VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Kontrola logu - Využití disku 100%

https://forum.viry.cz:443/viewtopic.php?t=146836

Stránka 1 z 1

Kontrola logu - Využití disku 100%

Napsal: 14 lis 2015 13:42
od gtom
Po startu Windows mi v poslední době vyskočí vytížení disku na 100%. Toto trvá do 3 minut. Poté již počítač funguje normálně. Nejvíce vytěžuje disk "systém" a "Hostitel služby: Místní systém".


# AdwCleaner v5.019 - Logfile created 11/11/2015 at 08:28:28
# Updated 08/11/2015 by Xplode
# Database : 2015-11-09.1 [Server]
# Operating system : Windows 8.1 (x64)
# Username : Ondra - LENOVO-PC
# Running from : C:\Users\Ondra\Downloads\adwcleaner_5.019.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****

[-] Folder Deleted : C:\ProgramData\pokki
[-] Folder Deleted : C:\Users\Ondra\AppData\Roaming\OpenCandy
[-] Folder Deleted : C:\Users\Ondra\AppData\Roaming\RHEng

***** [ Files ] *****

[-] File Deleted : C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.kingtopdeals.com_0.localstorage
[-] File Deleted : C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.kingtopdeals.com_0.localstorage-journal
[-] File Deleted : C:\Users\Ondra\AppData\Local\Temp\task.vbs
[-] File Deleted : C:\windows\SysNative\VisualDiscoveryOff.ini
[-] File Deleted : C:\windows\SysWOW64\VisualDiscovery.ini
[-] File Deleted : C:\windows\SysWOW64\VisualDiscoveryOff.ini

***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****

[-] Task Deleted : amiupdaterExd
[-] Task Deleted : amiupdaterExi

***** [ Registry ] *****

[-] Key Deleted : HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
[-] Key Deleted : HKCU\Software\Classes\Directory\shell\pokki
[-] Key Deleted : HKCU\Software\Classes\Drive\shell\pokki
[-] Key Deleted : HKCU\Software\Classes\lnkfile\shell\pokki
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\VISUALDISCOVERYLIB.WFPCONTROLLER.1
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\VISUALDISCOVERYLIB.WFPCONTROLLER
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\VISUALDISCOVERYLIB.READONLYMANAGER.1
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\VISUALDISCOVERYLIB.READONLYMANAGER
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\VISUALDISCOVERYLIB.LSPLOGIC.1
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\VISUALDISCOVERYLIB.LSPLOGIC
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\VISUALDISCOVERYLIB.DATATABLEHOLDER.1
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\VISUALDISCOVERYLIB.DATATABLEHOLDER
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\VISUALDISCOVERYLIB.DATATABLEFIELDS.1
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\VISUALDISCOVERYLIB.DATATABLEFIELDS
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\VISUALDISCOVERYLIB.DATATABLE.1
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\VISUALDISCOVERYLIB.DATATABLE
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\VISUALDISCOVERYLIB.DATACONTROLLER.1
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\VISUALDISCOVERYLIB.DATACONTROLLER
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\VISUALDISCOVERYLIB.DATACONTAINER.1
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\VISUALDISCOVERYLIB.DATACONTAINER
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\APPID\VISUALDISCOVERY.EXE
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_04bb6df446330549a2cb8d67fbd1a745025b7bd1
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{533403E2-6E21-4615-9E28-43F4E97E977B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02966FA9-C01A-47E7-A169-C83AEA1FB0BA}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9AD5C084-B6E6-456A-8BA2-A559663780E5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{70C7334A-66D9-46DE-A4E2-6B923C7DB94E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5780633B-414C-446F-8EB2-FF1C9A731C99}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4EECDED2-40FB-4500-85B4-86FB0EBECA68}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{10A7F29D-4B00-40EC-B07D-8616DF8135E6}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{05FF6A00-76A3-4AA1-A9A4-A782152ABE60}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2E5FA7B4-61A2-4662-BBCE-62BBB20FC649}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5D7F05E3-075A-43AF-8BC7-21E2F7F38845}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{617E26CE-E6E1-4C75-A68A-A001F2B98491}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FBDBEA-A722-4ABD-BEC0-B7D463F6BA0E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8128586C-DF69-4266-873F-CF4C6F705A7C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C1F9CFCE-A7DC-4072-8B31-1DEA57004C86}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EA4AD895-2A7F-430E-B973-DEE6C4E743A9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EBF4B60F-A863-426F-BE6F-5DFE83BC574F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7E113543-A829-4010-9E67-230D1F48F5D4}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{CB6BF8B6-E12B-42FA-A478-91BCCDE475DC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{54936DF6-3CE0-4598-B93F-16A9BA914C1A}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2E5FA7B4-61A2-4662-BBCE-62BBB20FC649}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5D7F05E3-075A-43AF-8BC7-21E2F7F38845}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{617E26CE-E6E1-4C75-A68A-A001F2B98491}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{79FBDBEA-A722-4ABD-BEC0-B7D463F6BA0E}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8128586C-DF69-4266-873F-CF4C6F705A7C}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F9CFCE-A7DC-4072-8B31-1DEA57004C86}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EA4AD895-2A7F-430E-B973-DEE6C4E743A9}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EBF4B60F-A863-426F-BE6F-5DFE83BC574F}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7E113543-A829-4010-9E67-230D1F48F5D4}
[-] Key Deleted : HKCU\Software\SweetLabs App Platform
[-] Key Deleted : HKLM\SOFTWARE\VisualDiscovery
[-] Key Deleted : HKLM\SOFTWARE\Superfish Inc. VisualDiscovery
[-] Key Deleted : HKLM\SOFTWARE\LENOVO\VisualDiscovery
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL]

***** [ Web browsers ] *****


*************************

:: "Tracing" keys removed
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [7708 bytes] ##########


Poté log z FRST


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-11-2015
Ran by Ondra (administrator) on LENOVO-PC (14-11-2015 13:19:30)
Running from C:\Users\Ondra\Downloads
Loaded Profiles: Ondra (Available Profiles: Ondra)
Platform: Windows 8.1 (X64) Language: Angličtina (Spojené státy)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\HidMonitorSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Dassault Systèmes) C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Lenovo) C:\Program Files\Lenovo\OneKey Optimizer\bin\FbService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
(TODO: <公司名>) C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOUpdataService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
() C:\Program Files\Lenovo PhoneCompanion\LPAWDService.exe
() C:\Program Files (x86)\Lenovo\Lenovo Recommends\Service\x64\LenovoRecommends.AppService.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo Settings\x86\LenovoSetSvr.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(Maxthon) C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Lenovo(beijing) Limited) C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOControlSvc.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\WebcamSplitterServer.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
(Lenovo) C:\ProgramData\LenovoTransition\Server\x64\ymc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Lenovo) C:\Windows\System32\LenovoUpdate.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
() C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
() C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files\Lenovo PhoneCompanion\adb.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
() C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Pokki) C:\Users\Ondra\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe
(AVG) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Windows\SysWOW64\UMonit64.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe
() C:\Program Files (x86)\Lenovo\Lenovo Transition\TransitionServer.exe
() C:\Program Files\Lenovo\LenovoUtility\utility.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe
(Lenovo(beijing) Limited) C:\Program Files\Lenovo\OneKey Optimizer\bin\OneKeyOptimizerTray.exe
(Lenovo(beijing) Limited) C:\Program Files\Lenovo\OneKey Optimizer\bin\OnekeyOptimizerUpdata.exe
() C:\Users\Ondra\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
() C:\Users\Ondra\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Recommends\Lenovo Recommends.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Lenovo(beijing) Limited) C:\Program Files\Lenovo\OneKey Optimizer\bin\OneKeyOptimizer.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322712 2014-10-09] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2473800 2014-09-09] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\windows\system32\rundll32.exe C:\windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RtsFT] => C:\windows\RTFTrack.exe [6340312 2014-03-25] (Realtek semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [702808 2014-04-11] (Alps Electric Co., Ltd.)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387736 2014-07-04] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387736 2014-07-04] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387736 2014-07-04] (Realtek Semiconductor)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [LENOVO.TPKNRRES] => rundll32.exe "C:\Program Files\Lenovo\Communications Utility\LibStartStub.dll",AVStartupStub
HKLM\...\Run: [AutoStartTransition] => C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe [294672 2015-02-11] ()
HKLM\...\Run: [LenovoUtility] => C:\Program Files\Lenovo\LenovoUtility\utility.exe [791368 2015-02-11] ()
HKLM\...\Run: [PhoneCompanion] => C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [802800 2015-02-11] (Lenovo)
HKLM\...\Run: [OneKeyOptimizer] => C:\Program Files\Lenovo\OneKey Optimizer\bin\OneKeyOptimizerTray.exe [559896 2014-11-05] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [Lenovo Recommends] => C:\Program Files (x86)\Lenovo\Lenovo Recommends\Lenovo Recommends.exe [119280 2014-01-10] (Lenovo)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6133520 2015-11-08] (AVAST Software)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-10-06] (Oracle Corporation)
HKLM\...\Policies\Explorer: [Max Cached Icons] 2000
HKU\S-1-5-21-157143914-34706309-1526443958-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Ondra\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-157143914-34706309-1526443958-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Ondra\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-157143914-34706309-1526443958-1001\...\RunOnce: [Application Restart #3] => C:\Users\Ondra\AppData\Local\Pokki\Engine\ServiceHostApp.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-cli (the data entry has 571 more characters).
HKU\S-1-5-21-157143914-34706309-1526443958-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-157143914-34706309-1526443958-1001\...\MountPoints2: {2c7aeb92-76f8-11e5-8269-54ee753eeba4} - "E:\setup.exe"
AppInit_DLLs: C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~2.DLL => C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonExtIE64.dll [119616 2014-09-26] (Amazon Inc.)
AppInit_DLLs-x32: C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~3.DLL => C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonExtIE.dll [106304 2014-09-26] (Amazon Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-09-28] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-11-11] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-11-11] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-11-11] (Microsoft Corporation)
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{29595E9A-961F-40CF-8357-FBA86814B835}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{473C36EA-4906-48B3-9478-6748CDED08DC}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-157143914-34706309-1526443958-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=16194
HKU\S-1-5-21-157143914-34706309-1526443958-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-157143914-34706309-1526443958-1001 -> DefaultScope {C717B524-A4C0-4801-B38E-66FD80C72BC8} URL =
SearchScopes: HKU\S-1-5-21-157143914-34706309-1526443958-1001 -> {0862F15F-B48B-4E05-81B5-76A45308DEA0} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-157143914-34706309-1526443958-1001 -> {34DCFC21-D903-40B8-98CD-C9772EBFF63C} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_16194
SearchScopes: HKU\S-1-5-21-157143914-34706309-1526443958-1001 -> {526E8015-E951-41E4-BB9C-1A31A652DE31} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_16194
SearchScopes: HKU\S-1-5-21-157143914-34706309-1526443958-1001 -> {563181E2-FA27-45D5-9EA7-B000FD75365C} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-157143914-34706309-1526443958-1001 -> {6CB9AF3F-FBC2-4CBC-9068-72D5A5878046} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-157143914-34706309-1526443958-1001 -> {7708BAA1-54A9-4F68-9B39-5C8524DE5561} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-157143914-34706309-1526443958-1001 -> {7E317C27-EA07-4F0F-937F-6CE9922B1174} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-157143914-34706309-1526443958-1001 -> {BCF408D7-8CA3-49C6-9CAE-A1B60DB32713} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_16194
SearchScopes: HKU\S-1-5-21-157143914-34706309-1526443958-1001 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/search?fr=vmn&type=vmn__webcompa__1_0__ya__ch_WCYID10099_swoc_campaign_151021__yaie&p={searchTerms}
SearchScopes: HKU\S-1-5-21-157143914-34706309-1526443958-1001 -> {C717B524-A4C0-4801-B38E-66FD80C72BC8} URL =
SearchScopes: HKU\S-1-5-21-157143914-34706309-1526443958-1001 -> {D29DBF4F-6F22-46A7-96BB-BD4C48768200} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_16194
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-11-11] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-09-28] (AVAST Software)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-11-11] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-11-11] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-11-01] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-09-28] (AVAST Software)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: Loot Find -> {b99604a6-a864-4b48-a1e0-63048b520129} -> C:\Program Files (x86)\Loot Find\Extensions\b99604a6-a864-4b48-a1e0-63048b520129.dll => No File
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-11-11] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-01] (Oracle Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-11-11] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)

FireFox:
========
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-10-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-10-10] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-01] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-11] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-11-11] (Microsoft Corporation)
FF Plugin-x32: @parallelgraphics.com/Cortona -> C:\Program Files (x86)\Common Files\ParallelGraphics\Cortona\npcortona.dll [2011-11-28] (ParallelGraphics)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-10-21] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-10-21] (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-09-28] [not signed]

Chrome:
=======
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/"
CHR Profile: C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-21]
CHR Extension: (Dokumenty Google) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-21]
CHR Extension: (Disk Google) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-21]
CHR Extension: (Vyhledávání Google) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Avast SafePrice) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-11-01]
CHR Extension: (Tabulky Google) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-10-21]
CHR Extension: (Avast Online Security) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-11-03]
CHR Extension: (Loot Find) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfdgfgcnonkhcglcmbeledioanijilkc [2015-10-21] [UpdateUrl: hxxp://cdn.lootfind.net/update] <==== ATTENTION
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-21]
CHR Extension: (Gmail) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-21]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-09-28]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-09-28]

