
[-] Folder Deleted : C:\Users\Michal\AppData\Roaming\OpenCandy
[-] Folder Deleted : C:\Users\Michal\AppData\Roaming\RHEng

***** [ Files ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****

[-] Task Deleted : LaunchSignup
[-] Task Deleted : df5883ac-e43d-4942-a4e8-ab7c93260a6b-1
[-] Task Deleted : df5883ac-e43d-4942-a4e8-ab7c93260a6b-11
[-] Task Deleted : df5883ac-e43d-4942-a4e8-ab7c93260a6b-4
[-] Task Deleted : df5883ac-e43d-4942-a4e8-ab7c93260a6b-5
[-] Task Deleted : df5883ac-e43d-4942-a4e8-ab7c93260a6b-5_user

***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{54739D49-AC03-4C57-9264-C5195596B3A1}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
[-] Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}
[-] Key Deleted : HKCU\Software\GlobalUpdate
[-] Key Deleted : HKCU\Software\InstalledBrowserExtensions
[-] Key Deleted : HKCU\Software\SmdmF
[-] Key Deleted : HKCU\Software\UpdateStar
[-] Key Deleted : HKCU\Software\DriverToolkit
[-] Key Deleted : HKCU\Software\AppDataLow\Software\adawarebp
[-] Key Deleted : HKCU\Software\AppDataLow\Software\Radio Canyon
[-] Key Deleted : HKLM\SOFTWARE\Freeze.com
[-] Key Deleted : HKLM\SOFTWARE\GlobalUpdate
[-] Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
[-] Key Deleted : HKLM\SOFTWARE\SmdmF
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Settings Manager
[!] Key Not Deleted : [x64] HKCU\Software\GlobalUpdate
[!] Key Not Deleted : [x64] HKCU\Software\InstalledBrowserExtensions
[!] Key Not Deleted : [x64] HKCU\Software\SmdmF
[!] Key Not Deleted : [x64] HKCU\Software\UpdateStar
[!] Key Not Deleted : [x64] HKCU\Software\DriverToolkit
[-] Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
[!] Key Not Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}
[!] Key Not Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}
[-] Data Restored : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[!] Key Not Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}

***** [ Web browsers ] *****

[-] [C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : websearch
[-] [C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : mysearchdial.com
[-] [C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : delta-search.com
[-] [C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] Deleted : hxxp://start.icq.com/
[-] [C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Deleted : hxxp://www.delta-search.com/?affID=119776&babs ... 0F6E7B6D58", "hxxp://websearch.helpmefindyour.info/?pid=320&r=2013/03/28&hid=574941508&lg=EN&cc=CZ", "hxxp://start.mysearchdial.com/?f=1&a=solimmsd&cd=2XzuyEtN2Y1L1QzuyE0CtD0FyC0EyB0ByC0DyDzztB0AtB0CtN0D0Tzu0CyDtAyEtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1B1F1I1L1H1H1B1Q&cr=933047986&ir=", "hxxp://websearch.searchboxes.info/?pid=500&r=2013/07/25&hid=1001939323&lg=EN&cc=CZ&unqvl=28

*************************

:: Proxy settings cleared
:: Winsock settings cleared

*************************

C:\AdwCleaner[C1].txt - [6018 bytes] - [18/08/2015 21:14:35]
C:\AdwCleaner[S1].txt - [5765 bytes] - [18/08/2015 21:11:44]

########## EOF - C:\AdwCleaner[C1].txt - [6142 bytes] ##########

Dejte nový log FRST.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:17-08-2015
Ran by Michal (administrator) on TOWER (18-08-2015 21:47:28)
Running from C:\Users\Michal\Desktop
Loaded Profiles: Michal (Available Profiles: Michal)
Platform: Windows 8.1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareService.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodag.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareTray.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Akamai Technologies, Inc.) C:\Users\Michal\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Akamai Technologies, Inc.) C:\Users\Michal\AppData\Local\Akamai\netsession_win.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.99\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.99\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.99\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.99\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.99\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.99\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.99\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.99\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.99\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.99\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.99\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.99\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.99\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.99\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.99\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.99\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.99\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.99\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.99\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.99\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.99\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.99\opera.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\winword.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.99\opera.exe
(forum.viry.cz) C:\Users\Michal\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2890056 2013-09-06] (ELAN Microelectronics Corp.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [OODefragTray] => C:\Program Files\OO Software\Defrag\oodtray.exe [3942216 2011-01-25] (O&O Software GmbH)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13647576 2013-08-27] (Realtek Semiconductor)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareTray.exe [9549808 2015-06-24] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-09-15] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-09-07] (Qualcomm®Atheros®)
HKU\S-1-5-21-3027682064-225603362-3254189001-1001\...\Run: [Facebook Update] => C:\Users\Michal\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-09-17] (Facebook Inc.)
HKU\S-1-5-21-3027682064-225603362-3254189001-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Michal\AppData\Local\Akamai\netsession_win.exe [4691384 2015-07-23] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3027682064-225603362-3254189001-1001\...\Run: [Google Update] => C:\Users\Michal\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-09-21] (Google Inc.)
HKU\S-1-5-21-3027682064-225603362-3254189001-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [479744 2014-11-19] (Microsoft Corporation)
HKU\S-1-5-21-3027682064-225603362-3254189001-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8418584 2015-07-17] (Piriform Ltd)
HKU\S-1-5-21-3027682064-225603362-3254189001-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53655680 2015-07-28] (Skype Technologies S.A.)
Startup: C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\iMindMap7 Preloader.lnk [2014-10-23]
ShortcutTarget: iMindMap7 Preloader.lnk -> C:\Users\Michal\.thinkbuzan\imindmap7\preload\iMindMap7_Preloader.exe (No File)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-3027682064-225603362-3254189001-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3027682064-225603362-3254189001-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3027682064-225603362-3254189001-1001 -> {AB786015-C03A-4B0A-82DD-B3D57AD1E6D3} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-06-09] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-07-19] (Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-06-16] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-19] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-07-19] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-19] (Oracle Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 10.0.0.254
Tcpip\..\Interfaces\{DED0503E-5EA0-4A7E-B401-81E5C6E9C2CD}: [DhcpNameServer] 192.168.1.1 10.0.0.254
Tcpip\..\Interfaces\{F6F2E754-D290-4E7D-8C11-CEFA5BCE93A0}: [DhcpNameServer] 192.11.128.24

FireFox:
========
FF ProfilePath: C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\ayw5alez.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-12] ()
FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-19] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-19] (Oracle Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-12] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-07-11] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-19] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll [2011-03-09] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-10-21] (Microsoft Corporation)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin HKU\S-1-5-21-3027682064-225603362-3254189001-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Michal\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-3027682064-225603362-3254189001-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Michal\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-3027682064-225603362-3254189001-1001: @talk.google.com/O1DPlugin -> C:\Users\Michal\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-3027682064-225603362-3254189001-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Michal\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-3027682064-225603362-3254189001-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Michal\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Michal\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Michal\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Extension: Pin It Button - C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\ayw5alez.default\Extensions\jid1-YcMV6ngYmQRA2w@jetpack.xpi [2015-05-27]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [not found]

Chrome:
=======
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-17]
CHR Extension: (Google Docs) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-17]
CHR Extension: (Google Drive) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-17]
CHR Extension: (Please enter your password) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2015-01-20]
CHR Extension: (YouTube) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-17]
CHR Extension: (Google Search) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-17]
CHR Extension: (Google Sheets) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-17]
CHR Extension: (AdBlock) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-01-20]
CHR Extension: (Google Mail Checker) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2015-01-20]
CHR Extension: (Google Wallet) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-17]
CHR Extension: (Gmail) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-17]

Opera:
=======
OPR Extension: (unexploredtechnologies) - C:\Users\Michal\AppData\Roaming\Opera Software\Opera Stable\Extensions\akolddhpfpfcljglcklbfkihhbjnjodb [2015-04-02]
OPR Extension: (adblockforopera) - C:\Users\Michal\AppData\Roaming\Opera Software\Opera Stable\Extensions\aobdicepooefnbaeokijohmhjlleamfj [2014-10-07]
OPR Extension: (Please enter your password) - C:\Users\Michal\AppData\Roaming\Opera Software\Opera Stable\Extensions\ccbdoklfbpcifppcfahmmpmbkfdjjccm [2014-10-07]
OPR Extension: (inbasic) - C:\Users\Michal\AppData\Roaming\Opera Software\Opera Stable\Extensions\flkijckbigolpahbkklilflpmkalfohc [2015-04-19]
OPR Extension: (stormbreakerbg) - C:\Users\Michal\AppData\Roaming\Opera Software\Opera Stable\Extensions\jmbefbhbhjgnjbegmnhmakmmldnfogcd [2015-02-04]
OPR Extension: (escape75) - C:\Users\Michal\AppData\Roaming\Opera Software\Opera Stable\Extensions\omhcddilnfoiiplehpjihipcocdplljn [2015-04-02]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-09-15] (Advanced Micro Devices, Inc.) [File not signed]
S4 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [312448 2013-09-07] (Windows (R) Win 7 DDK provider) [File not signed]
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-11-19] (Microsoft Corporation)
S4 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [3058944 2014-08-06] (Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2753720 2015-07-01] (Microsoft Corporation)
S4 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [663592 2013-07-06] (Acer Incorporated)
S4 ETDService; C:\Program Files\Elantech\ETDService.exe [101192 2013-09-06] (ELAN Microelectronics Corp.)
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.7.485.8398\AdAwareService.exe [716664 2015-06-24] ()
S4 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [457768 2013-08-03] (Acer Incorporate)
R2 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [3051848 2011-01-25] (O&O Software GmbH)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2015-07-24] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [671512 2014-12-22] (Wacom Technology, Corp.)
S2 0177001411017149mcinstcleanup; no ImagePath
S2 IMFservice; no ImagePath
S2 PowerMon; no ImagePath

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3881472 2015-01-15] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [222720 2014-03-11] (Advanced Micro Devices)
R3 avc3; C:\Windows\System32\DRIVERS\avc3.sys [727592 2014-08-21] (BitDefender)
R3 avchv; C:\Windows\system32\DRIVERS\avchv.sys [261496 2014-08-21] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [601360 2014-08-21] (BitDefender)
R1 BdfNdisf; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Firewall Engine\1.6.0.0\Drivers\bdfndisf6.sys [97816 2014-07-10] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Firewall Engine\1.6.0.0\Drivers\bdfwfpf.sys [107080 2014-07-10] (BitDefender LLC)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-07] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 EagleX64; no ImagePath
S3 FileMonitor; no ImagePath
R3 gzflt; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.98.0\gzflt.sys [155912 2015-01-22] (BitDefender LLC)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2014-12-29] (REALiX(tm))
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
S3 RegFilter; no ImagePath
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit)
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [452040 2015-01-22] (BitDefender S.R.L.)
S3 UrlFilter; no ImagePath
S3 WinRing0_1_2_0; no ImagePath
S3 xhunter1; no ImagePath
S2 APXACC; \SystemRoot\system32\DRIVERS\appexDrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-18 21:47 - 2015-08-18 21:48 - 00021016 _____ C:\Users\Michal\Desktop\FRST.txt
2015-08-18 21:14 - 2015-08-18 21:14 - 00006254 _____ C:\AdwCleaner[C1].txt
2015-08-18 21:11 - 2015-08-18 21:14 - 00000000 ____D C:\AdwCleaner
2015-08-18 21:11 - 2015-08-18 21:13 - 00005765 _____ C:\AdwCleaner[S1].txt
2015-08-18 21:05 - 2015-08-18 21:05 - 01573888 _____ C:\Users\Michal\Desktop\adwcleaner_5.001.exe
2015-08-18 19:43 - 2015-08-18 21:47 - 00000000 ____D C:\FRST
2015-08-18 19:37 - 2015-08-18 19:37 - 00112640 _____ (forum.viry.cz) C:\Users\Michal\Desktop\FRSTLauncher.exe
2015-08-18 19:35 - 2015-08-18 19:35 - 02173440 _____ (Farbar) C:\Users\Michal\Desktop\FRST64.exe
2015-08-18 16:45 - 2015-08-18 17:24 - 00000000 ____D C:\Users\Michal\Desktop\Blueforum
2015-08-18 14:44 - 2015-08-18 21:16 - 00000232 _____ C:\Windows\setupact.log
2015-08-18 14:44 - 2015-08-18 14:44 - 00000000 _____ C:\Windows\setuperr.log
2015-08-18 10:04 - 2015-08-18 10:06 - 13191115 _____ C:\Users\Michal\Downloads\VIDEO0097.mp4
2015-08-18 09:46 - 2015-06-10 00:39 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS
2015-08-18 09:46 - 2015-06-10 00:39 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthenum.sys
2015-08-18 09:46 - 2015-06-10 00:38 - 01201664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2015-08-18 09:46 - 2015-05-01 03:13 - 06521800 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2015-08-18 09:46 - 2015-05-01 03:13 - 01488000 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2015-08-18 09:46 - 2015-05-01 03:13 - 00261376 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2015-08-18 09:34 - 2015-08-17 16:19 - 09112792 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\rtsuvc.sys
2015-08-17 16:19 - 2015-08-17 16:19 - 00000000 ____D C:\Users\Michal\Desktop\Realtek_PC_Camera_6.2.9200.10275
2015-08-17 10:04 - 2015-08-17 10:04 - 00000000 ____D C:\ProgramData\ATI
2015-08-17 00:07 - 2015-08-17 00:08 - 17364912 _____ C:\Users\Michal\Downloads\realtek_web_camera_6_2_9200_10275_driver.zip
2015-08-12 12:45 - 2015-07-30 16:04 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 12:45 - 2015-07-30 15:48 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 12:30 - 2015-08-08 15:55 - 00794088 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-12 12:30 - 2015-08-08 15:55 - 00179688 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-12 11:02 - 2015-07-29 01:24 - 00025776 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-12 11:02 - 2015-07-28 16:24 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-12 11:02 - 2015-07-28 16:24 - 01116160 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-12 11:02 - 2015-07-28 16:24 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-12 11:02 - 2015-07-28 16:24 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-12 11:02 - 2015-07-28 16:24 - 00437248 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-12 11:02 - 2015-07-28 16:24 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-12 11:02 - 2015-07-07 11:40 - 00270168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2015-08-12 11:02 - 2015-07-07 11:40 - 00114520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2015-08-12 11:02 - 2015-07-07 11:40 - 00044560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2015-08-12 11:02 - 2015-06-12 19:03 - 18823680 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2015-08-12 11:02 - 2015-06-12 18:36 - 15159296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2015-08-12 11:02 - 2015-06-09 20:27 - 00411133 _____ C:\Windows\system32\ApnDatabase.xml
2015-08-12 11:01 - 2015-07-14 23:59 - 01113944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-08-12 11:01 - 2015-07-14 23:59 - 00487256 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2015-08-12 11:01 - 2015-07-14 23:59 - 00393560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2015-08-12 11:01 - 2015-06-11 22:12 - 02476376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-08-12 11:01 - 2015-06-11 22:12 - 00428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-08-12 08:45 - 2015-07-19 03:58 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-08-12 08:45 - 2015-07-18 20:51 - 03704320 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-08-12 08:45 - 2015-07-18 20:31 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-08-12 08:45 - 2015-07-18 20:31 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-08-12 08:45 - 2015-07-18 20:31 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-08-12 08:45 - 2015-07-18 20:29 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-08-12 08:45 - 2015-07-18 20:29 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-08-12 08:45 - 2015-07-18 20:29 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-08-12 08:45 - 2015-07-18 20:28 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-08-12 08:45 - 2015-07-18 20:12 - 02228736 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-08-12 08:45 - 2015-07-18 20:10 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-08-12 08:45 - 2015-07-18 20:09 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-08-12 08:45 - 2015-07-10 20:19 - 01101824 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-08-12 08:45 - 2015-07-10 19:14 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-08-12 08:45 - 2015-07-10 19:13 - 07032320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-12 08:45 - 2015-07-10 18:31 - 06213120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-12 08:44 - 2015-07-16 23:14 - 25192448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-12 08:44 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-12 08:44 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-12 08:44 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-12 08:44 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-12 08:44 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-12 08:44 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-12 08:44 - 2015-07-16 22:20 - 19870208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-12 08:44 - 2015-07-16 21:53 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-08-12 08:44 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-12 08:44 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-08-12 08:44 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-12 08:44 - 2015-07-16 21:45 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-08-12 08:44 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-08-12 08:44 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-12 08:44 - 2015-07-16 21:38 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-08-12 08:44 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-12 08:44 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-12 08:44 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-12 08:44 - 2015-07-16 21:14 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-08-12 08:44 - 2015-07-16 21:13 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-08-12 08:44 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-12 08:44 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-12 08:44 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-12 08:44 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-12 08:44 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-12 08:44 - 2015-07-16 20:52 - 01048576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-08-12 08:44 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-08-12 08:44 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-12 08:44 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-12 08:44 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-08-12 08:43 - 2015-07-16 02:29 - 07458648 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-12 08:43 - 2015-07-16 02:29 - 01735000 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-12 08:43 - 2015-07-16 02:29 - 00101720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-12 08:43 - 2015-07-16 02:28 - 01499920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-12 08:43 - 2015-07-10 19:54 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-12 08:43 - 2015-07-02 00:19 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-12 08:43 - 2015-07-02 00:16 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-12 08:43 - 2015-07-01 23:37 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-12 08:43 - 2015-07-01 23:35 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-12 08:41 - 2015-07-14 05:22 - 02529880 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-12 08:41 - 2015-07-14 05:21 - 01901776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-12 08:41 - 2015-07-13 21:46 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-12 08:41 - 2015-07-13 21:45 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-12 08:41 - 2015-07-10 19:42 - 02345472 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-12 08:41 - 2015-07-10 18:47 - 01556992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-12 08:41 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-12 08:41 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-12 08:41 - 2015-07-09 18:30 - 00212992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-12 08:41 - 2015-05-12 02:24 - 00536920 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-08-12 08:40 - 2015-07-29 16:37 - 01994752 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-12 08:40 - 2015-07-29 16:30 - 01381888 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-12 08:40 - 2015-07-29 16:23 - 01559552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-12 08:40 - 2015-07-24 20:57 - 04177408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-12 08:40 - 2015-07-24 20:57 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-12 08:40 - 2015-07-24 20:52 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-12 08:40 - 2015-07-24 19:27 - 00301568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-12 08:40 - 2015-07-24 19:23 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-10 11:19 - 2015-08-10 11:19 - 00000000 ____D C:\Users\Michal\AppData\Local\The_Aspect
2015-08-06 16:07 - 2015-08-06 16:07 - 00003824 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1411072749
2015-08-06 16:07 - 2015-08-06 16:07 - 00001027 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-08-05 19:26 - 2015-08-05 19:26 - 00000000 ____D C:\Windows\System32\Tasks\WiseCleaner
2015-08-03 01:08 - 2015-08-03 01:08 - 06609608 _____ (Piriform Ltd) C:\Users\Michal\Downloads\ccsetup508.exe
2015-07-24 13:57 - 2015-07-24 13:57 - 00271200 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2015-07-24 13:57 - 2015-07-24 13:57 - 00271200 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2015-07-24 13:43 - 2015-07-24 13:43 - 00000000 ____D C:\Users\Michal\AppData\Local\PunkBuster
2015-07-22 11:18 - 2015-07-22 11:21 - 00000000 ____D C:\Users\Michal\AppData\Roaming\SmartSteamEmu
2015-07-22 10:49 - 2015-07-22 10:52 - 00001067 _____ C:\Users\Michal\.lmmsrc.xml
2015-07-22 10:47 - 2015-07-22 10:47 - 00000000 ____D C:\Users\Michal\lmms
2015-07-22 10:46 - 2015-07-22 10:46 - 00001292 _____ C:\Users\Michal\Desktop\LMMS.lnk
2015-07-22 10:45 - 2015-07-22 10:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LMMS 1.1.3
2015-07-22 10:44 - 2015-07-22 10:45 - 00000000 ____D C:\Program Files\LMMS
2015-07-22 10:26 - 2015-07-22 10:53 - 00000000 ____D C:\Users\Michal\Desktop\Music Making
2015-07-21 14:44 - 2015-08-18 21:42 - 01409692 _____ C:\Windows\WindowsUpdate.log
2015-07-19 13:24 - 2015-07-05 12:08 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-07-19 08:24 - 2015-07-19 08:24 - 00000000 _____ C:\Windows\SysWOW64\REN48CE.tmp
2015-07-19 08:24 - 2015-07-19 08:23 - 00206944 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2015-07-19 08:24 - 2015-07-19 08:23 - 00206432 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2015-07-19 08:24 - 2015-07-19 08:23 - 00110688 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-18 21:40 - 2015-05-12 21:25 - 00000000 ____D C:\Users\Michal\AppData\Roaming\Skype
2015-08-18 21:40 - 2014-12-13 12:20 - 00004814 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for TOWER-Michal Tower
2015-08-18 21:36 - 2015-07-16 00:31 - 00000978 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3027682064-225603362-3254189001-1001UA.job
2015-08-18 21:34 - 2014-09-17 17:21 - 00003812 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{50720F4B-C978-4FFD-8DDD-47873DEEDF86}
2015-08-18 21:29 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2015-08-18 21:25 - 2014-09-18 07:25 - 00000000 __RDO C:\Users\Michal\SkyDrive
2015-08-18 21:22 - 2014-05-09 09:02 - 00748236 _____ C:\Windows\system32\perfh005.dat
2015-08-18 21:22 - 2014-05-09 09:02 - 00156200 _____ C:\Windows\system32\perfc005.dat
