Zpomalený PC

Zpráva

drakuba · #1 Příspěvek od **drakuba** » 30 dub 2017 22:25

Dobrý den,
dostal se mi do ruky pc po příbuzných, avšak je bolestně pomalý. Slyšel jsem že pomalu načítal internetové stránky nebo je nenačetl vůbec. Tak bych poprosil jestli by jste se mi někdo nepřesvědčil jestli v něm není nějaká havěť

edit: zatím jsem udělal antivirový test avirou a odinstaloval jsem McAfee, jinak jsem se v tom nevrtal

FRST log:

Kód: Vybrat vše

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-04-2017
Ran by MatÄ›jkovi (administrator) on PC-MATEJKOVI (30-04-2017 23:17:25)
Running from C:\Users\MatÄ›jkovi\Desktop
Loaded Profiles: MatÄ›jkovi (Available Profiles: MatÄ›jkovi & Administrator)
Platform: Windows 8.1 Connected (X64) Language: ÄŚeĹˇtina (ÄŚeskĂˇ republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(QualcommÂ®AtherosÂ®) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSPanel.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngtool.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(forum.viry.cz) C:\Users\MatÄ›jkovi\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [1080992 2014-04-23] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\ASUSWSLoader.exe [63296 2014-02-25] ()
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [134784 2014-02-25] (QualcommÂ®AtherosÂ®)
HKU\S-1-5-21-633731926-1886176847-759000969-1001\...\MountPoints2: {dab0c5c4-b877-11e4-825f-3010b3670fc6} - "F:\startme.exe" 
HKU\S-1-5-21-633731926-1886176847-759000969-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [786432 2013-08-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.2.301\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.2.301\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.2.301\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2014-12-29] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2014-12-29] (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3A60E2D9-C26B-45F3-9B64-BFB42EF7DA8D}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{C7F981C5-57B0-46B3-93B1-BDF582F265F9}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\AvGeneric_S-1-5-21-633731926-1886176847-759000969-500\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com/?pc=ASJB
HKU\AvGeneric_S-1-5-21-633731926-1886176847-759000969-500\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
HKU\S-1-5-21-633731926-1886176847-759000969-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://seznam.cz/
HKU\S-1-5-21-633731926-1886176847-759000969-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
SearchScopes: HKU\AvGeneric_S-1-5-21-633731926-1886176847-759000969-500 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\AvGeneric_S-1-5-21-633731926-1886176847-759000969-500 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-633731926-1886176847-759000969-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-633731926-1886176847-759000969-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-12-29] (AVAST Software)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-12-29] (AVAST Software)

FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-03-09] [not signed]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()

Chrome: 
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\MatÄ›jkovi\AppData\Local\Google\Chrome\User Data\Default [2017-04-30]
CHR Extension: (Dokumenty Google) - C:\Users\MatÄ›jkovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-19]
CHR Extension: (Disk Google) - C:\Users\MatÄ›jkovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-28]
CHR Extension: (YouTube) - C:\Users\MatÄ›jkovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-29]
CHR Extension: (VyhledĂˇvĂˇnĂ Google) - C:\Users\MatÄ›jkovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-28]
CHR Extension: (Avast SafePrice) - C:\Users\MatÄ›jkovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-03-27]
CHR Extension: (Dokumenty Google offline) - C:\Users\MatÄ›jkovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-08]
CHR Extension: (Avast Online Security) - C:\Users\MatÄ›jkovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-03-27]
CHR Extension: (Platby InternetovĂ©ho obchodu Chrome) - C:\Users\MatÄ›jkovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-27]
CHR Extension: (Gmail) - C:\Users\MatÄ›jkovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR Extension: (Chrome Media Router) - C:\Users\MatÄ›jkovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-13]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2014-12-29]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-29]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe [71680 2014-02-25] (ASUS Cloud Corporation) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [319104 2014-02-25] (Windows (R) Win 7 DDK provider) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-29] (AVAST Software)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-01-28] (WildTangent)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2014-04-23] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-04-23] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2014-02-25] (Atheros) [File not signed]
S3 aswbIDSAgent; "C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe" [X]
S2 McAfee SiteAdvisor Service; "c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe" [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [307736 2017-04-30] (AVAST Software s.r.o.)
S0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [189768 2017-04-30] (AVAST Software s.r.o.)
S0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [334088 2017-04-30] (AVAST Software s.r.o.)
S0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [48528 2017-04-30] (AVAST Software s.r.o.)
R3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [38296 2017-04-30] (AVAST Software)
S1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [32600 2017-04-30] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [128648 2017-04-30] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [101152 2017-04-30] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [75704 2017-04-30] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [1005048 2017-04-30] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [556784 2017-04-30] (AVAST Software)
S2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [164064 2017-04-30] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [339696 2017-04-30] (AVAST Software)
R3 athr; C:\WINDOWS\system32\DRIVERS\athwbx.sys [3892224 2014-03-06] (Qualcomm Atheros Communications, Inc.)
R3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [71952 2014-03-31] (ASUS Corporation)
R3 BTATH_LWFLT; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [77464 2014-02-25] (Qualcomm Atheros)
R3 GPIO; C:\WINDOWS\System32\drivers\iaiogpioe.sys [31232 2013-11-11] (Intel Corporation)
R3 iaioi2c; C:\WINDOWS\System32\drivers\iaioi2ce.sys [67584 2013-11-11] (Intel Corporation)
R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )
R0 MBI; C:\WINDOWS\System32\drivers\MBI.sys [29464 2013-10-28] (Intel Corporation)
R3 TXEIx64; C:\WINDOWS\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [35856 2014-04-23] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [237400 2014-04-23] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [124760 2014-04-23] (Microsoft Corporation)
U0 msahci; system32\drivers\msahci.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-04-30 23:17 - 2017-04-30 23:17 - 00014486 _____ C:\Users\MatÄ›jkovi\Desktop\FRST.txt
2017-04-30 23:17 - 2017-04-30 23:17 - 00000000 ____D C:\FRST
2017-04-30 23:16 - 2017-04-30 23:16 - 00112640 _____ (forum.viry.cz) C:\Users\MatÄ›jkovi\Desktop\FRSTLauncher.exe
2017-04-30 23:11 - 2017-04-30 23:11 - 02428928 _____ (Farbar) C:\Users\MatÄ›jkovi\Desktop\FRST64.exe
2017-04-30 22:54 - 2017-04-30 22:54 - 00003914 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2017-04-30 22:53 - 2017-04-30 22:52 - 00992960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2017-04-30 22:53 - 2017-04-30 22:52 - 00921280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2017-04-30 22:53 - 2017-04-30 22:52 - 00399944 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2017-04-30 22:53 - 2017-04-30 22:50 - 00334088 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbloga.sys
2017-04-30 22:53 - 2017-04-30 22:50 - 00307736 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2017-04-30 22:53 - 2017-04-30 22:50 - 00189768 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2017-04-30 22:53 - 2017-04-30 22:50 - 00048528 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2017-04-30 22:53 - 2017-04-30 22:50 - 00032600 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2017-04-30 22:11 - 2017-04-30 22:11 - 00000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2017-04-30 22:11 - 2017-04-30 22:11 - 00000000 ____D C:\Program Files\Common Files\AV
2017-04-18 17:35 - 2017-04-18 17:35 - 00006362 _____ C:\Users\MatÄ›jkovi\Downloads\MATÄšJKA_KAREL (1).p12

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-04-30 22:55 - 2014-12-29 18:43 - 00556784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2017-04-30 22:55 - 2014-12-29 18:43 - 00128648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswmonflt.sys
2017-04-30 22:53 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\Inf
2017-04-30 22:52 - 2014-12-29 18:43 - 00556784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys.149358570339007
2017-04-30 22:52 - 2014-12-29 18:43 - 00339696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2017-04-30 22:52 - 2014-12-29 18:43 - 00164064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2017-04-30 22:52 - 2014-12-29 18:43 - 00127112 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswmonflt.sys.149358570339007
2017-04-30 22:52 - 2014-12-29 18:43 - 00101152 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2017-04-30 22:52 - 2014-12-29 18:43 - 00075704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2017-04-30 22:52 - 2014-12-29 18:43 - 00038296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2017-04-30 22:52 - 2014-12-29 18:39 - 00000000 ____D C:\ProgramData\AVAST Software
2017-04-30 22:51 - 2014-12-29 18:43 - 01005048 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2017-04-30 22:50 - 2014-12-29 18:42 - 00000000 ____D C:\Program Files\AVAST Software
2017-04-30 21:54 - 2014-04-23 09:02 - 00739924 _____ C:\WINDOWS\system32\perfh005.dat
2017-04-30 21:54 - 2014-04-23 09:02 - 00151610 _____ C:\WINDOWS\system32\perfc005.dat
2017-04-30 21:54 - 2014-03-18 17:25 - 01745984 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-04-30 21:52 - 2014-12-29 18:36 - 00000093 _____ C:\Users\MatÄ›jkovi\AppData\Roaming\sp_data.sys
2017-04-30 21:49 - 2014-09-30 01:18 - 00000000 ____D C:\ProgramData\McAfee
2017-04-30 21:49 - 2014-09-30 01:18 - 00000000 ____D C:\Program Files (x86)\McAfee
2017-04-30 21:48 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-04-30 21:47 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2017-04-30 21:40 - 2013-08-22 17:36 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2017-04-30 21:40 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2017-04-30 21:39 - 2015-07-07 18:56 - 00000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2017-04-30 21:39 - 2014-12-29 18:39 - 00003594 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-633731926-1886176847-759000969-1001
2017-04-30 21:30 - 2016-09-03 20:06 - 00003480 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1
2017-04-30 21:30 - 2016-09-03 20:06 - 00003470 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2
2017-04-30 21:30 - 2014-12-29 18:43 - 00003384 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-04-30 21:30 - 2014-12-29 18:43 - 00003256 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-04-30 21:29 - 2016-02-06 14:59 - 00004002 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{FFE95B1E-F49D-4175-8C7C-CAEA9DEA4248}
2017-04-30 21:26 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-04-11 17:51 - 2014-12-29 18:44 - 00002217 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-04-11 17:51 - 2014-12-29 18:44 - 00002205 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-04-05 18:57 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\NDF

==================== Files in the root of some directories =======

2014-12-29 18:36 - 2017-04-30 21:52 - 0000093 _____ () C:\Users\MatÄ›jkovi\AppData\Roaming\sp_data.sys
2014-09-30 01:05 - 2014-09-30 01:05 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-04-23 10:53 - 2012-09-07 13:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2014-04-23 10:53 - 2009-07-22 12:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2014-04-23 10:53 - 2012-09-07 13:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS

Some files in TEMP:
====================
2015-06-04 12:45 - 2015-06-04 12:45 - 0119312 _____ (McAfee, Inc.) C:\Users\MatÄ›jkovi\AppData\Local\Temp\McCSPInstall.dll
2017-04-30 21:39 - 2015-06-04 12:45 - 0161528 _____ (McAfee Inc.) C:\Users\MatÄ›jkovi\AppData\Local\Temp\mccspuninstall.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

  
***** Velikost "Plochy" *****

Velikost slozky "C:\Users\MatŘjkovi\Desktop" je 7278 MB.
 
 
***** Startup Programs *****
 
 
***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    EnableFirewall    REG_DWORD    0x1
    DisableNotifications    REG_DWORD    0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    EnableFirewall    REG_DWORD    0x1
    DisableNotifications    REG_DWORD    0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
 
***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

 
==================== End Of Log ==============================

#2 Příspěvek od **Rudy** » 01 kvě 2017 10:31

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

drakuba · #3 Příspěvek od **drakuba** » 01 kvě 2017 14:46

Nahlásilo to že to nic nenašlo, zde je log

Kód: Vybrat vše

# AdwCleaner v6.046 - Log vytvořen 01/05/2017 v 15:42:09
# Aktualizováno dne 24/04/2017 z Malwarebytes
# Databáze : 2017-04-29.1 [Server]
# Operační systém : Windows 8.1 Connected  (X64)
# Uživatelské jméno : Matějkovi - PC-MATEJKOVI
# Spuštěno z : C:\Users\Matějkovi\Desktop\adwcleaner_6.046.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support



***** [ Služby ] *****



***** [ Složky ] *****



***** [ Soubory ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Zástupci ] *****



***** [ Naplánované úlohy ] *****



***** [ Registry ] *****



***** [ Prohlížeče ] *****



*************************

:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [812 Bajty] - [01/05/2017 15:42:09]
C:\AdwCleaner\AdwCleaner[S0].txt - [1383 Bajty] - [01/05/2017 15:41:51]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [957 Bajty] ##########

#4 Příspěvek od **Rudy** » 01 kvě 2017 16:12

Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:

Start
HKU\S-1-5-21-633731926-1886176847-759000969-1001\...\MountPoints2: {dab0c5c4-b877-11e4-825f-3010b3670fc6} - "F:\startme.exe"
SearchScopes: HKU\AvGeneric_S-1-5-21-633731926-1886176847-759000969-500 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\AvGeneric_S-1-5-21-633731926-1886176847-759000969-500 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-633731926-1886176847-759000969-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
C:\ProgramData\DP45977C.lfl
C:\ProgramData\SetStretch.VBS
C:\Users\MatÄ›jkovi\AppData\Local\Temp

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Z logu:

Velikost slozky "C:\Users\MatŘjkovi\Desktop" je 7278 MB.

To je příliš mnoho a může to zpomalovat start systému. Vytvořte v C:\Users\Matějkovi novou složku, do níž přesuňte všechna data z plochy (kromě zástupců). Na plochu si pak dejte zástupce té složky pro snazší přístup.

drakuba · #5 Příspěvek od **drakuba** » 01 kvě 2017 21:17

Odlehčil jsem plochu o asi 7000MB a spustil jsem fix. Spustil jsem ho asi v 17:30, teď je 22:15 a pořád fix běží. Já to necham běžet jak dlouho bude potřeba, jenom mi příjde divný že to trvá tak dlouho

#6 Příspěvek od **Rudy** » 02 kvě 2017 17:52

Rychlos je odvislá od rychlosti CPU, velikosti RAM a velikosti disku. Pokud by to nedoběhlo, spusťte v nouz. režimu.

drakuba · #7 Příspěvek od **drakuba** » 04 kvě 2017 01:02

Spustil jsem to v nouzovém režimu a v době kdy píšu tuhle zprávu to běží už přes 24 hodin. Dokonce jsem se i přesvědčoval jestli jsem to špatně nezkopíroval.
Mam to zkusit pouštět po jednotlivých řádkách? např:

Kód: Vybrat vše

Start
HKU\S-1-5-21-633731926-1886176847-759000969-1001\...\MountPoints2: {dab0c5c4-b877-11e4-825f-3010b3670fc6} - "F:\startme.exe" 

EmptyTemp:
End

Kód: Vybrat vše

Start
SearchScopes: HKU\AvGeneric_S-1-5-21-633731926-1886176847-759000969-500 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}

EmptyTemp:
End

#8 Příspěvek od **Rudy** » 04 kvě 2017 17:43

To, myslím nepomůže. Bude tam nějaká systémová chyba. Dejte ještě jedenou log FRST. Podívám se, co bylo smazáno a co nikoli.

drakuba · #9 Příspěvek od **drakuba** » 04 kvě 2017 19:15

Kód: Vybrat vše

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03-05-2017 01
Ran by MatÄ›jkovi (administrator) on PC-MATEJKOVI (04-05-2017 20:06:48)
Running from C:\Users\MatÄ›jkovi\Desktop
Loaded Profiles: MatÄ›jkovi (Available Profiles: MatÄ›jkovi & Administrator)
Platform: Windows 8.1 Connected (X64) Language: ÄŚeĹˇtina (ÄŚeskĂˇ republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(QualcommÂ®AtherosÂ®) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\ASUSWSLoader.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(forum.viry.cz) C:\Users\MatÄ›jkovi\Desktop\FRST-OlderVersion\FRSTLauncher.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213824 2017-04-30] (AVAST Software)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [1080992 2014-04-23] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\ASUSWSLoader.exe [63296 2014-02-25] ()
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [134784 2014-02-25] (QualcommÂ®AtherosÂ®)
HKU\S-1-5-21-633731926-1886176847-759000969-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Bubbles.scr [786432 2013-08-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.2.301\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.2.301\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.2.301\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-04-30] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-04-30] (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3A60E2D9-C26B-45F3-9B64-BFB42EF7DA8D}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{C7F981C5-57B0-46B3-93B1-BDF582F265F9}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-633731926-1886176847-759000969-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://seznam.cz/
HKU\S-1-5-21-633731926-1886176847-759000969-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
SearchScopes: HKU\S-1-5-21-633731926-1886176847-759000969-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-633731926-1886176847-759000969-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-04-30] (AVAST Software)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-04-30] (AVAST Software)

FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-03-09] [not signed]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()

Chrome: 
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\MatÄ›jkovi\AppData\Local\Google\Chrome\User Data\Default [2017-05-02]
CHR Extension: (Dokumenty Google) - C:\Users\MatÄ›jkovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-19]
CHR Extension: (Disk Google) - C:\Users\MatÄ›jkovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-28]
CHR Extension: (YouTube) - C:\Users\MatÄ›jkovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-29]
CHR Extension: (VyhledĂˇvĂˇnĂ Google) - C:\Users\MatÄ›jkovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-28]
CHR Extension: (Avast SafePrice) - C:\Users\MatÄ›jkovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-03-27]
CHR Extension: (Dokumenty Google offline) - C:\Users\MatÄ›jkovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-08]
CHR Extension: (Avast Online Security) - C:\Users\MatÄ›jkovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-05-01]
CHR Extension: (Platby InternetovĂ©ho obchodu Chrome) - C:\Users\MatÄ›jkovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-27]
CHR Extension: (Gmail) - C:\Users\MatÄ›jkovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR Extension: (Chrome Media Router) - C:\Users\MatÄ›jkovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-01]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe [71680 2014-02-25] (ASUS Cloud Corporation) [File not signed]
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7398336 2017-04-30] (AVAST Software s.r.o.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [319104 2014-02-25] (Windows (R) Win 7 DDK provider) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [261712 2017-04-30] (AVAST Software)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-01-28] (WildTangent)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2014-04-23] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-04-23] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2014-02-25] (Atheros) [File not signed]
S2 McAfee SiteAdvisor Service; "c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe" [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [307736 2017-04-30] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [189768 2017-04-30] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [334088 2017-04-30] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [48528 2017-04-30] (AVAST Software s.r.o.)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [38296 2017-04-30] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [32600 2017-04-30] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [128648 2017-04-30] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [101152 2017-04-30] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [75704 2017-04-30] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [1005048 2017-04-30] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [556784 2017-04-30] (AVAST Software)
S2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [164064 2017-04-30] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [339696 2017-04-30] (AVAST Software)
R3 athr; C:\WINDOWS\system32\DRIVERS\athwbx.sys [3892224 2014-03-06] (Qualcomm Atheros Communications, Inc.)
R3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [71952 2014-03-31] (ASUS Corporation)
R3 BTATH_LWFLT; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [77464 2014-02-25] (Qualcomm Atheros)
R3 GPIO; C:\WINDOWS\System32\drivers\iaiogpioe.sys [31232 2013-11-11] (Intel Corporation)
R3 iaioi2c; C:\WINDOWS\System32\drivers\iaioi2ce.sys [67584 2013-11-11] (Intel Corporation)
R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )
R0 MBI; C:\WINDOWS\System32\drivers\MBI.sys [29464 2013-10-28] (Intel Corporation)
R3 TXEIx64; C:\WINDOWS\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [35856 2014-04-23] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [237400 2014-04-23] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [124760 2014-04-23] (Microsoft Corporation)
U0 msahci; system32\drivers\msahci.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-05-04 20:06 - 2017-05-04 20:07 - 00013538 _____ C:\Users\MatÄ›jkovi\Desktop\FRST.txt
2017-05-04 20:06 - 2017-05-04 20:06 - 00000000 ____D C:\Users\MatÄ›jkovi\Desktop\FRST-OlderVersion
2017-05-04 20:04 - 2017-05-04 20:04 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-05-02 20:44 - 2017-05-04 08:25 - 00145026 _____ C:\WINDOWS\ntbtlog.txt
2017-05-01 17:45 - 2017-05-02 20:45 - 00001438 _____ C:\Users\MatÄ›jkovi\Desktop\Fixlog.txt
2017-05-01 17:26 - 2017-05-01 17:27 - 00000820 _____ C:\Users\MatÄ›jkovi\Desktop\fixlist.txt
2017-05-01 15:46 - 2017-05-01 15:46 - 00000000 ____D C:\Users\MatÄ›jkovi\AppData\Local\CEF
2017-05-01 15:43 - 2017-05-01 15:43 - 00003900 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1493646220
2017-05-01 15:43 - 2017-05-01 15:43 - 00001061 _____ C:\Users\Public\Desktop\Avast SafeZone Browser.lnk
2017-05-01 15:43 - 2017-05-01 15:43 - 00001061 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-05-01 15:35 - 2017-05-01 15:42 - 00000000 ____D C:\AdwCleaner
2017-05-01 15:34 - 2017-05-01 15:34 - 04102600 _____ C:\Users\MatÄ›jkovi\Desktop\adwcleaner_6.046.exe
2017-04-30 23:24 - 2017-04-30 23:24 - 00003978 _____ C:\Users\MatÄ›jkovi\Desktop\Addition.zip
2017-04-30 23:17 - 2017-04-30 23:17 - 00000000 ____D C:\FRST
2017-04-30 23:11 - 2017-05-04 20:06 - 02428928 _____ (Farbar) C:\Users\MatÄ›jkovi\Desktop\FRST64.exe
2017-04-30 22:54 - 2017-04-30 22:54 - 00003914 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2017-04-30 22:53 - 2017-04-30 22:52 - 00992960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2017-04-30 22:53 - 2017-04-30 22:52 - 00921280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2017-04-30 22:53 - 2017-04-30 22:52 - 00399944 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2017-04-30 22:53 - 2017-04-30 22:50 - 00334088 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbloga.sys
2017-04-30 22:53 - 2017-04-30 22:50 - 00307736 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2017-04-30 22:53 - 2017-04-30 22:50 - 00189768 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2017-04-30 22:53 - 2017-04-30 22:50 - 00048528 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2017-04-30 22:53 - 2017-04-30 22:50 - 00032600 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2017-04-30 22:11 - 2017-04-30 22:11 - 00000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2017-04-30 22:11 - 2017-04-30 22:11 - 00000000 ____D C:\Program Files\Common Files\AV
2017-04-18 17:35 - 2017-04-18 17:35 - 00006362 _____ C:\Users\MatÄ›jkovi\Downloads\MATÄšJKA_KAREL (1).p12

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-05-04 20:07 - 2014-12-29 18:39 - 00003594 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-633731926-1886176847-759000969-1001
2017-05-04 20:06 - 2014-04-23 09:02 - 00739924 _____ C:\WINDOWS\system32\perfh005.dat
2017-05-04 20:06 - 2014-04-23 09:02 - 00151610 _____ C:\WINDOWS\system32\perfc005.dat
2017-05-04 20:06 - 2014-03-18 17:25 - 01745984 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-05-04 20:06 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\Inf
2017-05-04 20:05 - 2016-09-03 20:06 - 00003480 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1
2017-05-04 20:05 - 2016-09-03 20:06 - 00003470 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2
2017-05-04 20:05 - 2016-02-06 14:59 - 00004002 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{FFE95B1E-F49D-4175-8C7C-CAEA9DEA4248}
2017-05-04 20:03 - 2014-12-29 18:36 - 00000093 _____ C:\Users\MatÄ›jkovi\AppData\Roaming\sp_data.sys
2017-05-04 20:01 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-05-04 20:01 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2017-05-01 17:40 - 2014-12-29 18:39 - 00000000 ____D C:\ProgramData\AVAST Software
2017-05-01 15:42 - 2014-09-30 01:18 - 00000000 ____D C:\Program Files (x86)\McAfee
2017-04-30 22:55 - 2014-12-29 18:43 - 00556784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2017-04-30 22:55 - 2014-12-29 18:43 - 00128648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswmonflt.sys
2017-04-30 22:52 - 2014-12-29 18:43 - 00556784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys.149358570339007
2017-04-30 22:52 - 2014-12-29 18:43 - 00339696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2017-04-30 22:52 - 2014-12-29 18:43 - 00164064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2017-04-30 22:52 - 2014-12-29 18:43 - 00127112 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswmonflt.sys.149358570339007
2017-04-30 22:52 - 2014-12-29 18:43 - 00101152 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2017-04-30 22:52 - 2014-12-29 18:43 - 00075704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2017-04-30 22:52 - 2014-12-29 18:43 - 00038296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2017-04-30 22:51 - 2014-12-29 18:43 - 01005048 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2017-04-30 22:50 - 2014-12-29 18:42 - 00000000 ____D C:\Program Files\AVAST Software
2017-04-30 21:49 - 2014-09-30 01:18 - 00000000 ____D C:\ProgramData\McAfee
2017-04-30 21:40 - 2013-08-22 17:36 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2017-04-30 21:40 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2017-04-30 21:39 - 2015-07-07 18:56 - 00000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2017-04-30 21:30 - 2014-12-29 18:43 - 00003384 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-04-30 21:30 - 2014-12-29 18:43 - 00003256 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-04-30 21:26 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-04-11 17:51 - 2014-12-29 18:44 - 00002217 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-04-11 17:51 - 2014-12-29 18:44 - 00002205 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-04-05 18:57 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\NDF

==================== Files in the root of some directories =======

2014-12-29 18:36 - 2017-05-04 20:03 - 0000093 _____ () C:\Users\MatÄ›jkovi\AppData\Roaming\sp_data.sys
2014-09-30 01:05 - 2014-09-30 01:05 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-04-23 10:53 - 2012-09-07 13:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2014-04-23 10:53 - 2009-07-22 12:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2014-04-23 10:53 - 2012-09-07 13:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS

Some files in TEMP:
====================
2015-06-04 12:45 - 2015-06-04 12:45 - 0119312 _____ (McAfee, Inc.) C:\Users\MatÄ›jkovi\AppData\Local\Temp\McCSPInstall.dll
2017-04-30 21:39 - 2015-06-04 12:45 - 0161528 _____ (McAfee Inc.) C:\Users\MatÄ›jkovi\AppData\Local\Temp\mccspuninstall.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

  
***** Velikost "Plochy" *****

Velikost slozky "C:\Users\MatŘjkovi\Desktop" je 134 MB.
 
 
***** Startup Programs *****
 
 
***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    EnableFirewall    REG_DWORD    0x1
    DisableNotifications    REG_DWORD    0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    EnableFirewall    REG_DWORD    0x1
    DisableNotifications    REG_DWORD    0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
 
***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

 
==================== End Of Log ==============================

Kód: Vybrat vše

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-05-2017 01
Ran by Matějkovi (04-05-2017 20:07:57)
Running from C:\Users\Matějkovi\Desktop
Windows 8.1 Connected (X64) (2014-12-29 16:29:49)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-633731926-1886176847-759000969-500 - Administrator - Disabled) => C:\Users\Administrator
Guest (S-1-5-21-633731926-1886176847-759000969-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-633731926-1886176847-759000969-1003 - Limited - Enabled)
Matějkovi (S-1-5-21-633731926-1886176847-759000969-1001 - Administrator - Enabled) => C:\Users\Matějkovi

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.4.3 - ASUS)
ASUS Screen Saver (HKLM-x32\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.3 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.2.14 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.01.0003 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 3.1.9 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0034 - ASUS)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.3.2291 - AVAST Software)
Game Explorer Categories - casual (HKLM-x32\...\WildTangentGameProvider-asus-casual) (Version: 3.2.0.6 - WildTangent, Inc.)
Game Explorer Categories - enthusiast (HKLM-x32\...\WildTangentGameProvider-asus-enthusiast) (Version: 3.2.0.6 - WildTangent, Inc.)
Game Explorer Categories - family (HKLM-x32\...\WildTangentGameProvider-asus-family) (Version: 3.2.0.6 - WildTangent, Inc.)
Game Explorer Categories - kids (HKLM-x32\...\WildTangentGameProvider-asus-kids) (Version: 3.2.0.6 - WildTangent, Inc.)
Game Explorer Categories - touch (HKLM-x32\...\WildTangentGameProvider-asus-touch) (Version: 3.2.0.6 - WildTangent, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 57.0.2987.133 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3408 - Intel Corporation)
Intel(R) Sideband Fabric Device Driver (HKLM-x32\...\C5A8BC6E-723A-4C0F-96E1-C426D1A4BCA9) (Version: 1.0.0.1002 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
Maxx Audio Installer (x64) (Version: 1.6.5230.111 - Waves Audio Ltd.) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.27040 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.25.108.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7514 - Realtek Semiconductor Corp.)
SafeZone Stable 3.55.2393.596 (x32 Version: 3.55.2393.596 - Avast Software) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.2.301 - ASUS Cloud Corporation)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus) (Version: 4.0.11.2 - WildTangent)
Windows Driver Package - ASUS (ATP) Mouse  (03/17/2014 1.0.0.207) (HKLM\...\AA2CC56D4BBEE037DC99871F5F6551133D2A0CC3) (Version: 03/17/2014 1.0.0.207 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0CA30696-4612-4E81-BA5C-95D4F612A282} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-04-28] (Realtek Semiconductor)
Task: {0DA033AE-554B-42F2-9F46-ED52F0B81AC5} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2014-04-02] (ASUS)
Task: {43923DEB-C34F-49A3-8D48-6A78408D8DD6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-15] (Google Inc.)
Task: {584C1126-6B70-4AC5-AAE8-6A4B6054C198} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-15] (Google Inc.)
Task: {5CC1EBD2-4B24-4AFE-B5AB-A46C17BB4486} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {643C8766-E7A1-4754-8A5B-1BCCA6D46B94} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-04-30] (AVAST Software)
Task: {69B1BB5E-BCD2-438F-9E1E-706C60BA95C7} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2014-01-14] (ASUSTek Computer Inc.)
Task: {92C24E32-12D9-4C11-A948-046B70B4CACE} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2014-03-31] (AsusTek)
Task: {9375AB2B-34CB-4EA2-9E73-81A7A1C90D0D} - System32\Tasks\SafeZone scheduled Autoupdate 1493646220 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-03-22] (Avast Software)
Task: {B0B13CFD-78A4-49CC-A4D3-E9F01B11DCD8} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {C46FA571-75DE-49A6-8567-38CB58076C35} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {D5684006-7190-456A-BB67-00A1CD97663A} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2014-03-27] (ASUSTek Computer Inc.)
Task: {F57D8D8B-A087-42C1-9E6B-4E69A463AE3D} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-04-30] (AVAST Software)
Task: {FF03C8F3-1158-41C5-891E-C9B347D91471} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-05-15] (Realtek Semiconductor)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2014-02-25 23:14 - 2014-02-25 23:14 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2014-02-25 23:11 - 2014-02-25 23:11 - 00086016 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2014-02-25 23:17 - 2014-02-25 23:17 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2014-02-25 07:49 - 2014-02-25 07:49 - 00063296 _____ () C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\ASUSWSLoader.exe
2014-04-02 15:46 - 2014-04-02 15:46 - 00117248 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2014-04-02 15:46 - 2014-04-02 15:46 - 00037936 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2014-04-02 15:46 - 2014-04-02 15:46 - 00018992 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDColorEnhance.dll
2014-04-02 15:46 - 2014-04-02 15:46 - 00020528 _____ () C:\Program Files (x86)\ASUS\Splendid\AMDRegammaAndGamut.dll
2017-04-30 22:51 - 2017-04-30 22:51 - 00170216 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-04-30 22:52 - 2017-04-30 22:52 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-04-30 22:51 - 2017-04-30 22:51 - 00176480 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
2017-04-30 22:50 - 2017-04-30 22:50 - 00293936 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2013-04-27 10:24 - 2013-04-27 10:24 - 00071680 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\checkmetro.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-633731926-1886176847-759000969-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Matějkovi\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{50762762-4F05-4FA2-AB9D-5E21B0703369}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{87F08E6E-A9A0-46AE-A5D4-F54B61CA410E}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{36E5FA2B-89EB-443B-BAE5-88EB742F5557}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{5403C092-3B3F-414A-A78F-B9431E35C4D1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{E2103D1F-FAE9-4C35-9C38-DAA2267B9DF6}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.596\SZBrowser.exe

==================== Restore Points =========================

28-11-2016 22:39:45 Naplánovaný kontrolní bod
15-03-2017 19:36:35 Naplánovaný kontrolní bod
27-03-2017 13:55:25 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/01/2017 03:33:10 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
Description: There was an error with the Windows Location Provider database

Error: (04/30/2017 10:53:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AvastVBoxSVC.exe, verze: 4.3.18.0, časové razítko: 0x545a0578
Název chybujícího modulu: VDPluginaswHdd.dll, verze: 10.0.0.69, časové razítko: 0x545b6859
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000003c6c8
ID chybujícího procesu: 0x95c
Čas spuštění chybující aplikace: 0x01d2c1eadb49e236
Cesta k chybující aplikaci: C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
Cesta k chybujícímu modulu: C:\Program Files\AVAST Software\Avast\ng\vbox\VDPluginaswHdd.dll
ID zprávy: 0e9c409f-2de7-11e7-826a-3010b3670fc6
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (04/30/2017 09:47:14 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny OpenSCManager(NULL,NULL,SC_MANAGER_CONNECT) došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.


Operace:
   Inicializace zálohy

Error: (03/16/2017 06:41:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GameConsole-wt.exe, verze: 4.0.34.5, časové razítko: 0x52e70485
Název chybujícího modulu: GameConsole-wt.exe, verze: 4.0.34.5, časové razítko: 0x52e70485
Kód výjimky: 0x40000015
Posun chyby: 0x000c47c5
ID chybujícího procesu: 0x1d90
Čas spuštění chybující aplikace: 0x01d29e74281ee110
Cesta k chybující aplikaci: C:\Program Files (x86)\WildTangent Games\App\GameConsole-wt.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\WildTangent Games\App\GameConsole-wt.exe
ID zprávy: 678c72d8-0a67-11e7-8269-3010b3670fc6
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (02/07/2017 06:03:54 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program IEXPLORE.EXE verze 11.0.9600.17037 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 1dd4

Čas spuštění: 01d2815b89f77910

Čas ukončení: 24

Cesta k aplikaci: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

ID hlášení: 032d24b2-ed4f-11e6-8267-3010b3670fc6

Úplný název chybujícího balíčku: 

ID aplikace související s chybujícím balíčkem:

Error: (12/03/2016 01:33:56 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program wwahost.exe verze 6.3.9600.17031 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 10c8

Čas spuštění: 01d24cf46dfbbbc8

Čas ukončení: 4294967295

Cesta k aplikaci: C:\WINDOWS\system32\wwahost.exe

ID hlášení: c928cb62-b8e7-11e6-8267-3010b3670fc6

Úplný název chybujícího balíčku: Microsoft.ZuneVideo_2.6.446.0_x64__8wekyb3d8bbwe

ID aplikace související s chybujícím balíčkem: Microsoft.ZuneVideo

Error: (12/03/2016 01:33:53 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: PC-Matejkovi)
Description: Balíček Microsoft.ZuneVideo_2.6.446.0_x64__8wekyb3d8bbwe+Microsoft.ZuneVideo se ukončil, protože jeho pozastavování trvalo moc dlouho.

Error: (05/28/2016 02:14:02 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
Description: There was an error with the Windows Location Provider database

Error: (01/14/2016 07:02:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: UpdateChecker.exe, verze: 0.0.0.0, časové razítko: 0x54dc4378
Název chybujícího modulu: alvupdt.dll, verze: 1.0.0.10, časové razítko: 0x5510b8fc
Kód výjimky: 0xc0000005
Posun chyby: 0x000110ad
ID chybujícího procesu: 0x1acc
Čas spuštění chybující aplikace: 0x01d14eece64b691a
Cesta k chybující aplikaci: C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\ASUS\ASUS Live Update\alvupdt.dll
ID zprávy: a3def5c0-bae0-11e5-8263-3010b3670fc6
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (11/26/2015 07:18:37 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
Description: There was an error with the Windows Location Provider database


System errors:
=============
Error: (05/04/2017 08:01:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba McAfee SiteAdvisor Service neuspěla při spuštění v důsledku následující chyby: 
Systém nemůže nalézt uvedený soubor.

Error: (05/04/2017 08:01:20 PM) (Source: DCOM) (EventID: 10005) (User: PC-Matejkovi)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby ShellHWDetection s argumenty Není k dispozici za účelem spuštění serveru: 
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (05/04/2017 07:55:07 PM) (Source: DCOM) (EventID: 10005) (User: PC-Matejkovi)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby ShellHWDetection s argumenty Není k dispozici za účelem spuštění serveru: 
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (05/04/2017 07:45:07 PM) (Source: DCOM) (EventID: 10005) (User: PC-Matejkovi)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby ShellHWDetection s argumenty Není k dispozici za účelem spuštění serveru: 
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (05/04/2017 07:35:07 PM) (Source: DCOM) (EventID: 10005) (User: PC-Matejkovi)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby ShellHWDetection s argumenty Není k dispozici za účelem spuštění serveru: 
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (05/04/2017 07:25:07 PM) (Source: DCOM) (EventID: 10005) (User: PC-Matejkovi)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby ShellHWDetection s argumenty Není k dispozici za účelem spuštění serveru: 
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (05/04/2017 07:15:07 PM) (Source: DCOM) (EventID: 10005) (User: PC-Matejkovi)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby ShellHWDetection s argumenty Není k dispozici za účelem spuštění serveru: 
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (05/04/2017 07:05:07 PM) (Source: DCOM) (EventID: 10005) (User: PC-Matejkovi)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby ShellHWDetection s argumenty Není k dispozici za účelem spuštění serveru: 
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (05/04/2017 06:55:07 PM) (Source: DCOM) (EventID: 10005) (User: PC-Matejkovi)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby ShellHWDetection s argumenty Není k dispozici za účelem spuštění serveru: 
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (05/04/2017 06:45:07 PM) (Source: DCOM) (EventID: 10005) (User: PC-Matejkovi)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby ShellHWDetection s argumenty Není k dispozici za účelem spuštění serveru: 
{DD522ACC-F821-461A-A407-50B198B896DC}


==================== Memory info =========================== 

Processor: Intel(R) Pentium(R) CPU N3540 @ 2.16GHz
Percentage of memory in use: 30%
Total physical RAM: 3982.54 MB
Available physical RAM: 2774.29 MB
Total Virtual: 5070.54 MB
Available Virtual: 3849.75 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:186.3 GB) (Free:143.4 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Data) (Fixed) (Total:258.35 GB) (Free:250.9 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 38962327)

Partition: GPT.

==================== End of Addition.txt ============================

#10 Příspěvek od **Rudy** » 04 kvě 2017 19:19

Prakticky nic to nesmazalo. Zkuste to ještě jednou, ale s vypnutým Avastem

drakuba · #11 Příspěvek od **drakuba** » 04 kvě 2017 19:23

Ten jsem měl vypnutý pokaždé, protože mi hlásil že FRST launcher je virus a nacpal ho do trezoru

#12 Příspěvek od **Rudy** » 04 kvě 2017 20:12

OK. Dejte tedy log RSIT: http://forum.viry.cz/viewtopic.php?f=13&t=130786 .

drakuba · #13 Příspěvek od **drakuba** » 04 kvě 2017 20:46

Kód: Vybrat vše

Logfile of random's system information tool 1.16 (written by random/random) 
Run by Matějkovi at 2017-05-04 21:47:02
Microsoft Windows 8.1 s aplikací Bing 
System drive C: has 147 GB (77%) free of 191 GB
Total RAM: 3983 MB (63% free)
X64

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:47:05, on 4. 5. 2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17037)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
C:\WINDOWS\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Matějkovi\Desktop\FRST-OlderVersion\FRSTLauncher.exe
C:\WINDOWS\SysWOW64\cmd.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Matějkovi_RSITx64.exe
C:\WINDOWS\SysWOW64\PING.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com/?pc=ASJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
O4 - HKLM\..\Run: [WebStorage] C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\ASUSWSLoader.exe
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
O23 - Service: Asus WebStorage Windows Service - ASUS Cloud Corporation - C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe
O23 - Service: aswbIDSAgent - AVAST Software s.r.o. - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 7754 bytes

====== Enumerating Processes ======

C:\WINDOWS\system32\wininit.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\dwm.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
C:\WINDOWS\system32\taskhostex.exe
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe"
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
C:\WINDOWS\Explorer.EXE
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe" 
"C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe" 
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe" 
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" 
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" 
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX4
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" 
"C:\Windows\System32\igfxtray.exe" 
"C:\Windows\System32\hkcmd.exe" 
"C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe"
C:\Program Files\AVAST Software\Avast\AvastUI.exe
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe" 
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe" 
C:\Windows\system32\igfxpers.exe
"C:\Windows\system32\igfxsrvc.exe" -Embedding
"C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe"
"C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe" -critical
C:\WINDOWS\SysWOW64\ctfmon.exe
C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSPanel.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" 
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 "--database=C:\Users\Matějkovi\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Matějkovi\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=57.0.2987.133 --initial-client-data=0x12c,0x130,0x134,0x128,0x138,0x70477dc8,0x70477dbc,0x70477dd4
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=2424 --on-initialized-event-handle=320 --parent-handle=316 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1248 --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=7,10,18,19,20,23,41,61,74 --disable-gl-extensions="GL_KHR_blend_equation_advanced GL_KHR_blend_equation_advanced_coherent" --gpu-vendor-id=0x8086 --gpu-device-id=0x0f31 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.3408 --gpu-driver-date=1-20-2014 --service-request-channel-token=3EF4EF3D13D7BA399F63CE650BCD7788 --mojo-platform-channel-handle=1260 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1248 --primordial-pipe-token=2EE8E198CC0457EA13CF8560786F5058 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=2EE8E198CC0457EA13CF8560786F5058 --renderer-client-id=9 --mojo-platform-channel-handle=5156 /prefetch:1
"C:\Program Files\WindowsApps\Microsoft.Reader_6.4.9926.18589_x64__8wekyb3d8bbwe\glcnd.exe" -ServerName:Microsoft.Reader.AppXtszmc7avrx02s7n8gch63tzwg517wd9k.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Users\Matějkovi\Desktop\FRST-OlderVersion\FRSTLauncher.exe" 
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\SysWOW64\cmd.exe
C:\Users\Matějkovi\Desktop\FRST64.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1248 --primordial-pipe-token=11EB1BA5005C1D4668633FEAF908CF99 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=11EB1BA5005C1D4668633FEAF908CF99 --renderer-client-id=17 --mojo-platform-channel-handle=2768 /prefetch:1
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe9_ Global\UsGthrCtrlFltPipeMssGthrPipe9 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" 
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 556 560 568 65536 564 
"C:\Users\Matějkovi\Downloads\RSITx64.exe" 
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
C:\WINDOWS\SysWOW64\PING.EXE

====== Scheduled tasks folder ======

C:\WINDOWS\system32\tasks\ASUS Live Update1 - C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe -critical
C:\WINDOWS\system32\tasks\ASUS Live Update2 - C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe -check
C:\WINDOWS\system32\tasks\ASUS Smart Gesture Launcher - C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe
C:\WINDOWS\system32\tasks\ASUS Splendid ACMON - C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\WINDOWS\system32\tasks\ASUS USB Charger Plus - "C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"
C:\WINDOWS\system32\tasks\ATK Package 36D18D69AFC3 - "C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe" -CancelShutdown
C:\WINDOWS\system32\tasks\Avast Emergency Update - C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\RtHDVBg - "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX4
C:\WINDOWS\system32\tasks\RTKCPL - "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
C:\WINDOWS\system32\tasks\SafeZone scheduled Autoupdate 1493646220 - C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0)
C:\WINDOWS\system32\tasks\Update Checker - C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe
C:\WINDOWS\system32\tasks\User_Feed_Synchronization-{FFE95B1E-F49D-4175-8C7C-CAEA9DEA4248} - C:\WINDOWS\system32\msfeedssync.exe sync
C:\WINDOWS\system32\tasks\Microsoft\Windows\WS\License Validation - rundll32.exe WSClient.dll,WSpTLR licensing
C:\WINDOWS\system32\tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask - rundll32.exe WSClient.dll,RefreshBannedAppsList
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join - %SystemRoot%\System32\AutoWorkplace.exe join
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\WINDOWS\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone - %windir%\system32\tzsync.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\WINDOWS\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\srtasks.exe ExecuteScheduledSPPCreation
C:\WINDOWS\system32\tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask - %windir%\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceAgentTask - %windir%\system32\SpaceAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Shell\FamilySafetyMonitor - %windir%\System32\wpcmon.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers - %SystemRoot%\System32\drvinst.exe 6
C:\WINDOWS\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - %SystemRoot%\System32\MbaeParserTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskCleanup\SilentCleanup - %windir%\system32\cleanmgr.exe /autoclean /d %systemdrive%
C:\WINDOWS\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c -h -o -$
C:\WINDOWS\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup - %windir%\system32\rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState - %windir%\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent /increment
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\StartupAppTask - %windir%\system32\rundll32.exe Startupscan.dll,SusRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\WINDOWS\system32\tasks\AVAST Software\Avast settings backup - C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs

=========Google Chrome=========

C:\Users\Matějkovi\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension aapocclcgogkmnckokdopfmhonfmgoek   
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Obchod Chrome 0.2
Extension aohghmighlieiainnegkcijnfilokake 1 Dokumenty Google 0.9
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0  
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension coobgpohoikkiipiblmjeljniedjpjpf 1 Vyhledávání Google 0.0.0.60
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension ennkphjdgehloodpbhlhldgbnhmacadg 1 Settings 0.2
Extension eofcbnmajmjmplflapaojjnihcjkigck 0 Avast SafePrice 12.0.199
Extension felcaaldnbdncclmgdcncolpebgiejap   
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 1 Dokumenty Google offline 1.4
Extension gomekmidlodglbbmalcneegieacbdmki 0 Avast Online Security 12.0.209
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.46
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf 1 Chrome 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.2
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.2
Extension pafkbggdmjlpgkdkcbjmhmfcdpncadgh 1 Google Now 1.2.0.1
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 5717.116.0.4
Homepage: 
default_search_provider.search_url: 
C:\Users\Matějkovi\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage: 
default_search_provider.search_url: 

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck]
"Path"=C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki]
"Path"=C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx


======Registry dump ======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASJB


[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASJB

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-04-30 895528]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-04-30 773920]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2014-02-19 391152]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2014-02-19 771568]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2017-04-30 213824]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2014-02-25 134784]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"ASUSPRP"=C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2014-04-23 1080992]
"WebStorage"=C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\ASUSWSLoader.exe [2014-02-25 63296]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2014-02-25 134784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableCAD"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave4"=wdmaud.drv
"mixer4"=wdmaud.drv
"midi4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

====== File associations ======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

====== List of files/folders created in the last 1 month ======

2017-05-04 21:47:02 ----D---- C:\rsit
2017-05-04 21:47:02 ----D---- C:\Program Files\trend micro
2017-05-04 20:04:18 ----D---- C:\ProgramData\SWCUTemp
2017-05-02 20:44:02 ----A---- C:\WINDOWS\ntbtlog.txt
2017-05-01 15:35:26 ----D---- C:\AdwCleaner
2017-04-30 23:17:14 ----D---- C:\FRST
2017-04-30 22:53:58 ----A---- C:\WINDOWS\system32\drivers\aswKbd.sys
2017-04-30 22:53:58 ----A---- C:\WINDOWS\system32\drivers\aswbuniva.sys
2017-04-30 22:53:58 ----A---- C:\WINDOWS\system32\drivers\aswbloga.sys
2017-04-30 22:53:58 ----A---- C:\WINDOWS\system32\drivers\aswbidsha.sys
2017-04-30 22:53:58 ----A---- C:\WINDOWS\system32\drivers\aswbidsdrivera.sys
2017-04-30 22:53:10 ----A---- C:\WINDOWS\SYSWOW64\ucrtbase.dll
2017-04-30 22:53:10 ----A---- C:\WINDOWS\system32\ucrtbase.dll
2017-04-30 22:53:10 ----A---- C:\WINDOWS\system32\aswBoot.exe
2017-04-30 22:11:13 ----D---- C:\Program Files\Common Files\AV

====== List of files/folders modified in the last 1 month ======

2017-05-04 21:47:02 ----RD---- C:\Program Files
2017-05-04 21:00:00 ----D---- C:\WINDOWS\system32\sru
2017-05-04 20:36:03 ----D---- C:\WINDOWS\Prefetch
2017-05-04 20:22:08 ----AD---- C:\WINDOWS\Temp
2017-05-04 20:12:30 ----D---- C:\WINDOWS\system32\drivers
2017-05-04 20:08:08 ----AD---- C:\Windows
2017-05-04 20:06:33 ----RD---- C:\WINDOWS\System32
2017-05-04 20:06:33 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2017-05-04 20:06:32 ----D---- C:\WINDOWS\Inf
2017-05-04 20:05:27 ----D---- C:\WINDOWS\system32\Tasks
2017-05-04 20:04:18 ----HD---- C:\ProgramData
2017-05-01 17:40:01 ----D---- C:\ProgramData\AVAST Software
2017-05-01 15:42:59 ----D---- C:\Program Files (x86)\McAfee
2017-04-30 22:53:57 ----D---- C:\WINDOWS\system32\DriverStore
2017-04-30 22:53:33 ----D---- C:\WINDOWS\WinSxS
2017-04-30 22:53:10 ----D---- C:\WINDOWS\SysWOW64
2017-04-30 22:50:55 ----D---- C:\Program Files\AVAST Software
2017-04-30 22:11:13 ----D---- C:\Program Files\Common Files
2017-04-30 22:11:13 ----D---- C:\Program Files (x86)\Common Files
2017-04-30 21:54:26 ----D---- C:\WINDOWS\system32\config
2017-04-30 21:49:54 ----RD---- C:\Program Files (x86)
2017-04-30 21:49:54 ----D---- C:\ProgramData\McAfee
2017-04-30 21:40:07 ----HD---- C:\WINDOWS\ELAMBKUP
2017-04-30 21:39:09 ----RD---- C:\WINDOWS\assembly
2017-04-30 21:36:46 ----SHD---- C:\WINDOWS\Installer
2017-04-30 21:26:11 ----D---- C:\WINDOWS\AppReadiness
2017-04-05 18:57:36 ----D---- C:\WINDOWS\system32\NDF

File C:\WINDOWS\system32\winlogon.exe is digitally signed
File C:\WINDOWS\system32\wininit.exe is digitally signed
File C:\WINDOWS\explorer.exe is digitally signed
File C:\WINDOWS\SysWOW64\explorer.exe is digitally signed
File C:\WINDOWS\system32\svchost.exe is digitally signed
File C:\WINDOWS\SysWOW64\svchost.exe is digitally signed
File C:\WINDOWS\system32\services.exe is digitally signed
File C:\WINDOWS\system32\User32.dll is digitally signed
File C:\WINDOWS\SysWOW64\User32.dll is digitally signed
File C:\WINDOWS\system32\userinit.exe is digitally signed
File C:\WINDOWS\SysWOW64\userinit.exe is digitally signed
File C:\WINDOWS\system32\rpcss.dll is digitally signed
File C:\WINDOWS\system32\Drivers\volsnap.sys is digitally signed

====== List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======

R0 aswbidsh;aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [2017-04-30 189768]
R0 aswblog;aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [2017-04-30 334088]
R0 aswbuniv;aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [2017-04-30 48528]
R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2017-04-30 75704]
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2017-04-30 339696]
R0 BTATH_BUS;@oem21.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\WINDOWS\System32\drivers\btath_bus.sys [2014-02-25 35016]
R0 MBI;@oem8.inf,%MBI.SVCDESC%;Intel(R) Sideband Fabric Device Service; C:\WINDOWS\System32\drivers\MBI.sys [2013-10-28 29464]
R1 aswbidsdriver;aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [2017-04-30 307736]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2017-04-30 32600]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2017-04-30 101152]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2017-04-30 1005048]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2017-04-30 556784]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2013-07-02 19768]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2013-08-22 71680]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2017-04-30 128648]
R3 AiCharger;ASUS Charger Driver; C:\WINDOWS\system32\DRIVERS\AiCharger.sys [2014-03-27 17152]
R3 AthBTPort;@oem24.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\WINDOWS\system32\DRIVERS\btath_flt.sys [2014-02-25 89800]
R3 athr;@oem20.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\system32\DRIVERS\athwbx.sys [2014-03-06 3892224]
R3 ATP;@oem17.inf,%PS2.DeviceDesc%;ASUS Input Device; C:\WINDOWS\System32\drivers\AsusTP.sys [2014-03-31 71952]
R3 BTATH_A2DP;@oem23.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\WINDOWS\system32\drivers\btath_a2dp.sys [2014-02-25 355528]
R3 btath_avdt;@oem23.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\WINDOWS\system32\drivers\btath_avdt.sys [2014-02-25 118984]
R3 BTATH_HCRP;@oem26.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\WINDOWS\System32\drivers\btath_hcrp.sys [2014-02-25 179432]
R3 BTATH_LWFLT;@oem28.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [2014-02-25 77464]
R3 BTATH_RCP;@oem30.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\WINDOWS\System32\drivers\btath_rcp.sys [2014-02-25 137928]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2014-02-25 598216]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2013-08-22 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2013-08-22 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-03-18 81920]
R3 GPIO;@oem10.inf,%GPIO.SVCDESC%;Intel SoC GPIO Controller Driver; C:\WINDOWS\System32\drivers\iaiogpioe.sys [2013-11-11 31232]
R3 HIDSwitch;@oem27.inf,%ASSW.DisplayName%;ASUS Wireless Radio Control; C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys [2013-10-08 20280]
R3 iaioi2c;@oem9.inf,%Driver_Service.Desc%;I2C Controller Service; C:\WINDOWS\System32\drivers\iaioi2ce.sys [2013-11-11 67584]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2014-01-16 4222976]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2015-05-19 4466392]
R3 IntcDAud;@oem12.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2014-01-16 450520]
R3 iwdbus;@oem15.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2013-12-27 27032]
R3 kbfiltr;@oem25.inf,%kbfiltr.SvcDesc%;Keyboard Filter; C:\WINDOWS\System32\drivers\kbfiltr.sys [2012-08-06 17280]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2014-03-18 167424]
R3 RSBASTOR;@oem19.inf,%Rts5208%;Realtek PCIE CardReader Driver - BA; C:\WINDOWS\system32\DRIVERS\RtsBaStor.sys [2013-07-12 309976]
R3 RTL8168;@oem18.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2014-01-08 848088]
R3 TXEIx64;@oem11.inf,%TEE_SvcDesc%;Intel(R) Trusted Execution Engine Interface ; C:\WINDOWS\System32\drivers\TXEIx64.sys [2014-01-15 88592]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-08-22 212224]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2013-08-22 36864]
S0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2013-12-16 632168]
S2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2017-04-30 164064]
S3 AgereSoftModem;@mdmags64.inf,%FullProductName%;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\agrsm64.sys [2013-06-18 1146880]
S3 aswHwid;aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [2017-04-30 38296]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\Drivers\BTHport.sys [2014-03-18 1200640]
S3 dg_ssudbus;@oem35.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 e1iexpress;@net1ic64.inf,%e1iExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\WINDOWS\system32\DRIVERS\e1i63x64.sys [2013-06-18 460288]
S3 intaud_WaveExtensible;@oem14.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2013-12-27 38296]
S3 NETwNs64;@netwsw00.inf,___ %NIC_Service_DispName_WIN7_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\WINDOWS\system32\DRIVERS\Netwsw00.sys [2013-06-18 11518976]
S3 ssudmdm;@oem37.inf,%ssud.Service.Name%;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]

====== List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======

R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe [2014-03-26 115512]
R2 Asus WebStorage Windows Service;Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe [2014-02-25 71680]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2014-02-25 319104]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2011-11-21 96896]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2017-04-30 261712]
R2 GamesAppIntegrationService;GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2014-01-28 227904]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [2013-07-01 733696]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-15 144200]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe []
S3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2017-04-30 7398336]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2014-02-19 279024]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-03-18 43696]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-15 144200]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [2013-07-01 822232]

-----------------EOF-----------------

#14 Příspěvek od **Rudy** » 04 kvě 2017 21:21

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]864

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.

drakuba · #15 Příspěvek od **drakuba** » 04 kvě 2017 21:36

po restardu vyskočila tahle zpráva:

Kód: Vybrat vše

All processes killed
========== FILES ==========
File/Folder C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore not found.
File/Folder C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA not found.
========== REGISTRY ==========
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]86\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]86\ not found.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 128 bytes
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Matějkovi
->Temp folder emptied: 12004570 bytes
->Temporary Internet Files folder emptied: 380630793 bytes
->Google Chrome cache emptied: 394689210 bytes
->Flash cache emptied: 1728 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 75798303 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 823,00 mb
 
 
[EMPTYFLASH]
 
User: Administrator
 
User: All Users
 
User: Default
 
User: Default User
 
User: Matějkovi
->Flash cache emptied: 0 bytes
 
User: Public
 
Total Flash Files Cleaned = 0,00 mb
 
 
OTM by OldTimer - Version 3.1.21.0 log created on 05042017_223008

Files moved on Reboot...
C:\Users\Matějkovi\AppData\Local\Microsoft\Windows\INetCache\counters.dat moved successfully.
File move failed. C:\WINDOWS\temp\_avast_\AvLock.txt scheduled to be moved on reboot.
File move failed. C:\WINDOWS\temp\SafeZone Installer\safezone_installer_20170501154330.log scheduled to be moved on reboot.
File move failed. C:\WINDOWS\temp\SafeZone Installer\safezone_installer_20170501154340.log scheduled to be moved on reboot.

Registry entries deleted on Reboot...

zde je RSIT log:

Kód: Vybrat vše

Logfile of random's system information tool 1.16 (written by random/random) 
Run by Matějkovi at 2017-05-04 22:36:25
Microsoft Windows 8.1 s aplikací Bing 
System drive C: has 148 GB (78%) free of 191 GB
Total RAM: 3983 MB (69% free)
X64

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:36:27, on 4. 5. 2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17037)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\ASUSWSLoader.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Matějkovi_RSITx64.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com/?pc=ASJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
O4 - HKLM\..\Run: [WebStorage] C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\ASUSWSLoader.exe
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
O23 - Service: Asus WebStorage Windows Service - ASUS Cloud Corporation - C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe
O23 - Service: aswbIDSAgent - AVAST Software s.r.o. - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 7484 bytes

====== Enumerating Processes ======

C:\WINDOWS\system32\wininit.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\dwm.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
C:\WINDOWS\System32\spoolsv.exe
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe" 
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe"
C:\WINDOWS\system32\taskhostex.exe
"C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe" 
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe"
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
C:\WINDOWS\Explorer.EXE
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe" 
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" 
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" 
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe" 
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX4
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" 
"C:\Windows\System32\igfxtray.exe" 
"C:\Windows\System32\hkcmd.exe" 
"C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe"
C:\Program Files\AVAST Software\Avast\AvastUI.exe
"C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\ASUSWSLoader.exe" 
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe" 
C:\Windows\system32\igfxpers.exe
"C:\Windows\system32\igfxsrvc.exe" -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" 
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 "--database=C:\Users\Matějkovi\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Matějkovi\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=57.0.2987.133 --initial-client-data=0x12c,0x130,0x134,0x128,0x138,0x6c237dc8,0x6c237dbc,0x6c237dd4
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=4012 --on-initialized-event-handle=472 --parent-handle=476 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1252 --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=7,10,18,19,20,23,41,61,74 --disable-gl-extensions="GL_KHR_blend_equation_advanced GL_KHR_blend_equation_advanced_coherent" --gpu-vendor-id=0x8086 --gpu-device-id=0x0f31 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.3408 --gpu-driver-date=1-20-2014 --service-request-channel-token=0FD0EB902BCC9EFC0C922B5CE89A9DFB --mojo-platform-channel-handle=1268 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1252 --primordial-pipe-token=2D4B35D5A8491B067C2598A4E255B587 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553 --service-request-channel-token=2D4B35D5A8491B067C2598A4E255B587 --renderer-client-id=6 --mojo-platform-channel-handle=4408 /prefetch:1
"C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe"
C:\WINDOWS\system32\taskeng.exe
"C:\Users\Matějkovi\Desktop\RSITx64.exe" 
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

====== Scheduled tasks folder ======

C:\WINDOWS\system32\tasks\ASUS Live Update1 - C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe -critical
C:\WINDOWS\system32\tasks\ASUS Live Update2 - C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe -check
C:\WINDOWS\system32\tasks\ASUS Smart Gesture Launcher - C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe
C:\WINDOWS\system32\tasks\ASUS Splendid ACMON - C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\WINDOWS\system32\tasks\ASUS USB Charger Plus - "C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"
C:\WINDOWS\system32\tasks\ATK Package 36D18D69AFC3 - "C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe" -CancelShutdown
C:\WINDOWS\system32\tasks\Avast Emergency Update - C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\system32\tasks\RtHDVBg - "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX4
C:\WINDOWS\system32\tasks\RTKCPL - "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
C:\WINDOWS\system32\tasks\SafeZone scheduled Autoupdate 1493646220 - C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0)
C:\WINDOWS\system32\tasks\Update Checker - C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe
C:\WINDOWS\system32\tasks\User_Feed_Synchronization-{FFE95B1E-F49D-4175-8C7C-CAEA9DEA4248} - C:\WINDOWS\system32\msfeedssync.exe sync
C:\WINDOWS\system32\tasks\Microsoft\Windows\WS\License Validation - rundll32.exe WSClient.dll,WSpTLR licensing
C:\WINDOWS\system32\tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask - rundll32.exe WSClient.dll,RefreshBannedAppsList
C:\WINDOWS\system32\tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join - %SystemRoot%\System32\AutoWorkplace.exe join
C:\WINDOWS\system32\tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start - C:\WINDOWS\system32\sc.exe start wuauserv
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\WINDOWS\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\WINDOWS\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone - %windir%\system32\tzsync.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\WINDOWS\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\srtasks.exe ExecuteScheduledSPPCreation
C:\WINDOWS\system32\tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask - %windir%\system32\rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\SpacePort\SpaceAgentTask - %windir%\system32\SpaceAgent.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Shell\FamilySafetyMonitor - %windir%\System32\wpcmon.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers - %SystemRoot%\System32\drvinst.exe 6
C:\WINDOWS\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\WINDOWS\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - %SystemRoot%\System32\MbaeParserTask.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\DiskCleanup\SilentCleanup - %windir%\system32\cleanmgr.exe /autoclean /d %systemdrive%
C:\WINDOWS\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c -h -o -$
C:\WINDOWS\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\WINDOWS\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup - %windir%\system32\rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState - %windir%\system32\rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent /increment
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate
C:\WINDOWS\system32\tasks\Microsoft\Windows\Application Experience\StartupAppTask - %windir%\system32\rundll32.exe Startupscan.dll,SusRunTask
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\WINDOWS\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\WINDOWS\system32\tasks\AVAST Software\Avast settings backup - C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs

=========Google Chrome=========

C:\Users\Matějkovi\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension aapocclcgogkmnckokdopfmhonfmgoek   
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Obchod Chrome 0.2
Extension aohghmighlieiainnegkcijnfilokake 1 Dokumenty Google 0.9
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0  
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension coobgpohoikkiipiblmjeljniedjpjpf 1 Vyhledávání Google 0.0.0.60
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension ennkphjdgehloodpbhlhldgbnhmacadg 1 Settings 0.2
Extension eofcbnmajmjmplflapaojjnihcjkigck 0 Avast SafePrice 12.0.199
Extension felcaaldnbdncclmgdcncolpebgiejap   
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 1 Dokumenty Google offline 1.4
Extension gomekmidlodglbbmalcneegieacbdmki 0 Avast Online Security 12.0.209
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.46
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf 1 Chrome 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.2
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.2
Extension pafkbggdmjlpgkdkcbjmhmfcdpncadgh 1 Google Now 1.2.0.1
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 5717.116.0.4
Homepage: 
default_search_provider.search_url: 
C:\Users\Matějkovi\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage: 
default_search_provider.search_url: 

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck]
"Path"=C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki]
"Path"=C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx


======Registry dump ======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}


[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASJB

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-04-30 895528]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-04-30 773920]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2014-02-19 391152]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2014-02-19 771568]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2017-04-30 213824]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2014-02-25 134784]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"ASUSPRP"=C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2014-04-23 1080992]
"WebStorage"=C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\ASUSWSLoader.exe [2014-02-25 63296]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2014-02-25 134784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableCAD"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave4"=wdmaud.drv
"mixer4"=wdmaud.drv
"midi4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

====== File associations ======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

====== List of files/folders created in the last 1 month ======

2017-05-04 22:36:16 ----D---- C:\ProgramData\SWCUTemp
2017-05-04 22:30:08 ----D---- C:\_OTM
2017-05-04 21:47:02 ----D---- C:\rsit
2017-05-04 21:47:02 ----D---- C:\Program Files\trend micro
2017-05-02 20:44:02 ----A---- C:\WINDOWS\ntbtlog.txt
2017-05-01 15:35:26 ----D---- C:\AdwCleaner
2017-04-30 23:17:14 ----D---- C:\FRST
2017-04-30 22:53:58 ----A---- C:\WINDOWS\system32\drivers\aswKbd.sys
2017-04-30 22:53:58 ----A---- C:\WINDOWS\system32\drivers\aswbuniva.sys
2017-04-30 22:53:58 ----A---- C:\WINDOWS\system32\drivers\aswbloga.sys
2017-04-30 22:53:58 ----A---- C:\WINDOWS\system32\drivers\aswbidsha.sys
2017-04-30 22:53:58 ----A---- C:\WINDOWS\system32\drivers\aswbidsdrivera.sys
2017-04-30 22:53:10 ----A---- C:\WINDOWS\SYSWOW64\ucrtbase.dll
2017-04-30 22:53:10 ----A---- C:\WINDOWS\system32\ucrtbase.dll
2017-04-30 22:53:10 ----A---- C:\WINDOWS\system32\aswBoot.exe
2017-04-30 22:11:13 ----D---- C:\Program Files\Common Files\AV

====== List of files/folders modified in the last 1 month ======

2017-05-04 22:34:10 ----AD---- C:\WINDOWS\Temp
2017-05-04 22:31:51 ----HD---- C:\ProgramData
2017-05-04 22:30:11 ----D---- C:\WINDOWS\Prefetch
2017-05-04 22:00:00 ----D---- C:\WINDOWS\system32\sru
2017-05-04 21:54:04 ----RD---- C:\WINDOWS\System32
2017-05-04 21:54:04 ----D---- C:\WINDOWS\Inf
2017-05-04 21:54:04 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2017-05-04 21:47:02 ----RD---- C:\Program Files
2017-05-04 20:12:30 ----D---- C:\WINDOWS\system32\drivers
2017-05-04 20:08:08 ----AD---- C:\Windows
2017-05-04 20:05:27 ----D---- C:\WINDOWS\system32\Tasks
2017-05-01 17:40:01 ----D---- C:\ProgramData\AVAST Software
2017-05-01 15:42:59 ----D---- C:\Program Files (x86)\McAfee
2017-04-30 22:53:57 ----D---- C:\WINDOWS\system32\DriverStore
2017-04-30 22:53:33 ----D---- C:\WINDOWS\WinSxS
2017-04-30 22:53:10 ----D---- C:\WINDOWS\SysWOW64
2017-04-30 22:50:55 ----D---- C:\Program Files\AVAST Software
2017-04-30 22:11:13 ----D---- C:\Program Files\Common Files
2017-04-30 22:11:13 ----D---- C:\Program Files (x86)\Common Files
2017-04-30 21:54:26 ----D---- C:\WINDOWS\system32\config
2017-04-30 21:49:54 ----RD---- C:\Program Files (x86)
2017-04-30 21:49:54 ----D---- C:\ProgramData\McAfee
2017-04-30 21:40:07 ----HD---- C:\WINDOWS\ELAMBKUP
2017-04-30 21:39:09 ----RD---- C:\WINDOWS\assembly
2017-04-30 21:36:46 ----SHD---- C:\WINDOWS\Installer
2017-04-30 21:26:11 ----D---- C:\WINDOWS\AppReadiness
2017-04-05 18:57:36 ----D---- C:\WINDOWS\system32\NDF

File C:\WINDOWS\system32\winlogon.exe is digitally signed
File C:\WINDOWS\system32\wininit.exe is digitally signed
File C:\WINDOWS\explorer.exe is digitally signed
File C:\WINDOWS\SysWOW64\explorer.exe is digitally signed
File C:\WINDOWS\system32\svchost.exe is digitally signed
File C:\WINDOWS\SysWOW64\svchost.exe is digitally signed
File C:\WINDOWS\system32\services.exe is digitally signed
File C:\WINDOWS\system32\User32.dll is digitally signed
File C:\WINDOWS\SysWOW64\User32.dll is digitally signed
File C:\WINDOWS\system32\userinit.exe is digitally signed
File C:\WINDOWS\SysWOW64\userinit.exe is digitally signed
File C:\WINDOWS\system32\rpcss.dll is digitally signed
File C:\WINDOWS\system32\Drivers\volsnap.sys is digitally signed

====== List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======

R0 aswbidsh;aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [2017-04-30 189768]
R0 aswblog;aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [2017-04-30 334088]
R0 aswbuniv;aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [2017-04-30 48528]
R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2017-04-30 75704]
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2017-04-30 339696]
R0 BTATH_BUS;@oem21.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\WINDOWS\System32\drivers\btath_bus.sys [2014-02-25 35016]
R0 MBI;@oem8.inf,%MBI.SVCDESC%;Intel(R) Sideband Fabric Device Service; C:\WINDOWS\System32\drivers\MBI.sys [2013-10-28 29464]
R1 aswbidsdriver;aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [2017-04-30 307736]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2017-04-30 32600]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2017-04-30 101152]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2017-04-30 1005048]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2017-04-30 556784]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2013-07-02 19768]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2013-08-22 71680]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2017-04-30 128648]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2017-04-30 164064]
R3 AiCharger;ASUS Charger Driver; C:\WINDOWS\system32\DRIVERS\AiCharger.sys [2014-03-27 17152]
R3 AthBTPort;@oem24.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\WINDOWS\system32\DRIVERS\btath_flt.sys [2014-02-25 89800]
R3 athr;@oem20.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\system32\DRIVERS\athwbx.sys [2014-03-06 3892224]
R3 ATP;@oem17.inf,%PS2.DeviceDesc%;ASUS Input Device; C:\WINDOWS\System32\drivers\AsusTP.sys [2014-03-31 71952]
R3 BTATH_A2DP;@oem23.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\WINDOWS\system32\drivers\btath_a2dp.sys [2014-02-25 355528]
R3 btath_avdt;@oem23.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\WINDOWS\system32\drivers\btath_avdt.sys [2014-02-25 118984]
R3 BTATH_HCRP;@oem26.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\WINDOWS\System32\drivers\btath_hcrp.sys [2014-02-25 179432]
R3 BTATH_LWFLT;@oem28.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [2014-02-25 77464]
R3 BTATH_RCP;@oem30.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\WINDOWS\System32\drivers\btath_rcp.sys [2014-02-25 137928]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2014-02-25 598216]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2013-08-22 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2013-08-22 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-03-18 81920]
R3 GPIO;@oem10.inf,%GPIO.SVCDESC%;Intel SoC GPIO Controller Driver; C:\WINDOWS\System32\drivers\iaiogpioe.sys [2013-11-11 31232]
R3 HIDSwitch;@oem27.inf,%ASSW.DisplayName%;ASUS Wireless Radio Control; C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys [2013-10-08 20280]
R3 iaioi2c;@oem9.inf,%Driver_Service.Desc%;I2C Controller Service; C:\WINDOWS\System32\drivers\iaioi2ce.sys [2013-11-11 67584]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2014-01-16 4222976]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2015-05-19 4466392]
R3 IntcDAud;@oem12.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2014-01-16 450520]
R3 iwdbus;@oem15.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2013-12-27 27032]
R3 kbfiltr;@oem25.inf,%kbfiltr.SvcDesc%;Keyboard Filter; C:\WINDOWS\System32\drivers\kbfiltr.sys [2012-08-06 17280]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2014-03-18 167424]
R3 RSBASTOR;@oem19.inf,%Rts5208%;Realtek PCIE CardReader Driver - BA; C:\WINDOWS\system32\DRIVERS\RtsBaStor.sys [2013-07-12 309976]
R3 RTL8168;@oem18.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2014-01-08 848088]
R3 TXEIx64;@oem11.inf,%TEE_SvcDesc%;Intel(R) Trusted Execution Engine Interface ; C:\WINDOWS\System32\drivers\TXEIx64.sys [2014-01-15 88592]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2013-08-22 212224]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2013-08-22 36864]
S0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2013-12-16 632168]
S3 AgereSoftModem;@mdmags64.inf,%FullProductName%;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\agrsm64.sys [2013-06-18 1146880]
S3 aswHwid;aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [2017-04-30 38296]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\Drivers\BTHport.sys [2014-03-18 1200640]
S3 dg_ssudbus;@oem35.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 e1iexpress;@net1ic64.inf,%e1iExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\WINDOWS\system32\DRIVERS\e1i63x64.sys [2013-06-18 460288]
S3 intaud_WaveExtensible;@oem14.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2013-12-27 38296]
S3 NETwNs64;@netwsw00.inf,___ %NIC_Service_DispName_WIN7_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\WINDOWS\system32\DRIVERS\Netwsw00.sys [2013-06-18 11518976]
S3 ssudmdm;@oem37.inf,%ssud.Service.Name%;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]

====== List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======

R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe [2014-03-26 115512]
R2 Asus WebStorage Windows Service;Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe [2014-02-25 71680]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2014-02-25 319104]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2011-11-21 96896]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2017-04-30 261712]
R2 GamesAppIntegrationService;GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2014-01-28 227904]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [2013-07-01 733696]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-15 144200]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe []
S3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2017-04-30 7398336]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2014-02-19 279024]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-03-18 43696]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-15 144200]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [2013-07-01 822232]

-----------------EOF-----------------

VIRY.CZ

Zpomalený PC

Zpomalený PC

Re: Zpomalený PC

Re: Zpomalený PC

Re: Zpomalený PC

Re: Zpomalený PC

Re: Zpomalený PC

Re: Zpomalený PC

Re: Zpomalený PC

Re: Zpomalený PC

Re: Zpomalený PC

Re: Zpomalený PC

Re: Zpomalený PC

Re: Zpomalený PC

Re: Zpomalený PC

Re: Zpomalený PC