VIRY.CZ

Zdavím, v ntb mi veľmi pomaly ide net (skúšal som viacero prehliadačov a programov) a zvláštne kolíše signál, i keď som pri routri. Začalo to pár dní dozadu. Ostatné zariadenia to nerobia, takže bude to notebookom a dúfam že len softvérovo.
Viete mi pomôcť? Ďakujem.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-01-2017
Ran by Pedro (administrator) on LENPEDRO (11-01-2017 18:26:00)
Running from C:\Users\Pedro\Desktop
Loaded Profiles: Pedro (Available Profiles: Pedro)
Platform: Windows 8.1 (Update) (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Spoločnosť Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\55.0.2883.17\remoting_host.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Projector\EPSON USB Display V1.4\EMP_UDSA.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Firebird Project) C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fb_inet_server.exe
(Spoločnosť Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\55.0.2883.17\remoting_host.exe
(Firebird Project) C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\fbserver.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(LENOVO INCORPORATED.) C:\Program Files\lenovo\iMController\SystemAgentService.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\WebcamSplitterServer.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
(Lenovo) C:\ProgramData\LenovoTransition\Server\x64\ymc.exe
() C:\Program Files (x86)\Lenovo\Yoga Picks\Service\x64\YogaPicks.AppService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(IntelliBreeze Software AB) C:\Program Files (x86)\Gmail Notifier Pro\GmailNotifierPro.exe
(Thomas Ascher) C:\Program Files (x86)\ATnotes\ATnotes.exe
(KROS a.s.) C:\Program Files (x86)\KROS\ALFA plus\!System\ALFAplus.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.1\Lightshot.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_24_0_0_194.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_24_0_0_194.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-03-26] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-01-22] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374936 2014-01-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374936 2014-01-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374936 2014-01-13] (Realtek Semiconductor)
HKLM\...\Run: [Yoga PhoneCompanion] => C:\Program Files\Lenovo Yoga PhoneCompanion\Yoga Phone Companion.exe [844304 2014-09-26] (Lenovo)
HKLM\...\Run: [AutoStartTransition] => C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe [294672 2014-09-26] ()
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15813616 2014-09-26] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2014-09-26] (Lenovo(beijing) Limited)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-26] (Logitech, Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-12-06] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [917576 2016-12-13] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [EPSON_UD_START] => C:\Program Files (x86)\EPSON Projector\EPSON USB Display V1.4\EMP_UD.exe [329632 2009-01-21] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [ChangeFilterMerit] => C:\Program Files (x86)\NewSoft\Presto! PVR\ChangeFilterMerit.exe [51280 2007-06-08] (NewSoft)
HKLM-x32\...\Run: [Presto! PVR Monitor] => C:\Program Files (x86)\NewSoft\Presto! PVR\Monitor.exe [157520 2010-03-24] (NewSoft)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2016-07-11] ()
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [529480 2016-02-24] (Autodesk Inc.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [60136 2016-11-15] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35760 2009-12-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [948672 2009-12-11] (Adobe Systems Incorporated)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23818360 2016-11-30] (Google)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [GmailNotifierPro] => C:\Program Files (x86)\Gmail Notifier Pro\GmailNotifierPro.exe [2881752 2016-02-16] (IntelliBreeze Software AB)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [ATnotes.exe] => C:\Program Files (x86)\ATnotes\ATnotes.exe [1015808 2005-01-05] (Thomas Ascher)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [Epson Stylus SX110] => C:\windows\system32\spool\DRIVERS\x64\3\E_IATIFBE.EXE [223232 2008-09-26] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [BlazeServoTool] => C:\Program Files (x86)\BlazeVideo\BlazeDTV 6.0\MediaDetector.exe [286720 2010-03-06] (BlazeVideo Company)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [Epic Privacy Browser Installer] => C:\Users\Pedro\AppData\Local\Epic Privacy Browser\Installer\EpicUpdate.exe [509096 2016-11-02] (Epic Privacy Browser)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27226072 2016-11-03] (Skype Technologies S.A.)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Policies\Explorer: []
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\MountPoints2: {54f0470c-b2cd-11e4-827e-e8b1fc0cf016} - "F:\Startme.exe"
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\MountPoints2: {e8b0ea66-16c9-11e5-82a0-e8b1fc0cf016} - "F:\EMP_UDSe.exe" /autorun
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\windows\system32\AcSignIcon.dll [2016-05-24] (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ALFA plus - rýchle spustenie.lnk [2017-01-03]
ShortcutTarget: ALFA plus - rýchle spustenie.lnk -> C:\Program Files (x86)\KROS\ALFA plus\!System\ALFAplus.exe (KROS a.s.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 127.0.0.1 activate.adobe.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{C6E367B2-F55B-4323-999C-A41A39572233}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.sk/
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2121847970-1608828601-3914908799-1001 -> DefaultScope {EC5134AD-236A-4D0A-996F-7C41A1CC9C50} URL =
SearchScopes: HKU\S-1-5-21-2121847970-1608828601-3914908799-1001 -> {EC5134AD-236A-4D0A-996F-7C41A1CC9C50} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-11-12] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-24] (Oracle Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-24] (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21] (Adobe Systems Incorporated)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2014-11-12] (Microsoft Corporation)
IE Session Restore: HKU\S-1-5-21-2121847970-1608828601-3914908799-1001 -> is enabled.
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-10-14] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - No File

FireFox:
========
FF DefaultProfile: esgz87fp.default
FF ProfilePath: C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\esgz87fp.default [2017-01-11]
FF Homepage: Mozilla\Firefox\Profiles\esgz87fp.default -> google.sk
FF Session Restore: Mozilla\Firefox\Profiles\esgz87fp.default -> is enabled.
FF Extension: (Flash Video Downloader - YouTube HD Download [4K]) - C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\esgz87fp.default\Extensions\artur.dubovoy@gmail.com [2017-01-09]
FF Extension: (Magic Actions for YouTube™) - C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\esgz87fp.default\Extensions\jid0-UVAeBCfd34Kk5usS8A1CBiobvM8@jetpack.xpi [2017-01-09]
FF Extension: (Slovak (SK) Language Pack) - C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\esgz87fp.default\Extensions\langpack-sk@firefox.mozilla.org.xpi [2017-01-09]
FF Extension: (Adblock Plus) - C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\esgz87fp.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-01-07]
FF Extension: (JavaScript Debugger) - C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\esgz87fp.default\Extensions\{f13b157f-b174-47e7-a34d-4815ddfdfeb8}.xpi [2016-05-02]
FF Extension: (Skype) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-05-25]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2016-01-26] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-10] ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-24] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-24] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-10] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-05-21] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @nullsoft.com/winampDetector;version=1 -> C:\Program Files (x86)\Winamp Detect\npwachk.dll [2013-11-20] (Nullsoft, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Web Components -> C:\Program Files (x86)\Web Components\npWebVideoPlugin.dll [2016-07-16] ()
FF Plugin HKU\S-1-5-21-2121847970-1608828601-3914908799-1001: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=3 -> C:\Users\Pedro\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\npEpicUpdate3.dll [2016-11-02] (Epic Privacy Browser)
FF Plugin HKU\S-1-5-21-2121847970-1608828601-3914908799-1001: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=9 -> C:\Users\Pedro\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\npEpicUpdate3.dll [2016-11-02] (Epic Privacy Browser)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2014-05-21] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2009-12-21] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.sk/
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default [2017-01-09]
CHR Extension: (QR kód) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaephdgbinagkeepamlbkhkfbiaedabm [2015-04-08]
CHR Extension: (Prezentácie Google) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-06]
CHR Extension: (Magic Actions for YouTube™) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2017-01-05]
CHR Extension: (BIODIGITAL HUMAN) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak [2015-04-08]
CHR Extension: (Xmarks Bookmark Sync) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla [2015-04-08]
CHR Extension: (Angry Birds) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2015-04-08]
CHR Extension: (Dokumenty Google) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-06]
CHR Extension: (Disk Google) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-24]
CHR Extension: (Turn Off the Lights) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2017-01-03]
CHR Extension: (Browser To Phone) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgmhcfmipjjciolmfonkjnhpbnfniahh [2015-04-08]
CHR Extension: (YouTube) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Google Search) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-02]
CHR Extension: (uBlock) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\epcnnfbjfcgphgdmggkamkmgojdagdnn [2016-10-22]
CHR Extension: (Tabuľky Google) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-06]
CHR Extension: (Marlies Dekkers) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\fepnljgdbelppefncogilfbjikmnbhjm [2015-04-08]
CHR Extension: (Web Components) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\filcobblndaenakhejinpjdblekilpgn [2016-03-02]
CHR Extension: (Vzdialená plocha Chrome) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2016-07-19]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (The Great Suspender) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\klbibkeccnjlkjkiokjodocebajanakg [2015-04-08]
CHR Extension: (Google Play) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2015-04-08]
CHR Extension: (Save as PDF) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpdjmbiefanbdgnkcikhllpmjnnllbbc [2015-04-08]
CHR Extension: (Numerics Calculator & Converter) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\liglcienpnkhdajdfmnpbgmpjglonipe [2015-04-08]
CHR Extension: (Plants vs Zombies) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmcegpfdgcoclcdfkjahiimlikdpnina [2015-04-08]
CHR Extension: (GetThemAll Video Downloader) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbkekaeindpfpcoldfckljplboolgkfm [2016-12-04]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Psykopaint) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjchkcfmigkkhedgjedmffdepgmpfil [2015-04-08]
CHR Extension: (Gmail) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-06]
CHR Extension: (Chrome Media Router) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-18]
CHR Extension: (Privacy Badger) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkehgijcmpdhfbdbbnkijodmdjhbjlgp [2016-12-18]
CHR Extension: (FullRip.net YT Mp3 Downloader) - C:\Program Files (x86)\Google\Chrome\Application\addon [2016-11-13]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [1145928 2016-02-24] (Autodesk Inc.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [1089592 2016-12-13] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [476736 2016-12-13] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [476736 2016-12-13] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1490296 2016-12-13] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [31192 2014-02-07] (Autodesk, Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [350528 2016-11-24] (Avira Operations GmbH & Co. KG)
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\55.0.2883.17\remoting_host.exe [76392 2016-10-16] (Spoločnosť Google Inc.)
R2 EMP_UDSA; C:\Program Files (x86)\EPSON Projector\EPSON USB Display V1.4\EMP_UDSA.exe [98304 2009-03-10] (SEIKO EPSON CORPORATION) [File not signed]
R2 FirebirdServerDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fb_inet_server.exe [3727360 2010-09-17] (Firebird Project) [File not signed]
R2 FirebirdServerKROS_20400; C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\fbserver.exe [3764224 2011-10-11] (Firebird Project) [File not signed]
R2 hasplms; C:\windows\system32\hasplms.exe [4683144 2014-07-17] (SafeNet Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-03-26] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\windows\system32\igfxCUIService.exe [282072 2014-03-10] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-16] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [533760 2014-06-03] (Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-05-22] (LENOVO INCORPORATED.)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-09-26] (Lenovo(beijing) Limited)
R2 LsvUIService; C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe [70416 2014-09-26] (Lenovo)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-01-18] ()
R2 PGService; C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [167176 2014-02-25] (PointGrab LTD)
R2 PG_Service_Launcher; C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe [512776 2014-02-25] (PointGrab LTD)
S3 PhoneCompanionPusher; C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionPusher.exe [285712 2014-09-26] (Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionVap.exe [304144 2014-09-26] (Lenovo)
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [977088 2014-03-02] () [File not signed]
S3 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe [67856 2014-09-26] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 ymc; C:\ProgramData\LenovoTransition\Server\x64\ymc.exe [33040 2014-09-26] (Lenovo)
R2 YogaPicks.AppService; C:\Program Files (x86)\Lenovo\Yoga Picks\Service\x64\YogaPicks.AppService.exe [19440 2014-01-06] ()
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816176 2014-01-18] (Intel® Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\windows\System32\DRIVERS\avgntflt.sys [151352 2016-12-13] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\windows\system32\DRIVERS\avipbb.sys [153904 2016-12-13] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-02] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\windows\system32\DRIVERS\avnetflt.sys [78208 2016-05-10] (Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\windows\System32\Drivers\avusbflt.sys [28272 2016-12-13] (Avira Operations GmbH & Co. KG)
S3 AX88772; C:\windows\system32\DRIVERS\ax88772.sys [113864 2013-07-18] (ASIX Electronics Corp.)
S3 dg_ssudbus; C:\windows\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R2 hardlock; C:\windows\system32\drivers\hardlock.sys [331608 2014-07-17] (SafeNet Inc.)
R3 ibtusb; C:\windows\system32\DRIVERS\ibtusb.sys [142280 2013-10-18] (Intel Corporation)
S3 IT9135BDA; C:\windows\System32\Drivers\IT9135BDA.sys [113280 2010-02-03] (ITE )
R3 MEIx64; C:\windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R3 NETwNb64; C:\windows\system32\DRIVERS\Netwbw02.sys [3433952 2014-02-18] (Intel Corporation)
S3 NETwNe64; C:\windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R2 NPF; C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\npf64.sys [36600 2016-08-17] (Riverbed Technology, Inc.)
S3 RTL2832UBDA; C:\Windows\SysWOW64\drivers\RTL2832UBDA.sys [237968 2013-11-18] (REALTEK SEMICONDUCTOR Corp.)
S3 RTL2832UUSB; C:\Windows\SysWOW64\Drivers\RTL2832UUSB.sys [39056 2013-11-18] (REALTEK SEMICONDUCTOR Corp.)
R3 SensorsServiceDriver; C:\windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
S3 ssudmdm; C:\windows\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 TTDrv; D:\KOPLAYER\vbox\TTDrv.sys [261104 2015-12-22] (Oracle Corporation)
S3 usbrndis6; C:\windows\system32\DRIVERS\usb80236.sys [20992 2015-04-25] (Microsoft Corporation)
S3 WdBoot; C:\windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
R3 WinDriver6; C:\windows\system32\drivers\windrvr6.sys [268800 2014-01-28] (Jungo Connectivity)
S3 wsvd; C:\windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
S3 rtsuvc; \SystemRoot\system32\DRIVERS\rtsuvc.sys [X]
S3 SmbDrvI; \SystemRoot\system32\DRIVERS\Smb_driver_Intel.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-01-11 18:26 - 2017-01-11 18:27 - 00034846 _____ C:\Users\Pedro\Desktop\FRST.txt
2017-01-11 18:22 - 2017-01-11 18:23 - 02419200 _____ (Farbar) C:\Users\Pedro\Desktop\FRST64.exe
2017-01-09 21:46 - 2017-01-11 17:41 - 00000000 ____D C:\Users\Pedro\AppData\LocalLow\Mozilla
2017-01-06 19:45 - 2017-01-06 19:45 - 00019589 _____ C:\Users\Pedro\Downloads\[SkT]Godzilla_(2014)(CZ)_=_CSFD_64%.torrent
2017-01-06 16:34 - 2017-01-06 16:34 - 00000000 ____D C:\Users\Pedro\Desktop\Synaptics_v17_0_19_C_XP32_Vista32_Win7-32_XP64_Vista64_Win7-64_Acme_Inc
2017-01-06 15:07 - 2017-01-06 16:07 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\Apple Computer
2017-01-06 15:07 - 2017-01-06 15:07 - 00001776 _____ C:\Users\Public\Desktop\iTunes.lnk
2017-01-06 15:07 - 2017-01-06 15:07 - 00000000 ____D C:\Users\Pedro\AppData\Local\Apple Computer
2017-01-06 15:07 - 2017-01-06 15:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2017-01-06 15:06 - 2017-01-06 15:07 - 00000000 ____D C:\Program Files\iTunes
2017-01-06 15:06 - 2017-01-06 15:06 - 00000000 ____D C:\ProgramData\Apple Computer
2017-01-06 15:06 - 2017-01-06 15:06 - 00000000 ____D C:\Program Files\iPod
2017-01-06 15:04 - 2017-01-06 15:04 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2017-01-06 15:04 - 2017-01-06 15:04 - 00000000 ____D C:\windows\System32\Tasks\Apple
2017-01-06 15:04 - 2017-01-06 15:04 - 00000000 ____D C:\Users\Pedro\AppData\Local\Apple
2017-01-06 15:04 - 2017-01-06 15:04 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2017-01-06 15:03 - 2017-01-06 15:06 - 00000000 ____D C:\Program Files\Common Files\Apple
2017-01-06 15:03 - 2017-01-06 15:03 - 00000000 ____D C:\Program Files\Bonjour
2017-01-06 15:03 - 2017-01-06 15:03 - 00000000 ____D C:\Program Files (x86)\Bonjour
2017-01-06 15:02 - 2017-01-06 15:04 - 00000000 ____D C:\ProgramData\Apple
2017-01-06 11:39 - 2017-01-06 11:39 - 00001355 _____ C:\Users\Pedro\Desktop\CopyTrans Control Center.lnk
2017-01-06 11:39 - 2017-01-06 11:39 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Control Center
2017-01-06 11:36 - 2017-01-06 11:43 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\WindSolutions
2017-01-06 11:36 - 2017-01-06 11:42 - 00000000 ____D C:\ProgramData\WindSolutions
2017-01-06 00:37 - 2017-01-06 00:39 - 00014557 _____ C:\Users\Pedro\Downloads\[SkT]Zaklety_v_case_-_Zena_cestovatela_v_case_-_The_Time_Traveler's_Wife_(2009)(CZ)_=_CSFD_72%.torrent
2017-01-06 00:33 - 2017-01-06 00:33 - 00013800 _____ C:\Users\Pedro\Downloads\[SkT]Bojovnik_-_Southpaw_(2015)(CZ)_=_CSFD_74%.torrent
2017-01-03 13:44 - 2017-01-03 13:44 - 00002096 _____ C:\Users\Public\Desktop\ALFA plus.lnk
2017-01-03 13:44 - 2017-01-03 13:44 - 00002038 _____ C:\Users\Public\Desktop\Daňové priznania.lnk
2017-01-02 23:58 - 2017-01-02 23:58 - 00000000 ____D C:\windows\LastGood.Tmp
2016-12-29 12:44 - 2016-12-29 12:44 - 00013155 _____ C:\Users\Pedro\Downloads\[SkT]Prevrat_-_No_Escape_(2015)(CZ)_=_CSFD_71%.torrent
2016-12-29 12:00 - 2016-12-29 12:00 - 00002974 _____ C:\windows\System32\Tasks\RunUninstallTool_SkipUac
2016-12-27 18:42 - 2016-12-27 18:42 - 00000848 _____ C:\Users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\filmy D.lnk
2016-12-27 17:54 - 2016-12-27 17:55 - 00016167 _____ C:\Users\Pedro\Downloads\[SkT]Vinnetou_-_Winnetou_&_Old_Shatterhand_E01_-_Novy_svet_(2016)(SK)[TvRip].torrent
2016-12-27 17:51 - 2016-12-27 17:51 - 00014607 _____ C:\Users\Pedro\Downloads\[SkT]Fantasticky_pan_Lisak_-_Fantastic_Mr._Fox_(2009)(CZ)_=_CSFD_79%.torrent
2016-12-26 12:42 - 2016-12-26 12:45 - 00000000 ____D C:\Users\Pedro\Desktop\SOUNDS
2016-12-25 13:21 - 2016-12-25 13:21 - 00014320 _____ C:\Users\Pedro\Downloads\[SkT]De_Surprise_(2015)(CZ)_=_CSFD_64%.torrent
2016-12-23 10:03 - 2016-12-29 11:58 - 00000000 ____D C:\Program Files\Malwarebytes
2016-12-20 21:22 - 2016-12-20 21:22 - 00020042 _____ C:\Users\Pedro\Downloads\[SkT]Kyky_Ryky_a_par_vajec_-_Un_gallo_con_muchos_huevos_(2015)(CZ-SK)_=_CSFD_51%.torrent
2016-12-20 21:21 - 2016-12-20 21:21 - 00013725 _____ C:\Users\Pedro\Downloads\[SkT]Schneider_vs._Bax_(2015)(CZ)[WebRip]_=_CSFD_66%.torrent
2016-12-20 21:18 - 2016-12-20 21:18 - 00010951 _____ C:\Users\Pedro\Downloads\[SkT]Tajny_zivot_mazlicku_-_The_Secret_Life_of_Pets_(2016)(CZ-EN)[720p]_=_CSFD_68%.torrent
2016-12-18 13:11 - 2017-01-10 22:22 - 00000000 ____D C:\Users\Pedro\AppData\LocalLow\uTorrent
2016-12-14 20:35 - 2016-12-01 15:13 - 00869576 _____ (Microsoft Corporation) C:\windows\system32\msvcr120_clr0400.dll
2016-12-14 20:35 - 2016-12-01 15:13 - 00678592 _____ (Microsoft Corporation) C:\windows\system32\msvcp120_clr0400.dll
2016-12-14 20:35 - 2016-12-01 15:11 - 00875720 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcr120_clr0400.dll
2016-12-14 20:35 - 2016-12-01 15:11 - 00536768 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcp120_clr0400.dll
2016-12-14 20:35 - 2016-10-20 14:14 - 00029888 _____ (Microsoft Corporation) C:\windows\system32\aspnet_counters.dll
2016-12-14 20:35 - 2016-10-20 14:10 - 00028352 _____ (Microsoft Corporation) C:\windows\SysWOW64\aspnet_counters.dll
2016-12-14 15:44 - 2016-11-19 22:24 - 00567152 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2016-12-14 15:44 - 2016-11-19 22:24 - 00152856 _____ (Microsoft Corporation) C:\windows\system32\bcrypt.dll
2016-12-14 15:44 - 2016-11-19 20:29 - 00401408 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2016-12-14 15:44 - 2016-11-19 19:44 - 00445440 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2016-12-14 15:44 - 2016-11-19 18:53 - 00324096 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2016-12-14 15:44 - 2016-11-19 18:22 - 00111104 _____ (Microsoft Corporation) C:\windows\SysWOW64\bcrypt.dll
2016-12-14 15:44 - 2016-11-16 22:49 - 00377176 _____ (Microsoft Corporation) C:\windows\system32\Drivers\clfs.sys
2016-12-14 15:44 - 2016-11-12 22:06 - 00738104 _____ (Microsoft Corporation) C:\windows\system32\d3d10level9.dll
2016-12-14 15:44 - 2016-11-12 20:38 - 00613632 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10level9.dll
2016-12-14 15:44 - 2016-11-12 20:25 - 00576000 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2016-12-14 15:44 - 2016-11-12 20:08 - 25759744 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2016-12-14 15:44 - 2016-11-12 20:07 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2016-12-14 15:44 - 2016-11-12 19:53 - 06049280 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2016-12-14 15:44 - 2016-11-12 19:29 - 00498688 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2016-12-14 15:44 - 2016-11-12 19:23 - 01033216 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2016-12-14 15:44 - 2016-11-12 19:17 - 20302848 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2016-12-14 15:44 - 2016-11-12 19:14 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2016-12-14 15:44 - 2016-11-12 19:10 - 00806912 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2016-12-14 15:44 - 2016-11-12 18:45 - 00880640 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2016-12-14 15:44 - 2016-11-12 18:41 - 15257088 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2016-12-14 15:44 - 2016-11-12 18:38 - 00693248 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2016-12-14 15:44 - 2016-11-12 18:37 - 04608000 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2016-12-14 15:44 - 2016-11-12 18:35 - 02920960 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2016-12-14 15:44 - 2016-11-12 18:21 - 13653504 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2016-12-14 15:44 - 2016-11-12 18:20 - 01543680 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2016-12-14 15:44 - 2016-11-12 18:11 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2016-12-14 15:44 - 2016-11-12 18:05 - 02444800 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2016-12-14 15:44 - 2016-11-12 18:02 - 01312256 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2016-12-14 15:44 - 2016-11-12 18:02 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2016-12-14 15:44 - 2016-11-11 03:33 - 01541240 _____ (Microsoft Corporation) C:\windows\system32\user32.dll
2016-12-14 15:44 - 2016-11-09 18:25 - 01376768 _____ (Microsoft Corporation) C:\windows\SysWOW64\user32.dll
2016-12-14 15:44 - 2016-11-05 21:46 - 00422744 ____C (Microsoft Corporation) C:\windows\system32\Drivers\spaceport.sys
2016-12-14 15:44 - 2016-11-05 19:35 - 04169216 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2016-12-14 15:44 - 2016-11-05 18:57 - 03320320 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2016-12-14 15:44 - 2016-11-05 18:11 - 03606528 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2016-12-14 15:44 - 2016-11-05 16:56 - 02778624 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2016-12-14 15:44 - 2016-11-05 16:46 - 02463744 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2016-12-14 15:44 - 2016-10-28 03:56 - 01380048 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2016-12-14 15:44 - 2016-10-27 15:28 - 01097728 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2016-12-14 15:44 - 2016-10-12 22:49 - 00379224 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys
2016-12-14 15:44 - 2016-10-12 22:11 - 00922968 _____ (Microsoft Corporation) C:\windows\system32\Drivers\refs.sys
2016-12-14 15:44 - 2016-10-11 17:45 - 00175104 _____ (Microsoft Corporation) C:\windows\system32\TpmTasks.dll
2016-12-14 15:44 - 2016-10-11 00:31 - 00990040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\http.sys
2016-12-14 15:44 - 2016-10-10 19:18 - 00069976 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2016-12-14 15:44 - 2016-10-10 19:18 - 00022360 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cmimcext.sys
2016-12-14 15:44 - 2016-10-09 15:17 - 00229888 _____ (Microsoft Corporation) C:\windows\system32\ActionQueue.dll
2016-12-14 15:44 - 2016-10-09 15:08 - 00116224 _____ (Microsoft Corporation) C:\windows\system32\shsetup.dll
2016-12-14 15:44 - 2016-10-09 15:08 - 00095232 _____ (Microsoft Corporation) C:\windows\SysWOW64\shsetup.dll
2016-12-14 15:44 - 2016-10-08 23:24 - 00658432 _____ (Microsoft Corporation) C:\windows\system32\dnsapi.dll
2016-12-14 15:44 - 2016-10-08 22:31 - 00498688 _____ (Microsoft Corporation) C:\windows\SysWOW64\dnsapi.dll
2016-12-14 15:44 - 2016-10-08 22:10 - 03547648 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2016-12-14 15:44 - 2016-10-05 15:01 - 01200128 _____ (Microsoft Corporation) C:\windows\system32\Windows.Globalization.dll
2016-12-14 15:44 - 2016-10-05 15:00 - 00868864 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Globalization.dll
2016-12-14 15:44 - 2016-10-05 15:00 - 00323072 _____ (Microsoft Corporation) C:\windows\system32\GlobCollationHost.dll
2016-12-14 15:44 - 2016-10-05 14:52 - 00513456 _____ C:\windows\SysWOW64\locale.nls
2016-12-14 15:44 - 2016-10-05 14:52 - 00513456 _____ C:\windows\system32\locale.nls
2016-12-14 15:44 - 2016-10-05 05:15 - 01969944 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2016-12-14 15:44 - 2016-10-05 05:15 - 01613528 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2016-12-14 15:44 - 2016-10-05 05:15 - 00324896 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2016-12-14 15:44 - 2016-10-05 05:15 - 00245320 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll
2016-12-14 15:44 - 2016-09-27 21:16 - 00445873 _____ C:\windows\system32\ApnDatabase.xml
2016-12-14 15:44 - 2016-09-20 23:30 - 02462040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2016-12-12 00:03 - 2016-12-12 00:02 - 00010232 _____ C:\Users\Pedro\Desktop\triakovy regulator AC dimmer.jpg

