VIRY.CZ

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-10-2017
Ran by VladimirK (administrator) on KOCUREK-NTB (22-10-2017 13:52:40)
Running from C:\Users\vladimirk\Desktop
Loaded Profiles: VladimirK (Available Profiles: VladimirK & admin)
Platform: Windows 8.1 Pro (Update) (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Antivirus\egui.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Windows\SysWOW64\Codecs\TrayMenu.exe
() C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Intel Corporation) C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
() C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\FileManager\PhotosApp.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Opera Software) C:\Users\vladimirk\AppData\Local\Programs\Opera\48.0.2685.39\opera.exe
(Opera Software) C:\Users\vladimirk\AppData\Local\Programs\Opera\48.0.2685.39\opera.exe
(Opera Software) C:\Users\vladimirk\AppData\Local\Programs\Opera\48.0.2685.39\opera.exe
(Opera Software) C:\Users\vladimirk\AppData\Local\Programs\Opera\48.0.2685.39\opera.exe
(Opera Software) C:\Users\vladimirk\AppData\Local\Programs\Opera\48.0.2685.39\opera.exe
(Opera Software) C:\Users\vladimirk\AppData\Local\Programs\Opera\48.0.2685.39\opera.exe
(Opera Software) C:\Users\vladimirk\AppData\Local\Programs\Opera\48.0.2685.39\opera.exe
(Opera Software) C:\Users\vladimirk\AppData\Local\Programs\Opera\48.0.2685.39\opera.exe
(Opera Software) C:\Users\vladimirk\AppData\Local\Programs\Opera\48.0.2685.39\opera.exe
(Opera Software) C:\Users\vladimirk\AppData\Local\Programs\Opera\48.0.2685.39\opera.exe
(Opera Software) C:\Users\vladimirk\AppData\Local\Programs\Opera\48.0.2685.39\opera.exe
(Opera Software) C:\Users\vladimirk\AppData\Local\Programs\Opera\48.0.2685.39\opera.exe
(forum.viry.cz) C:\Users\vladimirk\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13876952 2016-09-06] (Realtek Semiconductor)
HKLM-x32\...\Run: [isa] => C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [330240 2015-02-18] ()
HKLM-x32\...\Run: [Codec Settings UAC Manager] => C:\Windows\SysWOW64\Codecs\CodecUACManager.exe [68840 2016-10-05] ()
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [134784 2015-01-31] (Atheros Communications)
HKU\S-1-5-21-1248644485-3150169159-186971291-4134\...\Run: [Codec Pack Update Checker] => "C:\Windows\system32\Codecs\UpdateChecker.exe"
HKU\S-1-5-21-1248644485-3150169159-186971291-4134\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-1248644485-3150169159-186971291-4134\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_27_0_0_159_pepper.exe [1319424 2017-10-14] (Adobe Systems Incorporated)
HKU\S-1-5-21-1248644485-3150169159-186971291-4134\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\yowindow.scr [859080 2017-03-23] (repkasoft)
HKU\S-1-5-18\...\Run: [] => [X]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackTrayMenu.lnk [2016-11-07]
ShortcutTarget: CodecPackTrayMenu.lnk -> C:\Windows\SysWOW64\Codecs\TrayMenu.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2016-10-25]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\vladimirk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\YoWindow.lnk [2016-11-27]
ShortcutTarget: YoWindow.lnk -> C:\Program Files (x86)\YoWindow\yowindow.exe (Repkasoft)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{79F4E688-6195-4F94-981F-6C7457EBDBDE}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{880C898F-A3F2-4A60-BD90-D82BFB445EF3}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-1248644485-3150169159-186971291-4134\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2014-01-22] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2014-01-23] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: tu22lukr.default-1506449962233
FF ProfilePath: C:\Users\vladimirk\AppData\Roaming\Mozilla\Firefox\Profiles\tu22lukr.default-1506449962233 [2017-10-04]
FF Extension: (AdBlock) - C:\Users\vladimirk\AppData\Roaming\Mozilla\Firefox\Profiles\tu22lukr.default-1506449962233\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2017-09-26]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll [2014-07-01] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll [2014-07-01] (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-01] (Adobe Systems Inc.)
FF Plugin-x32: yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 -> C:\Program Files (x86)\Yahoo!\Common\npyaxmpb.dll [No File]

Chrome:
=======
CHR Profile: C:\Users\vladimirk\AppData\Local\Google\Chrome\User Data\Default [2017-10-22]
CHR Extension: (No Name) - C:\Users\vladimirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-07-24]
CHR Extension: (No Name) - C:\Users\vladimirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-07-24]
CHR Extension: (No Name) - C:\Users\vladimirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-07-24]
CHR Extension: (No Name) - C:\Users\vladimirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-07-24]
CHR Extension: (No Name) - C:\Users\vladimirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-07-24]
CHR Extension: (Chrome Web Store Payments) - C:\Users\vladimirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-28]
CHR Extension: (No Name) - C:\Users\vladimirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-07-24]
CHR Extension: (Chrome Media Router) - C:\Users\vladimirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-08]

Opera:
=======
OPR Extension: (Super Auto Refresh) - C:\Users\vladimirk\AppData\Roaming\Opera Software\Opera Stable\Extensions\ghjaeanhfafkigkehjgapnlobfhefkme [2017-05-05]
OPR Extension: (Adblock Plus) - C:\Users\vladimirk\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2017-09-28]
StartMenuInternet: (HKLM) OperaStable - C:\Users\vladimirk\AppData\Local\Programs\Opera\Launcher.exe