Opera:
=======
OPR Extension: (Loot Find) - C:\Users\Ondra\AppData\Roaming\Opera Software\Opera Stable\Extensions\hfdgfgcnonkhcglcmbeledioanijilkc [2015-10-21]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ApHidMonitorService; C:\Program Files\Apoint2K\HidMonitorSvc.exe [87384 2014-04-11] (Alps Electric Co., Ltd.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-09-28] (AVAST Software)
R3 AVControlCenter; C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [599024 2014-08-06] (Lenovo Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
R2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [654776 2015-06-01] ()
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2369720 2014-08-01] (Microsoft Corporation)
R2 DraftSight API Service; C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [123904 2015-09-02] (Dassault Systèmes) [File not signed]
R2 FastbootService; C:\Program Files\Lenovo\OneKey Optimizer\bin\FbService.exe [194328 2014-10-14] (Lenovo)
R2 GDCAgent; C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe [1122744 2015-06-01] ()
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-09-09] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18584 2014-10-09] (Intel Corporation)
R2 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [122984 2014-09-15] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [328296 2014-11-21] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [132896 2014-10-10] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496 2014-10-10] (Intel Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [561408 2014-09-23] (Lenovo)
R2 Lenovo OKO Service; C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOUpdataService.exe [2495768 2014-11-04] (TODO: <公司名>)
R2 Lenovo Settings Service; C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [2005320 2014-10-13] (Lenovo Group Limited)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584632 2015-03-06] (LENOVO INCORPORATED.)
R3 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [727536 2014-08-06] (Lenovo Corporation)
R2 LenovoPAWDService; C:\Program Files\Lenovo PhoneCompanion\LPAWDService.exe [133440 2015-02-11] ()
R2 LenovoRecommends.AppService; C:\Program Files (x86)\Lenovo\Lenovo Recommends\Service\x64\LenovoRecommends.AppService.exe [19440 2014-01-10] ()
R2 LenovoSetSvr; C:\Program Files (x86)\Lenovo\Lenovo Settings\x86\LenovoSetSvr.exe [258544 2014-06-19] (Lenovo(beijing) Limited)
R3 LenovoUpdate; C:\Windows\System32\LenovoUpdate.exe [26608 2015-11-12] (Lenovo)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [218952 2014-08-26] (Lenovo(beijing) Limited)
R2 MaxthonUpdateSvc; C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [1871784 2015-09-28] (Maxthon)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [265936 2014-10-29] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-09-09] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19438920 2014-09-09] (NVIDIA Corporation)
R2 OKOControlSvc; C:\Program Files\Lenovo\OneKey Optimizer\bin\OKOControlSvc.exe [113944 2014-11-05] (Lenovo(beijing) Limited)
R2 PGService; C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [167176 2014-05-28] (PointGrab LTD)
R2 PG_Service_Launcher; C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe [524552 2014-05-28] (PointGrab LTD)
R2 PhoneCompanionPusher; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [321520 2015-02-11] (Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [338416 2015-02-11] (Lenovo)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2967864 2015-05-15] (AVG Technologies)
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe [68880 2015-02-11] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 ymc; C:\ProgramData\LenovoTransition\Server\x64\ymc.exe [33040 2015-02-11] (Lenovo)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3818704 2014-10-29] (Intel® Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-09-28] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-09-28] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-09-28] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-09-28] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1059656 2015-11-08] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449992 2015-11-08] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [153744 2015-09-28] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-09-28] (AVAST Software)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
S3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [141624 2014-05-13] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1424184 2014-06-17] (Motorola Solutions, Inc.)
S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-10-21] (Disc Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R0 Fastboot; C:\Windows\System32\Drivers\Fastboot.sys [70168 2014-10-14] (Windows (R) Win 7 DDK provider) [File not signed]
U5 GeneStor; C:\Windows\System32\Drivers\GeneStor.sys [111336 2014-04-17] (GenesysLogic)
R3 iaLPSS_GPIO; C:\Windows\System32\drivers\iaLPSS_GPIO.sys [35832 2014-06-11] (Intel Corporation)
R3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [120312 2014-06-11] (Intel Corporation)
R3 iaLPSS_SPI; C:\Windows\System32\drivers\iaLPSS_SPI.sys [100856 2014-06-11] (Intel Corporation)
R3 iaLPSS_UART2; C:\Windows\System32\drivers\iaLPSS_UART2.sys [143864 2014-06-11] (Intel Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [222664 2014-09-15] (Intel Corporation)
R3 KMDFVirtualKbd; C:\Windows\System32\drivers\KMDFVirtualKbd.sys [22264 2014-08-05] ()
R3 KMDFVirtualMouse; C:\Windows\System32\drivers\KMDFVirtualMouse.sys [21240 2014-08-05] ()
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-10-10] (Intel Corporation)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [80160 2015-02-13] (McAfee, Inc.)
R3 NETwNb64; C:\Windows\system32\DRIVERS\Netwbw02.sys [3482600 2014-11-06] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-09-09] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [9113304 2014-03-25] (Realtek Semiconductor Corp.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [14112 2015-05-15] (TuneUp Software)
R3 VirtualButtons; C:\Windows\System32\drivers\VirtualButtons.sys [32024 2014-02-12] (Intel Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
S1 fumodsac; \??\C:\windows\system32\drivers\fumodsac.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-14 13:19 - 2015-11-14 13:20 - 00031875 _____ C:\Users\Ondra\Downloads\FRST.txt
2015-11-14 13:19 - 2015-11-14 13:19 - 00000000 ____D C:\FRST
2015-11-14 13:18 - 2015-11-14 13:18 - 02198528 _____ (Farbar) C:\Users\Ondra\Downloads\FRST64.exe
2015-11-14 13:12 - 2015-11-14 13:12 - 00062931 _____ C:\Users\Ondra\Desktop\neodvetr_strecha.jpeg
2015-11-14 13:11 - 2015-11-14 13:11 - 00127373 _____ C:\Users\Ondra\Desktop\travnatestrechy.jpeg
2015-11-13 19:07 - 2015-11-13 19:07 - 00000000 ____D C:\Users\Ondra\Desktop\Nová složka
2015-11-13 18:42 - 2015-11-13 18:42 - 00002709 _____ C:\Users\Ondra\AppData\Local\recently-used.xbel
2015-11-13 16:32 - 2015-11-14 13:17 - 00011508 _____ C:\Users\Ondra\Desktop\Společenskovědní text.odt
2015-11-13 16:31 - 2015-11-13 16:31 - 00000000 ____D C:\Users\Ondra\Documents\Vlastní šablony Office
2015-11-11 12:52 - 2015-11-11 12:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-11-11 12:51 - 2015-11-11 12:51 - 01104576 _____ (Microsoft Corporation) C:\Users\Ondra\Downloads\Setup.X86.cs-CZ_O365ProPlusRetail_6b186216-ff3c-4388-a222-6ea4204c6be4_TX_PR_b_3_.exe
2015-11-11 12:51 - 2015-11-11 12:51 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-11-11 08:53 - 2015-09-29 13:24 - 00155480 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tpm.sys
2015-11-11 08:53 - 2015-09-04 20:24 - 00154112 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tunnel.sys
2015-11-11 08:53 - 2015-08-28 23:20 - 00183368 _____ (Microsoft Corporation) C:\windows\system32\AuthHost.exe
2015-11-11 08:53 - 2015-08-20 21:45 - 01380048 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2015-11-11 08:53 - 2015-08-20 18:48 - 01096704 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2015-11-11 08:53 - 2014-11-05 02:41 - 00558080 _____ (Microsoft Corporation) C:\windows\system32\untfs.dll
2015-11-11 08:53 - 2014-11-05 02:18 - 00507392 _____ (Microsoft Corporation) C:\windows\SysWOW64\untfs.dll
2015-11-11 08:46 - 2015-10-15 17:08 - 00990208 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-11-11 08:46 - 2015-10-15 16:46 - 00803328 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2015-11-11 08:46 - 2015-10-13 18:10 - 00559616 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys
2015-11-11 08:46 - 2015-10-13 18:10 - 00108032 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tdx.sys
2015-11-11 08:46 - 2015-10-13 16:59 - 00397224 _____ (Microsoft Corporation) C:\windows\system32\bcryptprimitives.dll
2015-11-11 08:46 - 2015-10-13 16:59 - 00340872 _____ (Microsoft Corporation) C:\windows\SysWOW64\bcryptprimitives.dll
2015-11-11 08:46 - 2015-10-13 16:59 - 00137960 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-11-11 08:46 - 2015-10-13 16:59 - 00120376 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2015-11-11 08:46 - 2015-10-13 16:59 - 00106952 _____ (Microsoft Corporation) C:\windows\system32\ncryptsslp.dll
2015-11-11 08:46 - 2015-10-13 16:59 - 00091416 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncryptsslp.dll
2015-11-11 08:46 - 2015-10-11 07:36 - 00561952 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2015-11-11 08:46 - 2015-10-11 07:36 - 00177496 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-11-11 08:46 - 2015-10-10 19:40 - 00202240 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2015-11-11 08:46 - 2015-10-10 19:39 - 00401408 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2015-11-11 08:46 - 2015-10-10 19:07 - 00445440 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2015-11-11 08:46 - 2015-10-10 18:33 - 01441280 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-11-11 08:46 - 2015-10-10 18:27 - 00432640 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-11-11 08:46 - 2015-10-10 18:11 - 00324096 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2015-11-11 08:46 - 2015-10-10 17:45 - 00359424 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-11-11 08:46 - 2015-09-12 14:47 - 00414559 _____ C:\windows\system32\ApnDatabase.xml
2015-11-11 08:45 - 2015-10-31 00:46 - 25818624 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-11-11 08:45 - 2015-10-31 00:25 - 02886656 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-11-11 08:45 - 2015-10-31 00:24 - 00585728 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-11-11 08:45 - 2015-10-31 00:11 - 05990912 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-11-11 08:45 - 2015-10-31 00:11 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-11-11 08:45 - 2015-10-30 23:52 - 20331520 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-11-11 08:45 - 2015-10-30 23:47 - 00504832 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-11-11 08:45 - 2015-10-30 23:42 - 02279936 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-11-11 08:45 - 2015-10-30 23:39 - 01032704 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2015-11-11 08:45 - 2015-10-30 23:36 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2015-11-11 08:45 - 2015-10-30 23:32 - 00720896 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-11-11 08:45 - 2015-10-30 23:31 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-11-11 08:45 - 2015-10-30 23:22 - 14457856 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-11-11 08:45 - 2015-10-30 23:17 - 02487808 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-11-11 08:45 - 2015-10-30 23:16 - 04527616 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-11-11 08:45 - 2015-10-30 23:14 - 00880128 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2015-11-11 08:45 - 2015-10-30 23:10 - 00689152 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-11-11 08:45 - 2015-10-30 23:09 - 12854272 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-11-11 08:45 - 2015-10-30 23:04 - 01547264 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-11-11 08:45 - 2015-10-30 22:53 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-11-11 08:45 - 2015-10-30 22:51 - 02011136 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-11-11 08:45 - 2015-10-30 22:48 - 01311744 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-11-11 08:45 - 2015-10-30 22:46 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-11-11 08:45 - 2015-10-20 22:54 - 00136904 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2015-11-11 08:45 - 2015-10-20 15:53 - 03705856 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2015-11-11 08:45 - 2015-10-20 15:36 - 02243072 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2015-11-11 08:45 - 2015-10-20 15:35 - 00891904 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2015-11-11 08:45 - 2015-10-20 15:34 - 00409088 _____ (Microsoft Corporation) C:\windows\system32\WUSettingsProvider.dll
2015-11-11 08:45 - 2015-10-20 15:34 - 00140288 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2015-11-11 08:45 - 2015-10-20 15:34 - 00035840 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2015-11-11 08:45 - 2015-10-20 15:33 - 00095744 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2015-11-11 08:45 - 2015-10-20 15:14 - 00721920 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2015-11-11 08:45 - 2015-10-20 15:13 - 00124928 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2015-11-11 08:45 - 2015-10-20 15:13 - 00081920 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2015-11-11 08:45 - 2015-10-20 15:13 - 00029696 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2015-11-11 08:45 - 2015-10-17 15:19 - 04176384 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-11-11 08:45 - 2015-10-15 00:02 - 07455064 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-11-11 08:45 - 2015-10-15 00:02 - 01659560 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2015-11-11 08:45 - 2015-10-15 00:02 - 01519592 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2015-11-11 08:45 - 2015-10-15 00:02 - 01487008 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2015-11-11 08:45 - 2015-10-15 00:02 - 01355848 _____ (Microsoft Corporation) C:\windows\system32\winresume.exe
2015-11-11 08:45 - 2015-10-08 17:08 - 01083904 _____ (Microsoft Corporation) C:\windows\system32\IKEEXT.DLL
2015-11-11 08:45 - 2015-09-07 17:22 - 00477184 _____ (Microsoft Corporation) C:\windows\system32\puiobj.dll
2015-11-11 08:45 - 2015-09-07 16:54 - 00367104 _____ (Microsoft Corporation) C:\windows\SysWOW64\puiobj.dll
2015-11-11 08:45 - 2015-09-07 16:30 - 01091584 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
2015-11-11 08:45 - 2015-08-10 19:15 - 00845312 _____ (Microsoft Corporation) C:\windows\system32\BFE.DLL
2015-11-11 08:45 - 2015-08-10 19:06 - 00422400 _____ (Microsoft Corporation) C:\windows\system32\FWPUCLNT.DLL
2015-11-11 08:45 - 2015-08-10 18:49 - 00713216 _____ (Microsoft Corporation) C:\windows\system32\nshwfp.dll
2015-11-11 08:45 - 2015-08-10 17:56 - 00272384 _____ (Microsoft Corporation) C:\windows\SysWOW64\FWPUCLNT.DLL
2015-11-11 08:45 - 2015-08-10 17:46 - 00561664 _____ (Microsoft Corporation) C:\windows\SysWOW64\nshwfp.dll
2015-11-11 08:45 - 2014-11-10 19:06 - 00136512 _____ (Microsoft Corporation) C:\windows\system32\Drivers\wfplwfs.sys
2015-11-11 08:39 - 2015-11-11 08:39 - 00002249 _____ C:\Users\Ondra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki Menu.lnk
2015-11-11 08:27 - 2015-11-11 08:28 - 00000000 ____D C:\AdwCleaner
2015-11-11 08:26 - 2015-11-11 08:26 - 01712128 _____ C:\Users\Ondra\Downloads\adwcleaner_5.019.exe
2015-11-08 11:25 - 2015-11-08 14:41 - 1570154496 _____ C:\Users\Ondra\Downloads\Hotel-Transylvania-2011-CZ-Dabing.avi
2015-11-01 23:56 - 2015-11-01 23:56 - 00000000 ____D C:\Users\Ondra\AppData\Roaming\Sun
2015-11-01 23:56 - 2015-11-01 23:56 - 00000000 ____D C:\Users\Ondra\.oracle_jre_usage
2015-11-01 23:54 - 2015-11-01 23:54 - 00002747 _____ C:\Users\Public\Desktop\Skype.lnk
2015-11-01 23:54 - 2015-11-01 23:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-11-01 18:34 - 2015-11-01 20:52 - 1518808686 _____ C:\Users\Ondra\Downloads\V-hlavě-(2015)-CZdabing.avi
2015-10-31 11:16 - 2015-11-13 18:42 - 00000000 ____D C:\Users\Ondra\AppData\Local\gtk-2.0
2015-10-31 11:16 - 2015-10-31 11:16 - 00000000 ____D C:\Users\Ondra\.thumbnails
2015-10-31 10:57 - 2015-10-31 10:57 - 01300936 _____ C:\Users\Ondra\Downloads\Nádraží Ondra.rar
2015-10-31 10:55 - 2015-11-11 08:35 - 00003308 _____ C:\windows\System32\Tasks\SweetLabs App Platform
2015-10-29 00:32 - 2015-10-29 00:32 - 00000258 __RSH C:\ProgramData\ntuser.pol
2015-10-28 22:29 - 2015-10-28 22:36 - 1027080672 _____ C:\Users\Ondra\Downloads\Photoshop_12_LS1.zip
2015-10-28 14:25 - 2015-10-28 14:25 - 00000000 ____D C:\Users\Ondra\AppData\Roaming\Wargaming.net
2015-10-28 12:46 - 2015-10-28 12:46 - 00000000 ____D C:\Users\Ondra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Tanks
2015-10-28 12:46 - 2015-10-28 12:46 - 00000000 ____D C:\Games
2015-10-28 12:45 - 2015-10-28 12:45 - 04999352 _____ (Wargaming.net ) C:\Users\Ondra\Downloads\WoT_internet_install_eu.exe
2015-10-27 21:39 - 2015-10-31 13:32 - 00000000 ____D C:\Users\Ondra\Documents\Harry Potter
2015-10-27 21:38 - 2015-10-27 21:38 - 00000000 ____D C:\Users\Ondra\AppData\Roaming\WinRAR
2015-10-27 21:37 - 2015-10-27 21:37 - 02129208 _____ C:\Users\Ondra\Downloads\winrar-x64-521cz.exe
2015-10-27 21:37 - 2015-10-27 21:37 - 00000000 ____D C:\Users\Ondra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-10-27 21:37 - 2015-10-27 21:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-10-27 21:37 - 2015-10-27 21:37 - 00000000 ____D C:\Program Files\WinRAR
2015-10-27 21:13 - 2015-10-27 21:38 - 287960053 _____ C:\Users\Ondra\Downloads\Harry-Potter-a-Kámen-mudrců-hra-cz-tit...rar
2015-10-26 21:36 - 2015-10-26 21:41 - 692558582 _____ C:\Users\Ondra\Downloads\zasilka-GPLVZADWTCFCC649.zip
2015-10-23 17:41 - 2015-10-23 17:41 - 05339440 _____ C:\Users\Ondra\Documents\severni pohled2.pln
2015-10-23 15:41 - 2015-10-23 17:04 - 05293264 _____ C:\Users\Ondra\Documents\západní pohled.pln
2015-10-23 15:41 - 2015-10-23 17:03 - 05293264 _____ C:\Users\Ondra\Documents\západní pohled.bpn
2015-10-22 15:43 - 2015-10-23 17:00 - 05262448 _____ C:\Users\Ondra\Documents\východní pohled.pln
2015-10-22 15:43 - 2015-10-23 16:53 - 05260656 _____ C:\Users\Ondra\Documents\východní pohled.bpn
2015-10-22 11:44 - 2015-10-23 17:52 - 05339968 _____ C:\Users\Ondra\Documents\severni pohled.pln
2015-10-22 11:44 - 2015-10-23 17:52 - 05339968 _____ C:\Users\Ondra\Documents\severni pohled.bpn
2015-10-22 11:25 - 2015-10-23 17:53 - 05287920 _____ C:\Users\Ondra\Documents\jižní pohled.pln
2015-10-22 11:25 - 2015-10-23 16:49 - 05277216 _____ C:\Users\Ondra\Documents\jižní pohled.bpn
2015-10-21 12:47 - 2015-10-21 13:02 - 05286400 _____ C:\Users\Ondra\Documents\Pohledy2.pln
2015-10-21 12:47 - 2015-10-21 13:02 - 05286128 _____ C:\Users\Ondra\Documents\Pohledy2.bpn
2015-10-21 10:55 - 2015-11-14 13:00 - 00000970 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-21 10:55 - 2015-11-14 12:00 - 00000966 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-21 10:55 - 2015-11-11 09:01 - 00002214 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-10-21 10:55 - 2015-10-21 11:33 - 00000000 ____D C:\Users\Ondra\AppData\Local\Google
2015-10-21 10:55 - 2015-10-21 10:55 - 00003942 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-10-21 10:55 - 2015-10-21 10:55 - 00003706 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-10-21 10:55 - 2015-10-21 10:55 - 00000000 ____D C:\Users\Ondra\AppData\Local\Deployment
2015-10-21 10:55 - 2015-10-21 10:55 - 00000000 ____D C:\Users\Ondra\AppData\Local\Apps\2.0
2015-10-21 10:55 - 2015-10-21 10:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-10-21 10:55 - 2015-10-21 10:55 - 00000000 ____D C:\Program Files (x86)\Google
2015-10-21 09:57 - 2015-10-21 10:43 - 00331316 _____ C:\windows\msxml4-KB973688-enu.LOG
2015-10-21 09:56 - 2015-10-21 09:56 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0
2015-10-21 09:55 - 2015-10-21 10:43 - 00334572 _____ C:\windows\msxml4-KB954430-enu.LOG
2015-10-21 09:47 - 2015-10-21 10:45 - 00000000 ____D C:\Program Files (x86)\Microsoft Studios
2015-10-21 09:47 - 2015-10-21 09:47 - 00000278 _____ C:\prefs.js
2015-10-21 09:47 - 2015-10-21 09:47 - 00000000 ____D C:\searchplugins
2015-10-21 09:46 - 2015-10-21 09:47 - 00000000 ____D C:\Users\Ondra\AppData\Roaming\DAEMON Tools Lite
2015-10-21 09:46 - 2015-10-21 09:46 - 00425744 _____ (Lavasoft Limited) C:\windows\system32\LavasoftTcpService64.dll
2015-10-21 09:46 - 2015-10-21 09:46 - 00345360 _____ (Lavasoft Limited) C:\windows\SysWOW64\LavasoftTcpService.dll
2015-10-21 09:46 - 2015-10-21 09:46 - 00030264 _____ (Disc Soft Ltd) C:\windows\system32\Drivers\dtlitescsibus.sys
2015-10-21 09:46 - 2015-10-21 09:46 - 00002864 _____ C:\windows\SysWOW64\LavasoftTcpServiceOff.ini
2015-10-21 09:46 - 2015-10-21 09:46 - 00002864 _____ C:\windows\system32\LavasoftTcpServiceOff.ini
2015-10-21 09:46 - 2015-10-21 09:46 - 00000000 ____D C:\Users\Ondra\AppData\Local\Disc_Soft_Ltd
2015-10-21 09:46 - 2015-10-21 09:46 - 00000000 ____D C:\Program Files (x86)\Disc Soft
2015-10-21 09:44 - 2015-10-21 09:44 - 01709792 _____ (Disc Soft Ltd.) C:\Users\Ondra\Downloads\DTLiteInstaller (2).exe
2015-10-21 09:43 - 2015-10-21 09:43 - 00008192 _____ C:\Users\Ondra\Downloads\DTLiteInstaller (1).exe.qhx1nc9.partial
2015-10-21 09:40 - 2015-11-14 11:36 - 00000000 ____D C:\Users\Ondra\AppData\Roaming\Seznam.cz
2015-10-21 09:40 - 2015-10-21 09:40 - 01219808 _____ C:\Users\Ondra\Downloads\DAEMON Tools Lite 10 Serial Key__15022_i1718968210_il88138.exe
2015-10-21 09:40 - 2015-10-21 09:40 - 00000000 ____D C:\Program Files (x86)\Seznam.cz
2015-10-21 09:37 - 2015-10-21 09:46 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2015-10-21 09:36 - 2015-10-21 09:36 - 01709792 _____ (Disc Soft Ltd.) C:\Users\Ondra\Downloads\DTLiteInstaller.exe
2015-10-20 21:23 - 2015-10-20 22:17 - 1815812096 _____ C:\Users\Ondra\Downloads\_Oceanofgames.com_Age_of_Empires3.iso
2015-10-15 22:27 - 2015-09-19 04:18 - 00035384 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2015-10-15 22:27 - 2015-09-18 14:42 - 01290752 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-10-15 22:27 - 2015-09-18 14:42 - 01163776 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-10-15 22:27 - 2015-09-18 14:42 - 00766464 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-10-15 22:27 - 2015-09-18 14:42 - 00699904 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-10-15 22:27 - 2015-09-18 14:42 - 00503296 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-10-15 22:27 - 2015-09-18 14:42 - 00073216 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2015-10-15 12:32 - 2015-10-21 11:28 - 05271104 _____ C:\Users\Ondra\Documents\Pohledy.pln
2015-10-15 12:32 - 2015-10-15 12:57 - 05276752 _____ C:\Users\Ondra\Documents\Pohledy.bpn

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-14 13:02 - 2015-09-28 13:40 - 00002884 _____ C:\windows\lupdate.log
2015-11-14 13:00 - 2013-08-22 16:36 - 00000000 ____D C:\windows\system32\sru
2015-11-14 12:40 - 2015-09-28 13:37 - 01372900 _____ C:\windows\WindowsUpdate.log
2015-11-14 11:34 - 2015-09-25 06:49 - 00003930 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{06C60D7B-17CC-425E-9AA8-4CA4936E1744}
2015-11-14 11:32 - 2015-09-25 06:34 - 00000000 ____D C:\Users\Ondra\AppData\Local\SweetLabs App Platform
2015-11-13 18:48 - 2015-09-28 13:17 - 00000000 ____D C:\Users\Ondra\.gimp-2.8
2015-11-13 11:35 - 2015-09-28 20:45 - 00000000 ____D C:\Program Files (x86)\Opera
2015-11-12 19:17 - 2015-02-11 21:47 - 00000000 ____D C:\windows\System32\Tasks\Lenovo
2015-11-12 19:17 - 2013-08-22 16:36 - 00000000 ____D C:\windows\system32\NDF
2015-11-12 19:16 - 2015-02-11 21:18 - 00740946 _____ C:\windows\system32\perfh005.dat
2015-11-12 19:16 - 2015-02-11 21:18 - 00152150 _____ C:\windows\system32\perfc005.dat
2015-11-12 19:16 - 2014-03-18 10:53 - 01749406 _____ C:\windows\system32\PerfStringBackup.INI
2015-11-12 19:13 - 2015-02-11 21:20 - 00032744 _____ C:\windows\SysWOW64\Gms.log
2015-11-12 19:10 - 2015-09-28 13:12 - 00006563 _____ C:\windows\setupact.log
2015-11-12 19:10 - 2013-08-22 15:45 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-11-12 19:09 - 2015-02-11 21:48 - 00002560 _____ C:\windows\system32\VfService.trf
2015-11-12 19:09 - 2015-02-11 20:22 - 00153336 _____ C:\windows\system32\wpbbin.exe
2015-11-12 19:09 - 2015-02-11 20:22 - 00111088 _____ (Lenovo (Beijing) Limited) C:\windows\system32\LenovoCheck.exe
2015-11-12 19:09 - 2015-02-11 20:22 - 00026608 _____ (Lenovo) C:\windows\system32\LenovoUpdate.exe
2015-11-12 19:08 - 2013-08-22 16:36 - 00000000 ___RD C:\windows\ToastData
2015-11-12 16:47 - 2013-08-22 16:20 - 00000000 ____D C:\windows\CbsTemp
2015-11-11 21:55 - 2015-09-28 13:36 - 00012360 _____ C:\windows\PFRO.log
2015-11-11 21:55 - 2013-08-22 15:44 - 00552792 _____ C:\windows\system32\FNTCACHE.DAT
2015-11-11 14:33 - 2013-08-22 14:25 - 00262144 ___SH C:\windows\system32\config\BBI
2015-11-11 14:31 - 2015-09-30 00:12 - 00000000 ____D C:\windows\system32\MRT
2015-11-11 14:28 - 2015-09-30 00:12 - 145617392 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-11-11 13:15 - 2015-09-25 06:41 - 00003594 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-157143914-34706309-1526443958-1001
2015-11-11 12:51 - 2015-09-25 06:35 - 00000000 ____D C:\Users\Ondra\AppData\Local\VirtualStore
2015-11-11 11:23 - 2013-08-22 16:36 - 00000000 ____D C:\windows\AppReadiness
2015-11-11 08:40 - 2015-09-26 22:57 - 00002403 _____ C:\Users\Ondra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2015-11-09 00:11 - 2015-10-12 19:23 - 00000000 ____D C:\Users\Ondra\AppData\Roaming\Skype
2015-11-08 08:50 - 2015-09-28 14:08 - 01059656 _____ (AVAST Software) C:\windows\system32\Drivers\aswsnx.sys
2015-11-08 08:50 - 2015-09-28 14:08 - 00449992 _____ (AVAST Software) C:\windows\system32\Drivers\aswsp.sys
2015-11-06 03:53 - 2015-09-26 10:05 - 00000000 ____D C:\Program Files (x86)\SpeedFan
2015-11-05 22:44 - 2015-09-28 20:45 - 00003832 _____ C:\windows\System32\Tasks\Opera scheduled Autoupdate 1443469534
2015-11-05 22:44 - 2015-09-28 20:45 - 00001074 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-11-04 23:39 - 2015-02-11 21:08 - 00003722 _____ C:\windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2015-11-04 23:39 - 2015-02-11 21:08 - 00003476 _____ C:\windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon
2015-11-03 22:53 - 2015-09-26 11:35 - 00000000 ____D C:\Users\Ondra\Desktop\Games
2015-11-03 19:27 - 2015-02-11 21:57 - 00000000 ____D C:\ProgramData\CyberLink
2015-11-03 16:38 - 2015-10-12 20:02 - 00000000 ____D C:\Users\Ondra\Graphisoft
2015-11-03 16:32 - 2015-09-28 11:43 - 00000000 ____D C:\Users\Ondra\AppData\Local\Popcorn-Time
2015-11-03 16:14 - 2015-10-12 20:03 - 00000000 ____D C:\Users\Ondra\Documents\BIMx
2015-11-03 01:23 - 2013-08-22 16:38 - 00810488 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-11-03 01:23 - 2013-08-22 16:38 - 00176632 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-01 23:56 - 2015-10-11 20:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-11-01 23:56 - 2015-09-25 06:34 - 00000000 ____D C:\Users\Ondra
2015-11-01 23:55 - 2015-10-11 20:35 - 00097888 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2015-11-01 23:55 - 2015-10-11 20:34 - 00000000 ____D C:\Program Files (x86)\Java
2015-11-01 23:54 - 2015-10-12 19:23 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-11-01 23:54 - 2015-10-12 19:22 - 00000000 ____D C:\ProgramData\Skype
2015-10-31 10:55 - 2015-09-25 06:42 - 00002673 _____ C:\Users\Ondra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo Web Start.lnk
2015-10-30 14:36 - 2015-09-28 14:08 - 00004182 _____ C:\windows\System32\Tasks\avast! Emergency Update
2015-10-27 21:57 - 2013-08-22 16:36 - 00000000 ____D C:\windows\LiveKernelReports
2015-10-27 21:38 - 2015-09-26 11:35 - 00000000 ____D C:\Users\Ondra\Desktop\Programy
2015-10-27 09:25 - 2015-02-11 21:27 - 00000000 ____D C:\Program Files (x86)\Lenovo
2015-10-21 09:42 - 2013-08-22 16:36 - 00000000 ____D C:\windows\system32\GroupPolicy
2015-10-16 10:09 - 2015-10-01 12:07 - 00000000 ____D C:\windows\system32\appraiser
2015-10-16 10:09 - 2015-02-11 21:02 - 00000000 ___SD C:\windows\system32\CompatTel
2015-10-15 23:32 - 2013-08-22 16:36 - 00000000 ____D C:\windows\rescache

==================== Files in the root of some directories =======

2015-11-13 18:42 - 2015-11-13 18:42 - 0002709 _____ () C:\Users\Ondra\AppData\Local\recently-used.xbel
2015-02-11 21:13 - 2015-02-11 21:13 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-09-25 06:40 - 2015-09-25 21:45 - 0000021 _____ () C:\ProgramData\settings.cfg

Some files in TEMP:
====================
C:\Users\Ondra\AppData\Local\Temp\avg-d15bbc6e-f353-4051-85ee-346ef001d146.exe
C:\Users\Ondra\AppData\Local\Temp\McCSPInstall.dll
C:\Users\Ondra\AppData\Local\Temp\mccspuninstall.exe
C:\Users\Ondra\AppData\Local\Temp\oct499A.tmp.exe
C:\Users\Ondra\AppData\Local\Temp\oct990D.tmp.exe
C:\Users\Ondra\AppData\Local\Temp\octEB0E.tmp.exe
C:\Users\Ondra\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Ondra\AppData\Local\Temp\sfamcc00002.dll
C:\Users\Ondra\AppData\Local\Temp\sfareca00001.dll
C:\Users\Ondra\AppData\Local\Temp\sfareca00002.dll
C:\Users\Ondra\AppData\Local\Temp\{47331A1D-CE4C-4A26-B2FF-8F9D9CD6FBCE}.dll
C:\Users\Ondra\AppData\Local\Temp\{AA20BB13-430C-47AE-8984-38AD6CC7B09B}.dll
C:\Users\Ondra\AppData\Local\Temp\{D3873399-D0F9-422F-A4D8-DD4E68BBE1C9}.dll
C:\Users\Ondra\AppData\Local\Temp\{F8B61319-3D3F-43E7-8D6F-06656427974F}.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-11-08 09:42

