zpomalený PC, prosím o pomoc

[ondrejs]

Zdravím místní borce a borkyně,

vracím se jako dobrý holub po delší době a prosím o radu.

P.S. jo mám tu svinčík který jsem nestihl uklidit, vir byl rychlejší

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-01-2015
Ran by Ondra (administrator) on ONDRA-PC (08-01-2016 10:06:33)
Running from C:\Users\Ondra\Desktop
Loaded Profiles: Ondra (Available Profiles: Ondra)
Platform: Windows 7 Ultimate (X64) Language: Čeština (Česká republika)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
() C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzUpdt.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\PowerControlHelp.exe
() C:\Windows\SysWOW64\ASGT.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.05\AsusFanControlService.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Robert McNeel & Associates) C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
() C:\Users\Ondra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\googlecpupdate.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Samsung Electronics.) C:\Program Files (x86)\Samsung Magician\Samsung Magician.exe
() C:\Users\Ondra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\win32cldefender.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetSvcHelp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetiCtrlTray.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
() C:\Program Files (x86)\CPU Thermometer\CPUThermometer.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2655520 2015-10-12] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-20] (Intel Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499920 2014-09-12] (Adobe Systems Inc.)
HKLM-x32\...\Run: [MSStp] => C:\Windows\SysWOW64\msstp.vbe [1419 2014-01-19] ()
HKLM-x32\...\Run: [mncwrgtpSrv] => C:\Windows\inf\mncwrgtp.vbe
HKU\S-1-5-21-180312543-2219060438-160504956-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-180312543-2219060438-160504956-1000\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
HKU\S-1-5-21-180312543-2219060438-160504956-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-180312543-2219060438-160504956-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3639280 2016-01-07] (Electronic Arts)
HKU\S-1-5-21-180312543-2219060438-160504956-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8591272 2015-11-16] (Piriform Ltd)
HKU\S-1-5-21-180312543-2219060438-160504956-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50378880 2015-12-17] (Skype Technologies S.A.)
HKU\S-1-5-21-180312543-2219060438-160504956-1000\...\Policies\Explorer: []
HKU\S-1-5-21-180312543-2219060438-160504956-1000\...\MountPoints2: {00a56747-9e67-11e5-a39d-c860009b5672} - G:\setup.exe
HKU\S-1-5-21-180312543-2219060438-160504956-1000\...\MountPoints2: {60ef33a9-783c-11e5-a1eb-c860009b5672} - G:\INSTALL.EXE
HKU\S-1-5-21-180312543-2219060438-160504956-1000\...\MountPoints2: {e86c5651-7638-11e5-a315-c860009b5672} - I:\LFS_06G_S2_JimbusEd_setup.exe
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2013-02-08] (Autodesk, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Network Server.lnk [2015-11-01]
ShortcutTarget: Network Server.lnk -> C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe (WIBU-SYSTEMS AG)
Startup: C:\Users\Ondra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\googlecpupdate.exe [2016-01-07] ()
Startup: C:\Users\Ondra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk [2015-09-06]
ShortcutTarget: Samsung Magician.lnk -> C:\Program Files (x86)\Samsung Magician\Samsung Magician.exe (Samsung Electronics.)
Startup: C:\Users\Ondra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\win32cldefender.exe [2016-01-07] ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 127.0.0.1 validation.sls.microsoft.com
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{50B26C46-B851-439F-BB22-4C9CE25A3C8F}: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{D5199E61-C6AB-44C3-88E7-B3835FC508F7}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKU\S-1-5-21-180312543-2219060438-160504956-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-180312543-2219060438-160504956-1000 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-14] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-14] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-14] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-14] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Ondra\AppData\Roaming\Mozilla\Firefox\Profiles\k72m93dr.default
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll [2015-12-29] ()
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll [2015-12-29] ()
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-07-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-07-23] (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2014-09-12] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems)
FF user.js: detected! => C:\Users\Ondra\AppData\Roaming\Mozilla\Firefox\Profiles\k72m93dr.default\user.js [2015-10-16]
FF Extension: Adblock Plus - C:\Users\Ondra\AppData\Roaming\Mozilla\Firefox\Profiles\k72m93dr.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-12-15]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2015-10-18] [not signed]

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-09-12]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2015-09-06] ()
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [File not signed]
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2015-09-06] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2015-09-06] (ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.05\AsusFanControlService.exe [2005504 2015-09-06] (ASUSTeK Computer Inc.) [File not signed]
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.) [File not signed]
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156384 2015-10-12] (NVIDIA Corporation)
S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160768 2011-05-27] (Intel Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 McNeelUpdate; C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe [67224 2014-06-09] (Robert McNeel & Associates)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1873696 2015-10-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568288 2015-10-12] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2016-01-07] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-11-25] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-23] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2012-09-14] ()
R3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2015-10-20] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20768 2015-10-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
R2 WIBUKEY; C:\Windows\System32\DRIVERS\WibuKey64.sys [97792 2011-09-22] (WIBU-SYSTEMS AG)
R4 IOMap; \??\C:\Windows\system32\drivers\IOMap64.sys [X]
R3 WinRing0_1_2_0; \??\C:\Users\Ondra\AppData\Local\Temp\tmp8BE9.tmp [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-08 10:06 - 2016-01-08 10:06 - 00017994 _____ C:\Users\Ondra\Desktop\FRST.txt
2016-01-08 10:06 - 2016-01-08 10:06 - 00000000 ____D C:\FRST
2016-01-08 10:03 - 2016-01-08 10:03 - 02370560 _____ (Farbar) C:\Users\Ondra\Desktop\FRST64.exe
2016-01-07 21:16 - 2016-01-07 21:17 - 04499821 _____ C:\Users\Ondra\Downloads\Need-for-Speed-Most-Wanted-CRACK-2012.rar
2016-01-07 21:14 - 2016-01-07 21:14 - 00430291 _____ C:\Users\Ondra\Downloads\Need-For-Speed-Most-Wanted-2012-Crack.zip
2016-01-07 21:12 - 2016-01-07 21:14 - 16668624 _____ C:\Users\Ondra\Downloads\NFS-Most-Wanted-Crack+Key+Čeština+Patch.zip
2016-01-07 21:11 - 2016-01-07 21:11 - 00137728 _____ C:\Users\Ondra\AppData\Roaming\gpu.exe
2016-01-07 21:11 - 2016-01-07 21:11 - 00128197 _____ C:\Users\Ondra\AppData\Roaming\cpu.exe
2016-01-07 21:10 - 2016-01-07 21:11 - 00156504 _____ C:\Users\Ondra\Downloads\NFS-Most-Wanted-Crack.zip
2016-01-07 21:01 - 2016-01-07 21:01 - 00000000 ____D C:\Program Files (x86)\Origin Games
2016-01-07 20:49 - 2016-01-07 20:49 - 00000000 ____D C:\Users\Ondra\AppData\Local\ElevatedDiagnostics
2016-01-07 20:43 - 2016-01-07 20:43 - 00000000 ____D C:\Users\Ondra\Documents\Criterion Games
2016-01-07 20:40 - 2016-01-07 20:40 - 00002168 _____ C:\Users\Ondra\Desktop\Need for Speed Most Wanted Limited Edition.lnk
2016-01-07 20:40 - 2016-01-07 20:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Need for Speed Most Wanted Limited Edition
2016-01-07 20:37 - 2016-01-07 20:58 - 00000000 ____D C:\Users\Ondra\Downloads\Need.for.Speed.Shift.2.Unleashed-RELOADED
2016-01-07 20:35 - 2016-01-07 21:17 - 00000000 ____D C:\Program Files (x86)\Need for Speed Most Wanted Limited Edition
2016-01-07 20:14 - 2016-01-07 20:14 - 00000000 ____D C:\Users\Ondra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Live for Speed
2016-01-07 20:13 - 2016-01-07 20:20 - 00000000 ____D C:\Program Files (x86)\Live for Speed
2016-01-07 19:43 - 2016-01-07 19:43 - 00001586 _____ C:\Users\Public\Desktop\FlatOut.lnk
2016-01-07 19:43 - 2016-01-07 19:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2016-01-07 19:42 - 2016-01-07 19:42 - 00000000 ____D C:\GOG Games
2016-01-07 18:22 - 2016-01-07 18:35 - 428818912 _____ (Live for Speed) C:\Users\Ondra\Downloads\LFS_S3_6K_setup.exe
2016-01-07 17:50 - 2016-01-07 18:58 - 1197480957 _____ C:\Users\Ondra\Downloads\Flatout-EN+CZ_for_Windows_XP-Vista-7-8_and_later.rar
2016-01-07 17:31 - 2016-01-07 20:42 - 1688907776 _____ C:\Users\Ondra\Downloads\sr-mafia2.iso
2016-01-07 17:20 - 2016-01-07 17:20 - 00000000 ____D C:\Program Files (x86)\CtrlAlt
2016-01-07 10:44 - 2016-01-07 17:25 - 00058108 _____ C:\Users\Ondra\Desktop\heidrich_interier.dwg
2016-01-07 10:44 - 2016-01-07 17:25 - 00047650 _____ C:\Users\Ondra\Desktop\heidrich_interier.bak
2016-01-05 23:16 - 2016-01-06 00:26 - 02962461 _____ C:\Users\Ondra\Desktop\mamka2.3dm
2016-01-05 23:16 - 2016-01-06 00:02 - 02081192 _____ C:\Users\Ondra\Desktop\mamka2.3dmbak
2016-01-05 23:08 - 2016-01-05 23:08 - 04077506 _____ C:\Users\Ondra\Downloads\Untitled.3dm
2016-01-05 18:17 - 2016-01-05 19:42 - 00000000 ____D C:\Users\Ondra\Desktop\fuji x100
2016-01-05 16:53 - 2016-01-05 16:53 - 00000000 ____D C:\Users\Ondra\AppData\Local\Logitech
2016-01-05 16:50 - 2016-01-05 16:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2016-01-05 16:50 - 2016-01-05 16:50 - 00000000 ____D C:\Program Files\Logitech
2016-01-05 16:50 - 2016-01-05 16:50 - 00000000 ____D C:\Program Files\Common Files\Logitech
2016-01-05 16:48 - 2016-01-05 16:50 - 17276616 _____ (Logitech ) C:\Users\Ondra\Downloads\lgs510_x64.exe
2016-01-05 16:27 - 2009-12-16 13:10 - 00063488 _____ C:\Users\Ondra\Desktop\Transfer.xls
2016-01-05 16:27 - 2009-12-16 12:51 - 00029447 _____ C:\Users\Ondra\Desktop\Transfer.xlsm
2016-01-05 16:26 - 2016-01-05 16:26 - 00050317 _____ C:\Users\Ondra\Downloads\Transfer.zip
2015-12-29 11:54 - 2015-12-29 17:24 - 00109568 _____ C:\Users\Ondra\Desktop\mamka_16.dwg
2015-12-29 11:52 - 2016-01-07 17:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-12-29 11:44 - 2015-12-29 11:44 - 00169584 _____ C:\Users\Ondra\Downloads\mamka(1).dwg
2015-12-29 11:44 - 2015-12-29 11:44 - 00090938 _____ C:\Users\Ondra\Downloads\pud 07.dwg
2015-12-24 23:16 - 2015-12-24 23:16 - 00000879 _____ C:\Users\Ondra\Desktop\DiRT Rally.lnk
2015-12-24 23:16 - 2015-12-24 23:16 - 00000000 ____D C:\Users\Ondra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Black_Box
2015-12-24 20:45 - 2015-12-24 23:16 - 00000000 ____D C:\Program Files (x86)\DiRT Rally
2015-12-24 19:29 - 2015-12-24 19:29 - 00002348 _____ C:\Users\Ondra\Desktop\Next Car Game.lnk
2015-12-24 19:28 - 2015-12-24 19:28 - 00000000 ____D C:\Program Files (x86)\Bugbear Entertainment
2015-12-22 21:22 - 2015-12-22 21:22 - 00000034 _____ C:\Users\Ondra\Desktop\paczkomat.txt
2015-12-22 14:08 - 2015-12-22 14:08 - 00184332 _____ C:\Users\Ondra\Downloads\911519_Reko_chaty_poptávka.xlsx
2015-12-22 14:08 - 2015-12-22 14:08 - 00183009 _____ C:\Users\Ondra\Downloads\911519_Reko_chaty_rozpočet.xlsx
2015-12-22 14:03 - 2015-12-22 14:03 - 00034474 _____ C:\Users\Ondra\Downloads\Chata_č.p._197(1).xlsx
2015-12-22 13:52 - 2015-12-22 13:52 - 00030932 _____ C:\Users\Ondra\Downloads\rozpočet.xlsx
2015-12-22 12:15 - 2015-12-22 12:15 - 00000193 ____H C:\Users\Ondra\Downloads\faj_C20150901(1).dwl2
2015-12-22 12:15 - 2015-12-22 12:15 - 00000043 ____H C:\Users\Ondra\Downloads\faj_C20150901(1).dwl
2015-12-22 10:30 - 2015-12-22 10:30 - 00226706 _____ C:\Users\Ondra\Downloads\kuncice_elektro2.dwg
2015-12-22 09:00 - 2015-12-22 13:44 - 00991341 _____ C:\Users\Ondra\Desktop\kuncice_2015_12_16.dwg
2015-12-22 09:00 - 2015-12-22 12:51 - 01081997 _____ C:\Users\Ondra\Desktop\kuncice_2015_12_16.bak
2015-12-22 08:49 - 2015-12-22 09:43 - 00920307 _____ C:\Users\Ondra\Downloads\kuncice_2015_12_16.dwg
2015-12-22 08:49 - 2015-12-22 09:41 - 00729391 _____ C:\Users\Ondra\Downloads\kuncice_2015_12_16.bak
2015-12-22 08:49 - 2015-12-22 08:49 - 00034474 _____ C:\Users\Ondra\Downloads\Chata_č.p._197.xlsx
2015-12-21 15:12 - 2015-12-21 15:12 - 00000000 ____D C:\Users\Ondra\Downloads\Redist
2015-12-20 20:14 - 2015-12-20 20:14 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-12-20 20:14 - 2015-12-20 20:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-12-20 16:21 - 2015-12-20 17:11 - 00000000 ____D C:\foto
2015-12-17 07:31 - 2015-12-17 07:31 - 00100432 _____ C:\Users\Ondra\Desktop\Umístění HUP na pozemku - spěchá! _ Poradte.cz.pdf
2015-12-17 07:11 - 2015-12-17 07:11 - 00337430 _____ C:\Users\Ondra\Desktop\bazen_tisk.pdf
2015-12-15 19:04 - 2015-12-15 19:16 - 00000000 ____D C:\Users\Ondra\Downloads\Health - Death Magic [320]
2015-12-15 18:45 - 2015-12-15 18:45 - 00000000 ____D C:\Users\Ondra\Desktop\x
2015-12-15 12:08 - 2015-12-15 12:08 - 00000000 _____ C:\Users\Ondra\Desktop\cez!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!.txt
2015-12-14 21:03 - 2015-12-14 21:03 - 01543198 _____ C:\Users\Ondra\Desktop\situace_2010.dwg
2015-12-14 17:43 - 2015-12-14 17:43 - 00000000 ____D C:\Users\Public\Documents\Daemon Tools Images
2015-12-14 14:44 - 2015-12-14 14:44 - 00000035 _____ C:\Users\Ondra\Desktop\petr fejko.txt
2015-12-13 20:50 - 2016-01-05 18:17 - 00000000 ____D C:\Users\Ondra\Desktop\fuji
2015-12-12 21:06 - 2015-12-12 21:29 - 00131907 _____ C:\Users\Ondra\Downloads\modelar(1).bak
2015-12-12 20:51 - 2015-12-12 21:29 - 00131907 _____ C:\Users\Ondra\Downloads\modelar(1).dwg
2015-12-11 12:30 - 2015-12-11 12:30 - 02000556 _____ C:\Users\Ondra\Downloads\1005_151122160506_001.pdf
2015-12-11 12:30 - 2015-12-11 12:30 - 02000556 _____ C:\Users\Ondra\Desktop\1005_151122160506_001.pdf
2015-12-10 20:47 - 2015-12-10 20:47 - 00000075 _____ C:\Users\Ondra\Desktop\settings.sav
2015-12-10 20:42 - 2015-12-10 20:42 - 00003209 _____ C:\Users\Ondra\Downloads\Mass Effect ENB-1-1-0.zip
2015-12-10 20:41 - 2015-12-10 20:41 - 00005724 _____ C:\Users\Ondra\Downloads\Soft Shadows stand alone-1-1-0.zip
2015-12-10 20:40 - 2015-12-10 20:40 - 00000000 ____D C:\Users\Ondra\Downloads\MEUITM12062014
2015-12-10 20:38 - 2015-12-10 21:34 - 00000000 ____D C:\Users\Ondra\Desktop\meuitm
2015-12-10 20:33 - 2015-12-10 20:33 - 00038116 _____ C:\Users\Ondra\Desktop\BIOEngine.ini
2015-12-10 20:31 - 2010-03-21 23:18 - 00041984 _____ (Lee 'FordGT90Concept' Glasser) C:\Users\Ondra\Desktop\Large Address Aware.exe
2015-12-10 20:24 - 2014-10-10 16:50 - 00000000 ____D C:\Users\Ondra\Desktop\Guru3D.com
2015-12-10 20:23 - 2015-12-10 20:23 - 00228175 _____ C:\Users\Ondra\Downloads\NV-Inspector-[Guru3D.com].rar
2015-12-10 20:23 - 2015-12-10 20:23 - 00001151 _____ C:\Users\Public\Desktop\Mass Effect.lnk
2015-12-10 20:23 - 2015-12-10 20:23 - 00000000 ____D C:\Users\Ondra\AppData\Local\Disc_Soft_Ltd
2015-12-10 20:23 - 2015-12-10 20:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Repacky od tomi2k9
2015-12-10 20:08 - 2015-12-10 20:23 - 00000000 ____D C:\Program Files (x86)\Mass Effect
2015-12-10 20:02 - 2015-12-11 16:08 - 00000866 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-12-10 20:02 - 2015-12-10 20:02 - 00002790 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-12-10 20:02 - 2015-12-10 20:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-12-10 20:02 - 2015-12-10 20:02 - 00000000 ____D C:\Program Files\CCleaner
2015-12-10 20:01 - 2015-12-10 20:02 - 06801752 _____ (Piriform Ltd) C:\Users\Ondra\Downloads\ccsetup512.exe
2015-12-10 20:00 - 2015-12-10 20:00 - 00758396 _____ C:\Users\Ondra\Desktop\Untitled-1.pdf
2015-12-10 18:48 - 2015-12-10 18:48 - 00003502 _____ C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-Ondra-PC-Ondra
2015-12-10 18:48 - 2015-12-10 18:48 - 00000000 ____D C:\Users\Ondra\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2015-12-10 18:47 - 2015-12-10 18:48 - 00001524 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator CS6 (64 Bit).lnk
2015-12-10 18:47 - 2015-12-10 18:47 - 00001530 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk
2015-12-10 18:47 - 2015-12-10 18:47 - 00001518 _____ C:\Users\Public\Desktop\Adobe Application Manager.lnk
2015-12-10 18:47 - 2015-12-10 18:47 - 00000997 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
2015-12-10 18:47 - 2015-12-10 18:47 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2015-12-10 18:47 - 2015-12-10 18:47 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2015-12-10 18:47 - 2015-12-10 18:47 - 00000000 ____D C:\ProgramData\ALM
2015-12-09 20:27 - 2015-12-10 20:24 - 00000000 ____D C:\Users\Ondra\Documents\BioWare
2015-12-09 19:18 - 2015-12-09 19:18 - 00000000 ____D C:\Users\Ondra\AppData\LocalLow\E_Line Media
2015-12-09 19:05 - 2015-12-09 19:06 - 00000035 _____ C:\Users\Ondra\Desktop\pb.txt
2015-12-09 17:16 - 2015-12-07 00:24 - 00000000 ____D C:\Users\Ondra\Desktop\BESTOF2015

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-08 10:06 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2016-01-08 10:03 - 2015-10-16 18:26 - 00000000 ____D C:\Users\Ondra\AppData\Local\Adobe
2016-01-08 10:02 - 2009-07-14 05:45 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-01-08 10:02 - 2009-07-14 05:45 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-01-08 10:01 - 2009-07-14 16:18 - 00668866 _____ C:\Windows\system32\perfh005.dat
2016-01-08 10:01 - 2009-07-14 16:18 - 00141526 _____ C:\Windows\system32\perfc005.dat
2016-01-08 10:01 - 2009-07-14 06:13 - 01584554 _____ C:\Windows\system32\PerfStringBackup.INI
2016-01-08 10:01 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-01-08 09:55 - 2015-11-27 00:47 - 00000000 ____D C:\Windows\Minidump
2016-01-08 09:55 - 2015-10-20 21:51 - 00000000 ____D C:\Users\Ondra\AppData\Roaming\DAEMON Tools Lite
2016-01-08 09:55 - 2015-10-19 00:01 - 00000000 ____D C:\Program Files\PDFCreator
2016-01-08 09:55 - 2015-09-06 15:14 - 00000000 ____D C:\Windows\Panther
2016-01-08 09:54 - 2015-10-22 10:42 - 00000487 _____ C:\Users\Ondra\rgmnr
2016-01-08 09:53 - 2015-11-18 18:24 - 00000000 ____D C:\ProgramData\Origin
2016-01-08 09:53 - 2015-10-19 18:23 - 00000000 ____D C:\Users\Ondra\AppData\Roaming\Skype
2016-01-08 09:53 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-08 09:53 - 2009-01-02 20:50 - 00000000 ____D C:\ProgramData\NVIDIA
2016-01-08 00:22 - 2015-11-02 23:26 - 00000000 ____D C:\Users\Ondra\AppData\Roaming\vlc
2016-01-08 00:22 - 2015-10-17 00:02 - 00000000 ____D C:\Users\Ondra\AppData\Roaming\uTorrent
2016-01-07 23:33 - 2015-11-25 13:26 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-01-07 21:09 - 2015-11-18 18:23 - 00000000 ____D C:\Program Files (x86)\Origin
2016-01-07 20:42 - 2009-01-02 14:52 - 00000000 ____D C:\Windows\SysWOW64\directx
2016-01-07 19:43 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-01-07 17:40 - 2009-01-02 15:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-07 10:37 - 2015-10-18 21:48 - 00000000 ____D C:\Users\Ondra\AppData\Local\cache
2016-01-07 10:11 - 2015-10-16 14:04 - 00000000 ____D C:\WarThunder
2016-01-07 09:24 - 2015-10-16 14:11 - 00000000 ____D C:\Windows\SysWOW64\.launcher_log
2016-01-06 19:13 - 2009-01-02 21:35 - 00000500 _____ C:\Windows\SysWOW64\Drivers\iczgzv_568.set
2016-01-06 19:13 - 2009-01-02 21:35 - 00000500 _____ C:\Windows\SysWOW64\Drivers\deqordi254.dat
2016-01-06 19:13 - 2009-01-02 21:35 - 00000500 _____ C:\Windows\d_kenkpm223.ini
2015-12-29 11:33 - 2015-11-25 13:26 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-12-29 11:33 - 2015-11-25 13:26 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-29 11:33 - 2015-11-25 13:26 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-12-24 19:29 - 2009-01-02 14:38 - 00000000 ____D C:\Users\Ondra\AppData\Local\SKIDROW
2015-12-23 08:44 - 2015-10-20 11:40 - 00000000 ____D C:\Users\Ondra\Desktop\kovalcik
2015-12-22 10:00 - 2015-10-16 18:17 - 00000000 ____D C:\Users\Ondra\Desktop\interier
2015-12-21 12:41 - 2015-11-01 21:48 - 00000000 ____D C:\instalace
2015-12-20 20:27 - 2015-11-04 22:35 - 00001357 _____ C:\Users\Ondra\Desktop\drt – zástupce.lnk
2015-12-20 20:14 - 2015-10-19 18:23 - 00002731 _____ C:\Users\Public\Desktop\Skype.lnk
2015-12-20 20:14 - 2015-10-19 18:23 - 00000000 ____D C:\Users\Ondra\AppData\Local\Skype
2015-12-20 20:14 - 2015-10-19 18:23 - 00000000 ____D C:\ProgramData\Skype
2015-12-15 19:01 - 2015-11-12 15:17 - 00000000 ____D C:\Users\Ondra\Desktop\trznice
2015-12-15 11:14 - 2015-11-26 21:35 - 00000000 ____D C:\Users\Ondra\Desktop\modelar
2015-12-14 20:25 - 2015-09-06 14:33 - 00000000 ____D C:\Users\Ondra\AppData\Roaming\Adobe
2015-12-14 17:44 - 2015-11-25 11:25 - 00348360 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2015-12-14 17:44 - 2015-11-25 04:57 - 00348360 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2015-12-14 17:44 - 2015-11-25 04:57 - 00280904 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2015-12-11 11:09 - 2015-10-16 18:26 - 00000000 ____D C:\ProgramData\Adobe
2015-12-10 18:47 - 2015-10-16 18:32 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2015-12-10 18:47 - 2015-10-16 18:32 - 00000000 ____D C:\Program Files\Adobe
2015-12-10 18:47 - 2015-10-16 18:31 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-12-10 18:47 - 2015-10-16 18:30 - 00000000 ____D C:\Program Files\Common Files\Adobe
2015-12-09 18:37 - 2015-12-08 22:39 - 00000000 ____D C:\Users\Ondra\Desktop\ikea

==================== Files in the root of some directories =======

2015-11-24 22:18 - 2015-11-26 16:34 - 0000132 _____ () C:\Users\Ondra\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2016-01-07 21:11 - 2016-01-07 21:11 - 0128197 _____ () C:\Users\Ondra\AppData\Roaming\cpu.exe
2016-01-07 21:11 - 2016-01-07 21:11 - 0137728 _____ () C:\Users\Ondra\AppData\Roaming\gpu.exe
2015-10-18 20:51 - 2015-10-18 20:51 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-01-06 17:34

==================== End of FRST.txt ============================

[altrok]

Prijemny podvecer Vam preju


Je tento OS legalni? Opravdu neni bezne, ze by si bezny domaci uzivatel kupoval nejvyssi licenci, ktera zacina na 5.000 Kc s funkcemi, ktere nevyuzije, misto obycejne licence Home Premium, ktera stoji polovic

[ondrejs]

Chápu, mám ho z aukra, vyřazený kus údajně z projekční kanceláře.

Přikládám foto štítku:

http://s10.postimg.org/6m18n7rl5/Ult_stitek.jpg

[altrok]

V poradku. V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).

• Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
• ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
• znovu spustte FRST a kliknete na Fix
• po restartu bude na plose ulozen fixlog, jehoz obsah vlozte do pristi odpovedi

  Kód: Vybrat vše

  Start
  CreateRestorePoint:
  CloseProcesses:
  Folder: C:\Users\Ondra\rgmnr
  File: C:\Windows\SysWOW64\Drivers\iczgzv_568.set
  File: C:\Windows\SysWOW64\Drivers\deqordi254.dat
  File: C:\Windows\d_kenkpm223.ini
  File: C:\Users\Ondra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\win32cldefender.exe
  File: C:\Users\Ondra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\googlecpupdate.exe
  HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2655520 2015-10-12] (NVIDIA Corporation)
  HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
  HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
  HKLM-x32\...\Run: [] => [X]
  HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499920 2014-09-12] (Adobe Systems Inc.)
  HKLM-x32\...\Run: [MSStp] => C:\Windows\SysWOW64\msstp.vbe [1419 2014-01-19] ()
  C:\Windows\SysWOW64\msstp.vbe
  C:\Windows\SysWOW64\msstp.inf
  C:\Windows\inf\mncwrgtp.vbe
  C:\Windows\inf\mncwrgtp.inf
  HKLM-x32\...\Run: [mncwrgtpSrv] => C:\Windows\inf\mncwrgtp.vbe
  HKU\S-1-5-21-180312543-2219060438-160504956-1000\...\Run: [AdobeBridge] => [X]
  HKU\S-1-5-21-180312543-2219060438-160504956-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
  HKU\S-1-5-21-180312543-2219060438-160504956-1000\...\Policies\Explorer: []
  HKU\S-1-5-21-180312543-2219060438-160504956-1000\...\MountPoints2: {00a56747-9e67-11e5-a39d-c860009b5672} - G:\setup.exe
  HKU\S-1-5-21-180312543-2219060438-160504956-1000\...\MountPoints2: {60ef33a9-783c-11e5-a1eb-c860009b5672} - G:\INSTALL.EXE
  HKU\S-1-5-21-180312543-2219060438-160504956-1000\...\MountPoints2: {e86c5651-7638-11e5-a315-c860009b5672} - I:\LFS_06G_S2_JimbusEd_setup.exe
  Startup: C:\Users\Ondra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\win32cldefender.exe [2016-01-07] ()
  Startup: C:\Users\Ondra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\googlecpupdate.exe [2016-01-07] ()
  FF NetworkProxy: "type", 0
  R4 IOMap; \??\C:\Windows\system32\drivers\IOMap64.sys [X]
  R3 WinRing0_1_2_0; \??\C:\Users\Ondra\AppData\Local\Temp\tmp8BE9.tmp [X]
  2016-01-07 21:11 - 2016-01-07 21:11 - 00137728 _____ C:\Users\Ondra\AppData\Roaming\gpu.exe
  2016-01-07 21:11 - 2016-01-07 21:11 - 00128197 _____ C:\Users\Ondra\AppData\Roaming\cpu.exe
  Task: {1B3D5E9B-A08E-41F1-BDE3-32EFCEC5A249} - System32\Tasks\{3441ED3D-3382-4F13-A32F-F0F3C4D9783D} => pcalua.exe -a C:\Users\Ondra\Downloads\dotNetFx45_Full_setup.exe -d C:\Users\Ondra\Downloads
  Task: {89305C92-E1E5-4E0C-947C-5EE6815F2E1C} - System32\Tasks\{92018AB5-B0AE-4C8E-AD3C-1B7C2974767F} => pcalua.exe -a C:\Users\Ondra\Downloads\dotNetFx40_Full_setup.exe -d C:\Users\Ondra\Downloads
  Hosts:
  EmptyTemp:
  End

[ondrejs]

Fix result of Farbar Recovery Scan Tool (x64) Version:07-01-2015
Ran by Ondra (2016-01-14 14:03:01) Run:1
Running from C:\Users\Ondra\Desktop
Loaded Profiles: Ondra (Available Profiles: Ondra)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
Folder: C:\Users\Ondra\rgmnr
File: C:\Windows\SysWOW64\Drivers\iczgzv_568.set
File: C:\Windows\SysWOW64\Drivers\deqordi254.dat
File: C:\Windows\d_kenkpm223.ini
File: C:\Users\Ondra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\win32cldefender.exe
File: C:\Users\Ondra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\googlecpupdate.exe
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2655520 2015-10-12] (NVIDIA Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499920 2014-09-12] (Adobe Systems Inc.)
HKLM-x32\...\Run: [MSStp] => C:\Windows\SysWOW64\msstp.vbe [1419 2014-01-19] ()
C:\Windows\SysWOW64\msstp.vbe
C:\Windows\SysWOW64\msstp.inf
C:\Windows\inf\mncwrgtp.vbe
C:\Windows\inf\mncwrgtp.inf
HKLM-x32\...\Run: [mncwrgtpSrv] => C:\Windows\inf\mncwrgtp.vbe
HKU\S-1-5-21-180312543-2219060438-160504956-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-180312543-2219060438-160504956-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-180312543-2219060438-160504956-1000\...\Policies\Explorer: []
HKU\S-1-5-21-180312543-2219060438-160504956-1000\...\MountPoints2: {00a56747-9e67-11e5-a39d-c860009b5672} - G:\setup.exe
HKU\S-1-5-21-180312543-2219060438-160504956-1000\...\MountPoints2: {60ef33a9-783c-11e5-a1eb-c860009b5672} - G:\INSTALL.EXE
HKU\S-1-5-21-180312543-2219060438-160504956-1000\...\MountPoints2: {e86c5651-7638-11e5-a315-c860009b5672} - I:\LFS_06G_S2_JimbusEd_setup.exe
Startup: C:\Users\Ondra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\win32cldefender.exe [2016-01-07] ()
Startup: C:\Users\Ondra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\googlecpupdate.exe [2016-01-07] ()
FF NetworkProxy: "type", 0
R4 IOMap; \??\C:\Windows\system32\drivers\IOMap64.sys [X]
R3 WinRing0_1_2_0; \??\C:\Users\Ondra\AppData\Local\Temp\tmp8BE9.tmp [X]
2016-01-07 21:11 - 2016-01-07 21:11 - 00137728 _____ C:\Users\Ondra\AppData\Roaming\gpu.exe
2016-01-07 21:11 - 2016-01-07 21:11 - 00128197 _____ C:\Users\Ondra\AppData\Roaming\cpu.exe
Task: {1B3D5E9B-A08E-41F1-BDE3-32EFCEC5A249} - System32\Tasks\{3441ED3D-3382-4F13-A32F-F0F3C4D9783D} => pcalua.exe -a C:\Users\Ondra\Downloads\dotNetFx45_Full_setup.exe -d C:\Users\Ondra\Downloads
Task: {89305C92-E1E5-4E0C-947C-5EE6815F2E1C} - System32\Tasks\{92018AB5-B0AE-4C8E-AD3C-1B7C2974767F} => pcalua.exe -a C:\Users\Ondra\Downloads\dotNetFx40_Full_setup.exe -d C:\Users\Ondra\Downloads
Hosts:
EmptyTemp:
End
*****************

Restore point was successfully created.
Processes closed successfully.

========================= Folder: C:\Users\Ondra\rgmnr ========================

C:\Users\Ondra\rgmnr => File

====== End of Folder: ======


========================= File: C:\Windows\SysWOW64\Drivers\iczgzv_568.set ========================

File not signed
MD5: 245FF03F090641C6E2EF5551A57A9196
Creation and modification date: 2009-01-02 21:35 - 2016-01-06 19:13
Size: 0000500
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:

====== End of File: ======


========================= File: C:\Windows\SysWOW64\Drivers\deqordi254.dat ========================

File not signed
MD5: 23BC4E8ED1DB581D62D1309F040FF04E
Creation and modification date: 2009-01-02 21:35 - 2016-01-06 19:13
Size: 0000500
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:

====== End of File: ======


========================= File: C:\Windows\d_kenkpm223.ini ========================

File not signed
MD5: D5A3551DCB133F3E43D183E2239D3D86
Creation and modification date: 2009-01-02 21:35 - 2016-01-06 19:13
Size: 0000500
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:

====== End of File: ======


========================= File: C:\Users\Ondra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\win32cldefender.exe ========================

File not signed
MD5: B98F179AA7A177333AC1DB04DA0A0FD4
Creation and modification date: 2016-01-07 21:11 - 2016-01-07 21:11
Size: 0137728
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:

====== End of File: ======


========================= File: C:\Users\Ondra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\googlecpupdate.exe ========================

File not signed
MD5: 8BC9A9D9D004CE87DB69B5852D5DFBD8
Creation and modification date: 2016-01-07 21:11 - 2016-01-07 21:11
Size: 0128197
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:

====== End of File: ======

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\NvBackend => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SwitchBoard => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\AdobeCS6ServiceManager => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Acrobat Assistant 8.0 => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\MSStp => value removed successfully
C:\Windows\SysWOW64\msstp.vbe => moved successfully
"C:\Windows\SysWOW64\msstp.inf" => not found.
C:\Windows\inf\mncwrgtp.vbe => moved successfully
"C:\Windows\inf\mncwrgtp.inf" => not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\mncwrgtpSrv => value removed successfully
HKU\S-1-5-21-180312543-2219060438-160504956-1000\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value removed successfully
HKU\S-1-5-21-180312543-2219060438-160504956-1000\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite Automount => value removed successfully
HKU\S-1-5-21-180312543-2219060438-160504956-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\ => value removed successfully
"HKU\S-1-5-21-180312543-2219060438-160504956-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{00a56747-9e67-11e5-a39d-c860009b5672}" => key removed successfully
HKCR\CLSID\{00a56747-9e67-11e5-a39d-c860009b5672} => key not found.
"HKU\S-1-5-21-180312543-2219060438-160504956-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{60ef33a9-783c-11e5-a1eb-c860009b5672}" => key removed successfully
HKCR\CLSID\{60ef33a9-783c-11e5-a1eb-c860009b5672} => key not found.
"HKU\S-1-5-21-180312543-2219060438-160504956-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e86c5651-7638-11e5-a315-c860009b5672}" => key removed successfully
HKCR\CLSID\{e86c5651-7638-11e5-a315-c860009b5672} => key not found.
C:\Users\Ondra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\win32cldefender.exe => moved successfully
C:\Users\Ondra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\googlecpupdate.exe => moved successfully
Firefox Proxy settings were reset.
IOMap => Service stopped successfully.
IOMap => service removed successfully
WinRing0_1_2_0 => service removed successfully
C:\Users\Ondra\AppData\Roaming\gpu.exe => moved successfully
C:\Users\Ondra\AppData\Roaming\cpu.exe => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1B3D5E9B-A08E-41F1-BDE3-32EFCEC5A249}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1B3D5E9B-A08E-41F1-BDE3-32EFCEC5A249}" => key removed successfully
C:\Windows\System32\Tasks\{3441ED3D-3382-4F13-A32F-F0F3C4D9783D} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{3441ED3D-3382-4F13-A32F-F0F3C4D9783D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{89305C92-E1E5-4E0C-947C-5EE6815F2E1C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{89305C92-E1E5-4E0C-947C-5EE6815F2E1C}" => key removed successfully
C:\Windows\System32\Tasks\{92018AB5-B0AE-4C8E-AD3C-1B7C2974767F} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{92018AB5-B0AE-4C8E-AD3C-1B7C2974767F}" => key removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 163.4 MB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 14:03:12 ====

[altrok]

Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )

• ukoncete vsechny programy
• kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
• kliknete na Scan, pote na Cleaning
• po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner[Cx].txt), jehoz obsah mi zkopirujte do pristi odpovedi

[ondrejs]

# AdwCleaner v5.029 - Logfile created 14/01/2016 at 22:08:40
# Updated 11/01/2016 by Xplode
# Database : 2016-01-12.1 [Server]
# Operating system : Windows 7 Ultimate (x64)
# Username : Ondra - ONDRA-PC
# Running from : C:\Users\Ondra\Desktop\adwcleaner_5.029.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****


***** [ Files ] *****

[-] File Deleted : C:\Users\Ondra\AppData\Roaming\Mozilla\Firefox\Profiles\k72m93dr.default\user.js

***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****


***** [ Web browsers ] *****

[-] [C:\Users\Ondra\AppData\Roaming\Mozilla\Firefox\Profiles\k72m93dr.default\prefs.js] [Preference] Deleted : user_pref("browser.safebrowsing.appRepURL", "hxxps://sb-ssl.google.com/safebrowsing/clientreport/download?key=%GOOGLE_API_KEY%");
[-] [C:\Users\Ondra\AppData\Roaming\Mozilla\Firefox\Profiles\k72m93dr.default\prefs.js] [Preference] Deleted : user_pref("urlclassifier.keyupdatetime.hxxps://sb-ssl.google.com/safebrowsing/newkey", 1447592634);

*************************

:: "Tracing" keys removed
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1217 bytes] ##########

[altrok]

Jak se chova PC?


Dejte logy FRST.txt a Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101
Pozn. pri druhem a dalsim spusteni FRST je pro vytvoreni logu Addition.txt nutne tuto volbu explicitne zatrhnout pred zacatkem skenu.

[ondrejs]

Děkuju, PC už po prvním zásahu fixlistu jede zdá se v pořádku.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-01-2015
Ran by Ondra (administrator) on ONDRA-PC (15-01-2016 14:38:27)
Running from C:\Users\Ondra\Desktop
Loaded Profiles: Ondra (Available Profiles: Ondra)
Platform: Windows 7 Ultimate (X64) Language: Čeština (Česká republika)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
() C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzUpdt.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\PowerControlHelp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
(Samsung Electronics.) C:\Program Files (x86)\Samsung Magician\Samsung Magician.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
() C:\Windows\SysWOW64\ASGT.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.05\AsusFanControlService.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Robert McNeel & Associates) C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetSvcHelp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetiCtrlTray.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-20] (Intel Corporation)
HKU\S-1-5-21-180312543-2219060438-160504956-1000\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
HKU\S-1-5-21-180312543-2219060438-160504956-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3639280 2016-01-07] (Electronic Arts)
HKU\S-1-5-21-180312543-2219060438-160504956-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8591272 2015-11-16] (Piriform Ltd)
HKU\S-1-5-21-180312543-2219060438-160504956-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50378880 2015-12-17] (Skype Technologies S.A.)
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2013-02-08] (Autodesk, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Network Server.lnk [2015-11-01]
ShortcutTarget: Network Server.lnk -> C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe (WIBU-SYSTEMS AG)
Startup: C:\Users\Ondra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk [2015-09-06]
ShortcutTarget: Samsung Magician.lnk -> C:\Program Files (x86)\Samsung Magician\Samsung Magician.exe (Samsung Electronics.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{50B26C46-B851-439F-BB22-4C9CE25A3C8F}: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{D5199E61-C6AB-44C3-88E7-B3835FC508F7}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKU\S-1-5-21-180312543-2219060438-160504956-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-180312543-2219060438-160504956-1000 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-09-12] (Adobe Systems Incorporated)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-14] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-14] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-14] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-14] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Ondra\AppData\Roaming\Mozilla\Firefox\Profiles\k72m93dr.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll [2015-12-29] ()
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll [2015-12-29] ()
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-07-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-07-23] (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2014-09-12] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems)
FF Extension: Adblock Plus - C:\Users\Ondra\AppData\Roaming\Mozilla\Firefox\Profiles\k72m93dr.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-12-15]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2015-10-18] [not signed]

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-09-12]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2015-09-06] ()
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [File not signed]
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2015-09-06] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2015-09-06] (ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.02.05\AsusFanControlService.exe [2005504 2015-09-06] (ASUSTeK Computer Inc.) [File not signed]
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.) [File not signed]
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156384 2015-10-12] (NVIDIA Corporation)
S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160768 2011-05-27] (Intel Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 McNeelUpdate; C:\Program Files (x86)\McNeelUpdate\5.0\McNeelUpdateService.exe [67224 2014-06-09] (Robert McNeel & Associates)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1873696 2015-10-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568288 2015-10-12] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2016-01-07] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-11-25] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-23] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2012-09-14] ()
R3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2015-10-20] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20768 2015-10-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
R2 WIBUKEY; C:\Windows\System32\DRIVERS\WibuKey64.sys [97792 2011-09-22] (WIBU-SYSTEMS AG)
R4 IOMap; \??\C:\Windows\system32\drivers\IOMap64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-14 22:01 - 2016-01-14 22:01 - 01754112 _____ C:\Users\Ondra\Desktop\adwcleaner_5.029.exe
2016-01-14 15:08 - 2016-01-14 15:08 - 05066104 _____ (AVAST Software) C:\Users\Public\Desktop\avast_free_antivirus_setup_online.exe
2016-01-14 15:08 - 2016-01-14 15:08 - 05066104 _____ (AVAST Software) C:\Users\Ondra\Downloads\avast_free_antivirus_setup_online.exe
2016-01-14 15:08 - 2016-01-14 15:08 - 00000000 ____D C:\ProgramData\AVAST Software
2016-01-14 14:03 - 2016-01-14 14:03 - 00009714 _____ C:\Users\Ondra\Desktop\Fixlog.txt
2016-01-12 10:42 - 2016-01-12 10:42 - 704816824 _____ C:\Windows\MEMORY.DMP
2016-01-12 10:42 - 2016-01-12 10:42 - 01332056 _____ C:\Windows\Minidump\011216-9375-01.dmp
2016-01-08 10:26 - 2016-01-14 22:08 - 00000000 ____D C:\AdwCleaner
2016-01-08 10:21 - 2016-01-08 10:21 - 00011691 _____ C:\Users\Ondra\Desktop\Addition.rar
2016-01-08 10:10 - 2016-01-08 10:11 - 00041670 _____ C:\Users\Ondra\Desktop\Addition.txt
2016-01-08 10:06 - 2016-01-15 14:38 - 00015593 _____ C:\Users\Ondra\Desktop\FRST.txt
2016-01-08 10:06 - 2016-01-15 14:38 - 00000000 ____D C:\FRST
2016-01-08 10:03 - 2016-01-08 10:03 - 02370560 _____ (Farbar) C:\Users\Ondra\Desktop\FRST64.exe
2016-01-07 21:16 - 2016-01-07 21:17 - 04499821 _____ C:\Users\Ondra\Downloads\Need-for-Speed-Most-Wanted-CRACK-2012.rar
2016-01-07 21:14 - 2016-01-07 21:14 - 00430291 _____ C:\Users\Ondra\Downloads\Need-For-Speed-Most-Wanted-2012-Crack.zip
2016-01-07 21:12 - 2016-01-07 21:14 - 16668624 _____ C:\Users\Ondra\Downloads\NFS-Most-Wanted-Crack+Key+Čeština+Patch.zip
2016-01-07 21:10 - 2016-01-07 21:11 - 00156504 _____ C:\Users\Ondra\Downloads\NFS-Most-Wanted-Crack.zip
2016-01-07 21:01 - 2016-01-07 21:01 - 00000000 ____D C:\Program Files (x86)\Origin Games
2016-01-07 20:49 - 2016-01-07 20:49 - 00000000 ____D C:\Users\Ondra\AppData\Local\ElevatedDiagnostics
2016-01-07 20:43 - 2016-01-07 20:43 - 00000000 ____D C:\Users\Ondra\Documents\Criterion Games
2016-01-07 20:37 - 2016-01-14 19:12 - 00000000 ____D C:\Users\Ondra\Downloads\Need.for.Speed.Shift.2.Unleashed-RELOADED
2016-01-07 20:14 - 2016-01-07 20:14 - 00000000 ____D C:\Users\Ondra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Live for Speed
2016-01-07 20:13 - 2016-01-07 20:20 - 00000000 ____D C:\Program Files (x86)\Live for Speed
2016-01-07 19:43 - 2016-01-07 19:43 - 00001586 _____ C:\Users\Public\Desktop\FlatOut.lnk
2016-01-07 19:43 - 2016-01-07 19:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2016-01-07 19:42 - 2016-01-07 19:42 - 00000000 ____D C:\GOG Games
2016-01-07 18:22 - 2016-01-07 18:35 - 428818912 _____ (Live for Speed) C:\Users\Ondra\Downloads\LFS_S3_6K_setup.exe
2016-01-07 17:50 - 2016-01-07 18:58 - 1197480957 _____ C:\Users\Ondra\Downloads\Flatout-EN+CZ_for_Windows_XP-Vista-7-8_and_later.rar
2016-01-07 17:31 - 2016-01-14 18:45 - 1688907776 _____ C:\Users\Ondra\Downloads\sr-mafia2.iso
2016-01-07 17:20 - 2016-01-07 17:20 - 00000000 ____D C:\Program Files (x86)\CtrlAlt
2016-01-07 10:44 - 2016-01-07 17:25 - 00058108 _____ C:\Users\Ondra\Desktop\heidrich_interier.dwg
2016-01-07 10:44 - 2016-01-07 17:25 - 00047650 _____ C:\Users\Ondra\Desktop\heidrich_interier.bak
2016-01-05 23:16 - 2016-01-06 00:26 - 02962461 _____ C:\Users\Ondra\Desktop\mamka2.3dm
2016-01-05 23:16 - 2016-01-06 00:02 - 02081192 _____ C:\Users\Ondra\Desktop\mamka2.3dmbak
2016-01-05 23:08 - 2016-01-05 23:08 - 04077506 _____ C:\Users\Ondra\Downloads\Untitled.3dm
2016-01-05 18:17 - 2016-01-05 19:42 - 00000000 ____D C:\Users\Ondra\Desktop\fuji x100
2016-01-05 16:53 - 2016-01-05 16:53 - 00000000 ____D C:\Users\Ondra\AppData\Local\Logitech
2016-01-05 16:50 - 2016-01-05 16:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2016-01-05 16:50 - 2016-01-05 16:50 - 00000000 ____D C:\Program Files\Logitech
2016-01-05 16:50 - 2016-01-05 16:50 - 00000000 ____D C:\Program Files\Common Files\Logitech
2016-01-05 16:48 - 2016-01-05 16:50 - 17276616 _____ (Logitech ) C:\Users\Ondra\Downloads\lgs510_x64.exe
2016-01-05 16:27 - 2009-12-16 13:10 - 00063488 _____ C:\Users\Ondra\Desktop\Transfer.xls
2016-01-05 16:27 - 2009-12-16 12:51 - 00029447 _____ C:\Users\Ondra\Desktop\Transfer.xlsm
2016-01-05 16:26 - 2016-01-05 16:26 - 00050317 _____ C:\Users\Ondra\Downloads\Transfer.zip
2015-12-29 11:54 - 2015-12-29 17:24 - 00109568 _____ C:\Users\Ondra\Desktop\mamka_16.dwg
2015-12-29 11:52 - 2016-01-07 17:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-12-29 11:44 - 2015-12-29 11:44 - 00169584 _____ C:\Users\Ondra\Downloads\mamka(1).dwg
2015-12-29 11:44 - 2015-12-29 11:44 - 00090938 _____ C:\Users\Ondra\Downloads\pud 07.dwg
2015-12-24 23:16 - 2015-12-24 23:16 - 00000879 _____ C:\Users\Ondra\Desktop\DiRT Rally.lnk
2015-12-24 23:16 - 2015-12-24 23:16 - 00000000 ____D C:\Users\Ondra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Black_Box
2015-12-24 20:45 - 2015-12-24 23:16 - 00000000 ____D C:\Program Files (x86)\DiRT Rally
2015-12-24 19:29 - 2015-12-24 19:29 - 00002348 _____ C:\Users\Ondra\Desktop\Next Car Game.lnk
2015-12-24 19:28 - 2015-12-24 19:28 - 00000000 ____D C:\Program Files (x86)\Bugbear Entertainment
2015-12-22 21:22 - 2015-12-22 21:22 - 00000034 _____ C:\Users\Ondra\Desktop\paczkomat.txt
2015-12-22 14:08 - 2015-12-22 14:08 - 00184332 _____ C:\Users\Ondra\Downloads\911519_Reko_chaty_poptávka.xlsx
2015-12-22 14:08 - 2015-12-22 14:08 - 00183009 _____ C:\Users\Ondra\Downloads\911519_Reko_chaty_rozpočet.xlsx
2015-12-22 14:03 - 2015-12-22 14:03 - 00034474 _____ C:\Users\Ondra\Downloads\Chata_č.p._197(1).xlsx
2015-12-22 13:52 - 2015-12-22 13:52 - 00030932 _____ C:\Users\Ondra\Downloads\rozpočet.xlsx
2015-12-22 12:15 - 2015-12-22 12:15 - 00000193 ____H C:\Users\Ondra\Downloads\faj_C20150901(1).dwl2
2015-12-22 12:15 - 2015-12-22 12:15 - 00000043 ____H C:\Users\Ondra\Downloads\faj_C20150901(1).dwl
2015-12-22 10:30 - 2015-12-22 10:30 - 00226706 _____ C:\Users\Ondra\Downloads\kuncice_elektro2.dwg
2015-12-22 09:00 - 2015-12-22 13:44 - 00991341 _____ C:\Users\Ondra\Desktop\kuncice_2015_12_16.dwg
2015-12-22 09:00 - 2015-12-22 12:51 - 01081997 _____ C:\Users\Ondra\Desktop\kuncice_2015_12_16.bak
2015-12-22 08:49 - 2015-12-22 09:43 - 00920307 _____ C:\Users\Ondra\Downloads\kuncice_2015_12_16.dwg
2015-12-22 08:49 - 2015-12-22 09:41 - 00729391 _____ C:\Users\Ondra\Downloads\kuncice_2015_12_16.bak
2015-12-22 08:49 - 2015-12-22 08:49 - 00034474 _____ C:\Users\Ondra\Downloads\Chata_č.p._197.xlsx
2015-12-21 15:12 - 2015-12-21 15:12 - 00000000 ____D C:\Users\Ondra\Downloads\Redist
2015-12-20 20:14 - 2015-12-20 20:14 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-12-20 20:14 - 2015-12-20 20:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-12-20 16:21 - 2015-12-20 17:11 - 00000000 ____D C:\foto
2015-12-17 07:31 - 2015-12-17 07:31 - 00100432 _____ C:\Users\Ondra\Desktop\Umístění HUP na pozemku - spěchá! _ Poradte.cz.pdf
2015-12-17 07:11 - 2015-12-17 07:11 - 00337430 _____ C:\Users\Ondra\Desktop\bazen_tisk.pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-15 14:37 - 2015-11-18 18:24 - 00000000 ____D C:\ProgramData\Origin
2016-01-15 14:35 - 2015-10-19 18:23 - 00000000 ____D C:\Users\Ondra\AppData\Roaming\Skype
2016-01-15 14:35 - 2015-10-16 18:26 - 00000000 ____D C:\Users\Ondra\AppData\Local\Adobe
2016-01-15 14:35 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-15 14:35 - 2009-01-02 20:50 - 00000000 ____D C:\ProgramData\NVIDIA
2016-01-14 23:33 - 2015-11-25 13:26 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-01-14 22:18 - 2009-07-14 16:18 - 00668866 _____ C:\Windows\system32\perfh005.dat
2016-01-14 22:18 - 2009-07-14 16:18 - 00141526 _____ C:\Windows\system32\perfc005.dat
2016-01-14 22:18 - 2009-07-14 06:13 - 01584554 _____ C:\Windows\system32\PerfStringBackup.INI
2016-01-14 22:18 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-01-14 22:16 - 2009-07-14 05:45 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-01-14 22:16 - 2009-07-14 05:45 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-01-14 22:03 - 2015-10-17 00:02 - 00000000 ____D C:\Users\Ondra\AppData\Roaming\uTorrent
2016-01-14 19:22 - 2015-10-16 14:04 - 00000000 ____D C:\WarThunder
2016-01-14 18:46 - 2015-10-21 09:31 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-01-14 13:53 - 2015-10-22 10:42 - 00000487 _____ C:\Users\Ondra\rgmnr
2016-01-13 23:01 - 2015-09-06 14:18 - 00000000 ____D C:\Users\Ondra
2016-01-12 10:42 - 2015-11-27 00:47 - 00000000 ____D C:\Windows\Minidump
2016-01-12 10:42 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2016-01-08 13:02 - 2015-11-02 23:26 - 00000000 ____D C:\Users\Ondra\AppData\Roaming\vlc
2016-01-08 09:55 - 2015-10-20 21:51 - 00000000 ____D C:\Users\Ondra\AppData\Roaming\DAEMON Tools Lite
2016-01-08 09:55 - 2015-10-19 00:01 - 00000000 ____D C:\Program Files\PDFCreator
2016-01-08 09:55 - 2015-09-06 15:14 - 00000000 ____D C:\Windows\Panther
2016-01-07 21:09 - 2015-11-18 18:23 - 00000000 ____D C:\Program Files (x86)\Origin
2016-01-07 20:42 - 2009-01-02 14:52 - 00000000 ____D C:\Windows\SysWOW64\directx
2016-01-07 19:43 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-01-07 17:40 - 2009-01-02 15:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-07 10:37 - 2015-10-18 21:48 - 00000000 ____D C:\Users\Ondra\AppData\Local\cache
2016-01-07 09:24 - 2015-10-16 14:11 - 00000000 ____D C:\Windows\SysWOW64\.launcher_log
2016-01-06 19:13 - 2009-01-02 21:35 - 00000500 _____ C:\Windows\SysWOW64\Drivers\iczgzv_568.set
2016-01-06 19:13 - 2009-01-02 21:35 - 00000500 _____ C:\Windows\SysWOW64\Drivers\deqordi254.dat
2016-01-06 19:13 - 2009-01-02 21:35 - 00000500 _____ C:\Windows\d_kenkpm223.ini
2016-01-05 18:17 - 2015-12-13 20:50 - 00000000 ____D C:\Users\Ondra\Desktop\fuji
2015-12-29 11:33 - 2015-11-25 13:26 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-12-29 11:33 - 2015-11-25 13:26 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-29 11:33 - 2015-11-25 13:26 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-12-24 19:29 - 2009-01-02 14:38 - 00000000 ____D C:\Users\Ondra\AppData\Local\SKIDROW
2015-12-23 08:44 - 2015-10-20 11:40 - 00000000 ____D C:\Users\Ondra\Desktop\kovalcik
2015-12-22 10:00 - 2015-10-16 18:17 - 00000000 ____D C:\Users\Ondra\Desktop\interier
2015-12-21 12:41 - 2015-11-01 21:48 - 00000000 ____D C:\instalace
2015-12-20 20:27 - 2015-11-04 22:35 - 00001357 _____ C:\Users\Ondra\Desktop\drt – zástupce.lnk
2015-12-20 20:14 - 2015-10-19 18:23 - 00002731 _____ C:\Users\Public\Desktop\Skype.lnk
2015-12-20 20:14 - 2015-10-19 18:23 - 00000000 ____D C:\Users\Ondra\AppData\Local\Skype
2015-12-20 20:14 - 2015-10-19 18:23 - 00000000 ____D C:\ProgramData\Skype

==================== Files in the root of some directories =======

2015-11-24 22:18 - 2015-11-26 16:34 - 0000132 _____ () C:\Users\Ondra\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2015-10-18 20:51 - 2015-10-18 20:51 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

Some files in TEMP:
====================
C:\Users\Ondra\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-01-13 22:35

==================== End of FRST.txt ============================

[altrok]

Nainstalujte nejaky antivir, protoze Defender na Win7 plni pouze funkci antispywarovou.


V tomto logu malware nevidim, ale muzete tam jeste pustit sken od Malwarebytes. Nainstalujte MBAM a udelejte vlastni sken vsech disku - http://forum.viry.cz/viewtopic.php?f=29&t=144868

• Upozorneni: tento sken zabere od 30 minut po nekolik hodin.

[ondrejs]

Děkuji, prosím o uzamknutí.

Ještě jedno poděkovaní posílám na bankovní účet fóra.

O.

[altrok]

• Stahnete a spustte DelFix - https://toolslib.net/downloads/viewdownload/2-delfix/
• Oznacte jen moznost "Remove disinfection tools"
• kliknete na Run

Nezapomente doinstalovat Service Pack 1, IE11 a vsechny ostatni dulezite aktualizace a antivir. Vas pocitac je bez techto veci velice zranitelny.

Za prispevek na provoz fora Vam jmenem celeho tymu dekuji.


Mejte se krasne a treba zase nekdy