2015-08-18 21:22 - 2013-09-06 09:08 - 01771710 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-18 21:17 - 2015-07-16 09:43 - 00002375 _____ C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2015-08-18 21:16 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-18 21:02 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru
2015-08-18 17:31 - 2014-05-09 08:33 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2015-08-18 16:40 - 2014-10-31 18:11 - 00000185 _____ C:\Users\Michal\Desktop\DA + MS.txt
2015-08-18 09:49 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2015-08-18 09:41 - 2014-09-17 20:46 - 00000000 ____D C:\Users\Michal\AppData\Local\CrashDumps
2015-08-18 09:34 - 2015-01-19 20:02 - 00000000 ____D C:\Program Files (x86)\Realtek
2015-08-18 00:36 - 2015-07-16 00:31 - 00000926 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3027682064-225603362-3254189001-1001Core.job
2015-08-17 16:26 - 2014-09-19 18:52 - 00000000 ____D C:\Users\Michal\AppData\Roaming\vlc
2015-08-17 09:58 - 2014-05-09 08:38 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-08-17 00:13 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-08-16 16:23 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2015-08-16 15:46 - 2014-12-13 12:04 - 00000000 ____D C:\Users\Michal\Desktop\I-Life
2015-08-16 15:20 - 2015-03-12 23:22 - 00000000 ____D C:\Users\Michal\Downloads\INPUT, KNOWLEDGE
2015-08-13 18:33 - 2014-09-18 18:05 - 00004448 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-08-13 11:14 - 2014-09-18 07:22 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3027682064-225603362-3254189001-1001
2015-08-13 07:20 - 2013-08-22 16:44 - 05174904 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-12 23:11 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-12 23:11 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-12 23:11 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-12 23:11 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-12 12:43 - 2014-09-18 18:01 - 00000000 ____D C:\Windows\system32\MRT
2015-08-12 12:33 - 2014-09-18 18:01 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-12 12:30 - 2015-04-15 07:30 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-12 12:30 - 2014-11-19 01:08 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-12 12:30 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-12 12:30 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-12 08:12 - 2014-09-19 19:01 - 00000000 ____D C:\Users\Michal\AppData\Local\Akamai
2015-08-09 10:23 - 2015-04-19 14:14 - 00000000 ____D C:\ProgramData\Skype
2015-08-08 14:20 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\LiveKernelReports
2015-08-06 16:07 - 2014-09-18 22:39 - 00000000 ____D C:\Program Files (x86)\Opera
2015-08-05 19:26 - 2015-05-09 12:04 - 00000000 ____D C:\Users\Michal\AppData\Roaming\WiseUpdate
2015-08-04 09:07 - 2015-01-19 19:50 - 00000000 ____D C:\Windows\system32\oodag
2015-08-03 09:23 - 2015-01-01 21:19 - 00000000 ____D C:\Users\Michal\Desktop\Inspiration
2015-08-03 01:10 - 2015-01-19 19:23 - 00000840 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-08-03 01:10 - 2015-01-19 19:23 - 00000000 ____D C:\Program Files\CCleaner
2015-08-02 13:30 - 2013-09-06 09:57 - 00000000 ____D C:\Windows\Panther
2015-08-02 13:18 - 2015-07-10 18:25 - 00000000 ___HD C:\$Windows.~BT
2015-07-26 14:58 - 2015-07-18 10:04 - 00000000 ____D C:\Users\Michal\Downloads\Universal Waite Deck
2015-07-25 13:30 - 2015-04-04 05:44 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-24 13:51 - 2014-10-13 11:05 - 00075136 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2015-07-24 13:49 - 2014-10-13 11:05 - 00271200 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2015-07-24 12:20 - 2015-05-24 11:41 - 00000000 ____D C:\Users\Michal\Downloads\GAMES
2015-07-24 10:57 - 2014-12-28 16:51 - 00000000 ____D C:\Users\Michal\Desktop\Visual Library
2015-07-22 21:33 - 2014-12-27 21:35 - 00000000 ____D C:\Users\Michal\Desktop\Sketchbook
2015-07-22 11:20 - 2015-06-11 21:24 - 00000000 ____D C:\Users\Michal\Documents\My Games
2015-07-22 10:49 - 2014-09-18 07:13 - 00000000 ____D C:\Users\Michal
2015-07-21 17:33 - 2014-10-01 06:51 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-07-21 17:33 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2015-07-19 16:11 - 2015-04-14 01:27 - 00000000 ____D C:\Users\Michal\Desktop\PERSPECTIVE - INPUT
2015-07-19 08:26 - 2015-02-02 08:16 - 00000000 ____D C:\ProgramData\Oracle
2015-07-19 08:25 - 2015-02-01 22:17 - 00000000 ____D C:\Program Files (x86)\Java
2015-07-19 08:23 - 2014-10-25 12:03 - 00321632 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2015-07-19 08:23 - 2014-09-21 20:58 - 00000000 ____D C:\Program Files\Java

==================== Files in the root of some directories =======

2014-10-13 11:07 - 2014-10-13 11:12 - 0000438 _____ () C:\Users\Michal\AppData\Roaming\apachesrvin.vbs
2014-10-13 11:07 - 2014-10-13 11:12 - 0000109 _____ () C:\Users\Michal\AppData\Roaming\die.bat
2015-01-01 13:48 - 2015-05-28 10:19 - 0000847 _____ () C:\Users\Michal\AppData\Roaming\PureRef.ini
2014-12-06 11:54 - 2014-12-06 11:54 - 0000094 _____ () C:\Users\Michal\AppData\Local\fusioncache.dat
2015-01-19 19:22 - 2015-01-19 19:23 - 0023476 _____ () C:\Users\Michal\AppData\Local\HWVendorDetection.log
2015-01-24 20:45 - 2015-01-24 20:45 - 0000218 _____ () C:\Users\Michal\AppData\Local\recently-used.xbel
2014-05-09 08:39 - 2014-05-09 08:39 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\Michal\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\DriverToolkit Autorun.job => C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3027682064-225603362-3254189001-1001Core.job => C:\Users\Michal\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3027682064-225603362-3254189001-1001UA.job => C:\Users\Michal\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Ad-Aware Antivirus (Enabled - Up to date) {D87B6541-12A1-DAEA-0033-9B8057AAB996}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Ad-Aware Antivirus (Enabled - Up to date) {631A84A5-349B-D564-3A83-A0F22C2DF32B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Ad-Aware Firewall (Disabled) {E040E464-58CE-DBB2-2B6C-32B5A979FEED}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Michal\Desktop" je 9222 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDVCPL
"c:\program files\realtek\audio\hda\ravcpl64.exe" -s [x]


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Otevřte poznámkový blok a zkopírujte do něj:

Start
C:\Users\Michal\AppData\Local\Akamai
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
C:\Users\Michal\AppData\Local\Facebook\Update
HKU\S-1-5-21-3027682064-225603362-3254189001-1001\...\Run: [Facebook Update] => C:\Users\Michal\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-09-17] (Facebook Inc.)
HKU\S-1-5-21-3027682064-225603362-3254189001-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Michal\AppData\Local\Akamai\netsession_win.exe [4691384 2015-07-23] (Akamai Technologies, Inc.)
ShortcutTarget: iMindMap7 Preloader.lnk -> C:\Users\Michal\.thinkbuzan\imindmap7\preload\iMindMap7_Preloader.exe (No File)
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3027682064-225603362-3254189001-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3027682064-225603362-3254189001-1001 -> {AB786015-C03A-4B0A-82DD-B3D57AD1E6D3} URL =
S2 IMFservice; no ImagePath
S2 PowerMon; no ImagePath
S3 EagleX64; no ImagePath
S3 FileMonitor; no ImagePath
S3 RegFilter; no ImagePath
S3 UrlFilter; no ImagePath
S3 WinRing0_1_2_0; no ImagePath
S3 xhunter1; no ImagePath
C:\Windows\system32\ApnDatabase.xml
C:\Windows\SysWOW64\REN48CE.tmp
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3027682064-225603362-3254189001-1001Core.job
C:\ProgramData\DP45977C.lfl
C:\Users\Michal\AppData\Local\Temp
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Z logu:

Velikost slozky "C:\Users\Michal\Desktop" je 9222 MB.

To je příliš mnoho, Takové množství dat na ploše zpomaluje start. Vytvořte novou složku v C:\Users\Michal, do níž přesuňte všechna data z plochy (kromě zástupců) a na ploše pak vytvořte zástupce této složky pro snazší přístup.

Fix result of Farbar Recovery Scan Tool (x64) Version:17-08-2015
Ran by Michal (2015-08-18 22:48:33) Run:1
Running from C:\Users\Michal\Desktop
Loaded Profiles: Michal (Available Profiles: Michal)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
C:\Users\Michal\AppData\Local\Akamai
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
C:\Users\Michal\AppData\Local\Facebook\Update
HKU\S-1-5-21-3027682064-225603362-3254189001-1001\...\Run: [Facebook Update] => C:\Users\Michal\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-09-17] (Facebook Inc.)
HKU\S-1-5-21-3027682064-225603362-3254189001-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Michal\AppData\Local\Akamai\netsession_win.exe [4691384 2015-07-23] (Akamai Technologies, Inc.)
ShortcutTarget: iMindMap7 Preloader.lnk -> C:\Users\Michal\.thinkbuzan\imindmap7\preload\iMindMap7_Preloader.exe (No File)
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3027682064-225603362-3254189001-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3027682064-225603362-3254189001-1001 -> {AB786015-C03A-4B0A-82DD-B3D57AD1E6D3} URL =
S2 IMFservice; no ImagePath
S2 PowerMon; no ImagePath
S3 EagleX64; no ImagePath
S3 FileMonitor; no ImagePath
S3 RegFilter; no ImagePath
S3 UrlFilter; no ImagePath
S3 WinRing0_1_2_0; no ImagePath
S3 xhunter1; no ImagePath
C:\Windows\system32\ApnDatabase.xml
C:\Windows\SysWOW64\REN48CE.tmp
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3027682064-225603362-3254189001-1001Core.job
C:\ProgramData\DP45977C.lfl
C:\Users\Michal\AppData\Local\Temp
End
*****************


"C:\Users\Michal\AppData\Local\Akamai" folder move:

Could not move "C:\Users\Michal\AppData\Local\Akamai" => Scheduled to move on reboot.

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
C:\Users\Michal\AppData\Local\Facebook\Update => moved successfully.
HKU\S-1-5-21-3027682064-225603362-3254189001-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Facebook Update => value removed successfully
HKU\S-1-5-21-3027682064-225603362-3254189001-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Akamai NetSession Interface => value removed successfully
C:\Users\Michal\.thinkbuzan\imindmap7\preload\iMindMap7_Preloader.exe not found.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Local Page => value restored successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully
HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKU\S-1-5-21-3027682064-225603362-3254189001-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-3027682064-225603362-3254189001-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AB786015-C03A-4B0A-82DD-B3D57AD1E6D3}" => key removed successfully
HKCR\CLSID\{AB786015-C03A-4B0A-82DD-B3D57AD1E6D3} => key not found.
IMFservice => service removed successfully
PowerMon => service removed successfully
EagleX64 => service removed successfully
FileMonitor => service removed successfully
RegFilter => service removed successfully
UrlFilter => service removed successfully
WinRing0_1_2_0 => service removed successfully
xhunter1 => service removed successfully
C:\Windows\system32\ApnDatabase.xml => moved successfully.
C:\Windows\SysWOW64\REN48CE.tmp => moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3027682064-225603362-3254189001-1001Core.job => moved successfully.
C:\ProgramData\DP45977C.lfl => moved successfully.

"C:\Users\Michal\AppData\Local\Temp" folder move:

Could not move "C:\Users\Michal\AppData\Local\Temp" => Scheduled to move on reboot.


Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-08-18 22:51:15)<=

C:\Users\Michal\AppData\Local\Akamai => Is moved successfully
C:\Users\Michal\AppData\Local\Temp => moved successfully

==== End of Fixlog 22:51:24 ====

Smazáno. Nastala nějaká změna?

Včera ta kamera fungovala normalně. Ovšem dnes se mi opět vypíná a zapína, ale notebook se mi zdá být rychlejší .

Ještě zkusíme MBAM: http://www.malwarebytes.org/mbam.php . Proveďte kompletní sken, dejte log a předem nic nemažte.

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 19. 8. 2015
Čas skenování: 20:34
Protokol: Log.txt
Správce: Ano

Verze: 2.1.8.1057
Databáze malwaru: v2015.08.19.05
Databáze rootkitů: v2015.08.16.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto

OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: Michal

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 369188
Uplynulý čas: 39 min, 44 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 1
PUP.Optional.Datamngr.A, C:\Users\Michal\AppData\LocalLow\DataMngr, , [5859d634dab1dd597403539834ce03fd],

Soubory: 4
PUP.Optional.Opencandy, C:\Users\Michal\AppData\Roaming\rmi\offer_downloader.exe, , [f5bcea20bad16ec87489fe730ff33bc5],
Malware.Trace.E, C:\Users\Michal\AppData\Roaming\APACHESRVIN.VBS, , [3f7203073853270fc0b1ff8106fe48b8],
Malware.Trace.E, C:\Users\Michal\AppData\Roaming\die.bat, , [c4edc5455f2c2f0755531c7e05ff9a66],
PUP.Optional.Datamngr.A, C:\Users\Michal\AppData\LocalLow\DataMngr\{99BB1406-1CFB-488C-90D1-2D978E04F707}64, , [5859d634dab1dd597403539834ce03fd],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

Všechny nálezy smažte.

Zkoušel jsem to celý den a vypadá to, že je to spíše hardwarem/pokrytím monitoru. Když ohnu (zavřu nebo otevřu) monitor, tak web kamera občas začne blbnout nebo úplně vypadne, což mi nevadí, ale jinak už je to v pořádku. Notebook je rychlejší a kamera funguje. Děkuji vám moc za pomoc pane Rudy. Mohu teď normálně odstranit co mám na ploše od vás (těch programů)?