==================== End of FRST.txt ============================

Re: Kontrola logu - Využití disku 100%

Napsal: 14 lis 2015 18:17
od Rudy
Otevřte poznámkový blok a zkopírujte do něj:
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-10-06] (Oracle Corporation)
HKU\S-1-5-21-157143914-34706309-1526443958-1001\...\MountPoints2: {2c7aeb92-76f8-11e5-8269-54ee753eeba4} - "E:\setup.exe"
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
C:\Program Files (x86)\Skype\Toolbars
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
CHR Extension: (Loot Find) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfdgfgcnonkhcglcmbeledioanijilkc [2015-10-21] [UpdateUrl: hxxp://cdn.lootfind.net/update] <==== ATTENTION
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
S1 fumodsac; \??\C:\windows\system32\drivers\fumodsac.sys [X]
C:\windows\system32\ApnDatabase.xml
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\ProgramData\DP45977C.lfl
C:\Users\Ondra\AppData\Local\Temp
IE trusted site: HKU\S-1-5-21-157143914-34706309-1526443958-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-157143914-34706309-1526443958-1001\...\webcompanion.com -> hxxp://webcompanion.com
End
Uložte do C:\Users\Ondra\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: Kontrola logu - Využití disku 100%

Napsal: 20 lis 2015 14:34
od gtom
Fix result of Farbar Recovery Scan Tool (x64) Version:19-11-2015
Ran by Ondra (2015-11-20 14:24:35) Run:1
Running from C:\Users\Ondra\Downloads
Loaded Profiles: Ondra (Available Profiles: Ondra)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-10-06] (Oracle Corporation)
HKU\S-1-5-21-157143914-34706309-1526443958-1001\...\MountPoints2: {2c7aeb92-76f8-11e5-8269-54ee753eeba4} - "E:\setup.exe"
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
C:\Program Files (x86)\Skype\Toolbars
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
CHR Extension: (Loot Find) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfdgfgcnonkhcglcmbeledioanijilkc [2015-10-21] [UpdateUrl: hxxp://cdn.lootfind.net/update] <==== ATTENTION
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
S1 fumodsac; \??\C:\windows\system32\drivers\fumodsac.sys [X]
C:\windows\system32\ApnDatabase.xml
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\ProgramData\DP45977C.lfl
C:\Users\Ondra\AppData\Local\Temp
IE trusted site: HKU\S-1-5-21-157143914-34706309-1526443958-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-157143914-34706309-1526443958-1001\...\webcompanion.com -> hxxp://webcompanion.com
End

*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
"HKU\S-1-5-21-157143914-34706309-1526443958-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2c7aeb92-76f8-11e5-8269-54ee753eeba4}" => key removed successfully
HKCR\CLSID\{2c7aeb92-76f8-11e5-8269-54ee753eeba4} => key not found.
C:\windows\system32\GroupPolicy\Machine => moved successfully
C:\windows\system32\GroupPolicy\GPT.ini => moved successfully
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
C:\Program Files (x86)\Skype\Toolbars => moved successfully
"HKCR\PROTOCOLS\Handler\skypec2c" => key removed successfully
"HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => key removed successfully
HKCR\Wow6432Node\PROTOCOLS\Handler\skypec2c => key not found.
"HKCR\Wow6432Node\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => key removed successfully
C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfdgfgcnonkhcglcmbeledioanijilkc <==== ATTENTION => not found
c2cautoupdatesvc => Unable to stop service.
c2cautoupdatesvc => service removed successfully
c2cpnrsvc => Unable to stop service.
c2cpnrsvc => service removed successfully
fumodsac => service removed successfully
C:\windows\system32\ApnDatabase.xml => moved successfully
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
Could not move "C:\ProgramData\DP45977C.lfl" => Scheduled to move on reboot.
C:\Users\Ondra\AppData\Local\Temp => moved successfully
"HKU\S-1-5-21-157143914-34706309-1526443958-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\localhost" => key removed successfully
"HKU\S-1-5-21-157143914-34706309-1526443958-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com" => key removed successfully

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-11-20 14:27:01)

"C:\ProgramData\DP45977C.lfl" => Could not move

==== End of Fixlog 14:27:01 ====

Re: Kontrola logu - Využití disku 100%

Napsal: 20 lis 2015 17:50
od Rudy
Smazáno. Nastala nějaká změna?

Re: Kontrola logu - Využití disku 100%

Napsal: 21 lis 2015 19:44
od gtom
Problém se zatím nijak nezlepšil.

Re: Kontrola logu - Využití disku 100%

Napsal: 21 lis 2015 20:54
od Rudy
Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

Re: Kontrola logu - Využití disku 100%

Napsal: 23 lis 2015 00:08
od gtom
Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 22. 11. 2015
Čas skenování: 22:46
Protokol: Malwerw.txt
Správce: Ano

Verze: 2.2.0.1024
Databáze malwaru: v2015.11.22.05
Databáze rootkitů: v2015.11.22.02
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto

OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: Ondra

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 338338
Uplynulý čas: 12 min, 36 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 12
PUP.Optional.BrowseFox, HKLM\SOFTWARE\CLASSES\APPID\{40cddb56-1b5f-4b69-b80d-17bff56f6ff5}, , [c24b0b768308290d13df57eeb34fd42c],
PUP.Optional.BrowseFox, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{40CDDB56-1B5F-4B69-B80D-17BFF56F6FF5}, , [c24b0b768308290d13df57eeb34fd42c],
PUP.Optional.BrowseFox, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{40CDDB56-1B5F-4B69-B80D-17BFF56F6FF5}, , [c24b0b768308290d13df57eeb34fd42c],
PUP.Optional.BrowseFox, HKLM\SOFTWARE\CLASSES\APPID\{cea3f5dc-2beb-4769-a82d-db95eda174d8}, , [020b8af76d1e3bfb8f64ff4650b2fa06],
PUP.Optional.BrowseFox, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{CEA3F5DC-2BEB-4769-A82D-DB95EDA174D8}, , [020b8af76d1e3bfb8f64ff4650b2fa06],
PUP.Optional.BrowseFox, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{CEA3F5DC-2BEB-4769-A82D-DB95EDA174D8}, , [020b8af76d1e3bfb8f64ff4650b2fa06],
PUP.Optional.BrowseFox, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{b99604a6-a864-4b48-a1e0-63048b520129}, , [739a60213358bb7b61f94ff56e94eb15],
PUP.Optional.BrowseFox, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{B99604A6-A864-4B48-A1E0-63048B520129}, , [739a60213358bb7b61f94ff56e94eb15],
PUP.Optional.BrowseFox, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{B99604A6-A864-4B48-A1E0-63048B520129}, , [739a60213358bb7b61f94ff56e94eb15],
PUP.Optional.BrowseFox, HKU\S-1-5-21-157143914-34706309-1526443958-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{B99604A6-A864-4B48-A1E0-63048B520129}, , [739a60213358bb7b61f94ff56e94eb15],
PUP.Optional.BrowseFox, HKU\S-1-5-21-157143914-34706309-1526443958-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{B99604A6-A864-4B48-A1E0-63048B520129}, , [739a60213358bb7b61f94ff56e94eb15],
PUP.Optional.YahooVNM, HKU\S-1-5-21-157143914-34706309-1526443958-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{C0C3A6C6-03BC-4195-8FCB-AEA091301353}, , [ea23c7ba6b201a1c70b110989c6703fd],