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [323200 2015-01-31] (Windows (R) Win 7 DDK provider) [File not signed]
S3 EHttpSrv; C:\Program Files\ESET\ESET Endpoint Antivirus\ehttpsrv.exe [51872 2016-05-24] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe [1648224 2016-05-24] (ESET)
S3 eshasrv; C:\Program Files\ESET\ESET Endpoint Antivirus\eshasrv.exe [193696 2016-05-24] (ESET)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344168 2016-09-06] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [881152 2014-10-03] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [330240 2015-02-18] () [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-02-18] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe [172320 2014-12-10] (Intel Corporation)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-21] (Malwarebytes)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-11-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-11-22] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [4267008 2015-01-11] (Qualcomm Atheros Communications, Inc.)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2015-01-31] (Qualcomm Atheros)
R3 BTHprint; C:\Windows\system32\DRIVERS\bthprint.sys [62976 2013-08-22] (Microsoft Corporation)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2013-09-10] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2013-09-10] (Windows (R) Win 7 DDK provider)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [264864 2016-05-23] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [196768 2016-05-23] (ESET)
R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [180384 2016-05-23] (ESET)
R3 iagpioe; C:\Windows\System32\drivers\iagpioe.sys [32256 2015-02-28] (Intel(R) Corporation)
R3 iai2ce; C:\Windows\System32\drivers\iai2ce.sys [95224 2015-11-17] (Intel(R) Corporation)
R3 igfxLP; C:\Windows\system32\DRIVERS\igdkmd64lp.sys [4516280 2016-09-06] (Intel Corporation)
R3 iusb3adp; C:\Windows\System32\drivers\iusb3adp.sys [23824 2015-03-27] (Intel)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [114976 2015-01-22] (Intel Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [35856 2014-11-22] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [257880 2014-11-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-11-22] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-10-22 13:52 - 2017-10-22 13:53 - 000013479 _____ C:\Users\vladimirk\Desktop\FRST.txt
2017-10-22 13:52 - 2017-10-22 13:52 - 000000000 ____D C:\FRST
2017-10-22 13:50 - 2017-10-22 13:50 - 002402816 _____ (Farbar) C:\Users\vladimirk\Desktop\FRST64.exe
2017-10-22 13:50 - 2017-10-22 13:50 - 000112640 _____ (forum.viry.cz) C:\Users\vladimirk\Desktop\FRSTLauncher.exe
2017-10-22 11:53 - 2017-10-22 11:53 - 000454436 ____R C:\Windows\system32\Drivers\etc\hosts.20171022-115313.backup
2017-10-22 11:53 - 2017-10-22 11:53 - 000454436 _____ C:\Windows\system32\Drivers\etc\hosts.20171022-115333.backup
2017-10-22 11:53 - 2017-10-20 07:35 - 000454375 _____ C:\Windows\system32\Drivers\etc\hosts.20171022-115306.backup
2017-10-22 11:51 - 2017-10-22 11:51 - 000000000 ____D C:\Program Files (x86)\TeaTimer (Spybot - Search & Destroy)
2017-10-22 11:51 - 2017-10-22 11:51 - 000000000 ____D C:\Program Files (x86)\File Scanner Library (Spybot - Search & Destroy)
2017-10-20 18:07 - 2017-10-20 19:32 - 000268392 _____ C:\Users\vladimirk\Documents\20.10.2017
2017-10-20 07:25 - 2017-10-20 07:29 - 000094144 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-10-20 07:25 - 2017-10-20 07:28 - 000192960 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2017-10-20 07:25 - 2017-10-20 07:25 - 000045472 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-10-20 07:25 - 2017-10-20 07:25 - 000001883 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-10-20 07:24 - 2017-10-20 08:28 - 000077440 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-10-20 07:24 - 2017-10-20 07:24 - 000000000 ____D C:\Program Files\Malwarebytes
2017-10-20 07:11 - 2017-10-20 07:11 - 000000000 ____D C:\ProgramData\MB2Migration
2017-10-03 13:12 - 2017-10-17 16:41 - 000000000 ____D C:\Users\vladimirk\Desktop\Október 2017
2017-09-26 20:19 - 2017-09-26 20:19 - 000000000 ____D C:\Users\vladimirk\Desktop\Staré údaje Firefoxu
2017-09-26 20:14 - 2017-09-26 20:14 - 000000948 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-09-26 20:14 - 2017-09-26 20:14 - 000000936 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-09-26 20:14 - 2017-09-26 20:14 - 000000000 ____D C:\Program Files\Mozilla Firefox
2017-09-26 20:14 - 2017-09-26 20:14 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-09-25 20:46 - 2017-09-25 20:46 - 000001067 _____ C:\Users\vladimirk\Desktop\Weather Watcher Live.lnk
2017-09-25 20:46 - 2017-09-25 20:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Weather Watcher Live
2017-09-25 19:43 - 2017-09-25 20:48 - 000000000 ____D C:\Program Files (x86)\Weather Watcher Live
2017-09-22 21:44 - 2017-09-22 21:44 - 000000000 ____D C:\Users\vladimirk\Documents\My Games
2017-09-22 21:44 - 2017-09-22 21:44 - 000000000 ____D C:\Users\Public\Documents\Steam
2017-09-22 15:54 - 2009-09-04 17:44 - 000517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2017-09-22 15:54 - 2009-09-04 17:44 - 000515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2017-09-22 15:54 - 2009-09-04 17:44 - 000238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2017-09-22 15:54 - 2009-09-04 17:44 - 000176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2017-09-22 15:54 - 2009-09-04 17:29 - 002582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2017-09-22 15:54 - 2009-09-04 17:29 - 001974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2017-09-22 15:53 - 2009-09-04 17:44 - 000073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2017-09-22 15:53 - 2009-09-04 17:44 - 000069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2017-09-22 15:53 - 2009-09-04 17:29 - 005554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2017-09-22 15:53 - 2009-09-04 17:29 - 005501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2017-09-22 15:53 - 2009-09-04 17:29 - 002475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2017-09-22 15:53 - 2009-09-04 17:29 - 001892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2017-09-22 15:53 - 2009-09-04 17:29 - 000523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2017-09-22 15:53 - 2009-09-04 17:29 - 000453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2017-09-22 15:53 - 2009-09-04 17:29 - 000285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2017-09-22 15:53 - 2009-09-04 17:29 - 000235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2017-09-22 15:53 - 2009-03-16 14:18 - 000521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2017-09-22 15:53 - 2009-03-16 14:18 - 000517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2017-09-22 15:53 - 2009-03-16 14:18 - 000235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2017-09-22 15:53 - 2009-03-16 14:18 - 000174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2017-09-22 15:53 - 2009-03-16 14:18 - 000024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2017-09-22 15:53 - 2009-03-16 14:18 - 000022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2017-09-22 15:53 - 2009-03-09 15:27 - 005425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2017-09-22 15:53 - 2009-03-09 15:27 - 004178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2017-09-22 15:53 - 2009-03-09 15:27 - 002430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2017-09-22 15:53 - 2009-03-09 15:27 - 001846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2017-09-22 15:53 - 2009-03-09 15:27 - 000520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2017-09-22 15:53 - 2009-03-09 15:27 - 000453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2017-09-22 15:53 - 2008-10-27 10:04 - 000518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2017-09-22 15:53 - 2008-10-27 10:04 - 000514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2017-09-22 15:53 - 2008-10-27 10:04 - 000235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2017-09-22 15:53 - 2008-10-27 10:04 - 000175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2017-09-22 15:53 - 2008-10-27 10:04 - 000074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2017-09-22 15:53 - 2008-10-27 10:04 - 000070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2017-09-22 15:53 - 2008-10-27 10:04 - 000025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2017-09-22 15:53 - 2008-10-27 10:04 - 000023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2017-09-22 15:53 - 2008-10-15 06:22 - 005631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2017-09-22 15:53 - 2008-10-15 06:22 - 004379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2017-09-22 15:53 - 2008-10-15 06:22 - 002605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2017-09-22 15:53 - 2008-10-15 06:22 - 002036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2017-09-22 15:53 - 2008-10-15 06:22 - 000519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2017-09-22 15:53 - 2008-10-15 06:22 - 000452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2017-09-22 15:53 - 2008-07-31 10:41 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2017-09-22 15:53 - 2008-07-31 10:41 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2017-09-22 15:53 - 2008-07-31 10:41 - 000072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2017-09-22 15:53 - 2008-07-31 10:41 - 000068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2017-09-22 15:53 - 2008-07-31 10:40 - 000513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2017-09-22 15:53 - 2008-07-31 10:40 - 000509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2017-09-22 15:53 - 2008-07-10 11:01 - 000467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2017-09-22 15:53 - 2008-07-10 11:00 - 004992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2017-09-22 15:53 - 2008-07-10 11:00 - 003851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2017-09-22 15:53 - 2008-07-10 11:00 - 001942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2017-09-22 15:53 - 2008-07-10 11:00 - 001493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2017-09-22 15:53 - 2008-07-10 11:00 - 000540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2017-09-22 15:53 - 2008-05-30 14:19 - 000511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2017-09-22 15:53 - 2008-05-30 14:19 - 000507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2017-09-22 15:53 - 2008-05-30 14:18 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2017-09-22 15:53 - 2008-05-30 14:18 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2017-09-22 15:53 - 2008-05-30 14:17 - 000068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2017-09-22 15:53 - 2008-05-30 14:17 - 000065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2017-09-22 15:53 - 2008-05-30 14:17 - 000025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2017-09-22 15:53 - 2008-05-30 14:16 - 000028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2017-09-22 15:53 - 2008-05-30 14:11 - 004991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2017-09-22 15:53 - 2008-05-30 14:11 - 003850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2017-09-22 15:53 - 2008-05-30 14:11 - 001941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2017-09-22 15:53 - 2008-05-30 14:11 - 001491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2017-09-22 15:53 - 2008-05-30 14:11 - 000540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2017-09-22 15:53 - 2008-05-30 14:11 - 000467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2017-09-22 15:53 - 2008-03-05 16:04 - 000489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2017-09-22 15:53 - 2008-03-05 16:03 - 000479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2017-09-22 15:53 - 2008-03-05 16:03 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2017-09-22 15:53 - 2008-03-05 16:03 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2017-09-22 15:53 - 2008-03-05 16:00 - 000028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2017-09-22 15:53 - 2008-03-05 16:00 - 000025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2017-09-22 15:53 - 2008-03-05 15:56 - 004910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2017-09-22 15:53 - 2008-03-05 15:56 - 003786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2017-09-22 15:53 - 2008-03-05 15:56 - 001860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2017-09-22 15:53 - 2008-03-05 15:56 - 001420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2017-09-22 15:53 - 2008-02-05 23:07 - 000529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2017-09-22 15:53 - 2008-02-05 23:07 - 000462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2017-09-22 15:53 - 2007-10-22 03:40 - 000411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2017-09-22 15:53 - 2007-10-22 03:39 - 000267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2017-09-22 15:53 - 2007-10-22 03:37 - 000021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2017-09-22 15:53 - 2007-10-22 03:37 - 000017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2017-09-22 15:53 - 2007-10-12 15:14 - 005081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2017-09-22 15:53 - 2007-10-12 15:14 - 003734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2017-09-22 15:53 - 2007-10-12 15:14 - 002006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2017-09-22 15:53 - 2007-10-12 15:14 - 001374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2017-09-22 15:53 - 2007-10-02 09:56 - 000508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2017-09-22 15:53 - 2007-10-02 09:56 - 000444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2017-09-22 15:53 - 2007-07-20 00:57 - 000411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2017-09-22 15:53 - 2007-07-20 00:57 - 000267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2017-09-22 15:53 - 2007-07-19 18:14 - 005073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2017-09-22 15:53 - 2007-07-19 18:14 - 003727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2017-09-22 15:53 - 2007-07-19 18:14 - 001985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2017-09-22 15:53 - 2007-07-19 18:14 - 001358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2017-09-22 15:53 - 2007-07-19 18:14 - 000508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2017-09-22 15:53 - 2007-07-19 18:14 - 000444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2017-09-22 15:53 - 2007-06-20 20:49 - 000409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2017-09-22 15:53 - 2007-06-20 20:46 - 000266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2017-09-22 15:53 - 2007-05-16 16:45 - 004496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2017-09-22 15:53 - 2007-05-16 16:45 - 003497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2017-09-22 15:53 - 2007-05-16 16:45 - 001401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2017-09-22 15:53 - 2007-05-16 16:45 - 001124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2017-09-22 15:53 - 2007-05-16 16:45 - 000506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2017-09-22 15:53 - 2007-05-16 16:45 - 000443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2017-09-22 15:53 - 2007-04-04 18:55 - 000403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2017-09-22 15:53 - 2007-04-04 18:55 - 000261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2017-09-22 15:53 - 2007-04-04 18:54 - 000107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2017-09-22 15:53 - 2007-04-04 18:53 - 000081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2017-09-22 15:53 - 2007-03-15 16:57 - 000506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2017-09-22 15:53 - 2007-03-15 16:57 - 000443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2017-09-22 15:53 - 2007-03-12 16:42 - 004494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2017-09-22 15:53 - 2007-03-12 16:42 - 003495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2017-09-22 15:53 - 2007-03-12 16:42 - 001400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2017-09-22 15:53 - 2007-03-12 16:42 - 001123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2017-09-22 15:53 - 2007-03-05 12:42 - 000017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2017-09-22 15:53 - 2007-03-05 12:42 - 000015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2017-09-22 15:53 - 2007-01-24 15:27 - 000393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2017-09-22 15:53 - 2007-01-24 15:27 - 000255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2017-09-22 15:53 - 2006-12-08 12:02 - 000251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2017-09-22 15:53 - 2006-12-08 12:00 - 000390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2017-09-22 15:53 - 2006-11-29 13:06 - 004398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2017-09-22 15:53 - 2006-11-29 13:06 - 003426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2017-09-22 15:53 - 2006-11-29 13:06 - 000469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2017-09-22 15:53 - 2006-11-29 13:06 - 000440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2017-09-22 15:53 - 2006-09-28 16:05 - 003977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2017-09-22 15:53 - 2006-09-28 16:05 - 002414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2017-09-22 15:53 - 2006-09-28 16:05 - 000237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2017-09-22 15:53 - 2006-09-28 16:04 - 000364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2017-09-22 15:53 - 2006-07-28 09:31 - 000083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2017-09-22 15:53 - 2006-07-28 09:30 - 000363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2017-09-22 15:53 - 2006-07-28 09:30 - 000236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2017-09-22 15:53 - 2006-07-28 09:30 - 000062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2017-09-22 15:53 - 2006-05-31 07:24 - 000230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2017-09-22 15:53 - 2006-05-31 07:22 - 000354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2017-09-22 15:53 - 2006-03-31 12:40 - 000352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2017-09-22 15:53 - 2006-03-31 12:39 - 000229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2017-09-22 15:53 - 2006-03-31 12:39 - 000083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2017-09-22 15:53 - 2006-03-31 12:39 - 000062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2017-09-22 15:52 - 2006-03-31 12:41 - 003927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2017-09-22 15:52 - 2006-03-31 12:40 - 002388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2017-09-22 15:52 - 2006-02-03 08:43 - 003830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2017-09-22 15:52 - 2006-02-03 08:43 - 002332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2017-09-22 15:52 - 2006-02-03 08:42 - 000355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2017-09-22 15:52 - 2006-02-03 08:42 - 000230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2017-09-22 15:52 - 2006-02-03 08:41 - 000016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2017-09-22 15:52 - 2006-02-03 08:41 - 000014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2017-09-22 15:52 - 2005-12-05 18:09 - 003815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2017-09-22 15:52 - 2005-12-05 18:09 - 002323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2017-09-22 15:52 - 2005-07-22 19:59 - 003807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2017-09-22 15:52 - 2005-07-22 19:59 - 002319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2017-09-22 15:52 - 2005-05-26 15:34 - 003767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2017-09-22 15:52 - 2005-05-26 15:34 - 002297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2017-09-22 15:52 - 2005-03-18 17:19 - 003823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2017-09-22 15:52 - 2005-03-18 17:19 - 002337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2017-09-22 15:52 - 2005-02-05 19:45 - 003544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2017-09-22 15:52 - 2005-02-05 19:45 - 002222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-10-22 11:52 - 2017-04-18 16:33 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2017-10-22 08:35 - 2016-12-24 20:22 - 000000000 ____D C:\Users\vladimirk\AppData\Roaming\uTorrent
2017-10-22 07:28 - 2016-10-17 11:04 - 000003966 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{B0DFEE00-22C8-4A88-BE67-443DBF79182F}
2017-10-22 07:27 - 2014-11-22 05:14 - 000818732 _____ C:\Windows\system32\PerfStringBackup.INI
2017-10-22 07:27 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\Inf
2017-10-20 20:39 - 2016-11-12 17:54 - 000000000 ____D C:\Users\vladimirk\AppData\Roaming\vlc
2017-10-20 07:32 - 2016-10-10 14:12 - 000003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1248644485-3150169159-186971291-4134
2017-10-20 07:20 - 2016-10-10 14:06 - 000000000 __SHD C:\Users\vladimirk\IntelGraphicsProfiles
2017-10-20 07:19 - 2013-08-22 16:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-10-20 07:18 - 2016-10-28 15:57 - 000000000 ____D C:\Users\vladimirk\AppData\Local\CrashDumps
2017-10-19 20:06 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\AppReadiness
2017-10-19 19:16 - 2016-10-10 14:07 - 000000000 ____D C:\Users\vladimirk\AppData\Roaming\Atheros
2017-10-19 19:15 - 2016-10-10 14:06 - 000000000 ____D C:\Users\vladimirk
2017-10-19 19:15 - 2013-08-22 15:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2017-10-19 18:04 - 2016-10-10 14:07 - 000000000 ____D C:\Users\vladimirk\Documents\Bluetooth Folder
2017-10-19 11:22 - 2016-10-24 14:31 - 000000000 ____D C:\Users\vladimirk\Desktop\Plocha
2017-10-19 10:27 - 2017-09-12 11:15 - 000000000 ____D C:\Users\vladimirk\Desktop\September 2017
2017-10-16 18:49 - 2016-11-12 16:58 - 000000000 ____D C:\KMPlayer
2017-10-14 18:13 - 2016-10-25 21:00 - 000000000 ____D C:\Users\vladimirk\AppData\Local\Adobe
2017-10-14 18:09 - 2017-07-18 12:54 - 000004472 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-10-14 18:08 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2017-10-14 18:08 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\system32\Macromed
2017-10-12 16:13 - 2017-08-02 18:42 - 000003890 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1501692119
2017-10-12 13:51 - 2016-11-09 12:32 - 000000000 ____D C:\Users\vladimirk\Desktop\November 2016
2017-10-04 16:12 - 2017-04-30 12:04 - 000000000 ____D C:\Users\vladimirk\AppData\LocalLow\Mozilla
2017-10-01 20:06 - 2016-10-24 21:06 - 000000000 ____D C:\Program Files (x86)\Call of Duty
2017-09-28 19:37 - 2016-09-06 13:12 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-09-27 11:51 - 2017-03-02 13:51 - 000000000 ____D C:\Users\vladimirk\Desktop\Marec 2017
2017-09-27 05:40 - 2017-07-24 20:27 - 000002227 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-09-27 05:40 - 2017-07-24 20:27 - 000002215 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-09-25 20:40 - 2016-10-26 20:22 - 000000000 ____D C:\Users\vladimirk\AppData\Roaming\WeatherWatcherLive
2017-09-22 17:01 - 2013-08-22 17:20 - 000000000 ____D C:\Windows\CbsTemp
2017-09-22 16:43 - 2013-08-22 17:36 - 000000000 ___HD C:\Program Files\WindowsApps
2017-09-22 16:36 - 2016-10-17 13:20 - 000000000 ____D C:\Users\vladimirk\AppData\Roaming\Mozilla

==================== Files in the root of some directories =======

2016-11-12 19:08 - 2016-11-12 19:08 - 000000057 _____ () C:\Users\vladimirk\AppData\Roaming\Camdata.ini
2016-11-12 19:08 - 2016-11-12 19:08 - 000000408 _____ () C:\Users\vladimirk\AppData\Roaming\CamLayout.ini
2016-11-12 19:08 - 2016-11-12 19:08 - 000000408 _____ () C:\Users\vladimirk\AppData\Roaming\CamShapes.ini
2016-11-12 19:08 - 2016-11-12 19:08 - 000004547 _____ () C:\Users\vladimirk\AppData\Roaming\CamStudio.cfg
2016-11-12 19:04 - 2016-11-12 19:04 - 000000096 _____ () C:\Users\vladimirk\AppData\Roaming\version2.xml
2016-11-01 15:43 - 2016-11-01 18:01 - 000000000 _____ () C:\Users\vladimirk\AppData\Roaming\Vocals
2016-10-17 10:39 - 2016-10-17 10:39 - 000000017 _____ () C:\Users\vladimirk\AppData\Local\resmon.resmoncfg
2016-11-28 13:22 - 2016-11-23 14:19 - 000000570 _____ () C:\Users\vladimirk\AppData\Local\TroubleshooterConfig.json
2016-09-06 14:58 - 2016-09-06 14:58 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
2016-11-01 15:44 - 2016-11-01 18:02 - 000000000 ____H () C:\ProgramData\PKP_DLes.DAT
2016-11-01 15:43 - 2016-11-01 18:01 - 000000000 ____H () C:\ProgramData\PKP_DLet.DAT
2016-11-01 15:43 - 2016-11-01 18:01 - 000000000 ____H () C:\ProgramData\PKP_DLev.DAT
2016-11-01 18:01 - 2016-11-01 18:01 - 000000000 _____ () C:\ProgramData\Themes
2016-11-01 18:01 - 2016-11-01 18:01 - 000000000 _____ () C:\ProgramData\Vocal Transformer

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: ESET Endpoint Antivirus 6.4.2014.2 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Endpoint Antivirus 6.4.2014.2 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\vladimirk\Desktop" je 7172 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Zdravim

Jde ciste jen o prevenci, nebo je i nejaky problem?

Timur píše:***** Velikost "Plochy" *****

Velikost slozky "C:\Users\vladimirk\Desktop" je 7172 MB.

Velikost plochy by nemela presahovat 200 - 300 MB! Brzdi to chod pc. Cili ji trosku uklidte a na plochu dejte jen zastupce. Jen pozor na obcasnou chybu, ze uzivatele maji na plose slozku, v ni dalsi a v ni dalsi a do te to schovaji. To je sice hezke, ale plochu to nezmensi, jen je to v jinem supliku



Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner[C?].txt ). Ten mi sem zkopirujte.

Dobrý deň,
ďakujem za upozornenie, plochu som upratal
ide mi o rapidne spomalenie pc - možno práve vďaka tej ploche...

log:
# AdwCleaner 7.0.3.1 - Logfile created on Sun Oct 22 16:49:45 2017
# Updated on 2017/29/09 by Malwarebytes
# Running on Windows 8.1 Pro (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

Deleted: C:\ProgramData\54F3DE4E-B7BA-4EBD-8B3B-385D272CC583
Deleted: C:\ProgramData\Application Data\54F3DE4E-B7BA-4EBD-8B3B-385D272CC583
Deleted: C:\Users\All Users\54F3DE4E-B7BA-4EBD-8B3B-385D272CC583
Deleted: C:\Program Files\Plumbytes Software


***** [ Files ] *****

No malicious files deleted.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\plusnetwork.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.plusnetwork.com
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Codec Settings UAC Manager
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|Codec Settings UAC Manager
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Control\Class\{0C95ABFE-4FB6-49DB-B22F-0E1F5FC4BEEC}
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Control\Class\{EEEFACB3-729F-4484-B66D-E7A7917BBFC1}
Deleted: [Key] - HKLM\SOFTWARE\Reimage
Deleted: [Key] - HKLM\SOFTWARE\Microleaves
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\plusnetwork.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.plusnetwork.com


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [2234 B] - [2017/10/22 16:48:47]


########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########

Uvidime, co ukazou logy a jestli to pujde zrychlit


Stahnete crystal disk info http://www.slunecnice.cz/sw/crystaldiskinfo/
Nainstalujte (pozor na pripadne doplnky, ty odmitnete zrusenim zatrzitka) a spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)


Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

Tu su logy:
----------------------------------------------------------------------------
CrystalDiskInfo 7.1.1 (C) 2008-2016 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 8.1 Pro [6.3 Build 9600] (x64)
Date : 2017/10/23 19:25:01

-- Controller Map ----------------------------------------------------------
+ Standard SATA AHCI Controller [ATA]
- TOSHIBA MQ01ABF050
- HL-DT-ST DVDRAM GUE1N
- Microsoft Storage Spaces Controller [SCSI]

-- Disk List ---------------------------------------------------------------
(1) TOSHIBA MQ01ABF050 : 500,1 GB [0/0/0, pd1]

----------------------------------------------------------------------------
(1) TOSHIBA MQ01ABF050
----------------------------------------------------------------------------
Model : TOSHIBA MQ01ABF050
Firmware : AM001J
Serial Number : 66PJCNVQT
Disk Size : 500,1 GB (8,4/137,4/500,1/500,1)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 976773168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/600 | SATA/600
Power On Hours : 2062 hours
Power On Count : 1141 count
Temperature : 31 C (87 F)
Health Status : Good
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 0001h [ON]
AAM Level : ----
Drive Letter : C: E:

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _50 000000000000 Read Error Rate
02 100 100 _50 000000000000 Throughput Performance
03 100 100 __1 000000000545 Spin-Up Time
04 100 100 __0 000000004CF0 Start/Stop Count
05 100 100 _50 000000000000 Reallocated Sectors Count
07 100 100 _50 000000000000 Seek Error Rate
08 100 100 _50 000000000000 Seek Time Performance
09 _95 _95 __0 00000000080E Power-On Hours
0A 253 100 _30 000000000000 Spin Retry Count
0C 100 100 __0 000000000475 Power Cycle Count
BF 100 100 __0 000000000032 G-Sense Error Rate
C0 100 100 __0 000000000018 Power-off Retract Count
C1 _92 _92 __0 00000001589F Load/Unload Cycle Count
C2 100 100 __0 002C0005001F Temperature
C4 100 100 __0 000000000000 Reallocation Event Count
C5 100 100 __0 000000000000 Current Pending Sector Count
C6 100 100 __0 000000000000 Uncorrectable Sector Count
C7 200 200 __0 000000000000 UltraDMA CRC Error Count
DC 100 100 __0 000000000000 Disk Shift
DE _96 _96 __0 00000000070E Loaded Hours
DF 100 100 __0 000000000000 Load/Unload Retry Count
E0 100 100 __0 000000000000 Load Friction
E2 100 100 __0 0000000000FA Load 'In'-time
F0 100 100 __1 000000000000 Head Flying Hours

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 2036 3650 4A43 4E56 5154
020: 0000 4000 0000 414D 3030 314A 2020 544F 5348 4942
030: 4120 4D51 3031 4142 4630 3530 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0007 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F EF0E 0006 004C 0040
080: 01F8 0000 746B 7D09 6163 7469 BC09 6163 203F 003B
090: 003B 0001 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 6030 3A38 0000 0000 0000 0000 6003 0000 5000 0397
110: 13C0 96BB 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 003D 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 103F 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0080 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 E9A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 0B 00 64 64 00 00 00 00 00 00 00 02 05
010: 00 64 64 00 00 00 00 00 00 00 03 27 00 64 64 45
020: 05 00 00 00 00 00 04 32 00 64 64 F0 4C 00 00 00
030: 00 00 05 33 00 64 64 00 00 00 00 00 00 00 07 0B
040: 00 64 64 00 00 00 00 00 00 00 08 05 00 64 64 00
050: 00 00 00 00 00 00 09 32 00 5F 5F 0E 08 00 00 00
060: 00 00 0A 33 00 FD 64 00 00 00 00 00 00 00 0C 32
070: 00 64 64 75 04 00 00 00 00 00 BF 32 00 64 64 32
080: 00 00 00 00 00 00 C0 32 00 64 64 18 00 00 00 00
090: 00 00 C1 32 00 5C 5C 9F 58 01 00 00 00 00 C2 22
0A0: 00 64 64 1F 00 05 00 2C 00 00 C4 32 00 64 64 00
0B0: 00 00 00 00 00 00 C5 32 00 64 64 00 00 00 00 00
0C0: 00 00 C6 30 00 64 64 00 00 00 00 00 00 00 C7 32
0D0: 00 C8 C8 00 00 00 00 00 00 00 DC 02 00 64 64 00
0E0: 00 00 00 00 00 00 DE 32 00 60 60 0E 07 00 00 00
0F0: 00 00 DF 32 00 64 64 00 00 00 00 00 00 00 E0 22
100: 00 64 64 00 00 00 00 00 00 00 E2 26 00 64 64 FA
110: 00 00 00 00 00 00 F0 01 00 64 64 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 5B
170: 03 00 01 00 02 7E 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 D4

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 32 00 00 00 00 00 00 00 00 00 00 02 32
010: 00 00 00 00 00 00 00 00 00 00 03 01 00 00 00 00
020: 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 00
030: 00 00 05 32 00 00 00 00 00 00 00 00 00 00 07 32
040: 00 00 00 00 00 00 00 00 00 00 08 32 00 00 00 00
050: 00 00 00 00 00 00 09 00 00 00 00 00 00 00 00 00
060: 00 00 0A 1E 00 00 00 00 00 00 00 00 00 00 0C 00
070: 00 00 00 00 00 00 00 00 00 00 BF 00 00 00 00 00
080: 00 00 00 00 00 00 C0 00 00 00 00 00 00 00 00 00
090: 00 00 C1 00 00 00 00 00 00 00 00 00 00 00 C2 00
0A0: 00 00 00 00 00 00 00 00 00 00 C4 00 00 00 00 00
0B0: 00 00 00 00 00 00 C5 00 00 00 00 00 00 00 00 00
0C0: 00 00 C6 00 00 00 00 00 00 00 00 00 00 00 C7 00
0D0: 00 00 00 00 00 00 00 00 00 00 DC 00 00 00 00 00
0E0: 00 00 00 00 00 00 DE 00 00 00 00 00 00 00 00 00
0F0: 00 00 DF 00 00 00 00 00 00 00 00 00 00 00 E0 00
100: 00 00 00 00 00 00 00 00 00 00 E2 00 00 00 00 00
110: 00 00 00 00 00 00 F0 01 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 36

Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 23.10.17
Čas skenování: 19:37
Logovací soubor: e6f95524-b818-11e7-906c-548ca08d010e.json
Správce: Ano

-Informace o softwaru-
Verze: 3.2.2.2029
Verze komponentů: 1.0.212
Aktualizovat verzi balíku komponent: 1.0.3077
Licence: Zkušební

-Systémová informace-
OS: Windows 8.1
CPU: x64
Systém souborů: NTFS
Uživatel: System

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Výsledek: Dokončeno
Skenované objekty: 402896
Zjištěné hrozby: 0
(Nebyly zjištěny žádné škodlivé položky)
Hrozby umístěné do karantény: 0
(Nebyly zjištěny žádné škodlivé položky)
Uplynulý čas: 4 min, 13 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)

Soubor: 0
(Nebyly zjištěny žádné škodlivé položky)

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)


(end)

Test s MBAM zopakujte (ale tentokrat opravdu se spravnym nastavenim - tohle byl jen Sken hrozeb, ten nekontroluje cely pocitac, ja chtel Vlastni sken), at vime, jestli se to nevraci. Napiste vysledek testu a podle nej zvolim dalsi postup.

pardon dufam ze toto je uz v poriadku
Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 24.10.17
Čas skenování: 7:47
Logovací soubor: e42f8578-b87e-11e7-b641-548ca08d010e.json
Správce: Ano

-Informace o softwaru-
Verze: 3.2.2.2029
Verze komponentů: 1.0.212
Aktualizovat verzi balíku komponent: 1.0.3079
Licence: Zkušební

-Systémová informace-
OS: Windows 8.1
CPU: x64
Systém souborů: NTFS
Uživatel: System

-Shrnutí skenování-
Typ skenování: Vlastní skenování
Výsledek: Dokončeno
Skenované objekty: 283801
Zjištěné hrozby: 2
Hrozby umístěné do karantény: 0
(Nebyly zjištěny žádné škodlivé položky)
Uplynulý čas: 2 hod, 23 min, 18 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Povoleno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)

Soubor: 2
PUP.Optional.Reimage, C:\USERS\VLADIMIRK\APPDATA\LOCAL\MICROSOFT\WINDOWS\INETCACHE\IE\DAENFQV6\PROTECTORPACKAGERR2020X64[1].EXE, Žádná uživatelská akce, [1067], [388085],1.0.3079
PUP.Optional.Reimage, C:\USERS\VLADIMIRK\APPDATA\LOCAL\MICROSOFT\WINDOWS\INETCACHE\IE\E85BGK4A\REIMAGEPACKAGE1867X64[1].EXE, Žádná uživatelská akce, [1067], [331559],1.0.3079

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)


(end)

Nalezy nechte odstranit, pak MBAM odinstalujte.

Dejte logy podle tohoto navodu https://forum.viry.cz/viewtopic.php?f=13&t=152707 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach
(Kdyby nesel Launcher stahnout, dejte logy jen ze samotneho FRST, tedy bez pouziti Launcheru)

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-10-2017 01
Ran by VladimirK (administrator) on KOCUREK-NTB (24-10-2017 20:16:45)
Running from C:\Users\vladimirk\Desktop
Loaded Profiles: VladimirK (Available Profiles: VladimirK & Administrator & admin)
Platform: Windows 8.1 Pro (Update) (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Antivirus\egui.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Windows\SysWOW64\Codecs\TrayMenu.exe
() C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Intel Corporation) C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
(Opera Software) C:\Users\vladimirk\AppData\Local\Programs\Opera\48.0.2685.50\opera.exe
(Opera Software) C:\Users\vladimirk\AppData\Local\Programs\Opera\48.0.2685.50\opera.exe
(Opera Software) C:\Users\vladimirk\AppData\Local\Programs\Opera\48.0.2685.50\opera.exe
(Opera Software) C:\Users\vladimirk\AppData\Local\Programs\Opera\48.0.2685.50\opera.exe
(Opera Software) C:\Users\vladimirk\AppData\Local\Programs\Opera\48.0.2685.50\opera.exe
(Opera Software) C:\Users\vladimirk\AppData\Local\Programs\Opera\48.0.2685.50\opera.exe
() C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Opera Software) C:\Users\vladimirk\AppData\Local\Programs\Opera\48.0.2685.50\opera.exe
(Opera Software) C:\Users\vladimirk\AppData\Local\Programs\Opera\48.0.2685.50\opera.exe
(Opera Software) C:\Users\vladimirk\AppData\Local\Programs\Opera\48.0.2685.50\opera.exe
(forum.viry.cz) C:\Users\vladimirk\Desktop\FRST-OlderVersion\FRSTLauncher.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13876952 2016-09-06] (Realtek Semiconductor)
HKLM-x32\...\Run: [isa] => C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [330240 2015-02-18] ()
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [134784 2015-01-31] (Atheros Communications)
HKU\S-1-5-21-1248644485-3150169159-186971291-4134\...\Run: [Codec Pack Update Checker] => "C:\Windows\system32\Codecs\UpdateChecker.exe"
HKU\S-1-5-21-1248644485-3150169159-186971291-4134\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-1248644485-3150169159-186971291-4134\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\yowindow.scr [859080 2017-03-23] (repkasoft)
HKU\S-1-5-18\...\Run: [] => [X]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackTrayMenu.lnk [2016-11-07]
ShortcutTarget: CodecPackTrayMenu.lnk -> C:\Windows\SysWOW64\Codecs\TrayMenu.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2016-10-25]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\vladimirk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\YoWindow.lnk [2016-11-27]
ShortcutTarget: YoWindow.lnk -> C:\Program Files (x86)\YoWindow\yowindow.exe (Repkasoft)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{79F4E688-6195-4F94-981F-6C7457EBDBDE}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{880C898F-A3F2-4A60-BD90-D82BFB445EF3}: [DhcpNameServer] 192.168.117.6 192.168.110.6

Internet Explorer:
==================
HKU\S-1-5-21-1248644485-3150169159-186971291-4134\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2014-01-22] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2014-01-23] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: tu22lukr.default-1506449962233
FF ProfilePath: C:\Users\vladimirk\AppData\Roaming\Mozilla\Firefox\Profiles\tu22lukr.default-1506449962233 [2017-10-04]
FF Extension: (AdBlock) - C:\Users\vladimirk\AppData\Roaming\Mozilla\Firefox\Profiles\tu22lukr.default-1506449962233\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2017-09-26]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll [2014-07-01] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll [2014-07-01] (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-01] (Adobe Systems Inc.)
FF Plugin-x32: yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 -> C:\Program Files (x86)\Yahoo!\Common\npyaxmpb.dll [No File]

Chrome:
=======
CHR Profile: C:\Users\vladimirk\AppData\Local\Google\Chrome\User Data\Default [2017-10-22]
CHR Extension: (No Name) - C:\Users\vladimirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-07-24]
CHR Extension: (No Name) - C:\Users\vladimirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-07-24]
CHR Extension: (No Name) - C:\Users\vladimirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-07-24]
CHR Extension: (No Name) - C:\Users\vladimirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-07-24]
CHR Extension: (No Name) - C:\Users\vladimirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-07-24]
CHR Extension: (Chrome Web Store Payments) - C:\Users\vladimirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-28]
CHR Extension: (No Name) - C:\Users\vladimirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-07-24]
CHR Extension: (Chrome Media Router) - C:\Users\vladimirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-08]

Opera:
=======
OPR Extension: (Super Auto Refresh) - C:\Users\vladimirk\AppData\Roaming\Opera Software\Opera Stable\Extensions\ghjaeanhfafkigkehjgapnlobfhefkme [2017-05-05]
OPR Extension: (Adblock Plus) - C:\Users\vladimirk\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2017-09-28]
StartMenuInternet: (HKLM) OperaStable - C:\Users\vladimirk\AppData\Local\Programs\Opera\Launcher.exe

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [323200 2015-01-31] (Windows (R) Win 7 DDK provider) [File not signed]
S3 EHttpSrv; C:\Program Files\ESET\ESET Endpoint Antivirus\ehttpsrv.exe [51872 2016-05-24] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe [1648224 2016-05-24] (ESET)
S3 eshasrv; C:\Program Files\ESET\ESET Endpoint Antivirus\eshasrv.exe [193696 2016-05-24] (ESET)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344168 2016-09-06] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [881152 2014-10-03] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [330240 2015-02-18] () [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-02-18] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe [172320 2014-12-10] (Intel Corporation)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-11-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-11-22] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [4267008 2015-01-11] (Qualcomm Atheros Communications, Inc.)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2015-01-31] (Qualcomm Atheros)
R3 BTHprint; C:\Windows\system32\DRIVERS\bthprint.sys [62976 2013-08-22] (Microsoft Corporation)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2013-09-10] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2013-09-10] (Windows (R) Win 7 DDK provider)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [264864 2016-05-23] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [196768 2016-05-23] (ESET)
R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [180384 2016-05-23] (ESET)
R3 iagpioe; C:\Windows\System32\drivers\iagpioe.sys [32256 2015-02-28] (Intel(R) Corporation)
R3 iai2ce; C:\Windows\System32\drivers\iai2ce.sys [95224 2015-11-17] (Intel(R) Corporation)
R3 igfxLP; C:\Windows\system32\DRIVERS\igdkmd64lp.sys [4516280 2016-09-06] (Intel Corporation)
R3 iusb3adp; C:\Windows\System32\drivers\iusb3adp.sys [23824 2015-03-27] (Intel)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [114976 2015-01-22] (Intel Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [35856 2014-11-22] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [257880 2014-11-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-11-22] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-10-24 20:16 - 2017-10-24 20:17 - 000012651 _____ C:\Users\vladimirk\Desktop\FRST.txt
2017-10-24 20:16 - 2017-10-24 20:16 - 000000000 ____D C:\Users\vladimirk\Desktop\FRST-OlderVersion
2017-10-24 10:18 - 2017-10-24 10:18 - 000000000 ____D C:\Users\vladimirk\AppData\Local\GroupPolicy
2017-10-24 08:59 - 2017-10-24 08:59 - 017006272 _____ C:\Users\vladimirk\Desktop\yosetup.exe
2017-10-23 20:42 - 2017-10-23 20:46 - 071535032 _____ (Malwarebytes ) C:\Users\vladimirk\Desktop\mb3-setup-1878.1878-3.2.2.2029.exe
2017-10-23 19:29 - 2017-10-23 19:31 - 071535032 _____ (Malwarebytes ) C:\Users\vladimirk\Desktop\mb3-setup-consumer-3.2.2.2029-1.0.212-1.0.2951.exe
2017-10-23 19:24 - 2017-10-23 19:24 - 000001212 _____ C:\Users\vladimirk\Desktop\CrystalDiskInfo.lnk
2017-10-23 19:24 - 2017-10-23 19:24 - 000000000 ____D C:\Program Files (x86)\CrystalDiskInfo
2017-10-23 19:23 - 2017-10-23 19:23 - 003928200 _____ (Crystal Dew World ) C:\Users\vladimirk\Desktop\CrystalDiskInfo7_1_1.exe
2017-10-22 19:30 - 2017-10-22 19:30 - 001205232 _____ (Adobe Systems Incorporated) C:\Users\vladimirk\Desktop\flashplayer27pp_fa_install.exe
2017-10-22 18:56 - 2017-10-22 18:56 - 000001012 _____ C:\Users\vladimirk\Desktop\SOI - odkaz.lnk
2017-10-22 18:43 - 2017-10-22 18:48 - 000000000 ____D C:\AdwCleaner
2017-10-22 18:43 - 2017-10-22 18:43 - 008250832 _____ (Malwarebytes) C:\Users\vladimirk\Desktop\adwcleaner_7.0.3.1.exe
2017-10-22 18:28 - 2017-10-22 18:39 - 000000000 ____D C:\Users\vladimirk\Documents\SOI
2017-10-22 14:11 - 2017-10-22 14:11 - 000009621 _____ C:\Users\vladimirk\Desktop\Addition.rar
2017-10-22 13:52 - 2017-10-24 20:16 - 000000000 ____D C:\FRST
2017-10-22 13:50 - 2017-10-24 20:16 - 002403328 _____ (Farbar) C:\Users\vladimirk\Desktop\FRST64.exe
2017-10-22 11:53 - 2017-10-22 11:53 - 000454436 ____R C:\Windows\system32\Drivers\etc\hosts.20171022-115313.backup
2017-10-22 11:53 - 2017-10-22 11:53 - 000454436 _____ C:\Windows\system32\Drivers\etc\hosts.20171022-115333.backup
2017-10-22 11:53 - 2017-10-20 07:35 - 000454375 _____ C:\Windows\system32\Drivers\etc\hosts.20171022-115306.backup
2017-10-22 11:51 - 2017-10-22 11:51 - 000000000 ____D C:\Program Files (x86)\TeaTimer (Spybot - Search & Destroy)
2017-10-22 11:51 - 2017-10-22 11:51 - 000000000 ____D C:\Program Files (x86)\File Scanner Library (Spybot - Search & Destroy)
2017-10-20 18:07 - 2017-10-20 19:32 - 000268392 _____ C:\Users\vladimirk\Documents\20.10.2017
2017-10-20 07:24 - 2017-10-24 20:13 - 000000000 ____D C:\Program Files\Malwarebytes
2017-09-26 20:14 - 2017-09-26 20:14 - 000000948 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-09-26 20:14 - 2017-09-26 20:14 - 000000936 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-09-26 20:14 - 2017-09-26 20:14 - 000000000 ____D C:\Program Files\Mozilla Firefox
2017-09-26 20:14 - 2017-09-26 20:14 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-09-25 20:46 - 2017-09-25 20:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Weather Watcher Live
2017-09-25 19:43 - 2017-09-25 20:48 - 000000000 ____D C:\Program Files (x86)\Weather Watcher Live

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-10-24 20:13 - 2017-08-09 08:11 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-10-24 19:48 - 2016-10-17 11:04 - 000003966 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{B0DFEE00-22C8-4A88-BE67-443DBF79182F}
2017-10-24 19:48 - 2014-11-22 05:14 - 000818732 _____ C:\Windows\system32\PerfStringBackup.INI
2017-10-24 19:48 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\Inf
2017-10-24 10:29 - 2016-10-10 14:12 - 000003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1248644485-3150169159-186971291-4134
2017-10-24 10:18 - 2016-10-28 15:57 - 000000000 ____D C:\Users\vladimirk\AppData\Local\CrashDumps
2017-10-24 10:18 - 2016-10-10 14:06 - 000000000 __SHD C:\Users\vladimirk\IntelGraphicsProfiles
2017-10-24 10:16 - 2016-09-06 11:40 - 000000104 _____ C:\Windows\system32\config\netlogon.ftl
2017-10-24 10:16 - 2013-08-22 16:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-10-23 20:39 - 2016-11-12 17:54 - 000000000 ____D C:\Users\vladimirk\AppData\Roaming\vlc
2017-10-23 20:34 - 2016-12-24 20:22 - 000000000 ____D C:\Users\vladimirk\AppData\Roaming\uTorrent
2017-10-23 18:42 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\AppReadiness
2017-10-23 18:15 - 2017-08-02 18:42 - 000003890 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1501692119
2017-10-22 19:31 - 2017-07-18 12:54 - 000004472 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-10-22 19:31 - 2016-10-25 21:00 - 000000000 ____D C:\Users\vladimirk\AppData\Local\Adobe
2017-10-22 19:31 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\system32\Macromed
2017-10-22 19:30 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2017-10-22 11:52 - 2017-04-18 16:33 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2017-10-19 19:16 - 2016-10-10 14:07 - 000000000 ____D C:\Users\vladimirk\AppData\Roaming\Atheros
2017-10-19 19:15 - 2016-10-10 14:06 - 000000000 ____D C:\Users\vladimirk
2017-10-19 19:15 - 2013-08-22 15:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2017-10-19 18:04 - 2016-10-10 14:07 - 000000000 ____D C:\Users\vladimirk\Documents\Bluetooth Folder
2017-10-16 18:49 - 2016-11-12 16:58 - 000000000 ____D C:\KMPlayer
2017-10-04 16:12 - 2017-04-30 12:04 - 000000000 ____D C:\Users\vladimirk\AppData\LocalLow\Mozilla
2017-10-01 20:06 - 2016-10-24 21:06 - 000000000 ____D C:\Program Files (x86)\Call of Duty
2017-09-28 19:37 - 2016-09-06 13:12 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-09-27 05:40 - 2017-07-24 20:27 - 000002227 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-09-27 05:40 - 2017-07-24 20:27 - 000002215 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-09-25 20:40 - 2016-10-26 20:22 - 000000000 ____D C:\Users\vladimirk\AppData\Roaming\WeatherWatcherLive

==================== Files in the root of some directories =======

2016-11-12 19:08 - 2016-11-12 19:08 - 000000057 _____ () C:\Users\vladimirk\AppData\Roaming\Camdata.ini
2016-11-12 19:08 - 2016-11-12 19:08 - 000000408 _____ () C:\Users\vladimirk\AppData\Roaming\CamLayout.ini
2016-11-12 19:08 - 2016-11-12 19:08 - 000000408 _____ () C:\Users\vladimirk\AppData\Roaming\CamShapes.ini
2016-11-12 19:08 - 2016-11-12 19:08 - 000004547 _____ () C:\Users\vladimirk\AppData\Roaming\CamStudio.cfg
2016-11-12 19:04 - 2016-11-12 19:04 - 000000096 _____ () C:\Users\vladimirk\AppData\Roaming\version2.xml
2016-11-01 15:43 - 2016-11-01 18:01 - 000000000 _____ () C:\Users\vladimirk\AppData\Roaming\Vocals
2016-10-17 10:39 - 2016-10-17 10:39 - 000000017 _____ () C:\Users\vladimirk\AppData\Local\resmon.resmoncfg
2016-11-28 13:22 - 2016-11-23 14:19 - 000000570 _____ () C:\Users\vladimirk\AppData\Local\TroubleshooterConfig.json
2016-09-06 14:58 - 2016-09-06 14:58 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
2016-11-01 15:44 - 2016-11-01 18:02 - 000000000 ____H () C:\ProgramData\PKP_DLes.DAT
2016-11-01 15:43 - 2016-11-01 18:01 - 000000000 ____H () C:\ProgramData\PKP_DLet.DAT
2016-11-01 15:43 - 2016-11-01 18:01 - 000000000 ____H () C:\ProgramData\PKP_DLev.DAT
2016-11-01 18:01 - 2016-11-01 18:01 - 000000000 _____ () C:\ProgramData\Themes
2016-11-01 18:01 - 2016-11-01 18:01 - 000000000 _____ () C:\ProgramData\Vocal Transformer

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: ESET Endpoint Antivirus 6.4.2014.2 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Endpoint Antivirus 6.4.2014.2 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\vladimirk\Desktop" je 170 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Otevrete si poznamkovy blok a zkopirujte do nej tento skript Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.

tu je log:
Fix result of Farbar Recovery Scan Tool (x64) Version: 25-10-2017
Ran by VladimirK (25-10-2017 17:09:03) Run:1
Running from C:\Users\vladimirk\Desktop
Loaded Profiles: VladimirK (Available Profiles: VladimirK & Administrator & admin)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKU\S-1-5-21-1248644485-3150169159-186971291-4134\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-18\...\Run: [] => [X]

HKU\S-1-5-21-1248644485-3150169159-186971291-4134\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp

FF Plugin-x32: yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 -> C:\Program Files (x86)\Yahoo!\Common\npyaxmpb.dll [No File]

2017-10-23 20:42 - 2017-10-23 20:46 - 071535032 _____ (Malwarebytes ) C:\Users\vladimirk\Desktop\mb3-setup-1878.1878-3.2.2.2029.exe
2017-10-23 19:29 - 2017-10-23 19:31 - 071535032 _____ (Malwarebytes ) C:\Users\vladimirk\Desktop\mb3-setup-consumer-3.2.2.2029-1.0.212-1.0.2951.exe

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKU\S-1-5-21-1248644485-3150169159-186971291-4134\Software\Microsoft\Windows\CurrentVersion\Run\\SpybotPostWindows10UpgradeReInstall => value removed successfully
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKU\S-1-5-21-1248644485-3150169159-186971291-4134\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache => value removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 => key removed successfully
C:\Users\vladimirk\Desktop\mb3-setup-1878.1878-3.2.2.2029.exe => moved successfully
C:\Users\vladimirk\Desktop\mb3-setup-consumer-3.2.2.2029-1.0.212-1.0.2951.exe => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 12582912 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 24590927 B
Java, Flash, Steam htmlcache => 506 B
Windows/system/drivers => 4427636 B
Edge => 0 B
Chrome => 491173073 B
Firefox => 144431495 B
Opera => 490737238 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 299747 B
systemprofile32 => 128 B
LocalService => 101046 B
NetworkService => 4138 B
vladimirk => 347893123 B
administrator => 6525599 B
admin1 => 822992 B

RecycleBin => 124400 B
EmptyTemp: => 1.4 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 17:10:16 ====

Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

vyosek píše: DelFix https://toolslib.net/downloads/finish/2/

• Stahnete a spustte
• Ponechte zatrzitkou pouze u volby Remove disinfection tools
• Kliknete na Run

Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)

Defragmentujte disk(y) (SSD Disky ne!)
Stahnete program Defraggler https://www.piriform.com/defraggler/download/standard
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.




Pak napiste, jak to s pc vypada.

vsetko som urobil a pc je poznatelne rychlejsi

To jsem rad

A je to uz v norme a muzem tema uzavrit? Nebo je to rychlejsi, ale do normalu to ma jeste daleko?

Podla mojho laickeho odhadu nie je to maximum , ale uz sa na tom da normalne robit, lebo predtym to bolo pre mna na mašľu
VELMI VAM DAKUJEM!