VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Problémy s notebookem

https://forum.viry.cz:443/viewtopic.php?t=147656

Stránka 1 z 1

Problémy s notebookem

Napsal: 20 led 2016 18:42
od marhop
Prosím o pomoc, můj notebook se pravidelně zpomaluje, často nejde ani přehrat hudba či video online.
Občas se stane, že nemohu psát v googlu chrome. Pomůže až ccleaner.
Mám pocit, že tam nějaká havěť je, i když jsem zkoušel různé programy na odstranění.
FRST ZDE:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:18-01-2016
Ran by Martin (administrator) on MARHOP (20-01-2016 18:45:42)
Running from C:\Users\Martin\Desktop
Loaded Profiles: UpdatusUser & Martin (Available Profiles: UpdatusUser & Martin)
Platform: Windows 8 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 10 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(reaConverter LLC) C:\Program Files (x86)\reaConverter 7 Standard\rc_service.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe
(TorchMedia Inc.) C:\Users\Martin\AppData\Local\Torch\Update\TorchCrashHandler.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\InstallServices.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(Dropbox, Inc.) C:\Users\Martin\AppData\Roaming\Dropbox\bin\Dropbox.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(The Document Foundation) C:\Program Files (x86)\LibreOffice 4.0\program\soffice.exe
(The Document Foundation) C:\Program Files (x86)\LibreOffice 4.0\program\soffice.bin
(Maxthon International ltd.) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Mozilla Corporation) C:\Users\Martin\Desktop\Tor Browser\Browser\firefox.exe
() C:\Users\Martin\Desktop\Tor Browser\Browser\TorBrowser\Tor\tor.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmprph.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13192848 2012-08-20] (Realtek Semiconductor)
HKLM\...\Run: [BtPreLoad] => C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe [64640 2012-08-31] ()
HKLM\...\Run: [ACMON] => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [107192 2012-08-24] (ASUS)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40336 2015-09-24] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe [3417984 2012-08-28] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [111120 2012-05-24] (CyberLink)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1009288 2012-09-13] ()
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456 2011-03-07] (Elaborate Bytes AG)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-05-23] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [224128 2014-06-16] (Oracle Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [NetSoftware] => C:\Program Files\NetSoftware\Starter.exe [223216 2015-12-22] (Gemius)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-314047092-3573663871-1605207054-1002\...\Run: [Power2GoExpress] => C:\Program Files (x86)\CyberLink\Power2Go\Power2GoExpress.exe [2649816 2012-12-25] (CyberLink Corp.)
HKU\S-1-5-21-314047092-3573663871-1605207054-1002\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Martin\AppData\Roaming\Seznam.cz\szninstall.exe [1009288 2012-09-13] ()
HKU\S-1-5-21-314047092-3573663871-1605207054-1002\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Martin\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92152 2013-01-22] ()
HKU\S-1-5-21-314047092-3573663871-1605207054-1002\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1561968 2013-05-23] (Samsung)
HKU\S-1-5-21-314047092-3573663871-1605207054-1002\...\Run: [uTorrent] => C:\Users\Martin\AppData\Roaming\uTorrent\uTorrent.exe [2026520 2015-12-02] (BitTorrent Inc.)
HKU\S-1-5-21-314047092-3573663871-1605207054-1002\...\Run: [Dropbox Update] => C:\Users\Martin\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-18] (Dropbox, Inc.)
HKU\S-1-5-21-314047092-3573663871-1605207054-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50509440 2015-11-30] (Skype Technologies S.A.)
HKU\S-1-5-21-314047092-3573663871-1605207054-1002\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [833240 2014-12-23] (ZONER software)
HKU\S-1-5-21-314047092-3573663871-1605207054-1002\...\Run: [Zoner Photo Studio Service 16] => C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSService.exe [27864 2014-12-23] ()
HKU\S-1-5-21-314047092-3573663871-1605207054-1002\...\MountPoints2: {458ed5f7-a9a0-11e2-be86-dc85de6a2b0c} - "F:\setup_vmc_lite.exe" /checkApplicationPresence
HKU\S-1-5-21-314047092-3573663871-1605207054-1002\...\MountPoints2: {458ed6de-a9a0-11e2-be86-dc85de6a2b0c} - "F:\setup_vmc_lite.exe" /checkApplicationPresence
HKU\S-1-5-21-314047092-3573663871-1605207054-1002\...\MountPoints2: {458ed70a-a9a0-11e2-be86-dc85de6a2b0c} - "F:\setup_vmc_lite.exe" /checkApplicationPresence
HKU\S-1-5-21-314047092-3573663871-1605207054-1002\...\MountPoints2: {458ed715-a9a0-11e2-be86-dc85de6a2b0c} - "F:\setup_vmc_lite.exe" /checkApplicationPresence
HKU\S-1-5-21-314047092-3573663871-1605207054-1002\...\MountPoints2: {5049a711-b7ce-11e2-be8c-dc85de6a2b0c} - "F:\setup_vmc_lite.exe" /checkApplicationPresence
HKU\S-1-5-21-314047092-3573663871-1605207054-1002\...\MountPoints2: {5049a71f-b7ce-11e2-be8c-dc85de6a2b0c} - "F:\setup_vmc_lite.exe" /checkApplicationPresence
HKU\S-1-5-21-314047092-3573663871-1605207054-1002\...\MountPoints2: {5a88e657-f8b3-11e3-bee6-dc85de6a2b0c} - "F:\Setup.exe"
HKU\S-1-5-21-314047092-3573663871-1605207054-1002\...\MountPoints2: {e063179e-b15b-11e4-bf16-dc85de6a2b0c} - "F:\LGAutoRun.exe"
HKU\S-1-5-21-314047092-3573663871-1605207054-1002\...\MountPoints2: {e84f7627-4639-11e4-bf01-dc85de6a2b0c} - "F:\Startme.exe"
HKU\S-1-5-21-314047092-3573663871-1605207054-1002\...\MountPoints2: {e92697d4-3acf-11e4-befb-dc85de6a2b0c} - "F:\TVRadio.EXE"
HKU\S-1-5-21-314047092-3573663871-1605207054-1002\...\MountPoints2: {ede346cc-91b7-11e2-be81-dc85de6a2b0c} - "G:\Autorun\autorun.exe"
HKU\S-1-5-21-314047092-3573663871-1605207054-1002\...\MountPoints2: {fed2a955-6a31-11e3-bec2-dc85de6a2b0c} - "I:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-314047092-3573663871-1605207054-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Mystify.scr [241664 2012-07-26] (Microsoft Corporation)
AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL => C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInit64.dll [18856 2012-10-02] (NVIDIA Corporation)
AppInit_DLLs: , C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [247144 2012-10-08] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\PROGRA~2\NVIDIA~1\3DVISI~1\nvStInit.dll => C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInit.dll [17288 2012-10-02] (NVIDIA Corporation)
AppInit_DLLs-x32: , C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [202600 2012-10-08] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk [2012-10-31]
ShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe (ASUSTeK Computer Inc.)
Startup: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-12-13]
ShortcutTarget: Dropbox.lnk -> C:\Users\Martin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{00522B37-D876-48CB-A32D-0AF269A6DF33}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{2546AB9A-33CE-4146-A912-AAAD4353A4F2}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{30C2534C-8494-474C-BE0C-77F0654AACF9}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{547EC584-532F-48C0-945E-FC2B8892142A}: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{A7132014-7610-4C4E-964E-F44B94A46A8A}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{CA7F6F91-B2DD-4C00-9F65-5A26E7B04C49}: [NameServer] 217.77.165.81,217.77.165.211

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-314047092-3573663871-1605207054-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.yahoo.com/?fr=avantsearch6
HKU\S-1-5-21-314047092-3573663871-1605207054-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
HKU\S-1-5-21-314047092-3573663871-1605207054-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://10.0.0.200:8080/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-314047092-3573663871-1605207054-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-314047092-3573663871-1605207054-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-08-31] (Qualcomm Atheros Commnucations)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre8\bin\ssv.dll [2014-09-06] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre8\bin\jp2ssv.dll [2014-09-06] (Oracle Corporation)
DPF: HKLM-x32 {021AFC0F-30F4-474D-9903-CE42D9539B17} hxxp://10.0.0.200:8080/dvr_ocx.cab
Handler: inbox - No CLSID Value
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\l6gb1hxx.default
FF DefaultSearchEngine: Google
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll [2016-01-05] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll [2016-01-05] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.11.2 -> C:\Program Files (x86)\Java\jre8\bin\dtplugin\npDeployJava1.dll [2014-09-06] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.11.2 -> C:\Program Files (x86)\Java\jre8\bin\plugin2\npjp2.dll [2014-09-06] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2012-10-02] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2012-10-02] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin-x32: TorchVLC -> C:\Users\Martin\AppData\Local\Torch\Plugins\Video\VLC\npvlc.dll [2013-07-30] (VideoLAN)
FF user.js: detected! => C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\l6gb1hxx.default\user.js [2015-04-14]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
FF HKU\S-1-5-21-314047092-3573663871-1605207054-1002\...\Firefox\Extensions: [gemgecko@gemius.com] - C:\Program Files\NetSoftware\gemgecko_ext
FF Extension: Netpanel study - C:\Program Files\NetSoftware\gemgecko_ext [2015-09-14]

Chrome:
=======
CHR StartupUrls: Default -> "hxxps://www.airbnb.cz/login?redirect_params[action
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-01-12]
CHR Extension: (Dokumenty Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-12]
CHR Extension: (Disk Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-12]
CHR Extension: (YouTube) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-12]
CHR Extension: (Vyhledávání Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-12]
CHR Extension: (Tabulky Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-01-12]
CHR Extension: (Dokumenty Google offline) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-01-14]
CHR Extension: (Netpanel study) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kegdldmohomdaelnepdpbkdhfemobdgl [2015-11-25]
CHR Extension: (iLivid) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf [2014-12-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-24]
CHR Extension: (Gmail) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-12]
CHR HKU\S-1-5-21-314047092-3573663871-1605207054-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [kegdldmohomdaelnepdpbkdhfemobdgl] - hxxps://clients2.google.com/service/update2/crx

Opera:
=======
OPR Extension: (Výzkum NetMonitor) - C:\Users\Martin\AppData\Roaming\Opera Software\Opera Stable\Extensions\ojedjnlojkfjbmjlpknfclknchaenlpm [2015-12-01]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [216192 2012-08-31] (Qualcomm Atheros Commnucations) [File not signed]
R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2370240 2014-11-27] (Comodo Security Solutions, Inc.)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-07-30] (IObit)
R2 reaConverter_service; C:\Program Files (x86)\reaConverter 7 Standard\rc_service.exe [5750784 2015-09-17] (reaConverter LLC) [File not signed]
R2 StartMenuService; C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe [1055008 2015-03-13] (IObit)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TorchCrashHandler; C:\Users\Martin\AppData\Local\Torch\Update\TorchCrashHandler.exe [1217032 2014-10-29] (TorchMedia Inc.) <==== ATTENTION
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2015-08-29] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-08-31] (Atheros) [File not signed]
S3 AdobeFlashPlayerUpdateSvc; no ImagePath

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 androidusb; C:\Windows\System32\Drivers\fxxandroidusb.sys [31744 2011-03-22] (Google Inc)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [61824 2012-08-05] (ASUS Corporation)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-08-31] (Qualcomm Atheros)
R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [117632 2013-06-01] (Microsoft Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3265256 2012-09-20] (Broadcom Corporation)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-04-27] (REALiX(tm))
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
R1 MpKsl5dfa1a93; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EBDC41ED-D0E7-4216-B295-49E6715E368D}\MpKsl5dfa1a93.sys [44928 2016-01-16] (Microsoft Corporation)
S3 PCAMp50a64; C:\Windows\System32\Drivers\PCAMp50a64.sys [43328 2006-11-28] (Printing Communications Assoc., Inc. (PCAUSA))
S3 PCASp50a64; C:\Windows\System32\Drivers\PCASp50a64.sys [41280 2006-11-28] (Printing Communications Assoc., Inc. (PCAUSA))
S3 qcusbser; C:\Windows\system32\DRIVERS\FXX\qcusbser.sys [364288 2011-03-22] (QUALCOMM Incorporated)
S3 ssudobex; C:\Windows\system32\DRIVERS\ssudobex.sys [204568 2013-10-28] (DEVGURU Co., LTD.(http://www.devguru.co.kr))
S3 usbrndis6; C:\Windows\system32\DRIVERS\usb80236.sys [20992 2013-02-12] (Microsoft Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44560 2015-08-29] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [281944 2015-08-29] (Microsoft Corporation)
S3 wmbclass; C:\Windows\system32\DRIVERS\wmbclass.sys [230912 2013-04-09] (Microsoft Corporation)
U0 msahci; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-20 18:44 - 2016-01-20 18:45 - 00000000 ____D C:\PO
2016-01-20 18:27 - 2016-01-20 18:41 - 00048372 _____ C:\Users\Martin\Desktop\Addition.txt
2016-01-20 18:26 - 2016-01-20 18:46 - 00026986 _____ C:\Users\Martin\Desktop\FRST.txt
2016-01-20 18:24 - 2016-01-20 18:24 - 00015327 _____ C:\Users\Martin\Desktop\LM.bat
2016-01-20 18:22 - 2016-01-20 18:24 - 00029696 _____ C:\Users\Martin\AppData\Local\MSGBOX.EXE
2016-01-20 18:21 - 2016-01-20 18:22 - 00112640 _____ (forum.viry.cz) C:\Users\Martin\Desktop\FRSTLauncher.exe
2016-01-20 18:16 - 2016-01-20 18:19 - 00048419 _____ C:\Users\Martin\Downloads\Addition.txt
2016-01-20 18:15 - 2016-01-20 18:15 - 00112640 _____ (forum.viry.cz) C:\Users\Martin\Downloads\Nepotvrzeno 860961.crdownload
2016-01-20 18:14 - 2016-01-20 18:19 - 00050236 _____ C:\Users\Martin\Downloads\FRST.txt
2016-01-20 18:13 - 2016-01-20 18:45 - 00000000 ____D C:\FRST
2016-01-20 18:12 - 2016-01-20 18:12 - 02370560 _____ (Farbar) C:\Users\Martin\Desktop\FRST64.exe
2016-01-19 23:09 - 2016-01-20 00:59 - 1985714086 _____ C:\Users\Martin\Desktop\Šílení---Lunacy-2005,-EN-tit---CZ.mkv
2016-01-19 09:05 - 2016-01-19 09:46 - 731945434 _____ C:\Users\Martin\Downloads\Koleje-osudu---2013-cz-tit.drama-p.p.avi
2016-01-15 21:24 - 2016-01-15 21:24 - 00003842 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1412882589
2016-01-15 21:24 - 2016-01-15 21:24 - 00001053 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-01-06 23:41 - 2016-01-06 23:41 - 04950088 _____ C:\Windows\system32\FNTCACHE.DAT
2016-01-05 11:11 - 2016-01-02 15:54 - 00826328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-01-05 11:11 - 2016-01-02 15:54 - 00176096 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-01-02 14:01 - 2016-01-02 14:01 - 00951808 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2016-01-02 14:01 - 2016-01-02 14:01 - 00601088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2016-01-02 14:01 - 2016-01-02 14:01 - 00478280 _____ C:\Windows\SysWOW64\locale.nls
2016-01-02 14:01 - 2016-01-02 14:01 - 00478280 _____ C:\Windows\system32\locale.nls
2016-01-02 14:01 - 2016-01-02 14:01 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2016-01-02 14:01 - 2016-01-02 14:01 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2016-01-02 14:01 - 2016-01-02 14:01 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2016-01-02 14:01 - 2016-01-02 14:01 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2016-01-02 14:01 - 2016-01-02 14:01 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2016-01-02 14:01 - 2016-01-02 14:01 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2016-01-02 12:50 - 2016-01-02 12:50 - 04063232 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-01-02 12:50 - 2016-01-02 12:50 - 01840640 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-01-02 12:50 - 2016-01-02 12:50 - 01680384 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2016-01-02 12:50 - 2016-01-02 12:50 - 01426944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2016-01-02 12:50 - 2016-01-02 12:50 - 01412608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2016-01-02 12:50 - 2016-01-02 12:50 - 01341952 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-01-02 12:50 - 2016-01-02 12:50 - 01280000 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-01-02 12:50 - 2016-01-02 12:50 - 01126912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-01-02 12:39 - 2016-01-02 12:39 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2016-01-02 12:34 - 2016-01-02 12:34 - 06970712 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-01-02 12:34 - 2016-01-02 12:34 - 01821192 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-01-02 12:34 - 2016-01-02 12:34 - 01637376 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2016-01-02 12:34 - 2016-01-02 12:34 - 01410000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-01-02 12:34 - 2016-01-02 12:34 - 01282560 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-01-02 12:34 - 2016-01-02 12:34 - 01223168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2016-01-02 12:34 - 2016-01-02 12:34 - 01043968 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2016-01-02 12:34 - 2016-01-02 12:34 - 00961536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2016-01-02 12:34 - 2016-01-02 12:34 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-01-02 12:34 - 2016-01-02 12:34 - 00668160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-01-02 12:34 - 2016-01-02 12:34 - 00588800 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2016-01-02 12:34 - 2016-01-02 12:34 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2016-01-02 12:34 - 2016-01-02 12:34 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2016-01-02 12:34 - 2016-01-02 12:34 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2016-01-02 12:34 - 2016-01-02 12:34 - 00439808 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2016-01-02 12:34 - 2016-01-02 12:34 - 00384512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2016-01-02 12:34 - 2016-01-02 12:34 - 00318464 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-01-02 12:34 - 2016-01-02 12:34 - 00273920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-01-02 12:34 - 2016-01-02 12:34 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-01-02 12:34 - 2016-01-02 12:34 - 00178688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-01-02 12:34 - 2016-01-02 12:34 - 00171864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-01-02 12:34 - 2016-01-02 12:34 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-01-02 12:34 - 2016-01-02 12:34 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-01-02 12:34 - 2016-01-02 12:34 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-01-02 12:34 - 2016-01-02 12:34 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-01-02 12:34 - 2016-01-02 12:34 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-01-02 10:42 - 2016-01-02 10:42 - 19778048 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-01-02 10:42 - 2016-01-02 10:42 - 17562112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-12-30 10:43 - 2015-12-30 10:43 - 00000012 _____ C:\Users\Martin\Desktop\Nový textový dokument (2).txt
2015-12-28 00:14 - 2015-12-28 00:15 - 00000000 ____D C:\Users\Martin\AppData\Local\UmmyVideoDownloader
2015-12-28 00:14 - 2015-12-28 00:14 - 00001229 _____ C:\Users\Public\Desktop\UmmyVideoDownloader.lnk
2015-12-28 00:14 - 2015-12-28 00:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UmmyVideoDownloader
2015-12-28 00:12 - 2015-12-28 00:12 - 16324116 _____ C:\Users\Martin\Desktop\✐Emma Drobná Čerešně SuperStar✐.mp4

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-20 18:45 - 2013-04-05 16:45 - 03613696 ___SH C:\Users\Martin\Downloads\Thumbs.db
2016-01-20 18:39 - 2013-03-21 15:21 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-01-20 18:29 - 2015-06-18 12:19 - 00000936 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-314047092-3573663871-1605207054-1002UA.job
2016-01-20 18:27 - 2012-07-26 06:37 - 00000000 ____D C:\Windows
2016-01-20 18:11 - 2015-12-05 20:06 - 00000974 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-20 18:01 - 2013-03-19 22:53 - 00504832 ___SH C:\Users\Martin\Desktop\Thumbs.db
2016-01-20 13:39 - 2013-03-09 11:41 - 00000000 ____D C:\Users\Martin\AppData\Local\CrashDumps
2016-01-19 23:17 - 2013-03-10 12:45 - 00000000 ____D C:\Users\Martin\AppData\Roaming\vlc
2016-01-19 22:29 - 2015-06-18 12:19 - 00000884 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-314047092-3573663871-1605207054-1002Core.job
2016-01-19 20:11 - 2015-12-05 20:06 - 00000970 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-18 14:18 - 2014-10-09 20:44 - 00000000 ____D C:\ProgramData\TorchCrashHandler
2016-01-17 23:54 - 2012-08-02 19:06 - 04875488 _____ C:\Windows\system32\perfh005.dat
2016-01-17 23:54 - 2012-08-02 19:06 - 01483398 _____ C:\Windows\system32\perfc005.dat
2016-01-17 23:54 - 2012-07-26 08:28 - 00005430 _____ C:\Windows\system32\PerfStringBackup.INI
2016-01-17 23:51 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\tracing
2016-01-16 11:16 - 2015-01-19 12:02 - 00000000 ____D C:\ProgramData\ProductData
2016-01-15 22:51 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\AUInstallAgent
2016-01-15 22:49 - 2012-07-26 09:12 - 00000000 ___HD C:\Program Files\WindowsApps
2016-01-15 22:36 - 2014-09-28 15:31 - 00287744 ___SH C:\Users\Martin\Documents\Thumbs.db
2016-01-15 21:24 - 2014-10-09 20:23 - 00000000 ____D C:\Program Files (x86)\Opera
2016-01-15 12:14 - 2015-06-07 19:35 - 00002185 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-01-14 11:08 - 2013-09-15 23:06 - 00000000 ____D C:\Program Files (x86)\IObit
2016-01-14 11:01 - 2013-11-14 00:39 - 00000000 ____D C:\Users\Martin\AppData\Local\ElevatedDiagnostics
2016-01-14 00:27 - 2012-07-26 06:37 - 00000000 ____D C:\Windows\Inf
2016-01-13 23:34 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\rescache
2016-01-13 23:14 - 2013-03-09 10:24 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Dropbox
2016-01-13 23:13 - 2013-04-07 19:58 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Skype
2016-01-13 23:11 - 2013-03-08 19:43 - 00000408 _____ C:\Users\Martin\AppData\Roaming\sp_data.sys
2016-01-13 23:08 - 2013-10-17 00:21 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2016-01-13 23:08 - 2012-10-31 01:16 - 00000000 ____D C:\ProgramData\NVIDIA
2016-01-13 23:08 - 2012-07-26 08:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-08 22:50 - 2015-02-19 12:45 - 00000000 ____D C:\Program Files\NetSoftware
2016-01-08 22:34 - 2015-02-19 12:45 - 00000000 ____D C:\ProgramData\NetSoftware
2016-01-08 18:53 - 2014-12-02 01:21 - 00000000 ____D C:\Users\Martin\AppData\Roaming\emp4_4
2016-01-08 12:04 - 2015-09-07 20:46 - 00000000 ____D C:\Users\Martin\Desktop\Tor Browser
2016-01-05 11:28 - 2013-03-21 15:21 - 00003802 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-01-05 11:13 - 2013-03-08 19:37 - 00000000 ____D C:\Users\Martin
2016-01-05 11:07 - 2012-07-26 09:12 - 00000000 ___RD C:\Windows\ToastData
2016-01-02 15:55 - 2012-07-26 08:59 - 00000000 ____D C:\Windows\CbsTemp
2015-12-27 12:08 - 2013-03-09 12:45 - 00000000 ____D C:\Users\Martin\PRACE
2015-12-27 12:00 - 2013-11-29 14:08 - 00012800 ___SH C:\Users\Martin\Thumbs.db
2015-12-21 09:11 - 2013-09-15 23:06 - 00000000 ____D C:\ProgramData\IObit
2015-12-21 01:48 - 2012-07-26 06:26 - 00262144 ___SH C:\Windows\system32\config\BBI

==================== Files in the root of some directories =======

2014-09-29 15:05 - 2012-04-25 14:19 - 2249352 _____ (Adobe Systems, Incorporated) C:\Program Files\amtlib.dll
2013-06-20 13:15 - 2015-07-17 21:20 - 0000132 _____ () C:\Users\Martin\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2014-01-22 20:47 - 2014-01-22 20:47 - 0000021 _____ () C:\Users\Martin\AppData\Roaming\my_intel.sys
2013-03-08 19:43 - 2016-01-13 23:11 - 0000408 _____ () C:\Users\Martin\AppData\Roaming\sp_data.sys
2013-06-11 18:44 - 2014-06-25 19:14 - 0001480 _____ () C:\Users\Martin\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2016-01-20 18:22 - 2016-01-20 18:24 - 0029696 _____ () C:\Users\Martin\AppData\Local\MSGBOX.EXE
2013-06-06 12:13 - 2013-06-06 12:13 - 0000057 _____ () C:\ProgramData\Ament.ini
2012-08-04 18:37 - 2012-07-30 07:03 - 0000217 _____ () C:\ProgramData\SetStretch.cmd
2012-08-04 18:37 - 2009-07-22 11:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2013-03-09 11:50 - 2013-03-09 11:51 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2013-03-09 11:49 - 2013-03-09 11:50 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log

Files to move or delete:
====================
C:\Users\Martin\gosetup.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-01-12 11:03

==================== End of FRST.txt ============================

Re: Problémy s notebookem

Napsal: 20 led 2016 19:06
od Rudy
Zdravím!
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

Re: Problémy s notebookem

Napsal: 20 led 2016 19:34
od marhop
# AdwCleaner v5.030 - Logfile created 20/01/2016 at 19:18:56
# Updated 17/01/2016 by Xplode
# Database : 2016-01-19.2 [Server]
# Operating system : Windows 8 (x64)
# Username : Martin - MARHOP
# Running from : C:\Users\Martin\Desktop\adwcleaner_5.030.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

[-] Service Deleted : torchcrashhandler

***** [ Folders ] *****

[-] Folder Deleted : C:\Program Files (x86)\Mobogenie
[-] Folder Deleted : C:\Program Files (x86)\myfree codec
[-] Folder Deleted : C:\Program Files (x86)\ParetoLogic
[-] Folder Deleted : C:\Program Files (x86)\Common Files\ParetoLogic
[-] Folder Deleted : C:\ProgramData\ParetoLogic
[-] Folder Deleted : C:\ProgramData\torchcrashhandler
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
[-] Folder Deleted : C:\Users\Martin\AppData\Local\Mobogenie
[-] Folder Deleted : C:\Users\Martin\AppData\Local\torch
[-] Folder Deleted : C:\Users\Martin\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja
[-] Folder Deleted : C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf
[-] Folder Deleted : C:\Users\Martin\AppData\LocalLow\Inbox Toolbar
[-] Folder Deleted : C:\Users\Martin\AppData\Roaming\ASP
[-] Folder Deleted : C:\Users\Martin\AppData\Roaming\DriverCure
[-] Folder Deleted : C:\Users\Martin\AppData\Roaming\OpenCandy
[-] Folder Deleted : C:\Users\Martin\AppData\Roaming\ParetoLogic
[-] Folder Deleted : C:\Users\Martin\AppData\Roaming\Systweak
[-] Folder Deleted : C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ParetoLogic
[-] Folder Deleted : C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\torch
[-] Folder Deleted : C:\Users\Martin\Documents\Mobogenie

***** [ Files ] *****

[-] File Deleted : C:\Users\Martin\daemonprocess.txt
[-] File Deleted : C:\Users\Martin\AppData\Local\Comodo\Dragon\User Data\Default\Local Storage\chrome-extension_cmaiofennmphjldldcpphcechfnnohja_0.localstorage
[-] File Deleted : C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_nafaimnnclfjfedmmabolbppcngeolgf_0.localstorage
[-] File Deleted : C:\Users\Martin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Torch.lnk
[-] File Deleted : C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch.lnk
[-] File Deleted : C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\l6gb1hxx.default\user.js
[-] File Deleted : C:\Users\Martin\Desktop\Facebook.lnk
[-] File Deleted : C:\Users\Martin\Desktop\Live PC Help.lnk
[-] File Deleted : C:\Users\Martin\Desktop\Youtube.lnk

***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\Applications\Torch.exe
[-] Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\handler\inbox
[-] Key Deleted : HKLM\SOFTWARE\Clients\StartMenuInternet\Torch
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\TorchVLC
[-] Key Deleted : HKCU\Software\Classes\CLSID\{A2DF06F9-A21A-44A8-8A99-8B9C84F29160}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{612AD33D-9824-4E87-8396-92374E91C4BB}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{612AD33D-9824-4E87-8396-92374E91C4BB}
[-] Key Deleted : HKCU\Software\Myfree Codec
[-] Key Deleted : HKCU\Software\ParetoLogic
[-] Key Deleted : HKCU\Software\powerpack
[-] Key Deleted : HKCU\Software\torch
[-] Key Deleted : HKCU\Software\Tune
[-] Key Deleted : HKLM\SOFTWARE\Myfree Codec
[-] Key Deleted : HKLM\SOFTWARE\ParetoLogic
[-] Key Deleted : HKLM\SOFTWARE\torch
[-] Key Deleted : HKLM\SOFTWARE\Tune
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\torch
[!] Key Not Deleted : HKU\S-1-5-21-314047092-3573663871-1605207054-1001\Software\Conduit
[!] Key Not Deleted : HKU\S-1-5-21-314047092-3573663871-1605207054-1001\Software\Myfree Codec
[!] Key Not Deleted : HKU\S-1-5-21-314047092-3573663871-1605207054-1001\Software\powerpack
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]

***** [ Web browsers ] *****

[-] [C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\l6gb1hxx.default\prefs.js] [Preference] Deleted : user_pref("extensions.dealply.channel", "dealplydef");
[-] [C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\l6gb1hxx.default\prefs.js] [Preference] Deleted : user_pref("extensions.dealply.installId", "v24863172479257628579572014012804542410");
[-] [C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\l6gb1hxx.default\prefs.js] [Preference] Deleted : user_pref("extensions.dealply.installIdSource", "inst");
[-] [C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\l6gb1hxx.default\prefs.js] [Preference] Deleted : user_pref("extensions.dealply.partner", "dealplydef");
[-] [C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\l6gb1hxx.default\prefs.js] [Preference] Deleted : user_pref("extensions.dealply.sampleGroup", "0");
[-] [C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\l6gb1hxx.default\prefs.js] [Preference] Deleted : user_pref("network.hxxp.request.max-start-delay", 0);
[-] [C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : nafaimnnclfjfedmmabolbppcngeolgf

*************************

:: "Tracing" keys removed
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [6727 bytes] ##########

Re: Problémy s notebookem

Napsal: 20 led 2016 20:13
od Rudy
Dejte nový log FRST.

Re: Problémy s notebookem

Napsal: 20 led 2016 20:44
od marhop
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:18-01-2016
Ran by Martin (administrator) on MARHOP (20-01-2016 20:19:31)
Running from C:\Users\Martin\Desktop
Loaded Profiles: UpdatusUser & Martin (Available Profiles: UpdatusUser & Martin)
Platform: Windows 8 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 10 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(reaConverter LLC) C:\Program Files (x86)\reaConverter 7 Standard\rc_service.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\InstallServices.exe
(Dropbox, Inc.) C:\Users\Martin\AppData\Roaming\Dropbox\bin\Dropbox.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13192848 2012-08-20] (Realtek Semiconductor)
HKLM\...\Run: [BtPreLoad] => C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe [64640 2012-08-31] ()
HKLM\...\Run: [ACMON] => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [107192 2012-08-24] (ASUS)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40336 2015-09-24] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe [3417984 2012-08-28] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [111120 2012-05-24] (CyberLink)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1009288 2012-09-13] ()
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456 2011-03-07] (Elaborate Bytes AG)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-05-23] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [224128 2014-06-16] (Oracle Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [NetSoftware] => C:\Program Files\NetSoftware\Starter.exe [223216 2015-12-22] (Gemius)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-314047092-3573663871-1605207054-1002\...\Run: [Power2GoExpress] => C:\Program Files (x86)\CyberLink\Power2Go\Power2GoExpress.exe [2649816 2012-12-25] (CyberLink Corp.)
HKU\S-1-5-21-314047092-3573663871-1605207054-1002\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Martin\AppData\Roaming\Seznam.cz\szninstall.exe [1009288 2012-09-13] ()
HKU\S-1-5-21-314047092-3573663871-1605207054-1002\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Martin\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92152 2013-01-22] ()
HKU\S-1-5-21-314047092-3573663871-1605207054-1002\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1561968 2013-05-23] (Samsung)
HKU\S-1-5-21-314047092-3573663871-1605207054-1002\...\Run: [uTorrent] => C:\Users\Martin\AppData\Roaming\uTorrent\uTorrent.exe [2026520 2015-12-02] (BitTorrent Inc.)
HKU\S-1-5-21-314047092-3573663871-1605207054-1002\...\Run: [Dropbox Update] => C:\Users\Martin\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-18] (Dropbox, Inc.)
HKU\S-1-5-21-314047092-3573663871-1605207054-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50509440 2015-11-30] (Skype Technologies S.A.)
HKU\S-1-5-21-314047092-3573663871-1605207054-1002\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [833240 2014-12-23] (ZONER software)
HKU\S-1-5-21-314047092-3573663871-1605207054-1002\...\Run: [Zoner Photo Studio Service 16] => C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSService.exe [27864 2014-12-23] ()
HKU\S-1-5-21-314047092-3573663871-1605207054-1002\...\MountPoints2: {458ed5f7-a9a0-11e2-be86-dc85de6a2b0c} - "F:\setup_vmc_lite.exe" /checkApplicationPresence
HKU\S-1-5-21-314047092-3573663871-1605207054-1002\...\MountPoints2: {458ed6de-a9a0-11e2-be86-dc85de6a2b0c} - "F:\setup_vmc_lite.exe" /checkApplicationPresence
HKU\S-1-5-21-314047092-3573663871-1605207054-1002\...\MountPoints2: {458ed70a-a9a0-11e2-be86-dc85de6a2b0c} - "F:\setup_vmc_lite.exe" /checkApplicationPresence
HKU\S-1-5-21-314047092-3573663871-1605207054-1002\...\MountPoints2: {458ed715-a9a0-11e2-be86-dc85de6a2b0c} - "F:\setup_vmc_lite.exe" /checkApplicationPresence
HKU\S-1-5-21-314047092-3573663871-1605207054-1002\...\MountPoints2: {5049a711-b7ce-11e2-be8c-dc85de6a2b0c} - "F:\setup_vmc_lite.exe" /checkApplicationPresence
HKU\S-1-5-21-314047092-3573663871-1605207054-1002\...\MountPoints2: {5049a71f-b7ce-11e2-be8c-dc85de6a2b0c} - "F:\setup_vmc_lite.exe" /checkApplicationPresence
HKU\S-1-5-21-314047092-3573663871-1605207054-1002\...\MountPoints2: {5a88e657-f8b3-11e3-bee6-dc85de6a2b0c} - "F:\Setup.exe"
HKU\S-1-5-21-314047092-3573663871-1605207054-1002\...\MountPoints2: {e063179e-b15b-11e4-bf16-dc85de6a2b0c} - "F:\LGAutoRun.exe"
HKU\S-1-5-21-314047092-3573663871-1605207054-1002\...\MountPoints2: {e84f7627-4639-11e4-bf01-dc85de6a2b0c} - "F:\Startme.exe"
HKU\S-1-5-21-314047092-3573663871-1605207054-1002\...\MountPoints2: {e92697d4-3acf-11e4-befb-dc85de6a2b0c} - "F:\TVRadio.EXE"
HKU\S-1-5-21-314047092-3573663871-1605207054-1002\...\MountPoints2: {ede346cc-91b7-11e2-be81-dc85de6a2b0c} - "G:\Autorun\autorun.exe"
HKU\S-1-5-21-314047092-3573663871-1605207054-1002\...\MountPoints2: {fed2a955-6a31-11e3-bec2-dc85de6a2b0c} - "I:\HTC_Sync_Manager_PC.exe"
HKU\S-1-5-21-314047092-3573663871-1605207054-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Mystify.scr [241664 2012-07-26] (Microsoft Corporation)
AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL => C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInit64.dll [18856 2012-10-02] (NVIDIA Corporation)
AppInit_DLLs: , C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [247144 2012-10-08] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\PROGRA~2\NVIDIA~1\3DVISI~1\nvStInit.dll => C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInit.dll [17288 2012-10-02] (NVIDIA Corporation)
AppInit_DLLs-x32: , C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [202600 2012-10-08] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk [2012-10-31]
ShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe (ASUSTeK Computer Inc.)
Startup: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-12-13]
ShortcutTarget: Dropbox.lnk -> C:\Users\Martin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{00522B37-D876-48CB-A32D-0AF269A6DF33}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{2546AB9A-33CE-4146-A912-AAAD4353A4F2}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{30C2534C-8494-474C-BE0C-77F0654AACF9}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{547EC584-532F-48C0-945E-FC2B8892142A}: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{A7132014-7610-4C4E-964E-F44B94A46A8A}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{CA7F6F91-B2DD-4C00-9F65-5A26E7B04C49}: [NameServer] 217.77.165.81,217.77.165.211

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-314047092-3573663871-1605207054-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.yahoo.com/?fr=avantsearch6
HKU\S-1-5-21-314047092-3573663871-1605207054-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
HKU\S-1-5-21-314047092-3573663871-1605207054-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://10.0.0.200:8080/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-314047092-3573663871-1605207054-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-08-31] (Qualcomm Atheros Commnucations)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre8\bin\ssv.dll [2014-09-06] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre8\bin\jp2ssv.dll [2014-09-06] (Oracle Corporation)
DPF: HKLM-x32 {021AFC0F-30F4-474D-9903-CE42D9539B17} hxxp://10.0.0.200:8080/dvr_ocx.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\l6gb1hxx.default
FF DefaultSearchEngine: Google
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll [2016-01-05] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll [2016-01-05] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.11.2 -> C:\Program Files (x86)\Java\jre8\bin\dtplugin\npDeployJava1.dll [2014-09-06] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.11.2 -> C:\Program Files (x86)\Java\jre8\bin\plugin2\npjp2.dll [2014-09-06] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2012-10-02] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2012-10-02] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
FF HKU\S-1-5-21-314047092-3573663871-1605207054-1002\...\Firefox\Extensions: [gemgecko@gemius.com] - C:\Program Files\NetSoftware\gemgecko_ext
FF Extension: Netpanel study - C:\Program Files\NetSoftware\gemgecko_ext [2015-09-14]

Chrome:
=======
CHR StartupUrls: Default -> "hxxps://www.airbnb.cz/login?redirect_params[action
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-01-12]
CHR Extension: (Dokumenty Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-12]
CHR Extension: (Disk Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-12]
CHR Extension: (YouTube) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-12]
CHR Extension: (Vyhledávání Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-12]
CHR Extension: (Tabulky Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-01-12]
CHR Extension: (Dokumenty Google offline) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-01-14]
CHR Extension: (Netpanel study) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kegdldmohomdaelnepdpbkdhfemobdgl [2015-11-25]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-24]
CHR Extension: (Gmail) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-12]
CHR HKU\S-1-5-21-314047092-3573663871-1605207054-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [kegdldmohomdaelnepdpbkdhfemobdgl] - hxxps://clients2.google.com/service/update2/crx

Opera:
=======
OPR Extension: (Výzkum NetMonitor) - C:\Users\Martin\AppData\Roaming\Opera Software\Opera Stable\Extensions\ojedjnlojkfjbmjlpknfclknchaenlpm [2015-12-01]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [216192 2012-08-31] (Qualcomm Atheros Commnucations) [File not signed]
R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2370240 2014-11-27] (Comodo Security Solutions, Inc.)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-07-30] (IObit)
R2 reaConverter_service; C:\Program Files (x86)\reaConverter 7 Standard\rc_service.exe [5750784 2015-09-17] (reaConverter LLC) [File not signed]
R2 StartMenuService; C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe [1055008 2015-03-13] (IObit)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2015-08-29] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-08-31] (Atheros) [File not signed]
S3 AdobeFlashPlayerUpdateSvc; no ImagePath

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 androidusb; C:\Windows\System32\Drivers\fxxandroidusb.sys [31744 2011-03-22] (Google Inc)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [61824 2012-08-05] (ASUS Corporation)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-08-31] (Qualcomm Atheros)
R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [117632 2013-06-01] (Microsoft Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3265256 2012-09-20] (Broadcom Corporation)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-04-27] (REALiX(tm))
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
S3 PCAMp50a64; C:\Windows\System32\Drivers\PCAMp50a64.sys [43328 2006-11-28] (Printing Communications Assoc., Inc. (PCAUSA))
S3 PCASp50a64; C:\Windows\System32\Drivers\PCASp50a64.sys [41280 2006-11-28] (Printing Communications Assoc., Inc. (PCAUSA))
S3 qcusbser; C:\Windows\system32\DRIVERS\FXX\qcusbser.sys [364288 2011-03-22] (QUALCOMM Incorporated)
S3 ssudobex; C:\Windows\system32\DRIVERS\ssudobex.sys [204568 2013-10-28] (DEVGURU Co., LTD.(http://www.devguru.co.kr))
S3 usbrndis6; C:\Windows\system32\DRIVERS\usb80236.sys [20992 2013-02-12] (Microsoft Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44560 2015-08-29] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [281944 2015-08-29] (Microsoft Corporation)
S3 wmbclass; C:\Windows\system32\DRIVERS\wmbclass.sys [230912 2013-04-09] (Microsoft Corporation)
U0 msahci; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-20 20:19 - 2016-01-20 20:19 - 00039581 _____ C:\Users\Martin\Desktop\FRST2.txt
2016-01-20 20:18 - 2016-01-20 20:18 - 00000342 _____ C:\Users\Martin\Desktop\Addition.txt
2016-01-20 20:17 - 2016-01-20 20:19 - 00024767 _____ C:\Users\Martin\Desktop\FRST.txt
2016-01-20 20:16 - 2016-01-20 20:16 - 00015327 _____ C:\Users\Martin\Desktop\LM.bat
2016-01-20 19:18 - 2016-01-20 19:18 - 01505280 _____ C:\Users\Martin\Downloads\adwcleaner_5.030.exe
2016-01-20 19:15 - 2016-01-20 19:18 - 00000000 ____D C:\AdwCleaner
2016-01-20 19:13 - 2016-01-20 19:13 - 01505280 _____ C:\Users\Martin\Desktop\adwcleaner_5.030.exe
2016-01-20 18:44 - 2016-01-20 18:45 - 00000000 ____D C:\PO
2016-01-20 18:22 - 2016-01-20 20:16 - 00029696 _____ C:\Users\Martin\AppData\Local\MSGBOX.EXE
2016-01-20 18:21 - 2016-01-20 18:22 - 00112640 _____ (forum.viry.cz) C:\Users\Martin\Desktop\FRSTLauncher.exe
2016-01-20 18:16 - 2016-01-20 18:19 - 00048419 _____ C:\Users\Martin\Downloads\Addition.txt
2016-01-20 18:15 - 2016-01-20 18:15 - 00112640 _____ (forum.viry.cz) C:\Users\Martin\Downloads\Nepotvrzeno 860961.crdownload
2016-01-20 18:14 - 2016-01-20 18:19 - 00050236 _____ C:\Users\Martin\Downloads\FRST.txt
2016-01-20 18:13 - 2016-01-20 20:19 - 00000000 ____D C:\FRST
2016-01-20 18:12 - 2016-01-20 18:12 - 02370560 _____ (Farbar) C:\Users\Martin\Desktop\FRST64.exe
2016-01-19 23:09 - 2016-01-20 00:59 - 1985714086 _____ C:\Users\Martin\Desktop\Šílení---Lunacy-2005,-EN-tit---CZ.mkv
2016-01-19 09:05 - 2016-01-19 09:46 - 731945434 _____ C:\Users\Martin\Downloads\Koleje-osudu---2013-cz-tit.drama-p.p.avi
2016-01-15 21:24 - 2016-01-15 21:24 - 00003842 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1412882589
2016-01-15 21:24 - 2016-01-15 21:24 - 00001053 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-01-06 23:41 - 2016-01-20 19:24 - 04950064 _____ C:\Windows\system32\FNTCACHE.DAT
2016-01-05 11:11 - 2016-01-02 15:54 - 00826328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-01-05 11:11 - 2016-01-02 15:54 - 00176096 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-01-02 14:01 - 2016-01-02 14:01 - 00951808 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2016-01-02 14:01 - 2016-01-02 14:01 - 00601088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2016-01-02 14:01 - 2016-01-02 14:01 - 00478280 _____ C:\Windows\SysWOW64\locale.nls
2016-01-02 14:01 - 2016-01-02 14:01 - 00478280 _____ C:\Windows\system32\locale.nls
2016-01-02 14:01 - 2016-01-02 14:01 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2016-01-02 14:01 - 2016-01-02 14:01 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2016-01-02 14:01 - 2016-01-02 14:01 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2016-01-02 14:01 - 2016-01-02 14:01 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2016-01-02 14:01 - 2016-01-02 14:01 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2016-01-02 14:01 - 2016-01-02 14:01 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2016-01-02 12:50 - 2016-01-02 12:50 - 04063232 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-01-02 12:50 - 2016-01-02 12:50 - 01840640 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-01-02 12:50 - 2016-01-02 12:50 - 01680384 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2016-01-02 12:50 - 2016-01-02 12:50 - 01426944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2016-01-02 12:50 - 2016-01-02 12:50 - 01412608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2016-01-02 12:50 - 2016-01-02 12:50 - 01341952 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-01-02 12:50 - 2016-01-02 12:50 - 01280000 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-01-02 12:50 - 2016-01-02 12:50 - 01126912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-01-02 12:39 - 2016-01-02 12:39 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2016-01-02 12:34 - 2016-01-02 12:34 - 06970712 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-01-02 12:34 - 2016-01-02 12:34 - 01821192 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-01-02 12:34 - 2016-01-02 12:34 - 01637376 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2016-01-02 12:34 - 2016-01-02 12:34 - 01410000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-01-02 12:34 - 2016-01-02 12:34 - 01282560 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-01-02 12:34 - 2016-01-02 12:34 - 01223168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2016-01-02 12:34 - 2016-01-02 12:34 - 01043968 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2016-01-02 12:34 - 2016-01-02 12:34 - 00961536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2016-01-02 12:34 - 2016-01-02 12:34 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-01-02 12:34 - 2016-01-02 12:34 - 00668160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-01-02 12:34 - 2016-01-02 12:34 - 00588800 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2016-01-02 12:34 - 2016-01-02 12:34 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2016-01-02 12:34 - 2016-01-02 12:34 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2016-01-02 12:34 - 2016-01-02 12:34 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2016-01-02 12:34 - 2016-01-02 12:34 - 00439808 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2016-01-02 12:34 - 2016-01-02 12:34 - 00384512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2016-01-02 12:34 - 2016-01-02 12:34 - 00318464 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-01-02 12:34 - 2016-01-02 12:34 - 00273920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-01-02 12:34 - 2016-01-02 12:34 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-01-02 12:34 - 2016-01-02 12:34 - 00178688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-01-02 12:34 - 2016-01-02 12:34 - 00171864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-01-02 12:34 - 2016-01-02 12:34 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-01-02 12:34 - 2016-01-02 12:34 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-01-02 12:34 - 2016-01-02 12:34 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-01-02 12:34 - 2016-01-02 12:34 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-01-02 12:34 - 2016-01-02 12:34 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-01-02 10:42 - 2016-01-02 10:42 - 19778048 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-01-02 10:42 - 2016-01-02 10:42 - 17562112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-12-30 10:43 - 2015-12-30 10:43 - 00000012 _____ C:\Users\Martin\Desktop\Nový textový dokument (2).txt
2015-12-28 00:14 - 2015-12-28 00:15 - 00000000 ____D C:\Users\Martin\AppData\Local\UmmyVideoDownloader
2015-12-28 00:14 - 2015-12-28 00:14 - 00001229 _____ C:\Users\Public\Desktop\UmmyVideoDownloader.lnk
2015-12-28 00:14 - 2015-12-28 00:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UmmyVideoDownloader
2015-12-28 00:12 - 2015-12-28 00:12 - 16324116 _____ C:\Users\Martin\Desktop\✐Emma Drobná Čerešně SuperStar✐.mp4

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-20 20:19 - 2013-04-07 19:58 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Skype
2016-01-20 20:18 - 2013-03-09 11:41 - 00000000 ____D C:\Users\Martin\AppData\Local\CrashDumps
2016-01-20 20:11 - 2015-12-05 20:06 - 00000974 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-20 20:11 - 2015-12-05 20:06 - 00000970 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-20 19:39 - 2013-03-21 15:21 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-01-20 19:31 - 2013-03-09 10:24 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Dropbox
2016-01-20 19:29 - 2015-06-18 12:19 - 00000936 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-314047092-3573663871-1605207054-1002UA.job
2016-01-20 19:28 - 2013-03-08 19:43 - 00000408 _____ C:\Users\Martin\AppData\Roaming\sp_data.sys
2016-01-20 19:25 - 2013-10-17 00:21 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2016-01-20 19:25 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\tracing
2016-01-20 19:25 - 2012-07-26 08:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-20 19:24 - 2012-10-31 01:16 - 00000000 ____D C:\ProgramData\NVIDIA
2016-01-20 19:24 - 2012-07-26 06:37 - 00000000 ____D C:\Windows
2016-01-20 19:19 - 2013-03-08 19:37 - 00000000 ____D C:\Users\Martin
2016-01-20 18:45 - 2013-04-05 16:45 - 03613696 ___SH C:\Users\Martin\Downloads\Thumbs.db
2016-01-20 18:01 - 2013-03-19 22:53 - 00504832 ___SH C:\Users\Martin\Desktop\Thumbs.db
2016-01-19 23:17 - 2013-03-10 12:45 - 00000000 ____D C:\Users\Martin\AppData\Roaming\vlc
2016-01-19 22:29 - 2015-06-18 12:19 - 00000884 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-314047092-3573663871-1605207054-1002Core.job
2016-01-17 23:54 - 2012-08-02 19:06 - 04875488 _____ C:\Windows\system32\perfh005.dat
2016-01-17 23:54 - 2012-08-02 19:06 - 01483398 _____ C:\Windows\system32\perfc005.dat
2016-01-17 23:54 - 2012-07-26 08:28 - 00005430 _____ C:\Windows\system32\PerfStringBackup.INI
2016-01-16 11:16 - 2015-01-19 12:02 - 00000000 ____D C:\ProgramData\ProductData
2016-01-15 22:51 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\AUInstallAgent
2016-01-15 22:49 - 2012-07-26 09:12 - 00000000 ___HD C:\Program Files\WindowsApps
2016-01-15 22:36 - 2014-09-28 15:31 - 00287744 ___SH C:\Users\Martin\Documents\Thumbs.db
2016-01-15 21:24 - 2014-10-09 20:23 - 00000000 ____D C:\Program Files (x86)\Opera
2016-01-15 12:14 - 2015-06-07 19:35 - 00002185 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-01-14 11:08 - 2013-09-15 23:06 - 00000000 ____D C:\Program Files (x86)\IObit
2016-01-14 11:01 - 2013-11-14 00:39 - 00000000 ____D C:\Users\Martin\AppData\Local\ElevatedDiagnostics
2016-01-14 00:27 - 2012-07-26 06:37 - 00000000 ____D C:\Windows\Inf
2016-01-13 23:34 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\rescache
2016-01-08 22:50 - 2015-02-19 12:45 - 00000000 ____D C:\Program Files\NetSoftware
2016-01-08 22:34 - 2015-02-19 12:45 - 00000000 ____D C:\ProgramData\NetSoftware
2016-01-08 18:53 - 2014-12-02 01:21 - 00000000 ____D C:\Users\Martin\AppData\Roaming\emp4_4
2016-01-08 12:04 - 2015-09-07 20:46 - 00000000 ____D C:\Users\Martin\Desktop\Tor Browser
2016-01-05 11:28 - 2013-03-21 15:21 - 00003802 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-01-05 11:07 - 2012-07-26 09:12 - 00000000 ___RD C:\Windows\ToastData
2016-01-02 15:55 - 2012-07-26 08:59 - 00000000 ____D C:\Windows\CbsTemp
2015-12-27 12:08 - 2013-03-09 12:45 - 00000000 ____D C:\Users\Martin\PRACE
2015-12-27 12:00 - 2013-11-29 14:08 - 00012800 ___SH C:\Users\Martin\Thumbs.db
2015-12-21 09:11 - 2013-09-15 23:06 - 00000000 ____D C:\ProgramData\IObit
2015-12-21 01:48 - 2012-07-26 06:26 - 00262144 ___SH C:\Windows\system32\config\BBI

==================== Files in the root of some directories =======

2014-09-29 15:05 - 2012-04-25 14:19 - 2249352 _____ (Adobe Systems, Incorporated) C:\Program Files\amtlib.dll
2013-06-20 13:15 - 2015-07-17 21:20 - 0000132 _____ () C:\Users\Martin\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2014-01-22 20:47 - 2014-01-22 20:47 - 0000021 _____ () C:\Users\Martin\AppData\Roaming\my_intel.sys
2013-03-08 19:43 - 2016-01-20 19:28 - 0000408 _____ () C:\Users\Martin\AppData\Roaming\sp_data.sys
2013-06-11 18:44 - 2014-06-25 19:14 - 0001480 _____ () C:\Users\Martin\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2016-01-20 18:22 - 2016-01-20 20:16 - 0029696 _____ () C:\Users\Martin\AppData\Local\MSGBOX.EXE
2013-06-06 12:13 - 2013-06-06 12:13 - 0000057 _____ () C:\ProgramData\Ament.ini
2012-08-04 18:37 - 2012-07-30 07:03 - 0000217 _____ () C:\ProgramData\SetStretch.cmd
2012-08-04 18:37 - 2009-07-22 11:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2013-03-09 11:50 - 2013-03-09 11:51 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2013-03-09 11:49 - 2013-03-09 11:50 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log

Files to move or delete:
====================
C:\Users\Martin\gosetup.exe


Some files in TEMP:
====================
C:\Users\Martin\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-01-12 11:03

==================== End of FRST.txt ============================

Re: Problémy s notebookem

Napsal: 20 led 2016 21:27
od Rudy
Otevřte poznámkový blok a zkopírujte do něj:
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [224128 2014-06-16] (Oracle Corporation)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-314047092-3573663871-1605207054-1002\...\MountPoints2: {458ed5f7-a9a0-11e2-be86-dc85de6a2b0c} - "F:\setup_vmc_lite.exe" /checkApplicationPresence
HKU\S-1-5-21-314047092-3573663871-1605207054-1002\...\MountPoints2: {458ed6de-a9a0-11e2-be86-dc85de6a2b0c} - "F:\setup_vmc_lite.exe" /checkApplicationPresence
HKU\S-1-5-21-314047092-3573663871-1605207054-1002\...\MountPoints2: {458ed70a-a9a0-11e2-be86-dc85de6a2b0c} - "F:\setup_vmc_lite.exe" /checkApplicationPresence
HKU\S-1-5-21-314047092-3573663871-1605207054-1002\...\MountPoints2: {458ed715-a9a0-11e2-be86-dc85de6a2b0c} - "F:\setup_vmc_lite.exe" /checkApplicationPresence
HKU\S-1-5-21-314047092-3573663871-1605207054-1002\...\MountPoints2: {5049a711-b7ce-11e2-be8c-dc85de6a2b0c} - "F:\setup_vmc_lite.exe" /checkApplicationPresence
HKU\S-1-5-21-314047092-3573663871-1605207054-1002\...\MountPoints2: {5049a71f-b7ce-11e2-be8c-dc85de6a2b0c} - "F:\setup_vmc_lite.exe" /checkApplicationPresence
HKU\S-1-5-21-314047092-3573663871-1605207054-1002\...\MountPoints2: {5a88e657-f8b3-11e3-bee6-dc85de6a2b0c} - "F:\Setup.exe"
HKU\S-1-5-21-314047092-3573663871-1605207054-1002\...\MountPoints2: {e063179e-b15b-11e4-bf16-dc85de6a2b0c} - "F:\LGAutoRun.exe"
HKU\S-1-5-21-314047092-3573663871-1605207054-1002\...\MountPoints2: {e84f7627-4639-11e4-bf01-dc85de6a2b0c} - "F:\Startme.exe"
HKU\S-1-5-21-314047092-3573663871-1605207054-1002\...\MountPoints2: {e92697d4-3acf-11e4-befb-dc85de6a2b0c} - "F:\TVRadio.EXE"
HKU\S-1-5-21-314047092-3573663871-1605207054-1002\...\MountPoints2: {ede346cc-91b7-11e2-be81-dc85de6a2b0c} - "G:\Autorun\autorun.exe"
HKU\S-1-5-21-314047092-3573663871-1605207054-1002\...\MountPoints2: {fed2a955-6a31-11e3-bec2-dc85de6a2b0c} - "I:\HTC_Sync_Manager_PC.exe"
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
U0 msahci; no ImagePath
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Users\Martin\gosetup.exe
C:\Users\Martin\AppData\Local\Temp
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: Problémy s notebookem

Napsal: 20 led 2016 21:41
od marhop
Fix result of Farbar Recovery Scan Tool (x64) Version:18-01-2016
Ran by Martin (2016-01-20 21:52:04) Run:1
Running from C:\Users\Martin\Desktop
Loaded Profiles: UpdatusUser & Martin (Available Profiles: UpdatusUser & Martin)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [224128 2014-06-16] (Oracle Corporation)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-314047092-3573663871-1605207054-1002\...\MountPoints2: {458ed5f7-a9a0-11e2-be86-dc85de6a2b0c} - "F:\setup_vmc_lite.exe" /checkApplicationPresence
HKU\S-1-5-21-314047092-3573663871-1605207054-1002\...\MountPoints2: {458ed6de-a9a0-11e2-be86-dc85de6a2b0c} - "F:\setup_vmc_lite.exe" /checkApplicationPresence
HKU\S-1-5-21-314047092-3573663871-1605207054-1002\...\MountPoints2: {458ed70a-a9a0-11e2-be86-dc85de6a2b0c} - "F:\setup_vmc_lite.exe" /checkApplicationPresence
HKU\S-1-5-21-314047092-3573663871-1605207054-1002\...\MountPoints2: {458ed715-a9a0-11e2-be86-dc85de6a2b0c} - "F:\setup_vmc_lite.exe" /checkApplicationPresence
HKU\S-1-5-21-314047092-3573663871-1605207054-1002\...\MountPoints2: {5049a711-b7ce-11e2-be8c-dc85de6a2b0c} - "F:\setup_vmc_lite.exe" /checkApplicationPresence
HKU\S-1-5-21-314047092-3573663871-1605207054-1002\...\MountPoints2: {5049a71f-b7ce-11e2-be8c-dc85de6a2b0c} - "F:\setup_vmc_lite.exe" /checkApplicationPresence
HKU\S-1-5-21-314047092-3573663871-1605207054-1002\...\MountPoints2: {5a88e657-f8b3-11e3-bee6-dc85de6a2b0c} - "F:\Setup.exe"
HKU\S-1-5-21-314047092-3573663871-1605207054-1002\...\MountPoints2: {e063179e-b15b-11e4-bf16-dc85de6a2b0c} - "F:\LGAutoRun.exe"
HKU\S-1-5-21-314047092-3573663871-1605207054-1002\...\MountPoints2: {e84f7627-4639-11e4-bf01-dc85de6a2b0c} - "F:\Startme.exe"
HKU\S-1-5-21-314047092-3573663871-1605207054-1002\...\MountPoints2: {e92697d4-3acf-11e4-befb-dc85de6a2b0c} - "F:\TVRadio.EXE"
HKU\S-1-5-21-314047092-3573663871-1605207054-1002\...\MountPoints2: {ede346cc-91b7-11e2-be81-dc85de6a2b0c} - "G:\Autorun\autorun.exe"
HKU\S-1-5-21-314047092-3573663871-1605207054-1002\...\MountPoints2: {fed2a955-6a31-11e3-bec2-dc85de6a2b0c} - "I:\HTC_Sync_Manager_PC.exe"
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
U0 msahci; no ImagePath
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Users\Martin\gosetup.exe
C:\Users\Martin\AppData\Local\Temp
End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
"HKU\S-1-5-21-314047092-3573663871-1605207054-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{458ed5f7-a9a0-11e2-be86-dc85de6a2b0c}" => key removed successfully
HKCR\CLSID\{458ed5f7-a9a0-11e2-be86-dc85de6a2b0c} => key not found.
"HKU\S-1-5-21-314047092-3573663871-1605207054-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{458ed6de-a9a0-11e2-be86-dc85de6a2b0c}" => key removed successfully
HKCR\CLSID\{458ed6de-a9a0-11e2-be86-dc85de6a2b0c} => key not found.
"HKU\S-1-5-21-314047092-3573663871-1605207054-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{458ed70a-a9a0-11e2-be86-dc85de6a2b0c}" => key removed successfully
HKCR\CLSID\{458ed70a-a9a0-11e2-be86-dc85de6a2b0c} => key not found.
"HKU\S-1-5-21-314047092-3573663871-1605207054-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{458ed715-a9a0-11e2-be86-dc85de6a2b0c}" => key removed successfully
HKCR\CLSID\{458ed715-a9a0-11e2-be86-dc85de6a2b0c} => key not found.
"HKU\S-1-5-21-314047092-3573663871-1605207054-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5049a711-b7ce-11e2-be8c-dc85de6a2b0c}" => key removed successfully
HKCR\CLSID\{5049a711-b7ce-11e2-be8c-dc85de6a2b0c} => key not found.
"HKU\S-1-5-21-314047092-3573663871-1605207054-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5049a71f-b7ce-11e2-be8c-dc85de6a2b0c}" => key removed successfully
HKCR\CLSID\{5049a71f-b7ce-11e2-be8c-dc85de6a2b0c} => key not found.
"HKU\S-1-5-21-314047092-3573663871-1605207054-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5a88e657-f8b3-11e3-bee6-dc85de6a2b0c}" => key removed successfully
HKCR\CLSID\{5a88e657-f8b3-11e3-bee6-dc85de6a2b0c} => key not found.
"HKU\S-1-5-21-314047092-3573663871-1605207054-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e063179e-b15b-11e4-bf16-dc85de6a2b0c}" => key removed successfully
HKCR\CLSID\{e063179e-b15b-11e4-bf16-dc85de6a2b0c} => key not found.
"HKU\S-1-5-21-314047092-3573663871-1605207054-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e84f7627-4639-11e4-bf01-dc85de6a2b0c}" => key removed successfully
HKCR\CLSID\{e84f7627-4639-11e4-bf01-dc85de6a2b0c} => key not found.
"HKU\S-1-5-21-314047092-3573663871-1605207054-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e92697d4-3acf-11e4-befb-dc85de6a2b0c}" => key removed successfully
HKCR\CLSID\{e92697d4-3acf-11e4-befb-dc85de6a2b0c} => key not found.
"HKU\S-1-5-21-314047092-3573663871-1605207054-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ede346cc-91b7-11e2-be81-dc85de6a2b0c}" => key removed successfully
HKCR\CLSID\{ede346cc-91b7-11e2-be81-dc85de6a2b0c} => key not found.
"HKU\S-1-5-21-314047092-3573663871-1605207054-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fed2a955-6a31-11e3-bec2-dc85de6a2b0c}" => key removed successfully
HKCR\CLSID\{fed2a955-6a31-11e3-bec2-dc85de6a2b0c} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive1" => key removed successfully
HKCR\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive2" => key removed successfully
HKCR\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive3" => key removed successfully
HKCR\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt1" => key removed successfully
HKCR\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt2" => key removed successfully
HKCR\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt3" => key removed successfully
HKCR\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt4" => key removed successfully
HKCR\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive1" => key removed successfully
HKCR\Wow6432Node\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive2" => key removed successfully
HKCR\Wow6432Node\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive3" => key removed successfully
HKCR\Wow6432Node\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt1" => key removed successfully
HKCR\Wow6432Node\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt2" => key removed successfully
HKCR\Wow6432Node\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt3" => key removed successfully
HKCR\Wow6432Node\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => key not found.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
msahci => service removed successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Users\Martin\gosetup.exe => moved successfully

"C:\Users\Martin\AppData\Local\Temp" folder move:

Could not move "C:\Users\Martin\AppData\Local\Temp" => Scheduled to move on reboot.


Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2016-01-20 21:55:04)

C:\Users\Martin\AppData\Local\Temp => moved successfully

==== End of Fixlog 21:55:05 ====

Re: Problémy s notebookem

Napsal: 20 led 2016 22:22
od Rudy
Smazáno. Nastala nějaká změna?

Re: Problémy s notebookem

Napsal: 20 led 2016 22:37
od marhop
Zdá se, že ano, počítač se zrychlil.
Jaký druh havěti jsem tam měl?
Každopádně moc děkuji za pomoc.

Re: Problémy s notebookem

Napsal: 21 led 2016 17:38
od Rudy
Jen AdWary a zbytečnosti. Rádo se stalo! :)

Re: Problémy s notebookem

Napsal: 21 led 2016 18:18
od marhop
Díky moc.
Můžu se zeptat ještě na jednu radu? Dá se poznat nějaký keylogger nebo sledovací program v mém počítači?
Mám podezřejní, ale slyšel jsem, že profi programy (např. od policie) se dají úplně utajit a pomůže jen formát disku.

Re: Problémy s notebookem

Napsal: 21 led 2016 18:40
od Rudy
Běžný keylogger odhalí antivirus (samozřejmě musí být aktuální). Jaké speciální programy používá sw policie, nevím. Určitě to bude předmětem utajení. Co ale vím jistě, pokud takový program použije, potom je to na některý zvláště exponovaný PC. Určitě to nebudou běžná uživatelská PC v domácnostech. Na takové vstupuje jen na soudní příkaz.
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz