Prosím o kontrolu

Zpráva

Vlcacka · #1 Příspěvek od **Vlcacka** » 10 kvě 2016 17:19

Krásný den přeji, mám problém. Když probudím počítač z režimu spánku, nechtějí mu fungovat lišty na boku internetových oken a přes dlaždicové menu se sice dostanu do nastavení, ale na konkrétní položky už ne, jsou jakoby "mrtvé". Po restartu většinou ožije. Tak nevím, jestli je to problém viru nebo nějakého chybějícího modulu či co. Zde log z RSIT.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Vendy at 2016-05-10 18:03:30
Microsoft Windows 8.1 with Bing
System drive C: has 110 GB (25%) free of 435 GB
Total RAM: 3979 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:03:40, on 10. 5. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Users\Vendy\AppData\Local\Microsoft\BingSvc\BingSvc.exe
C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
C:\Program Files\trend micro\Vendy.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Catered to You - {b90183ad-1cf4-4d7b-9461-b89083957547} - (no file)
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [BingSvc] C:\Users\Vendy\AppData\Local\Microsoft\BingSvc\BingSvc.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
O4 - Startup: Odeslat do OneNote.lnk = C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files (x86)\PokerStars.NET\PokerStarsUpdate.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: DeskTop DispalyName (DeskTop_F) - DeskTopService - C:\ProgramData\desktopfind\desktop244.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @oem8.inf,%WIN32_DPTF_PARTICIPANT_PROC_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform and Thermal Framework Processor Participant Service Application (DptfParticipantAcpiProcessorService) - Unknown owner - C:\windows\system32\DptfParticipantProcessorService.exe (file missing)
O23 - Service: @oem8.inf,%WIN32_DPTF_POLICY_CRITICAL_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform and Thermal Framework Critical Service Application (DptfPolicyCriticalService) - Unknown owner - C:\windows\system32\DptfPolicyCriticalService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: ggbugreport - Unknown owner - C:\Program Files (x86)\SearchesToYesbnd\bugreport.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\windows\system32\igfxCUIService.exe (file missing)
O23 - Service: IhPul - tsvr.com - C:\Users\Vendy\AppData\Roaming\TSv\TSvr.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo EasyPlus Hotspot - Lenovo - C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe
O23 - Service: Lenovo System Agent Service - LENOVO INCORPORATED. - C:\Program Files\Lenovo\iMController\SystemAgentService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: VeriFaceSrv - Unknown owner - C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: Winsere - Unknown owner - C:\Program Files (x86)\Winsere\Winsere\Winsere.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 10667 bytes

======Listing Processes======

wininit.exe

C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\igfxCUIService.exe
C:\windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
C:\windows\System32\svchost.exe -k utcsvc
C:\windows\system32\DptfParticipantProcessorService.exe
C:\windows\system32\DptfPolicyCriticalService.exe
"C:\Program Files\Elantech\ETDService.exe"
C:\Users\Vendy\AppData\Roaming\TSv\TSvr.exe
"C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe"
"C:\Program Files\Lenovo\iMController\SystemAgentService.exe"
"C:\Program Files\CyberLink\Shared files\RichVideo64.exe"
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe"
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe"
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc

C:\windows\System32\WinLogon.exe -SpecialSession
-hiberboot
"C:\Program Files\Elantech\ETDCtrl.exe"
C:\windows\Explorer.EXE
taskhostex.exe
igfxHK.exe
"C:\windows\system32\igfxEM.exe" -Embedding
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files\Elantech\ETDIntelligent.exe"
/QuitInfo:0000000000000FAC;0000000000000FC0;
/loadhooks /Parent:0000000000000c6c
C:\Windows\System32\skydrive.exe -Embedding
"C:\windows\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
"C:\windows\system32\GWX\GWX.exe"
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_DOLBYDRAGON
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_MICPKEY
"C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe"
"C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe"
"C:\Users\Vendy\AppData\Local\Microsoft\BingSvc\BingSvc.exe"
"C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE" /tsr
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
C:\windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE" "C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE" -Embedding
"C:\Users\Vendy\AppData\Local\Apps\2.0\OLM4O8B3.WKT\2L8M9P4H.Y13\lsb...tion_91a10ba61c75c82d_0001.0005_a24d0d716055ed94\LSB.exe"

C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
dashost.exe {0e62a1dd-b7ee-4cd8-9726428905742033}
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-b572f966-5ae2-489d-86dd-203191ce2563 -SystemEventPortName:HostProcess-52d483a4-c155-4ce9-a6bf-4568e38b4897 -IoCancelEventPortName:HostProcess-5ac3df0f-942b-47ef-abdb-2d76b5b95e12 -NonStateChangingEventPortName:HostProcess-ff5c9061-ad38-4958-9679-12bc1689d69d -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:307d6b8e-ae48-4f91-ac04-b2a98ce6b57c -DeviceGroupId:WpdFsGroup
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-32b5c127-6b8a-4eda-af12-7d8c6592812f -SystemEventPortName:HostProcess-7c7bf117-3ee5-4f1c-b1d8-4e7649349b36 -IoCancelEventPortName:HostProcess-8480891b-a7f8-4dec-b793-f848f19e5d82 -NonStateChangingEventPortName:HostProcess-29a4d2fc-78d1-4105-ac1e-dd9251b95344 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:6828e319-6fe2-4e7d-91c2-c0a1afbbe4b2 -DeviceGroupId:WudfDefaultDevicePool
C:\windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
C:\windows\system32\msiexec.exe /V
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Users\Vendy\Downloads\RSITx64.exe"

C:\windows\system32\SearchIndexer.exe /Embedding

======Scheduled tasks folder======

C:\windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-03-15 228552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-03-25 901600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-04-29 2134648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-04-19 2348848]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-03-25 678656]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-04-29 1725056]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b90183ad-1cf4-4d7b-9461-b89083957547}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-03-21 13672304]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-04-07 1385840]
"RtHDVBg_LENOVO_DOLBYDRAGON"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-04-07 1385840]
"RtHDVBg_LENOVO_MICPKEY"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-04-07 1385840]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2014-04-02 3276104]
"Energy Manager"=C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [2014-10-11 16094704]
"Lenovo Utility"=C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [2014-10-11 10841584]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2014-03-25 134784]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BingSvc"=C:\Users\Vendy\AppData\Local\Microsoft\BingSvc\BingSvc.exe [2016-03-20 144008]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2016-03-01 4290240]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-03-25 7139256]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2014-03-25 134784]

C:\Users\Vendy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Odeslat do OneNote.lnk - C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McNaiAnn]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VDWFP]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableCAD"=1
"DisableTaskMgr"=0
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0
"NoFolderOptions"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave4"=wdmaud.drv
"mixer4"=wdmaud.drv
"midi4"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-05-10 18:03:31 ----D---- C:\Program Files\trend micro
2016-05-10 18:03:30 ----D---- C:\rsit
2016-04-25 19:05:04 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2016-04-25 19:02:53 ----SD---- C:\windows\SYSWOW64\Microsoft
2016-04-24 16:58:30 ----D---- C:\ProgramData\desktopfind
2016-04-23 22:53:23 ----D---- C:\Program Files (x86)\Electronic Arts
2016-04-18 19:52:25 ----D---- C:\Users\Vendy\AppData\Roaming\Mozilla
2016-04-14 07:55:42 ----D---- C:\Program Files (x86)\WinZipper
2016-04-14 07:55:38 ----D---- C:\Users\Vendy\AppData\Roaming\WinZiper
2016-04-14 07:55:38 ----D---- C:\Users\Vendy\AppData\Roaming\eCyber
2016-04-14 07:54:59 ----D---- C:\ProgramData\OwinpO
2016-04-14 07:54:55 ----D---- C:\Users\Vendy\AppData\Roaming\TSv
2016-04-14 07:54:54 ----D---- C:\Program Files (x86)\QQBrowser
2016-04-13 23:24:07 ----A---- C:\windows\system32\appraiser.dll
2016-04-13 23:24:06 ----A---- C:\windows\system32\invagent.dll
2016-04-13 23:24:06 ----A---- C:\windows\system32\generaltel.dll
2016-04-13 23:24:06 ----A---- C:\windows\system32\aepic.dll
2016-04-13 23:24:06 ----A---- C:\windows\system32\aeinv.dll
2016-04-13 23:24:05 ----A---- C:\windows\system32\devinv.dll
2016-04-13 23:24:05 ----A---- C:\windows\system32\CompatTelRunner.exe
2016-04-13 23:24:05 ----A---- C:\windows\system32\acmigration.dll
2016-04-13 23:24:02 ----A---- C:\windows\system32\drivers\IPMIDrv.sys
2016-04-13 23:24:00 ----A---- C:\windows\SYSWOW64\explorer.exe
2016-04-13 23:24:00 ----A---- C:\windows\explorer.exe
2016-04-13 23:23:59 ----A---- C:\windows\system32\SystemSettingsAdminFlowUI.dll
2016-04-13 23:23:59 ----A---- C:\windows\system32\shell32.dll
2016-04-13 23:23:57 ----A---- C:\windows\system32\twinui.dll
2016-04-13 23:23:52 ----A---- C:\windows\SYSWOW64\twinui.dll
2016-04-13 23:23:51 ----A---- C:\windows\SYSWOW64\shell32.dll
2016-04-13 23:23:50 ----A---- C:\windows\system32\ExplorerFrame.dll
2016-04-13 23:23:49 ----A---- C:\windows\SYSWOW64\ExplorerFrame.dll
2016-04-13 23:23:49 ----A---- C:\windows\system32\SystemSettingsAdminFlows.exe
2016-04-13 23:23:48 ----A---- C:\windows\SYSWOW64\twinui.appcore.dll
2016-04-13 23:23:48 ----A---- C:\windows\system32\twinui.appcore.dll
2016-04-13 23:23:48 ----A---- C:\windows\system32\SettingsHandlers.dll
2016-04-13 23:23:47 ----A---- C:\windows\SYSWOW64\AppxAllUserStore.dll
2016-04-13 23:23:47 ----A---- C:\windows\system32\SettingSyncHost.exe
2016-04-13 23:23:47 ----A---- C:\windows\system32\SettingSyncCore.dll
2016-04-13 23:23:47 ----A---- C:\windows\system32\SettingSync.dll
2016-04-13 23:23:47 ----A---- C:\windows\system32\AppxAllUserStore.dll
2016-04-13 23:23:46 ----A---- C:\windows\SYSWOW64\SettingSync.dll
2016-04-13 23:23:46 ----A---- C:\windows\system32\hgcpl.dll
2016-04-13 23:23:45 ----A---- C:\windows\SYSWOW64\SettingSyncCore.dll
2016-04-13 23:23:45 ----A---- C:\windows\system32\usercpl.dll
2016-04-13 23:23:45 ----A---- C:\windows\system32\AppXDeploymentExtensions.dll
2016-04-13 23:23:44 ----A---- C:\windows\SYSWOW64\usercpl.dll
2016-04-13 23:23:44 ----A---- C:\windows\SYSWOW64\themecpl.dll
2016-04-13 23:23:44 ----A---- C:\windows\SYSWOW64\stobject.dll
2016-04-13 23:23:44 ----A---- C:\windows\SYSWOW64\SettingSyncHost.exe
2016-04-13 23:23:44 ----A---- C:\windows\SYSWOW64\SettingMonitor.dll
2016-04-13 23:23:44 ----A---- C:\windows\SYSWOW64\hgcpl.dll
2016-04-13 23:23:44 ----A---- C:\windows\system32\themecpl.dll
2016-04-13 23:23:44 ----A---- C:\windows\system32\stobject.dll
2016-04-13 23:23:44 ----A---- C:\windows\system32\SettingMonitor.dll
2016-04-13 23:23:44 ----A---- C:\windows\system32\AppXDeploymentServer.dll
2016-04-13 23:23:41 ----A---- C:\windows\system32\winresume.exe
2016-04-13 23:23:41 ----A---- C:\windows\system32\winload.exe
2016-04-13 23:23:41 ----A---- C:\windows\system32\ntoskrnl.exe
2016-04-13 23:23:39 ----A---- C:\windows\SYSWOW64\KernelBase.dll
2016-04-13 23:23:39 ----A---- C:\windows\system32\mtxoci.dll
2016-04-13 23:23:39 ----A---- C:\windows\system32\KernelBase.dll
2016-04-13 23:23:36 ----A---- C:\windows\SYSWOW64\mtxoci.dll
2016-04-13 23:23:36 ----A---- C:\windows\SYSWOW64\msorcl32.dll
2016-04-13 23:23:30 ----A---- C:\windows\system32\drivers\vpci.sys
2016-04-13 23:23:28 ----A---- C:\windows\SYSWOW64\dhcpsapi.dll
2016-04-13 23:23:28 ----A---- C:\windows\system32\dhcpsapi.dll
2016-04-13 23:23:25 ----A---- C:\windows\system32\WindowsAnytimeUpgradeui.exe
2016-04-13 23:20:51 ----A---- C:\windows\SYSWOW64\mfmp4srcsnk.dll
2016-04-13 23:20:51 ----A---- C:\windows\system32\mfmp4srcsnk.dll
2016-04-13 23:20:50 ----A---- C:\windows\system32\drivers\rasl2tp.sys
2016-04-13 23:20:49 ----A---- C:\windows\system32\rpcss.dll
2016-04-13 23:20:48 ----A---- C:\windows\SYSWOW64\nshwfp.dll
2016-04-13 23:20:48 ----A---- C:\windows\SYSWOW64\FWPUCLNT.DLL
2016-04-13 23:20:48 ----A---- C:\windows\system32\nshwfp.dll
2016-04-13 23:20:48 ----A---- C:\windows\system32\IKEEXT.DLL
2016-04-13 23:20:48 ----A---- C:\windows\system32\FWPUCLNT.DLL
2016-04-13 23:20:48 ----A---- C:\windows\system32\BFE.DLL
2016-04-13 23:20:47 ----A---- C:\windows\system32\workfolderssvc.dll
2016-04-13 23:20:46 ----A---- C:\windows\system32\WorkfoldersControl.dll
2016-04-13 23:20:46 ----A---- C:\windows\system32\VSSVC.exe
2016-04-13 23:20:45 ----A---- C:\windows\system32\drivers\storport.sys
2016-04-13 23:20:44 ----A---- C:\windows\SYSWOW64\WsmWmiPl.dll
2016-04-13 23:20:44 ----A---- C:\windows\SYSWOW64\WsmSvc.dll
2016-04-13 23:20:44 ----A---- C:\windows\SYSWOW64\WsmAuto.dll
2016-04-13 23:20:44 ----A---- C:\windows\SYSWOW64\WsmAgent.dll
2016-04-13 23:20:44 ----A---- C:\windows\system32\WsmWmiPl.dll
2016-04-13 23:20:44 ----A---- C:\windows\system32\WsmSvc.dll
2016-04-13 23:20:44 ----A---- C:\windows\system32\WsmAuto.dll
2016-04-13 23:20:44 ----A---- C:\windows\system32\WsmAgent.dll
2016-04-13 23:20:42 ----A---- C:\windows\system32\storagewmi.dll
2016-04-13 23:20:41 ----A---- C:\windows\SYSWOW64\storagewmi.dll
2016-04-13 23:20:31 ----A---- C:\windows\system32\wbengine.exe
2016-04-13 23:20:30 ----A---- C:\windows\system32\drivers\volsnap.sys
2016-04-13 23:20:30 ----A---- C:\windows\system32\drivers\vhdmp.sys
2016-04-13 23:20:28 ----A---- C:\windows\system32\drivers\disk.sys
2016-04-13 22:58:14 ----A---- C:\windows\system32\basesrv.dll
2016-04-13 22:25:46 ----A---- C:\windows\system32\mshtml.dll
2016-04-13 22:25:44 ----A---- C:\windows\SYSWOW64\mshtml.dll
2016-04-13 22:25:40 ----A---- C:\windows\system32\ieframe.dll
2016-04-13 22:25:39 ----A---- C:\windows\SYSWOW64\ieframe.dll
2016-04-13 22:25:38 ----A---- C:\windows\system32\iertutil.dll
2016-04-13 22:25:37 ----A---- C:\windows\SYSWOW64\iertutil.dll
2016-04-13 22:25:37 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2016-04-13 22:25:37 ----A---- C:\windows\system32\wininet.dll
2016-04-13 22:25:37 ----A---- C:\windows\system32\jscript9.dll
2016-04-13 22:25:37 ----A---- C:\windows\system32\iedkcs32.dll
2016-04-13 22:25:36 ----A---- C:\windows\SYSWOW64\wininet.dll
2016-04-13 22:25:36 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2016-04-13 22:25:36 ----A---- C:\windows\system32\msfeeds.dll
2016-04-13 22:25:36 ----A---- C:\windows\system32\ie4uinit.exe
2016-04-13 22:25:34 ----A---- C:\windows\system32\urlmon.dll
2016-04-13 22:25:33 ----A---- C:\windows\SYSWOW64\urlmon.dll
2016-04-13 22:25:31 ----A---- C:\windows\SYSWOW64\webcheck.dll
2016-04-13 22:25:31 ----A---- C:\windows\SYSWOW64\jscript9.dll
2016-04-13 22:25:31 ----A---- C:\windows\SYSWOW64\inetcomm.dll
2016-04-13 22:25:31 ----A---- C:\windows\SYSWOW64\iepeers.dll
2016-04-13 22:25:31 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2016-04-13 22:25:31 ----A---- C:\windows\system32\webcheck.dll
2016-04-13 22:25:31 ----A---- C:\windows\system32\vbscript.dll
2016-04-13 22:25:31 ----A---- C:\windows\system32\mshtmled.dll
2016-04-13 22:25:31 ----A---- C:\windows\system32\jscript.dll
2016-04-13 22:25:31 ----A---- C:\windows\system32\inetcomm.dll
2016-04-13 22:25:31 ----A---- C:\windows\system32\iepeers.dll
2016-04-13 22:25:31 ----A---- C:\windows\system32\dxtrans.dll
2016-04-13 22:25:30 ----A---- C:\windows\SYSWOW64\vbscript.dll
2016-04-13 22:25:30 ----A---- C:\windows\SYSWOW64\jscript.dll
2016-04-13 22:25:30 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2016-04-13 22:25:30 ----A---- C:\windows\system32\ieapfltr.dll
2016-04-13 22:20:56 ----A---- C:\windows\system32\samsrv.dll
2016-04-13 22:20:56 ----A---- C:\windows\system32\lsasrv.dll
2016-04-13 22:20:56 ----A---- C:\windows\system32\certcli.dll
2016-04-13 22:20:55 ----A---- C:\windows\SYSWOW64\samlib.dll
2016-04-13 22:20:55 ----A---- C:\windows\SYSWOW64\certcli.dll
2016-04-13 22:20:55 ----A---- C:\windows\system32\samlib.dll
2016-04-13 22:20:55 ----A---- C:\windows\system32\drivers\mrxsmb20.sys
2016-04-13 22:20:55 ----A---- C:\windows\system32\drivers\mrxsmb10.sys
2016-04-13 22:20:55 ----A---- C:\windows\system32\drivers\mrxsmb.sys
2016-04-13 22:20:55 ----A---- C:\windows\system32\drivers\cng.sys
2016-04-13 22:20:41 ----A---- C:\windows\SYSWOW64\ole32.dll
2016-04-13 22:20:41 ----A---- C:\windows\system32\ole32.dll
2016-04-13 22:20:36 ----A---- C:\windows\SYSWOW64\msxml3.dll
2016-04-13 22:20:36 ----A---- C:\windows\system32\msxml3.dll
2016-04-13 22:20:17 ----A---- C:\windows\system32\win32k.sys

======List of files/folders modified in the last 1 month======

2016-05-10 18:03:37 ----D---- C:\windows\Prefetch
2016-05-10 18:03:31 ----RD---- C:\Program Files
2016-05-10 18:03:21 ----SHD---- C:\windows\Installer
2016-05-10 18:03:21 ----D---- C:\windows\Temp
2016-05-10 18:03:19 ----D---- C:\windows\system32\Tasks
2016-05-10 18:02:07 ----D---- C:\windows\SysWOW64
2016-05-10 18:00:00 ----D---- C:\windows\system32\sru
2016-05-10 13:30:44 ----RD---- C:\Program Files (x86)
2016-05-10 13:30:30 ----D---- C:\Program Files (x86)\Google
2016-05-10 12:18:47 ----D---- C:\windows\Inf
2016-05-10 08:03:26 ----D---- C:\ProgramData\Microsoft Help
2016-05-09 19:07:34 ----D---- C:\windows\system32\config
2016-05-09 18:54:04 ----D---- C:\windows\WinSxS
2016-05-09 18:52:42 ----D---- C:\windows\Microsoft.NET
2016-05-09 18:52:16 ----SD---- C:\windows\SYSWOW64\GWX
2016-05-09 18:52:16 ----SD---- C:\windows\system32\GWX
2016-05-09 18:51:42 ----D---- C:\windows\CbsTemp
2016-05-09 14:21:12 ----D---- C:\KMPlayer
2016-05-09 12:45:46 ----SHD---- C:\System Volume Information
2016-05-07 12:07:03 ----D---- C:\windows\system32\DriverStore
2016-05-07 12:02:32 ----D---- C:\windows\system32\appraiser
2016-05-07 10:25:38 ----D---- C:\Users\Vendy\AppData\Roaming\Skype
2016-05-06 07:00:27 ----RSD---- C:\windows\assembly
2016-05-06 07:00:17 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2016-05-06 06:57:23 ----D---- C:\Program Files\Microsoft Office 15
2016-05-05 21:28:49 ----RD---- C:\Program Files (x86)\Skype
2016-05-04 12:27:43 ----HD---- C:\Program Files\WindowsApps
2016-05-03 23:08:33 ----HD---- C:\ProgramData
2016-04-29 09:09:19 ----D---- C:\windows\rescache
2016-04-27 23:05:55 ----D---- C:\windows\AppReadiness
2016-04-25 19:08:55 ----RAD---- C:\windows\System32
2016-04-25 18:56:06 ----D---- C:\windows\system32\drivers
2016-04-25 18:56:06 ----D---- C:\windows\apppatch
2016-04-25 18:56:06 ----D---- C:\Program Files (x86)\Internet Explorer
2016-04-25 18:56:05 ----D---- C:\windows\SYSWOW64\en-US
2016-04-25 18:56:05 ----D---- C:\windows\SYSWOW64\cs-CZ
2016-04-25 18:56:05 ----D---- C:\Program Files\Internet Explorer
2016-04-25 18:56:04 ----D---- C:\windows\system32\en-US
2016-04-25 18:56:04 ----D---- C:\windows\system32\cs-CZ
2016-04-25 18:55:59 ----RD---- C:\windows\ToastData
2016-04-25 18:55:57 ----D---- C:\windows\system32\wbem
2016-04-25 18:55:57 ----AD---- C:\Windows
2016-04-25 18:55:52 ----D---- C:\windows\system32\Boot
2016-04-24 16:58:13 ----HD---- C:\windows\system32\GroupPolicy
2016-04-24 16:58:13 ----D---- C:\windows\SYSWOW64\GroupPolicy
2016-04-23 22:51:38 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2016-04-18 19:52:29 ----D---- C:\Program Files (x86)\SearchesToYesbnd
2016-04-18 19:50:36 ----D---- C:\windows\LiveKernelReports
2016-04-17 14:10:00 ----A---- C:\windows\system32\PerfStringBackup.INI
2016-04-13 23:55:42 ----D---- C:\windows\system32\MRT
2016-04-13 23:47:17 ----A---- C:\windows\system32\MRT.exe
2016-04-13 22:58:27 ----D---- C:\windows\system32\catroot2

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\windows\system32\drivers\aswRvrt.sys [2016-03-25 74544]
R0 aswVmm;avast! VM Monitor; C:\windows\system32\drivers\aswVmm.sys [2016-03-25 287016]
R0 BTATH_BUS;@oem14.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\windows\System32\drivers\btath_bus.sys [2014-03-25 35016]
R0 MBI;@oem5.inf,%MBI.SVCDESC%;Intel(R) Sideband Fabric Device Service; C:\windows\System32\drivers\MBI.sys [2013-10-10 29464]
R1 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr2.sys [2016-03-25 103064]
R1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys [2016-03-25 1070904]
R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2016-03-25 463744]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\windows\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R2 aswHwid;avast! HardwareID; C:\windows\system32\drivers\aswHwid.sys [2016-03-25 37656]
R2 aswMonFlt;aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [2016-03-25 107792]
R2 aswStm;aswStm; C:\windows\system32\drivers\aswStm.sys [2016-03-25 165344]
R2 atksgt;atksgt; C:\windows\system32\DRIVERS\atksgt.sys [2015-09-06 310728]
R2 lirsgt;lirsgt; C:\windows\system32\DRIVERS\lirsgt.sys [2015-09-06 42696]
R3 ACPIVPC;@oem20.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\windows\System32\drivers\AcpiVpc.sys [2014-10-11 35576]
R3 AthBTPort;@oem17.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\windows\system32\DRIVERS\btath_flt.sys [2014-03-25 89800]
R3 athr;@oem12.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athwbx.sys [2014-03-07 3892224]
R3 BTATH_A2DP;@oem16.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\windows\system32\drivers\btath_a2dp.sys [2014-03-25 355528]
R3 btath_avdt;@oem16.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\windows\system32\drivers\btath_avdt.sys [2014-03-25 118984]
R3 BTATH_HCRP;@oem19.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\windows\System32\drivers\btath_hcrp.sys [2014-03-25 179432]
R3 BTATH_LWFLT;@oem21.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\windows\system32\DRIVERS\btath_lwflt.sys [2014-03-25 77464]
R3 BTATH_RCP;@oem23.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\windows\System32\drivers\btath_rcp.sys [2014-03-25 137928]
R3 BtFilter;BtFilter; C:\windows\system32\DRIVERS\btfilter.sys [2014-03-25 599240]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\windows\System32\drivers\BthEnum.sys [2014-10-29 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\windows\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\windows\System32\drivers\bthpan.sys [2015-07-10 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\windows\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 DptfDevAcpiProc;DptfDevAcpiProc; C:\windows\system32\DRIVERS\DptfDevAcpiProc.sys [2013-09-17 198808]
R3 DptfManager;DptfManager; C:\windows\system32\DRIVERS\DptfManager.sys [2013-09-17 493240]
R3 dtlitescsibus;@oem50.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\windows\System32\drivers\dtlitescsibus.sys [2015-11-18 30264]
R3 dtliteusbbus;@oem46.inf,%DTLITEUSBBUS.DeviceDesc%;DAEMON Tools Lite Virtual USB Bus; C:\windows\System32\drivers\dtliteusbbus.sys [2016-04-04 47672]
R3 ETD;@oem13.inf,%PS2DeviceDesc%;ELAN PS/2 Port Input Device; C:\windows\system32\DRIVERS\ETD.sys [2014-04-01 401160]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2014-03-31 3785216]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2014-04-08 3917272]
R3 IntcDAud;@oem3.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2014-03-31 450520]
R3 iwdbus;@oem7.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\windows\System32\drivers\iwdbus.sys [2014-03-26 27032]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 RSUSBVSTOR;@oem10.inf,%RSUSBVSTOR.SvcDesc%;RtsUVStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUVStor.sys [2013-07-09 329944]
R3 RTL8168;@oem11.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\windows\system32\DRIVERS\Rt630x64.sys [2014-03-17 843480]
R3 TXEIx64;@oem2.inf,%TEE_SvcDesc%;Intel(R) Trusted Execution Engine Interface ; C:\windows\System32\drivers\TXEIx64.sys [2014-01-15 88592]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\windows\System32\Drivers\usbvideo.sys [2014-06-21 212736]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\windows\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S0 mfeelamk;McAfee Inc. mfeelamk; C:\windows\system32\drivers\mfeelamk.sys [2015-07-02 80920]
S3 AX88772;@netax88772.inf,%AX88772.DeviceDesc%;ASIX AX88772 USB2.0 to Fast Ethernet Adapter; C:\windows\system32\DRIVERS\ax88772.sys [2013-07-18 113864]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\windows\System32\Drivers\BTHport.sys [2015-05-11 1201664]
S3 dg_ssudbus;@oem43.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudbus.sys [2015-12-08 122160]
S3 e1iexpress;@net1ic64.inf,%e1iExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\windows\system32\DRIVERS\e1i63x64.sys [2013-06-18 460288]
S3 intaud_WaveExtensible;@oem6.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\windows\system32\drivers\intelaud.sys [2014-03-26 38296]
S3 NETwNe64;@netwew02.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit; C:\windows\system32\DRIVERS\NETwew02.sys [2013-06-18 4649440]
S3 ssudmdm;@oem32.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 usb_rndisx;@netrndis.inf,%usb_rndis.Service.DispName%;USB RNDIS Adapter; C:\windows\System32\drivers\usb8023x.sys [2015-04-25 20992]
S4 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-04-22 82128]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2014-03-25 319104]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-03-25 237096]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2016-04-29 1433216]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2016-04-29 1773696]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2016-03-08 2829552]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\windows\System32\svchost.exe [2014-10-29 38792]
R2 DptfParticipantAcpiProcessorService;@oem8.inf,%WIN32_DPTF_PARTICIPANT_PROC_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform and Thermal Framework Processor Participant Service Application; C:\windows\system32\DptfParticipantProcessorService.exe [2013-09-17 117704]
R2 DptfPolicyCriticalService;@oem8.inf,%WIN32_DPTF_POLICY_CRITICAL_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform and Thermal Framework Critical Service Application; C:\windows\system32\DptfPolicyCriticalService.exe [2013-09-17 150760]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2013-10-15 101680]
R2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-27 144200]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\windows\system32\igfxCUIService.exe [2014-04-09 296432]
R2 IhPul;IhPul; C:\Users\Vendy\AppData\Roaming\TSv\TSvr.exe [2016-04-13 359680]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [2013-07-02 733696]
R2 Lenovo System Agent Service;Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [2014-05-22 584960]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2012-04-24 390632]
R2 VeriFaceSrv;VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe [2014-10-11 68368]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2016-03-01 1444544]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-03-18 43696]
S2 DeskTop_F;DeskTop DispalyName; C:\ProgramData\desktopfind\desktop244.exe [2016-03-16 236728]
S2 ggbugreport;ggbugreport; C:\Program Files (x86)\SearchesToYesbnd\bugreport.exe [2016-03-29 1609280]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-03-23 327808]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\windows\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\windows\SysWow64\IntelCpHeciSvc.exe [2014-04-09 279024]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-27 144200]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [2013-07-02 822232]
S3 Lenovo EasyPlus Hotspot;Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [2014-06-03 533760]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2015-11-18 2099720]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2015-09-11 150600]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-08-19 838336]
S4 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe []

-----------------EOF-----------------

#2 Příspěvek od **altrok** » 10 kvě 2016 18:04

Krasny den Vam preju

V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).

Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )

ukoncete vsechny programy
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Scan (Skenovani), pote na Cleaning (Cisteni)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner[Cx].txt), jehoz obsah zkopirujte do pristi odpovedi

Vlcacka · #3 Příspěvek od **Vlcacka** » 10 kvě 2016 18:19

Zde log.

# AdwCleaner v5.026 - Logfile created 29/12/2015 at 01:13:40
# Updated 21/12/2015 by Xplode
# Database : 2015-12-23.1 [Server]
# Operating system : Windows 8.1 Connected (x64)
# Username : Vendy - VENDULKA
# Running from : C:\Users\Vendy\Downloads\adwcleaner_5.026.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

[-] Service Deleted : SSFK
[-] Service Deleted : IhPul

***** [ Folders ] *****

[-] Folder Deleted : C:\Program Files (x86)\WinZipper
[-] Folder Deleted : C:\Program Files (x86)\SFK
[-] Folder Deleted : C:\ProgramData\simplitec
[-] Folder Deleted : C:\ProgramData\pokki
[-] Folder Deleted : C:\ProgramData\3WMiniPro3
[-] Folder Deleted : C:\Users\Vendy\AppData\Local\TNT2
[-] Folder Deleted : C:\Users\Vendy\AppData\Local\pokki
[-] Folder Deleted : C:\Users\Vendy\AppData\Roaming\WinZipper
[-] Folder Deleted : C:\Users\Vendy\AppData\Roaming\TSv
[-] Folder Deleted : C:\Users\Vendy\AppData\Roaming\yoursearching

***** [ Files ] *****

[-] File Deleted : C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
[-] File Deleted : C:\Users\Vendy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Picexa.lnk
[-] File Deleted : C:\windows\SysNative\VisualDiscoveryOff.ini
[-] File Deleted : C:\windows\SysWOW64\VisualDiscovery.ini
[-] File Deleted : C:\windows\SysWOW64\VisualDiscoveryOff.ini

***** [ DLLs ] *****

***** [ Shortcuts ] *****

[-] Shortcut Disinfected : C:\Users\Public\Desktop\Google Chrome.lnk
[-] Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
[-] Shortcut Disinfected : C:\Users\Vendy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[-] Shortcut Disinfected : C:\Users\Vendy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[-] Shortcut Disinfected : C:\Users\Vendy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[-] Shortcut Disinfected : C:\Users\Vendy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WarThunder.lnk
[-] Shortcut Disinfected : C:\Users\Vendy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
[-] Shortcut Disinfected : C:\Users\Vendy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk

***** [ Scheduled tasks ] *****

***** [ Registry ] *****

[-] Key Deleted : HKCU\Software\Classes\pokki
[-] Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Pokki]
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\APPID\VISUALDISCOVERY.EXE
[-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WdsManPro
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{533403E2-6E21-4615-9E28-43F4E97E977B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02966FA9-C01A-47E7-A169-C83AEA1FB0BA}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9AD5C084-B6E6-456A-8BA2-A559663780E5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{70C7334A-66D9-46DE-A4E2-6B923C7DB94E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5780633B-414C-446F-8EB2-FF1C9A731C99}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4EECDED2-40FB-4500-85B4-86FB0EBECA68}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{10A7F29D-4B00-40EC-B07D-8616DF8135E6}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{05FF6A00-76A3-4AA1-A9A4-A782152ABE60}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2E5FA7B4-61A2-4662-BBCE-62BBB20FC649}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5D7F05E3-075A-43AF-8BC7-21E2F7F38845}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{617E26CE-E6E1-4C75-A68A-A001F2B98491}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FBDBEA-A722-4ABD-BEC0-B7D463F6BA0E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8128586C-DF69-4266-873F-CF4C6F705A7C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C1F9CFCE-A7DC-4072-8B31-1DEA57004C86}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EA4AD895-2A7F-430E-B973-DEE6C4E743A9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EBF4B60F-A863-426F-BE6F-5DFE83BC574F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{CB6BF8B6-E12B-42FA-A478-91BCCDE475DC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FBB037E4-1CB2-406C-ACCC-925BD5BC7FD7}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2E5FA7B4-61A2-4662-BBCE-62BBB20FC649}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5D7F05E3-075A-43AF-8BC7-21E2F7F38845}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{617E26CE-E6E1-4C75-A68A-A001F2B98491}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{79FBDBEA-A722-4ABD-BEC0-B7D463F6BA0E}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8128586C-DF69-4266-873F-CF4C6F705A7C}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F9CFCE-A7DC-4072-8B31-1DEA57004C86}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EA4AD895-2A7F-430E-B973-DEE6C4E743A9}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EBF4B60F-A863-426F-BE6F-5DFE83BC574F}
[-] Key Deleted : HKCU\Software\distromatic
[-] Key Deleted : HKCU\Software\Pokki
[-] Key Deleted : HKCU\Software\TNT2
[-] Key Deleted : HKCU\Software\PRODUCTSETUP
[-] Key Deleted : HKCU\Software\undefined
[-] Key Deleted : HKLM\SOFTWARE\hdcode
[-] Key Deleted : HKLM\SOFTWARE\simplitec
[-] Key Deleted : HKLM\SOFTWARE\V9
[-] Key Deleted : HKLM\SOFTWARE\VisualDiscovery
[-] Key Deleted : HKLM\SOFTWARE\WdsManPro
[-] Key Deleted : HKLM\SOFTWARE\TSv
[-] Key Deleted : HKLM\SOFTWARE\yoursearchingSoftware
[-] Key Deleted : HKLM\SOFTWARE\yoursites123Software
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Data Restored : HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command []
[-] Data Restored : HKLM\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command []

***** [ Web browsers ] *****

[-] [C:\Users\Vendy\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Deleted : hxxp://www.yoursearching.com/?type=hp&ts=14488 ... 40XSF40XSF
[-] [C:\Users\Vendy\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider] Deleted : hxxp://www.yoursearching.com/webfavicon.ico
[-] [C:\Users\Vendy\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider_Data] Deleted : hxxp://www.yoursearching.com/web/?type=ds&ts=1 ... earchTerms}
[-] [C:\Users\Vendy\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] Deleted : hxxp://www.yoursearching.com/?type=hp&ts=14488 ... 40XSF40XSF

*************************

:: "Tracing" keys removed
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [10478 bytes] ##########
# AdwCleaner v5.116 - Logfile created 10/05/2016 at 19:08:33
# Updated 09/05/2016 by Xplode
# Database : 2016-05-09.1 [Server]
# Operating system : Windows 8.1 Connected (X64)
# Username : Vendy - VENDULKA
# Running from : C:\Users\Vendy\Downloads\adwcleaner_5.116.exe
# Option : Clean
# Support : http://toolslib.net/forum

***** [ Services ] *****

[-] Service Deleted : IhPul
[-] Service Deleted : ggbugreport
[-] Service Deleted : Winsere
[-] Service Deleted : DeskTop_F

***** [ Folders ] *****

[-] Folder Deleted : C:\ProgramData\desktopfind
[-] Folder Deleted : C:\ProgramData\2WdM2
[-] Folder Deleted : C:\ProgramData\FWdMF
[-] Folder Deleted : C:\ProgramData\OwinpO
[-] Folder Deleted : C:\ProgramData\QWdMQ
[-] Folder Deleted : C:\ProgramData\SWdMS
[-] Folder Deleted : C:\ProgramData\tWdMt
[#] Folder Deleted : C:\ProgramData\Application Data\desktopfind
[#] Folder Deleted : C:\ProgramData\Application Data\2WdM2
[#] Folder Deleted : C:\ProgramData\Application Data\FWdMF
[#] Folder Deleted : C:\ProgramData\Application Data\OwinpO
[#] Folder Deleted : C:\ProgramData\Application Data\QWdMQ
[#] Folder Deleted : C:\ProgramData\Application Data\SWdMS
[#] Folder Deleted : C:\ProgramData\Application Data\tWdMt
[-] Folder Deleted : C:\Program Files (x86)\WinZipper
[-] Folder Deleted : C:\Program Files (x86)\SearchesToYesbnd
[-] Folder Deleted : C:\Program Files (x86)\Winsere
[-] Folder Deleted : C:\Program Files (x86)\WinTaske
[-] Folder Deleted : C:\Program Files (x86)\QQBrowser
[#] Folder Deleted : C:\Users\Vendy\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108
[-] Folder Deleted : C:\Users\Vendy\AppData\Roaming\eCyber
[-] Folder Deleted : C:\Users\Vendy\AppData\Roaming\TSv
[-] Folder Deleted : C:\Users\Vendy\AppData\Roaming\WinZiper
[-] Folder Deleted : C:\Users\Vendy\AppData\Roaming\0U1E1Q1T2Z1P0S2Z1T1C
[-] Folder Deleted : C:\Users\Vendy\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd

***** [ Files ] *****

[-] File Deleted : C:\Users\Vendy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\qksee.lnk

***** [ DLLs ] *****

***** [ WMI ] *****

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

[-] Task Deleted : WinTaske
[-] Task Deleted : Browser Updater Task(Core)

***** [ Registry ] *****

[-] Key Deleted : HKCU\SOFTWARE\Mozilla\Firefox\{EB52F1AB-3C2B-424F-9794-833C687025CF}
[-] Key Deleted : HKLM\SOFTWARE\Mozilla\Firefox\{EB52F1AB-3C2B-424F-9794-833C687025CF}
[-] Key Deleted : HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8BF0126F-A5B7-4720-ABB2-2414A0AF5474}
[-] Key Deleted : HKLM\SOFTWARE\hdcode
[-] Key Deleted : HKLM\SOFTWARE\TSv
[-] Key Deleted : HKLM\SOFTWARE\yessearchesSoftware
[-] Key Deleted : HKLM\SOFTWARE\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678}
[-] Key Deleted : HKLM\SOFTWARE\{E6276374-DE18-4AA5-A365-9016A2F98A2D}
[-] Key Deleted : HKLM\SOFTWARE\{G6276374-DEEE-4AAA-A355-9016A2F98A2D}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PokerStars.net
[-] Key Deleted : [x64] HKLM\SOFTWARE\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678}
[-] Key Deleted : HKU\.DEFAULT\Software\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678}
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{0ED89309-C8BB-4A1F-B503-7097032F2894}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{25FBC955-A5E5-411C-AEB4-BA7323622AC5}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{B21F1CC8-61A1-4839-BA36-614D3F044611}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{BCAB9FD5-CC07-48C8-B155-548DFE717B8B}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{27968C42-5587-4284-9D01-5386DCAE0C63}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{979C06BA-8C37-4D3D-809C-DC251FF20A13}]
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Data Restored : HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command []

***** [ Web browsers ] *****

[-] [C:\Users\Vendy\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : fcfenmboojpjinhpgggodefccipikbpd

*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [15490 bytes] - [29/12/2015 02:13:40]
C:\AdwCleaner\AdwCleaner[C2].txt - [6764 bytes] - [08/01/2016 19:48:58]
C:\AdwCleaner\AdwCleaner[S1].txt - [18523 bytes] - [29/12/2015 02:04:31]
C:\AdwCleaner\AdwCleaner[S2].txt - [9566 bytes] - [08/01/2016 19:41:42]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [15784 bytes] ##########

#4 Příspěvek od **altrok** » 10 kvě 2016 18:35

Havet, kterou jste v prosinci cistil, jste ted mel zpatky a v jeste vetsi sile. Tak ji poradne docistime.

Dejte logy FRST.txt a Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101
Pozn. pri druhem a dalsim spusteni FRST je pro vytvoreni logu Addition.txt nutne tuto volbu explicitne zatrhnout pred zacatkem skenu.

Vlcacka · #5 Příspěvek od **Vlcacka** » 10 kvě 2016 18:58

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:09-05-2016
Ran by Vendy (administrator) on VENDULKA (10-05-2016 19:52:09)
Running from C:\Users\Vendy\Desktop
Loaded Profiles: Vendy (Available Profiles: Vendy)
Platform: Windows 8.1 Connected (X64) Language: Angličtina (Spojené státy)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(© 2015 Microsoft Corporation) C:\Users\Vendy\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
(Lenovo) C:\Users\Vendy\AppData\Local\Apps\2.0\OLM4O8B3.WKT\2L8M9P4H.Y13\lsb...tion_91a10ba61c75c82d_0001.0005_a24d0d716055ed94\LSB.exe
(forum.viry.cz) C:\Users\Vendy\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672304 2014-03-21] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1385840 2014-04-07] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1385840 2014-04-07] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1385840 2014-04-07] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3276104 2014-04-02] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [16094704 2014-10-11] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [10841584 2014-10-11] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7139256 2016-03-25] (AVAST Software)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [134784 2014-03-25] (Qualcomm®Atheros®)
HKU\S-1-5-21-3254343490-304523243-1162089923-1001\...\Run: [BingSvc] => C:\Users\Vendy\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2016-03-20] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-3254343490-304523243-1162089923-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4290240 2016-03-01] (Disc Soft Ltd)
HKU\S-1-5-21-3254343490-304523243-1162089923-1001\...\MountPoints2: {272bbe48-8ef8-11e5-826f-5c93a2b36634} - "E:\setup.exe"
HKU\S-1-5-21-3254343490-304523243-1162089923-1001\...\MountPoints2: {272bbe4a-8ef8-11e5-826f-5c93a2b36634} - "G:\LaunchEAW.exe"
HKU\S-1-5-21-3254343490-304523243-1162089923-1001\...\MountPoints2: {272bbe4d-8ef8-11e5-826f-5c93a2b36634} - "I:\EAWXLauncher.exe"
HKU\S-1-5-21-3254343490-304523243-1162089923-1001\...\MountPoints2: {4e193dd9-539e-11e5-825e-5c93a2b36634} - "E:\autorun.exe"
HKU\S-1-5-21-3254343490-304523243-1162089923-1001\...\MountPoints2: {4e193de4-539e-11e5-825e-5c93a2b36634} - "F:\_AUTORUN\AUTORUN.EXE"
HKU\S-1-5-21-3254343490-304523243-1162089923-1001\...\MountPoints2: {4e193ded-539e-11e5-825e-5c93a2b36634} - "G:\_AUTORUN\AUTORUN.EXE"
HKU\S-1-5-21-3254343490-304523243-1162089923-1001\...\MountPoints2: {56675805-825b-11e5-826c-5c93a2b36634} - "J:\Autorun.exe"
HKU\S-1-5-21-3254343490-304523243-1162089923-1001\...\MountPoints2: {6397b8d6-8bd4-11e5-826d-5c93a2b36634} - "F:\Autorun.exe"
HKU\S-1-5-21-3254343490-304523243-1162089923-1001\...\MountPoints2: {7d9a4788-fa7a-11e5-8286-5c93a2b36634} - "F:\OW.EXE"
HKU\S-1-5-21-3254343490-304523243-1162089923-1001\...\MountPoints2: {7d9a47c0-fa7a-11e5-8286-5c93a2b36634} - "G:\autorun.exe"
HKU\S-1-5-21-3254343490-304523243-1162089923-1001\...\MountPoints2: {7d9a47c3-fa7a-11e5-8286-5c93a2b36634} - "H:\Autorun.exe"
HKU\S-1-5-21-3254343490-304523243-1162089923-1001\...\MountPoints2: {7d9a47c6-fa7a-11e5-8286-5c93a2b36634} - "J:\EAWXLauncher.exe"
HKU\S-1-5-21-3254343490-304523243-1162089923-1001\...\MountPoints2: {aebe6fb7-5331-11e5-825d-5c93a2b36634} - "E:\setup.exe" startcz.ctx
ShellIconOverlayIdentifiers: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-03-25] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
Startup: C:\Users\Vendy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Odeslat do OneNote.lnk [2015-09-27]
ShortcutTarget: Odeslat do OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation)
Startup: C:\Users\Vendy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk [2015-09-24]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{29E28E0A-9B89-41C3-A72E-BE31EF7F3E84}: [DhcpNameServer] 213.46.172.36 213.46.172.37

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-3254343490-304523243-1162089923-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
HKU\S-1-5-21-3254343490-304523243-1162089923-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3254343490-304523243-1162089923-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3254343490-304523243-1162089923-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3254343490-304523243-1162089923-1001 -> {F1A0F86C-946A-4295-B312-8993334CA934} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-03-15] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-03-25] (AVAST Software)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-04-29] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-04-19] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-03-25] (AVAST Software)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-04-29] (Microsoft Corporation)
BHO-x32: No Name -> {b90183ad-1cf4-4d7b-9461-b89083957547} -> No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-09-24] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-04-29] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-04-29] (Microsoft Corporation)

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Program Files (x86)\Arc\plugins\NPSWF32.dll [No File]
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-09-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-03] (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-03-26]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-03-26]

Chrome:
=======
CHR Profile: C:\Users\Vendy\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Vendy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-05-10]
CHR Extension: (Dokumenty Google) - C:\Users\Vendy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-05-10]
CHR Extension: (Disk Google) - C:\Users\Vendy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-05-10]
CHR Extension: (YouTube) - C:\Users\Vendy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-10]
CHR Extension: (Avast SafePrice) - C:\Users\Vendy\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-05-10]
CHR Extension: (Tabulky Google) - C:\Users\Vendy\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-05-10]
CHR Extension: (Dokumenty Google offline) - C:\Users\Vendy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-10]
CHR Extension: (Avast Online Security) - C:\Users\Vendy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-05-10]
CHR Extension: (Skype) - C:\Users\Vendy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-05-10]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Vendy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-10]
CHR Extension: (Gmail) - C:\Users\Vendy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-05-10]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2016-03-25]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-03-25]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-04-29]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [319104 2014-03-25] (Windows (R) Win 7 DDK provider) [File not signed]
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [237096 2016-03-25] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-04-29] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-04-29] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2829552 2016-03-08] (Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1444544 2016-03-01] (Disc Soft Ltd)
R2 DptfParticipantAcpiProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [117704 2013-09-17] (Intel Corporation)
R2 DptfPolicyCriticalService; C:\Windows\system32\DptfPolicyCriticalService.exe [150760 2013-09-17] (Intel Corporation)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [101680 2013-10-15] (ELAN Microelectronics Corp.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [296432 2014-04-09] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-02] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-02] (Intel(R) Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [533760 2014-06-03] (Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-05-22] (LENOVO INCORPORATED.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2099720 2015-11-18] (Electronic Arts)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe [68368 2014-10-11] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2014-03-25] (Atheros) [File not signed]
U4 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-03-25] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-03-25] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-03-25] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-03-25] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-03-25] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [463744 2016-03-25] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [165344 2016-03-25] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287016 2016-03-25] (AVAST Software)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3892224 2014-03-07] (Qualcomm Atheros Communications, Inc.)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [310728 2015-09-06] ()
S3 AX88772; C:\Windows\system32\DRIVERS\ax88772.sys [113864 2013-07-18] (ASIX Electronics Corp.)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-03-25] (Qualcomm Atheros)
R3 DptfDevAcpiProc; C:\Windows\system32\DRIVERS\DptfDevAcpiProc.sys [198808 2013-09-17] (Intel Corporation)
R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [493240 2013-09-17] (Intel Corporation)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-11-18] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2016-04-04] (Disc Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [42696 2015-09-06] ()
R0 MBI; C:\Windows\System32\drivers\MBI.sys [29464 2013-10-10] (Intel Corporation)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [80920 2015-07-02] (McAfee, Inc.)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
U4 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-05-10 19:52 - 2016-05-10 19:53 - 00023969 _____ C:\Users\Vendy\Desktop\FRST.txt
2016-05-10 19:52 - 2016-05-10 19:52 - 00000000 ____D C:\FRST
2016-05-10 19:47 - 2016-05-10 19:47 - 00112640 _____ (forum.viry.cz) C:\Users\Vendy\Desktop\FRSTLauncher.exe
2016-05-10 19:45 - 2016-05-10 19:45 - 02381312 _____ (Farbar) C:\Users\Vendy\Desktop\FRST64.exe
2016-05-10 18:15 - 2016-05-10 18:15 - 03640384 _____ C:\Users\Vendy\Downloads\adwcleaner_5.116.exe
2016-05-10 18:03 - 2016-05-10 18:03 - 00000000 ____D C:\rsit
2016-05-10 18:03 - 2016-05-10 18:03 - 00000000 ____D C:\Program Files\trend micro
2016-05-10 13:30 - 2016-05-10 13:30 - 00002298 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-05-10 13:30 - 2016-05-10 13:30 - 00002286 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-05-09 23:31 - 2016-05-10 14:33 - 00000001 _____ C:\windows\SysWOW64\en.html
2016-05-09 10:42 - 2016-05-09 14:21 - 1966884864 _____ C:\Users\Vendy\Downloads\Whiplash-CZ-dabing-(2014).avi
2016-05-08 23:54 - 2016-05-08 23:54 - 07616981 _____ C:\Users\Vendy\Downloads\sazkabet_321.apk
2016-04-25 19:05 - 2016-04-05 23:53 - 00829944 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2016-04-25 19:05 - 2016-04-05 23:53 - 00176632 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-04-23 22:53 - 2016-04-23 22:53 - 00000000 ____D C:\Program Files (x86)\Electronic Arts
2016-04-23 22:53 - 2008-11-19 23:35 - 797310976 _____ C:\Users\Vendy\Downloads\SPORE - Creepy & Cute.iso
2016-04-23 22:44 - 2008-11-17 02:20 - 4138860544 _____ C:\Users\Vendy\Downloads\SPORE_SIDONKEY(CANUS_RG).iso
2016-04-23 16:52 - 2016-04-23 22:37 - 890044416 _____ C:\Users\Vendy\Downloads\SPORE_PCGAME-CZ-O.K.ISO
2016-04-21 21:01 - 2016-04-21 21:01 - 00002372 _____ C:\Users\Vendy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive pro firmy.lnk
2016-04-18 19:52 - 2016-04-18 19:52 - 00000000 ____D C:\Users\Vendy\AppData\Roaming\Mozilla
2016-04-17 00:17 - 2016-04-17 00:17 - 00348395 _____ C:\Users\Vendy\Downloads\AT-AT walker 2014 - 2.pdf
2016-04-17 00:16 - 2016-04-17 00:18 - 00096074 _____ C:\Users\Vendy\Downloads\AT-AT walker 2014 - 1.pdf
2016-04-17 00:13 - 2016-04-17 00:13 - 00512914 _____ C:\Users\Vendy\Downloads\MazacĂ tramvaj.pdf
2016-04-17 00:12 - 2016-04-17 00:12 - 00137955 _____ C:\Users\Vendy\Downloads\Star destroyer 1.pdf
2016-04-13 23:24 - 2016-04-04 08:35 - 00046768 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2016-04-13 23:24 - 2016-04-02 15:26 - 01386496 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2016-04-13 23:24 - 2016-04-02 15:26 - 01169408 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2016-04-13 23:24 - 2016-03-28 15:21 - 00698368 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2016-04-13 23:24 - 2016-03-28 15:21 - 00499200 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2016-04-13 23:24 - 2016-03-28 15:21 - 00279040 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2016-04-13 23:24 - 2016-03-28 15:21 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2016-04-13 23:24 - 2016-03-28 15:21 - 00076800 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2016-04-13 23:24 - 2016-02-09 03:31 - 02757616 _____ (Microsoft Corporation) C:\windows\explorer.exe
2016-04-13 23:24 - 2016-02-09 03:31 - 02412576 _____ (Microsoft Corporation) C:\windows\SysWOW64\explorer.exe
2016-04-13 23:24 - 2016-02-03 17:14 - 00080896 _____ (Microsoft Corporation) C:\windows\system32\Drivers\IPMIDrv.sys
2016-04-13 23:23 - 2016-03-10 21:19 - 07452512 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2016-04-13 23:23 - 2016-03-10 21:17 - 01663192 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2016-04-13 23:23 - 2016-03-10 21:17 - 01523216 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2016-04-13 23:23 - 2016-03-10 21:17 - 01490128 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2016-04-13 23:23 - 2016-03-10 21:17 - 01358960 _____ (Microsoft Corporation) C:\windows\system32\winresume.exe
2016-04-13 23:23 - 2016-03-10 21:17 - 01133752 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2016-04-13 23:23 - 2016-03-10 19:48 - 00862720 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2016-04-13 23:23 - 2016-03-10 19:43 - 00161280 _____ (Microsoft Corporation) C:\windows\SysWOW64\msorcl32.dll
2016-04-13 23:23 - 2016-03-10 18:55 - 00166400 _____ (Microsoft Corporation) C:\windows\system32\mtxoci.dll
2016-04-13 23:23 - 2016-03-10 18:42 - 00116736 _____ (Microsoft Corporation) C:\windows\SysWOW64\mtxoci.dll
2016-04-13 23:23 - 2016-02-09 03:31 - 22365472 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2016-04-13 23:23 - 2016-02-09 03:31 - 19794896 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2016-04-13 23:23 - 2016-02-09 03:31 - 00273264 _____ (Microsoft Corporation) C:\windows\system32\SystemSettingsAdminFlows.exe
2016-04-13 23:23 - 2016-02-08 22:55 - 02712576 _____ (Microsoft Corporation) C:\windows\SysWOW64\ExplorerFrame.dll
2016-04-13 23:23 - 2016-02-08 22:15 - 02551808 _____ (Microsoft Corporation) C:\windows\SysWOW64\themecpl.dll
2016-04-13 23:23 - 2016-02-08 22:02 - 01197056 _____ (Microsoft Corporation) C:\windows\SysWOW64\usercpl.dll
2016-04-13 23:23 - 2016-02-08 21:48 - 12879360 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinui.dll
2016-04-13 23:23 - 2016-02-08 21:43 - 00524288 _____ (Microsoft Corporation) C:\windows\SysWOW64\SettingSyncHost.exe
2016-04-13 23:23 - 2016-02-08 21:40 - 00539648 _____ (Microsoft Corporation) C:\windows\SysWOW64\hgcpl.dll
2016-04-13 23:23 - 2016-02-08 21:39 - 00305152 _____ (Microsoft Corporation) C:\windows\SysWOW64\stobject.dll
2016-04-13 23:23 - 2016-02-08 21:37 - 00141312 _____ (Microsoft Corporation) C:\windows\SysWOW64\SettingMonitor.dll
2016-04-13 23:23 - 2016-02-08 21:35 - 00954880 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinui.appcore.dll
2016-04-13 23:23 - 2016-02-08 21:34 - 00667648 _____ (Microsoft Corporation) C:\windows\SysWOW64\SettingSyncCore.dll
2016-04-13 23:23 - 2016-02-08 21:33 - 00520192 _____ (Microsoft Corporation) C:\windows\SysWOW64\SettingSync.dll
2016-04-13 23:23 - 2016-02-08 20:50 - 03120640 _____ (Microsoft Corporation) C:\windows\system32\ExplorerFrame.dll
2016-04-13 23:23 - 2016-02-08 19:55 - 02592256 _____ (Microsoft Corporation) C:\windows\system32\themecpl.dll
2016-04-13 23:23 - 2016-02-08 19:33 - 01278464 _____ (Microsoft Corporation) C:\windows\system32\usercpl.dll
2016-04-13 23:23 - 2016-02-08 19:12 - 14466560 _____ (Microsoft Corporation) C:\windows\system32\twinui.dll
2016-04-13 23:23 - 2016-02-08 19:02 - 00653824 _____ (Microsoft Corporation) C:\windows\system32\SettingSyncHost.exe
2016-04-13 23:23 - 2016-02-08 19:00 - 00599552 _____ (Microsoft Corporation) C:\windows\system32\hgcpl.dll
2016-04-13 23:23 - 2016-02-08 18:58 - 00336384 _____ (Microsoft Corporation) C:\windows\system32\stobject.dll
2016-04-13 23:23 - 2016-02-08 18:55 - 00173056 _____ (Microsoft Corporation) C:\windows\system32\SettingMonitor.dll
2016-04-13 23:23 - 2016-02-08 18:53 - 02171904 _____ (Microsoft Corporation) C:\windows\system32\SystemSettingsAdminFlowUI.dll
2016-04-13 23:23 - 2016-02-08 18:53 - 01348096 _____ (Microsoft Corporation) C:\windows\system32\AppXDeploymentServer.dll
2016-04-13 23:23 - 2016-02-08 18:50 - 01220096 _____ (Microsoft Corporation) C:\windows\system32\twinui.appcore.dll
2016-04-13 23:23 - 2016-02-08 18:50 - 00841728 _____ (Microsoft Corporation) C:\windows\system32\SettingSyncCore.dll
2016-04-13 23:23 - 2016-02-08 18:48 - 00655872 _____ (Microsoft Corporation) C:\windows\system32\SettingSync.dll
2016-04-13 23:23 - 2016-02-08 18:47 - 02819584 _____ (Microsoft Corporation) C:\windows\system32\SettingsHandlers.dll
2016-04-13 23:23 - 2016-02-08 18:44 - 00955392 _____ (Microsoft Corporation) C:\windows\system32\AppXDeploymentExtensions.dll
2016-04-13 23:23 - 2016-02-04 20:07 - 00222720 _____ (Microsoft Corporation) C:\windows\system32\dhcpsapi.dll
2016-04-13 23:23 - 2016-02-04 19:35 - 00142848 _____ (Microsoft Corporation) C:\windows\SysWOW64\dhcpsapi.dll
2016-04-13 23:23 - 2016-01-31 19:17 - 00779264 _____ (Microsoft Corporation) C:\windows\system32\WindowsAnytimeUpgradeui.exe
2016-04-13 23:23 - 2016-01-26 21:15 - 00072024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\vpci.sys
2016-04-13 23:23 - 2014-11-08 04:38 - 00166912 _____ (Microsoft Corporation) C:\windows\system32\AppxAllUserStore.dll
2016-04-13 23:23 - 2014-11-08 04:17 - 00143360 _____ (Microsoft Corporation) C:\windows\SysWOW64\AppxAllUserStore.dll
2016-04-13 23:20 - 2016-02-07 01:05 - 00551256 _____ (Microsoft Corporation) C:\windows\system32\Drivers\vhdmp.sys
2016-04-13 23:20 - 2016-02-07 00:41 - 00316760 _____ (Microsoft Corporation) C:\windows\system32\Drivers\volsnap.sys
2016-04-13 23:20 - 2016-02-05 21:07 - 00378712 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys
2016-04-13 23:20 - 2016-02-05 17:11 - 00845312 _____ (Microsoft Corporation) C:\windows\system32\BFE.DLL
2016-04-13 23:20 - 2016-02-05 17:11 - 00422400 _____ (Microsoft Corporation) C:\windows\system32\FWPUCLNT.DLL
2016-04-13 23:20 - 2016-02-05 17:07 - 00272384 _____ (Microsoft Corporation) C:\windows\SysWOW64\FWPUCLNT.DLL
2016-04-13 23:20 - 2016-02-05 17:02 - 01083904 _____ (Microsoft Corporation) C:\windows\system32\IKEEXT.DLL
2016-04-13 23:20 - 2016-02-05 16:46 - 01455104 _____ (Microsoft Corporation) C:\windows\system32\VSSVC.exe
2016-04-13 23:20 - 2016-02-04 18:23 - 00713216 _____ (Microsoft Corporation) C:\windows\system32\nshwfp.dll
2016-04-13 23:20 - 2016-02-04 18:22 - 00561664 _____ (Microsoft Corporation) C:\windows\SysWOW64\nshwfp.dll
2016-04-13 23:20 - 2016-02-03 17:11 - 01673728 _____ (Microsoft Corporation) C:\windows\system32\workfolderssvc.dll
2016-04-13 23:20 - 2016-02-02 20:16 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rasl2tp.sys
2016-04-13 23:20 - 2016-02-02 19:51 - 00162304 _____ (Microsoft Corporation) C:\windows\system32\WsmAuto.dll
2016-04-13 23:20 - 2016-02-02 19:19 - 00144384 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmAuto.dll
2016-04-13 23:20 - 2016-02-02 19:18 - 01574912 _____ (Microsoft Corporation) C:\windows\system32\wbengine.exe
2016-04-13 23:20 - 2016-02-02 19:15 - 00787456 _____ (Microsoft Corporation) C:\windows\system32\WorkfoldersControl.dll
2016-04-13 23:20 - 2016-02-02 19:01 - 00031744 _____ (Microsoft Corporation) C:\windows\system32\WsmAgent.dll
2016-04-13 23:20 - 2016-02-02 18:51 - 02609152 _____ (Microsoft Corporation) C:\windows\system32\WsmSvc.dll
2016-04-13 23:20 - 2016-02-02 18:48 - 00285184 _____ (Microsoft Corporation) C:\windows\system32\WsmWmiPl.dll
2016-04-13 23:20 - 2016-02-02 18:46 - 00026112 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmAgent.dll
2016-04-13 23:20 - 2016-02-02 18:41 - 02170880 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmSvc.dll
2016-04-13 23:20 - 2016-02-02 18:39 - 00236032 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmWmiPl.dll
2016-04-13 23:20 - 2016-01-27 17:18 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\rpcss.dll
2016-04-13 23:20 - 2016-01-22 07:22 - 02487296 _____ (Microsoft Corporation) C:\windows\system32\storagewmi.dll
2016-04-13 23:20 - 2016-01-22 07:11 - 01482240 _____ (Microsoft Corporation) C:\windows\SysWOW64\storagewmi.dll
2016-04-13 23:20 - 2016-01-21 21:35 - 00952928 _____ (Microsoft Corporation) C:\windows\system32\mfmp4srcsnk.dll
2016-04-13 23:20 - 2016-01-21 20:42 - 00786152 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfmp4srcsnk.dll
2016-04-13 23:20 - 2016-01-21 00:40 - 00099672 _____ (Microsoft Corporation) C:\windows\system32\Drivers\disk.sys
2016-04-13 22:58 - 2016-03-03 18:13 - 00059392 _____ (Microsoft Corporation) C:\windows\system32\basesrv.dll
2016-04-13 22:25 - 2016-03-31 02:54 - 25817600 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2016-04-13 22:25 - 2016-03-31 02:31 - 02892800 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2016-04-13 22:25 - 2016-03-31 02:28 - 00571904 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2016-04-13 22:25 - 2016-03-31 02:25 - 06052352 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2016-04-13 22:25 - 2016-03-31 02:17 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2016-04-13 22:25 - 2016-03-31 02:03 - 20352512 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2016-04-13 22:25 - 2016-03-31 01:56 - 00145408 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2016-04-13 22:25 - 2016-03-31 01:56 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2016-04-13 22:25 - 2016-03-31 01:55 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2016-04-13 22:25 - 2016-03-31 01:53 - 00496640 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2016-04-13 22:25 - 2016-03-31 01:51 - 02285056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2016-04-13 22:25 - 2016-03-31 01:50 - 01032704 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2016-04-13 22:25 - 2016-03-31 01:45 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2016-04-13 22:25 - 2016-03-31 01:45 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2016-04-13 22:25 - 2016-03-31 01:43 - 00806400 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2016-04-13 22:25 - 2016-03-31 01:43 - 00725504 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2016-04-13 22:25 - 2016-03-31 01:43 - 00379392 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2016-04-13 22:25 - 2016-03-31 01:42 - 02131968 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2016-04-13 22:25 - 2016-03-31 01:39 - 15415808 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2016-04-13 22:25 - 2016-03-31 01:30 - 04611072 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2016-04-13 22:25 - 2016-03-31 01:30 - 02596864 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2016-04-13 22:25 - 2016-03-31 01:30 - 00279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2016-04-13 22:25 - 2016-03-31 01:30 - 00128000 _____ (Microsoft Corporation) C:\windows\SysWOW64\iepeers.dll
2016-04-13 22:25 - 2016-03-31 01:27 - 00880128 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2016-04-13 22:25 - 2016-03-31 01:24 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2016-04-13 22:25 - 2016-03-31 01:23 - 02056192 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2016-04-13 22:25 - 2016-03-31 01:23 - 00693248 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2016-04-13 22:25 - 2016-03-31 01:23 - 00330752 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2016-04-13 22:25 - 2016-03-31 01:21 - 13811712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2016-04-13 22:25 - 2016-03-31 01:18 - 01547264 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2016-04-13 22:25 - 2016-03-31 01:06 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2016-04-13 22:25 - 2016-03-31 01:05 - 02121216 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2016-04-13 22:25 - 2016-03-31 01:02 - 01311744 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2016-04-13 22:25 - 2016-03-31 01:00 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2016-04-13 22:20 - 2016-03-29 16:05 - 04175872 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2016-04-13 22:20 - 2016-03-16 01:00 - 00561952 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2016-04-13 22:20 - 2016-03-15 16:14 - 01441792 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2016-04-13 22:20 - 2016-03-11 16:48 - 00833024 _____ (Microsoft Corporation) C:\windows\system32\samsrv.dll
2016-04-13 22:20 - 2016-03-10 20:22 - 00201728 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2016-04-13 22:20 - 2016-03-10 20:21 - 00401920 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2016-04-13 22:20 - 2016-03-10 20:20 - 00284672 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2016-04-13 22:20 - 2016-03-10 19:44 - 00445440 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2016-04-13 22:20 - 2016-03-10 19:16 - 00324096 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2016-04-13 22:20 - 2016-03-10 19:03 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\samlib.dll
2016-04-13 22:20 - 2016-03-10 18:48 - 00064512 _____ (Microsoft Corporation) C:\windows\SysWOW64\samlib.dll
2016-04-13 22:20 - 2016-03-03 18:47 - 02345472 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2016-04-13 22:20 - 2016-03-03 18:33 - 01556992 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2016-04-13 22:20 - 2016-03-03 03:39 - 01661576 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2016-04-13 22:20 - 2016-03-03 03:39 - 01212248 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-05-10 19:29 - 2015-09-04 19:46 - 00003598 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3254343490-304523243-1162089923-1001
2016-05-10 19:19 - 2015-09-06 17:56 - 00000000 ____D C:\Users\Vendy\AppData\Local\Deployment
2016-05-10 19:17 - 2015-09-24 12:24 - 00000000 ____D C:\Users\Vendy\OneDrive
2016-05-10 19:16 - 2015-09-27 22:54 - 00000974 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-10 19:14 - 2013-08-22 16:45 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-05-10 19:13 - 2016-04-04 20:30 - 00000000 ____D C:\Users\Vendy\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108
2016-05-10 19:13 - 2014-10-11 02:50 - 00004608 _____ C:\windows\system32\VfService.trf
2016-05-10 19:13 - 2013-08-22 15:25 - 00262144 ___SH C:\windows\system32\config\BBI
2016-05-10 19:06 - 2015-09-27 22:54 - 00000978 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-10 19:04 - 2015-12-29 02:04 - 00000000 ____D C:\AdwCleaner
2016-05-10 18:03 - 2015-09-08 17:24 - 00003886 _____ C:\windows\System32\Tasks\Adobe Acrobat Update Task
2016-05-10 18:02 - 2015-09-08 17:23 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-05-10 14:08 - 2015-09-04 19:51 - 00003970 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{FB21D78B-C66A-4FB0-91C1-5C161906F132}
2016-05-10 13:30 - 2015-09-27 22:54 - 00000000 ____D C:\Users\Vendy\AppData\Local\Google
2016-05-10 13:30 - 2015-09-27 22:54 - 00000000 ____D C:\Program Files (x86)\Google
2016-05-10 12:18 - 2015-09-04 19:42 - 00000000 ____D C:\Users\Vendy\Documents\Bluetooth Folder
2016-05-10 12:18 - 2013-08-22 15:36 - 00000000 ____D C:\windows\Inf
2016-05-10 11:43 - 2015-09-04 23:19 - 00000000 ____D C:\Users\Vendy\AppData\Local\CrashDumps
2016-05-10 07:43 - 2015-10-04 16:30 - 00004182 _____ C:\windows\System32\Tasks\avast! Emergency Update
2016-05-09 18:54 - 2013-08-22 17:20 - 00000000 ____D C:\windows\CbsTemp
2016-05-09 18:52 - 2015-09-04 19:36 - 00000000 ___SD C:\windows\SysWOW64\GWX
2016-05-09 18:52 - 2015-09-04 19:36 - 00000000 ___SD C:\windows\system32\GWX
2016-05-09 14:21 - 2015-09-04 21:47 - 00000000 ____D C:\KMPlayer
2016-05-07 12:02 - 2015-09-11 09:47 - 00000000 ____D C:\windows\system32\appraiser
2016-05-07 10:25 - 2015-09-04 20:25 - 00000000 ____D C:\Users\Vendy\AppData\Roaming\Skype
2016-05-07 10:25 - 2015-09-04 19:38 - 00000000 ____D C:\Users\Vendy
2016-05-06 07:00 - 2013-08-22 17:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-05-06 06:57 - 2015-09-24 12:42 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-05-05 21:29 - 2015-09-04 20:25 - 00000000 ____D C:\ProgramData\Skype
2016-05-05 21:28 - 2015-09-04 20:25 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-05-04 12:27 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-05-04 12:27 - 2013-08-22 17:36 - 00000000 ____D C:\windows\AppReadiness
2016-04-29 09:09 - 2013-08-22 17:36 - 00000000 ____D C:\windows\rescache
2016-04-25 19:15 - 2015-11-19 11:45 - 00018944 ___SH C:\Users\Vendy\Desktop\Thumbs.db
2016-04-25 19:12 - 2013-08-22 16:44 - 00582576 _____ C:\windows\system32\FNTCACHE.DAT
2016-04-25 18:55 - 2013-08-22 17:36 - 00000000 ___RD C:\windows\ToastData
2016-04-24 16:58 - 2015-09-05 09:19 - 00000258 __RSH C:\ProgramData\ntuser.pol
2016-04-24 16:58 - 2013-08-22 17:36 - 00000000 ___HD C:\windows\system32\GroupPolicy
2016-04-24 16:58 - 2013-08-22 17:36 - 00000000 ____D C:\windows\SysWOW64\GroupPolicy
2016-04-23 22:51 - 2014-10-11 02:03 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-04-21 21:01 - 2015-09-24 12:48 - 00003180 _____ C:\windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-3254343490-304523243-1162089923-1001
2016-04-19 19:14 - 2015-11-28 22:57 - 00000000 ____D C:\Users\Vendy\Documents\NHL09
2016-04-18 19:50 - 2013-08-22 17:36 - 00000000 ____D C:\windows\LiveKernelReports
2016-04-17 19:45 - 2016-01-09 17:11 - 00000000 ____D C:\Users\Vendy\AppData\Local\PokerStars.NET
2016-04-17 14:10 - 2014-10-11 02:01 - 00741456 _____ C:\windows\system32\perfh005.dat
2016-04-17 14:10 - 2014-10-11 02:01 - 00152464 _____ C:\windows\system32\perfc005.dat
2016-04-17 14:10 - 2014-03-18 11:53 - 01745984 _____ C:\windows\system32\PerfStringBackup.INI
2016-04-17 13:01 - 2015-09-05 23:37 - 00000000 ____D C:\Users\Vendy\AppData\Local\ElevatedDiagnostics
2016-04-17 00:23 - 2015-09-06 00:04 - 00065024 ___SH C:\Users\Vendy\Downloads\Thumbs.db
2016-04-13 23:55 - 2015-09-09 11:11 - 00000000 ____D C:\windows\system32\MRT
2016-04-13 23:47 - 2015-09-09 11:11 - 135176864 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2016-04-10 15:17 - 2015-09-04 22:40 - 00000000 ____D C:\Filmy
2016-04-10 11:12 - 2013-08-22 17:36 - 00000000 ____D C:\windows\system32\NDF

==================== Files in the root of some directories =======

2014-10-11 02:05 - 2014-10-11 02:05 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\Vendy\AppData\Local\Temp\AutoRun.exe
C:\Users\Vendy\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\Vendy\AppData\Local\Temp\BingSvc.exe
C:\Users\Vendy\AppData\Local\Temp\bitool.dll
C:\Users\Vendy\AppData\Local\Temp\BSvcProcessor.exe
C:\Users\Vendy\AppData\Local\Temp\BSvcUpdater.exe
C:\Users\Vendy\AppData\Local\Temp\DAEMON Tools Lite.exe
C:\Users\Vendy\AppData\Local\Temp\drm_dialogs.dll
C:\Users\Vendy\AppData\Local\Temp\drm_dyndata_7370012.dll
C:\Users\Vendy\AppData\Local\Temp\dt_4692.tmp.exe
C:\Users\Vendy\AppData\Local\Temp\eauninstall.exe
C:\Users\Vendy\AppData\Local\Temp\Install Flash Player 6 AX.exe
C:\Users\Vendy\AppData\Local\Temp\Install Flash Player 6.exe
C:\Users\Vendy\AppData\Local\Temp\KMP_4.0.1.5.exe
C:\Users\Vendy\AppData\Local\Temp\KMP_4.0.2.6.exe
C:\Users\Vendy\AppData\Local\Temp\KMP_4.0.3.1.exe
C:\Users\Vendy\AppData\Local\Temp\KMP_4.0.5.3.exe
C:\Users\Vendy\AppData\Local\Temp\libeay32.dll
C:\Users\Vendy\AppData\Local\Temp\McCSPInstall.dll
C:\Users\Vendy\AppData\Local\Temp\mccspuninstall.exe
C:\Users\Vendy\AppData\Local\Temp\msvcr120.dll
C:\Users\Vendy\AppData\Local\Temp\ose00000.exe
C:\Users\Vendy\AppData\Local\Temp\Shockwave_Installer_Full.exe
C:\Users\Vendy\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Vendy\AppData\Local\Temp\SpotifyUninstall.exe
C:\Users\Vendy\AppData\Local\Temp\sqlite3.dll
C:\Users\Vendy\AppData\Local\Temp\The Battle for Middle-earth_uninst.exe
C:\Users\Vendy\AppData\Local\Temp\{3400D89F-91A6-4018-9D63-65C7714A13B4}-48.0.2564.97_47.0.2526.111_chrome_updater_3stage.exe
C:\Users\Vendy\AppData\Local\Temp\{3DF71C06-7EAA-4F56-801B-4F2590876AC7}.dll
C:\Users\Vendy\AppData\Local\Temp\{D0F2A6E0-0DF4-4FD0-A47A-550A68724E95}.dll

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Vendy\Desktop" je 5291 MB.

***** Startup Programs *****

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

Vlcacka · #6 Příspěvek od **Vlcacka** » 10 kvě 2016 18:59

Additional scan result of Farbar Recovery Scan Tool (x64) Version:09-05-2016
Ran by Vendy (2016-05-10 19:54:36)
Running from C:\Users\Vendy\Desktop
Windows 8.1 Connected (X64) (2015-09-04 17:37:42)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-3254343490-304523243-1162089923-500 - Administrator - Disabled)
Guest (S-1-5-21-3254343490-304523243-1162089923-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3254343490-304523243-1162089923-1003 - Limited - Enabled)
Vendy (S-1-5-21-3254343490-304523243-1162089923-1001 - Administrator - Enabled) => C:\Users\Vendy

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

A Game of Thrones - Genesis (HKLM-x32\...\Steam App 58550) (Version: - Cyanide Studios)
Abyss Odyssey (HKLM-x32\...\Steam App 255070) (Version: - ACE Team)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.016.20039 - Adobe Systems Incorporated)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISER_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISER_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISER_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.1.2253 - AVAST Software)
Botanicula (HKLM-x32\...\Steam App 207690) (Version: - Amanita Design)
Command & Conquer™ Red Alert 2 and Yuri’s Revenge (HKLM-x32\...\{F5275D1C-D133-486D-8F07-D6C571F0A8EC}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.3.0.0152 - Disc Soft Ltd)
Dependency Package Update (Version: 1.6.25.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.38.00 - Lenovo Inc.) Hidden
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.20 - Lenovo)
Energy Manager (x32 Version: 1.5.0.20 - Lenovo) Hidden
Game of Thrones (HKLM-x32\...\Steam App 208730) (Version: - Cyanide Studios)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 50.0.2661.94 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Heroes of Might and Magic® IV (HKLM-x32\...\InstallShield_{192E2132-E977-4D3E-90BA-9DBCE1B57F8C}) (Version: 1.00.0000 - 3DO)
Heroes of Might and Magic® IV (x32 Version: 1.00.0000 - 3DO) Hidden
Hightail for Lenovo (HKLM\...\{2F10E937-F6D7-4174-8AB9-B299E8FC5CEC}) (Version: 2.4.97.2857 - Hightail, Inc.)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.10.0.2208 - Intel Corporation)
Intel(R) Chipset Device Software (x32 Version: 10.0.13 - Intel(R) Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3540 - Intel Corporation)
Intel(R) Sideband Fabric Device Driver (HKLM-x32\...\C5A8BC6E-723A-4C0F-96E1-C426D1A4BCA9) (Version: 1.70.305.16316 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.40 - Irfan Skiljan)
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.0.1.5 - PandoraTV)
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.25.00 - Lenovo Group Limited)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2326 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.1.0.2326 - CyberLink Corp.) Hidden
Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.41.1 - ELAN Microelectronic Corp.)
Lenovo Service Bridge (HKU\S-1-5-21-3254343490-304523243-1162089923-1001\...\cbe8636f7dd0cf1d) (Version: 1.5.1.0 - Lenovo)
Lenovo SHAREit (HKLM-x32\...\Lenovo SHAREit_is1) (Version: 2.0.5.0 - Lenovo Group Limited)
Lenovo VeriFace (HKLM\...\Lenovo VeriFace) (Version: 5.0.13.5261 - Lenovo)
Metric Collection SDK 35 (x32 Version: 1.2.0001.00 - Lenovo Group Limited) Hidden
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.0.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3254343490-304523243-1162089923-1001\...\OneDriveSetup.exe) (Version: 17.3.6386.0412 - Microsoft Corporation)
Microsoft OneNote 2013 - cs-cz (HKLM\...\OneNoteFreeRetail - cs-cz) (Version: 15.0.4815.1002 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
NHL06 (HKLM-x32\...\{D0DC1674-B5E8-4364-009E-B350048DD006}) (Version: - )
NHL™ 09 (HKLM-x32\...\{827B97A9-B347-4110-9F89-37AF2B758F94}) (Version: 2.0.1.0 - Electronic Arts)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4815.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4815.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4815.1002 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 9.7.2.53208 - Electronic Arts, Inc.)
Original War (HKLM-x32\...\Original War) (Version: - )
Pharaoh (HKLM-x32\...\Pharaoh) (Version: - )
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.320 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39048 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.29.314.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7218 - Realtek Semiconductor Corp.)
SAMSUNG USB Driver for Mobile Phones Packages (HKU\S-1-5-21-3254343490-304523243-1162089923-1001\...\SAMSUNG USB Driver for Mobile Phones Packages) (Version: - ) <==== ATTENTION
Sid Meiers Civilization Beyond Earth (HKLM-x32\...\U2lkTWVpZXJzQ2l2aWxpemF0aW9uQmV5b25kRWFydGg=_is1) (Version: 1 - )
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.1.0.9134 - Microsoft Corporation)
Skype™ 7.22 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.22.109 - Skype Technologies S.A.)
Star Trek Starfleet Command III (HKLM-x32\...\Star Trek Starfleet Command III) (Version: - )
Star Wars Empire at War (HKLM-x32\...\{99AE7207-8612-4DBA-A8F8-BAE5C633390D}) (Version: 1.0 - LucasArts)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
User Manuals (x32 Version: 3.0.0.3 - Lenovo) Hidden
WestwoodOnline (HKLM-x32\...\{BBCD6D56-8A26-4DDE-9482-DBC9C7B7341D}) (Version: 1.0.0.0 - WestwoodOnline)
Windows Driver Package - Lenovo (ACPIVPC) System (09/24/2013 19.29.2.34) (HKLM\...\EE9B1F2037C580F36D92FA431CC02BFF04C31F15) (Version: 09/24/2013 19.29.2.34 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Zoner Callisto 5 (HKLM-x32\...\{4F62B1AE-E778-49E2-9C57-C1C65A122098}) (Version: 5.0.5000.15 - ZONER software)
Zoner Photo Studio 10 (HKLM-x32\...\ZonerPhotoStudio10_CZ_is1) (Version: - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3254343490-304523243-1162089923-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Vendy\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64\FileCoAuthLib64.dll ()
CustomCLSID: HKU\S-1-5-21-3254343490-304523243-1162089923-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Vendy\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3254343490-304523243-1162089923-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-3254343490-304523243-1162089923-1001_Classes\CLSID\{BCAFD618-3FAE-4EFE-BF4E-4C43A7E1320B}\InprocServer32 -> C:\Program Files (x86)\Zoner\Photo Studio 10\Program\SHELLEXT64.DLL (ZONER software)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {44E59A4E-67AA-4384-8975-BA20A97088A0} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-05-30] (Lenovo)
Task: {46057DA9-9F48-4F15-B258-90A744557317} - System32\Tasks\Microsoft\Windows\Setup\gwx\rundetector => C:\Windows\system32\GWX\GWXDetector.exe [2016-04-26] (Microsoft Corporation)
Task: {468E600F-1D1F-4A75-AE40-4E4CEB1DA9F4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-27] (Google Inc.)
Task: {533B5510-E948-4619-9B20-C09456D329F6} - System32\Tasks\{9DDB2CF7-F519-4DB0-B411-5124ADEBFDE9} => pcalua.exe -a I:\Autorun.exe -d I:\
Task: {54F0957B-862A-459C-A788-DE0D08F1C987} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2014-05-22] ()
Task: {7A1716EA-045B-46D9-85F7-7FCD708F366E} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-03-25] (AVAST Software)
Task: {87AA914B-DB3E-4B7D-8455-72CB190582D1} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-02-09] (Microsoft Corporation)
Task: {8C75BFC6-3B4F-49BA-91DF-173DC169CC00} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {9E3E5C36-D429-4E31-97D2-6747EF16A675} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-03-05] (AVAST Software)
Task: {A71A76EB-F1E2-4172-8169-472F8E72EE89} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-02-09] (Microsoft Corporation)
Task: {C496099E-ED6B-4F2B-B3CF-B1F0B946202D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-27] (Google Inc.)
Task: {CA75EF36-0D3C-46DF-BED3-A276B8A408C6} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\windows\system32\MRT.exe [2016-04-13] (Microsoft Corporation)
Task: {DFE836F8-F03E-457C-A4E4-80387F91D7FE} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-3254343490-304523243-1162089923-1001 => C:\Users\Vendy\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-04-21] (Microsoft Corporation)
Task: {E3F40151-E966-43A9-9C67-07D88407C8A2} - System32\Tasks\{34163D01-20B2-4803-A6A1-A581CB789CE6} => pcalua.exe -a I:\setup\rsrc\Autorun.exe -d I:\
Task: {F120BB09-6056-4E8D-AEBF-8137B5BCECAF} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-3254343490-304523243-1162089923-1001 => Rundll32.exe dfshim.dll,ShOpenVerbShortcut C:\Users\Vendy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Lenovo Service Bridge.appref-ms

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

#7 Příspěvek od **altrok** » 10 kvě 2016 19:24

Odinstalujte

Skype Click to Call - adware z instalace Skypu http://forum.viry.cz/viewtopic.php?p=1374439#p1374439

Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
znovu spustte FRST a kliknete na Fix

po restartu bude na plose ulozen fixlog, jehoz obsah vlozte do pristi odpovedi

Kód: Vybrat vše

Start
CreateRestorePoint:
CloseProcesses:
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKU\S-1-5-21-3254343490-304523243-1162089923-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4290240 2016-03-01] (Disc Soft Ltd)
HKU\S-1-5-21-3254343490-304523243-1162089923-1001\...\MountPoints2: {272bbe48-8ef8-11e5-826f-5c93a2b36634} - "E:\setup.exe"
HKU\S-1-5-21-3254343490-304523243-1162089923-1001\...\MountPoints2: {272bbe4a-8ef8-11e5-826f-5c93a2b36634} - "G:\LaunchEAW.exe"
HKU\S-1-5-21-3254343490-304523243-1162089923-1001\...\MountPoints2: {272bbe4d-8ef8-11e5-826f-5c93a2b36634} - "I:\EAWXLauncher.exe"
HKU\S-1-5-21-3254343490-304523243-1162089923-1001\...\MountPoints2: {4e193dd9-539e-11e5-825e-5c93a2b36634} - "E:\autorun.exe"
HKU\S-1-5-21-3254343490-304523243-1162089923-1001\...\MountPoints2: {4e193de4-539e-11e5-825e-5c93a2b36634} - "F:\_AUTORUN\AUTORUN.EXE"
HKU\S-1-5-21-3254343490-304523243-1162089923-1001\...\MountPoints2: {4e193ded-539e-11e5-825e-5c93a2b36634} - "G:\_AUTORUN\AUTORUN.EXE"
HKU\S-1-5-21-3254343490-304523243-1162089923-1001\...\MountPoints2: {56675805-825b-11e5-826c-5c93a2b36634} - "J:\Autorun.exe"
HKU\S-1-5-21-3254343490-304523243-1162089923-1001\...\MountPoints2: {6397b8d6-8bd4-11e5-826d-5c93a2b36634} - "F:\Autorun.exe"
HKU\S-1-5-21-3254343490-304523243-1162089923-1001\...\MountPoints2: {7d9a4788-fa7a-11e5-8286-5c93a2b36634} - "F:\OW.EXE"
HKU\S-1-5-21-3254343490-304523243-1162089923-1001\...\MountPoints2: {7d9a47c0-fa7a-11e5-8286-5c93a2b36634} - "G:\autorun.exe"
HKU\S-1-5-21-3254343490-304523243-1162089923-1001\...\MountPoints2: {7d9a47c3-fa7a-11e5-8286-5c93a2b36634} - "H:\Autorun.exe"
HKU\S-1-5-21-3254343490-304523243-1162089923-1001\...\MountPoints2: {7d9a47c6-fa7a-11e5-8286-5c93a2b36634} - "J:\EAWXLauncher.exe"
HKU\S-1-5-21-3254343490-304523243-1162089923-1001\...\MountPoints2: {aebe6fb7-5331-11e5-825d-5c93a2b36634} - "E:\setup.exe" startcz.ctx
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3254343490-304523243-1162089923-1001 -> {F1A0F86C-946A-4295-B312-8993334CA934} URL = 
BHO-x32: No Name -> {b90183ad-1cf4-4d7b-9461-b89083957547} -> No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Program Files (x86)\Arc\plugins\NPSWF32.dll [No File]
2016-05-10 18:15 - 2016-05-10 18:15 - 03640384 _____ C:\Users\Vendy\Downloads\adwcleaner_5.116.exe
2016-05-10 18:03 - 2016-05-10 18:03 - 00000000 ____D C:\rsit
2016-05-10 18:03 - 2016-05-10 18:03 - 00000000 ____D C:\Program Files\trend micro
2016-05-10 19:04 - 2015-12-29 02:04 - 00000000 ____D C:\AdwCleaner
Task: {533B5510-E948-4619-9B20-C09456D329F6} - System32\Tasks\{9DDB2CF7-F519-4DB0-B411-5124ADEBFDE9} => pcalua.exe -a I:\Autorun.exe -d I:\
Task: {E3F40151-E966-43A9-9C67-07D88407C8A2} - System32\Tasks\{34163D01-20B2-4803-A6A1-A581CB789CE6} => pcalua.exe -a I:\setup\rsrc\Autorun.exe -d I:\
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
CMD: ipconfig /flushdns
CMD: dir "C:\PROGRA~1"
CMD: dir "C:\PROGRA~2"
CMD: dir "C:\PROGRA~3"
CMD: dir "%localappdata%"
CMD: dir "%appdata%"
Hosts:
EmptyTemp:
End

Vlcacka · #8 Příspěvek od **Vlcacka** » 10 kvě 2016 19:55

Fix result of Farbar Recovery Scan Tool (x64) Version:09-05-2016
Ran by Vendy (2016-05-10 20:43:31) Run:2
Running from C:\Users\Vendy\Desktop
Loaded Profiles: Vendy (Available Profiles: Vendy)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKU\S-1-5-21-3254343490-304523243-1162089923-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4290240 2016-03-01] (Disc Soft Ltd)
HKU\S-1-5-21-3254343490-304523243-1162089923-1001\...\MountPoints2: {272bbe48-8ef8-11e5-826f-5c93a2b36634} - "E:\setup.exe"
HKU\S-1-5-21-3254343490-304523243-1162089923-1001\...\MountPoints2: {272bbe4a-8ef8-11e5-826f-5c93a2b36634} - "G:\LaunchEAW.exe"
HKU\S-1-5-21-3254343490-304523243-1162089923-1001\...\MountPoints2: {272bbe4d-8ef8-11e5-826f-5c93a2b36634} - "I:\EAWXLauncher.exe"
HKU\S-1-5-21-3254343490-304523243-1162089923-1001\...\MountPoints2: {4e193dd9-539e-11e5-825e-5c93a2b36634} - "E:\autorun.exe"
HKU\S-1-5-21-3254343490-304523243-1162089923-1001\...\MountPoints2: {4e193de4-539e-11e5-825e-5c93a2b36634} - "F:\_AUTORUN\AUTORUN.EXE"
HKU\S-1-5-21-3254343490-304523243-1162089923-1001\...\MountPoints2: {4e193ded-539e-11e5-825e-5c93a2b36634} - "G:\_AUTORUN\AUTORUN.EXE"
HKU\S-1-5-21-3254343490-304523243-1162089923-1001\...\MountPoints2: {56675805-825b-11e5-826c-5c93a2b36634} - "J:\Autorun.exe"
HKU\S-1-5-21-3254343490-304523243-1162089923-1001\...\MountPoints2: {6397b8d6-8bd4-11e5-826d-5c93a2b36634} - "F:\Autorun.exe"
HKU\S-1-5-21-3254343490-304523243-1162089923-1001\...\MountPoints2: {7d9a4788-fa7a-11e5-8286-5c93a2b36634} - "F:\OW.EXE"
HKU\S-1-5-21-3254343490-304523243-1162089923-1001\...\MountPoints2: {7d9a47c0-fa7a-11e5-8286-5c93a2b36634} - "G:\autorun.exe"
HKU\S-1-5-21-3254343490-304523243-1162089923-1001\...\MountPoints2: {7d9a47c3-fa7a-11e5-8286-5c93a2b36634} - "H:\Autorun.exe"
HKU\S-1-5-21-3254343490-304523243-1162089923-1001\...\MountPoints2: {7d9a47c6-fa7a-11e5-8286-5c93a2b36634} - "J:\EAWXLauncher.exe"
HKU\S-1-5-21-3254343490-304523243-1162089923-1001\...\MountPoints2: {aebe6fb7-5331-11e5-825d-5c93a2b36634} - "E:\setup.exe" startcz.ctx
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3254343490-304523243-1162089923-1001 -> {F1A0F86C-946A-4295-B312-8993334CA934} URL =
BHO-x32: No Name -> {b90183ad-1cf4-4d7b-9461-b89083957547} -> No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Program Files (x86)\Arc\plugins\NPSWF32.dll [No File]
2016-05-10 18:15 - 2016-05-10 18:15 - 03640384 _____ C:\Users\Vendy\Downloads\adwcleaner_5.116.exe
2016-05-10 18:03 - 2016-05-10 18:03 - 00000000 ____D C:\rsit
2016-05-10 18:03 - 2016-05-10 18:03 - 00000000 ____D C:\Program Files\trend micro
2016-05-10 19:04 - 2015-12-29 02:04 - 00000000 ____D C:\AdwCleaner
Task: {533B5510-E948-4619-9B20-C09456D329F6} - System32\Tasks\{9DDB2CF7-F519-4DB0-B411-5124ADEBFDE9} => pcalua.exe -a I:\Autorun.exe -d I:\
Task: {E3F40151-E966-43A9-9C67-07D88407C8A2} - System32\Tasks\{34163D01-20B2-4803-A6A1-A581CB789CE6} => pcalua.exe -a I:\setup\rsrc\Autorun.exe -d I:\
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
CMD: ipconfig /flushdns
CMD: dir "C:\PROGRA~1"
CMD: dir "C:\PROGRA~2"
CMD: dir "C:\PROGRA~3"
CMD: dir "%localappdata%"
CMD: dir "%appdata%"
Hosts:
EmptyTemp:
End
*****************

Restore point was successfully created.
Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\GrooveMonitor => value not found.
HKU\S-1-5-21-3254343490-304523243-1162089923-1001\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite Automount => value not found.
HKU\S-1-5-21-3254343490-304523243-1162089923-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{272bbe48-8ef8-11e5-826f-5c93a2b36634} => key not found.
HKCR\CLSID\{272bbe48-8ef8-11e5-826f-5c93a2b36634} => key not found.
HKU\S-1-5-21-3254343490-304523243-1162089923-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{272bbe4a-8ef8-11e5-826f-5c93a2b36634} => key not found.
HKCR\CLSID\{272bbe4a-8ef8-11e5-826f-5c93a2b36634} => key not found.
HKU\S-1-5-21-3254343490-304523243-1162089923-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{272bbe4d-8ef8-11e5-826f-5c93a2b36634} => key not found.
HKCR\CLSID\{272bbe4d-8ef8-11e5-826f-5c93a2b36634} => key not found.
HKU\S-1-5-21-3254343490-304523243-1162089923-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4e193dd9-539e-11e5-825e-5c93a2b36634} => key not found.
HKCR\CLSID\{4e193dd9-539e-11e5-825e-5c93a2b36634} => key not found.
HKU\S-1-5-21-3254343490-304523243-1162089923-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4e193de4-539e-11e5-825e-5c93a2b36634} => key not found.
HKCR\CLSID\{4e193de4-539e-11e5-825e-5c93a2b36634} => key not found.
HKU\S-1-5-21-3254343490-304523243-1162089923-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4e193ded-539e-11e5-825e-5c93a2b36634} => key not found.
HKCR\CLSID\{4e193ded-539e-11e5-825e-5c93a2b36634} => key not found.
HKU\S-1-5-21-3254343490-304523243-1162089923-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{56675805-825b-11e5-826c-5c93a2b36634} => key not found.
HKCR\CLSID\{56675805-825b-11e5-826c-5c93a2b36634} => key not found.
HKU\S-1-5-21-3254343490-304523243-1162089923-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6397b8d6-8bd4-11e5-826d-5c93a2b36634} => key not found.
HKCR\CLSID\{6397b8d6-8bd4-11e5-826d-5c93a2b36634} => key not found.
HKU\S-1-5-21-3254343490-304523243-1162089923-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7d9a4788-fa7a-11e5-8286-5c93a2b36634} => key not found.
HKCR\CLSID\{7d9a4788-fa7a-11e5-8286-5c93a2b36634} => key not found.
HKU\S-1-5-21-3254343490-304523243-1162089923-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7d9a47c0-fa7a-11e5-8286-5c93a2b36634} => key not found.
HKCR\CLSID\{7d9a47c0-fa7a-11e5-8286-5c93a2b36634} => key not found.
HKU\S-1-5-21-3254343490-304523243-1162089923-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7d9a47c3-fa7a-11e5-8286-5c93a2b36634} => key not found.
HKCR\CLSID\{7d9a47c3-fa7a-11e5-8286-5c93a2b36634} => key not found.
HKU\S-1-5-21-3254343490-304523243-1162089923-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7d9a47c6-fa7a-11e5-8286-5c93a2b36634} => key not found.
HKCR\CLSID\{7d9a47c6-fa7a-11e5-8286-5c93a2b36634} => key not found.
HKU\S-1-5-21-3254343490-304523243-1162089923-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{aebe6fb7-5331-11e5-825d-5c93a2b36634} => key not found.
HKCR\CLSID\{aebe6fb7-5331-11e5-825d-5c93a2b36634} => key not found.
"C:\windows\system32\GroupPolicy\Machine" => not found.
HKLM\SOFTWARE\Policies\Google => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKU\S-1-5-21-3254343490-304523243-1162089923-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{F1A0F86C-946A-4295-B312-8993334CA934} => key not found.
HKCR\CLSID\{F1A0F86C-946A-4295-B312-8993334CA934} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b90183ad-1cf4-4d7b-9461-b89083957547} => key not found.
HKCR\Wow6432Node\CLSID\{b90183ad-1cf4-4d7b-9461-b89083957547} => key not found.
HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer => key not found.
"C:\Users\Vendy\Downloads\adwcleaner_5.116.exe" => not found.
"C:\rsit" => not found.
"C:\Program Files\trend micro" => not found.
"C:\AdwCleaner" => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{533B5510-E948-4619-9B20-C09456D329F6} => key not found.
C:\windows\System32\Tasks\{9DDB2CF7-F519-4DB0-B411-5124ADEBFDE9} => not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{9DDB2CF7-F519-4DB0-B411-5124ADEBFDE9}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E3F40151-E966-43A9-9C67-07D88407C8A2}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E3F40151-E966-43A9-9C67-07D88407C8A2}" => key removed successfully
C:\windows\System32\Tasks\{34163D01-20B2-4803-A6A1-A581CB789CE6} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{34163D01-20B2-4803-A6A1-A581CB789CE6}" => key removed successfully
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully

========= ipconfig /flushdns =========

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========

========= dir "C:\PROGRA~1" =========

Volume in drive C is Windows8_OS
Volume Serial Number is A873-7F6C

Directory of C:\PROGRA~1

10. 05. 2016 20:42 <DIR> .
10. 05. 2016 20:42 <DIR> ..
04. 10. 2015 16:25 <DIR> AVAST Software
03. 12. 2015 15:02 <DIR> Common Files
11. 10. 2014 02:49 <DIR> CyberLink
04. 04. 2016 20:30 <DIR> DAEMON Tools Lite
11. 10. 2014 02:52 <DIR> DIFX
11. 10. 2014 02:09 <DIR> Elantech
29. 12. 2015 02:15 <DIR> Google
11. 10. 2014 02:42 <DIR> Google Play Music
11. 10. 2014 02:42 <DIR> Hightail
11. 10. 2014 02:01 <DIR> Intel
25. 04. 2016 18:56 <DIR> Internet Explorer
04. 12. 2015 18:16 <DIR> Lenovo
04. 09. 2015 23:58 <DIR> Microsoft Office
06. 05. 2016 06:57 <DIR> Microsoft Office 15
12. 01. 2016 19:49 <DIR> Microsoft Silverlight
02. 04. 2014 18:49 <DIR> MSBuild
11. 10. 2014 02:05 <DIR> Realtek
02. 04. 2014 18:49 <DIR> Reference Assemblies
11. 09. 2015 09:50 <DIR> Windows Defender
26. 02. 2016 20:03 <DIR> Windows Journal
11. 09. 2015 09:50 <DIR> Windows Mail
11. 09. 2015 09:50 <DIR> Windows Media Player
11. 09. 2015 09:49 <DIR> Windows Multimedia Platform
22. 08. 2013 17:36 <DIR> Windows NT
11. 09. 2015 09:50 <DIR> Windows Photo Viewer
11. 09. 2015 09:49 <DIR> Windows Portable Devices
11. 09. 2015 09:47 <DIR> WindowsPowerShell
05. 09. 2015 23:08 <DIR> WinRAR
0 File(s) 0 bytes
30 Dir(s) 114�144�743�424 bytes free

========= End of CMD: =========

========= dir "C:\PROGRA~2" =========

Volume in drive C is Windows8_OS
Volume Serial Number is A873-7F6C

Directory of C:\PROGRA~2

10. 05. 2016 19:08 <DIR> .
10. 05. 2016 19:08 <DIR> ..
06. 09. 2015 12:49 <DIR> 3DO
22. 11. 2015 19:25 <DIR> Activision
08. 09. 2015 17:23 <DIR> Adobe
11. 10. 2014 02:10 <DIR> Bluetooth Suite
20. 03. 2016 12:01 <DIR> Common Files
11. 10. 2014 02:49 <DIR> Cyberlink
06. 09. 2015 12:49 <DIR> directx
28. 11. 2015 22:50 <DIR> EA SPORTS
23. 04. 2016 22:53 <DIR> Electronic Arts
10. 05. 2016 13:30 <DIR> Google
11. 10. 2014 02:42 <DIR> Hightail
11. 10. 2014 02:03 <DIR> Intel
25. 04. 2016 18:56 <DIR> Internet Explorer
04. 10. 2015 19:03 <DIR> IrfanView
04. 09. 2015 20:21 <DIR> Lenovo
06. 03. 2016 20:22 <DIR> LucasArts
06. 09. 2015 01:53 <DIR> Microsoft Chart Controls
06. 12. 2015 09:41 <DIR> Microsoft Office
12. 01. 2016 19:49 <DIR> Microsoft Silverlight
05. 09. 2015 00:05 <DIR> Microsoft Visual Studio
04. 09. 2015 23:58 <DIR> Microsoft Visual Studio 8
08. 09. 2015 23:11 <DIR> Microsoft Works
05. 09. 2015 00:03 <DIR> Microsoft.NET
05. 09. 2015 00:06 <DIR> MSBuild
11. 10. 2014 02:50 <DIR> New Folder
06. 09. 2015 01:33 <DIR> OpenAL
29. 12. 2015 01:47 <DIR> Opera
18. 11. 2015 22:51 <DIR> Origin
03. 10. 2015 18:05 <DIR> Origin Games
03. 03. 2016 02:20 <DIR> PokerStars.NET
11. 10. 2014 02:08 <DIR> Qualcomm Atheros
05. 09. 2015 09:16 <DIR> Realtek
02. 04. 2014 18:49 <DIR> Reference Assemblies
18. 12. 2015 21:43 <DIR> Samsung
26. 02. 2016 23:47 <DIR> Sid Meiers Civilization Beyond Earth
05. 09. 2015 23:19 <DIR> Sierra On-Line
05. 05. 2016 21:28 <DIR> Skype
07. 09. 2015 19:43 <DIR> Steam
27. 02. 2016 10:25 <DIR> Ubisoft
05. 09. 2015 23:16 <DIR> Virgin Interactive
03. 10. 2015 18:11 <DIR> WestwoodOnline
11. 09. 2015 09:50 <DIR> Windows Defender
11. 09. 2015 09:50 <DIR> Windows Mail
11. 09. 2015 09:50 <DIR> Windows Media Player
11. 09. 2015 09:48 <DIR> Windows Multimedia Platform
22. 08. 2013 17:36 <DIR> Windows NT
11. 09. 2015 09:50 <DIR> Windows Photo Viewer
11. 09. 2015 09:48 <DIR> Windows Portable Devices
22. 08. 2013 17:36 <DIR> WindowsPowerShell
20. 11. 2015 13:35 <DIR> Zoner
0 File(s) 0 bytes
52 Dir(s) 114�144�739�328 bytes free

========= End of CMD: =========

========= dir "C:\PROGRA~3" =========

Volume in drive C is Windows8_OS
Volume Serial Number is A873-7F6C

Directory of C:\PROGRA~3

08. 09. 2015 17:37 <DIR> Adobe
04. 09. 2015 19:42 <DIR> Atheros
04. 10. 2015 16:24 <DIR> AVAST Software
05. 09. 2015 23:11 <DIR> DAEMON Tools Lite
11. 10. 2014 02:51 <DIR> Downloaded Installations
11. 10. 2014 21:31 <DIR> eBay
03. 10. 2015 18:02 <DIR> Electronic Arts
11. 10. 2014 02:52 <DIR> Energy Manager
11. 10. 2014 02:01 <DIR> Intel
04. 09. 2015 19:45 <DIR> Lenovo
20. 10. 2015 20:55 <DIR> MAGIX
16. 10. 2015 20:45 <DIR> McAfee
10. 05. 2016 08:03 <DIR> Microsoft Help
24. 09. 2015 12:47 <DIR> Microsoft OneDrive
16. 09. 2015 20:11 <DIR> Office2013
11. 10. 2014 02:44 <DIR> OneKey Recovery
18. 11. 2015 22:52 <DIR> Origin
20. 10. 2015 19:04 <DIR> Package Cache
11. 10. 2014 02:08 <DIR> Qualcomm Atheros
06. 05. 2016 07:00 <DIR> regid.1991-06.com.microsoft
05. 05. 2016 21:29 <DIR> Skype
26. 02. 2016 23:48 <DIR> Steam
11. 10. 2014 02:47 <DIR> Temp
11. 10. 2014 02:09 <DIR> {20C62DDD-E69A-40DF-A1B4-DDFF64AF793B}
0 File(s) 0 bytes
24 Dir(s) 114�144�735�232 bytes free

========= End of CMD: =========

========= dir "%localappdata%" =========

Volume in drive C is Windows8_OS
Volume Serial Number is A873-7F6C

Directory of C:\Users\Vendy\AppData\Local

10. 05. 2016 20:43 <DIR> .
10. 05. 2016 20:43 <DIR> ..
10. 05. 2016 19:13 <DIR> 3810282D-6C19-47B0-8283-5C6C29A7E108
08. 09. 2015 17:36 <DIR> Adobe
06. 09. 2015 17:56 <DIR> Apps
04. 09. 2015 19:42 <DIR> BMExplorer
06. 09. 2015 01:17 <DIR> CEF
10. 05. 2016 20:42 <DIR> CrashDumps
10. 05. 2016 19:19 <DIR> Deployment
06. 04. 2016 18:16 <DIR> Diagnostics
05. 09. 2015 23:15 <DIR> Disc_Soft_Ltd
08. 11. 2015 22:17 <DIR> Downloaded Installations
17. 04. 2016 13:01 <DIR> ElevatedDiagnostics
10. 05. 2016 13:30 <DIR> Google
04. 09. 2015 19:43 <DIR> GWX
04. 09. 2015 19:43 <DIR> Lenovo
20. 03. 2016 12:02 <DIR> Microsoft
28. 03. 2016 21:31 <DIR> Microsoft Help
10. 05. 2016 20:43 29�696 MSGBOX.EXE
26. 02. 2016 23:48 <DIR> My Games
29. 12. 2015 01:47 <DIR> Opera Software
03. 10. 2015 18:12 <DIR> Origin
15. 02. 2016 00:27 <DIR> Packages
17. 04. 2016 19:45 <DIR> PokerStars.NET
05. 09. 2015 09:09 <DIR> Programs
25. 12. 2015 18:25 <DIR> Skype
03. 12. 2015 20:50 <DIR> Sparta
06. 09. 2015 01:17 <DIR> Steam
10. 05. 2016 20:43 <DIR> Temp
25. 03. 2016 18:51 <DIR> VirtualStore
1 File(s) 29�696 bytes
29 Dir(s) 114�144�735�232 bytes free

========= End of CMD: =========

========= dir "%appdata%" =========

Volume in drive C is Windows8_OS
Volume Serial Number is A873-7F6C

Directory of C:\Users\Vendy\AppData\Roaming

10. 05. 2016 19:09 <DIR> .
10. 05. 2016 19:09 <DIR> ..
08. 09. 2015 17:37 <DIR> Adobe
04. 09. 2015 19:41 <DIR> Atheros
04. 10. 2015 16:48 <DIR> AVAST Software
05. 09. 2015 23:15 <DIR> DAEMON Tools Lite
04. 09. 2015 21:43 <DIR> Hightail for Lenovo
11. 09. 2015 18:30 <DIR> Identities
04. 10. 2015 19:03 <DIR> IrfanView
08. 11. 2015 22:17 <DIR> Leadertech
04. 09. 2015 19:44 <DIR> Macromedia
20. 10. 2015 20:55 <DIR> MAGIX
18. 04. 2016 19:52 <DIR> Mozilla
29. 12. 2015 01:47 <DIR> Opera Software
06. 09. 2015 21:15 <DIR> Origin
06. 03. 2016 20:33 <DIR> Petroglyph
18. 12. 2015 21:43 <DIR> Samsung
07. 05. 2016 10:25 <DIR> Skype
30. 11. 2015 08:11 <DIR> sparta111
03. 12. 2015 20:49 <DIR> WarThunder
05. 09. 2015 23:13 <DIR> WinRAR
20. 11. 2015 13:28 <DIR> Zoner
0 File(s) 0 bytes
22 Dir(s) 114�144�735�232 bytes free

========= End of CMD: =========

C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 2.6 GB temporary data Removed.

The system needed a reboot.

==== End of Fixlog 20:49:28 ====

#9 Příspěvek od **altrok** » 10 kvě 2016 20:09

Ulozte na plochu RogueKiller - http://www.bleepingcomputer.com/download/roguekiller/

spustte jako spravce
nahore prejdete na zalozku Scan
vpravo dole kliknete na Start Scan (potrva az nekolik desitek minut)
vlevo dole vyberte Open Report
vpravo dole Export TXT
report ulozte na plochu a jeho obsah vlozte do pristi odpovedi

Vlcacka · #10 Příspěvek od **Vlcacka** » 10 kvě 2016 20:45

RogueKiller V12.2.0.0 [May 10 2016] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/software/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 8.1 (6.3.9600) 64 bits version
Spuštěno : Normální režim
Uživatel : Vendy [Práva správce]
Started from : C:\Users\Vendy\Desktop\RogueKiller.exe
Mód : Prohledat -- Datum : 05/10/2016 21:43:18

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 3 ¤¤¤
[Hidden.From.SCM] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\VBoxAswDrv (\??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys) -> Nalezeno
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-3254343490-304523243-1162089923-1001\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.seznam.cz/ -> Nalezeno
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-3254343490-304523243-1162089923-1001\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.seznam.cz/ -> Nalezeno

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Nenahrán [0x20]) ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD5000LPCX-24C6HT0 +++++
--- User ---
[MBR] dc6e0b0b9f7c0bb95f3595876ad81e79
[BSP] 8284eebcb20779babb135effefa16373 : Empty|VT.Unknown MBR Code
Partition table:
0 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 2048 | Size: 1000 MB
1 - [SYSTEM][MAN-MOUNT] EFI system partition | Offset (sectors): 2050048 | Size: 260 MB
2 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 2582528 | Size: 1000 MB
3 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 4630528 | Size: 128 MB
4 - Basic data partition | Offset (sectors): 4892672 | Size: 435030 MB
5 - Basic data partition | Offset (sectors): 895834112 | Size: 25600 MB
6 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 948262912 | Size: 13921 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: SD Card +++++
--- User ---
[MBR] 379d6ece31b034fe0bc03ac0d9f2d6ba
[BSP] df4f83c1f72e36823a12b0dfc7617313 : Empty MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0xc) [VISIBLE] Offset (sectors): 8192 | Size: 29660 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] Po?adavek není podporován. )

#11 Příspěvek od **altrok** » 10 kvě 2016 20:49

Dejte logy FRST.txt a Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101
Pozn. pri druhem a dalsim spusteni FRST je pro vytvoreni logu Addition.txt nutne tuto volbu explicitne zatrhnout pred zacatkem skenu.

Vlcacka · #12 Příspěvek od **Vlcacka** » 10 kvě 2016 20:56

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:09-05-2016
Ran by Vendy (administrator) on VENDULKA (10-05-2016 21:52:56)
Running from C:\Users\Vendy\Desktop
Loaded Profiles: Vendy (Available Profiles: Vendy)
Platform: Windows 8.1 Connected (X64) Language: Angličtina (Spojené státy)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(© 2015 Microsoft Corporation) C:\Users\Vendy\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
(Lenovo) C:\Users\Vendy\AppData\Local\Apps\2.0\OLM4O8B3.WKT\2L8M9P4H.Y13\lsb...tion_91a10ba61c75c82d_0001.0005_a24d0d716055ed94\LSB.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe
(Microsoft Corporation) C:\Windows\System32\SrTasks.exe
(forum.viry.cz) C:\Users\Vendy\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672304 2014-03-21] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1385840 2014-04-07] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1385840 2014-04-07] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1385840 2014-04-07] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3276104 2014-04-02] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [16094704 2014-10-11] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [10841584 2014-10-11] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7139256 2016-03-25] (AVAST Software)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [134784 2014-03-25] (Qualcomm®Atheros®)
HKU\S-1-5-21-3254343490-304523243-1162089923-1001\...\Run: [BingSvc] => C:\Users\Vendy\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2016-03-20] (© 2015 Microsoft Corporation)
ShellIconOverlayIdentifiers: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-03-25] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
Startup: C:\Users\Vendy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Odeslat do OneNote.lnk [2015-09-27]
ShortcutTarget: Odeslat do OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation)
Startup: C:\Users\Vendy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk [2015-09-24]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{29E28E0A-9B89-41C3-A72E-BE31EF7F3E84}: [DhcpNameServer] 213.46.172.36 213.46.172.37

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-3254343490-304523243-1162089923-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
HKU\S-1-5-21-3254343490-304523243-1162089923-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3254343490-304523243-1162089923-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3254343490-304523243-1162089923-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-03-15] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-03-25] (AVAST Software)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-04-19] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-03-25] (AVAST Software)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-09-24] (Microsoft Corporation)

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-09-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-03] (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-03-26]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-03-26]

Chrome:
=======
CHR Profile: C:\Users\Vendy\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Vendy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-05-10]
CHR Extension: (Dokumenty Google) - C:\Users\Vendy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-05-10]
CHR Extension: (Disk Google) - C:\Users\Vendy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-05-10]
CHR Extension: (YouTube) - C:\Users\Vendy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-10]
CHR Extension: (Avast SafePrice) - C:\Users\Vendy\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-05-10]
CHR Extension: (Tabulky Google) - C:\Users\Vendy\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-05-10]
CHR Extension: (Dokumenty Google offline) - C:\Users\Vendy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-10]
CHR Extension: (Avast Online Security) - C:\Users\Vendy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-05-10]
CHR Extension: (Skype) - C:\Users\Vendy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-05-10]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Vendy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-10]
CHR Extension: (Gmail) - C:\Users\Vendy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-05-10]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2016-03-25]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-03-25]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [319104 2014-03-25] (Windows (R) Win 7 DDK provider) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [237096 2016-03-25] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2829552 2016-03-08] (Microsoft Corporation)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1444544 2016-03-01] (Disc Soft Ltd)
R2 DptfParticipantAcpiProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [117704 2013-09-17] (Intel Corporation)
R2 DptfPolicyCriticalService; C:\Windows\system32\DptfPolicyCriticalService.exe [150760 2013-09-17] (Intel Corporation)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [101680 2013-10-15] (ELAN Microelectronics Corp.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [296432 2014-04-09] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-02] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-02] (Intel(R) Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [533760 2014-06-03] (Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-05-22] (LENOVO INCORPORATED.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2099720 2015-11-18] (Electronic Arts)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe [68368 2014-10-11] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2014-03-25] (Atheros) [File not signed]
U4 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-03-25] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-03-25] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-03-25] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-03-25] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-03-25] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [463744 2016-03-25] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [165344 2016-03-25] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287016 2016-03-25] (AVAST Software)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3892224 2014-03-07] (Qualcomm Atheros Communications, Inc.)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [310728 2015-09-06] ()
S3 AX88772; C:\Windows\system32\DRIVERS\ax88772.sys [113864 2013-07-18] (ASIX Electronics Corp.)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-03-25] (Qualcomm Atheros)
R3 DptfDevAcpiProc; C:\Windows\system32\DRIVERS\DptfDevAcpiProc.sys [198808 2013-09-17] (Intel Corporation)
R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [493240 2013-09-17] (Intel Corporation)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-11-18] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2016-04-04] (Disc Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [42696 2015-09-06] ()
R0 MBI; C:\Windows\System32\drivers\MBI.sys [29464 2013-10-10] (Intel Corporation)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [80920 2015-07-02] (McAfee, Inc.)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [24688 2016-05-10] ()
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
U4 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-05-10 21:52 - 2016-05-10 21:54 - 00020666 _____ C:\Users\Vendy\Desktop\FRST.txt
2016-05-10 21:44 - 2016-05-10 21:44 - 00004692 _____ C:\Users\Vendy\Desktop\report.txt
2016-05-10 21:19 - 2016-05-10 21:10 - 19837512 _____ C:\Users\Vendy\Desktop\RogueKiller.exe
2016-05-10 21:12 - 2016-05-10 21:19 - 00000000 ____D C:\ProgramData\RogueKiller
2016-05-10 21:12 - 2016-05-10 21:12 - 00024688 _____ C:\windows\system32\Drivers\TrueSight.sys
2016-05-10 21:10 - 2016-05-10 21:10 - 19837512 _____ C:\Users\Vendy\Downloads\RogueKiller.exe
2016-05-10 20:42 - 2016-05-10 20:49 - 00019945 _____ C:\Users\Vendy\Desktop\Fixlog.txt
2016-05-10 19:52 - 2016-05-10 21:52 - 00000000 ____D C:\FRST
2016-05-10 19:47 - 2016-05-10 19:47 - 00112640 _____ (forum.viry.cz) C:\Users\Vendy\Desktop\FRSTLauncher.exe
2016-05-10 19:45 - 2016-05-10 19:45 - 02381312 _____ (Farbar) C:\Users\Vendy\Desktop\FRST64.exe
2016-05-10 13:30 - 2016-05-10 13:30 - 00002298 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-05-10 13:30 - 2016-05-10 13:30 - 00002286 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-05-09 23:31 - 2016-05-10 14:33 - 00000001 _____ C:\windows\SysWOW64\en.html
2016-05-09 10:42 - 2016-05-09 14:21 - 1966884864 _____ C:\Users\Vendy\Downloads\Whiplash-CZ-dabing-(2014).avi
2016-05-08 23:54 - 2016-05-08 23:54 - 07616981 _____ C:\Users\Vendy\Downloads\sazkabet_321.apk
2016-04-25 19:05 - 2016-04-05 23:53 - 00829944 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2016-04-25 19:05 - 2016-04-05 23:53 - 00176632 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-04-23 22:53 - 2016-04-23 22:53 - 00000000 ____D C:\Program Files (x86)\Electronic Arts
2016-04-23 22:53 - 2008-11-19 23:35 - 797310976 _____ C:\Users\Vendy\Downloads\SPORE - Creepy & Cute.iso
2016-04-23 22:44 - 2008-11-17 02:20 - 4138860544 _____ C:\Users\Vendy\Downloads\SPORE_SIDONKEY(CANUS_RG).iso
2016-04-23 16:52 - 2016-04-23 22:37 - 890044416 _____ C:\Users\Vendy\Downloads\SPORE_PCGAME-CZ-O.K.ISO
2016-04-21 21:01 - 2016-04-21 21:01 - 00002372 _____ C:\Users\Vendy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive pro firmy.lnk
2016-04-18 19:52 - 2016-04-18 19:52 - 00000000 ____D C:\Users\Vendy\AppData\Roaming\Mozilla
2016-04-17 00:17 - 2016-04-17 00:17 - 00348395 _____ C:\Users\Vendy\Downloads\AT-AT walker 2014 - 2.pdf
2016-04-17 00:16 - 2016-04-17 00:18 - 00096074 _____ C:\Users\Vendy\Downloads\AT-AT walker 2014 - 1.pdf
2016-04-17 00:13 - 2016-04-17 00:13 - 00512914 _____ C:\Users\Vendy\Downloads\MazacĂ tramvaj.pdf
2016-04-17 00:12 - 2016-04-17 00:12 - 00137955 _____ C:\Users\Vendy\Downloads\Star destroyer 1.pdf
2016-04-13 23:24 - 2016-04-04 08:35 - 00046768 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2016-04-13 23:24 - 2016-04-02 15:26 - 01386496 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2016-04-13 23:24 - 2016-04-02 15:26 - 01169408 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2016-04-13 23:24 - 2016-03-28 15:21 - 00698368 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2016-04-13 23:24 - 2016-03-28 15:21 - 00499200 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2016-04-13 23:24 - 2016-03-28 15:21 - 00279040 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2016-04-13 23:24 - 2016-03-28 15:21 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2016-04-13 23:24 - 2016-03-28 15:21 - 00076800 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2016-04-13 23:24 - 2016-02-09 03:31 - 02757616 _____ (Microsoft Corporation) C:\windows\explorer.exe
2016-04-13 23:24 - 2016-02-09 03:31 - 02412576 _____ (Microsoft Corporation) C:\windows\SysWOW64\explorer.exe
2016-04-13 23:24 - 2016-02-03 17:14 - 00080896 _____ (Microsoft Corporation) C:\windows\system32\Drivers\IPMIDrv.sys
2016-04-13 23:23 - 2016-03-10 21:19 - 07452512 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2016-04-13 23:23 - 2016-03-10 21:17 - 01663192 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2016-04-13 23:23 - 2016-03-10 21:17 - 01523216 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2016-04-13 23:23 - 2016-03-10 21:17 - 01490128 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2016-04-13 23:23 - 2016-03-10 21:17 - 01358960 _____ (Microsoft Corporation) C:\windows\system32\winresume.exe
2016-04-13 23:23 - 2016-03-10 21:17 - 01133752 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2016-04-13 23:23 - 2016-03-10 19:48 - 00862720 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2016-04-13 23:23 - 2016-03-10 19:43 - 00161280 _____ (Microsoft Corporation) C:\windows\SysWOW64\msorcl32.dll
2016-04-13 23:23 - 2016-03-10 18:55 - 00166400 _____ (Microsoft Corporation) C:\windows\system32\mtxoci.dll
2016-04-13 23:23 - 2016-03-10 18:42 - 00116736 _____ (Microsoft Corporation) C:\windows\SysWOW64\mtxoci.dll
2016-04-13 23:23 - 2016-02-09 03:31 - 22365472 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2016-04-13 23:23 - 2016-02-09 03:31 - 19794896 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2016-04-13 23:23 - 2016-02-09 03:31 - 00273264 _____ (Microsoft Corporation) C:\windows\system32\SystemSettingsAdminFlows.exe
2016-04-13 23:23 - 2016-02-08 22:55 - 02712576 _____ (Microsoft Corporation) C:\windows\SysWOW64\ExplorerFrame.dll
2016-04-13 23:23 - 2016-02-08 22:15 - 02551808 _____ (Microsoft Corporation) C:\windows\SysWOW64\themecpl.dll
2016-04-13 23:23 - 2016-02-08 22:02 - 01197056 _____ (Microsoft Corporation) C:\windows\SysWOW64\usercpl.dll
2016-04-13 23:23 - 2016-02-08 21:48 - 12879360 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinui.dll
2016-04-13 23:23 - 2016-02-08 21:43 - 00524288 _____ (Microsoft Corporation) C:\windows\SysWOW64\SettingSyncHost.exe
2016-04-13 23:23 - 2016-02-08 21:40 - 00539648 _____ (Microsoft Corporation) C:\windows\SysWOW64\hgcpl.dll
2016-04-13 23:23 - 2016-02-08 21:39 - 00305152 _____ (Microsoft Corporation) C:\windows\SysWOW64\stobject.dll
2016-04-13 23:23 - 2016-02-08 21:37 - 00141312 _____ (Microsoft Corporation) C:\windows\SysWOW64\SettingMonitor.dll
2016-04-13 23:23 - 2016-02-08 21:35 - 00954880 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinui.appcore.dll
2016-04-13 23:23 - 2016-02-08 21:34 - 00667648 _____ (Microsoft Corporation) C:\windows\SysWOW64\SettingSyncCore.dll
2016-04-13 23:23 - 2016-02-08 21:33 - 00520192 _____ (Microsoft Corporation) C:\windows\SysWOW64\SettingSync.dll
2016-04-13 23:23 - 2016-02-08 20:50 - 03120640 _____ (Microsoft Corporation) C:\windows\system32\ExplorerFrame.dll
2016-04-13 23:23 - 2016-02-08 19:55 - 02592256 _____ (Microsoft Corporation) C:\windows\system32\themecpl.dll
2016-04-13 23:23 - 2016-02-08 19:33 - 01278464 _____ (Microsoft Corporation) C:\windows\system32\usercpl.dll
2016-04-13 23:23 - 2016-02-08 19:12 - 14466560 _____ (Microsoft Corporation) C:\windows\system32\twinui.dll
2016-04-13 23:23 - 2016-02-08 19:02 - 00653824 _____ (Microsoft Corporation) C:\windows\system32\SettingSyncHost.exe
2016-04-13 23:23 - 2016-02-08 19:00 - 00599552 _____ (Microsoft Corporation) C:\windows\system32\hgcpl.dll
2016-04-13 23:23 - 2016-02-08 18:58 - 00336384 _____ (Microsoft Corporation) C:\windows\system32\stobject.dll
2016-04-13 23:23 - 2016-02-08 18:55 - 00173056 _____ (Microsoft Corporation) C:\windows\system32\SettingMonitor.dll
2016-04-13 23:23 - 2016-02-08 18:53 - 02171904 _____ (Microsoft Corporation) C:\windows\system32\SystemSettingsAdminFlowUI.dll
2016-04-13 23:23 - 2016-02-08 18:53 - 01348096 _____ (Microsoft Corporation) C:\windows\system32\AppXDeploymentServer.dll
2016-04-13 23:23 - 2016-02-08 18:50 - 01220096 _____ (Microsoft Corporation) C:\windows\system32\twinui.appcore.dll
2016-04-13 23:23 - 2016-02-08 18:50 - 00841728 _____ (Microsoft Corporation) C:\windows\system32\SettingSyncCore.dll
2016-04-13 23:23 - 2016-02-08 18:48 - 00655872 _____ (Microsoft Corporation) C:\windows\system32\SettingSync.dll
2016-04-13 23:23 - 2016-02-08 18:47 - 02819584 _____ (Microsoft Corporation) C:\windows\system32\SettingsHandlers.dll
2016-04-13 23:23 - 2016-02-08 18:44 - 00955392 _____ (Microsoft Corporation) C:\windows\system32\AppXDeploymentExtensions.dll
2016-04-13 23:23 - 2016-02-04 20:07 - 00222720 _____ (Microsoft Corporation) C:\windows\system32\dhcpsapi.dll
2016-04-13 23:23 - 2016-02-04 19:35 - 00142848 _____ (Microsoft Corporation) C:\windows\SysWOW64\dhcpsapi.dll
2016-04-13 23:23 - 2016-01-31 19:17 - 00779264 _____ (Microsoft Corporation) C:\windows\system32\WindowsAnytimeUpgradeui.exe
2016-04-13 23:23 - 2016-01-26 21:15 - 00072024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\vpci.sys
2016-04-13 23:23 - 2014-11-08 04:38 - 00166912 _____ (Microsoft Corporation) C:\windows\system32\AppxAllUserStore.dll
2016-04-13 23:23 - 2014-11-08 04:17 - 00143360 _____ (Microsoft Corporation) C:\windows\SysWOW64\AppxAllUserStore.dll
2016-04-13 23:20 - 2016-02-07 01:05 - 00551256 _____ (Microsoft Corporation) C:\windows\system32\Drivers\vhdmp.sys
2016-04-13 23:20 - 2016-02-07 00:41 - 00316760 _____ (Microsoft Corporation) C:\windows\system32\Drivers\volsnap.sys
2016-04-13 23:20 - 2016-02-05 21:07 - 00378712 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys
2016-04-13 23:20 - 2016-02-05 17:11 - 00845312 _____ (Microsoft Corporation) C:\windows\system32\BFE.DLL
2016-04-13 23:20 - 2016-02-05 17:11 - 00422400 _____ (Microsoft Corporation) C:\windows\system32\FWPUCLNT.DLL
2016-04-13 23:20 - 2016-02-05 17:07 - 00272384 _____ (Microsoft Corporation) C:\windows\SysWOW64\FWPUCLNT.DLL
2016-04-13 23:20 - 2016-02-05 17:02 - 01083904 _____ (Microsoft Corporation) C:\windows\system32\IKEEXT.DLL
2016-04-13 23:20 - 2016-02-05 16:46 - 01455104 _____ (Microsoft Corporation) C:\windows\system32\VSSVC.exe
2016-04-13 23:20 - 2016-02-04 18:23 - 00713216 _____ (Microsoft Corporation) C:\windows\system32\nshwfp.dll
2016-04-13 23:20 - 2016-02-04 18:22 - 00561664 _____ (Microsoft Corporation) C:\windows\SysWOW64\nshwfp.dll
2016-04-13 23:20 - 2016-02-03 17:11 - 01673728 _____ (Microsoft Corporation) C:\windows\system32\workfolderssvc.dll
2016-04-13 23:20 - 2016-02-02 20:16 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rasl2tp.sys
2016-04-13 23:20 - 2016-02-02 19:51 - 00162304 _____ (Microsoft Corporation) C:\windows\system32\WsmAuto.dll
2016-04-13 23:20 - 2016-02-02 19:19 - 00144384 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmAuto.dll
2016-04-13 23:20 - 2016-02-02 19:18 - 01574912 _____ (Microsoft Corporation) C:\windows\system32\wbengine.exe
2016-04-13 23:20 - 2016-02-02 19:15 - 00787456 _____ (Microsoft Corporation) C:\windows\system32\WorkfoldersControl.dll
2016-04-13 23:20 - 2016-02-02 19:01 - 00031744 _____ (Microsoft Corporation) C:\windows\system32\WsmAgent.dll
2016-04-13 23:20 - 2016-02-02 18:51 - 02609152 _____ (Microsoft Corporation) C:\windows\system32\WsmSvc.dll
2016-04-13 23:20 - 2016-02-02 18:48 - 00285184 _____ (Microsoft Corporation) C:\windows\system32\WsmWmiPl.dll
2016-04-13 23:20 - 2016-02-02 18:46 - 00026112 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmAgent.dll
2016-04-13 23:20 - 2016-02-02 18:41 - 02170880 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmSvc.dll
2016-04-13 23:20 - 2016-02-02 18:39 - 00236032 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmWmiPl.dll
2016-04-13 23:20 - 2016-01-27 17:18 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\rpcss.dll
2016-04-13 23:20 - 2016-01-22 07:22 - 02487296 _____ (Microsoft Corporation) C:\windows\system32\storagewmi.dll
2016-04-13 23:20 - 2016-01-22 07:11 - 01482240 _____ (Microsoft Corporation) C:\windows\SysWOW64\storagewmi.dll
2016-04-13 23:20 - 2016-01-21 21:35 - 00952928 _____ (Microsoft Corporation) C:\windows\system32\mfmp4srcsnk.dll
2016-04-13 23:20 - 2016-01-21 20:42 - 00786152 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfmp4srcsnk.dll
2016-04-13 23:20 - 2016-01-21 00:40 - 00099672 _____ (Microsoft Corporation) C:\windows\system32\Drivers\disk.sys
2016-04-13 22:58 - 2016-03-03 18:13 - 00059392 _____ (Microsoft Corporation) C:\windows\system32\basesrv.dll
2016-04-13 22:25 - 2016-03-31 02:54 - 25817600 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2016-04-13 22:25 - 2016-03-31 02:31 - 02892800 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2016-04-13 22:25 - 2016-03-31 02:28 - 00571904 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2016-04-13 22:25 - 2016-03-31 02:25 - 06052352 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2016-04-13 22:25 - 2016-03-31 02:17 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2016-04-13 22:25 - 2016-03-31 02:03 - 20352512 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2016-04-13 22:25 - 2016-03-31 01:56 - 00145408 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2016-04-13 22:25 - 2016-03-31 01:56 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2016-04-13 22:25 - 2016-03-31 01:55 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2016-04-13 22:25 - 2016-03-31 01:53 - 00496640 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2016-04-13 22:25 - 2016-03-31 01:51 - 02285056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2016-04-13 22:25 - 2016-03-31 01:50 - 01032704 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2016-04-13 22:25 - 2016-03-31 01:45 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2016-04-13 22:25 - 2016-03-31 01:45 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2016-04-13 22:25 - 2016-03-31 01:43 - 00806400 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2016-04-13 22:25 - 2016-03-31 01:43 - 00725504 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2016-04-13 22:25 - 2016-03-31 01:43 - 00379392 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2016-04-13 22:25 - 2016-03-31 01:42 - 02131968 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2016-04-13 22:25 - 2016-03-31 01:39 - 15415808 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2016-04-13 22:25 - 2016-03-31 01:30 - 04611072 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2016-04-13 22:25 - 2016-03-31 01:30 - 02596864 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2016-04-13 22:25 - 2016-03-31 01:30 - 00279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2016-04-13 22:25 - 2016-03-31 01:30 - 00128000 _____ (Microsoft Corporation) C:\windows\SysWOW64\iepeers.dll
2016-04-13 22:25 - 2016-03-31 01:27 - 00880128 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2016-04-13 22:25 - 2016-03-31 01:24 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2016-04-13 22:25 - 2016-03-31 01:23 - 02056192 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2016-04-13 22:25 - 2016-03-31 01:23 - 00693248 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2016-04-13 22:25 - 2016-03-31 01:23 - 00330752 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2016-04-13 22:25 - 2016-03-31 01:21 - 13811712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2016-04-13 22:25 - 2016-03-31 01:18 - 01547264 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2016-04-13 22:25 - 2016-03-31 01:06 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2016-04-13 22:25 - 2016-03-31 01:05 - 02121216 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2016-04-13 22:25 - 2016-03-31 01:02 - 01311744 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2016-04-13 22:25 - 2016-03-31 01:00 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2016-04-13 22:20 - 2016-03-29 16:05 - 04175872 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2016-04-13 22:20 - 2016-03-16 01:00 - 00561952 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2016-04-13 22:20 - 2016-03-15 16:14 - 01441792 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2016-04-13 22:20 - 2016-03-11 16:48 - 00833024 _____ (Microsoft Corporation) C:\windows\system32\samsrv.dll
2016-04-13 22:20 - 2016-03-10 20:22 - 00201728 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2016-04-13 22:20 - 2016-03-10 20:21 - 00401920 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2016-04-13 22:20 - 2016-03-10 20:20 - 00284672 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2016-04-13 22:20 - 2016-03-10 19:44 - 00445440 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2016-04-13 22:20 - 2016-03-10 19:16 - 00324096 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2016-04-13 22:20 - 2016-03-10 19:03 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\samlib.dll
2016-04-13 22:20 - 2016-03-10 18:48 - 00064512 _____ (Microsoft Corporation) C:\windows\SysWOW64\samlib.dll
2016-04-13 22:20 - 2016-03-03 18:47 - 02345472 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2016-04-13 22:20 - 2016-03-03 18:33 - 01556992 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2016-04-13 22:20 - 2016-03-03 03:39 - 01661576 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2016-04-13 22:20 - 2016-03-03 03:39 - 01212248 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-05-10 21:51 - 2015-09-04 20:25 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-05-10 21:19 - 2015-09-04 23:19 - 00000000 ____D C:\Users\Vendy\AppData\Local\CrashDumps
2016-05-10 20:58 - 2015-09-04 19:46 - 00003596 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3254343490-304523243-1162089923-1001
2016-05-10 20:55 - 2015-09-06 17:56 - 00000000 ____D C:\Users\Vendy\AppData\Local\Deployment
2016-05-10 20:54 - 2015-09-24 12:24 - 00000000 ____D C:\Users\Vendy\OneDrive
2016-05-10 20:53 - 2015-10-04 16:30 - 00004182 _____ C:\windows\System32\Tasks\avast! Emergency Update
2016-05-10 20:52 - 2015-11-19 11:45 - 00018944 ___SH C:\Users\Vendy\Desktop\Thumbs.db
2016-05-10 20:50 - 2015-09-05 09:19 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-05-10 20:50 - 2013-08-22 16:45 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-05-10 20:49 - 2014-10-11 02:50 - 00004608 _____ C:\windows\system32\VfService.trf
2016-05-10 20:42 - 2013-08-22 17:36 - 00000000 ___HD C:\windows\system32\GroupPolicy
2016-05-10 20:42 - 2013-08-22 17:36 - 00000000 ____D C:\windows\SysWOW64\GroupPolicy
2016-05-10 20:41 - 2015-09-04 19:51 - 00003970 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{FB21D78B-C66A-4FB0-91C1-5C161906F132}
2016-05-10 19:13 - 2016-04-04 20:30 - 00000000 ____D C:\Users\Vendy\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108
2016-05-10 19:13 - 2013-08-22 15:25 - 00262144 ___SH C:\windows\system32\config\BBI
2016-05-10 18:03 - 2015-09-08 17:24 - 00003886 _____ C:\windows\System32\Tasks\Adobe Acrobat Update Task
2016-05-10 18:02 - 2015-09-08 17:23 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-05-10 13:30 - 2015-09-27 22:54 - 00000000 ____D C:\Users\Vendy\AppData\Local\Google
2016-05-10 13:30 - 2015-09-27 22:54 - 00000000 ____D C:\Program Files (x86)\Google
2016-05-10 12:18 - 2015-09-04 19:42 - 00000000 ____D C:\Users\Vendy\Documents\Bluetooth Folder
2016-05-10 12:18 - 2013-08-22 15:36 - 00000000 ____D C:\windows\Inf
2016-05-09 18:54 - 2013-08-22 17:20 - 00000000 ____D C:\windows\CbsTemp
2016-05-09 18:52 - 2015-09-04 19:36 - 00000000 ___SD C:\windows\SysWOW64\GWX
2016-05-09 18:52 - 2015-09-04 19:36 - 00000000 ___SD C:\windows\system32\GWX
2016-05-09 14:21 - 2015-09-04 21:47 - 00000000 ____D C:\KMPlayer
2016-05-07 12:02 - 2015-09-11 09:47 - 00000000 ____D C:\windows\system32\appraiser
2016-05-07 10:25 - 2015-09-04 20:25 - 00000000 ____D C:\Users\Vendy\AppData\Roaming\Skype
2016-05-07 10:25 - 2015-09-04 19:38 - 00000000 ____D C:\Users\Vendy
2016-05-06 07:00 - 2013-08-22 17:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-05-06 06:57 - 2015-09-24 12:42 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-05-05 21:29 - 2015-09-04 20:25 - 00000000 ____D C:\ProgramData\Skype
2016-05-04 12:27 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-05-04 12:27 - 2013-08-22 17:36 - 00000000 ____D C:\windows\AppReadiness
2016-04-29 09:09 - 2013-08-22 17:36 - 00000000 ____D C:\windows\rescache
2016-04-25 19:12 - 2013-08-22 16:44 - 00582576 _____ C:\windows\system32\FNTCACHE.DAT
2016-04-25 18:55 - 2013-08-22 17:36 - 00000000 ___RD C:\windows\ToastData
2016-04-23 22:51 - 2014-10-11 02:03 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-04-21 21:01 - 2015-09-24 12:48 - 00003180 _____ C:\windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-3254343490-304523243-1162089923-1001
2016-04-19 19:14 - 2015-11-28 22:57 - 00000000 ____D C:\Users\Vendy\Documents\NHL09
2016-04-18 19:50 - 2013-08-22 17:36 - 00000000 ____D C:\windows\LiveKernelReports
2016-04-17 19:45 - 2016-01-09 17:11 - 00000000 ____D C:\Users\Vendy\AppData\Local\PokerStars.NET
2016-04-17 14:10 - 2014-10-11 02:01 - 00741456 _____ C:\windows\system32\perfh005.dat
2016-04-17 14:10 - 2014-10-11 02:01 - 00152464 _____ C:\windows\system32\perfc005.dat
2016-04-17 14:10 - 2014-03-18 11:53 - 01745984 _____ C:\windows\system32\PerfStringBackup.INI
2016-04-17 13:01 - 2015-09-05 23:37 - 00000000 ____D C:\Users\Vendy\AppData\Local\ElevatedDiagnostics
2016-04-17 00:23 - 2015-09-06 00:04 - 00065024 ___SH C:\Users\Vendy\Downloads\Thumbs.db
2016-04-13 23:55 - 2015-09-09 11:11 - 00000000 ____D C:\windows\system32\MRT
2016-04-13 23:47 - 2015-09-09 11:11 - 135176864 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2016-04-10 15:17 - 2015-09-04 22:40 - 00000000 ____D C:\Filmy
2016-04-10 11:12 - 2013-08-22 17:36 - 00000000 ____D C:\windows\system32\NDF

==================== Files in the root of some directories =======

2014-10-11 02:05 - 2014-10-11 02:05 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\Vendy\AppData\Local\Temp\dllnt_dump.dll

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Vendy\Desktop" je 5310 MB.

***** Startup Programs *****

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

Vlcacka · #13 Příspěvek od **Vlcacka** » 10 kvě 2016 21:00

Additional scan result of Farbar Recovery Scan Tool (x64) Version:09-05-2016
Ran by Vendy (2016-05-10 21:58:58)
Running from C:\Users\Vendy\Desktop
Windows 8.1 Connected (X64) (2015-09-04 17:37:42)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-3254343490-304523243-1162089923-500 - Administrator - Disabled)
Guest (S-1-5-21-3254343490-304523243-1162089923-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3254343490-304523243-1162089923-1003 - Limited - Enabled)
Vendy (S-1-5-21-3254343490-304523243-1162089923-1001 - Administrator - Enabled) => C:\Users\Vendy

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

A Game of Thrones - Genesis (HKLM-x32\...\Steam App 58550) (Version: - Cyanide Studios)
Abyss Odyssey (HKLM-x32\...\Steam App 255070) (Version: - ACE Team)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.016.20039 - Adobe Systems Incorporated)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISER_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISER_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISER_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.1.2253 - AVAST Software)
Botanicula (HKLM-x32\...\Steam App 207690) (Version: - Amanita Design)
Command & Conquer™ Red Alert 2 and Yuri’s Revenge (HKLM-x32\...\{F5275D1C-D133-486D-8F07-D6C571F0A8EC}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.3.0.0152 - Disc Soft Ltd)
Dependency Package Update (Version: 1.6.25.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.38.00 - Lenovo Inc.) Hidden
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.20 - Lenovo)
Energy Manager (x32 Version: 1.5.0.20 - Lenovo) Hidden
Game of Thrones (HKLM-x32\...\Steam App 208730) (Version: - Cyanide Studios)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 50.0.2661.94 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Heroes of Might and Magic® IV (HKLM-x32\...\InstallShield_{192E2132-E977-4D3E-90BA-9DBCE1B57F8C}) (Version: 1.00.0000 - 3DO)
Heroes of Might and Magic® IV (x32 Version: 1.00.0000 - 3DO) Hidden
Hightail for Lenovo (HKLM\...\{2F10E937-F6D7-4174-8AB9-B299E8FC5CEC}) (Version: 2.4.97.2857 - Hightail, Inc.)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.10.0.2208 - Intel Corporation)
Intel(R) Chipset Device Software (x32 Version: 10.0.13 - Intel(R) Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3540 - Intel Corporation)
Intel(R) Sideband Fabric Device Driver (HKLM-x32\...\C5A8BC6E-723A-4C0F-96E1-C426D1A4BCA9) (Version: 1.70.305.16316 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.40 - Irfan Skiljan)
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.0.1.5 - PandoraTV)
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.25.00 - Lenovo Group Limited)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2326 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.1.0.2326 - CyberLink Corp.) Hidden
Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.41.1 - ELAN Microelectronic Corp.)
Lenovo Service Bridge (HKU\S-1-5-21-3254343490-304523243-1162089923-1001\...\cbe8636f7dd0cf1d) (Version: 1.5.1.0 - Lenovo)
Lenovo SHAREit (HKLM-x32\...\Lenovo SHAREit_is1) (Version: 2.0.5.0 - Lenovo Group Limited)
Lenovo VeriFace (HKLM\...\Lenovo VeriFace) (Version: 5.0.13.5261 - Lenovo)
Metric Collection SDK 35 (x32 Version: 1.2.0001.00 - Lenovo Group Limited) Hidden
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.0.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3254343490-304523243-1162089923-1001\...\OneDriveSetup.exe) (Version: 17.3.6386.0412 - Microsoft Corporation)
Microsoft OneNote 2013 - cs-cz (HKLM\...\OneNoteFreeRetail - cs-cz) (Version: 15.0.4815.1002 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
NHL06 (HKLM-x32\...\{D0DC1674-B5E8-4364-009E-B350048DD006}) (Version: - )
NHL™ 09 (HKLM-x32\...\{827B97A9-B347-4110-9F89-37AF2B758F94}) (Version: 2.0.1.0 - Electronic Arts)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4815.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4815.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4815.1002 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 9.7.2.53208 - Electronic Arts, Inc.)
Original War (HKLM-x32\...\Original War) (Version: - )
Pharaoh (HKLM-x32\...\Pharaoh) (Version: - )
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.320 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39048 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.29.314.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7218 - Realtek Semiconductor Corp.)
SAMSUNG USB Driver for Mobile Phones Packages (HKU\S-1-5-21-3254343490-304523243-1162089923-1001\...\SAMSUNG USB Driver for Mobile Phones Packages) (Version: - ) <==== ATTENTION
Sid Meiers Civilization Beyond Earth (HKLM-x32\...\U2lkTWVpZXJzQ2l2aWxpemF0aW9uQmV5b25kRWFydGg=_is1) (Version: 1 - )
Skype™ 7.22 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.22.109 - Skype Technologies S.A.)
Star Trek Starfleet Command III (HKLM-x32\...\Star Trek Starfleet Command III) (Version: - )
Star Wars Empire at War (HKLM-x32\...\{99AE7207-8612-4DBA-A8F8-BAE5C633390D}) (Version: 1.0 - LucasArts)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
User Manuals (x32 Version: 3.0.0.3 - Lenovo) Hidden
WestwoodOnline (HKLM-x32\...\{BBCD6D56-8A26-4DDE-9482-DBC9C7B7341D}) (Version: 1.0.0.0 - WestwoodOnline)
Windows Driver Package - Lenovo (ACPIVPC) System (09/24/2013 19.29.2.34) (HKLM\...\EE9B1F2037C580F36D92FA431CC02BFF04C31F15) (Version: 09/24/2013 19.29.2.34 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Zoner Callisto 5 (HKLM-x32\...\{4F62B1AE-E778-49E2-9C57-C1C65A122098}) (Version: 5.0.5000.15 - ZONER software)
Zoner Photo Studio 10 (HKLM-x32\...\ZonerPhotoStudio10_CZ_is1) (Version: - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3254343490-304523243-1162089923-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Vendy\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64\FileCoAuthLib64.dll ()
CustomCLSID: HKU\S-1-5-21-3254343490-304523243-1162089923-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Vendy\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3254343490-304523243-1162089923-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-3254343490-304523243-1162089923-1001_Classes\CLSID\{BCAFD618-3FAE-4EFE-BF4E-4C43A7E1320B}\InprocServer32 -> C:\Program Files (x86)\Zoner\Photo Studio 10\Program\SHELLEXT64.DLL (ZONER software)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {44E59A4E-67AA-4384-8975-BA20A97088A0} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-05-30] (Lenovo)
Task: {46057DA9-9F48-4F15-B258-90A744557317} - System32\Tasks\Microsoft\Windows\Setup\gwx\rundetector => C:\Windows\system32\GWX\GWXDetector.exe [2016-04-26] (Microsoft Corporation)
Task: {468E600F-1D1F-4A75-AE40-4E4CEB1DA9F4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-27] (Google Inc.)
Task: {54F0957B-862A-459C-A788-DE0D08F1C987} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2014-05-22] ()
Task: {7A1716EA-045B-46D9-85F7-7FCD708F366E} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-03-25] (AVAST Software)
Task: {87AA914B-DB3E-4B7D-8455-72CB190582D1} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-02-09] (Microsoft Corporation)
Task: {8C75BFC6-3B4F-49BA-91DF-173DC169CC00} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {9E3E5C36-D429-4E31-97D2-6747EF16A675} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-03-05] (AVAST Software)
Task: {A71A76EB-F1E2-4172-8169-472F8E72EE89} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-02-09] (Microsoft Corporation)
Task: {C496099E-ED6B-4F2B-B3CF-B1F0B946202D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-27] (Google Inc.)
Task: {CA75EF36-0D3C-46DF-BED3-A276B8A408C6} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\windows\system32\MRT.exe [2016-04-13] (Microsoft Corporation)
Task: {DFE836F8-F03E-457C-A4E4-80387F91D7FE} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-3254343490-304523243-1162089923-1001 => C:\Users\Vendy\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-04-21] (Microsoft Corporation)
Task: {F120BB09-6056-4E8D-AEBF-8137B5BCECAF} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-3254343490-304523243-1162089923-1001 => Rundll32.exe dfshim.dll,ShOpenVerbShortcut C:\Users\Vendy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Lenovo Service Bridge.appref-ms

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

#14 Příspěvek od **altrok** » 10 kvě 2016 21:03

Velikost plochy by nemela presahovat 200 MB. Zpomaluje se pak start i samotny chod celeho PC. Doporucuji hlavne velke soubory a slozky premistit napr. do Dokumentu a na plochu umistit pouze zastupce.

V logu jiz dalsi havet nevidim. Vyzkousejte prosim, jak se PC chova ted.

Vlcacka · #15 Příspěvek od **Vlcacka** » 10 kvě 2016 21:05

Á, moje chyba, to budou fotky na přebrání.
Počítač je OK. Děkuju moc!

VIRY.CZ

Prosím o kontrolu

Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu

Re: Prosím o kontrolu