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-01-11 18:25 - 2016-06-17 14:34 - 00000000 ____D C:\FRST
2017-01-11 18:23 - 2015-03-22 14:18 - 00000830 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2017-01-11 18:09 - 2015-01-24 14:13 - 00024796 _____ C:\Users\Pedro\AppData\Roaming\Notepad2.ini
2017-01-11 18:01 - 2015-01-02 09:50 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\GmailNotifierPro
2017-01-11 17:35 - 2014-03-18 10:53 - 00865408 _____ C:\windows\system32\PerfStringBackup.INI
2017-01-11 17:35 - 2013-08-22 14:36 - 00000000 ____D C:\windows\Inf
2017-01-11 17:32 - 2016-12-02 08:44 - 00000000 ____D C:\ProgramData\firebird
2017-01-11 17:31 - 2014-12-31 15:04 - 00000000 ___RD C:\gd
2017-01-11 17:27 - 2013-08-22 15:45 - 00000006 ____H C:\windows\Tasks\SA.DAT
2017-01-11 17:26 - 2014-09-26 21:37 - 00004608 _____ C:\windows\system32\VfService.trf
2017-01-11 17:23 - 2013-08-22 16:36 - 00000000 ____D C:\windows\system32\NDF
2017-01-10 22:25 - 2014-12-30 23:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-01-10 22:25 - 2013-08-22 14:25 - 00524288 ___SH C:\windows\system32\config\BBI
2017-01-10 22:22 - 2015-01-02 17:53 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\uTorrent
2017-01-10 18:23 - 2015-03-22 14:18 - 00003718 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2017-01-10 18:23 - 2013-08-22 16:36 - 00000000 ____D C:\windows\SysWOW64\Macromed
2017-01-10 18:23 - 2013-08-22 16:36 - 00000000 ____D C:\windows\system32\Macromed
2017-01-10 02:46 - 2014-12-30 22:24 - 00003600 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2121847970-1608828601-3914908799-1001
2017-01-09 21:46 - 2014-12-30 23:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-01-09 21:42 - 2014-12-30 22:17 - 00000000 ____D C:\Users\Pedro
2017-01-07 20:56 - 2015-01-02 17:57 - 00000000 ____D C:\=DOWNLOADS=
2017-01-07 14:26 - 2016-10-12 09:21 - 00004992 _____ C:\windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Lenpedro-Pedro Lenpedro
2017-01-06 17:30 - 2015-01-26 12:59 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\Mp3tag
2017-01-06 10:12 - 2015-01-08 19:09 - 00000000 ____D C:\Users\Pedro\AppData\Local\ElevatedDiagnostics
2017-01-03 09:06 - 2016-11-02 00:12 - 00000000 ____D C:\Users\Pedro\AppData\Local\Epic Privacy Browser
2017-01-02 23:55 - 2016-01-26 15:12 - 00018960 _____ (Logitech, Inc.) C:\windows\system32\Drivers\LNonPnP.sys
2016-12-29 12:01 - 2014-12-30 23:54 - 00000000 ____D C:\Program Files\Uninstall Tool
2016-12-29 12:00 - 2014-12-30 23:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uninstall Tool
2016-12-29 01:55 - 2016-05-05 07:17 - 00000000 ____D C:\Users\Pedro\Desktop\Plocha 2
2016-12-27 18:42 - 2014-12-30 22:17 - 00000564 ___SH C:\Users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini
2016-12-24 13:21 - 2016-05-18 23:03 - 00000000 ____D C:\Users\Pedro\Desktop\music
2016-12-23 10:03 - 2016-01-26 00:36 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-12-23 00:32 - 2015-11-27 22:38 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\Skype
2016-12-21 04:16 - 2013-08-22 16:36 - 00000000 ____D C:\windows\system32\catroot2
2016-12-19 20:45 - 2013-08-22 16:36 - 00000000 ____D C:\windows\rescache
2016-12-19 09:14 - 2013-08-22 16:36 - 00000000 __RSD C:\windows\assembly
2016-12-18 11:45 - 2013-08-22 15:44 - 05125792 _____ C:\windows\system32\FNTCACHE.DAT
2016-12-18 11:40 - 2014-09-26 20:09 - 00524288 ___SH C:\windows\system32\config\DRIVERS{e1793794-0b3d-11e3-9dfe-80de722c933b}.TMContainer00000000000000000001.regtrans-ms
2016-12-18 11:40 - 2014-09-26 20:09 - 00065536 ___SH C:\windows\system32\config\DRIVERS{e1793794-0b3d-11e3-9dfe-80de722c933b}.TM.blf
2016-12-18 11:36 - 2013-08-22 16:36 - 00000000 ____D C:\windows\SysWOW64\sk-SK
2016-12-18 11:36 - 2013-08-22 16:36 - 00000000 ____D C:\windows\SysWOW64\en-US
2016-12-18 11:36 - 2013-08-22 16:36 - 00000000 ____D C:\windows\system32\sk-SK
2016-12-18 11:36 - 2013-08-22 16:36 - 00000000 ____D C:\windows\system32\en-US
2016-12-18 11:36 - 2013-08-22 14:36 - 00000000 ____D C:\windows\system32\wbem
2016-12-18 11:36 - 2013-08-22 14:36 - 00000000 ____D C:\windows\system32\oobe
2016-12-17 00:33 - 2014-12-31 14:25 - 00003368 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-17 00:33 - 2014-12-31 14:25 - 00003240 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-15 00:30 - 2015-04-06 00:28 - 00002238 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-14 20:47 - 2013-08-22 16:20 - 00000000 ____D C:\windows\CbsTemp
2016-12-14 20:44 - 2014-12-30 23:52 - 00000000 ____D C:\windows\system32\MRT
2016-12-14 20:38 - 2014-12-30 23:52 - 135632432 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2016-12-13 23:30 - 2015-01-02 08:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-12-13 18:23 - 2014-09-26 20:53 - 00000000 ____D C:\ProgramData\Package Cache
2016-12-13 00:08 - 2014-12-31 00:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-12-13 00:07 - 2016-10-11 20:27 - 00028272 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avusbflt.sys
2016-12-13 00:07 - 2014-12-31 00:26 - 00153904 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2016-12-13 00:07 - 2014-12-31 00:26 - 00151352 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys
2016-12-12 00:00 - 2016-11-12 14:48 - 00835576 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2016-12-12 00:00 - 2016-11-12 14:48 - 00177656 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2015-01-21 16:05 - 2000-06-08 14:46 - 0003638 _____ () C:\Program Files (x86)\Common Files\Config.ico
2015-01-21 16:05 - 2008-07-25 11:17 - 0558080 _____ (Microsoft Corporation) C:\Program Files (x86)\Common Files\MSVCP80.dll
2015-01-21 16:05 - 2008-07-25 11:17 - 0635904 _____ (Microsoft Corporation) C:\Program Files (x86)\Common Files\MSVCR80.dll
2015-02-12 18:16 - 2015-04-21 12:03 - 0000132 _____ () C:\Users\Pedro\AppData\Roaming\Adobe Formát GIF CS5 – předvolby
2015-03-08 17:46 - 2016-10-12 11:11 - 0000132 _____ () C:\Users\Pedro\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2015-01-24 14:13 - 2017-01-11 18:09 - 0024796 _____ () C:\Users\Pedro\AppData\Roaming\Notepad2.ini
2016-06-15 21:51 - 2016-06-15 21:51 - 0003584 _____ () C:\Users\Pedro\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-02 12:47 - 2015-01-02 12:47 - 0000017 _____ () C:\Users\Pedro\AppData\Local\resmon.resmoncfg
2016-05-19 08:08 - 2016-05-19 08:08 - 0000003 _____ () C:\Users\Pedro\AppData\Local\updater.log
2016-05-19 08:08 - 2016-08-07 12:47 - 0000424 _____ () C:\Users\Pedro\AppData\Local\UserProducts.xml
2014-09-26 20:52 - 2014-09-26 20:52 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-06-08 22:18 - 2016-06-16 23:23 - 0001510 _____ () C:\ProgramData\LmeUSB.log
2016-06-08 22:18 - 2016-06-16 23:23 - 0001482 _____ () C:\ProgramData\LmeZJSW.log
2016-06-08 22:18 - 2016-06-16 23:23 - 0001509 _____ () C:\ProgramData\LSDmbTH.log
2016-05-26 12:46 - 2016-05-26 12:46 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

Some files in TEMP:
====================
C:\Users\Pedro\AppData\Local\Temp\AdbeRdr930_sk_SK.exe
C:\Users\Pedro\AppData\Local\Temp\FirebirdServerSetupZip.exe


==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-01-10 20:26

==================== End of FRST.txt ============================

Zdravím!
Toto nemusí být vůbec problém zapleveleného PC. Zkusíme vyčistit. Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

ok.

# AdwCleaner v6.042 - *Logfile created 11/01/2017 *at 21:10:24
# *Updated on 06/01/2017 by Malwarebytes
# *Database : 2017-01-11.1 [*Server]
# *Operating System : Windows 8.1 (X64)
# *Username : Pedro - LENPEDRO
# *Running from : C:\Users\Pedro\Desktop\adwcleaner_6.042.exe
# *Mode: Clean
# *Support : https://www.malwarebytes.com/support



***** [ *Services ] *****



***** [ *Folders ] *****

[-] *Folder deleted: C:\ProgramData\Thunder Network
[#] *Folder deleted on reboot: C:\ProgramData\Application Data\Thunder Network
[-] *Folder deleted: C:\Users\Public\Pokki


***** [ *Files ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ *Shortcuts ] *****

[-] *Shortcut disinfected: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RemoteControl for Winamp\Uninstall RemoteControl for Winamp.lnk


***** [ *Scheduled Tasks ] *****



***** [ *Registry ] *****



***** [ *Browsers ] *****

[-] [C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] *Deleted: slunecnice.cz
[-] [C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] *Deleted: dchublist.com
[-] [C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] *Deleted: folder_colorizer.en.softonic.com
[-] [C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] *Deleted: kmplayer.en.softonic.com
[-] [C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] *Deleted: winamp.en.softonic.com
[-] [C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] *Deleted: smplayer.en.softonic.com
[-] [C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] *Deleted: zoom-player.en.softonic.com


*************************

:: *"Tracing" keys deleted
:: *Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [4956 *Bytes] - [10/09/2016 20:48:47]
C:\AdwCleaner\AdwCleaner[C2].txt - [2054 *Bytes] - [11/01/2017 21:10:24]
C:\AdwCleaner\AdwCleaner[S0].txt - [4874 *Bytes] - [10/09/2016 20:38:01]
C:\AdwCleaner\AdwCleaner[S1].txt - [2395 *Bytes] - [11/01/2017 21:02:06]

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [2276 *Bytes] ##########


Teraz po reštarte vyzerá ok, ešte treba ale počkať, lebo ako vravím, kolísalo to.

Dejte nový log FRST.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-01-2017
Ran by Pedro (administrator) on LENPEDRO (13-01-2017 08:43:00)
Running from C:\Users\Pedro\Desktop
Loaded Profiles: Pedro (Available Profiles: Pedro)
Platform: Windows 8.1 (Update) (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Spoločnosť Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\55.0.2883.17\remoting_host.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Projector\EPSON USB Display V1.4\EMP_UDSA.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Spoločnosť Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\55.0.2883.17\remoting_host.exe
(Firebird Project) C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fb_inet_server.exe
(Firebird Project) C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\fbserver.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(LENOVO INCORPORATED.) C:\Program Files\lenovo\iMController\SystemAgentService.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\WebcamSplitterServer.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
(Lenovo) C:\ProgramData\LenovoTransition\Server\x64\ymc.exe
() C:\Program Files (x86)\Lenovo\Yoga Picks\Service\x64\YogaPicks.AppService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(IntelliBreeze Software AB) C:\Program Files (x86)\Gmail Notifier Pro\GmailNotifierPro.exe
(Thomas Ascher) C:\Program Files (x86)\ATnotes\ATnotes.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.1\Lightshot.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winamp.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\WinStore\WSHost.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-03-26] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-01-22] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374936 2014-01-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374936 2014-01-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374936 2014-01-13] (Realtek Semiconductor)
HKLM\...\Run: [Yoga PhoneCompanion] => C:\Program Files\Lenovo Yoga PhoneCompanion\Yoga Phone Companion.exe [844304 2014-09-26] (Lenovo)
HKLM\...\Run: [AutoStartTransition] => C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe [294672 2014-09-26] ()
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15813616 2014-09-26] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2014-09-26] (Lenovo(beijing) Limited)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-26] (Logitech, Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-12-06] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [917576 2016-12-13] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [EPSON_UD_START] => C:\Program Files (x86)\EPSON Projector\EPSON USB Display V1.4\EMP_UD.exe [329632 2009-01-21] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [ChangeFilterMerit] => C:\Program Files (x86)\NewSoft\Presto! PVR\ChangeFilterMerit.exe [51280 2007-06-08] (NewSoft)
HKLM-x32\...\Run: [Presto! PVR Monitor] => C:\Program Files (x86)\NewSoft\Presto! PVR\Monitor.exe [157520 2010-03-24] (NewSoft)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2016-07-11] ()
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [529480 2016-02-24] (Autodesk Inc.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [60136 2016-11-15] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35760 2009-12-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [948672 2009-12-11] (Adobe Systems Incorporated)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23818360 2016-11-30] (Google)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [GmailNotifierPro] => C:\Program Files (x86)\Gmail Notifier Pro\GmailNotifierPro.exe [2881752 2016-02-16] (IntelliBreeze Software AB)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [ATnotes.exe] => C:\Program Files (x86)\ATnotes\ATnotes.exe [1015808 2005-01-05] (Thomas Ascher)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [Epson Stylus SX110] => C:\windows\system32\spool\DRIVERS\x64\3\E_IATIFBE.EXE [223232 2008-09-26] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [BlazeServoTool] => C:\Program Files (x86)\BlazeVideo\BlazeDTV 6.0\MediaDetector.exe [286720 2010-03-06] (BlazeVideo Company)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [Epic Privacy Browser Installer] => C:\Users\Pedro\AppData\Local\Epic Privacy Browser\Installer\EpicUpdate.exe [509096 2016-11-02] (Epic Privacy Browser)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27226072 2016-11-03] (Skype Technologies S.A.)
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Policies\Explorer: []
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\MountPoints2: {54f0470c-b2cd-11e4-827e-e8b1fc0cf016} - "F:\Startme.exe"
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\MountPoints2: {e8b0ea66-16c9-11e5-82a0-e8b1fc0cf016} - "F:\EMP_UDSe.exe" /autorun
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\windows\system32\AcSignIcon.dll [2016-05-24] (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ALFA plus - rýchle spustenie.lnk [2017-01-03]
ShortcutTarget: ALFA plus - rýchle spustenie.lnk -> C:\Program Files (x86)\KROS\ALFA plus\!System\ALFAplus.exe (KROS a.s.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 127.0.0.1 activate.adobe.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{C6E367B2-F55B-4323-999C-A41A39572233}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.sk/
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2121847970-1608828601-3914908799-1001 -> DefaultScope {EC5134AD-236A-4D0A-996F-7C41A1CC9C50} URL =
SearchScopes: HKU\S-1-5-21-2121847970-1608828601-3914908799-1001 -> {EC5134AD-236A-4D0A-996F-7C41A1CC9C50} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-11-12] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-24] (Oracle Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-24] (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21] (Adobe Systems Incorporated)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2014-11-12] (Microsoft Corporation)
IE Session Restore: HKU\S-1-5-21-2121847970-1608828601-3914908799-1001 -> is enabled.
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-10-14] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - No File

FireFox:
========
FF DefaultProfile: esgz87fp.default
FF ProfilePath: C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\esgz87fp.default [2017-01-13]
FF Homepage: Mozilla\Firefox\Profiles\esgz87fp.default -> google.sk
FF Session Restore: Mozilla\Firefox\Profiles\esgz87fp.default -> is enabled.
FF Extension: (Flash Video Downloader - YouTube HD Download [4K]) - C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\esgz87fp.default\Extensions\artur.dubovoy@gmail.com [2017-01-09]
FF Extension: (Magic Actions for YouTube™) - C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\esgz87fp.default\Extensions\jid0-UVAeBCfd34Kk5usS8A1CBiobvM8@jetpack.xpi [2017-01-09]
FF Extension: (Slovak (SK) Language Pack) - C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\esgz87fp.default\Extensions\langpack-sk@firefox.mozilla.org.xpi [2017-01-09]
FF Extension: (Adblock Plus) - C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\esgz87fp.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-01-07]
FF Extension: (JavaScript Debugger) - C:\Users\Pedro\AppData\Roaming\Mozilla\Firefox\Profiles\esgz87fp.default\Extensions\{f13b157f-b174-47e7-a34d-4815ddfdfeb8}.xpi [2016-05-02]
FF Extension: (Skype) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-05-25]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2016-01-26] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-10] ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-24] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-24] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-10] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-05-21] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @nullsoft.com/winampDetector;version=1 -> C:\Program Files (x86)\Winamp Detect\npwachk.dll [2013-11-20] (Nullsoft, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Web Components -> C:\Program Files (x86)\Web Components\npWebVideoPlugin.dll [2016-07-16] ()
FF Plugin HKU\S-1-5-21-2121847970-1608828601-3914908799-1001: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=3 -> C:\Users\Pedro\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\npEpicUpdate3.dll [2016-11-02] (Epic Privacy Browser)
FF Plugin HKU\S-1-5-21-2121847970-1608828601-3914908799-1001: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=9 -> C:\Users\Pedro\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\npEpicUpdate3.dll [2016-11-02] (Epic Privacy Browser)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2014-05-21] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2009-12-21] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.sk/
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default [2017-01-11]
CHR Extension: (QR kód) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaephdgbinagkeepamlbkhkfbiaedabm [2015-04-08]
CHR Extension: (Prezentácie Google) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-06]
CHR Extension: (Magic Actions for YouTube™) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2017-01-05]
CHR Extension: (BIODIGITAL HUMAN) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak [2015-04-08]
CHR Extension: (Xmarks Bookmark Sync) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla [2015-04-08]
CHR Extension: (Angry Birds) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2015-04-08]
CHR Extension: (Dokumenty Google) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-06]
CHR Extension: (Disk Google) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-24]
CHR Extension: (Turn Off the Lights) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2017-01-03]
CHR Extension: (Browser To Phone) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgmhcfmipjjciolmfonkjnhpbnfniahh [2015-04-08]
CHR Extension: (YouTube) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Google Search) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-02]
CHR Extension: (uBlock) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\epcnnfbjfcgphgdmggkamkmgojdagdnn [2016-10-22]
CHR Extension: (Tabuľky Google) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-06]
CHR Extension: (Marlies Dekkers) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\fepnljgdbelppefncogilfbjikmnbhjm [2015-04-08]
CHR Extension: (Web Components) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\filcobblndaenakhejinpjdblekilpgn [2016-03-02]
CHR Extension: (Vzdialená plocha Chrome) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2016-07-19]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (The Great Suspender) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\klbibkeccnjlkjkiokjodocebajanakg [2015-04-08]
CHR Extension: (Google Play) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2015-04-08]
CHR Extension: (Save as PDF) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpdjmbiefanbdgnkcikhllpmjnnllbbc [2015-04-08]
CHR Extension: (Numerics Calculator & Converter) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\liglcienpnkhdajdfmnpbgmpjglonipe [2015-04-08]
CHR Extension: (Plants vs Zombies) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmcegpfdgcoclcdfkjahiimlikdpnina [2015-04-08]
CHR Extension: (GetThemAll Video Downloader) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbkekaeindpfpcoldfckljplboolgkfm [2016-12-04]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Psykopaint) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjchkcfmigkkhedgjedmffdepgmpfil [2015-04-08]
CHR Extension: (Gmail) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-06]
CHR Extension: (Chrome Media Router) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-18]
CHR Extension: (Privacy Badger) - C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkehgijcmpdhfbdbbnkijodmdjhbjlgp [2016-12-18]
CHR Extension: (FullRip.net YT Mp3 Downloader) - C:\Program Files (x86)\Google\Chrome\Application\addon [2016-11-13]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [1145928 2016-02-24] (Autodesk Inc.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [1089592 2016-12-13] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [476736 2016-12-13] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [476736 2016-12-13] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1490296 2016-12-13] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [31192 2014-02-07] (Autodesk, Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [350528 2016-11-24] (Avira Operations GmbH & Co. KG)
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\55.0.2883.17\remoting_host.exe [76392 2016-10-16] (Spoločnosť Google Inc.)
R2 EMP_UDSA; C:\Program Files (x86)\EPSON Projector\EPSON USB Display V1.4\EMP_UDSA.exe [98304 2009-03-10] (SEIKO EPSON CORPORATION) [File not signed]
R2 FirebirdServerDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fb_inet_server.exe [3727360 2010-09-17] (Firebird Project) [File not signed]
R2 FirebirdServerKROS_20400; C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\fbserver.exe [3764224 2011-10-11] (Firebird Project) [File not signed]
R2 hasplms; C:\windows\system32\hasplms.exe [4683144 2014-07-17] (SafeNet Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-03-26] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\windows\system32\igfxCUIService.exe [282072 2014-03-10] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-16] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [533760 2014-06-03] (Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-05-22] (LENOVO INCORPORATED.)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-09-26] (Lenovo(beijing) Limited)
R2 LsvUIService; C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe [70416 2014-09-26] (Lenovo)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-01-18] ()
R2 PGService; C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [167176 2014-02-25] (PointGrab LTD)
R2 PG_Service_Launcher; C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe [512776 2014-02-25] (PointGrab LTD)
S3 PhoneCompanionPusher; C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionPusher.exe [285712 2014-09-26] (Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionVap.exe [304144 2014-09-26] (Lenovo)
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [977088 2014-03-02] () [File not signed]
S3 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe [67856 2014-09-26] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 ymc; C:\ProgramData\LenovoTransition\Server\x64\ymc.exe [33040 2014-09-26] (Lenovo)
R2 YogaPicks.AppService; C:\Program Files (x86)\Lenovo\Yoga Picks\Service\x64\YogaPicks.AppService.exe [19440 2014-01-06] ()
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816176 2014-01-18] (Intel® Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\windows\System32\DRIVERS\avgntflt.sys [151352 2016-12-13] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\windows\system32\DRIVERS\avipbb.sys [153904 2016-12-13] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-02] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\windows\system32\DRIVERS\avnetflt.sys [78208 2016-05-10] (Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\windows\System32\Drivers\avusbflt.sys [28272 2016-12-13] (Avira Operations GmbH & Co. KG)
S3 AX88772; C:\windows\system32\DRIVERS\ax88772.sys [113864 2013-07-18] (ASIX Electronics Corp.)
S3 dg_ssudbus; C:\windows\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R2 hardlock; C:\windows\system32\drivers\hardlock.sys [331608 2014-07-17] (SafeNet Inc.)
R3 ibtusb; C:\windows\system32\DRIVERS\ibtusb.sys [142280 2013-10-18] (Intel Corporation)
S3 IT9135BDA; C:\windows\System32\Drivers\IT9135BDA.sys [113280 2010-02-03] (ITE )
R3 MEIx64; C:\windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R3 NETwNb64; C:\windows\system32\DRIVERS\Netwbw02.sys [3433952 2014-02-18] (Intel Corporation)
S3 NETwNe64; C:\windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R2 NPF; C:\Program Files\iVMS-4200 Station\iVMS-4200\iVMS-4200 Client\npf64.sys [36600 2016-08-17] (Riverbed Technology, Inc.)
S3 RTL2832UBDA; C:\Windows\SysWOW64\drivers\RTL2832UBDA.sys [237968 2013-11-18] (REALTEK SEMICONDUCTOR Corp.)
S3 RTL2832UUSB; C:\Windows\SysWOW64\Drivers\RTL2832UUSB.sys [39056 2013-11-18] (REALTEK SEMICONDUCTOR Corp.)
R3 SensorsServiceDriver; C:\windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
S3 ssudmdm; C:\windows\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 TTDrv; D:\KOPLAYER\vbox\TTDrv.sys [261104 2015-12-22] (Oracle Corporation)
S3 usbrndis6; C:\windows\system32\DRIVERS\usb80236.sys [20992 2015-04-25] (Microsoft Corporation)
S3 WdBoot; C:\windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 WinDivert1.1; C:\Program Files\KMSpico\WinDivert.sys [35376 2014-12-31] (Basil Projects)
R3 WinDriver6; C:\windows\system32\drivers\windrvr6.sys [268800 2014-01-28] (Jungo Connectivity)
S3 wsvd; C:\windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
S3 rtsuvc; \SystemRoot\system32\DRIVERS\rtsuvc.sys [X]
S3 SmbDrvI; \SystemRoot\system32\DRIVERS\Smb_driver_Intel.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-01-13 08:42 - 2017-01-13 08:42 - 00000000 ____D C:\Users\Pedro\Desktop\FRST-OlderVersion
2017-01-11 20:58 - 2017-01-11 20:58 - 03988944 _____ C:\Users\Pedro\Desktop\adwcleaner_6.042.exe
2017-01-11 18:28 - 2017-01-11 18:29 - 00065028 _____ C:\Users\Pedro\Desktop\Addition.txt
2017-01-11 18:26 - 2017-01-13 08:43 - 00034542 _____ C:\Users\Pedro\Desktop\FRST.txt
2017-01-11 18:22 - 2017-01-13 08:42 - 02419200 _____ (Farbar) C:\Users\Pedro\Desktop\FRST64.exe
2017-01-09 21:46 - 2017-01-13 08:42 - 00000000 ____D C:\Users\Pedro\AppData\LocalLow\Mozilla
2017-01-06 19:45 - 2017-01-06 19:45 - 00019589 _____ C:\Users\Pedro\Downloads\[SkT]Godzilla_(2014)(CZ)_=_CSFD_64%.torrent
2017-01-06 16:34 - 2017-01-06 16:34 - 00000000 ____D C:\Users\Pedro\Desktop\Synaptics_v17_0_19_C_XP32_Vista32_Win7-32_XP64_Vista64_Win7-64_Acme_Inc
2017-01-06 15:07 - 2017-01-06 16:07 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\Apple Computer
2017-01-06 15:07 - 2017-01-06 15:07 - 00001776 _____ C:\Users\Public\Desktop\iTunes.lnk
2017-01-06 15:07 - 2017-01-06 15:07 - 00000000 ____D C:\Users\Pedro\AppData\Local\Apple Computer
2017-01-06 15:07 - 2017-01-06 15:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2017-01-06 15:06 - 2017-01-06 15:07 - 00000000 ____D C:\Program Files\iTunes
2017-01-06 15:06 - 2017-01-06 15:06 - 00000000 ____D C:\ProgramData\Apple Computer
2017-01-06 15:06 - 2017-01-06 15:06 - 00000000 ____D C:\Program Files\iPod
2017-01-06 15:04 - 2017-01-06 15:04 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2017-01-06 15:04 - 2017-01-06 15:04 - 00000000 ____D C:\windows\System32\Tasks\Apple
2017-01-06 15:04 - 2017-01-06 15:04 - 00000000 ____D C:\Users\Pedro\AppData\Local\Apple
2017-01-06 15:04 - 2017-01-06 15:04 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2017-01-06 15:03 - 2017-01-06 15:06 - 00000000 ____D C:\Program Files\Common Files\Apple
2017-01-06 15:03 - 2017-01-06 15:03 - 00000000 ____D C:\Program Files\Bonjour
2017-01-06 15:03 - 2017-01-06 15:03 - 00000000 ____D C:\Program Files (x86)\Bonjour
2017-01-06 15:02 - 2017-01-06 15:04 - 00000000 ____D C:\ProgramData\Apple
2017-01-06 11:39 - 2017-01-06 11:39 - 00001355 _____ C:\Users\Pedro\Desktop\CopyTrans Control Center.lnk
2017-01-06 11:39 - 2017-01-06 11:39 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Control Center
2017-01-06 11:36 - 2017-01-06 11:43 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\WindSolutions
2017-01-06 11:36 - 2017-01-06 11:42 - 00000000 ____D C:\ProgramData\WindSolutions
2017-01-06 00:37 - 2017-01-06 00:39 - 00014557 _____ C:\Users\Pedro\Downloads\[SkT]Zaklety_v_case_-_Zena_cestovatela_v_case_-_The_Time_Traveler's_Wife_(2009)(CZ)_=_CSFD_72%.torrent
2017-01-06 00:33 - 2017-01-06 00:33 - 00013800 _____ C:\Users\Pedro\Downloads\[SkT]Bojovnik_-_Southpaw_(2015)(CZ)_=_CSFD_74%.torrent
2017-01-03 13:44 - 2017-01-03 13:44 - 00002096 _____ C:\Users\Public\Desktop\ALFA plus.lnk
2017-01-03 13:44 - 2017-01-03 13:44 - 00002038 _____ C:\Users\Public\Desktop\Daňové priznania.lnk
2016-12-29 12:44 - 2016-12-29 12:44 - 00013155 _____ C:\Users\Pedro\Downloads\[SkT]Prevrat_-_No_Escape_(2015)(CZ)_=_CSFD_71%.torrent
2016-12-29 12:00 - 2016-12-29 12:00 - 00002974 _____ C:\windows\System32\Tasks\RunUninstallTool_SkipUac
2016-12-27 18:42 - 2016-12-27 18:42 - 00000848 _____ C:\Users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\filmy D.lnk
2016-12-27 17:54 - 2016-12-27 17:55 - 00016167 _____ C:\Users\Pedro\Downloads\[SkT]Vinnetou_-_Winnetou_&_Old_Shatterhand_E01_-_Novy_svet_(2016)(SK)[TvRip].torrent
2016-12-27 17:51 - 2016-12-27 17:51 - 00014607 _____ C:\Users\Pedro\Downloads\[SkT]Fantasticky_pan_Lisak_-_Fantastic_Mr._Fox_(2009)(CZ)_=_CSFD_79%.torrent
2016-12-26 12:42 - 2016-12-26 12:45 - 00000000 ____D C:\Users\Pedro\Desktop\SOUNDS
2016-12-25 13:21 - 2016-12-25 13:21 - 00014320 _____ C:\Users\Pedro\Downloads\[SkT]De_Surprise_(2015)(CZ)_=_CSFD_64%.torrent
2016-12-23 10:03 - 2016-12-29 11:58 - 00000000 ____D C:\Program Files\Malwarebytes
2016-12-20 21:22 - 2016-12-20 21:22 - 00020042 _____ C:\Users\Pedro\Downloads\[SkT]Kyky_Ryky_a_par_vajec_-_Un_gallo_con_muchos_huevos_(2015)(CZ-SK)_=_CSFD_51%.torrent
2016-12-20 21:21 - 2016-12-20 21:21 - 00013725 _____ C:\Users\Pedro\Downloads\[SkT]Schneider_vs._Bax_(2015)(CZ)[WebRip]_=_CSFD_66%.torrent
2016-12-20 21:18 - 2016-12-20 21:18 - 00010951 _____ C:\Users\Pedro\Downloads\[SkT]Tajny_zivot_mazlicku_-_The_Secret_Life_of_Pets_(2016)(CZ-EN)[720p]_=_CSFD_68%.torrent
2016-12-18 13:11 - 2017-01-10 22:22 - 00000000 ____D C:\Users\Pedro\AppData\LocalLow\uTorrent
2016-12-14 20:35 - 2016-12-01 15:13 - 00869576 _____ (Microsoft Corporation) C:\windows\system32\msvcr120_clr0400.dll
2016-12-14 20:35 - 2016-12-01 15:13 - 00678592 _____ (Microsoft Corporation) C:\windows\system32\msvcp120_clr0400.dll
2016-12-14 20:35 - 2016-12-01 15:11 - 00875720 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcr120_clr0400.dll
2016-12-14 20:35 - 2016-12-01 15:11 - 00536768 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcp120_clr0400.dll
2016-12-14 20:35 - 2016-10-20 14:14 - 00029888 _____ (Microsoft Corporation) C:\windows\system32\aspnet_counters.dll
2016-12-14 20:35 - 2016-10-20 14:10 - 00028352 _____ (Microsoft Corporation) C:\windows\SysWOW64\aspnet_counters.dll
2016-12-14 15:44 - 2016-11-19 22:24 - 00567152 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2016-12-14 15:44 - 2016-11-19 22:24 - 00152856 _____ (Microsoft Corporation) C:\windows\system32\bcrypt.dll
2016-12-14 15:44 - 2016-11-19 20:29 - 00401408 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2016-12-14 15:44 - 2016-11-19 19:44 - 00445440 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2016-12-14 15:44 - 2016-11-19 18:53 - 00324096 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2016-12-14 15:44 - 2016-11-19 18:22 - 00111104 _____ (Microsoft Corporation) C:\windows\SysWOW64\bcrypt.dll
2016-12-14 15:44 - 2016-11-16 22:49 - 00377176 _____ (Microsoft Corporation) C:\windows\system32\Drivers\clfs.sys
2016-12-14 15:44 - 2016-11-12 22:06 - 00738104 _____ (Microsoft Corporation) C:\windows\system32\d3d10level9.dll
2016-12-14 15:44 - 2016-11-12 20:38 - 00613632 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10level9.dll
2016-12-14 15:44 - 2016-11-12 20:25 - 00576000 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2016-12-14 15:44 - 2016-11-12 20:08 - 25759744 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2016-12-14 15:44 - 2016-11-12 20:07 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2016-12-14 15:44 - 2016-11-12 19:53 - 06049280 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2016-12-14 15:44 - 2016-11-12 19:29 - 00498688 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2016-12-14 15:44 - 2016-11-12 19:23 - 01033216 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2016-12-14 15:44 - 2016-11-12 19:17 - 20302848 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2016-12-14 15:44 - 2016-11-12 19:14 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2016-12-14 15:44 - 2016-11-12 19:10 - 00806912 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2016-12-14 15:44 - 2016-11-12 18:45 - 00880640 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2016-12-14 15:44 - 2016-11-12 18:41 - 15257088 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2016-12-14 15:44 - 2016-11-12 18:38 - 00693248 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2016-12-14 15:44 - 2016-11-12 18:37 - 04608000 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2016-12-14 15:44 - 2016-11-12 18:35 - 02920960 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2016-12-14 15:44 - 2016-11-12 18:21 - 13653504 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2016-12-14 15:44 - 2016-11-12 18:20 - 01543680 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2016-12-14 15:44 - 2016-11-12 18:11 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2016-12-14 15:44 - 2016-11-12 18:05 - 02444800 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2016-12-14 15:44 - 2016-11-12 18:02 - 01312256 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2016-12-14 15:44 - 2016-11-12 18:02 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2016-12-14 15:44 - 2016-11-11 03:33 - 01541240 _____ (Microsoft Corporation) C:\windows\system32\user32.dll
2016-12-14 15:44 - 2016-11-09 18:25 - 01376768 _____ (Microsoft Corporation) C:\windows\SysWOW64\user32.dll
2016-12-14 15:44 - 2016-11-05 21:46 - 00422744 ____C (Microsoft Corporation) C:\windows\system32\Drivers\spaceport.sys
2016-12-14 15:44 - 2016-11-05 19:35 - 04169216 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2016-12-14 15:44 - 2016-11-05 18:57 - 03320320 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2016-12-14 15:44 - 2016-11-05 18:11 - 03606528 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2016-12-14 15:44 - 2016-11-05 16:56 - 02778624 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2016-12-14 15:44 - 2016-11-05 16:46 - 02463744 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2016-12-14 15:44 - 2016-10-28 03:56 - 01380048 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2016-12-14 15:44 - 2016-10-27 15:28 - 01097728 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2016-12-14 15:44 - 2016-10-12 22:49 - 00379224 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys
2016-12-14 15:44 - 2016-10-12 22:11 - 00922968 _____ (Microsoft Corporation) C:\windows\system32\Drivers\refs.sys
2016-12-14 15:44 - 2016-10-11 17:45 - 00175104 _____ (Microsoft Corporation) C:\windows\system32\TpmTasks.dll
2016-12-14 15:44 - 2016-10-11 00:31 - 00990040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\http.sys
2016-12-14 15:44 - 2016-10-10 19:18 - 00069976 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2016-12-14 15:44 - 2016-10-10 19:18 - 00022360 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cmimcext.sys
2016-12-14 15:44 - 2016-10-09 15:17 - 00229888 _____ (Microsoft Corporation) C:\windows\system32\ActionQueue.dll
2016-12-14 15:44 - 2016-10-09 15:08 - 00116224 _____ (Microsoft Corporation) C:\windows\system32\shsetup.dll
2016-12-14 15:44 - 2016-10-09 15:08 - 00095232 _____ (Microsoft Corporation) C:\windows\SysWOW64\shsetup.dll
2016-12-14 15:44 - 2016-10-08 23:24 - 00658432 _____ (Microsoft Corporation) C:\windows\system32\dnsapi.dll
2016-12-14 15:44 - 2016-10-08 22:31 - 00498688 _____ (Microsoft Corporation) C:\windows\SysWOW64\dnsapi.dll
2016-12-14 15:44 - 2016-10-08 22:10 - 03547648 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2016-12-14 15:44 - 2016-10-05 15:01 - 01200128 _____ (Microsoft Corporation) C:\windows\system32\Windows.Globalization.dll
2016-12-14 15:44 - 2016-10-05 15:00 - 00868864 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Globalization.dll
2016-12-14 15:44 - 2016-10-05 15:00 - 00323072 _____ (Microsoft Corporation) C:\windows\system32\GlobCollationHost.dll
2016-12-14 15:44 - 2016-10-05 14:52 - 00513456 _____ C:\windows\SysWOW64\locale.nls
2016-12-14 15:44 - 2016-10-05 14:52 - 00513456 _____ C:\windows\system32\locale.nls
2016-12-14 15:44 - 2016-10-05 05:15 - 01969944 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2016-12-14 15:44 - 2016-10-05 05:15 - 01613528 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2016-12-14 15:44 - 2016-10-05 05:15 - 00324896 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2016-12-14 15:44 - 2016-10-05 05:15 - 00245320 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll
2016-12-14 15:44 - 2016-09-27 21:16 - 00445873 _____ C:\windows\system32\ApnDatabase.xml
2016-12-14 15:44 - 2016-09-20 23:30 - 02462040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-01-13 08:43 - 2016-06-17 14:34 - 00000000 ____D C:\FRST
2017-01-13 08:40 - 2014-03-18 10:53 - 00865408 _____ C:\windows\system32\PerfStringBackup.INI
2017-01-13 08:40 - 2013-08-22 14:36 - 00000000 ____D C:\windows\Inf
2017-01-13 08:39 - 2015-01-02 09:50 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\GmailNotifierPro
2017-01-12 07:23 - 2015-03-22 14:18 - 00000830 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2017-01-12 03:47 - 2014-12-30 23:52 - 00000000 ____D C:\windows\system32\MRT
2017-01-12 03:47 - 2013-08-22 16:20 - 00000000 ____D C:\windows\CbsTemp
2017-01-12 01:02 - 2014-12-30 23:52 - 135657872 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2017-01-12 00:07 - 2015-01-24 14:13 - 00024796 _____ C:\Users\Pedro\AppData\Roaming\Notepad2.ini
2017-01-11 21:25 - 2014-12-30 22:24 - 00003600 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2121847970-1608828601-3914908799-1001
2017-01-11 21:18 - 2014-12-31 15:04 - 00000000 ___RD C:\gd
2017-01-11 21:14 - 2013-08-22 15:45 - 00000006 ____H C:\windows\Tasks\SA.DAT
2017-01-11 21:10 - 2016-09-10 20:35 - 00000000 ____D C:\AdwCleaner
2017-01-11 21:10 - 2015-04-12 21:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RemoteControl for Winamp
2017-01-11 21:10 - 2014-09-26 21:37 - 00004608 _____ C:\windows\system32\VfService.trf
2017-01-11 17:32 - 2016-12-02 08:44 - 00000000 ____D C:\ProgramData\firebird
2017-01-11 17:23 - 2013-08-22 16:36 - 00000000 ____D C:\windows\system32\NDF
2017-01-10 22:25 - 2014-12-30 23:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-01-10 22:25 - 2013-08-22 14:25 - 00524288 ___SH C:\windows\system32\config\BBI
2017-01-10 22:22 - 2015-01-02 17:53 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\uTorrent
2017-01-10 18:23 - 2015-03-22 14:18 - 00003718 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2017-01-10 18:23 - 2013-08-22 16:36 - 00000000 ____D C:\windows\SysWOW64\Macromed
2017-01-10 18:23 - 2013-08-22 16:36 - 00000000 ____D C:\windows\system32\Macromed
2017-01-09 21:46 - 2014-12-30 23:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-01-09 21:42 - 2014-12-30 22:17 - 00000000 ____D C:\Users\Pedro
2017-01-07 20:56 - 2015-01-02 17:57 - 00000000 ____D C:\=DOWNLOADS=
2017-01-07 14:26 - 2016-10-12 09:21 - 00004992 _____ C:\windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Lenpedro-Pedro Lenpedro
2017-01-06 17:30 - 2015-01-26 12:59 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\Mp3tag
2017-01-06 10:12 - 2015-01-08 19:09 - 00000000 ____D C:\Users\Pedro\AppData\Local\ElevatedDiagnostics
2017-01-03 09:06 - 2016-11-02 00:12 - 00000000 ____D C:\Users\Pedro\AppData\Local\Epic Privacy Browser
2017-01-02 23:55 - 2016-01-26 15:12 - 00018960 _____ (Logitech, Inc.) C:\windows\system32\Drivers\LNonPnP.sys
2016-12-29 12:01 - 2014-12-30 23:54 - 00000000 ____D C:\Program Files\Uninstall Tool
2016-12-29 12:00 - 2014-12-30 23:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uninstall Tool
2016-12-29 01:55 - 2016-05-05 07:17 - 00000000 ____D C:\Users\Pedro\Desktop\Plocha 2
2016-12-27 18:42 - 2014-12-30 22:17 - 00000564 ___SH C:\Users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini
2016-12-24 13:21 - 2016-05-18 23:03 - 00000000 ____D C:\Users\Pedro\Desktop\music
2016-12-23 10:03 - 2016-01-26 00:36 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-12-23 00:32 - 2015-11-27 22:38 - 00000000 ____D C:\Users\Pedro\AppData\Roaming\Skype
2016-12-22 23:42 - 2016-11-12 14:48 - 00835576 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2016-12-22 23:42 - 2016-11-12 14:48 - 00177656 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-21 04:16 - 2013-08-22 16:36 - 00000000 ____D C:\windows\system32\catroot2
2016-12-19 20:45 - 2013-08-22 16:36 - 00000000 ____D C:\windows\rescache
2016-12-19 09:14 - 2013-08-22 16:36 - 00000000 __RSD C:\windows\assembly
2016-12-18 11:45 - 2013-08-22 15:44 - 05125792 _____ C:\windows\system32\FNTCACHE.DAT
2016-12-18 11:40 - 2014-09-26 20:09 - 00524288 ___SH C:\windows\system32\config\DRIVERS{e1793794-0b3d-11e3-9dfe-80de722c933b}.TMContainer00000000000000000001.regtrans-ms
2016-12-18 11:40 - 2014-09-26 20:09 - 00065536 ___SH C:\windows\system32\config\DRIVERS{e1793794-0b3d-11e3-9dfe-80de722c933b}.TM.blf
2016-12-18 11:36 - 2013-08-22 16:36 - 00000000 ____D C:\windows\SysWOW64\sk-SK
2016-12-18 11:36 - 2013-08-22 16:36 - 00000000 ____D C:\windows\SysWOW64\en-US
2016-12-18 11:36 - 2013-08-22 16:36 - 00000000 ____D C:\windows\system32\sk-SK
2016-12-18 11:36 - 2013-08-22 16:36 - 00000000 ____D C:\windows\system32\en-US
2016-12-18 11:36 - 2013-08-22 14:36 - 00000000 ____D C:\windows\system32\wbem
2016-12-18 11:36 - 2013-08-22 14:36 - 00000000 ____D C:\windows\system32\oobe
2016-12-17 00:33 - 2014-12-31 14:25 - 00003368 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-17 00:33 - 2014-12-31 14:25 - 00003240 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-15 00:30 - 2015-04-06 00:28 - 00002238 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

==================== Files in the root of some directories =======

2015-01-21 16:05 - 2000-06-08 14:46 - 0003638 _____ () C:\Program Files (x86)\Common Files\Config.ico
2015-01-21 16:05 - 2008-07-25 11:17 - 0558080 _____ (Microsoft Corporation) C:\Program Files (x86)\Common Files\MSVCP80.dll
2015-01-21 16:05 - 2008-07-25 11:17 - 0635904 _____ (Microsoft Corporation) C:\Program Files (x86)\Common Files\MSVCR80.dll
2015-02-12 18:16 - 2015-04-21 12:03 - 0000132 _____ () C:\Users\Pedro\AppData\Roaming\Adobe Formát GIF CS5 – předvolby
2015-03-08 17:46 - 2016-10-12 11:11 - 0000132 _____ () C:\Users\Pedro\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2015-01-24 14:13 - 2017-01-12 00:07 - 0024796 _____ () C:\Users\Pedro\AppData\Roaming\Notepad2.ini
2016-06-15 21:51 - 2016-06-15 21:51 - 0003584 _____ () C:\Users\Pedro\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-02 12:47 - 2015-01-02 12:47 - 0000017 _____ () C:\Users\Pedro\AppData\Local\resmon.resmoncfg
2016-05-19 08:08 - 2016-05-19 08:08 - 0000003 _____ () C:\Users\Pedro\AppData\Local\updater.log
2016-05-19 08:08 - 2016-08-07 12:47 - 0000424 _____ () C:\Users\Pedro\AppData\Local\UserProducts.xml
2014-09-26 20:52 - 2014-09-26 20:52 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-06-08 22:18 - 2016-06-16 23:23 - 0001510 _____ () C:\ProgramData\LmeUSB.log
2016-06-08 22:18 - 2016-06-16 23:23 - 0001482 _____ () C:\ProgramData\LmeZJSW.log
2016-06-08 22:18 - 2016-06-16 23:23 - 0001509 _____ () C:\ProgramData\LSDmbTH.log
2016-05-26 12:46 - 2016-05-26 12:46 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

Some files in TEMP:
====================
C:\Users\Pedro\AppData\Local\Temp\AdbeRdr930_sk_SK.exe
C:\Users\Pedro\AppData\Local\Temp\FirebirdServerSetupZip.exe


==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-01-10 20:26

==================== End of FRST.txt ============================

Vyzerá, že problém je odstránený. Čo to mohlo robiť? Ktorý proces?

Ještě to musíme dočistit. Pravděpodobně to způsobil některý AdWare, který smazal ADW.

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\MountPoints2: {54f0470c-b2cd-11e4-827e-e8b1fc0cf016} - "F:\Startme.exe"
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\MountPoints2: {e8b0ea66-16c9-11e5-82a0-e8b1fc0cf016} - "F:\EMP_UDSe.exe" /autorun
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2121847970-1608828601-3914908799-1001 -> DefaultScope {EC5134AD-236A-4D0A-996F-7C41A1CC9C50} URL =
SearchScopes: HKU\S-1-5-21-2121847970-1608828601-3914908799-1001 -> {EC5134AD-236A-4D0A-996F-7C41A1CC9C50} URL =
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - No File
C:\Program Files (x86)\Bonjour
C:\windows\system32\ApnDatabase.xml
C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Pedro\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\ProgramData\DP45977C.lfl
C:\Users\Pedro\AppData\Local\Temp
AlternateDataStreams: C:\Windows:tix.Identifier [548]

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Fix result of Farbar Recovery Scan Tool (x64) Version: 12-01-2017
Ran by Pedro (13-01-2017 20:43:04) Run:1
Running from C:\Users\Pedro\Desktop
Loaded Profiles: Pedro (Available Profiles: Pedro)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\MountPoints2: {54f0470c-b2cd-11e4-827e-e8b1fc0cf016} - "F:\Startme.exe"
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\...\MountPoints2: {e8b0ea66-16c9-11e5-82a0-e8b1fc0cf016} - "F:\EMP_UDSe.exe" /autorun
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2121847970-1608828601-3914908799-1001 -> DefaultScope {EC5134AD-236A-4D0A-996F-7C41A1CC9C50} URL =
SearchScopes: HKU\S-1-5-21-2121847970-1608828601-3914908799-1001 -> {EC5134AD-236A-4D0A-996F-7C41A1CC9C50} URL =
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - No File
C:\Program Files (x86)\Bonjour
C:\windows\system32\ApnDatabase.xml
C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Pedro\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\ProgramData\DP45977C.lfl
C:\Users\Pedro\AppData\Local\Temp
AlternateDataStreams: C:\Windows:tix.Identifier [548]

EmptyTemp:
End
*****************

HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value removed successfully
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{54f0470c-b2cd-11e4-827e-e8b1fc0cf016} => key removed successfully
HKCR\CLSID\{54f0470c-b2cd-11e4-827e-e8b1fc0cf016} => key not found.
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e8b0ea66-16c9-11e5-82a0-e8b1fc0cf016} => key removed successfully
HKCR\CLSID\{e8b0ea66-16c9-11e5-82a0-e8b1fc0cf016} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key removed successfully
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key removed successfully
HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-21-2121847970-1608828601-3914908799-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EC5134AD-236A-4D0A-996F-7C41A1CC9C50} => key removed successfully
HKCR\CLSID\{EC5134AD-236A-4D0A-996F-7C41A1CC9C50} => key not found.
HKCR\PROTOCOLS\Handler\skypec2c => key not found.
HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8} => key not found.
C:\Program Files (x86)\Bonjour => moved successfully
C:\windows\system32\ApnDatabase.xml => moved successfully
C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
C:\Users\Pedro\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
Could not move "C:\ProgramData\DP45977C.lfl" => Scheduled to move on reboot.

"C:\Users\Pedro\AppData\Local\Temp" folder move:

Could not move "C:\Users\Pedro\AppData\Local\Temp" => Scheduled to move on reboot.

C:\Windows => ":tix.Identifier" ADS removed successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 57679453 B
Java, Flash, Steam htmlcache => 2582 B
Windows/system/drivers => 112038232 B
Edge => 0 B
Chrome => 247694032 B
Firefox => 376877122 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 175956 B
systemprofile32 => 355637 B
LocalService => 5467906 B
NetworkService => 0 B
Pedro => 1062081787 B

RecycleBin => 0 B
EmptyTemp: => 1.7 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 13-01-2017 20:50:06)

C:\ProgramData\DP45977C.lfl => Is moved successfully
C:\Users\Pedro\AppData\Local\Temp => moved successfully

==== End of Fixlog 20:50:06 ====

Pri štarte systému mi vyhodili error obe aplikácie od googlu, čo mám a nespustili sa (Drive, Gmail Notifier).

Smazáno. Log by již měl být OK.

Z Chrome sa zmazali všetky karty, to už asi nevrátim, že?

kroenen2 píše:Z Chrome sa zmazali všetky karty, to už asi nevrátim, že?

Sice nevím jak, ani ADW, ani následné dočištění pomocí FRST nemazalo z Chrome nic. Není li nastavení Chrome zálohováno, vrátit to nelze.

ok, nevadí.

Je tu ale predsa problém, s tým wifi je to zasa rovnaké, zasa náhodne klesá intenzita a vlečie sa rýchlosť netu. Takže asi tamtým to nebolo ...či mohlo sa to po dvoch dňoch vrátiť? o.O
Po prebudení dokonca nenájde žiadne siete, akonáhle ale dám odhlásiť užívateľa, hneď sa pripojí a ide už aj po opätovnom prihlásení (netreba reštart)

Ak to teda nieje tým advérom, malvérom... neviete mi poradiť, čím to môže byť? skúsim driver preinštalovať.

Přeinstalaci ovladače udělejte.