Hodnoty registru: 1
PUP.Optional.YahooVNM, HKU\S-1-5-21-157143914-34706309-1526443958-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{C0C3A6C6-03BC-4195-8FCB-AEA091301353}|URL, https://search.yahoo.com/search?fr=vmn& ... earchTerms}, , [ea23c7ba6b201a1c70b110989c6703fd]

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 6
PUP.Optional.CharmSavings, C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\databases\http_charmsavings.com_0, , [5ab3fb860c7fa5917a8505859072fd03],
PUP.Optional.CharmSavings, C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\http_charmsavings.com_0.indexeddb.leveldb, , [7b92dfa2abe080b653ada9e252b0a060],
PUP.Optional.Yontoo.ChrPRST, C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfdgfgcnonkhcglcmbeledioanijilkc\1.0.5769.30239_0, , [0b02bcc5f893f640dae6f992986c7b85],
PUP.Optional.Yontoo.ChrPRST, C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfdgfgcnonkhcglcmbeledioanijilkc, , [0b02bcc5f893f640dae6f992986c7b85],
PUP.Optional.Yontoo.ChrPRST, C:\Users\Ondra\AppData\Roaming\Opera Software\Opera Stable\Extensions\hfdgfgcnonkhcglcmbeledioanijilkc\1.0.5769.30239_0, , [9f6ee69b870437ff25993e4d659f51af],
PUP.Optional.Yontoo.ChrPRST, C:\Users\Ondra\AppData\Roaming\Opera Software\Opera Stable\Extensions\hfdgfgcnonkhcglcmbeledioanijilkc, , [9f6ee69b870437ff25993e4d659f51af],

Soubory: 22
PUP.Optional.Amonetize, C:\Users\Ondra\Downloads\DAEMON Tools Lite 10 Serial Key__15022_i1718968210_il88138.exe, , [7895f58ca3e8fb3b60fcafb851b0da26],
PUP.Optional.VisualDiscovery, C:\Windows\Temp\VisualDiscovery.log, , [f71684fdd4b79d991d69f6ae36cda65a],
PUP.Optional.VisualDiscovery, C:\Windows\Temp\VisualDiscoveryr.log, , [f31aadd4315ab086d3b45a4a847f9a66],
PUP.Optional.CharmSavings, C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_charmsavings.com_0.localstorage, , [27e6bec32e5d4de93209952d07fc52ae],
PUP.Optional.CharmSavings, C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_charmsavings.com_0.localstorage-journal, , [14f94d34612aaa8caa91fac85aa9a15f],
PUP.Optional.Yontoo.ChrPRST, C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_lootfind-a.akamaihd.net_0.localstorage, , [6f9e1071cac1a6904c1ba030986b1ce4],
PUP.Optional.Yontoo.ChrPRST, C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_lootfind-a.akamaihd.net_0.localstorage-journal, , [19f4e1a01873b086e3846a669b68a060],
PUP.Optional.CharmSavings, C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\databases\http_charmsavings.com_0\1, , [5ab3fb860c7fa5917a8505859072fd03],
PUP.Optional.CharmSavings, C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\http_charmsavings.com_0.indexeddb.leveldb\000003.log, , [7b92dfa2abe080b653ada9e252b0a060],
PUP.Optional.CharmSavings, C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\http_charmsavings.com_0.indexeddb.leveldb\CURRENT, , [7b92dfa2abe080b653ada9e252b0a060],
PUP.Optional.CharmSavings, C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\http_charmsavings.com_0.indexeddb.leveldb\LOCK, , [7b92dfa2abe080b653ada9e252b0a060],
PUP.Optional.CharmSavings, C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\http_charmsavings.com_0.indexeddb.leveldb\LOG, , [7b92dfa2abe080b653ada9e252b0a060],
PUP.Optional.CharmSavings, C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\http_charmsavings.com_0.indexeddb.leveldb\LOG.old, , [7b92dfa2abe080b653ada9e252b0a060],
PUP.Optional.CharmSavings, C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\http_charmsavings.com_0.indexeddb.leveldb\MANIFEST-000001, , [7b92dfa2abe080b653ada9e252b0a060],
PUP.Optional.Yontoo.ChrPRST, C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfdgfgcnonkhcglcmbeledioanijilkc\1.0.5769.30239_0\manifest.json, , [0b02bcc5f893f640dae6f992986c7b85],
PUP.Optional.Yontoo.ChrPRST, C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfdgfgcnonkhcglcmbeledioanijilkc\1.0.5769.30239_0\background.js, , [0b02bcc5f893f640dae6f992986c7b85],
PUP.Optional.Yontoo.ChrPRST, C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfdgfgcnonkhcglcmbeledioanijilkc\1.0.5769.30239_0\content.js, , [0b02bcc5f893f640dae6f992986c7b85],
PUP.Optional.Yontoo.ChrPRST, C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfdgfgcnonkhcglcmbeledioanijilkc\1.0.5769.30239_0\icon.png, , [0b02bcc5f893f640dae6f992986c7b85],
PUP.Optional.Yontoo.ChrPRST, C:\Users\Ondra\AppData\Roaming\Opera Software\Opera Stable\Extensions\hfdgfgcnonkhcglcmbeledioanijilkc\1.0.5769.30239_0\manifest.json, , [9f6ee69b870437ff25993e4d659f51af],
PUP.Optional.Yontoo.ChrPRST, C:\Users\Ondra\AppData\Roaming\Opera Software\Opera Stable\Extensions\hfdgfgcnonkhcglcmbeledioanijilkc\1.0.5769.30239_0\background.js, , [9f6ee69b870437ff25993e4d659f51af],
PUP.Optional.Yontoo.ChrPRST, C:\Users\Ondra\AppData\Roaming\Opera Software\Opera Stable\Extensions\hfdgfgcnonkhcglcmbeledioanijilkc\1.0.5769.30239_0\content.js, , [9f6ee69b870437ff25993e4d659f51af],
PUP.Optional.Yontoo.ChrPRST, C:\Users\Ondra\AppData\Roaming\Opera Software\Opera Stable\Extensions\hfdgfgcnonkhcglcmbeledioanijilkc\1.0.5769.30239_0\icon.png, , [9f6ee69b870437ff25993e4d659f51af],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

Re: Kontrola logu - Využití disku 100%

Napsal: 23 lis 2015 18:04
od Rudy
Všechny nálezy smažte.

Re: Kontrola logu - Využití disku 100%

Napsal: 23 lis 2015 19:01
od gtom
Všechny nálezy smazány, problém s využitím disku a zamrzáním přetrvává.

Re: Kontrola logu - Využití disku 100%

Napsal: 23 lis 2015 19:53
od Rudy
Podívejte se do správce úloh, který proces nejvíce zatěžuje systém.

Re: Kontrola logu - Využití disku 100%

Napsal: 23 lis 2015 20:23
od gtom
Nejvíce vytěžuje disk "Systém" a "Hostitel služby: Místní systém".

Re: Kontrola logu - Využití disku 100%

Napsal: 23 lis 2015 21:16
od Rudy
Na zkoušku vypněte aut. aktualizace systému a přeinstalujte antivir.

Re: Kontrola logu - Využití disku 100%

Napsal: 25 lis 2015 09:16
od gtom
Zkusil jsem vypnout aktualizace Windows a přeinstalovat antivirový program Avast.

Nepozoruji žádné zlepšení.

Re: Kontrola logu - Využití disku 100%

Napsal: 25 lis 2015 18:53
od Rudy
Co jste instaloval těsně před tím, než se problém objevil?
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz