Laptop po "vyčištění" - prosím o kontrolu

Zpráva

wgs · #1 Příspěvek od **wgs** » 08 říj 2015 17:14

Ahoj,
prosím o kontrolu logu níže. Laptop poslední dobou pracoval extrémně pomalu a často se zasekával. Po odinstalaci nějakého balastu, výměně antiviru (Avast za AVG) atd. jsem žádný virus neodhalil, ale počítač výrazně "ožil". Přesto pořád vidím nějaké zbytky Avastu a asi tam budou další věci k doladění. Předem díky moc za váš čas!

Logfile of random's system information tool 1.10 (written by random/random)
Run by dalka at 2015-10-08 18:08:39
Microsoft Windows 8.1
System drive C: has 206 GB (46%) free of 452 GB
Total RAM: 3798 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:08:45, on 8. 10. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe
C:\Program Files (x86)\Samsung\Settings\sSettings.exe
C:\Program Files (x86)\AVG\AVG2015\avgui.exe
C:\WINDOWS\SysWOW64\ctfmon.exe
C:\Program Files\trend micro\dalka.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [Intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
O4 - HKUS\S-1-5-18\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'Default user')
O8 - Extra context menu item: Odeslat do Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\Office12\REFIEBAR.DLL
O9 - Extra button: Odeslat do Bluetooth - {2F56DCAA-153B-4479-B4E2-547405B34FB9} - C:\Program Files (x86)\Intel\Bluetooth\btSendToPage.htm (HKCU)
O9 - Extra 'Tools' menuitem: Odeslat do Bluetooth - {2F56DCAA-153B-4479-B4E2-547405B34FB9} - C:\Program Files (x86)\Intel\Bluetooth\btSendToPage.htm (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Unknown owner - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe (file missing)
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Easy Launcher - Samsung Electronics CO., LTD. - C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Rapid Start Technology Service (irstrtsv) - Intel Corporation - C:\windows\SysWOW64\irstrtsv.exe
O23 - Service: Intel(R) Update Manager (iumsvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 8646 bytes

======Listing Processes======

c:\PROGRA~2\AVG\AVG2015\avgrsa.exe /boot
C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe /pipeName=c2feea3f-0200-0000-d047-fa456f89e554 /binaryPath="C:\Program Files (x86)\AVG\AVG2015\"

wininit.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\WLANExt.exe 831023801664
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe"
dashost.exe {f225de58-d931-4f86-aa43d3cbfc6d7a7f}
"C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe"
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
C:\windows\SysWOW64\irstrtsv.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
"C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
taskeng.exe {33484590-6A9C-45F6-B46C-A6CB030CDD5B}

C:\WINDOWS\System32\WinLogon.exe -SpecialSession
-hiberboot
"C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe"
"C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe"
taskhostex.exe
C:\WINDOWS\Explorer.EXE
igfxEM.exe
igfxHK.exe
"C:\Program Files (x86)\Samsung\Settings\sSettings.exe" /s
C:\WINDOWS\system32\igfxext.exe -Embedding
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
C:\WINDOWS\servicing\TrustedInstaller.exe
ctfmon.exe
C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe -Embedding

"C:\Program Files\Samsung\S Agent\CommonAgent.exe"
"C:\Program Files\Samsung\Support Center\GuaranaAgent.exe"

"C:\Users\dalka\Desktop\RSITx64.exe"
"C:\Program Files\Samsung\Recovery\WCScheduler.exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\dalka\AppData\Roaming\Mozilla\Firefox\Profiles\wrq0b9fl.default

prefs.js - "browser.startup.homepage" - "about:home"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2012-08-06 2862448]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-08-07 13191312]
"BTMTrayAgent"=C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [2012-08-08 11554688]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2014-10-01 448912]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Intel AppUp(SM) center"=C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [2012-07-13 155488]
"AVG_UI"=C:\Program Files (x86)\AVG\AVG2015\avgui.exe [2015-08-24 3775912]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"PromptOnSecureDesktop"=0
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-10-07 21:43:26 ----D---- C:\Program Files\trend micro
2015-10-07 21:43:25 ----D---- C:\rsit
2015-10-04 22:52:37 ----D---- C:\ProgramData\AVG Security Toolbar
2015-10-04 22:34:56 ----D---- C:\Users\dalka\AppData\Roaming\AVG2015
2015-10-04 22:34:23 ----D---- C:\Program Files\Common Files\AV
2015-10-04 22:34:03 ----D---- C:\Users\dalka\AppData\Roaming\TuneUp Software
2015-10-04 22:30:40 ----HD---- C:\$AVG
2015-10-04 22:30:40 ----D---- C:\ProgramData\AVG2015
2015-10-04 22:30:08 ----D---- C:\Program Files (x86)\AVG
2015-10-04 22:21:36 ----HD---- C:\ProgramData\Common Files
2015-10-04 22:21:36 ----D---- C:\ProgramData\MFAData
2015-10-04 22:10:18 ----SD---- C:\WINDOWS\SYSWOW64\Microsoft
2015-09-30 20:53:58 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2015-09-09 17:24:04 ----A---- C:\WINDOWS\system32\WUSettingsProvider.dll
2015-09-09 17:24:04 ----A---- C:\WINDOWS\system32\wucltux.dll
2015-09-09 17:24:04 ----A---- C:\WINDOWS\system32\wuaueng.dll
2015-09-09 17:24:04 ----A---- C:\WINDOWS\system32\wuauclt.exe
2015-09-09 17:24:03 ----A---- C:\WINDOWS\SYSWOW64\wuwebv.dll
2015-09-09 17:24:03 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2015-09-09 17:24:03 ----A---- C:\WINDOWS\SYSWOW64\wuapp.exe
2015-09-09 17:24:03 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2015-09-09 17:24:03 ----A---- C:\WINDOWS\system32\wuwebv.dll
2015-09-09 17:24:03 ----A---- C:\WINDOWS\system32\wudriver.dll
2015-09-09 17:24:03 ----A---- C:\WINDOWS\system32\wuapp.exe
2015-09-09 17:24:03 ----A---- C:\WINDOWS\system32\wuapi.dll
2015-09-09 17:24:00 ----A---- C:\WINDOWS\SYSWOW64\InkEd.dll
2015-09-09 17:24:00 ----A---- C:\WINDOWS\system32\InkEd.dll
2015-09-09 17:23:56 ----A---- C:\WINDOWS\system32\mshtml.dll
2015-09-09 17:23:54 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2015-09-09 17:23:49 ----A---- C:\WINDOWS\system32\ieframe.dll
2015-09-09 17:23:47 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2015-09-09 17:23:46 ----A---- C:\WINDOWS\system32\jscript9.dll
2015-09-09 17:23:45 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2015-09-09 17:23:45 ----A---- C:\WINDOWS\system32\iertutil.dll
2015-09-09 17:23:44 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2015-09-09 17:23:44 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2015-09-09 17:23:44 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2015-09-09 17:23:44 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2015-09-09 17:23:44 ----A---- C:\WINDOWS\system32\wininet.dll
2015-09-09 17:23:44 ----A---- C:\WINDOWS\system32\urlmon.dll
2015-09-09 17:23:43 ----A---- C:\WINDOWS\system32\jscript.dll
2015-09-09 17:23:43 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2015-09-09 17:23:43 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2015-09-09 17:23:42 ----A---- C:\WINDOWS\system32\vbscript.dll
2015-09-09 17:23:41 ----A---- C:\WINDOWS\SYSWOW64\webcheck.dll
2015-09-09 17:23:41 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2015-09-09 17:23:41 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2015-09-09 17:23:41 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2015-09-09 17:23:41 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2015-09-09 17:23:41 ----A---- C:\WINDOWS\system32\webcheck.dll
2015-09-09 17:23:41 ----A---- C:\WINDOWS\system32\msfeeds.dll
2015-09-09 17:23:41 ----A---- C:\WINDOWS\system32\inetcomm.dll
2015-09-09 17:23:40 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2015-09-09 17:23:40 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2015-09-09 17:22:28 ----A---- C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-09-09 17:22:28 ----A---- C:\WINDOWS\system32\authui.dll
2015-09-09 17:22:27 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Immersive.dll
2015-09-09 17:22:27 ----A---- C:\WINDOWS\SYSWOW64\shacct.dll
2015-09-09 17:22:27 ----A---- C:\WINDOWS\SYSWOW64\SettingSync.dll
2015-09-09 17:22:27 ----A---- C:\WINDOWS\SYSWOW64\authui.dll
2015-09-09 17:22:27 ----A---- C:\WINDOWS\system32\shacct.dll
2015-09-09 17:22:27 ----A---- C:\WINDOWS\system32\SettingSync.dll
2015-09-09 17:22:25 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2015-09-09 17:22:25 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2015-09-09 17:22:25 ----A---- C:\WINDOWS\system32\win32k.sys
2015-09-09 17:22:25 ----A---- C:\WINDOWS\system32\atmlib.dll
2015-09-09 17:22:25 ----A---- C:\WINDOWS\system32\atmfd.dll
2015-09-09 17:22:20 ----A---- C:\WINDOWS\SYSWOW64\taskeng.exe
2015-09-09 17:22:20 ----A---- C:\WINDOWS\SYSWOW64\schtasks.exe
2015-09-09 17:22:20 ----A---- C:\WINDOWS\system32\taskeng.exe
2015-09-09 17:22:20 ----A---- C:\WINDOWS\system32\schtasks.exe
2015-09-09 17:22:20 ----A---- C:\WINDOWS\system32\schedsvc.dll
2015-09-09 17:22:19 ----A---- C:\WINDOWS\SYSWOW64\appidapi.dll
2015-09-09 17:22:19 ----A---- C:\WINDOWS\system32\appidsvc.dll
2015-09-09 17:22:19 ----A---- C:\WINDOWS\system32\appidapi.dll
2015-09-09 17:22:11 ----A---- C:\WINDOWS\system32\tzsync.exe

======List of files/folders modified in the last 1 month======

2015-10-08 18:07:25 ----D---- C:\WINDOWS\Temp
2015-10-08 18:06:35 ----D---- C:\WINDOWS\system32\sru
2015-10-08 07:23:13 ----D---- C:\ProgramData\WinClon
2015-10-07 21:43:34 ----D---- C:\WINDOWS\Prefetch
2015-10-07 21:43:26 ----RD---- C:\Program Files
2015-10-07 16:52:42 ----D---- C:\WINDOWS\system32\config
2015-10-07 16:46:20 ----SHD---- C:\WINDOWS\Installer
2015-10-07 16:46:07 ----D---- C:\WINDOWS\system32\Tasks
2015-10-07 16:43:55 ----A---- C:\IFRToolLog.txt
2015-10-07 16:42:25 ----D---- C:\WINDOWS\SYSWOW64\config
2015-10-06 19:19:26 ----D---- C:\WINDOWS\WinSxS
2015-10-06 18:59:34 ----D---- C:\WINDOWS\Microsoft.NET
2015-10-05 23:37:58 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2015-10-05 23:34:47 ----D---- C:\ProgramData\AVAST Software
2015-10-05 23:34:40 ----D---- C:\Windows
2015-10-05 23:34:37 ----D---- C:\WINDOWS\system32\drivers
2015-10-05 23:32:57 ----D---- C:\Users\dalka\AppData\Roaming\uTorrent
2015-10-05 16:56:20 ----D---- C:\WINDOWS\Inf
2015-10-04 22:56:23 ----RD---- C:\Program Files (x86)
2015-10-04 22:56:22 ----HD---- C:\ProgramData
2015-10-04 22:56:22 ----D---- C:\Program Files (x86)\Common Files
2015-10-04 22:53:30 ----D---- C:\WINDOWS\Tasks
2015-10-04 22:52:30 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-10-04 22:34:23 ----D---- C:\Program Files\Common Files
2015-10-04 22:33:58 ----HD---- C:\WINDOWS\ELAMBKUP
2015-10-04 22:30:05 ----D---- C:\WINDOWS\System32
2015-10-04 22:30:03 ----D---- C:\WINDOWS\SysWOW64
2015-10-04 22:11:11 ----D---- C:\WINDOWS\system32\DriverStore
2015-10-04 22:09:55 ----SHD---- C:\System Volume Information
2015-10-04 21:55:01 ----D---- C:\Program Files (x86)\Samsung
2015-10-04 21:54:58 ----D---- C:\ProgramData\Samsung
2015-10-02 07:52:40 ----D---- C:\WINDOWS\SoftwareDistribution
2015-10-02 07:45:29 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2015-10-02 07:45:25 ----D---- C:\WINDOWS\system32\en-US
2015-10-02 07:45:25 ----D---- C:\WINDOWS\system32\cs-CZ
2015-09-30 23:25:18 ----D---- C:\ProgramData\Package Cache
2015-09-30 23:25:09 ----D---- C:\Program Files (x86)\Garmin
2015-09-30 23:25:08 ----D---- C:\ProgramData\Garmin
2015-09-30 23:24:43 ----D---- C:\Program Files\CCleaner
2015-09-30 23:17:09 ----D---- C:\WINDOWS\CbsTemp
2015-09-30 23:08:33 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2015-09-30 21:45:27 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-09-28 19:33:21 ----D---- C:\Users\dalka\AppData\Roaming\Skype
2015-09-24 19:26:24 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-09-15 03:18:38 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2015-09-11 16:35:54 ----D---- C:\WINDOWS\debug
2015-09-10 10:36:30 ----D---- C:\WINDOWS\rescache
2015-09-10 10:05:23 ----RSD---- C:\WINDOWS\assembly
2015-09-09 23:07:20 ----D---- C:\Program Files\Windows Journal
2015-09-09 23:07:18 ----D---- C:\Program Files\Internet Explorer
2015-09-09 23:07:18 ----D---- C:\Program Files (x86)\Internet Explorer
2015-09-09 23:07:17 ----D---- C:\WINDOWS\PolicyDefinitions
2015-09-09 20:30:56 ----D---- C:\WINDOWS\system32\MRT
2015-09-09 17:46:52 ----D---- C:\ProgramData\Microsoft Help
2015-09-09 17:20:35 ----D---- C:\WINDOWS\system32\catroot2

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHA;AVGIDSHA; C:\WINDOWS\system32\DRIVERS\avgidsha.sys [2015-08-19 297904]
R0 Avgloga;AVG Logging Driver; C:\WINDOWS\system32\DRIVERS\avgloga.sys [2015-05-07 378336]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\WINDOWS\system32\DRIVERS\avgmfx64.sys [2015-08-04 250800]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\WINDOWS\system32\DRIVERS\avgrkx64.sys [2015-03-20 40928]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-07-31 645952]
R1 Avgdiska;AVG Disk Driver; C:\WINDOWS\system32\DRIVERS\avgdiska.sys [2015-03-11 162784]
R1 AVGIDSDriver;AVGIDSDriver; C:\WINDOWS\system32\DRIVERS\avgidsdrivera.sys [2015-08-19 313264]
R1 Avgldx64;AVG AVI Loader Driver; C:\WINDOWS\system32\DRIVERS\avgldx64.sys [2015-06-16 259040]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R3 AMPPAL;@oem11.inf,%AMPPAL.SVCDESC%;Virtuální adaptér Intel® Centrino® Wireless Bluetooth® + High Speed; C:\WINDOWS\System32\drivers\AMPPAL.sys [2012-07-16 162344]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2014-10-29 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2014-09-24 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Zařízení Bluetooth (síť PAN); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2014-09-24 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 btmhsf;btmhsf; C:\WINDOWS\system32\DRIVERS\btmhsf.sys [2012-07-14 825344]
R3 ETD;@oem7.inf,%SamsungDeviceDesc%;Samsung PS/2 Port Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2012-08-06 313712]
R3 iBtFltCoex;iBtFltCoex; C:\WINDOWS\system32\DRIVERS\iBtFltCoex.sys [2012-07-04 55848]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2014-10-01 3828152]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2012-08-07 4102928]
R3 IntcDAud;@oem19.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 irstrtdv;@oem8.inf,%Irstrt.DispName%;Intel(R) Rapid Start Technology Driver; C:\WINDOWS\System32\drivers\irstrtdv.sys [2012-07-20 43800]
R3 iwdbus;@oem22.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2014-08-01 27032]
R3 MEIx64;@oem15.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-07-03 62784]
R3 NETwNe64;@oem10.inf,%NIC_Service_DispName_WIN8_64%;Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 8 64 Bit; C:\WINDOWS\system32\DRIVERS\Netwew00.sys [2013-10-09 3345376]
R3 RadioHIDMini;@oem4.inf,%RadioHIDMini%;Radio HID Mini-driver; C:\WINDOWS\System32\drivers\RadioHIDMini.sys [2012-07-27 23408]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 RTL8168;@netrt630x64.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-06-18 591360]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2014-06-21 212736]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S0 Avgboota;AVG Early Launch Anti-Malware Driver; C:\WINDOWS\system32\DRIVERS\avgboota.sys [2015-03-27 21152]
S2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys []
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2014-10-29 1198080]
S3 intaud_WaveExtensible;@oem21.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2014-08-01 38296]
S3 rtport;rtport; \??\C:\windows\SysWOW64\drivers\rtport.sys [2012-08-30 15144]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-07-16 731688]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [2015-08-24 3637160]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [2015-08-24 335656]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2012-08-08 1091520]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2012-08-08 1112000]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-05-02 135952]
R2 Easy Launcher;Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [2012-08-26 1593976]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2013-08-28 626416]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2014-10-01 319376]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-07-18 128896]
R2 irstrtsv;Intel(R) Rapid Start Technology Service; C:\windows\SysWOW64\irstrtsv.exe [2012-07-19 193576]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-07-18 165760]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-18 276864]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2013-08-28 149744]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-18 364416]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe []
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2014-10-01 281488]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31 144200]
S3 iumsvc;Intel(R) Update Manager; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25 178312]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-08-31 149160]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2013-08-28 273136]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

-----------------EOF-----------------

Marek-26 · #2 Příspěvek od **Marek-26** » 09 říj 2015 13:39

Dobrý den,

na zbavení se zbytků Avastu použijte tuto utilitu:

https://www.avast.com/cs-cz/uninstall-utility

poté prosím vložte log z FRST ( http://forum.viry.cz/viewtopic.php?f=30&t=133101 )

wgs · #3 Příspěvek od **wgs** » 13 říj 2015 11:07

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:12-10-2015
Ran by dalka (administrator) on D (13-10-2015 11:58:24)
Running from C:\Users\dalka\Desktop
Loaded Profiles: dalka (Available Profiles: dalka)
Platform: Windows 8.1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
() C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
(Intel) C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
() C:\Program Files\Samsung\Support Center\GuaranaAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(forum.viry.cz) C:\Users\dalka\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2862448 2012-08-06] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13191312 2012-08-07] (Realtek Semiconductor)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-13] (Intel Corporation)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3778472 2015-10-05] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 77.48.48.48 77.48.49.50
Tcpip\..\Interfaces\{DE6BF458-82D4-437C-B691-E4788B1D8860}: [DhcpNameServer] 77.48.48.48 77.48.49.50
Tcpip\..\Interfaces\{E4AC0910-DBAB-4E8D-9F4C-4BF25067BAB5}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-1228448097-215964479-906076251-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
SearchScopes: HKU\S-1-5-21-1228448097-215964479-906076251-1001 -> DefaultScope {32FAEADA-2ECA-459A-B64A-5F27D6466687} URL =
SearchScopes: HKU\S-1-5-21-1228448097-215964479-906076251-1001 -> {32FAEADA-2ECA-459A-B64A-5F27D6466687} URL =
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File

FireFox:
========
FF ProfilePath: C:\Users\dalka\AppData\Roaming\Mozilla\Firefox\Profiles\wrq0b9fl.default
FF Homepage: about:home
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Extension: Element Hiding Helper for Adblock Plus - C:\Users\dalka\AppData\Roaming\Mozilla\Firefox\Profiles\wrq0b9fl.default\Extensions\elemhidehelper@adblockplus.org.xpi [2015-10-04]
FF Extension: Adblock Plus - C:\Users\dalka\AppData\Roaming\Mozilla\Firefox\Profiles\wrq0b9fl.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-03-15]

Chrome:
=======
CHR DefaultSearchURL: Default -> hxxp://www.rytmus.org/rytmus/sites/File/kurzy/ ... _Praha.pdf
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\pdf.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll => No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll => No File
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll => No File
CHR Profile: C:\Users\dalka\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\dalka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-08-19]
CHR Extension: (Disk Google) - C:\Users\dalka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-19]
CHR Extension: (YouTube) - C:\Users\dalka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-19]
CHR Extension: (Vyhledávání Google) - C:\Users\dalka\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-19]
CHR Extension: (Dokumenty Google offline) - C:\Users\dalka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-04]
CHR Extension: (AdBlock) - C:\Users\dalka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-11-11]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\dalka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-02]
CHR Extension: (Gmail) - C:\Users\dalka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-19]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3642280 2015-10-05] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [335656 2015-10-05] (AVG Technologies CZ, s.r.o.)
R2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1593976 2012-08-26] (Samsung Electronics CO., LTD.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 irstrtsv; C:\windows\SysWOW64\irstrtsv.exe [193576 2012-07-19] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [21152 2015-03-27] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162784 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [314800 2015-10-05] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [297904 2015-08-19] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [259040 2015-06-16] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [378336 2015-05-07] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [250800 2015-08-04] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [40928 2015-03-20] (AVG Technologies CZ, s.r.o.)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-09-24] (Microsoft Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 irstrtdv; C:\Windows\System32\drivers\irstrtdv.sys [43800 2012-07-20] (Intel Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\Netwew00.sys [3345376 2013-10-09] (Intel Corporation)
R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows (R) Win 7 DDK provider)
S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2012-08-30] (Windows (R) 2003 DDK 3790 provider)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-13 11:58 - 2015-10-13 11:59 - 00014717 _____ C:\Users\dalka\Desktop\FRST.txt
2015-10-13 11:57 - 2015-10-13 11:58 - 00000000 ____D C:\FRST
2015-10-13 11:56 - 2015-10-13 11:56 - 00112640 _____ (forum.viry.cz) C:\Users\dalka\Desktop\FRSTLauncher.exe
2015-10-13 11:51 - 2015-10-13 11:51 - 02196480 _____ (Farbar) C:\Users\dalka\Desktop\FRST64.exe
2015-10-08 18:23 - 2015-10-09 09:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-10-07 21:43 - 2015-10-08 18:08 - 00000000 ____D C:\Program Files\trend micro
2015-10-07 21:43 - 2015-10-07 21:43 - 00000000 ____D C:\rsit
2015-10-07 20:42 - 2015-10-07 20:43 - 22445318 _____ C:\Users\dalka\Desktop\bulanci.exe
2015-10-05 17:05 - 2015-10-05 17:05 - 00000000 ____D C:\Users\Default\AppData\Roaming\TuneUp Software
2015-10-05 17:05 - 2015-10-05 17:05 - 00000000 ____D C:\Users\Default User\AppData\Roaming\TuneUp Software
2015-10-05 17:04 - 2015-10-05 17:04 - 00000000 ____D C:\Users\dalka\AppData\Local\Avg
2015-10-05 11:14 - 2015-10-05 11:14 - 00314800 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgidsdrivera.sys
2015-10-04 22:52 - 2015-10-05 16:59 - 00000000 ____D C:\ProgramData\AVG Security Toolbar
2015-10-04 22:34 - 2015-10-08 18:14 - 00000993 _____ C:\Users\Public\Desktop\AVG 2015.lnk
2015-10-04 22:34 - 2015-10-08 18:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-10-04 22:34 - 2015-10-04 22:34 - 00000000 ____D C:\Users\dalka\AppData\Roaming\TuneUp Software
2015-10-04 22:34 - 2015-10-04 22:34 - 00000000 ____D C:\Users\dalka\AppData\Roaming\AVG2015
2015-10-04 22:34 - 2015-10-04 22:34 - 00000000 ____D C:\Program Files\Common Files\AV
2015-10-04 22:30 - 2015-10-04 22:34 - 00000000 ____D C:\ProgramData\AVG2015
2015-10-04 22:30 - 2015-10-04 22:30 - 00000000 ___HD C:\$AVG
2015-10-04 22:30 - 2015-10-04 22:30 - 00000000 ____D C:\Program Files (x86)\AVG
2015-10-04 22:21 - 2015-10-13 11:30 - 00000000 ____D C:\ProgramData\MFAData
2015-10-04 22:21 - 2015-10-04 22:51 - 00000000 ____D C:\Users\dalka\AppData\Local\Avg2015
2015-10-04 22:21 - 2015-10-04 22:21 - 00000000 ____D C:\Users\dalka\AppData\Local\MFAData
2015-10-04 21:51 - 2015-10-04 21:51 - 01222144 _____ C:\Users\dalka\Desktop\RSITx64.exe
2015-10-02 07:52 - 2015-10-13 11:45 - 00483879 _____ C:\WINDOWS\WindowsUpdate.log
2015-10-02 07:46 - 2015-10-12 23:45 - 00000810 _____ C:\WINDOWS\setupact.log
2015-10-02 07:46 - 2015-10-02 07:46 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-10-02 07:44 - 2015-10-12 23:44 - 00381476 _____ C:\WINDOWS\PFRO.log
2015-09-30 20:53 - 2015-09-30 21:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-13 11:56 - 2013-02-16 10:05 - 00000000 ___RD C:\Users\dalka\Desktop\download
2015-10-13 11:27 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-10-13 11:27 - 2012-08-24 09:46 - 00000000 ____D C:\ProgramData\WinClon
2015-10-13 11:25 - 2014-10-25 07:42 - 00000960 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-12 23:45 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-10-12 23:41 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-10-12 23:24 - 2014-10-25 07:42 - 00000964 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-11 23:43 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2015-10-09 10:39 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-10-09 09:54 - 2015-09-05 09:27 - 01745984 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-10-09 09:54 - 2014-09-24 17:39 - 00739924 _____ C:\WINDOWS\system32\perfh005.dat
2015-10-09 09:54 - 2014-09-24 17:39 - 00151610 _____ C:\WINDOWS\system32\perfc005.dat
2015-10-09 09:48 - 2013-02-18 15:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-10-08 21:20 - 2013-02-16 17:16 - 00000000 ____D C:\Users\dalka\AppData\Roaming\Skype
2015-10-08 18:49 - 2013-02-15 23:00 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1228448097-215964479-906076251-1001
2015-10-07 16:46 - 2014-06-10 15:55 - 00003722 _____ C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2015-10-07 16:46 - 2014-05-27 21:18 - 00003476 _____ C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon
2015-10-05 23:32 - 2013-04-25 22:59 - 00000000 ____D C:\Users\dalka\AppData\Roaming\uTorrent
2015-10-04 23:00 - 2014-11-14 16:23 - 00000000 ____D C:\Users\dalka
2015-10-04 22:33 - 2012-07-26 10:12 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2015-10-04 21:55 - 2012-08-24 09:04 - 00000000 ____D C:\Program Files (x86)\Samsung
2015-10-04 21:54 - 2012-08-24 09:51 - 00000000 ____D C:\ProgramData\Samsung
2015-10-04 21:54 - 2012-08-24 09:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2015-10-04 21:53 - 2015-03-15 19:12 - 00000000 ____D C:\Users\dalka\AppData\LocalLow\Unity
2015-10-04 21:53 - 2015-03-15 19:12 - 00000000 ____D C:\Users\dalka\AppData\Local\Unity
2015-10-02 07:45 - 2013-08-22 17:36 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-10-02 07:27 - 2013-02-15 22:52 - 00000000 ____D C:\Users\dalka\AppData\Local\VirtualStore
2015-09-30 23:25 - 2015-06-14 20:21 - 00000000 ____D C:\ProgramData\Garmin
2015-09-30 23:25 - 2013-11-23 15:24 - 00000000 ____D C:\ProgramData\Package Cache
2015-09-30 23:25 - 2013-02-18 15:40 - 00000000 ____D C:\Program Files (x86)\Garmin
2015-09-30 23:24 - 2013-02-17 22:18 - 00000836 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-09-30 23:24 - 2013-02-17 22:18 - 00000000 ____D C:\Program Files\CCleaner
2015-09-30 23:17 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-09-30 23:08 - 2012-08-24 09:03 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-09-17 20:19 - 2013-02-15 23:07 - 00003936 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-17 20:19 - 2013-02-15 23:07 - 00003700 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-15 20:28 - 2013-02-15 23:06 - 00000000 ____D C:\Users\dalka\AppData\Local\Google
2015-09-15 03:18 - 2015-05-14 08:15 - 00812008 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-09-15 03:18 - 2015-05-14 08:15 - 00178152 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2013-04-25 23:01 - 2013-05-24 20:15 - 0802136 _____ (BitTorrent Inc.) C:\Program Files\uTorrent.exe
2013-02-15 22:53 - 2013-02-15 22:53 - 0000000 _____ () C:\Users\dalka\AppData\Roaming\AbsoluteReminder.xml
2012-08-24 10:03 - 2012-08-08 06:07 - 2258432 _____ (Samsung Electronics) C:\ProgramData\MakeMarkerFile.exe
2012-08-24 10:03 - 2012-08-07 12:11 - 0003196 _____ () C:\ProgramData\MakeMarkerFile.xml

Files to move or delete:
====================
C:\ProgramData\MakeMarkerFile.exe
C:\Users\EasySurvey\EasySurvey.exe

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG AntiVirus Free Edition 2015 (Disabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2015 (Disabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\dalka\Desktop" je 53666 MB.

***** Startup Programs *****

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

Marek-26 · #4 Příspěvek od **Marek-26** » 14 říj 2015 10:05

Dobrý den,

tak postupně k logu:

TuneUp Software - s tímhle hodně pozor. Můžete si nabourat systém ani pořádně nebudete vědět jak. Pokud potřebujete jen promazat registry a dočasné soubory, používejte CCleaner, který máte též v PC. Nemaže toho sice tolik, ale máte jistotu, že co smaže opravdu nepotřebujete. Co se týče defragmetace, tak doporučuji MyDefrag.com (dříve JKDefrag), který vyhrál několik testů.
Je ještě něco jiného, k čemu TuneUP používáte?

Bulánci - To jen tak mimo téma, ale vykouzlilo mi to úsměv na tváři a příjemné vzpomínky.

Plocha - Velikost slozky "C:\Users\dalka\Desktop" je 53666 MB. To je hrozně moc a tohle Vám systém zaručeně zpomalí. Přesuňte všechny soubory někam do složek (ne umístěných na ploše). Na ploše ponechte jen zástupce programů (max. pár dokumentů, které využíváte nebo budete využívat prakticky denně.

µTorrent - Jen výňatek z našich pravidel "9. Fórum neposkytuje rady v oblasti P2P sítí. P2P sítě a jejich klienti jsou potenciálním bezpečnostním rizikem, prakticky neustále jsou zdrojem virů a další havěti. ..."

A nakonec dočistíme zbytky a neplatné záznamy:

Otevřete poznámkový blok a do něj zkopírujte následující:

Kód: Vybrat vše

Start
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => No File
SearchScopes: HKU\S-1-5-21-1228448097-215964479-906076251-1001 -> DefaultScope {32FAEADA-2ECA-459A-B64A-5F27D6466687} URL =
SearchScopes: HKU\S-1-5-21-1228448097-215964479-906076251-1001 -> {32FAEADA-2ECA-459A-B64A-5F27D6466687} URL =
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [X]
S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
EmptyTemp:
Reboot:

a uložte jako fixlist.txt dostejné složky, jako máte FRST64.exe

Poté spusťte FRST a klikněte na tlačítko FIX. Po restartu na Vás bude čekat soubor fixlog.txt a jeho obsah mi sem prosím nakopírujte.

wgs · #5 Příspěvek od **wgs** » 15 říj 2015 17:36

Dobrý den, díky za tipy.

TuneUp nepoužívám, vlastně ani nevím, že tam je - v seznamu nainstalovaných programů ho nevidím, že by nějaké zbytky?

Plochu jsem zredukoval a níže fixlog:

Fix result of Farbar Recovery Scan Tool (x64) Version:14-10-2015 01
Ran by dalka (2015-10-15 18:20:57) Run:1
Running from C:\Users\dalka\Desktop
Loaded Profiles: dalka (Available Profiles: dalka)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => No File
SearchScopes: HKU\S-1-5-21-1228448097-215964479-906076251-1001 -> DefaultScope {32FAEADA-2ECA-459A-B64A-5F27D6466687} URL =
SearchScopes: HKU\S-1-5-21-1228448097-215964479-906076251-1001 -> {32FAEADA-2ECA-459A-B64A-5F27D6466687} URL =
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [X]
S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
EmptyTemp:
Reboot:
*****************

"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => key removed successfully
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\GDriveSharedOverlay" => key removed successfully
HKCR\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => key not found.
HKU\S-1-5-21-1228448097-215964479-906076251-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-1228448097-215964479-906076251-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{32FAEADA-2ECA-459A-B64A-5F27D6466687}" => key removed successfully
HKCR\CLSID\{32FAEADA-2ECA-459A-B64A-5F27D6466687} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => value removed successfully
"HKCR\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => value removed successfully
HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => key not found.
AvastVBoxSvc => service removed successfully
VBoxAswDrv => service removed successfully
EmptyTemp: => 254 MB temporary data Removed.

The system needed a reboot.

==== End of Fixlog 18:21:24 ====

Marek-26 · #6 Příspěvek od **Marek-26** » 16 říj 2015 07:14

Aha, TuneUp přišel do PC s AVG. Jeho případnou odinstalaci nechám na Vás.

Pocítil jste nějakou, nejlépe pozitivní, změnu?

wgs · #7 Příspěvek od **wgs** » 16 říj 2015 09:07

Podívám se na to, rozhodně TuneUp nemíním používat, jsem zvyklý na zmíněný Ccleaner.

Počítač příjemně ožil a snad mu to zase nějaký ten rok vydrží.

Veliké díky Marku!

Marek-26 · #8 Příspěvek od **Marek-26** » 17 říj 2015 08:12

Není zač

můžete smazat použité nástroje. Buď ručně a nebo můžete kliknout na T-Cleaner v mém podpisu.

VIRY.CZ

Laptop po "vyčištění" - prosím o kontrolu

Laptop po "vyčištění" - prosím o kontrolu

Re: Laptop po "vyčištění" - prosím o kontrolu

Re: Laptop po "vyčištění" - prosím o kontrolu

Re: Laptop po "vyčištění" - prosím o kontrolu

Re: Laptop po "vyčištění" - prosím o kontrolu

Re: Laptop po "vyčištění" - prosím o kontrolu

Re: Laptop po "vyčištění" - prosím o kontrolu

Re: Laptop po "vyčištění" - prosím o kontrolu