VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Zpomalený Pc - procesy csrss a winlogon

https://forum.viry.cz:443/viewtopic.php?t=149924

Stránka 1 z 2

Zpomalený Pc - procesy csrss a winlogon

Napsal: 04 zář 2016 20:25
od simkavac
Mám zpomalený PC. Už jsme spustila všechny možné kontroly a opravy. Bohužel se po restartu vždy znovu mezi procesy objeví csrss a winlogon, u kterých nejde otevřít umístění souboru. Vkládám FRST a prosím o kontrolu. Moc děkuji.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 31-08-2016
Ran by Simona (administrator) on SIMONA-HP (04-09-2016 21:02:48)
Running from C:\Users\Simona\Desktop\aaa
Loaded Profiles: Simona (Available Profiles: Simona)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(brother Industries Ltd) C:\Windows\SysWOW64\BRSVC01A.EXE
(brother Industries Ltd) C:\Windows\SysWOW64\BRSS01A.EXE
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(CobianSoft, Luis Cobian) C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe
(Luis Cobian, CobianSoft) C:\Program Files (x86)\Cobian Backup 11\cbService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Hewlett-Packard Development Company, L.P) C:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Source Engine\OSE.EXE
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\perfhost.exe
(Microsoft Corporation) C:\Windows\System32\Locator.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(ArcSoft, Inc.) C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Hewlett-Packard Company) C:\Windows\SysWOW64\flcdlock.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Portrait Displays, Inc) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSDKHelperx64.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [HPPowerAssistant] => C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [2919992 2011-01-27] (Hewlett-Packard Company)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2804976 2013-10-30] (Synaptics Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9107104 2016-09-04] (AVAST Software)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2013-05-14] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4522496 2012-12-27] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [2009088 2013-01-18] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\DeviceNP-x32: DeviceNP.dll [X]
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-21-2478000333-2312206248-9832235-1001\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
Lsa: [Notification Packages] DPPassFilter scecli
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => No File
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => No File
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-04] (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{EBE7B400-6594-4C21-AE4C-F130F40B488A}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2478000333-2312206248-9832235-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2478000333-2312206248-9832235-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE07&ocid=UE07DHP
HKU\S-1-5-21-2478000333-2312206248-9832235-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM-x32 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2478000333-2312206248-9832235-1001 -> DefaultScope 0633EE93-D776-472f-A0FF-E1416B8B2E3A URL =
SearchScopes: HKU\S-1-5-21-2478000333-2312206248-9832235-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-08-02] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-09-04] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-08-02] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-05-04] (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-01-07] (Atheros Commnucations)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-09-04] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-12-01] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-04] (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
DPF: HKLM-x32 {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1472075087528

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-13] ()
FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-08-02] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-08-02] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-13] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-04] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-04] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation)
FF Plugin-x32: @software602.cz/602XML Filler -> C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll [2011-11-24] (Software602 a.s.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-09-04]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-09-04]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF

Chrome:
=======
CHR HKU\S-1-5-21-2478000333-2312206248-9832235-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ooebgdicanjhnamfmdlmlbcnkgehkkmf] - hxxps://clients2.google.com/service/update2/crx

Opera:
=======
OPR Extension: (Evernote Web Clipper) - C:\Users\Simona\AppData\Roaming\Opera Software\Opera Stable\Extensions\afgbccjghcnbcdjgogpckamibfkceahd [2016-08-19]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s.)
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-01-07] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [53920 2011-01-07] (Atheros Commnucations) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-04] (AVAST Software)
S2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [113704 2014-02-09] (AVAST Software)
R2 Brother XP spl Service; C:\windows\SysWOW64\brsvc01a.exe [57344 2002-04-12] (brother Industries Ltd) [File not signed]
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [File not signed]
R2 cbVSCService11; C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe [67584 2012-12-05] (CobianSoft, Luis Cobian) [File not signed]
R2 CobianBackup11; C:\Program Files (x86)\Cobian Backup 11\cbService.exe [1131008 2012-12-06] (Luis Cobian, CobianSoft) [File not signed]
R2 DpHost; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [481104 2011-02-12] (DigitalPersona, Inc.)
R2 FLCDLOCK; c:\Windows\SysWOW64\flcdlock.exe [464480 2011-02-04] (Hewlett-Packard Company)
R2 HP ProtectTools Service; c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [36864 2011-01-12] (Hewlett-Packard Development Company, L.P) [File not signed]
R2 HPDayStarterService; c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [133688 2011-01-28] (Hewlett-Packard Company)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [281656 2011-01-29] (Hewlett-Packard Company)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2007-11-06] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [139264 2007-11-06] (Hewlett-Packard Co.) [File not signed]
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-07-31] (IObit)
S3 McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [1318912 2011-02-09] () [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [327680 2014-04-02] (IDT, Inc.) [File not signed]
R2 uArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [502464 2010-11-11] (ArcSoft, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 XobniService; C:\Program Files (x86)\Xobni\XobniService.exe [62184 2011-03-07] (Xobni Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ARCVCAM; C:\Windows\System32\DRIVERS\ArcSoftVCapture.sys [32192 2010-11-11] (ArcSoft, Inc.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-09-04] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-09-04] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-09-04] (AVAST Software)
R1 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [440672 2014-02-22] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-09-04] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-09-04] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969560 2016-09-04] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513496 2016-09-04] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-09-04] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [292704 2016-09-04] (AVAST Software)
R3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv64.sys [63336 2011-02-07] (Hewlett-Packard Company)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [129152 2016-04-25] (Samsung Electronics Co., Ltd.)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 HPEWSFXBULK; C:\Windows\System32\drivers\hpfx64bulk.sys [20504 2009-02-26] (Hewlett Packard)
R2 kisknl; C:\windows\system32\drivers\kisknl.sys [221496 2013-02-10] (Kingsoft Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2014-04-02] (Intel Corporation)
R0 MfeEpePc; C:\Windows\System32\Drivers\MfeEpePc.sys [168008 2011-02-09] (McAfee, Inc.)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [1512952 2014-04-02] (Sunplus)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.)
S3 catchme; \??\C:\aaa\catchme.sys [X]
S3 cpuz132; \??\C:\Users\Simona\AppData\Local\Temp\cpuz132\cpuz132_x64.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 EverestDriver; \??\C:\Users\Simona\AppData\Local\Temp\EverestDriver.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X]
S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [X]
S3 huawei_wwanecm; system32\DRIVERS\ew_juwwanecm.sys [X]
S1 KDHacker; \??\c:\program files (x86)\kingsoft\kingsoft antivirus\security\kxescan\kdhacker64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-09-04 20:29 - 2016-09-04 21:02 - 00000000 ____D C:\FRST
2016-09-04 19:51 - 2016-09-04 19:53 - 00000000 ____D C:\Program Files\trend micro
2016-09-04 19:51 - 2016-09-04 19:51 - 00000000 ____D C:\rsit
2016-09-04 18:15 - 2016-09-04 18:15 - 00026891 _____ C:\ComboFix.txt
2016-09-04 17:36 - 2016-09-04 17:35 - 00391496 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2016-09-04 17:35 - 2016-09-04 17:35 - 00053208 _____ (AVAST Software) C:\windows\avastSS.scr
2016-09-04 16:45 - 2016-09-04 16:45 - 00003328 _____ C:\windows\System32\Tasks\CrystalDiskInfo
2016-09-04 16:41 - 2016-09-04 16:42 - 00000000 ____D C:\Program Files (x86)\CrystalDiskInfo
2016-09-04 16:41 - 2016-09-04 16:41 - 03958792 _____ (Crystal Dew World ) C:\Users\Simona\Downloads\CrystalDiskInfo7_0_2-en.exe
2016-09-04 16:41 - 2016-09-04 16:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2016-09-04 16:40 - 2016-09-04 16:40 - 03958792 _____ (Crystal Dew World ) C:\Users\Simona\Downloads\62C9.tmp
2016-09-04 15:46 - 2016-09-04 17:43 - 00192216 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2016-09-04 15:45 - 2016-09-04 15:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-09-04 15:45 - 2016-09-04 15:45 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-09-04 15:45 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2016-09-04 15:45 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamchameleon.sys
2016-09-04 15:45 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\windows\system32\Drivers\mbam.sys
2016-09-04 15:43 - 2016-09-04 15:43 - 00027277 _____ C:\Users\Simona\Desktop\cf log.txt
2016-09-04 15:03 - 2011-06-26 08:45 - 00256000 _____ C:\windows\PEV.exe
2016-09-04 15:03 - 2010-11-07 19:20 - 00208896 _____ C:\windows\MBR.exe
2016-09-04 15:03 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
2016-09-04 15:03 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
2016-09-04 15:03 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
2016-09-04 15:03 - 2000-08-31 02:00 - 00098816 _____ C:\windows\sed.exe
2016-09-04 15:03 - 2000-08-31 02:00 - 00080412 _____ C:\windows\grep.exe
2016-09-04 15:03 - 2000-08-31 02:00 - 00068096 _____ C:\windows\zip.exe
2016-09-04 15:02 - 2016-09-04 20:31 - 00000000 ____D C:\Users\Simona\Desktop\aaa
2016-09-04 15:02 - 2016-09-04 15:33 - 00000000 ____D C:\windows\erdnt
2016-09-03 07:41 - 2016-09-03 07:41 - 00001076 _____ C:\Users\Simona\Desktop\vysledek.txt
2016-09-02 20:42 - 2016-09-02 20:42 - 00000000 ____D C:\Program Files (x86)\ESET
2016-09-02 20:41 - 2016-09-02 20:41 - 02870984 _____ (ESET) C:\Users\Simona\Downloads\esetsmartinstaller_csy.exe
2016-09-02 19:47 - 2016-09-02 19:54 - 00000000 ____D C:\Users\Simona\Documents\1 STAŽENÉ SOUBORY POTŘEBNÉ
2016-09-01 23:37 - 2016-09-04 18:15 - 00000000 ____D C:\Qoobox
2016-09-01 16:12 - 2016-09-01 16:12 - 00000000 ____D C:\Users\Simona\Desktop\Strategický rozvojový plán
2016-08-30 21:31 - 2016-08-30 21:31 - 03292190 _____ C:\Users\Simona\Desktop\návod synology.pdf
2016-08-16 20:07 - 2016-09-03 07:43 - 00000958 _____ C:\windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-08-16 20:07 - 2016-08-16 20:07 - 00003956 _____ C:\windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-08-16 19:31 - 2016-07-08 17:32 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2016-08-16 19:31 - 2016-07-08 17:16 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2016-08-14 21:49 - 2016-08-14 21:52 - 00003848 _____ C:\windows\System32\Tasks\Opera scheduled Autoupdate 1471204159
2016-08-14 21:49 - 2016-08-14 21:49 - 00001131 _____ C:\Users\Public\Desktop\Opera.lnk
2016-08-14 21:49 - 2016-08-14 21:49 - 00001131 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-08-14 21:49 - 2016-08-14 21:49 - 00000000 ____D C:\Users\Simona\AppData\Roaming\Opera Software
2016-08-14 21:49 - 2016-08-14 21:49 - 00000000 ____D C:\Users\Simona\AppData\Local\Opera Software
2016-08-14 16:13 - 2016-07-08 17:01 - 03218944 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2016-08-14 15:23 - 2016-08-02 16:54 - 00394440 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2016-08-14 15:23 - 2016-08-02 16:08 - 00346312 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2016-08-14 15:23 - 2016-08-02 08:47 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2016-08-14 15:23 - 2016-08-02 08:47 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2016-08-14 15:23 - 2016-08-02 08:32 - 02894336 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2016-08-14 15:23 - 2016-08-02 08:32 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2016-08-14 15:23 - 2016-08-02 08:31 - 00572416 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2016-08-14 15:23 - 2016-08-02 08:31 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2016-08-14 15:23 - 2016-08-02 08:23 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2016-08-14 15:23 - 2016-08-02 08:19 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2016-08-14 15:23 - 2016-08-02 08:11 - 00969216 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2016-08-14 15:23 - 2016-08-02 08:03 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2016-08-14 15:23 - 2016-08-02 08:00 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2016-08-14 15:23 - 2016-08-02 07:59 - 00107520 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2016-08-14 15:23 - 2016-08-02 07:54 - 20343808 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2016-08-14 15:23 - 2016-08-02 07:53 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2016-08-14 15:23 - 2016-08-02 07:51 - 00497664 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2016-08-14 15:23 - 2016-08-02 07:51 - 00152064 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2016-08-14 15:23 - 2016-08-02 07:51 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2016-08-14 15:23 - 2016-08-02 07:51 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2016-08-14 15:23 - 2016-08-02 07:50 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2016-08-14 15:23 - 2016-08-02 07:47 - 02286592 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2016-08-14 15:23 - 2016-08-02 07:45 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2016-08-14 15:23 - 2016-08-02 07:44 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2016-08-14 15:23 - 2016-08-02 07:42 - 00476160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2016-08-14 15:23 - 2016-08-02 07:41 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2016-08-14 15:23 - 2016-08-02 07:41 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2016-08-14 15:23 - 2016-08-02 07:41 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2016-08-14 15:23 - 2016-08-02 07:38 - 00806400 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2016-08-14 15:23 - 2016-08-02 07:38 - 00724992 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2016-08-14 15:23 - 2016-08-02 07:36 - 02131456 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2016-08-14 15:23 - 2016-08-02 07:33 - 00416256 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2016-08-14 15:23 - 2016-08-02 07:29 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-08-14 15:23 - 2016-08-02 07:28 - 00091136 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2016-08-14 15:23 - 2016-08-02 07:25 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2016-08-14 15:23 - 2016-08-02 07:24 - 00279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2016-08-14 15:23 - 2016-08-02 07:22 - 00130048 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2016-08-14 15:23 - 2016-08-02 07:21 - 04608000 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2016-08-14 15:23 - 2016-08-02 07:16 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2016-08-14 15:23 - 2016-08-02 07:15 - 00692736 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2016-08-14 15:23 - 2016-08-02 07:14 - 02055680 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2016-08-14 15:23 - 2016-08-02 07:14 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2016-08-14 15:23 - 2016-08-02 07:11 - 13808128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2016-08-14 15:23 - 2016-08-02 07:10 - 01550848 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2016-08-14 15:23 - 2016-08-02 06:59 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2016-08-14 15:23 - 2016-08-02 06:56 - 02393088 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2016-08-14 15:23 - 2016-08-02 06:53 - 01316352 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2016-08-14 15:23 - 2016-08-02 06:51 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2016-08-14 15:23 - 2016-07-08 17:37 - 00154856 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2016-08-14 15:23 - 2016-07-08 17:37 - 00095464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2016-08-14 15:23 - 2016-07-08 17:32 - 01464320 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2016-08-14 15:23 - 2016-07-08 17:32 - 01212928 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2016-08-14 15:23 - 2016-07-08 17:32 - 00730624 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2016-08-14 15:23 - 2016-07-08 17:32 - 00690688 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2016-08-14 15:23 - 2016-07-08 17:32 - 00463872 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2016-08-14 15:23 - 2016-07-08 17:32 - 00343552 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2016-08-14 15:23 - 2016-07-08 17:32 - 00316416 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2016-08-14 15:23 - 2016-07-08 17:32 - 00312320 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2016-08-14 15:23 - 2016-07-08 17:32 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2016-08-14 15:23 - 2016-07-08 17:32 - 00190464 _____ (Microsoft Corporation) C:\windows\system32\rpchttp.dll
2016-08-14 15:23 - 2016-07-08 17:32 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2016-08-14 15:23 - 2016-07-08 17:32 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2016-08-14 15:23 - 2016-07-08 17:32 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2016-08-14 15:23 - 2016-07-08 17:32 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2016-08-14 15:23 - 2016-07-08 17:32 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2016-08-14 15:23 - 2016-07-08 17:32 - 00028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2016-08-14 15:23 - 2016-07-08 17:32 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2016-08-14 15:23 - 2016-07-08 17:32 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2016-08-14 15:23 - 2016-07-08 17:17 - 00666112 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2016-08-14 15:23 - 2016-07-08 17:17 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2016-08-14 15:23 - 2016-07-08 17:16 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2016-08-14 15:23 - 2016-07-08 17:16 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2016-08-14 15:23 - 2016-07-08 17:16 - 00342528 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2016-08-14 15:23 - 2016-07-08 17:16 - 00260608 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2016-08-14 15:23 - 2016-07-08 17:16 - 00251392 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2016-08-14 15:23 - 2016-07-08 17:16 - 00223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2016-08-14 15:23 - 2016-07-08 17:16 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2016-08-14 15:23 - 2016-07-08 17:16 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2016-08-14 15:23 - 2016-07-08 17:16 - 00141312 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpchttp.dll
2016-08-14 15:23 - 2016-07-08 17:16 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2016-08-14 15:23 - 2016-07-08 17:16 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2016-08-14 15:23 - 2016-07-08 17:16 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2016-08-14 15:23 - 2016-07-08 17:16 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2016-08-14 15:23 - 2016-07-08 17:03 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2016-08-14 15:23 - 2016-07-08 16:57 - 00159744 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2016-08-14 15:23 - 2016-07-08 16:56 - 00291328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2016-08-14 15:23 - 2016-07-08 16:56 - 00129536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2016-08-14 15:23 - 2016-07-08 16:55 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2016-08-14 15:23 - 2016-07-08 16:55 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2016-08-14 15:23 - 2016-07-08 16:50 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2016-08-14 15:22 - 2016-08-02 08:54 - 25808384 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2016-08-14 15:22 - 2016-08-02 08:31 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2016-08-14 15:22 - 2016-08-02 08:31 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2016-08-14 15:22 - 2016-08-02 08:24 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2016-08-14 15:22 - 2016-08-02 08:20 - 00615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2016-08-14 15:22 - 2016-08-02 08:19 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2016-08-14 15:22 - 2016-08-02 08:18 - 06047744 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2016-08-14 15:22 - 2016-08-02 08:18 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2016-08-14 15:22 - 2016-08-02 08:18 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2016-08-14 15:22 - 2016-08-02 08:08 - 00489984 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2016-08-14 15:22 - 2016-08-02 07:56 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2016-08-14 15:22 - 2016-08-02 07:55 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2016-08-14 15:22 - 2016-08-02 07:51 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2016-08-14 15:22 - 2016-08-02 07:40 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2016-08-14 15:22 - 2016-08-02 07:37 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2016-08-14 15:22 - 2016-08-02 07:28 - 15412224 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2016-08-14 15:22 - 2016-08-02 07:26 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2016-08-14 15:22 - 2016-08-02 07:23 - 02868224 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2016-08-11 19:04 - 2016-08-11 19:04 - 00000782 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-08-11 18:41 - 2016-09-02 19:45 - 00001882 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-08-11 18:41 - 2016-08-11 18:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-09-04 21:01 - 2015-04-12 20:56 - 00000000 ____D C:\AdwCleaner
2016-09-04 20:56 - 2009-07-14 05:20 - 00000000 ____D C:\windows\inf
2016-09-04 20:36 - 2009-07-14 06:45 - 00025648 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-09-04 20:36 - 2009-07-14 06:45 - 00025648 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-09-04 20:25 - 2012-04-15 10:42 - 00000914 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2016-09-04 20:22 - 2011-05-12 02:01 - 00000000 ____D C:\ProgramData\HPQLOG
2016-09-04 20:21 - 2009-07-14 07:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-09-04 18:50 - 2012-07-25 07:27 - 00004180 _____ C:\windows\System32\Tasks\avast! Emergency Update
2016-09-04 18:10 - 2009-07-14 04:34 - 00000215 ____N C:\windows\system.ini
2016-09-04 17:42 - 2016-03-23 23:06 - 00003892 _____ C:\windows\System32\Tasks\SafeZone scheduled Autoupdate 1458767177
2016-09-04 17:36 - 2014-01-01 20:25 - 00163416 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2016-09-04 17:35 - 2016-03-23 23:05 - 00037144 _____ (AVAST Software) C:\windows\system32\Drivers\aswKbd.sys
2016-09-04 17:35 - 2014-06-24 08:28 - 00037656 _____ (AVAST Software) C:\windows\system32\Drivers\aswHwid.sys
2016-09-04 17:35 - 2013-11-05 12:08 - 00969560 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2016-09-04 17:35 - 2013-11-05 12:08 - 00513496 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2016-09-04 17:35 - 2013-11-05 12:08 - 00292704 _____ (AVAST Software) C:\windows\system32\Drivers\aswVmm.sys
2016-09-04 17:35 - 2013-11-05 12:08 - 00108816 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2016-09-04 17:35 - 2013-11-05 12:08 - 00103064 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2016-09-04 17:35 - 2013-11-05 12:08 - 00074544 _____ (AVAST Software) C:\windows\system32\Drivers\aswRvrt.sys
2016-09-04 16:42 - 2011-10-14 12:34 - 00078952 _____ C:\Users\Simona\AppData\Local\GDIPFONTCACHEV1.DAT
2016-09-04 16:40 - 2011-05-12 02:04 - 00671360 _____ C:\windows\system32\perfh005.dat
2016-09-04 16:40 - 2011-05-12 02:04 - 00142682 _____ C:\windows\system32\perfc005.dat
2016-09-04 16:40 - 2009-07-14 07:13 - 01586170 _____ C:\windows\system32\PerfStringBackup.INI
2016-09-04 14:15 - 2009-07-14 05:20 - 00000000 ____D C:\windows\registration
2016-09-03 05:09 - 2015-12-07 18:12 - 00000000 ____D C:\windows\System32\Tasks\AVAST Software
2016-09-03 05:09 - 2015-04-14 06:35 - 00000000 ____D C:\Users\Simona\AppData\Roaming\ProductData
2016-09-03 05:09 - 2015-04-08 21:43 - 00000000 ___SD C:\windows\system32\GWX
2016-09-03 05:09 - 2009-07-14 05:20 - 00000000 ____D C:\windows\system32\Msdtc
2016-09-03 05:06 - 2014-07-23 09:37 - 00000000 ____D C:\Users\Simona\AppData\Local\Mega Limited
2016-09-02 22:50 - 2015-01-08 22:15 - 00000000 ____D C:\Users\Simona\Documents\Zálohy mega
2016-09-02 20:15 - 2009-07-14 06:45 - 00357096 _____ C:\windows\system32\FNTCACHE.DAT
2016-09-02 20:10 - 2011-10-15 11:36 - 00000000 ____D C:\Program Files (x86)\Google
2016-09-02 20:06 - 2016-05-13 22:05 - 00000000 ___RD C:\Users\Simona\Documents\MEGA_OBEC_WEB
2016-09-02 20:06 - 2016-04-14 20:52 - 00000000 ___RD C:\Users\Simona\Documents\MEGA_OBEC_HORKA
2016-09-02 20:06 - 2016-04-10 22:47 - 00000000 ___RD C:\Users\Simona\Documents\MEGA_ÚČETNICTVÍ
2016-09-02 20:06 - 2016-04-08 22:11 - 00000000 ____D C:\ProgramData\MEGAsync
2016-09-02 19:36 - 2011-10-14 12:26 - 00000000 ____D C:\Users\Simona
2016-09-02 18:10 - 2015-06-10 21:44 - 00000000 ____D C:\Users\Simona\AppData\Local\CrashDumps
2016-09-02 18:10 - 2013-02-10 21:30 - 00000000 ____D C:\windows\Minidump
2016-09-01 16:24 - 2011-10-16 20:33 - 00000000 ____D C:\Users\Simona\AppData\Roaming\SoftGrid Client
2016-08-29 15:54 - 2016-05-23 08:55 - 00000000 ____D C:\Users\Simona\Documents\My Scans
2016-08-29 13:36 - 2009-07-14 05:20 - 00000000 ____D C:\windows\system32\NDF
2016-08-29 08:11 - 2015-08-20 20:41 - 00000000 ____D C:\ProgramData\ProductData
2016-08-25 17:05 - 2015-12-24 22:24 - 00023491 _____ C:\windows\BRRBCOM.INI
2016-08-25 08:01 - 2013-05-07 10:57 - 00000000 ____D C:\Users\Simona\Documents\Zálohy
2016-08-24 23:44 - 2009-07-14 07:32 - 00000000 ____D C:\windows\Downloaded Program Files
2016-08-18 08:42 - 2011-10-14 21:20 - 00000000 ____D C:\windows\rescache
2016-08-16 20:08 - 2012-03-21 15:48 - 00000000 ____D C:\Users\Simona\AppData\Local\Adobe
2016-08-16 20:07 - 2012-04-15 10:42 - 00796352 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2016-08-16 20:07 - 2012-04-15 10:42 - 00003852 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2016-08-16 20:07 - 2011-10-15 11:35 - 00142528 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-08-14 21:52 - 2013-01-09 20:50 - 00000000 ____D C:\Program Files (x86)\Opera
2016-08-14 21:38 - 2011-10-15 11:36 - 00000000 ____D C:\Users\Simona\AppData\Local\Google
2016-08-14 15:33 - 2013-07-18 15:24 - 00000000 ____D C:\windows\system32\MRT
2016-08-14 15:26 - 2011-10-15 18:27 - 147640136 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2016-08-11 19:46 - 2013-11-05 12:08 - 00292704 _____ (AVAST Software) C:\windows\system32\Drivers\aswvmm.sys.147093758337505
2016-08-11 19:44 - 2013-11-05 12:08 - 00292704 _____ (AVAST Software) C:\windows\system32\Drivers\aswvmm.sys.147093758389104
2016-08-11 19:43 - 2011-10-15 11:41 - 00003192 _____ C:\windows\System32\Tasks\HPCeeScheduleForSimona
2016-08-11 19:43 - 2011-10-15 11:41 - 00000336 _____ C:\windows\Tasks\HPCeeScheduleForSimona.job
2016-08-11 19:43 - 2011-10-14 12:25 - 00003220 _____ C:\windows\System32\Tasks\HPCeeScheduleForSIMONA-HP$
2016-08-11 19:43 - 2011-10-14 12:25 - 00000344 _____ C:\windows\Tasks\HPCeeScheduleForSIMONA-HP$.job
2016-08-11 19:15 - 2011-10-16 20:07 - 00000000 ____D C:\Program Files (x86)\epson
2016-08-11 19:13 - 2013-12-10 10:24 - 00000034 _____ C:\windows\eporadce_1310.ini
2016-08-11 19:13 - 2013-12-10 10:23 - 00000000 ____D C:\Program Files\E-Poradce Říjen 2013
2016-08-10 20:07 - 2013-12-10 10:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\E-Poradce Říjen 2013
2016-08-10 20:07 - 2013-11-04 12:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-08-10 20:07 - 2012-03-20 15:26 - 00000000 ____D C:\windows\pss
2016-08-10 20:07 - 2011-10-15 11:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-08-10 20:07 - 2011-10-15 11:39 - 00000000 ____D C:\Program Files\CCleaner
2016-08-10 20:07 - 2011-07-06 02:32 - 00000000 ____D C:\Program Files\IDT
2016-08-10 20:06 - 2012-03-25 14:26 - 00000000 ____D C:\Program Files (x86)\Clementine
2016-08-10 20:06 - 2011-05-12 02:05 - 00000000 ____D C:\Program Files (x86)\Xobni
2016-08-09 10:06 - 2015-10-30 21:05 - 00000000 ____D C:\Users\Simona\.oracle_jre_usage
2016-08-05 20:45 - 2015-11-12 19:44 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

==================== Files in the root of some directories =======

2007-11-20 09:22 - 2007-11-20 09:22 - 0000060 ____R () C:\Program Files (x86)\BRINST.INI
2007-07-07 07:07 - 2007-07-07 07:07 - 0812544 _____ (Big Bang enterprises) C:\Program Files (x86)\DoubleKiller.exe
2015-05-30 20:59 - 2015-05-30 21:05 - 0005120 _____ () C:\Users\Simona\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-02-09 14:32 - 2012-06-26 14:28 - 0007600 _____ () C:\Users\Simona\AppData\Local\Resmon.ResmonCfg
2011-10-16 20:41 - 2011-10-16 20:41 - 0000252 _____ () C:\ProgramData\FastPics.log
2013-06-11 09:46 - 2016-07-14 13:38 - 0007961 _____ () C:\ProgramData\hpzinstall.log
2013-02-20 11:33 - 2013-05-31 17:15 - 0000160 _____ () C:\ProgramData\lxdq.log
2013-03-19 10:00 - 2014-06-04 21:03 - 0000431 _____ () C:\ProgramData\lxdqDiagnostics.log
2015-06-25 22:39 - 2015-06-25 22:39 - 0000095 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2015-06-25 22:38 - 2015-06-25 22:38 - 0000089 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.64.bc

Some zero byte size files/folders:
==========================
C:\Windows\SysWOW64\ARAudioCDGrabber2.dll
C:\Windows\SysWOW64\ARAudioPlayer2.dll
C:\Windows\SysWOW64\ARAudioTransform2.dll

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\SysWOW64\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-08-26 08:43

==================== End of FRST.txt ============================

Re: Zpomalený Pc - procesy csrss a winlogon

Napsal: 04 zář 2016 20:27
od Rudy
Zdravím!
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

Re: Zpomalený Pc - procesy csrss a winlogon

Napsal: 05 zář 2016 18:18
od simkavac
Omlouvám se, včera jsem si nevšimla odpovědi. Ulitu Adwcleaner jsem pustila, ale nejde mi zkopírovat text.
Ani z kontextového menu ani přes klávesové zkratky.

Skoro u všeho to píše, že nebyly nalezeny žádné škodlivé soubory. Jenom u REGISTRŮ píše:
Klíč nalezen: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wiz

Díky

Re: Zpomalený Pc - procesy csrss a winlogon

Napsal: 05 zář 2016 18:38
od Rudy
Smažte a dejte nový log FRST.

Re: Zpomalený Pc - procesy csrss a winlogon

Napsal: 05 zář 2016 22:14
od simkavac
Dělala jsem zálohu domkumentů a fotek. Teď posílám:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 31-08-2016
Ran by Simona (administrator) on SIMONA-HP (05-09-2016 23:04:41)
Running from C:\Users\Simona\Desktop\aaa
Loaded Profiles: Simona (Available Profiles: Simona)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(brother Industries Ltd) C:\Windows\SysWOW64\BRSVC01A.EXE
(brother Industries Ltd) C:\Windows\SysWOW64\BRSS01A.EXE
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(CobianSoft, Luis Cobian) C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe
(Luis Cobian, CobianSoft) C:\Program Files (x86)\Cobian Backup 11\cbService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Hewlett-Packard Development Company, L.P) C:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\perfhost.exe
(Microsoft Corporation) C:\Windows\System32\Locator.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
(ArcSoft, Inc.) C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Hewlett-Packard Company) C:\Windows\SysWOW64\flcdlock.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Portrait Displays, Inc) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSDKHelperx64.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Opera Software) C:\Program Files (x86)\Opera\39.0.2256.48\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\39.0.2256.48\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\39.0.2256.48\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\39.0.2256.48\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\39.0.2256.48\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\39.0.2256.48\opera.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [HPPowerAssistant] => C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [2919992 2011-01-27] (Hewlett-Packard Company)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2804976 2013-10-30] (Synaptics Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9107104 2016-09-04] (AVAST Software)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2013-05-14] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4522496 2012-12-27] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [2009088 2013-01-18] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\DeviceNP-x32: DeviceNP.dll [X]
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-21-2478000333-2312206248-9832235-1001\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
Lsa: [Notification Packages] DPPassFilter scecli
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => No File
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => No File
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-04] (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{EBE7B400-6594-4C21-AE4C-F130F40B488A}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2478000333-2312206248-9832235-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2478000333-2312206248-9832235-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE07&ocid=UE07DHP
HKU\S-1-5-21-2478000333-2312206248-9832235-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM-x32 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2478000333-2312206248-9832235-1001 -> DefaultScope 0633EE93-D776-472f-A0FF-E1416B8B2E3A URL =
SearchScopes: HKU\S-1-5-21-2478000333-2312206248-9832235-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-08-02] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-09-04] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-08-02] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-05-04] (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-01-07] (Atheros Commnucations)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-09-04] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-12-01] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-04] (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
DPF: HKLM-x32 {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1472075087528

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-13] ()
FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-08-02] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-08-02] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-13] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-04] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-04] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation)
FF Plugin-x32: @software602.cz/602XML Filler -> C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll [2011-11-24] (Software602 a.s.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-09-04]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-09-04]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF

Chrome:
=======
CHR HKU\S-1-5-21-2478000333-2312206248-9832235-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ooebgdicanjhnamfmdlmlbcnkgehkkmf] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s.)
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-01-07] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [53920 2011-01-07] (Atheros Commnucations) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-04] (AVAST Software)
S2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [113704 2014-02-09] (AVAST Software)
R2 Brother XP spl Service; C:\windows\SysWOW64\brsvc01a.exe [57344 2002-04-12] (brother Industries Ltd) [File not signed]
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [File not signed]
R2 cbVSCService11; C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe [67584 2012-12-05] (CobianSoft, Luis Cobian) [File not signed]
R2 CobianBackup11; C:\Program Files (x86)\Cobian Backup 11\cbService.exe [1131008 2012-12-06] (Luis Cobian, CobianSoft) [File not signed]
R2 DpHost; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [481104 2011-02-12] (DigitalPersona, Inc.)
R2 FLCDLOCK; c:\Windows\SysWOW64\flcdlock.exe [464480 2011-02-04] (Hewlett-Packard Company)
R2 HP ProtectTools Service; c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [36864 2011-01-12] (Hewlett-Packard Development Company, L.P) [File not signed]
R2 HPDayStarterService; c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [133688 2011-01-28] (Hewlett-Packard Company)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [281656 2011-01-29] (Hewlett-Packard Company)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2007-11-06] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [139264 2007-11-06] (Hewlett-Packard Co.) [File not signed]
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-07-31] (IObit)
S3 McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [1318912 2011-02-09] () [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [327680 2014-04-02] (IDT, Inc.) [File not signed]
R2 uArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [502464 2010-11-11] (ArcSoft, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 XobniService; C:\Program Files (x86)\Xobni\XobniService.exe [62184 2011-03-07] (Xobni Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ARCVCAM; C:\Windows\System32\DRIVERS\ArcSoftVCapture.sys [32192 2010-11-11] (ArcSoft, Inc.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-09-04] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-09-04] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-09-04] (AVAST Software)
R1 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [440672 2014-02-22] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-09-04] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-09-04] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969560 2016-09-04] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513496 2016-09-04] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-09-04] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [292704 2016-09-04] (AVAST Software)
R3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv64.sys [63336 2011-02-07] (Hewlett-Packard Company)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [129152 2016-04-25] (Samsung Electronics Co., Ltd.)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 HPEWSFXBULK; C:\Windows\System32\drivers\hpfx64bulk.sys [20504 2009-02-26] (Hewlett Packard)
R2 kisknl; C:\windows\system32\drivers\kisknl.sys [221496 2013-02-10] (Kingsoft Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2014-04-02] (Intel Corporation)
R0 MfeEpePc; C:\Windows\System32\Drivers\MfeEpePc.sys [168008 2011-02-09] (McAfee, Inc.)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [1512952 2014-04-02] (Sunplus)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.)
S3 catchme; \??\C:\aaa\catchme.sys [X]
S3 cpuz132; \??\C:\Users\Simona\AppData\Local\Temp\cpuz132\cpuz132_x64.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 EverestDriver; \??\C:\Users\Simona\AppData\Local\Temp\EverestDriver.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X]
S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [X]
S3 huawei_wwanecm; system32\DRIVERS\ew_juwwanecm.sys [X]
S1 KDHacker; \??\c:\program files (x86)\kingsoft\kingsoft antivirus\security\kxescan\kdhacker64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-09-05 19:17 - 2016-09-05 19:19 - 00000000 ____D C:\Users\Simona\Documents\NAHRÁT ROZTŘÍDIT
2016-09-05 18:48 - 2016-09-05 18:48 - 00004144 _____ C:\Users\Simona\Desktop\AdwCleaner[S6].txt
2016-09-05 18:44 - 2016-09-05 18:44 - 00002176 _____ C:\Users\Simona\Desktop\jalkfjakl.txt
2016-09-05 18:34 - 2016-09-04 20:15 - 03826240 _____ C:\Users\Simona\Desktop\adwcleaner_6.010.exe
2016-09-04 20:29 - 2016-09-05 23:04 - 00000000 ____D C:\FRST
2016-09-04 19:51 - 2016-09-04 19:53 - 00000000 ____D C:\Program Files\trend micro
2016-09-04 19:51 - 2016-09-04 19:51 - 00000000 ____D C:\rsit
2016-09-04 18:15 - 2016-09-04 18:15 - 00026891 _____ C:\ComboFix.txt
2016-09-04 17:36 - 2016-09-04 17:35 - 00391496 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2016-09-04 17:35 - 2016-09-04 17:35 - 00053208 _____ (AVAST Software) C:\windows\avastSS.scr
2016-09-04 16:45 - 2016-09-04 16:45 - 00003328 _____ C:\windows\System32\Tasks\CrystalDiskInfo
2016-09-04 16:41 - 2016-09-04 16:42 - 00000000 ____D C:\Program Files (x86)\CrystalDiskInfo
2016-09-04 16:41 - 2016-09-04 16:41 - 03958792 _____ (Crystal Dew World ) C:\Users\Simona\Downloads\CrystalDiskInfo7_0_2-en.exe
2016-09-04 16:41 - 2016-09-04 16:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2016-09-04 16:40 - 2016-09-04 16:40 - 03958792 _____ (Crystal Dew World ) C:\Users\Simona\Downloads\62C9.tmp
2016-09-04 15:46 - 2016-09-04 17:43 - 00192216 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2016-09-04 15:45 - 2016-09-04 15:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-09-04 15:45 - 2016-09-04 15:45 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-09-04 15:45 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2016-09-04 15:45 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamchameleon.sys
2016-09-04 15:45 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\windows\system32\Drivers\mbam.sys
2016-09-04 15:43 - 2016-09-04 15:43 - 00027277 _____ C:\Users\Simona\Desktop\cf log.txt
2016-09-04 15:03 - 2011-06-26 08:45 - 00256000 _____ C:\windows\PEV.exe
2016-09-04 15:03 - 2010-11-07 19:20 - 00208896 _____ C:\windows\MBR.exe
2016-09-04 15:03 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
2016-09-04 15:03 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
2016-09-04 15:03 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
2016-09-04 15:03 - 2000-08-31 02:00 - 00098816 _____ C:\windows\sed.exe
2016-09-04 15:03 - 2000-08-31 02:00 - 00080412 _____ C:\windows\grep.exe
2016-09-04 15:03 - 2000-08-31 02:00 - 00068096 _____ C:\windows\zip.exe
2016-09-04 15:02 - 2016-09-04 20:31 - 00000000 ____D C:\Users\Simona\Desktop\aaa
2016-09-04 15:02 - 2016-09-04 15:33 - 00000000 ____D C:\windows\erdnt
2016-09-03 07:41 - 2016-09-03 07:41 - 00001076 _____ C:\Users\Simona\Desktop\vysledek.txt
2016-09-02 20:42 - 2016-09-02 20:42 - 00000000 ____D C:\Program Files (x86)\ESET
2016-09-02 20:41 - 2016-09-02 20:41 - 02870984 _____ (ESET) C:\Users\Simona\Downloads\esetsmartinstaller_csy.exe
2016-09-02 19:47 - 2016-09-02 19:54 - 00000000 ____D C:\Users\Simona\Documents\1 STAŽENÉ SOUBORY POTŘEBNÉ
2016-09-01 23:37 - 2016-09-04 18:15 - 00000000 ____D C:\Qoobox
2016-08-16 20:07 - 2016-09-03 07:43 - 00000958 _____ C:\windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-08-16 20:07 - 2016-08-16 20:07 - 00003956 _____ C:\windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-08-16 19:31 - 2016-07-08 17:32 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2016-08-16 19:31 - 2016-07-08 17:16 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2016-08-14 21:49 - 2016-08-14 21:52 - 00003848 _____ C:\windows\System32\Tasks\Opera scheduled Autoupdate 1471204159
2016-08-14 21:49 - 2016-08-14 21:49 - 00001131 _____ C:\Users\Public\Desktop\Opera.lnk
2016-08-14 21:49 - 2016-08-14 21:49 - 00001131 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-08-14 21:49 - 2016-08-14 21:49 - 00000000 ____D C:\Users\Simona\AppData\Roaming\Opera Software
2016-08-14 21:49 - 2016-08-14 21:49 - 00000000 ____D C:\Users\Simona\AppData\Local\Opera Software
2016-08-14 16:13 - 2016-07-08 17:01 - 03218944 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2016-08-14 15:23 - 2016-08-02 16:54 - 00394440 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2016-08-14 15:23 - 2016-08-02 16:08 - 00346312 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2016-08-14 15:23 - 2016-08-02 08:47 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2016-08-14 15:23 - 2016-08-02 08:47 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2016-08-14 15:23 - 2016-08-02 08:32 - 02894336 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2016-08-14 15:23 - 2016-08-02 08:32 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2016-08-14 15:23 - 2016-08-02 08:31 - 00572416 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2016-08-14 15:23 - 2016-08-02 08:31 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2016-08-14 15:23 - 2016-08-02 08:23 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2016-08-14 15:23 - 2016-08-02 08:19 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2016-08-14 15:23 - 2016-08-02 08:11 - 00969216 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2016-08-14 15:23 - 2016-08-02 08:03 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2016-08-14 15:23 - 2016-08-02 08:00 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2016-08-14 15:23 - 2016-08-02 07:59 - 00107520 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2016-08-14 15:23 - 2016-08-02 07:54 - 20343808 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2016-08-14 15:23 - 2016-08-02 07:53 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2016-08-14 15:23 - 2016-08-02 07:51 - 00497664 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2016-08-14 15:23 - 2016-08-02 07:51 - 00152064 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2016-08-14 15:23 - 2016-08-02 07:51 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2016-08-14 15:23 - 2016-08-02 07:51 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2016-08-14 15:23 - 2016-08-02 07:50 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2016-08-14 15:23 - 2016-08-02 07:47 - 02286592 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2016-08-14 15:23 - 2016-08-02 07:45 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2016-08-14 15:23 - 2016-08-02 07:44 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2016-08-14 15:23 - 2016-08-02 07:42 - 00476160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2016-08-14 15:23 - 2016-08-02 07:41 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2016-08-14 15:23 - 2016-08-02 07:41 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2016-08-14 15:23 - 2016-08-02 07:41 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2016-08-14 15:23 - 2016-08-02 07:38 - 00806400 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2016-08-14 15:23 - 2016-08-02 07:38 - 00724992 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2016-08-14 15:23 - 2016-08-02 07:36 - 02131456 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2016-08-14 15:23 - 2016-08-02 07:33 - 00416256 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2016-08-14 15:23 - 2016-08-02 07:29 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-08-14 15:23 - 2016-08-02 07:28 - 00091136 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2016-08-14 15:23 - 2016-08-02 07:25 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2016-08-14 15:23 - 2016-08-02 07:24 - 00279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2016-08-14 15:23 - 2016-08-02 07:22 - 00130048 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2016-08-14 15:23 - 2016-08-02 07:21 - 04608000 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2016-08-14 15:23 - 2016-08-02 07:16 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2016-08-14 15:23 - 2016-08-02 07:15 - 00692736 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2016-08-14 15:23 - 2016-08-02 07:14 - 02055680 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2016-08-14 15:23 - 2016-08-02 07:14 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2016-08-14 15:23 - 2016-08-02 07:11 - 13808128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2016-08-14 15:23 - 2016-08-02 07:10 - 01550848 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2016-08-14 15:23 - 2016-08-02 06:59 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2016-08-14 15:23 - 2016-08-02 06:56 - 02393088 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2016-08-14 15:23 - 2016-08-02 06:53 - 01316352 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2016-08-14 15:23 - 2016-08-02 06:51 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2016-08-14 15:23 - 2016-07-08 17:37 - 00154856 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2016-08-14 15:23 - 2016-07-08 17:37 - 00095464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2016-08-14 15:23 - 2016-07-08 17:32 - 01464320 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2016-08-14 15:23 - 2016-07-08 17:32 - 01212928 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2016-08-14 15:23 - 2016-07-08 17:32 - 00730624 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2016-08-14 15:23 - 2016-07-08 17:32 - 00690688 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2016-08-14 15:23 - 2016-07-08 17:32 - 00463872 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2016-08-14 15:23 - 2016-07-08 17:32 - 00343552 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2016-08-14 15:23 - 2016-07-08 17:32 - 00316416 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2016-08-14 15:23 - 2016-07-08 17:32 - 00312320 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2016-08-14 15:23 - 2016-07-08 17:32 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2016-08-14 15:23 - 2016-07-08 17:32 - 00190464 _____ (Microsoft Corporation) C:\windows\system32\rpchttp.dll
2016-08-14 15:23 - 2016-07-08 17:32 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2016-08-14 15:23 - 2016-07-08 17:32 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2016-08-14 15:23 - 2016-07-08 17:32 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2016-08-14 15:23 - 2016-07-08 17:32 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2016-08-14 15:23 - 2016-07-08 17:32 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2016-08-14 15:23 - 2016-07-08 17:32 - 00028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2016-08-14 15:23 - 2016-07-08 17:32 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2016-08-14 15:23 - 2016-07-08 17:32 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2016-08-14 15:23 - 2016-07-08 17:17 - 00666112 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2016-08-14 15:23 - 2016-07-08 17:17 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2016-08-14 15:23 - 2016-07-08 17:16 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2016-08-14 15:23 - 2016-07-08 17:16 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2016-08-14 15:23 - 2016-07-08 17:16 - 00342528 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2016-08-14 15:23 - 2016-07-08 17:16 - 00260608 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2016-08-14 15:23 - 2016-07-08 17:16 - 00251392 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2016-08-14 15:23 - 2016-07-08 17:16 - 00223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2016-08-14 15:23 - 2016-07-08 17:16 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2016-08-14 15:23 - 2016-07-08 17:16 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2016-08-14 15:23 - 2016-07-08 17:16 - 00141312 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpchttp.dll
2016-08-14 15:23 - 2016-07-08 17:16 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2016-08-14 15:23 - 2016-07-08 17:16 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2016-08-14 15:23 - 2016-07-08 17:16 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2016-08-14 15:23 - 2016-07-08 17:16 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2016-08-14 15:23 - 2016-07-08 17:03 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2016-08-14 15:23 - 2016-07-08 16:57 - 00159744 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2016-08-14 15:23 - 2016-07-08 16:56 - 00291328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2016-08-14 15:23 - 2016-07-08 16:56 - 00129536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2016-08-14 15:23 - 2016-07-08 16:55 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2016-08-14 15:23 - 2016-07-08 16:55 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2016-08-14 15:23 - 2016-07-08 16:50 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2016-08-14 15:22 - 2016-08-02 08:54 - 25808384 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2016-08-14 15:22 - 2016-08-02 08:31 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2016-08-14 15:22 - 2016-08-02 08:31 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2016-08-14 15:22 - 2016-08-02 08:24 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2016-08-14 15:22 - 2016-08-02 08:20 - 00615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2016-08-14 15:22 - 2016-08-02 08:19 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2016-08-14 15:22 - 2016-08-02 08:18 - 06047744 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2016-08-14 15:22 - 2016-08-02 08:18 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2016-08-14 15:22 - 2016-08-02 08:18 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2016-08-14 15:22 - 2016-08-02 08:08 - 00489984 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2016-08-14 15:22 - 2016-08-02 07:56 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2016-08-14 15:22 - 2016-08-02 07:55 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2016-08-14 15:22 - 2016-08-02 07:51 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2016-08-14 15:22 - 2016-08-02 07:40 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2016-08-14 15:22 - 2016-08-02 07:37 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2016-08-14 15:22 - 2016-08-02 07:28 - 15412224 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2016-08-14 15:22 - 2016-08-02 07:26 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2016-08-14 15:22 - 2016-08-02 07:23 - 02868224 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2016-08-11 19:04 - 2016-08-11 19:04 - 00000782 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-08-11 18:41 - 2016-09-02 19:45 - 00001882 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-08-11 18:41 - 2016-08-11 18:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-09-05 23:00 - 2012-07-25 07:27 - 00004180 _____ C:\windows\System32\Tasks\avast! Emergency Update
2016-09-05 22:51 - 2015-01-08 22:15 - 00000000 ____D C:\Users\Simona\Documents\Zálohy mega
2016-09-05 22:24 - 2012-04-15 10:42 - 00000914 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2016-09-05 20:03 - 2009-07-14 06:45 - 00025648 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-09-05 20:03 - 2009-07-14 06:45 - 00025648 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-09-05 19:51 - 2011-05-12 02:01 - 00000000 ____D C:\ProgramData\HPQLOG
2016-09-05 19:48 - 2009-07-14 07:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-09-05 19:47 - 2015-04-12 20:56 - 00000000 ____D C:\AdwCleaner
2016-09-05 19:47 - 2009-07-14 05:20 - 00000000 ____D C:\windows\inf
2016-09-05 19:46 - 2011-05-12 02:04 - 00671360 _____ C:\windows\system32\perfh005.dat
2016-09-05 19:46 - 2011-05-12 02:04 - 00142682 _____ C:\windows\system32\perfc005.dat
2016-09-05 19:46 - 2009-07-14 07:13 - 01586170 _____ C:\windows\system32\PerfStringBackup.INI
2016-09-05 19:21 - 2016-04-09 20:13 - 00000000 ____D C:\Zálohy
2016-09-05 19:17 - 2016-07-07 20:08 - 00000000 ____D C:\Users\Simona\Documents\NAHRÁT VALOUCH
2016-09-05 18:55 - 2011-10-16 20:33 - 00000000 ____D C:\Users\Simona\AppData\Roaming\SoftGrid Client
2016-09-05 18:29 - 2015-08-20 20:41 - 00000000 ____D C:\ProgramData\ProductData
2016-09-04 18:10 - 2009-07-14 04:34 - 00000215 ____N C:\windows\system.ini
2016-09-04 17:42 - 2016-03-23 23:06 - 00003892 _____ C:\windows\System32\Tasks\SafeZone scheduled Autoupdate 1458767177
2016-09-04 17:36 - 2014-01-01 20:25 - 00163416 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2016-09-04 17:35 - 2016-03-23 23:05 - 00037144 _____ (AVAST Software) C:\windows\system32\Drivers\aswKbd.sys
2016-09-04 17:35 - 2014-06-24 08:28 - 00037656 _____ (AVAST Software) C:\windows\system32\Drivers\aswHwid.sys
2016-09-04 17:35 - 2013-11-05 12:08 - 00969560 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2016-09-04 17:35 - 2013-11-05 12:08 - 00513496 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2016-09-04 17:35 - 2013-11-05 12:08 - 00292704 _____ (AVAST Software) C:\windows\system32\Drivers\aswVmm.sys
2016-09-04 17:35 - 2013-11-05 12:08 - 00108816 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2016-09-04 17:35 - 2013-11-05 12:08 - 00103064 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2016-09-04 17:35 - 2013-11-05 12:08 - 00074544 _____ (AVAST Software) C:\windows\system32\Drivers\aswRvrt.sys
2016-09-04 16:42 - 2011-10-14 12:34 - 00078952 _____ C:\Users\Simona\AppData\Local\GDIPFONTCACHEV1.DAT
2016-09-04 14:15 - 2009-07-14 05:20 - 00000000 ____D C:\windows\registration
2016-09-03 05:09 - 2015-12-07 18:12 - 00000000 ____D C:\windows\System32\Tasks\AVAST Software
2016-09-03 05:09 - 2015-04-14 06:35 - 00000000 ____D C:\Users\Simona\AppData\Roaming\ProductData
2016-09-03 05:09 - 2015-04-08 21:43 - 00000000 ___SD C:\windows\system32\GWX
2016-09-03 05:09 - 2009-07-14 05:20 - 00000000 ____D C:\windows\system32\Msdtc
2016-09-03 05:06 - 2014-07-23 09:37 - 00000000 ____D C:\Users\Simona\AppData\Local\Mega Limited
2016-09-02 20:15 - 2009-07-14 06:45 - 00357096 _____ C:\windows\system32\FNTCACHE.DAT
2016-09-02 20:10 - 2011-10-15 11:36 - 00000000 ____D C:\Program Files (x86)\Google
2016-09-02 20:06 - 2016-05-13 22:05 - 00000000 ___RD C:\Users\Simona\Documents\MEGA_OBEC_WEB
2016-09-02 20:06 - 2016-04-14 20:52 - 00000000 ___RD C:\Users\Simona\Documents\MEGA_OBEC_HORKA
2016-09-02 20:06 - 2016-04-10 22:47 - 00000000 ___RD C:\Users\Simona\Documents\MEGA_ÚČETNICTVÍ
2016-09-02 20:06 - 2016-04-08 22:11 - 00000000 ____D C:\ProgramData\MEGAsync
2016-09-02 19:36 - 2011-10-14 12:26 - 00000000 ____D C:\Users\Simona
2016-09-02 18:10 - 2015-06-10 21:44 - 00000000 ____D C:\Users\Simona\AppData\Local\CrashDumps
2016-09-02 18:10 - 2013-02-10 21:30 - 00000000 ____D C:\windows\Minidump
2016-08-29 15:54 - 2016-05-23 08:55 - 00000000 ____D C:\Users\Simona\Documents\My Scans
2016-08-29 13:36 - 2009-07-14 05:20 - 00000000 ____D C:\windows\system32\NDF
2016-08-25 17:05 - 2015-12-24 22:24 - 00023491 _____ C:\windows\BRRBCOM.INI
2016-08-25 08:01 - 2013-05-07 10:57 - 00000000 ____D C:\Users\Simona\Documents\Zálohy
2016-08-24 23:44 - 2009-07-14 07:32 - 00000000 ____D C:\windows\Downloaded Program Files
2016-08-18 08:42 - 2011-10-14 21:20 - 00000000 ____D C:\windows\rescache
2016-08-16 20:08 - 2012-03-21 15:48 - 00000000 ____D C:\Users\Simona\AppData\Local\Adobe
2016-08-16 20:07 - 2012-04-15 10:42 - 00796352 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2016-08-16 20:07 - 2012-04-15 10:42 - 00003852 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2016-08-16 20:07 - 2011-10-15 11:35 - 00142528 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-08-14 21:52 - 2013-01-09 20:50 - 00000000 ____D C:\Program Files (x86)\Opera
2016-08-14 21:38 - 2011-10-15 11:36 - 00000000 ____D C:\Users\Simona\AppData\Local\Google
2016-08-14 15:33 - 2013-07-18 15:24 - 00000000 ____D C:\windows\system32\MRT
2016-08-14 15:26 - 2011-10-15 18:27 - 147640136 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2016-08-11 19:46 - 2013-11-05 12:08 - 00292704 _____ (AVAST Software) C:\windows\system32\Drivers\aswvmm.sys.147093758337505
2016-08-11 19:44 - 2013-11-05 12:08 - 00292704 _____ (AVAST Software) C:\windows\system32\Drivers\aswvmm.sys.147093758389104
2016-08-11 19:43 - 2011-10-15 11:41 - 00003192 _____ C:\windows\System32\Tasks\HPCeeScheduleForSimona
2016-08-11 19:43 - 2011-10-15 11:41 - 00000336 _____ C:\windows\Tasks\HPCeeScheduleForSimona.job
2016-08-11 19:43 - 2011-10-14 12:25 - 00003220 _____ C:\windows\System32\Tasks\HPCeeScheduleForSIMONA-HP$
2016-08-11 19:43 - 2011-10-14 12:25 - 00000344 _____ C:\windows\Tasks\HPCeeScheduleForSIMONA-HP$.job
2016-08-11 19:15 - 2011-10-16 20:07 - 00000000 ____D C:\Program Files (x86)\epson
2016-08-11 19:13 - 2013-12-10 10:24 - 00000034 _____ C:\windows\eporadce_1310.ini
2016-08-11 19:13 - 2013-12-10 10:23 - 00000000 ____D C:\Program Files\E-Poradce Říjen 2013
2016-08-10 20:07 - 2013-12-10 10:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\E-Poradce Říjen 2013
2016-08-10 20:07 - 2013-11-04 12:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-08-10 20:07 - 2012-03-20 15:26 - 00000000 ____D C:\windows\pss
2016-08-10 20:07 - 2011-10-15 11:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-08-10 20:07 - 2011-10-15 11:39 - 00000000 ____D C:\Program Files\CCleaner
2016-08-10 20:07 - 2011-07-06 02:32 - 00000000 ____D C:\Program Files\IDT
2016-08-10 20:06 - 2012-03-25 14:26 - 00000000 ____D C:\Program Files (x86)\Clementine
2016-08-10 20:06 - 2011-05-12 02:05 - 00000000 ____D C:\Program Files (x86)\Xobni
2016-08-09 10:06 - 2015-10-30 21:05 - 00000000 ____D C:\Users\Simona\.oracle_jre_usage

==================== Files in the root of some directories =======

2007-11-20 09:22 - 2007-11-20 09:22 - 0000060 ____R () C:\Program Files (x86)\BRINST.INI
2007-07-07 07:07 - 2007-07-07 07:07 - 0812544 _____ (Big Bang enterprises) C:\Program Files (x86)\DoubleKiller.exe
2015-05-30 20:59 - 2015-05-30 21:05 - 0005120 _____ () C:\Users\Simona\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-02-09 14:32 - 2012-06-26 14:28 - 0007600 _____ () C:\Users\Simona\AppData\Local\Resmon.ResmonCfg
2011-10-16 20:41 - 2011-10-16 20:41 - 0000252 _____ () C:\ProgramData\FastPics.log
2013-06-11 09:46 - 2016-07-14 13:38 - 0007961 _____ () C:\ProgramData\hpzinstall.log
2013-02-20 11:33 - 2013-05-31 17:15 - 0000160 _____ () C:\ProgramData\lxdq.log
2013-03-19 10:00 - 2014-06-04 21:03 - 0000431 _____ () C:\ProgramData\lxdqDiagnostics.log
2015-06-25 22:39 - 2015-06-25 22:39 - 0000095 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2015-06-25 22:38 - 2015-06-25 22:38 - 0000089 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.64.bc

Some files in TEMP:
====================
C:\Users\Simona\AppData\Local\Temp\libeay32.dll
C:\Users\Simona\AppData\Local\Temp\msvcr120.dll
C:\Users\Simona\AppData\Local\Temp\sqlite3.dll


Some zero byte size files/folders:
==========================
C:\Windows\SysWOW64\ARAudioCDGrabber2.dll
C:\Windows\SysWOW64\ARAudioPlayer2.dll
C:\Windows\SysWOW64\ARAudioTransform2.dll

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\SysWOW64\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-09-05 02:55

==================== End of FRST.txt ============================

Re: Zpomalený Pc - procesy csrss a winlogon

Napsal: 06 zář 2016 15:56
od simkavac
Teď jsem zapnula počítač a napsalo mi to, že se musí provést kontrola disků. Po tom co proběhla mi nefunguje Wifi, takže jsem připojena přes kabel. Znova přidávám FRST

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 31-08-2016
Ran by Simona (administrator) on SIMONA-HP (06-09-2016 16:43:02)
Running from C:\Users\Simona\Desktop\aaa
Loaded Profiles: Simona (Available Profiles: Simona)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(brother Industries Ltd) C:\Windows\SysWOW64\BRSVC01A.EXE
(brother Industries Ltd) C:\Windows\SysWOW64\BRSS01A.EXE
(AVAST Software) C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(CobianSoft, Luis Cobian) C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe
(Luis Cobian, CobianSoft) C:\Program Files (x86)\Cobian Backup 11\cbService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\ehome\ehsched.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Source Engine\OSE.EXE
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\perfhost.exe
(Microsoft Corporation) C:\Windows\System32\Locator.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(ArcSoft, Inc.) C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Corporation) C:\Windows\System32\wbengine.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Hewlett-Packard Company) C:\Windows\SysWOW64\flcdlock.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Opera Software) C:\Program Files (x86)\Opera\launcher.exe
(Avast Software) C:\Program Files\AVAST Software\SZBrowser\launcher.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Portrait Displays, Inc) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSDKHelperx64.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [HPPowerAssistant] => C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [2919992 2011-01-27] (Hewlett-Packard Company)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2804976 2013-10-30] (Synaptics Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9107104 2016-09-04] (AVAST Software)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2013-05-14] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4522496 2012-12-27] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [2009088 2013-01-18] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\DeviceNP-x32: DeviceNP.dll [X]
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-21-2478000333-2312206248-9832235-1001\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
Lsa: [Notification Packages] DPPassFilter scecli
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => No File
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => No File
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-04] (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{C202A2A1-8152-4B98-9159-127249DDE237}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2478000333-2312206248-9832235-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2478000333-2312206248-9832235-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE07&ocid=UE07DHP
HKU\S-1-5-21-2478000333-2312206248-9832235-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM-x32 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2478000333-2312206248-9832235-1001 -> DefaultScope 0633EE93-D776-472f-A0FF-E1416B8B2E3A URL =
SearchScopes: HKU\S-1-5-21-2478000333-2312206248-9832235-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-08-02] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-09-04] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-08-02] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-05-04] (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-01-07] (Atheros Commnucations)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-09-04] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-12-01] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-04] (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
DPF: HKLM-x32 {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1472075087528

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-13] ()
FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-08-02] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-08-02] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-13] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-04] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-04] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation)
FF Plugin-x32: @software602.cz/602XML Filler -> C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll [2011-11-24] (Software602 a.s.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-09-04]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-09-04]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF

Chrome:
=======
CHR HKU\S-1-5-21-2478000333-2312206248-9832235-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ooebgdicanjhnamfmdlmlbcnkgehkkmf] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s.)
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-01-07] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [53920 2011-01-07] (Atheros Commnucations) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-04] (AVAST Software)
S2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [113704 2014-02-09] (AVAST Software)
R2 Brother XP spl Service; C:\windows\SysWOW64\brsvc01a.exe [57344 2002-04-12] (brother Industries Ltd) [File not signed]
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [File not signed]
R2 cbVSCService11; C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe [67584 2012-12-05] (CobianSoft, Luis Cobian) [File not signed]
R2 CobianBackup11; C:\Program Files (x86)\Cobian Backup 11\cbService.exe [1131008 2012-12-06] (Luis Cobian, CobianSoft) [File not signed]
R2 DpHost; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [481104 2011-02-12] (DigitalPersona, Inc.)
R2 FLCDLOCK; c:\Windows\SysWOW64\flcdlock.exe [464480 2011-02-04] (Hewlett-Packard Company)
S2 HP ProtectTools Service; c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [36864 2011-01-12] (Hewlett-Packard Development Company, L.P) [File not signed]
R2 HPDayStarterService; c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [133688 2011-01-28] (Hewlett-Packard Company)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [281656 2011-01-29] (Hewlett-Packard Company)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2007-11-06] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [139264 2007-11-06] (Hewlett-Packard Co.) [File not signed]
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-07-31] (IObit)
S3 McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [1318912 2011-02-09] () [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [327680 2014-04-02] (IDT, Inc.) [File not signed]
R2 uArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [502464 2010-11-11] (ArcSoft, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 XobniService; C:\Program Files (x86)\Xobni\XobniService.exe [62184 2011-03-07] (Xobni Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ARCVCAM; C:\Windows\System32\DRIVERS\ArcSoftVCapture.sys [32192 2010-11-11] (ArcSoft, Inc.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-09-04] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-09-04] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-09-04] (AVAST Software)
R1 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [440672 2014-02-22] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-09-04] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-09-04] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969560 2016-09-04] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513496 2016-09-04] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-09-04] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [292704 2016-09-04] (AVAST Software)
R3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv64.sys [63336 2011-02-07] (Hewlett-Packard Company)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [129152 2016-04-25] (Samsung Electronics Co., Ltd.)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 HPEWSFXBULK; C:\Windows\System32\drivers\hpfx64bulk.sys [20504 2009-02-26] (Hewlett Packard)
R2 kisknl; C:\windows\system32\drivers\kisknl.sys [221496 2013-02-10] (Kingsoft Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2014-04-02] (Intel Corporation)
R0 MfeEpePc; C:\Windows\System32\Drivers\MfeEpePc.sys [168008 2011-02-09] (McAfee, Inc.)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [1512952 2014-04-02] (Sunplus)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.)
S3 catchme; \??\C:\aaa\catchme.sys [X]
S3 cpuz132; \??\C:\Users\Simona\AppData\Local\Temp\cpuz132\cpuz132_x64.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 EverestDriver; \??\C:\Users\Simona\AppData\Local\Temp\EverestDriver.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X]
S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [X]
S3 huawei_wwanecm; system32\DRIVERS\ew_juwwanecm.sys [X]
S1 KDHacker; \??\c:\program files (x86)\kingsoft\kingsoft antivirus\security\kxescan\kdhacker64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-09-06 16:35 - 2016-09-06 16:35 - 00003536 ____N C:\bootsqm.dat
2016-09-06 16:30 - 2016-09-06 16:30 - 00000000 __SHD C:\found.000
2016-09-05 19:17 - 2016-09-05 19:19 - 00000000 ____D C:\Users\Simona\Documents\NAHRÁT ROZTŘÍDIT
2016-09-05 18:48 - 2016-09-05 18:48 - 00004144 _____ C:\Users\Simona\Desktop\AdwCleaner[S6].txt
2016-09-05 18:44 - 2016-09-05 18:44 - 00002176 _____ C:\Users\Simona\Desktop\jalkfjakl.txt
2016-09-05 18:34 - 2016-09-04 20:15 - 03826240 _____ C:\Users\Simona\Desktop\adwcleaner_6.010.exe
2016-09-04 20:29 - 2016-09-06 16:43 - 00000000 ____D C:\FRST
2016-09-04 19:51 - 2016-09-04 19:53 - 00000000 ____D C:\Program Files\trend micro
2016-09-04 19:51 - 2016-09-04 19:51 - 00000000 ____D C:\rsit
2016-09-04 18:15 - 2016-09-04 18:15 - 00026891 _____ C:\ComboFix.txt
2016-09-04 17:36 - 2016-09-04 17:35 - 00391496 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2016-09-04 17:35 - 2016-09-04 17:35 - 00053208 _____ (AVAST Software) C:\windows\avastSS.scr
2016-09-04 16:45 - 2016-09-04 16:45 - 00003328 _____ C:\windows\System32\Tasks\CrystalDiskInfo
2016-09-04 16:41 - 2016-09-04 16:42 - 00000000 ____D C:\Program Files (x86)\CrystalDiskInfo
2016-09-04 16:41 - 2016-09-04 16:41 - 03958792 _____ (Crystal Dew World ) C:\Users\Simona\Downloads\CrystalDiskInfo7_0_2-en.exe
2016-09-04 16:41 - 2016-09-04 16:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2016-09-04 16:40 - 2016-09-04 16:40 - 03958792 _____ (Crystal Dew World ) C:\Users\Simona\Downloads\62C9.tmp
2016-09-04 15:46 - 2016-09-04 17:43 - 00192216 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2016-09-04 15:45 - 2016-09-04 15:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-09-04 15:45 - 2016-09-04 15:45 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-09-04 15:45 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2016-09-04 15:45 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamchameleon.sys
2016-09-04 15:45 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\windows\system32\Drivers\mbam.sys
2016-09-04 15:43 - 2016-09-04 15:43 - 00027277 _____ C:\Users\Simona\Desktop\cf log.txt
2016-09-04 15:03 - 2011-06-26 08:45 - 00256000 _____ C:\windows\PEV.exe
2016-09-04 15:03 - 2010-11-07 19:20 - 00208896 _____ C:\windows\MBR.exe
2016-09-04 15:03 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
2016-09-04 15:03 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
2016-09-04 15:03 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
2016-09-04 15:03 - 2000-08-31 02:00 - 00098816 _____ C:\windows\sed.exe
2016-09-04 15:03 - 2000-08-31 02:00 - 00080412 _____ C:\windows\grep.exe
2016-09-04 15:03 - 2000-08-31 02:00 - 00068096 _____ C:\windows\zip.exe
2016-09-04 15:02 - 2016-09-04 20:31 - 00000000 ____D C:\Users\Simona\Desktop\aaa
2016-09-04 15:02 - 2016-09-04 15:33 - 00000000 ____D C:\windows\erdnt
2016-09-03 07:41 - 2016-09-03 07:41 - 00001076 _____ C:\Users\Simona\Desktop\vysledek.txt
2016-09-02 20:42 - 2016-09-02 20:42 - 00000000 ____D C:\Program Files (x86)\ESET
2016-09-02 20:41 - 2016-09-02 20:41 - 02870984 _____ (ESET) C:\Users\Simona\Downloads\esetsmartinstaller_csy.exe
2016-09-02 19:47 - 2016-09-02 19:54 - 00000000 ____D C:\Users\Simona\Documents\1 STAŽENÉ SOUBORY POTŘEBNÉ
2016-09-01 23:37 - 2016-09-04 18:15 - 00000000 ____D C:\Qoobox
2016-08-16 20:07 - 2016-09-03 07:43 - 00000958 _____ C:\windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-08-16 20:07 - 2016-08-16 20:07 - 00003956 _____ C:\windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-08-16 19:31 - 2016-07-08 17:32 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2016-08-16 19:31 - 2016-07-08 17:16 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2016-08-14 21:49 - 2016-08-14 21:52 - 00003848 _____ C:\windows\System32\Tasks\Opera scheduled Autoupdate 1471204159
2016-08-14 21:49 - 2016-08-14 21:49 - 00001131 _____ C:\Users\Public\Desktop\Opera.lnk
2016-08-14 21:49 - 2016-08-14 21:49 - 00001131 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-08-14 21:49 - 2016-08-14 21:49 - 00000000 ____D C:\Users\Simona\AppData\Roaming\Opera Software
2016-08-14 21:49 - 2016-08-14 21:49 - 00000000 ____D C:\Users\Simona\AppData\Local\Opera Software
2016-08-14 16:13 - 2016-07-08 17:01 - 03218944 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2016-08-14 15:23 - 2016-08-02 16:54 - 00394440 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2016-08-14 15:23 - 2016-08-02 16:08 - 00346312 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2016-08-14 15:23 - 2016-08-02 08:47 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2016-08-14 15:23 - 2016-08-02 08:47 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2016-08-14 15:23 - 2016-08-02 08:32 - 02894336 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2016-08-14 15:23 - 2016-08-02 08:32 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2016-08-14 15:23 - 2016-08-02 08:31 - 00572416 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2016-08-14 15:23 - 2016-08-02 08:31 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2016-08-14 15:23 - 2016-08-02 08:23 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2016-08-14 15:23 - 2016-08-02 08:19 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2016-08-14 15:23 - 2016-08-02 08:11 - 00969216 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2016-08-14 15:23 - 2016-08-02 08:03 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2016-08-14 15:23 - 2016-08-02 08:00 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2016-08-14 15:23 - 2016-08-02 07:59 - 00107520 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2016-08-14 15:23 - 2016-08-02 07:54 - 20343808 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2016-08-14 15:23 - 2016-08-02 07:53 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2016-08-14 15:23 - 2016-08-02 07:51 - 00497664 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2016-08-14 15:23 - 2016-08-02 07:51 - 00152064 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2016-08-14 15:23 - 2016-08-02 07:51 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2016-08-14 15:23 - 2016-08-02 07:51 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2016-08-14 15:23 - 2016-08-02 07:50 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2016-08-14 15:23 - 2016-08-02 07:47 - 02286592 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2016-08-14 15:23 - 2016-08-02 07:45 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2016-08-14 15:23 - 2016-08-02 07:44 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2016-08-14 15:23 - 2016-08-02 07:42 - 00476160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2016-08-14 15:23 - 2016-08-02 07:41 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2016-08-14 15:23 - 2016-08-02 07:41 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2016-08-14 15:23 - 2016-08-02 07:41 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2016-08-14 15:23 - 2016-08-02 07:38 - 00806400 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2016-08-14 15:23 - 2016-08-02 07:38 - 00724992 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2016-08-14 15:23 - 2016-08-02 07:36 - 02131456 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2016-08-14 15:23 - 2016-08-02 07:33 - 00416256 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2016-08-14 15:23 - 2016-08-02 07:29 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-08-14 15:23 - 2016-08-02 07:28 - 00091136 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2016-08-14 15:23 - 2016-08-02 07:25 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2016-08-14 15:23 - 2016-08-02 07:24 - 00279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2016-08-14 15:23 - 2016-08-02 07:22 - 00130048 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2016-08-14 15:23 - 2016-08-02 07:21 - 04608000 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2016-08-14 15:23 - 2016-08-02 07:16 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2016-08-14 15:23 - 2016-08-02 07:15 - 00692736 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2016-08-14 15:23 - 2016-08-02 07:14 - 02055680 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2016-08-14 15:23 - 2016-08-02 07:14 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2016-08-14 15:23 - 2016-08-02 07:11 - 13808128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2016-08-14 15:23 - 2016-08-02 07:10 - 01550848 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2016-08-14 15:23 - 2016-08-02 06:59 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2016-08-14 15:23 - 2016-08-02 06:56 - 02393088 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2016-08-14 15:23 - 2016-08-02 06:53 - 01316352 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2016-08-14 15:23 - 2016-08-02 06:51 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2016-08-14 15:23 - 2016-07-08 17:37 - 00154856 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2016-08-14 15:23 - 2016-07-08 17:37 - 00095464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2016-08-14 15:23 - 2016-07-08 17:32 - 01464320 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2016-08-14 15:23 - 2016-07-08 17:32 - 01212928 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2016-08-14 15:23 - 2016-07-08 17:32 - 00730624 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2016-08-14 15:23 - 2016-07-08 17:32 - 00690688 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2016-08-14 15:23 - 2016-07-08 17:32 - 00463872 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2016-08-14 15:23 - 2016-07-08 17:32 - 00343552 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2016-08-14 15:23 - 2016-07-08 17:32 - 00316416 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2016-08-14 15:23 - 2016-07-08 17:32 - 00312320 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2016-08-14 15:23 - 2016-07-08 17:32 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2016-08-14 15:23 - 2016-07-08 17:32 - 00190464 _____ (Microsoft Corporation) C:\windows\system32\rpchttp.dll
2016-08-14 15:23 - 2016-07-08 17:32 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2016-08-14 15:23 - 2016-07-08 17:32 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2016-08-14 15:23 - 2016-07-08 17:32 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2016-08-14 15:23 - 2016-07-08 17:32 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2016-08-14 15:23 - 2016-07-08 17:32 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2016-08-14 15:23 - 2016-07-08 17:32 - 00028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2016-08-14 15:23 - 2016-07-08 17:32 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2016-08-14 15:23 - 2016-07-08 17:32 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2016-08-14 15:23 - 2016-07-08 17:17 - 00666112 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2016-08-14 15:23 - 2016-07-08 17:17 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2016-08-14 15:23 - 2016-07-08 17:16 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2016-08-14 15:23 - 2016-07-08 17:16 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2016-08-14 15:23 - 2016-07-08 17:16 - 00342528 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2016-08-14 15:23 - 2016-07-08 17:16 - 00260608 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2016-08-14 15:23 - 2016-07-08 17:16 - 00251392 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2016-08-14 15:23 - 2016-07-08 17:16 - 00223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2016-08-14 15:23 - 2016-07-08 17:16 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2016-08-14 15:23 - 2016-07-08 17:16 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2016-08-14 15:23 - 2016-07-08 17:16 - 00141312 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpchttp.dll
2016-08-14 15:23 - 2016-07-08 17:16 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2016-08-14 15:23 - 2016-07-08 17:16 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2016-08-14 15:23 - 2016-07-08 17:16 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2016-08-14 15:23 - 2016-07-08 17:16 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2016-08-14 15:23 - 2016-07-08 17:03 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2016-08-14 15:23 - 2016-07-08 16:57 - 00159744 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2016-08-14 15:23 - 2016-07-08 16:56 - 00291328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2016-08-14 15:23 - 2016-07-08 16:56 - 00129536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2016-08-14 15:23 - 2016-07-08 16:55 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2016-08-14 15:23 - 2016-07-08 16:55 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2016-08-14 15:23 - 2016-07-08 16:50 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2016-08-14 15:22 - 2016-08-02 08:54 - 25808384 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2016-08-14 15:22 - 2016-08-02 08:31 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2016-08-14 15:22 - 2016-08-02 08:31 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2016-08-14 15:22 - 2016-08-02 08:24 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2016-08-14 15:22 - 2016-08-02 08:20 - 00615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2016-08-14 15:22 - 2016-08-02 08:19 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2016-08-14 15:22 - 2016-08-02 08:18 - 06047744 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2016-08-14 15:22 - 2016-08-02 08:18 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2016-08-14 15:22 - 2016-08-02 08:18 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2016-08-14 15:22 - 2016-08-02 08:08 - 00489984 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2016-08-14 15:22 - 2016-08-02 07:56 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2016-08-14 15:22 - 2016-08-02 07:55 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2016-08-14 15:22 - 2016-08-02 07:51 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2016-08-14 15:22 - 2016-08-02 07:40 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2016-08-14 15:22 - 2016-08-02 07:37 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2016-08-14 15:22 - 2016-08-02 07:28 - 15412224 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2016-08-14 15:22 - 2016-08-02 07:26 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2016-08-14 15:22 - 2016-08-02 07:23 - 02868224 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2016-08-11 19:04 - 2016-08-11 19:04 - 00000782 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-08-11 18:41 - 2016-09-02 19:45 - 00001882 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-08-11 18:41 - 2016-08-11 18:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-09-06 16:36 - 2009-07-14 07:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-09-06 16:15 - 2009-07-14 05:20 - 00000000 ____D C:\windows\system32\NDF
2016-09-06 16:13 - 2012-04-15 10:42 - 00000914 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2016-09-05 23:00 - 2012-07-25 07:27 - 00004180 _____ C:\windows\System32\Tasks\avast! Emergency Update
2016-09-05 22:51 - 2015-01-08 22:15 - 00000000 ____D C:\Users\Simona\Documents\Zálohy mega
2016-09-05 20:03 - 2009-07-14 06:45 - 00025648 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-09-05 20:03 - 2009-07-14 06:45 - 00025648 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-09-05 19:51 - 2011-05-12 02:01 - 00000000 ____D C:\ProgramData\HPQLOG
2016-09-05 19:47 - 2015-04-12 20:56 - 00000000 ____D C:\AdwCleaner
2016-09-05 19:47 - 2009-07-14 05:20 - 00000000 ____D C:\windows\inf
2016-09-05 19:46 - 2011-05-12 02:04 - 00671360 _____ C:\windows\system32\perfh005.dat
2016-09-05 19:46 - 2011-05-12 02:04 - 00142682 _____ C:\windows\system32\perfc005.dat
2016-09-05 19:46 - 2009-07-14 07:13 - 01586170 _____ C:\windows\system32\PerfStringBackup.INI
2016-09-05 19:21 - 2016-04-09 20:13 - 00000000 ____D C:\Zálohy
2016-09-05 19:17 - 2016-07-07 20:08 - 00000000 ____D C:\Users\Simona\Documents\NAHRÁT VALOUCH
2016-09-05 18:55 - 2011-10-16 20:33 - 00000000 ____D C:\Users\Simona\AppData\Roaming\SoftGrid Client
2016-09-05 18:29 - 2015-08-20 20:41 - 00000000 ____D C:\ProgramData\ProductData
2016-09-04 18:10 - 2009-07-14 04:34 - 00000215 ____N C:\windows\system.ini
2016-09-04 17:42 - 2016-03-23 23:06 - 00003892 _____ C:\windows\System32\Tasks\SafeZone scheduled Autoupdate 1458767177
2016-09-04 17:36 - 2014-01-01 20:25 - 00163416 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2016-09-04 17:35 - 2016-03-23 23:05 - 00037144 _____ (AVAST Software) C:\windows\system32\Drivers\aswKbd.sys
2016-09-04 17:35 - 2014-06-24 08:28 - 00037656 _____ (AVAST Software) C:\windows\system32\Drivers\aswHwid.sys
2016-09-04 17:35 - 2013-11-05 12:08 - 00969560 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2016-09-04 17:35 - 2013-11-05 12:08 - 00513496 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2016-09-04 17:35 - 2013-11-05 12:08 - 00292704 _____ (AVAST Software) C:\windows\system32\Drivers\aswVmm.sys
2016-09-04 17:35 - 2013-11-05 12:08 - 00108816 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2016-09-04 17:35 - 2013-11-05 12:08 - 00103064 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2016-09-04 17:35 - 2013-11-05 12:08 - 00074544 _____ (AVAST Software) C:\windows\system32\Drivers\aswRvrt.sys
2016-09-04 16:42 - 2011-10-14 12:34 - 00078952 _____ C:\Users\Simona\AppData\Local\GDIPFONTCACHEV1.DAT
2016-09-04 14:15 - 2009-07-14 05:20 - 00000000 ____D C:\windows\registration
2016-09-03 05:09 - 2015-12-07 18:12 - 00000000 ____D C:\windows\System32\Tasks\AVAST Software
2016-09-03 05:09 - 2015-04-14 06:35 - 00000000 ____D C:\Users\Simona\AppData\Roaming\ProductData
2016-09-03 05:09 - 2015-04-08 21:43 - 00000000 ___SD C:\windows\system32\GWX
2016-09-03 05:09 - 2009-07-14 05:20 - 00000000 ____D C:\windows\system32\Msdtc
2016-09-03 05:06 - 2014-07-23 09:37 - 00000000 ____D C:\Users\Simona\AppData\Local\Mega Limited
2016-09-02 20:15 - 2009-07-14 06:45 - 00357096 _____ C:\windows\system32\FNTCACHE.DAT
2016-09-02 20:10 - 2011-10-15 11:36 - 00000000 ____D C:\Program Files (x86)\Google
2016-09-02 20:06 - 2016-05-13 22:05 - 00000000 ___RD C:\Users\Simona\Documents\MEGA_OBEC_WEB
2016-09-02 20:06 - 2016-04-14 20:52 - 00000000 ___RD C:\Users\Simona\Documents\MEGA_OBEC_HORKA
2016-09-02 20:06 - 2016-04-10 22:47 - 00000000 ___RD C:\Users\Simona\Documents\MEGA_ÚČETNICTVÍ
2016-09-02 20:06 - 2016-04-08 22:11 - 00000000 ____D C:\ProgramData\MEGAsync
2016-09-02 19:36 - 2011-10-14 12:26 - 00000000 ____D C:\Users\Simona
2016-09-02 18:10 - 2015-06-10 21:44 - 00000000 ____D C:\Users\Simona\AppData\Local\CrashDumps
2016-09-02 18:10 - 2013-02-10 21:30 - 00000000 ____D C:\windows\Minidump
2016-08-29 15:54 - 2016-05-23 08:55 - 00000000 ____D C:\Users\Simona\Documents\My Scans
2016-08-25 17:05 - 2015-12-24 22:24 - 00023491 _____ C:\windows\BRRBCOM.INI
2016-08-25 08:01 - 2013-05-07 10:57 - 00000000 ____D C:\Users\Simona\Documents\Zálohy
2016-08-24 23:44 - 2009-07-14 07:32 - 00000000 ____D C:\windows\Downloaded Program Files
2016-08-18 08:42 - 2011-10-14 21:20 - 00000000 ____D C:\windows\rescache
2016-08-16 20:08 - 2012-03-21 15:48 - 00000000 ____D C:\Users\Simona\AppData\Local\Adobe
2016-08-16 20:07 - 2012-04-15 10:42 - 00796352 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2016-08-16 20:07 - 2012-04-15 10:42 - 00003852 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2016-08-16 20:07 - 2011-10-15 11:35 - 00142528 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-08-14 21:52 - 2013-01-09 20:50 - 00000000 ____D C:\Program Files (x86)\Opera
2016-08-14 21:38 - 2011-10-15 11:36 - 00000000 ____D C:\Users\Simona\AppData\Local\Google
2016-08-14 15:33 - 2013-07-18 15:24 - 00000000 ____D C:\windows\system32\MRT
2016-08-14 15:26 - 2011-10-15 18:27 - 147640136 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2016-08-11 19:46 - 2013-11-05 12:08 - 00292704 _____ (AVAST Software) C:\windows\system32\Drivers\aswvmm.sys.147093758337505
2016-08-11 19:44 - 2013-11-05 12:08 - 00292704 _____ (AVAST Software) C:\windows\system32\Drivers\aswvmm.sys.147093758389104
2016-08-11 19:43 - 2011-10-15 11:41 - 00003192 _____ C:\windows\System32\Tasks\HPCeeScheduleForSimona
2016-08-11 19:43 - 2011-10-15 11:41 - 00000336 _____ C:\windows\Tasks\HPCeeScheduleForSimona.job
2016-08-11 19:43 - 2011-10-14 12:25 - 00003220 _____ C:\windows\System32\Tasks\HPCeeScheduleForSIMONA-HP$
2016-08-11 19:43 - 2011-10-14 12:25 - 00000344 _____ C:\windows\Tasks\HPCeeScheduleForSIMONA-HP$.job
2016-08-11 19:15 - 2011-10-16 20:07 - 00000000 ____D C:\Program Files (x86)\epson
2016-08-11 19:13 - 2013-12-10 10:24 - 00000034 _____ C:\windows\eporadce_1310.ini
2016-08-11 19:13 - 2013-12-10 10:23 - 00000000 ____D C:\Program Files\E-Poradce Říjen 2013
2016-08-10 20:07 - 2013-12-10 10:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\E-Poradce Říjen 2013
2016-08-10 20:07 - 2013-11-04 12:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-08-10 20:07 - 2012-03-20 15:26 - 00000000 ____D C:\windows\pss
2016-08-10 20:07 - 2011-10-15 11:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-08-10 20:07 - 2011-10-15 11:39 - 00000000 ____D C:\Program Files\CCleaner
2016-08-10 20:07 - 2011-07-06 02:32 - 00000000 ____D C:\Program Files\IDT
2016-08-10 20:06 - 2012-03-25 14:26 - 00000000 ____D C:\Program Files (x86)\Clementine
2016-08-10 20:06 - 2011-05-12 02:05 - 00000000 ____D C:\Program Files (x86)\Xobni
2016-08-09 10:06 - 2015-10-30 21:05 - 00000000 ____D C:\Users\Simona\.oracle_jre_usage

==================== Files in the root of some directories =======

2007-11-20 09:22 - 2007-11-20 09:22 - 0000060 ____R () C:\Program Files (x86)\BRINST.INI
2007-07-07 07:07 - 2007-07-07 07:07 - 0812544 _____ (Big Bang enterprises) C:\Program Files (x86)\DoubleKiller.exe
2015-05-30 20:59 - 2015-05-30 21:05 - 0005120 _____ () C:\Users\Simona\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-02-09 14:32 - 2012-06-26 14:28 - 0007600 _____ () C:\Users\Simona\AppData\Local\Resmon.ResmonCfg
2011-10-16 20:41 - 2011-10-16 20:41 - 0000252 _____ () C:\ProgramData\FastPics.log
2013-06-11 09:46 - 2016-07-14 13:38 - 0007961 _____ () C:\ProgramData\hpzinstall.log
2013-02-20 11:33 - 2013-05-31 17:15 - 0000160 _____ () C:\ProgramData\lxdq.log
2013-03-19 10:00 - 2014-06-04 21:03 - 0000431 _____ () C:\ProgramData\lxdqDiagnostics.log
2015-06-25 22:39 - 2015-06-25 22:39 - 0000095 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2015-06-25 22:38 - 2015-06-25 22:38 - 0000089 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.64.bc

Some files in TEMP:
====================
C:\Users\Simona\AppData\Local\Temp\libeay32.dll
C:\Users\Simona\AppData\Local\Temp\msvcr120.dll
C:\Users\Simona\AppData\Local\Temp\sqlite3.dll


Some zero byte size files/folders:
==========================
C:\Windows\SysWOW64\ARAudioCDGrabber2.dll
C:\Windows\SysWOW64\ARAudioPlayer2.dll
C:\Windows\SysWOW64\ARAudioTransform2.dll

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\SysWOW64\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-09-05 02:55

==================== End of FRST.txt ============================

Re: Zpomalený Pc - procesy csrss a winlogon

Napsal: 06 zář 2016 18:13
od Rudy
Otevřte poznámkový blok a zkopírujte do něj:
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => No File
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => No File
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => No File
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2478000333-2312206248-9832235-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKLM-x32 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2478000333-2312206248-9832235-1001 -> DefaultScope 0633EE93-D776-472f-A0FF-E1416B8B2E3A URL =
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
C:\Users\Simona\Downloads\62C9.tmp
C:\Users\Simona\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Users\Simona\AppData\Local\Temp
End
Uložte do C:\Users\Simona\Desktop\aaa jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: Zpomalený Pc - procesy csrss a winlogon

Napsal: 06 zář 2016 18:23
od simkavac
Fix result of Farbar Recovery Scan Tool (x64) Version: 31-08-2016
Ran by Simona (06-09-2016 19:11:30) Run:1
Running from C:\Users\Simona\Desktop\aaa
Loaded Profiles: Simona (Available Profiles: Simona)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => No File
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => No File
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => No File
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2478000333-2312206248-9832235-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKLM-x32 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2478000333-2312206248-9832235-1001 -> DefaultScope 0633EE93-D776-472f-A0FF-E1416B8B2E3A URL =
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
C:\Users\Simona\Downloads\62C9.tmp
C:\Users\Simona\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Users\Simona\AppData\Local\Temp
End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtPending" => key removed successfully
HKCR\CLSID\{056D528D-CE28-4194-9BA3-BA2E9197FF8C} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSynced" => key removed successfully
HKCR\CLSID\{05B38830-F4E9-4329-978B-1DD28605D202} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\###MegaShellExtSyncing" => key removed successfully
HKCR\CLSID\{0596C850-7BDD-4C9D-AFDF-873BE6890637} => key not found.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
"HKU\S-1-5-21-2478000333-2312206248-9832235-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}" => key removed successfully
HKCR\Wow6432Node\CLSID\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43} => key not found.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-21-2478000333-2312206248-9832235-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => value removed successfully
"HKCR\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => value removed successfully
HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => key not found.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
C:\Users\Simona\Downloads\62C9.tmp => moved successfully
C:\Users\Simona\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully

"C:\Users\Simona\AppData\Local\Temp" folder move:

Could not move "C:\Users\Simona\AppData\Local\Temp" => Scheduled to move on reboot.


Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 06-09-2016 19:14:25)

C:\Users\Simona\AppData\Local\Temp => moved successfully

==== End of Fixlog 19:14:27 ====

Re: Zpomalený Pc - procesy csrss a winlogon

Napsal: 06 zář 2016 18:24
od Rudy
Smazáno. Nastala nějaká změna?

Re: Zpomalený Pc - procesy csrss a winlogon

Napsal: 06 zář 2016 18:39
od simkavac
Pořád nejde wifina a stále v procesech běží csrss a winlogon, u kterých nejde otevřít umístění souboru. Zdá se mi, že počítač trochu zrychlil.

Re: Zpomalený Pc - procesy csrss a winlogon

Napsal: 06 zář 2016 19:12
od Rudy
Ty procesy mohou být zcela regulérní, záleží na tom, odkud jsou spouštěny. Jakou chybu wifi vyhazuje?

Re: Zpomalený Pc - procesy csrss a winlogon

Napsal: 06 zář 2016 19:18
od simkavac
Funkce bezdrátového připojení vypnuta. Přitom kontrolka svítí bíle, takže by to mělo být v pořádku.

Re: Zpomalený Pc - procesy csrss a winlogon

Napsal: 06 zář 2016 20:24
od Rudy
Otevřte správce zařízení a rozklikněte síťové adaptéry. Najděte wifi adaptér a odinstalujte ovladač. Pak restartujte PC. Ovladač bude znovu načten. Wifi pak vyzkoušejte.

Re: Zpomalený Pc - procesy csrss a winlogon

Napsal: 06 zář 2016 21:17
od simkavac
Odinstalovala jsem všechny síťové adaptéry a restartovala jsem počítač. Bohužel to nepomohlo. Tohle to píše.

Diagnostické informace (Síťový Adaptér)
Podrobnosti diagnostiky síťový adaptér:

Informace o ovladači síťového adaptéru Připojení k místní síti:

Popis . . . . . . . . . . : Realtek PCIe GBE Family Controller
Výrobce . . . . . . . . . : Realtek
Poskytovatel . . . . . . . . . . . : Realtek
Verze . . . . . . . . . . . : 7.31.1025.2010
Název souboru INF . . . . . . . . . : C:\windows\INF\oem9.inf
Datum souboru INF . . . . . . . . . : 30. listopadu 2010 16:32:36
Název oddílu . . . . . . . . . : RTL8168E.ndi
ID hardwaru . . . . . . . . . . : pci\ven_10ec&dev_8168&rev_06
Příznaky stavu instance . . . . . : 0x180200a
Stavový kód správce zařízení . . : 0
IfType . . . . . . . . . . . . : 6
Typ fyzického média . . . . . . : 14



InformativníDiagnostické informace (Síťový Adaptér)
Podrobnosti diagnostiky síťový adaptér:

Informace o ovladači síťového adaptéru Bezdrátové připojení k síti:

Popis . . . . . . . . . . : Qualcomm Atheros AR9285 802.11b/g/n WiFi Adapter
Výrobce . . . . . . . . . : Atheros Communications Inc.
Poskytovatel . . . . . . . . . . . : Atheros Communications Inc.
Verze . . . . . . . . . . . : 9.2.0.215
Název souboru INF . . . . . . . . . : C:\windows\INF\oem24.inf
Datum souboru INF . . . . . . . . . : 8. ledna 2011 15:11:40
Název oddílu . . . . . . . . . : ATHR_DEV_OS61_H30AB.ndi
ID hardwaru . . . . . . . . . . : pci\ven_168c&dev_002b&subsys_1461103c
Příznaky stavu instance . . . . . : 0x180200a
Stavový kód správce zařízení . . : 0
IfType . . . . . . . . . . . . : 71
Typ fyzického média . . . . . . : 9



InformativníDiagnostické informace (Síťový Adaptér)
Podrobnosti diagnostiky síťový adaptér:

Informace o ovladači síťového adaptéru Síťové připojení Bluetooth:

Popis . . . . . . . . . . : Zařízení Bluetooth (síť PAN)
Výrobce . . . . . . . . . : Microsoft
Poskytovatel . . . . . . . . . . . : Microsoft
Verze . . . . . . . . . . . : 6.1.7600.16385
Název souboru INF . . . . . . . . . : C:\windows\INF\bthpan.inf
Datum souboru INF . . . . . . . . . : 13. července 2009 20:39:56
Název oddílu . . . . . . . . . : BthPan.Install
ID hardwaru . . . . . . . . . . : bth\ms_bthpan
Příznaky stavu instance . . . . . : 0x180200a
Stavový kód správce zařízení . . : 0
IfType . . . . . . . . . . . . : 6
Typ fyzického média . . . . . . : 10



InformativníDiagnostické informace (Síťový Adaptér)
Podrobnosti diagnostiky síťový adaptér:

Informace o ovladači síťového adaptéru Bezdrátové připojení k síti 3:

Popis . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Výrobce . . . . . . . . . : Microsoft
Poskytovatel . . . . . . . . . . . : Microsoft
Verze . . . . . . . . . . . : 6.1.7600.16385
Název souboru INF . . . . . . . . . : C:\windows\INF\oem54.inf
Datum souboru INF . . . . . . . . . : 13. července 2009 20:42:54
Název oddílu . . . . . . . . . : vwifimp.ndi
ID hardwaru . . . . . . . . . . : {5d624f94-8850-40c3-a3fa-a4fd2080baf3}\vwifimp
Příznaky stavu instance . . . . . : 0x180200a
Stavový kód správce zařízení . . : 0
IfType . . . . . . . . . . . . : 71
Typ fyzického média . . . . . . : 9



InformativníDiagnostické informace (Bezdrátové Připojení)
Podrobnosti diagnostiky bezdrátové připojení:

Úplné informace o této relaci naleznete v informační události bezdrátového připojení.

Třída pomocníka: Automatická konfigurace
Stav inicializace: Úspěch

Informace o diagnostikovaných připojeních

Výsledek diagnostiky: Nebyly zjištěny žádné potíže.






InformativníDiagnostické informace (Bezdrátové Připojení)
Podrobnosti diagnostiky bezdrátové připojení:

Informace o diagnostikovaných připojeních
Identifikátor GUID rozhraní: 3c965238-e0aa-43e1-9186-523cbe951180
Název rozhraní: Qualcomm Atheros AR9285 802.11b/g/n WiFi Adapter
Typ rozhraní: Nativní Wi-Fi

Problém s připojením byl diagnostikován.


Seznam viditelných přístupových bodů: Celkem položek: 0, zobrazeno položek: 0

Historie připojení

Informace pro automatickou konfiguraci, ID = 1

Seznam viditelných sítí: Celkem položek: 0, zobrazeno položek: 0

Seznam upřednostňovaných sítí: Počet položek: 0




InformativníDiagnostické informace (Bezdrátové Připojení)
Podrobnosti diagnostiky bezdrátové připojení:

Úplné informace o této relaci naleznete v informační události bezdrátového připojení.

Třída pomocníka: Automatická konfigurace
Stav inicializace: Úspěch

Informace o diagnostikovaných připojeních
Identifikátor GUID rozhraní: 3c965238-e0aa-43e1-9186-523cbe951180
Název rozhraní: Qualcomm Atheros AR9285 802.11b/g/n WiFi Adapter
Typ rozhraní: Nativní Wi-Fi

Výsledek diagnostiky: Byly zjištěny potíže.

Hlavní příčina:
Funkce bezdrátového připojení je vypnuta.

Podrobnosti hlavní příčiny:
Rádio je vypnuto (hardwarový přepínač).

Možnost opravy:
Zapnutí bezdrátové funkce
Bezdrátovou funkci tohoto počítače zapnete pomocí přepínače na přední nebo boční stěně počítače, nebo pomocí funkčních kláves.

Moc děkuji za pomoc. Počítač už opravdu jede dobře.

Re: Zpomalený Pc - procesy csrss a winlogon

Napsal: 06 zář 2016 21:42
od Rudy
Podle tohoto, byl wifi vypnut. Nějak jsem nepochopil, jestli je vše OK, nebo ne:
Odinstalovala jsem všechny síťové adaptéry a restartovala jsem počítač. Bohužel to nepomohlo.
Moc děkuji za pomoc. Počítač už opravdu jede dobře.
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz