Prosím o kontrolu

[3rw0sh]

Dobrý večer, prosím o kontrolu logu. PC je poslední dobou pomalejší než dříve, ale vše funguje jak má.

Předem mnohkrát děkuji.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Jan at 2016-01-16 18:45:50
Microsoft Windows 8.1 Pro
System drive C: has 88 GB (44%) free of 200 GB
Total RAM: 6142 MB (66% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:45:57, on 16. 1. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe
C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
C:\Program Files\SpeedFan\speedfan.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe
C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
D:\Program Files\Steam\steam.exe
D:\Program Files\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Jan.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
O4 - HKLM\..\Run: [RIM PeerManager] "C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe"
O4 - HKLM\..\Run: [eperjavaapp] D:\Program Files (x86)\Fiat\ePER\j2sdk1.4.1 injavaw.exe
O4 - HKLM\..\Run: [Avira SystrayStartTrigger] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\Antivirus\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\Jan\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
O4 - Startup: Dropbox.lnk = Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~2\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\PROGRA~2\MICROS~1\Office15\ONBttnIE.dll/105
O9 - Extra button: Odeslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Avira Service Host (Avira.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
O23 - Service: BlackBerry Device Manager - BlackBerry Limited - C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EpsonBidirectionalService - SEIKO EPSON CORPORATION - C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: RIM MDNS - Apple Inc. - C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe
O23 - Service: BlackBerry Link Communication Manager (RIM Tunnel Service) - BlackBerry Limited - C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: wampapache64 - Apache Software Foundation - d:\wamp\bin\apache\apache2.4.9\bin\httpd.exe
O23 - Service: wampmysqld64 - Unknown owner - d:\wamp\bin\mysql\mysql5.6.17\bin\mysqld.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12348 bytes

======Listing Processes======





wininit.exe

C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\Antivirus\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe"
"C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe" -service
"C:\Program Files (x86)\Avira\Antivirus\avguard.exe"
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
"C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\TeamViewer\TeamViewer_Service.exe"
"C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe" service
"C:\Program Files (x86)\Avira\Antivirus\avshadow.exe" avshadowcontrol0_00000778
"C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\iPod\bin\iPodService.exe"
dashost.exe {bb14009e-fa1d-4166-9d7ca4eb597be2e1}
"C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding

C:\Windows\System32\WinLogon.exe -SpecialSession
-hiberboot
C:\Windows\system32\nvvsvc.exe -session
taskhostex.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\skydrive.exe -Embedding
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
"C:\Program Files\Logitech\Gaming Software\LWEMon.exe" /noui
"C:\Program Files\iTunes\iTunesHelper.exe"
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe"
"C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe"
"C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe"
"C:\Program Files (x86)\Avira\Antivirus\avgnt.exe" /min
"C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe" /connectToHost
"C:\Program Files\SpeedFan\speedfan.exe"
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe"
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe" -CtxID "#Hewlett-Packard#HP Deskjet F2100 series#1445427377" -Startup
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe" -Embedding
"C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe" -Embedding
"C:\Program Files (x86)\Common Files\Research In Motion\nginx\\nginx.exe" -c "C:\Users\Jan\AppData\Roaming\Research In Motion\BlackBerry 10 Desktop\RemoteAccess\nginx\conf\nginx.conf"
"C:\Program Files (x86)\Common Files\Research In Motion\nginx\\nginx.exe" -c "C:\Users\Jan\AppData\Roaming\Research In Motion\BlackBerry 10 Desktop\RemoteAccess\nginx\conf\nginx.conf"
\??\C:\Windows\system32\conhost.exe 0x4
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe"
"D:\Program Files\Steam\steam.exe" "steam://rungameid/256370"
"D:\Program Files\Steam\bin\steamwebhelper.exe" -cachedir="C:\Users\Jan\AppData\Local\Steam\htmlcache" -steampid=4388 -buildid=1451690000 -steamid="0" --disable-gpu-compositing --disable-gpu --process-per-tab --enable-system-flash --disable-spell-checking --enable-widevine-cdm --enable-direct-write
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="6512.0.1777390067\787661897" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,12,23,51,61 --gpu-vendor-id=0x10de --gpu-device-id=0x0615 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.4052 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/EnabledFull/*AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/14DaySingleProfile/*DomRel-Enable/enable/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/PP_Ethersuggest_A1_Stable_R8/PasswordBranding/Disabled/*PasswordGeneration/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterSbTypes/SafeBrowsingUpdateFrequency/Default/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="6512.2.124522209\1444207594" --font-cache-shared-handle=2116 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/EnabledFull/*AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/14DaySingleProfile/*DomRel-Enable/enable/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/PP_Ethersuggest_A1_Stable_R8/PasswordBranding/Disabled/*PasswordGeneration/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterSbTypes/SafeBrowsingUpdateFrequency/Default/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="6512.3.703576747\738510525" --font-cache-shared-handle=2292 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/EnabledFull/*AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/14DaySingleProfile/*DomRel-Enable/enable/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/PP_Ethersuggest_A1_Stable_R8/PasswordBranding/Disabled/*PasswordGeneration/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterSbTypes/SafeBrowsingUpdateFrequency/Default/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="6512.5.600334585\1817888616" --font-cache-shared-handle=3212 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/EnabledFull/*AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/14DaySingleProfile/*DomRel-Enable/enable/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/PP_Ethersuggest_A1_Stable_R8/PasswordBranding/Disabled/*PasswordGeneration/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterSbTypes/SafeBrowsingUpdateFrequency/Default/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="6512.6.1282313353\1411012555" --font-cache-shared-handle=5084 /prefetch:673131151
"C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=*AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/EnabledFull/*AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/14DaySingleProfile/*DomRel-Enable/enable/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/PP_Ethersuggest_A1_Stable_R8/PasswordBranding/Disabled/*PasswordGeneration/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterSbTypes/*SafeBrowsingUpdateFrequency/Default/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="6512.10.1012076695\975394047" --font-cache-shared-handle=5592 /prefetch:673131151
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe65_ Global\UsGthrCtrlFltPipeMssGthrPipe65 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=*AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/EnabledFull/*AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/14DaySingleProfile/*DomRel-Enable/enable/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/PP_Ethersuggest_A1_Stable_R8/PasswordBranding/Disabled/*PasswordGeneration/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterSbTypes/*SafeBrowsingUpdateFrequency/Default/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="6512.20.907537744\1199613002" --font-cache-shared-handle=2760 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=*AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/EnabledFull/*AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/14DaySingleProfile/*DomRel-Enable/enable/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/PP_Ethersuggest_A1_Stable_R8/PasswordBranding/Disabled/*PasswordGeneration/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterSbTypes/*SafeBrowsingUpdateFrequency/Default/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="6512.28.732910383\2108506592" --font-cache-shared-handle=8292 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=*AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/EnabledFull/*AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/14DaySingleProfile/*DomRel-Enable/enable/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/PP_Ethersuggest_A1_Stable_R8/PasswordBranding/Disabled/*PasswordGeneration/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterSbTypes/*SafeBrowsingUpdateFrequency/Default/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="6512.30.759239483\1604997426" --font-cache-shared-handle=7100 /prefetch:673131151
"C:\Windows\system32\SearchFilterHost.exe" 0 564 568 576 65536 572
"C:\Users\Jan\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-2636959574-2520008723-4284122047-1001Core.job - C:\Users\Jan\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-2636959574-2520008723-4284122047-1001UA.job - C:\Users\Jan\AppData\Local\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA1d04258481b17d7.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\q195qwao.default

prefs.js - "browser.startup.homepage" - "http://seznam.cz"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 20.0.0.267 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.40.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.40.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0]
"Description"=BlackBerry Web Software Loading Helper Plug-In for Mozilla browsers
"Path"=C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 20.0.0.267 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll


C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\q195qwao.default\extensions\
abs@avira.com

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-11-18 219304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL [2015-11-10 2339032]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-11-18 153768]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-09 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2015-11-10 1731800]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-09 172968]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Start WingMan Profiler"=C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2010-06-14 190536]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2015-12-17 170256]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Dropbox Update"=C:\Users\Jan\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17 134512]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"VirtualCloneDrive"=C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2013-03-10 88984]
"RIMBBLaunchAgent.exe"=C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [2014-10-31 443640]
"RIM PeerManager"=C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe [2015-05-26 4730616]
"eperjavaapp"=D:\Program Files (x86)\Fiat\ePER\j2sdk1.4.1 injavaw.exe []
"Avira SystrayStartTrigger"=C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [2015-12-08 66320]
"avgnt"=C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2015-12-15 803200]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13 1085656]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"PromptOnSecureDesktop"=0
"ConsentPromptBehaviorAdmin"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.yuy2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"vidc.yvyu"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"vidc.uyvy"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-01-16 18:45:50 ----D---- C:\rsit
2016-01-16 18:44:32 ----D---- C:\FRST
2016-01-13 12:36:07 ----A---- C:\Windows\system32\mshtml.dll
2016-01-13 12:36:07 ----A---- C:\Windows\system32\jscript9.dll
2016-01-13 12:36:05 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-01-13 12:36:04 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-01-13 12:36:03 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-01-13 12:36:02 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-01-13 12:36:02 ----A---- C:\Windows\system32\wininet.dll
2016-01-13 12:36:01 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-01-13 12:36:01 ----A---- C:\Windows\system32\vbscript.dll
2016-01-13 12:36:01 ----A---- C:\Windows\system32\urlmon.dll
2016-01-13 12:36:01 ----A---- C:\Windows\system32\mshtmled.dll
2016-01-13 12:36:01 ----A---- C:\Windows\system32\msfeeds.dll
2016-01-13 12:36:01 ----A---- C:\Windows\system32\inetcomm.dll
2016-01-13 12:36:01 ----A---- C:\Windows\system32\ieframe.dll
2016-01-13 12:36:00 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-01-13 12:36:00 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-01-13 12:36:00 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-01-13 12:36:00 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2016-01-13 12:36:00 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-01-13 12:36:00 ----A---- C:\Windows\system32\jscript.dll
2016-01-13 12:36:00 ----A---- C:\Windows\system32\ieapfltr.dll
2016-01-13 12:35:00 ----A---- C:\Windows\SYSWOW64\qedit.dll
2016-01-13 12:35:00 ----A---- C:\Windows\system32\qedit.dll
2016-01-13 12:34:59 ----A---- C:\Windows\SYSWOW64\msmpeg2adec.dll
2016-01-13 12:34:59 ----A---- C:\Windows\system32\WMVDECOD.DLL
2016-01-13 12:34:59 ----A---- C:\Windows\system32\msmpeg2adec.dll
2016-01-13 12:34:58 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL
2016-01-13 12:34:58 ----A---- C:\Windows\SYSWOW64\mfnetsrc.dll
2016-01-13 12:34:57 ----A---- C:\Windows\SYSWOW64\mfcore.dll
2016-01-13 12:34:57 ----A---- C:\Windows\system32\mfnetsrc.dll
2016-01-13 12:34:57 ----A---- C:\Windows\system32\mfcore.dll
2016-01-13 12:34:56 ----A---- C:\Windows\SYSWOW64\WMADMOD.DLL
2016-01-13 12:34:56 ----A---- C:\Windows\SYSWOW64\mfnetcore.dll
2016-01-13 12:34:56 ----A---- C:\Windows\system32\WMVENCOD.DLL
2016-01-13 12:34:56 ----A---- C:\Windows\system32\WMADMOD.DLL
2016-01-13 12:34:56 ----A---- C:\Windows\system32\mfnetcore.dll
2016-01-13 12:34:56 ----A---- C:\Windows\system32\evr.dll
2016-01-13 12:34:55 ----A---- C:\Windows\SYSWOW64\WMVENCOD.DLL
2016-01-13 12:34:55 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2016-01-13 12:34:55 ----A---- C:\Windows\system32\quartz.dll
2016-01-13 12:34:55 ----A---- C:\Windows\system32\mfsvr.dll
2016-01-13 12:34:54 ----A---- C:\Windows\SYSWOW64\WMVSDECD.DLL
2016-01-13 12:34:54 ----A---- C:\Windows\SYSWOW64\WMSPDMOD.DLL
2016-01-13 12:34:54 ----A---- C:\Windows\SYSWOW64\quartz.dll
2016-01-13 12:34:54 ----A---- C:\Windows\SYSWOW64\mfsvr.dll
2016-01-13 12:34:54 ----A---- C:\Windows\SYSWOW64\evr.dll
2016-01-13 12:34:54 ----A---- C:\Windows\system32\WMVSDECD.DLL
2016-01-13 12:34:54 ----A---- C:\Windows\system32\WMSPDMOE.DLL
2016-01-13 12:34:54 ----A---- C:\Windows\system32\WMALFXGFXDSP.dll
2016-01-13 12:34:54 ----A---- C:\Windows\system32\MP4SDECD.DLL
2016-01-13 12:34:53 ----A---- C:\Windows\SYSWOW64\WMADMOE.DLL
2016-01-13 12:34:53 ----A---- C:\Windows\SYSWOW64\VIDRESZR.DLL
2016-01-13 12:34:53 ----A---- C:\Windows\SYSWOW64\RESAMPLEDMO.DLL
2016-01-13 12:34:53 ----A---- C:\Windows\SYSWOW64\MPG4DECD.DLL
2016-01-13 12:34:53 ----A---- C:\Windows\SYSWOW64\MP4SDECD.DLL
2016-01-13 12:34:53 ----A---- C:\Windows\SYSWOW64\MP43DECD.DLL
2016-01-13 12:34:53 ----A---- C:\Windows\SYSWOW64\MP3DMOD.DLL
2016-01-13 12:34:53 ----A---- C:\Windows\SYSWOW64\mfvdsp.dll
2016-01-13 12:34:53 ----A---- C:\Windows\SYSWOW64\mfps.dll
2016-01-13 12:34:53 ----A---- C:\Windows\SYSWOW64\devenum.dll
2016-01-13 12:34:53 ----A---- C:\Windows\SYSWOW64\COLORCNV.DLL
2016-01-13 12:34:53 ----A---- C:\Windows\system32\WMADMOE.DLL
2016-01-13 12:34:53 ----A---- C:\Windows\system32\VIDRESZR.DLL
2016-01-13 12:34:53 ----A---- C:\Windows\system32\RESAMPLEDMO.DLL
2016-01-13 12:34:53 ----A---- C:\Windows\system32\MPG4DECD.DLL
2016-01-13 12:34:53 ----A---- C:\Windows\system32\MP43DECD.DLL
2016-01-13 12:34:53 ----A---- C:\Windows\system32\MP3DMOD.DLL
2016-01-13 12:34:53 ----A---- C:\Windows\system32\mfvdsp.dll
2016-01-13 12:34:53 ----A---- C:\Windows\system32\mfps.dll
2016-01-13 12:34:53 ----A---- C:\Windows\system32\devenum.dll
2016-01-13 12:34:53 ----A---- C:\Windows\system32\COLORCNV.DLL
2016-01-13 12:34:52 ----AC---- C:\Windows\system32\SysFxUI.dll
2016-01-13 12:34:52 ----A---- C:\Windows\SYSWOW64\WMVXENCD.DLL
2016-01-13 12:34:52 ----A---- C:\Windows\SYSWOW64\WMVSENCD.DLL
2016-01-13 12:34:52 ----A---- C:\Windows\SYSWOW64\WMSPDMOE.DLL
2016-01-13 12:34:52 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2016-01-13 12:34:52 ----A---- C:\Windows\SYSWOW64\MFWMAAEC.DLL
2016-01-13 12:34:52 ----A---- C:\Windows\system32\WMVXENCD.DLL
2016-01-13 12:34:52 ----A---- C:\Windows\system32\WMVSENCD.DLL
2016-01-13 12:34:52 ----A---- C:\Windows\system32\qdvd.dll
2016-01-13 12:34:52 ----A---- C:\Windows\system32\MFWMAAEC.DLL
2016-01-13 12:34:41 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-01-13 12:34:41 ----A---- C:\Windows\SYSWOW64\ncryptsslp.dll
2016-01-13 12:34:41 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-01-13 12:34:41 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-01-13 12:34:41 ----A---- C:\Windows\SYSWOW64\bcryptprimitives.dll
2016-01-13 12:34:41 ----A---- C:\Windows\system32\schannel.dll
2016-01-13 12:34:41 ----A---- C:\Windows\system32\ncryptsslp.dll
2016-01-13 12:34:41 ----A---- C:\Windows\system32\ncrypt.dll
2016-01-13 12:34:41 ----A---- C:\Windows\system32\lsasrv.dll
2016-01-13 12:34:41 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-01-13 12:34:41 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-01-13 12:34:41 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-01-13 12:34:41 ----A---- C:\Windows\system32\drivers\cng.sys
2016-01-13 12:34:41 ----A---- C:\Windows\system32\certcli.dll
2016-01-13 12:34:41 ----A---- C:\Windows\system32\bcryptprimitives.dll
2016-01-13 12:34:37 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-01-13 12:34:36 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-01-13 12:34:36 ----A---- C:\Windows\system32\ntdll.dll
2016-01-13 12:32:43 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2016-01-13 12:32:43 ----A---- C:\Windows\system32\generaltel.dll
2016-01-13 12:32:43 ----A---- C:\Windows\system32\gdi32.dll
2016-01-13 12:32:43 ----A---- C:\Windows\system32\appraiser.dll
2016-01-13 12:32:42 ----A---- C:\Windows\system32\invagent.dll
2016-01-13 12:32:42 ----A---- C:\Windows\system32\devinv.dll
2016-01-13 12:32:42 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-01-13 12:32:42 ----A---- C:\Windows\system32\aepic.dll
2016-01-13 12:32:42 ----A---- C:\Windows\system32\aeinv.dll
2016-01-13 12:32:42 ----A---- C:\Windows\system32\acmigration.dll
2016-01-13 12:32:36 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-01-13 12:32:36 ----A---- C:\Windows\system32\advapi32.dll
2016-01-05 22:36:12 ----D---- C:\ProgramData\TrackMania
2016-01-04 15:23:30 ----D---- C:\ProgramData\pdfforge
2016-01-04 15:21:14 ----D---- C:\Users\Jan\AppData\Roaming\PDF Architect 4
2016-01-04 15:18:45 ----D---- C:\ProgramData\PDF Architect 4
2016-01-02 21:05:58 ----D---- C:\Program Files (x86)\OCCTPT
2016-01-02 21:05:51 ----D---- C:\Windows\SYSWOW64\directx
2015-12-30 19:13:37 ----D---- C:\Program Files\iPod
2015-12-30 19:13:37 ----D---- C:\Program Files (x86)\iTunes

======List of files/folders modified in the last 1 month======

2016-01-16 18:45:57 ----D---- C:\Windows\Prefetch
2016-01-16 18:45:57 ----D---- C:\Program Files\trend micro
2016-01-16 18:45:53 ----D---- C:\Windows\Temp
2016-01-16 18:44:44 ----D---- C:\Windows
2016-01-16 18:19:44 ----D---- C:\Windows\system32\sru
2016-01-16 16:21:50 ----D---- C:\Users\Jan\AppData\Roaming\FileZilla
2016-01-16 16:18:18 ----SHD---- C:\Windows\Installer
2016-01-16 16:17:14 ----SHD---- C:\System Volume Information
2016-01-16 14:51:34 ----D---- C:\Windows\Microsoft.NET
2016-01-16 13:46:25 ----D---- C:\Windows\system32\config
2016-01-16 13:39:29 ----D---- C:\Windows\rescache
2016-01-16 13:36:18 ----D---- C:\Program Files\SpeedFan
2016-01-16 13:35:53 ----D---- C:\Users\Jan\AppData\Roaming\Dropbox
2016-01-15 23:26:20 ----RD---- C:\Windows\System32
2016-01-15 23:26:20 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-01-15 23:26:19 ----D---- C:\Windows\Inf
2016-01-15 10:48:46 ----D---- C:\Windows\system32\DriverStore
2016-01-15 10:48:40 ----D---- C:\Windows\WinSxS
2016-01-15 10:27:49 ----D---- C:\Users\Jan\AppData\Roaming\vlc
2016-01-15 10:05:44 ----D---- C:\Windows\SysWOW64
2016-01-15 10:04:54 ----D---- C:\Windows\system32\Tasks
2016-01-14 19:11:06 ----D---- C:\ProgramData\Package Cache
2016-01-14 09:03:10 ----RD---- C:\Program Files
2016-01-13 23:12:12 ----D---- C:\Program Files\Mozilla Firefox
2016-01-13 23:12:11 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-13 17:44:49 ----D---- C:\Program Files\Microsoft Silverlight
2016-01-13 17:44:49 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2016-01-13 17:42:47 ----D---- C:\Windows\system32\drivers
2016-01-13 17:42:46 ----SD---- C:\Windows\system32\CompatTel
2016-01-13 17:42:46 ----D---- C:\Windows\system32\appraiser
2016-01-13 17:42:46 ----D---- C:\Windows\apppatch
2016-01-13 17:42:46 ----D---- C:\Program Files\Internet Explorer
2016-01-13 16:54:50 ----D---- C:\Windows\CbsTemp
2016-01-13 16:54:14 ----D---- C:\ProgramData\Microsoft Help
2016-01-13 15:15:22 ----A---- C:\Windows\win.ini
2016-01-13 15:15:13 ----RSD---- C:\Windows\assembly
2016-01-13 13:35:07 ----D---- C:\Windows\system32\MRT
2016-01-13 13:25:44 ----A---- C:\Windows\system32\MRT.exe
2016-01-13 12:24:01 ----D---- C:\Windows\system32\catroot2
2016-01-08 17:34:36 ----D---- C:\Windows\SoftwareDistribution
2016-01-08 10:28:05 ----D---- C:\Windows\debug
2016-01-08 10:24:26 ----D---- C:\Users\Jan\AppData\Roaming\TeamViewer
2016-01-08 10:24:05 ----D---- C:\Windows\Logs
2016-01-05 22:36:12 ----HD---- C:\ProgramData
2016-01-05 21:50:31 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-01-05 21:50:30 ----D---- C:\Windows\system32\cs-CZ
2016-01-05 21:50:29 ----A---- C:\Windows\SYSWOW64\dpnsvr.exe
2016-01-05 21:50:29 ----A---- C:\Windows\SYSWOW64\dpnhupnp.dll
2016-01-05 21:50:29 ----A---- C:\Windows\SYSWOW64\dpnhpast.dll
2016-01-05 21:50:29 ----A---- C:\Windows\SYSWOW64\dpnet.dll
2016-01-05 21:50:29 ----A---- C:\Windows\SYSWOW64\dpnathlp.dll
2016-01-05 21:50:28 ----A---- C:\Windows\system32\dpnsvr.exe
2016-01-05 21:50:28 ----A---- C:\Windows\system32\dpnhupnp.dll
2016-01-05 21:50:28 ----A---- C:\Windows\system32\dpnhpast.dll
2016-01-05 21:50:28 ----A---- C:\Windows\system32\dpnet.dll
2016-01-05 21:50:28 ----A---- C:\Windows\system32\dpnathlp.dll
2016-01-05 21:50:24 ----A---- C:\Windows\SYSWOW64\dpwsockx.dll
2016-01-05 21:50:24 ----A---- C:\Windows\SYSWOW64\dpmodemx.dll
2016-01-05 21:50:24 ----A---- C:\Windows\SYSWOW64\dplayx.dll
2016-01-05 21:50:24 ----A---- C:\Windows\SYSWOW64\dplaysvr.exe
2016-01-05 21:04:40 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-01-05 17:56:48 ----AD---- C:\ProgramData\TEMP
2016-01-04 15:23:37 ----RD---- C:\Program Files (x86)
2016-01-04 15:23:37 ----D---- C:\Program Files (x86)\Common Files
2016-01-02 21:17:11 ----D---- C:\Windows\LiveKernelReports
2016-01-02 21:13:24 ----SD---- C:\Users\Jan\AppData\Roaming\Microsoft
2015-12-30 19:14:01 ----D---- C:\Program Files\iTunes
2015-12-30 19:13:36 ----D---- C:\Program Files\Common Files\Apple
2015-12-21 17:38:36 ----SD---- C:\Windows\SYSWOW64\GWX
2015-12-21 17:38:36 ----SD---- C:\Windows\system32\GWX

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2015-12-15 146696]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2015-12-15 35488]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2013-03-04 40344]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2015-12-15 135880]
R2 avnetflt;avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [2015-12-15 73032]
R2 speedfan;speedfan; \??\C:\Windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-10-03 33240]
R3 netr28ux;@netr28ux.inf,%Generic.Service.DispName%;RT2870 – ovladač rozšiřitelné karty USB pro bezdrátovou síť LAN; C:\Windows\system32\DRIVERS\netr28ux.sys [2013-06-18 2408208]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2014-07-02 12866008]
R3 rimvndis;@oem10.inf,%rimvndis.DeviceDesc%;BlackBerry Virtual Private Network; C:\Windows\System32\Drivers\rimvndis6_AMD64.sys [2015-03-19 18432]
R3 RimVSerPort;@oem11.inf,%RimVSerPort%;RIM Virtual Serial Port v2; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [2012-12-10 44544]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2014-10-29 11776]
R3 RTL8168;@netrt630x64.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2013-06-18 591360]
R3 VClone;VClone; C:\Windows\System32\drivers\VClone.sys [2013-07-24 34816]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S3 athr;@netathrx.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athwnx.sys [2013-06-18 3680256]
S3 blackberryncm;@oem18.inf,%blackberryncm.SVCDESC%;BlackBerryNCM Service; C:\Windows\system32\DRIVERS\blackberryncm6_AMD64.sys [2014-09-08 25088]
S3 dot4;@oem2.inf,%Dot4_Name%;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2012-10-19 151968]
S3 Dot4Print;@oem3.inf,%Dot4Print_Name%;Print Class Driver for IEEE-1284.4; C:\Windows\System32\drivers\Dot4Prt.sys [2012-10-19 27040]
S3 dot4usb;@oem2.inf,%DOT4USB_NAME%;Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2012-10-19 49056]
S3 etdrv;etdrv; \??\C:\Windows\etdrv.sys [2015-06-19 25640]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2015-06-20 25640]
S3 GVTDrv64;GVTDrv64; \??\C:\Windows\GVTDrv64.sys [2015-06-20 30528]
S3 RimUsb;@oem12.inf,%RimUsb.DeviceDesc%;zařízení BlackBerry Smartphone; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [2014-05-06 79872]
S3 USBAAPL64;@oem26.inf,%USBAAPL64.SvcDesc%;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2015-06-17 54784]
S3 usbrndis6;@netrndis.inf,%usbrndis6.Service.DispName%;Adaptér USB RNDIS6; C:\Windows\system32\DRIVERS\usb80236.sys [2013-08-22 20992]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\Windows\System32\drivers\usbscan.sys [2014-10-29 44544]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-05-14 759048]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-13 82128]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [2015-12-15 466408]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\Antivirus\sched.exe [2015-12-15 466408]
R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-10-07 77104]
R2 Avira.ServiceHost;Avira Service Host; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [2015-12-08 251160]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2015-08-12 462096]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2014-10-29 38792]
R2 EpsonBidirectionalService;EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [2006-12-19 94208]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2014-10-29 38792]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-07-02 935368]
R2 RIM MDNS;RIM MDNS; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe [2014-11-28 396024]
R2 RIM Tunnel Service;BlackBerry Link Communication Manager; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe [2015-05-26 1355000]
R2 TeamViewer;TeamViewer 10; C:\Program Files\TeamViewer\TeamViewer_Service.exe [2014-12-15 5426448]
R3 BlackBerry Device Manager;BlackBerry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [2014-10-31 588024]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2014-10-29 38792]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2015-12-17 644880]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-12-14 836176]
S2 AntiVirMailService;Avira Mail Protection; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [2015-12-15 948392]
S2 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [2015-12-15 1418560]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-05 144200]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2014-10-29 38792]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2014-10-29 38792]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-30 269504]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2014-10-29 38792]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-05 144200]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2011-08-30 160256]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-01-13 146888]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-01-23 150600]
S3 wampapache64;wampapache64; d:\wamp\bin\apache\apache2.4.9\bin\httpd.exe [2014-05-01 24576]
S3 wampmysqld64;wampmysqld64; d:\wamp\bin\mysql\mysql5.6.17\bin\mysqld.exe [2014-05-01 12942848]

-----------------EOF-----------------

[Márty84]

Zdravim

Stahnete crystal disk info http://sourceforge.jp/projects/crystald ... 5_0_0.zip/
Spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)

Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner[C?].txt ). Ten mi sem zkopirujte.

[3rw0sh]

----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 8 Professional [6.2 Build 9200] (x64)
Date : 2016/01/17 10:29:43

-- Controller Map ----------------------------------------------------------
+ PCI Standardní dvoukanálový řadič IDE [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
+ PCI Standardní dvoukanálový řadič IDE [ATA]
+ ATA Channel 0 (0)
- HL-DT-ST DVDRAM GH22NS50 ATA Device
+ ATA Channel 1 (1)
- ST1000DM003-1CH162 ATA Device
+ PCI Standardní dvoukanálový řadič IDE [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
- Řadič prostorů úložišť [SCSI]
+ Virtual CloneDrive [SCSI]
- ELBY CLONEDRIVE SCSI CdRom Device

-- Disk List ---------------------------------------------------------------
(1) ST1000DM003-1CH162 : 1000,2 GB [0/3/0, pd1] - st

----------------------------------------------------------------------------
(1) ST1000DM003-1CH162
----------------------------------------------------------------------------
Model : ST1000DM003-1CH162
Firmware : CC47
Serial Number : Z1D8KG1T
Disk Size : 1000,2 GB (8,4/137,4/1000,2)
Buffer Size : Neznámy údaj
Queue Depth : 32
# of Sectors : 1953525168
Rotation Rate : 7200 RPM
Interface : Serial ATA
Major Version : ACS-2
Minor Version : ---- [001Fh]
Transfer Mode : SATA/600
Power On Hours : 2748 hod.
Power On Count : 810 krát
Host Reads : 8811 GB
Host Writes : 6214 GB
Temparature : 26 C (78 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 8080h [ON]
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 119 _99 __6 00000DE718C8 Počet chyb čtení
03 _97 _97 __0 000000000000 Čas na roztočení ploten
04 100 100 _20 00000000032B Počet spuštění/zastavení
05 100 100 _10 000000000000 Počet přemapovaných sektorů
07 _79 _60 _30 000005D4CDA7 Počet chybných hledání
09 _97 _97 __0 000000000ABC Hodin v činnosti
0A 100 100 _97 000000000000 Počet opakovaných pokusů o roztočení ploten
0C 100 100 _20 00000000032A Počet cyklů zapnutí zařízení
B7 100 100 __0 000000000000 Neznámý
B8 100 100 _99 000000000000 Ukončovacích chyb
BB 100 100 __0 000000000000 Ohlášeno neopravitelných chyb
BC 100 _99 __0 000000000015 Časový limit příkazu
BD 100 100 __0 000000000000 Vysoká rychlost zápisu
BE _74 _68 _45 00001A12001A Teplota toku vzduchu
BF 100 100 __0 000000000000 Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 000000000030 Počet vypnutí disku
C1 100 100 __0 0000000005FD Počet cyklů načítání/vymazání
C2 _26 _40 __0 00100000001A Teplota
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
F0 100 253 __0 744B00000AC6 Čas nastavování hlaviček - v hodinách
F1 100 253 __0 000308D8D775 Total LBAs Written
F2 100 253 __0 00044D65864F Total LBAs Read

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 5A31 5A31 4438 4B47 3154
020: 0000 0000 0004 4343 3437 2020 2020 5354 3130 3030
030: 444D 3030 332D 3143 4831 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0200 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 850E 850E 0004 004C 0040
080: 03F0 001F 346B 7D69 4163 BC49 BC49 4163 207F 0035
090: 0035 8080 FFFE 0000 D000 0000 0000 0000 0000 0000
100: 6DB0 7470 0000 0000 0000 6003 6003 0000 5000 C500
110: 6597 583F 0000 0000 0000 0000 0000 0000 0000 401E
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 6DB0
130: 7470 6DB0 7470 2020 0002 0100 0100 5000 3C06 3C0A
140: 0000 003C 0000 0008 0000 05FF 05FF 0280 0000 0000
150: 0008 0000 0000 0000 0000 0000 0000 0000 5800 8800
160: 0000 0000 0000 0000 0000 0000 0000 0000 0002 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 3085 3085 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1C20 0000 0000
220: 0000 0000 107E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0003 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 47A5

[3rw0sh]

# AdwCleaner v5.029 - Logfile created 17/01/2016 at 10:44:31
# Updated 11/01/2016 by Xplode
# Database : 2016-01-15.2 [Server]
# Operating system : Windows 8.1 Pro (x64)
# Username : Jan - PC-PENTIUM
# Running from : C:\Users\Jan\Desktop\adwcleaner_5.029.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****


***** [ Files ] *****


***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Trymedia Systems

***** [ Web browsers ] *****


*************************

:: "Tracing" keys removed
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [707 bytes] ##########

[Márty84]

Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

[3rw0sh]

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 17. 1. 2016
Čas skenování: 15:44
Protokol: 1.txt
Správce: Ano

Verze: 2.2.0.1024
Databáze malwaru: v2016.01.17.02
Databáze rootkitů: v2016.01.09.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: Jan

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 589950
Uplynulý čas: 1 hod, 44 min, 38 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 0
(Nenalezeny žádné škodlivé položky)

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

[Márty84]

MBAM muzete odinstalovat.

Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach a budem cistit.

[3rw0sh]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:17-01-2015
Ran by Jan (administrator) on PC-PENTIUM (17-01-2016 20:42:21)
Running from C:\Users\Jan\Desktop
Loaded Profiles: Jan (Available Profiles: Jan)
Platform: Windows 8.1 Pro (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Almico Software (www.almico.com)) C:\Program Files\SpeedFan\speedfan.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(BlackBerry Limited) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(BlackBerry Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(BlackBerry Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
(Dropbox, Inc.) C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe
(BlackBerry Limited) C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
() C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe
() C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Jan\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-17] (Apple Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [443640 2014-10-31] (BlackBerry Limited)
HKLM-x32\...\Run: [RIM PeerManager] => C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe [4730616 2015-05-26] (BlackBerry Limited)
HKLM-x32\...\Run: [eperjavaapp] => D:\Program Files (x86)\Fiat\ePER\j2sdk1.4.1 injavaw.exe
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-12-08] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [803200 2015-12-15] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1085656 2015-12-13] (Adobe Systems Incorporated)
HKU\S-1-5-21-2636959574-2520008723-4284122047-1001\...\Run: [Dropbox Update] => C:\Users\Jan\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-17] (Dropbox, Inc.)
HKU\S-1-5-21-2636959574-2520008723-4284122047-1001\...\MountPoints2: {b87d1a7b-a8b8-11e4-825c-026060f56b01} - "C:\Windows\system32\RunDLL32.EXE" Shell32.DLL,ShellExec_RunDLL G:\setup.exe
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2015-10-21]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-12-14]
ShortcutTarget: Dropbox.lnk -> C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{07C8B90B-B59A-471E-B526-7AB63AC5DD8C}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{66024299-4978-4C1A-AC02-B918368756B9}: [DhcpNameServer] 192.168.176.251 192.168.176.252 192.168.176.253 192.168.176.254

Internet Explorer:
==================
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-11-18] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-11-10] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-11-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-09] (Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-11-10] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-09] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\q195qwao.default
FF Homepage: hxxp://seznam.cz
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll [2015-12-30] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll [2015-12-30] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-09] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-09] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-18] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll [2015-05-22] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-12-17] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-11-18] (Microsoft Corporation)
FF Extension: Web Developer - C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\q195qwao.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2015-06-21]
FF Extension: Avira Browser Safety - C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\q195qwao.default\Extensions\abs@avira.com [2016-01-11]
FF Extension: Adblock Plus - C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\q195qwao.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-01-11]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR Profile: C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-12]
CHR Extension: (Dokumenty Google) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-12]
CHR Extension: (Disk Google) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (Web Developer) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbameneiokkgbdmiekhjnmfkcnldhhm [2015-04-12]
CHR Extension: (James White) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkeidgmehkdjmpjodpjkepolokanalkm [2015-04-12]
CHR Extension: (YouTube) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-29]
CHR Extension: (Vyhledávání Google) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Tabulky Google) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-12]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-17]
CHR Extension: (AdBlock) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-01-08]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-04-12]
CHR Extension: (Mapy Google) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2015-09-29]
CHR Extension: (Pocket) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjcnijlhddpbdemagnpefmlkjdagkogk [2015-11-26]
CHR Extension: (Save to Pocket) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2015-11-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-29]
CHR Extension: (Gmail) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-12]
CHR Profile: C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Prezentace Google) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-05]
CHR Extension: (Dokumenty Google) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-05]
CHR Extension: (Disk Google) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-05]
CHR Extension: (YouTube) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-05]
CHR Extension: (Vyhledávání Google) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-05]
CHR Extension: (Tabulky Google) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-05]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-11]
CHR Extension: (AdBlock) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-01-10]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-11-05]
CHR Extension: (Mapy Google) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2015-11-05]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-05]
CHR Extension: (Gmail) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-05]
CHR Profile: C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Prezentace Google) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-05]
CHR Extension: (Dokumenty Google) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-05]
CHR Extension: (Disk Google) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-05]
CHR Extension: (YouTube) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-05]
CHR Extension: (Vyhledávání Google) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-05]
CHR Extension: (Tabulky Google) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-05]
CHR Extension: (Avira Browser Safety) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-11-05]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-05]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-11-05]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-05]
CHR Extension: (Gmail) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-05]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2636959574-2520008723-4284122047-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [948392 2015-12-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [466408 2015-12-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [466408 2015-12-15] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1418560 2015-12-15] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [251160 2015-12-08] (Avira Operations GmbH & Co. KG)
R3 BlackBerry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [588024 2014-10-31] (BlackBerry Limited)
R2 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [File not signed]
S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 RIM MDNS; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe [396024 2014-11-28] (Apple Inc.)
R2 RIM Tunnel Service; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe [1355000 2015-05-26] (BlackBerry Limited)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5426448 2014-12-15] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 athr; C:\Windows\system32\DRIVERS\athwnx.sys [3680256 2013-06-18] (Qualcomm Atheros Communications, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [135880 2015-12-15] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146696 2015-12-15] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-15] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [73032 2015-12-15] (Avira Operations GmbH & Co. KG)
S3 blackberryncm; C:\Windows\system32\DRIVERS\blackberryncm6_AMD64.sys [25088 2014-09-08] (BlackBerry)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2015-06-20] ()
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [79872 2014-05-06] (BlackBerry Limited)
R3 rimvndis; C:\Windows\System32\Drivers\rimvndis6_AMD64.sys [18432 2015-03-19] (BlackBerry Limited)
R3 RimVSerPort; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
S3 usbrndis6; C:\Windows\system32\DRIVERS\usb80236.sys [20992 2013-08-22] (Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-17 20:42 - 2016-01-17 20:42 - 00024823 _____ C:\Users\Jan\Desktop\FRST.txt
2016-01-17 20:38 - 2016-01-17 20:38 - 00112640 _____ (forum.viry.cz) C:\Users\Jan\Desktop\FRSTLauncher.exe
2016-01-17 20:37 - 2016-01-17 20:37 - 02370560 _____ (Farbar) C:\Users\Jan\Desktop\FRST64.exe
2016-01-17 20:32 - 2016-01-17 20:32 - 00321848 _____ (Malwarebytes Corporation) C:\Users\Jan\Downloads\mbam-clean-2.1.1.1001.exe
2016-01-17 18:08 - 2016-01-17 18:09 - 00773913 _____ C:\Users\Jan\Downloads\Variant.rar
2016-01-17 17:54 - 2016-01-17 17:54 - 00001141 _____ C:\Users\Jan\Desktop\1.txt
2016-01-17 17:19 - 2016-01-17 17:19 - 00123246 _____ C:\Users\Jan\Downloads\18.zip
2016-01-17 17:18 - 2016-01-17 17:18 - 00125708 _____ C:\Users\Jan\Downloads\27.zip
2016-01-17 17:14 - 2016-01-17 17:14 - 04549626 _____ C:\Users\Jan\Downloads\zaverecna_prace.pdf
2016-01-17 17:03 - 2016-01-17 17:03 - 02916263 _____ C:\Users\Jan\Downloads\vyresene-testy-1-6-resene-testy-s-kockou.rar
2016-01-17 15:49 - 2016-01-15 23:59 - 03831588 _____ C:\Users\Jan\Desktop\dasfd.pdf
2016-01-17 15:42 - 2016-01-17 20:34 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-01-17 15:41 - 2016-01-17 15:41 - 22908888 _____ (Malwarebytes ) C:\Users\Jan\Downloads\mbam-setup-2.2.0.1024.exe
2016-01-17 11:25 - 2016-01-17 11:30 - 00000000 ____D C:\Users\Jan\Downloads\The.Big.Bang.Theory.S09E13.HDTV.x264-LOL[rarbg]
2016-01-17 10:26 - 2016-01-17 10:46 - 00047104 ___SH C:\Users\Jan\Desktop\Thumbs.db
2016-01-17 10:21 - 2016-01-17 10:44 - 00000000 ____D C:\AdwCleaner
2016-01-16 18:45 - 2016-01-16 18:46 - 00000000 ____D C:\rsit
2016-01-16 18:44 - 2016-01-17 20:42 - 00000000 ____D C:\FRST
2016-01-16 14:16 - 2016-01-16 14:16 - 00000000 ____D C:\Users\Jan\AppData\Local\SKIDROW
2016-01-14 20:07 - 2016-01-17 11:26 - 00000000 ____D C:\Users\Jan\Downloads\2.Broke.Girls.S05E07.HDTV.x264-LOL[rarbg]
2016-01-14 20:07 - 2016-01-17 11:25 - 00000000 ____D C:\Users\Jan\Downloads\2.Broke.Girls.S05E06.HDTV.x264-LOL[rarbg]
2016-01-13 12:36 - 2015-12-11 05:38 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-01-13 12:36 - 2015-12-11 05:00 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-01-13 12:36 - 2015-12-11 04:55 - 06051328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-01-13 12:36 - 2015-12-11 04:50 - 20367360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-01-13 12:36 - 2015-12-11 04:45 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-01-13 12:36 - 2015-12-11 04:21 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-01-13 12:36 - 2015-12-11 04:18 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-01-13 12:36 - 2015-12-11 04:09 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-01-13 12:36 - 2015-12-11 04:09 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-01-13 12:36 - 2015-12-11 04:03 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-01-13 12:36 - 2015-12-11 03:59 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-01-13 12:36 - 2015-12-11 03:43 - 04610560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-01-13 12:36 - 2015-12-11 03:43 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-01-13 12:36 - 2015-12-11 03:38 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-01-13 12:36 - 2015-12-11 03:37 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-01-13 12:36 - 2015-12-11 03:35 - 12856320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-01-13 12:36 - 2015-12-11 03:26 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-01-13 12:36 - 2015-12-11 03:14 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-01-13 12:36 - 2015-12-11 03:12 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-01-13 12:36 - 2015-12-11 03:08 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-01-13 12:36 - 2015-12-11 03:07 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-01-13 12:35 - 2015-12-02 16:04 - 00670208 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2016-01-13 12:35 - 2015-12-02 16:01 - 00561664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2016-01-13 12:34 - 2015-12-30 20:32 - 07453016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-01-13 12:34 - 2015-12-30 20:32 - 01735000 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-01-13 12:34 - 2015-12-30 20:32 - 01499912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-01-13 12:34 - 2015-12-05 06:58 - 02745184 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2016-01-13 12:34 - 2015-12-05 06:58 - 02528784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2016-01-13 12:34 - 2015-12-05 06:58 - 02450240 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2016-01-13 12:34 - 2015-12-05 06:58 - 02447136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL
2016-01-13 12:34 - 2015-12-05 06:58 - 02334104 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2016-01-13 12:34 - 2015-12-05 06:58 - 02324744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2016-01-13 12:34 - 2015-12-05 06:58 - 01877504 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
2016-01-13 12:34 - 2015-12-05 06:58 - 01798480 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll
2016-01-13 12:34 - 2015-12-05 06:58 - 01484888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll
2016-01-13 12:34 - 2015-12-05 06:58 - 01288128 _____ (Microsoft Corporation) C:\Windows\system32\mfnetsrc.dll
2016-01-13 12:34 - 2015-12-05 06:58 - 01210200 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2016-01-13 12:34 - 2015-12-05 06:58 - 01150232 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2016-01-13 12:34 - 2015-12-05 06:58 - 01115640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll
2016-01-13 12:34 - 2015-12-05 06:58 - 01037680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2016-01-13 12:34 - 2015-12-05 06:58 - 00914672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL
2016-01-13 12:34 - 2015-12-05 06:58 - 00850680 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll
2016-01-13 12:34 - 2015-12-05 06:58 - 00735496 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-01-13 12:34 - 2015-12-05 06:58 - 00700360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll
2016-01-13 12:34 - 2015-12-05 06:58 - 00629600 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2016-01-13 12:34 - 2015-12-05 06:58 - 00584656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-01-13 12:34 - 2015-12-05 06:58 - 00557856 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2016-01-13 12:34 - 2015-12-05 06:58 - 00498472 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2016-01-13 12:34 - 2015-12-05 06:58 - 00492736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL
2016-01-13 12:34 - 2015-12-05 06:58 - 00463776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
2016-01-13 12:34 - 2015-12-05 06:58 - 00399776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2016-01-13 12:34 - 2015-12-05 06:58 - 00299080 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2016-01-13 12:34 - 2015-12-05 06:58 - 00275312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL
2016-01-13 12:34 - 2015-12-05 06:58 - 00274280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL
2016-01-13 12:34 - 2015-12-05 06:58 - 00250520 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2016-01-13 12:34 - 2015-12-05 06:58 - 00248432 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2016-01-13 12:34 - 2015-12-05 06:58 - 00246856 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2016-01-13 12:34 - 2015-12-05 06:58 - 00244296 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-01-13 12:34 - 2015-12-05 06:58 - 00229272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL
2016-01-13 12:34 - 2015-12-05 06:58 - 00203016 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2016-01-13 12:34 - 2015-12-05 06:58 - 00184912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL
2016-01-13 12:34 - 2015-12-05 06:58 - 00183856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL
2016-01-13 12:34 - 2015-12-05 06:58 - 00116720 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2016-01-13 12:34 - 2015-12-05 06:58 - 00110544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2016-01-13 12:34 - 2015-12-05 06:58 - 00099136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL
2016-01-13 12:34 - 2015-12-05 06:58 - 00090904 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2016-01-13 12:34 - 2015-12-05 06:58 - 00090392 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2016-01-13 12:34 - 2015-12-05 06:58 - 00081032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll
2016-01-13 12:34 - 2015-12-05 06:58 - 00076936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll
2016-01-13 12:34 - 2015-12-03 20:42 - 00561952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-01-13 12:34 - 2015-12-03 20:42 - 00397224 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2016-01-13 12:34 - 2015-12-03 20:42 - 00137968 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-01-13 12:34 - 2015-12-03 20:42 - 00106960 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2016-01-13 12:34 - 2015-12-03 20:41 - 00177488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-01-13 12:34 - 2015-12-03 19:52 - 00340872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2016-01-13 12:34 - 2015-12-03 19:52 - 00120376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-01-13 12:34 - 2015-12-03 19:52 - 00091416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2016-01-13 12:34 - 2015-12-03 19:28 - 00401920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-01-13 12:34 - 2015-12-03 19:28 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-01-13 12:34 - 2015-12-03 19:07 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-01-13 12:34 - 2015-12-03 19:07 - 00289792 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2016-01-13 12:34 - 2015-12-03 19:05 - 00644608 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2016-01-13 12:34 - 2015-12-03 19:02 - 01664000 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2016-01-13 12:34 - 2015-12-03 19:00 - 00451072 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2016-01-13 12:34 - 2015-12-03 18:58 - 00378880 ____C (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2016-01-13 12:34 - 2015-12-03 18:51 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-01-13 12:34 - 2015-12-03 18:36 - 01697792 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-01-13 12:34 - 2015-12-03 18:30 - 00468480 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2016-01-13 12:34 - 2015-12-03 18:28 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2016-01-13 12:34 - 2015-12-03 18:28 - 00245760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2016-01-13 12:34 - 2015-12-03 18:27 - 00736256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL
2016-01-13 12:34 - 2015-12-03 18:24 - 01411584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL
2016-01-13 12:34 - 2015-12-03 18:23 - 00402432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL
2016-01-13 12:34 - 2015-12-03 18:16 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-01-13 12:34 - 2015-12-03 18:13 - 01441280 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-01-13 12:34 - 2015-12-03 18:07 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-01-13 12:34 - 2015-12-03 18:06 - 01501184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-01-13 12:34 - 2015-12-03 18:01 - 00743936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL
2016-01-13 12:34 - 2015-12-03 17:45 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-01-13 12:34 - 2015-12-03 17:40 - 01010688 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2016-01-13 12:34 - 2015-12-03 17:29 - 00887296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL
2016-01-13 12:32 - 2015-12-10 01:40 - 00033456 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-01-13 12:32 - 2015-12-08 20:08 - 00685432 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-01-13 12:32 - 2015-12-08 20:07 - 00507176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-01-13 12:32 - 2015-12-07 11:56 - 01380600 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-01-13 12:32 - 2015-12-04 16:00 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-01-13 12:32 - 2015-11-17 22:07 - 01380864 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-01-13 12:32 - 2015-11-17 22:07 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-01-13 12:32 - 2015-11-17 22:07 - 00792064 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-01-13 12:32 - 2015-11-17 22:07 - 00705024 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-01-13 12:32 - 2015-11-17 22:07 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-01-13 12:32 - 2015-11-17 22:07 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-01-13 12:32 - 2015-11-17 22:07 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-01-11 23:38 - 2016-01-11 23:38 - 00000000 ____D C:\Users\Jan\Documents\Manuály auta
2016-01-05 22:36 - 2016-01-08 21:32 - 00000000 ____D C:\ProgramData\TrackMania
2016-01-05 21:36 - 2016-01-08 21:32 - 00000000 ____D C:\Users\Jan\Documents\TrackMania
2016-01-05 20:51 - 2016-01-05 20:51 - 00000215 _____ C:\Users\Jan\Desktop\TrackMania Nations Forever.url
2016-01-04 15:23 - 2016-01-04 15:23 - 00000000 ____D C:\ProgramData\pdfforge
2016-01-04 15:21 - 2016-01-04 15:23 - 00000000 ____D C:\Users\Jan\AppData\Roaming\PDF Architect 4
2016-01-04 15:18 - 2016-01-04 16:27 - 00000000 ____D C:\ProgramData\PDF Architect 4
2016-01-03 16:39 - 2016-01-03 16:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UnH Solutions
2016-01-02 21:13 - 2016-01-02 21:13 - 00000000 ____D C:\Users\Jan\AppData\Local\OCCT_-_Ocbase_-_Adrien_Me
2016-01-02 21:08 - 2016-01-02 21:08 - 00000000 ____D C:\Users\Jan\Documents\OCCT
2016-01-02 21:06 - 2016-01-02 21:06 - 00000983 _____ C:\Users\Jan\Desktop\OCCT.lnk
2016-01-02 21:06 - 2016-01-02 21:06 - 00000000 ____D C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OCCT
2016-01-02 21:06 - 2016-01-02 21:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OCCT
2016-01-02 21:05 - 2016-01-02 21:06 - 00000000 ____D C:\Program Files (x86)\OCCTPT
2016-01-02 21:05 - 2016-01-02 21:05 - 00000000 ____D C:\Windows\SysWOW64\directx
2015-12-30 19:14 - 2015-12-30 19:14 - 00001765 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-12-30 19:14 - 2015-12-30 19:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-12-30 19:13 - 2015-12-30 19:13 - 00000000 ____D C:\Program Files\iPod
2015-12-30 19:13 - 2015-12-30 19:13 - 00000000 ____D C:\Program Files (x86)\iTunes

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-17 20:36 - 2015-01-18 09:47 - 00000000 ___RD C:\Users\Jan\Disk Google
2016-01-17 20:35 - 2015-01-18 09:26 - 00000000 ___RD C:\Users\Jan\Dropbox
2016-01-17 20:35 - 2015-01-18 09:24 - 00000000 ____D C:\Program Files\SpeedFan
2016-01-17 20:35 - 2015-01-18 09:22 - 00000000 ____D C:\Users\Jan\AppData\Roaming\Dropbox
2016-01-17 20:35 - 2015-01-18 08:37 - 00000000 ____D C:\Users\Jan\OneDrive
2016-01-17 20:34 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-17 20:34 - 2013-08-22 14:36 - 00000000 ____D C:\Windows
2016-01-17 20:33 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-01-17 20:21 - 2015-05-19 19:14 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-01-17 20:15 - 2015-05-15 10:42 - 00000982 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d04258481b17d7.job
2016-01-17 20:07 - 2015-06-17 06:24 - 00000932 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2636959574-2520008723-4284122047-1001UA.job
2016-01-17 17:14 - 2015-01-18 08:32 - 00000000 ____D C:\Users\Jan\AppData\Local\Packages
2016-01-17 12:26 - 2015-01-18 15:50 - 00000000 ____D C:\Users\Jan\AppData\Roaming\vlc
2016-01-17 10:37 - 2015-05-09 09:25 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2636959574-2520008723-4284122047-1001
2016-01-17 10:19 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf
2016-01-16 22:02 - 2015-01-18 15:31 - 00000000 ____D C:\Users\Jan\AppData\Roaming\FileZilla
2016-01-16 20:29 - 2015-01-18 14:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-16 19:12 - 2014-03-18 16:49 - 01745984 _____ C:\Windows\system32\PerfStringBackup.INI
2016-01-16 19:12 - 2014-03-18 16:01 - 00738682 _____ C:\Windows\system32\perfh005.dat
2016-01-16 19:12 - 2014-03-18 16:01 - 00151404 _____ C:\Windows\system32\perfc005.dat
2016-01-16 19:01 - 2015-05-09 20:09 - 00000000 ____D C:\ProgramData\Codemasters
2016-01-16 18:57 - 2015-10-20 13:46 - 00000000 ____D C:\ProgramData\TEMP
2016-01-16 18:45 - 2015-03-31 08:34 - 00000000 ____D C:\Program Files\trend micro
2016-01-16 13:39 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\rescache
2016-01-15 10:05 - 2015-01-18 09:05 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2016-01-15 10:04 - 2015-06-25 16:34 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-01-14 19:11 - 2015-01-25 23:04 - 00000000 ____D C:\ProgramData\Package Cache
2016-01-14 19:10 - 2015-10-13 20:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-01-13 23:12 - 2015-03-23 08:29 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-01-13 17:44 - 2015-01-18 13:11 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-01-13 17:44 - 2015-01-18 13:11 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-01-13 17:42 - 2015-04-12 12:58 - 00000000 ____D C:\Windows\system32\appraiser
2016-01-13 17:42 - 2015-04-12 12:57 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-01-13 17:41 - 2015-01-18 08:32 - 00000000 ____D C:\Users\Jan
2016-01-13 16:54 - 2015-01-18 17:15 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-01-13 16:54 - 2015-01-18 09:40 - 00000000 ____D C:\ProgramData\Microsoft Help
2016-01-13 16:54 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp
2016-01-13 16:53 - 2015-01-18 13:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-01-13 15:15 - 2013-08-22 14:25 - 00000202 _____ C:\Windows\win.ini
2016-01-13 13:35 - 2015-01-18 13:50 - 00000000 ____D C:\Windows\system32\MRT
2016-01-13 13:25 - 2015-01-18 13:50 - 143671360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-01-12 18:53 - 2015-05-26 10:06 - 00000000 ____D C:\Users\Jan\Documents\Babička
2016-01-12 08:07 - 2015-06-17 06:24 - 00000880 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2636959574-2520008723-4284122047-1001Core.job
2016-01-11 23:38 - 2015-10-14 15:54 - 00175616 ___SH C:\Users\Jan\Downloads\Thumbs.db
2016-01-11 23:30 - 2015-01-18 09:36 - 00000000 ___RD C:\Users\Jan\Documents\Firma
2016-01-09 19:59 - 2015-10-21 14:04 - 00000000 ____D C:\Users\Jan\Documents\Moje naskenované obrázky
2016-01-08 10:24 - 2015-03-12 16:31 - 00000000 ____D C:\Users\Jan\AppData\Local\CrashDumps
2016-01-08 10:24 - 2015-02-08 09:57 - 00000000 ____D C:\Users\Jan\AppData\Roaming\TeamViewer
2016-01-05 21:50 - 2015-04-12 12:16 - 00220672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dplayx.dll
2016-01-05 21:50 - 2015-04-12 12:16 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpwsockx.dll
2016-01-05 21:50 - 2015-04-12 12:14 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dplaysvr.exe
2016-01-05 21:50 - 2015-04-12 12:14 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpmodemx.dll
2016-01-05 21:50 - 2013-08-22 12:22 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2016-01-05 21:50 - 2013-08-22 12:22 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\dpnsvr.exe
2016-01-05 21:50 - 2013-08-22 12:17 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\dpnathlp.dll
2016-01-05 21:50 - 2013-08-22 12:17 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\dpnhupnp.dll
2016-01-05 21:50 - 2013-08-22 12:17 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\dpnhpast.dll
2016-01-05 21:50 - 2013-08-22 04:56 - 00377856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2016-01-05 21:50 - 2013-08-22 04:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnsvr.exe
2016-01-05 21:50 - 2013-08-22 04:51 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnathlp.dll
2016-01-05 21:50 - 2013-08-22 04:51 - 00009216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnhupnp.dll
2016-01-05 21:50 - 2013-08-22 04:51 - 00009216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnhpast.dll
2016-01-05 21:04 - 2015-01-18 14:01 - 00826872 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-01-05 21:04 - 2015-01-18 14:01 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-01-05 20:51 - 2015-01-21 17:02 - 00000000 ____D C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-01-02 21:17 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\LiveKernelReports
2015-12-30 19:21 - 2015-05-19 19:14 - 00003802 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-12-30 19:14 - 2015-01-30 20:08 - 00000000 ____D C:\Program Files\iTunes
2015-12-30 19:13 - 2015-01-18 10:05 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-12-21 17:38 - 2015-11-26 08:27 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-12-21 17:38 - 2015-11-26 08:27 - 00000000 ___SD C:\Windows\system32\GWX

==================== Files in the root of some directories =======

2015-03-23 12:00 - 2015-04-20 18:36 - 0000132 _____ () C:\Users\Jan\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2015-10-24 14:35 - 2015-12-08 21:53 - 0000600 _____ () C:\Users\Jan\AppData\Roaming\winscp.rnd
2015-10-24 14:19 - 2015-10-24 14:19 - 0000600 _____ () C:\Users\Jan\AppData\Local\PUTTY.RND
2015-12-03 11:46 - 2015-12-03 11:46 - 0007128 _____ () C:\Users\Jan\AppData\Local\recently-used.xbel
2015-06-06 21:29 - 2015-06-06 21:29 - 0007606 _____ () C:\Users\Jan\AppData\Local\Resmon.ResmonCfg
2015-10-21 12:32 - 2015-10-21 12:36 - 0000831 _____ () C:\ProgramData\hpzinstall.log

Some files in TEMP:
====================
C:\Users\Jan\AppData\Local\Temp\avgnt.exe
C:\Users\Jan\AppData\Local\Temp\CmdLineExt.dll
C:\Users\Jan\AppData\Local\Temp\drm_dialogs.dll
C:\Users\Jan\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Jan\AppData\Local\Temp\sfareca00001.dll
C:\Users\Jan\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================


Available physical RAM: 4369.12 MB
Total physical RAM: 6142.49 MB
Percentage of memory in use: 28%

==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2636959574-2520008723-4284122047-1001Core.job => C:\Users\Jan\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2636959574-2520008723-4284122047-1001UA.job => C:\Users\Jan\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d04258481b17d7.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\ProgramData\TEMP:088B37DC
AlternateDataStreams: C:\Users\Jan\Desktop\dasfd.pdf:com.dropbox.attributes

==================== Security Center ==================

AV: Avira Antivirus (Enabled - Out of date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Out of date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Jan\Desktop" je 6 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

[3rw0sh]

Ještě bych se chtěl zeptat, koukal jsem se do složky Temp a mám tam nějaké soubory s příponou .key. To jsem tam nikdy dřív neviděl. V příloze jsem dal screen složky Temp.

[Márty84]

Tempy se muzou klidne vymazat


Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1085656 2015-12-13] (Adobe Systems Incorporated)
HKU\S-1-5-21-2636959574-2520008723-4284122047-1001\...\Run: [Dropbox Update] => C:\Users\Jan\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-17] (Dropbox, Inc.)

2016-01-17 15:42 - 2016-01-17 20:34 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-01-17 15:41 - 2016-01-17 15:41 - 22908888 _____ (Malwarebytes ) C:\Users\Jan\Downloads\mbam-setup-2.2.0.1024.exe

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2636959574-2520008723-4284122047-1001Core.job => C:\Users\Jan\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2636959574-2520008723-4284122047-1001UA.job => C:\Users\Jan\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d04258481b17d7.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

AlternateDataStreams: C:\ProgramData\TEMP:088B37DC
AlternateDataStreams: C:\Users\Jan\Desktop\dasfd.pdf:com.dropbox.attributes

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-13 82128]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-05 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-05 144200]

Hosts:
EmptyTemp:
Reboot:
End

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.

[3rw0sh]

Fix result of Farbar Recovery Scan Tool (x64) Version:17-01-2015
Ran by Jan (2016-01-18 10:09:40) Run:1
Running from C:\Users\Jan\Desktop
Loaded Profiles: Jan (Available Profiles: Jan)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1085656 2015-12-13] (Adobe Systems Incorporated)
HKU\S-1-5-21-2636959574-2520008723-4284122047-1001\...\Run: [Dropbox Update] => C:\Users\Jan\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-17] (Dropbox, Inc.)

2016-01-17 15:42 - 2016-01-17 20:34 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-01-17 15:41 - 2016-01-17 15:41 - 22908888 _____ (Malwarebytes ) C:\Users\Jan\Downloads\mbam-setup-2.2.0.1024.exe

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2636959574-2520008723-4284122047-1001Core.job => C:\Users\Jan\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2636959574-2520008723-4284122047-1001UA.job => C:\Users\Jan\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d04258481b17d7.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

AlternateDataStreams: C:\ProgramData\TEMP:088B37DC
AlternateDataStreams: C:\Users\Jan\Desktop\dasfd.pdf:com.dropbox.attributes

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-13 82128]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-05 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-05 144200]

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value removed successfully
HKU\S-1-5-21-2636959574-2520008723-4284122047-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Dropbox Update => value removed successfully
C:\ProgramData\Malwarebytes => moved successfully
C:\Users\Jan\Downloads\mbam-setup-2.2.0.1024.exe => moved successfully
C:\Windows\Tasks\Adobe Flash Player Updater.job => moved successfully
C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2636959574-2520008723-4284122047-1001Core.job => moved successfully
C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2636959574-2520008723-4284122047-1001UA.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d04258481b17d7.job => moved successfully
C:\ProgramData\TEMP => ":088B37DC" ADS removed successfully.
C:\Users\Jan\Desktop\dasfd.pdf => ":com.dropbox.attributes" ADS removed successfully.
AdobeARMservice => service removed successfully
gupdate => service removed successfully
SkypeUpdate => service removed successfully
gupdatem => service removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 507.7 MB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 10:10:49 ====

[Márty84]

Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

DelFix https://toolslib.net/downloads/finish/2/

• Stahnete a spustte
• Ponechte zatrzitkou pouze u volby Remove disinfection tools
• Kliknete na Run

Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)

Defragmentujte disk(y) (SSD Disky ne!)
Stahnete program Defraggler https://www.piriform.com/defraggler/download/standard
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.




Pak napiste, jak to s pc vypada.

[3rw0sh]

Je to lepší, už je to zase jako předtím. Díky moc.

[Márty84]

Nemate zac!

Mejte se a treba zase nekdy