Prosím o kontrolu - NB pomalý

[jansams]

Logfile of random's system information tool 1.10 (written by random/random)
Run by Víťa at 2016-01-25 09:25:29
Microsoft Windows 8.1
System drive C: has 225 GB (79%) free of 286 GB
Total RAM: 3982 MB (46% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:26:20, on 25. 1. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe
C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
C:\Program Files (x86)\AVG\Av\avgui.exe
C:\WINDOWS\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe
C:\Program Files\trend micro\Víťa.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O2 - BHO: AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\19.1.0.285\AVG SafeGuard toolbar_toolbar.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Advanced SystemCare Surfing Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL
O2 - BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll
O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O3 - Toolbar: AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\19.1.0.285\AVG SafeGuard toolbar_toolbar.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe /S
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"
O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKLM\..\Run: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe" /lps=fmw
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\Av\avgui.exe" /TRAYONLY
O4 - HKCU\..\Run: [Advanced SystemCare 8] "C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe" /Auto
O4 - Global Startup: AsusVibeLauncher.lnk = C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
O9 - Extra button: (no name) - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra 'Tools' menuitem: Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\19.1.0\ViProtocol.dll
O18 - Filter: application/x-mfe-ipt - (no CLSID) - (no file)
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Advanced SystemCare Service 8 (AdvancedSystemCareService8) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: AvgAMPS - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgamps.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgidsagent.exe
O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Update Manager (iumsvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: StartMenu8 Service (StartMenuService) - IObit - C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @oem29.inf,%ViaKaraokeSrv.SvcDesc%;VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\WINDOWS\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater19.1.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\19.1.0\ToolbarUpdater.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 11818 bytes

======Listing Processes======




c:\PROGRA~2\AVG\Av\avgrsa.exe /boot
C:\Program Files (x86)\AVG\Av\avgcsrva.exe /pipeName=44800c66-0200-0000-ded7-b745f00ace2a /binaryPath="C:\Program Files (x86)\AVG\Av\\"


wininit.exe
winlogon.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
"C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
C:\WINDOWS\System32\spoolsv.exe
taskhostex.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe" /Task
C:\WINDOWS\Explorer.EXE
"C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe"
"C:\Program Files\ASUS\P4G\BatteryLife.exe"
KBFiltr.exe
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"
"C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe"

"C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe"
"C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe"
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\AVG\Av\avgnsa.exe"
"C:\Program Files (x86)\AVG\Av\avgemca.exe"
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
C:\WINDOWS\System32\svchost.exe -k utcsvc
dashost.exe {802e7fcb-12e3-4cab-9f1552b8611d28d2}
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"
"C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe"
C:\WINDOWS\system32\viakaraokesrv.exe
"C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe"
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\19.1.0\ToolbarUpdater.exe"
"C:\WINDOWS\system32\GWX\GWX.exe"
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\19.1.0\loggingserver.exe" 72648 "C:\ProgramData\AVG Secure Search\Logger\logger.properties"
"C:\WINDOWS\system32\GWX\GWX.exe"
"C:\Program Files (x86)\IObit\Start Menu 8\InstallServices64.exe" /loaddll
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe"
"C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe" /showtip "AutoSweeper_1|273"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\WINDOWS\system32\igfxsrvc.exe" -Embedding
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\Bluetooth Suite\BtTray.exe"
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
C:\Windows\SysWOW64\ACEngSvr.exe -Embedding
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
"C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
/fmw.trayonly
"C:\Program Files (x86)\AVG\Av\avgui.exe" /TRAYONLY
ctfmon.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe"
taskhost.exe
C:\WINDOWS\system32\AUDIODG.EXE 0xb7c
"C:\Users\Víťa\Downloads\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k WerSvcGroup

======Scheduled tasks folder======

C:\WINDOWS\tasks\ASC8_SkipUac_Víťa.job - C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe /SkipUac
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1241823456-3240200628-3320752103-1001Core.job - C:\Users\Víťa\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1241823456-3240200628-3320752103-1001UA.job - C:\Users\Víťa\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\Uninstaller_SkipUac_Víťa.job - C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe /UninstallExplorer

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2015-01-13 2471744]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2013-10-20 774144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-08-10 64640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08 2134656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2013-10-20 460288]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2013-10-20 627712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG SafeGuard toolbar - C:\Program Files (x86)\AVG SafeGuard toolbar\19.1.0.285\AVG SafeGuard toolbar_toolbar.dll [2015-12-11 3558288]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08 1725056]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]
Advanced SystemCare Surfing Protection - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL [2014-10-17 669984]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2013-10-20 386048]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2013-10-20 774144]
{95B7759C-8C7F-4BF1-B163-73684A933233} - AVG SafeGuard toolbar - C:\Program Files\AVG SafeGuard toolbar\19.1.0.285\AVG SafeGuard toolbar_toolbar.dll [2015-12-11 6316432]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2013-10-20 627712]
{95B7759C-8C7F-4BF1-B163-73684A933233} - AVG SafeGuard toolbar - C:\Program Files (x86)\AVG SafeGuard toolbar\19.1.0.285\AVG SafeGuard toolbar_toolbar.dll [2015-12-11 3558288]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2013-10-01 391128]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2013-10-01 771032]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2013-10-01 769496]
"BtTray"=C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [2012-08-10 764032]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2012-08-10 127616]
"ACMON"=C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2012-06-07 90832]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"ASYNCMAC"=streamci,StreamingDeviceSetup {eeab7790-c514-11d1-b42b-00805fc1270e},asyncmac,{ad498944-762f-11d0-8dcb-00c04fc3358c},C:\WINDOWS\INF\netrasa.inf,Ndis-Mp-AsyncMac []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 8"=C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe [2014-12-10 2427680]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2015-09-24 40336]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2012-08-16 5264016]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2012-08-23 366720]
"RemoteControl10"=C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [2012-03-28 91432]
"ASUSWebStorage"=C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe [2012-08-28 3417984]
"vProt"=C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2015-12-11 2573712]
"SDTray"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [2014-04-25 4101584]
"AvgUi"=C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [2016-01-12 179624]
"AVG_UI"=C:\Program Files (x86)\AVG\Av\avgui.exe [2015-12-09 3855272]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
AsusVibeLauncher.lnk - C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2013-10-01 623104]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableCAD"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave4"=wdmaud.drv
"mixer4"=wdmaud.drv
"midi4"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-01-25 09:25:29 ----D---- C:\rsit
2016-01-25 09:25:29 ----D---- C:\Program Files\trend micro
2016-01-20 12:44:28 ----A---- C:\WINDOWS\SYSWOW64\drivers\HWiNFO64A.SYS
2016-01-17 18:08:44 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2016-01-13 13:58:53 ----A---- C:\WINDOWS\system32\generaltel.dll
2016-01-13 13:58:53 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2016-01-13 13:58:53 ----A---- C:\WINDOWS\system32\appraiser.dll
2016-01-13 13:58:53 ----A---- C:\WINDOWS\system32\acmigration.dll
2016-01-13 11:43:52 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-01-13 11:43:51 ----A---- C:\WINDOWS\system32\jscript9.dll
2016-01-13 11:43:49 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2016-01-13 11:43:48 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2016-01-13 11:43:46 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2016-01-13 11:43:45 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2016-01-13 11:43:45 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2016-01-13 11:43:45 ----A---- C:\WINDOWS\system32\wininet.dll
2016-01-13 11:43:45 ----A---- C:\WINDOWS\system32\vbscript.dll
2016-01-13 11:43:45 ----A---- C:\WINDOWS\system32\mshtmled.dll
2016-01-13 11:43:44 ----A---- C:\WINDOWS\system32\ieframe.dll
2016-01-13 11:43:43 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2016-01-13 11:43:43 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2016-01-13 11:43:43 ----A---- C:\WINDOWS\system32\urlmon.dll
2016-01-13 11:43:43 ----A---- C:\WINDOWS\system32\msfeeds.dll
2016-01-13 11:43:43 ----A---- C:\WINDOWS\system32\inetcomm.dll
2016-01-13 11:43:42 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2016-01-13 11:43:42 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2016-01-13 11:43:42 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2016-01-13 11:43:42 ----A---- C:\WINDOWS\system32\jscript.dll
2016-01-13 11:43:42 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2016-01-13 11:42:45 ----A---- C:\WINDOWS\system32\qedit.dll
2016-01-13 11:42:44 ----A---- C:\WINDOWS\SYSWOW64\qedit.dll
2016-01-13 11:42:43 ----A---- C:\WINDOWS\SYSWOW64\msmpeg2adec.dll
2016-01-13 11:42:43 ----A---- C:\WINDOWS\system32\WMVDECOD.DLL
2016-01-13 11:42:43 ----A---- C:\WINDOWS\system32\msmpeg2adec.dll
2016-01-13 11:42:42 ----A---- C:\WINDOWS\SYSWOW64\WMVDECOD.DLL
2016-01-13 11:42:42 ----A---- C:\WINDOWS\SYSWOW64\mfnetsrc.dll
2016-01-13 11:42:42 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2016-01-13 11:42:42 ----A---- C:\WINDOWS\system32\mfnetsrc.dll
2016-01-13 11:42:42 ----A---- C:\WINDOWS\system32\mfcore.dll
2016-01-13 11:42:41 ----A---- C:\WINDOWS\SYSWOW64\WMADMOD.DLL
2016-01-13 11:42:41 ----A---- C:\WINDOWS\SYSWOW64\mfnetcore.dll
2016-01-13 11:42:41 ----A---- C:\WINDOWS\system32\WMVENCOD.DLL
2016-01-13 11:42:41 ----A---- C:\WINDOWS\system32\WMADMOD.DLL
2016-01-13 11:42:41 ----A---- C:\WINDOWS\system32\mfnetcore.dll
2016-01-13 11:42:41 ----A---- C:\WINDOWS\system32\evr.dll
2016-01-13 11:42:40 ----A---- C:\WINDOWS\SYSWOW64\WMVENCOD.DLL
2016-01-13 11:42:40 ----A---- C:\WINDOWS\system32\WMSPDMOD.DLL
2016-01-13 11:42:40 ----A---- C:\WINDOWS\system32\quartz.dll
2016-01-13 11:42:39 ----AC---- C:\WINDOWS\system32\WMALFXGFXDSP.dll
2016-01-13 11:42:39 ----A---- C:\WINDOWS\SYSWOW64\WMVSDECD.DLL
2016-01-13 11:42:39 ----A---- C:\WINDOWS\SYSWOW64\WMSPDMOD.DLL
2016-01-13 11:42:39 ----A---- C:\WINDOWS\SYSWOW64\quartz.dll
2016-01-13 11:42:39 ----A---- C:\WINDOWS\SYSWOW64\evr.dll
2016-01-13 11:42:39 ----A---- C:\WINDOWS\system32\WMVSDECD.DLL
2016-01-13 11:42:39 ----A---- C:\WINDOWS\system32\mfsvr.dll
2016-01-13 11:42:38 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2016-01-13 11:42:38 ----A---- C:\WINDOWS\system32\WMSPDMOE.DLL
2016-01-13 11:42:38 ----A---- C:\WINDOWS\system32\VIDRESZR.DLL
2016-01-13 11:42:38 ----A---- C:\WINDOWS\system32\MP4SDECD.DLL
2016-01-13 11:42:37 ----A---- C:\WINDOWS\system32\RESAMPLEDMO.DLL
2016-01-13 11:42:37 ----A---- C:\WINDOWS\system32\MPG4DECD.DLL
2016-01-13 11:42:37 ----A---- C:\WINDOWS\system32\COLORCNV.DLL
2016-01-13 11:42:36 ----A---- C:\WINDOWS\SYSWOW64\VIDRESZR.DLL
2016-01-13 11:42:36 ----A---- C:\WINDOWS\SYSWOW64\RESAMPLEDMO.DLL
2016-01-13 11:42:36 ----A---- C:\WINDOWS\SYSWOW64\MPG4DECD.DLL
2016-01-13 11:42:36 ----A---- C:\WINDOWS\SYSWOW64\MP4SDECD.DLL
2016-01-13 11:42:36 ----A---- C:\WINDOWS\SYSWOW64\MP43DECD.DLL
2016-01-13 11:42:36 ----A---- C:\WINDOWS\SYSWOW64\MP3DMOD.DLL
2016-01-13 11:42:36 ----A---- C:\WINDOWS\SYSWOW64\mfvdsp.dll
2016-01-13 11:42:36 ----A---- C:\WINDOWS\SYSWOW64\mfps.dll
2016-01-13 11:42:36 ----A---- C:\WINDOWS\SYSWOW64\devenum.dll
2016-01-13 11:42:36 ----A---- C:\WINDOWS\SYSWOW64\COLORCNV.DLL
2016-01-13 11:42:36 ----A---- C:\WINDOWS\system32\MP43DECD.DLL
2016-01-13 11:42:36 ----A---- C:\WINDOWS\system32\MP3DMOD.DLL
2016-01-13 11:42:36 ----A---- C:\WINDOWS\system32\mfvdsp.dll
2016-01-13 11:42:36 ----A---- C:\WINDOWS\system32\mfps.dll
2016-01-13 11:42:36 ----A---- C:\WINDOWS\system32\devenum.dll
2016-01-13 11:42:35 ----AC---- C:\WINDOWS\system32\SysFxUI.dll
2016-01-13 11:42:35 ----A---- C:\WINDOWS\SYSWOW64\WMVXENCD.DLL
2016-01-13 11:42:35 ----A---- C:\WINDOWS\SYSWOW64\WMVSENCD.DLL
2016-01-13 11:42:35 ----A---- C:\WINDOWS\SYSWOW64\WMSPDMOE.DLL
2016-01-13 11:42:35 ----A---- C:\WINDOWS\SYSWOW64\WMADMOE.DLL
2016-01-13 11:42:35 ----A---- C:\WINDOWS\SYSWOW64\qdvd.dll
2016-01-13 11:42:35 ----A---- C:\WINDOWS\SYSWOW64\MFWMAAEC.DLL
2016-01-13 11:42:35 ----A---- C:\WINDOWS\system32\WMVXENCD.DLL
2016-01-13 11:42:35 ----A---- C:\WINDOWS\system32\WMVSENCD.DLL
2016-01-13 11:42:35 ----A---- C:\WINDOWS\system32\WMADMOE.DLL
2016-01-13 11:42:35 ----A---- C:\WINDOWS\system32\qdvd.dll
2016-01-13 11:42:35 ----A---- C:\WINDOWS\system32\MFWMAAEC.DLL
2016-01-13 11:42:33 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2016-01-13 11:42:33 ----A---- C:\WINDOWS\SYSWOW64\ncryptsslp.dll
2016-01-13 11:42:33 ----A---- C:\WINDOWS\SYSWOW64\ncrypt.dll
2016-01-13 11:42:33 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2016-01-13 11:42:33 ----A---- C:\WINDOWS\SYSWOW64\bcryptprimitives.dll
2016-01-13 11:42:33 ----A---- C:\WINDOWS\system32\schannel.dll
2016-01-13 11:42:33 ----A---- C:\WINDOWS\system32\ncryptsslp.dll
2016-01-13 11:42:33 ----A---- C:\WINDOWS\system32\ncrypt.dll
2016-01-13 11:42:33 ----A---- C:\WINDOWS\system32\lsasrv.dll
2016-01-13 11:42:33 ----A---- C:\WINDOWS\system32\drivers\mrxsmb20.sys
2016-01-13 11:42:33 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2016-01-13 11:42:33 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2016-01-13 11:42:33 ----A---- C:\WINDOWS\system32\certcli.dll
2016-01-13 11:42:33 ----A---- C:\WINDOWS\system32\bcryptprimitives.dll
2016-01-13 11:42:31 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2016-01-13 11:42:28 ----A---- C:\WINDOWS\SYSWOW64\gdi32.dll
2016-01-13 11:42:28 ----A---- C:\WINDOWS\system32\gdi32.dll
2016-01-13 11:42:28 ----A---- C:\WINDOWS\system32\devinv.dll
2016-01-13 11:42:28 ----A---- C:\WINDOWS\system32\aepic.dll
2016-01-13 11:42:28 ----A---- C:\WINDOWS\system32\aeinv.dll
2016-01-13 11:42:27 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2016-01-13 11:42:26 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2016-01-13 11:42:26 ----A---- C:\WINDOWS\system32\ntdll.dll
2016-01-13 11:42:04 ----A---- C:\WINDOWS\system32\advapi32.dll
2016-01-13 11:42:03 ----A---- C:\WINDOWS\SYSWOW64\advapi32.dll

======List of files/folders modified in the last 1 month======

2016-01-25 09:25:42 ----D---- C:\WINDOWS\Prefetch
2016-01-25 09:25:29 ----RD---- C:\Program Files
2016-01-25 09:24:51 ----D---- C:\WINDOWS\Temp
2016-01-25 09:02:01 ----D---- C:\WINDOWS\system32\sru
2016-01-25 09:00:47 ----D---- C:\ProgramData\MFAData
2016-01-25 08:58:44 ----D---- C:\WINDOWS\Inf
2016-01-25 08:57:44 ----D---- C:\WINDOWS\system32\catroot2
2016-01-24 22:13:26 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2016-01-24 22:09:51 ----D---- C:\Windows
2016-01-24 22:09:16 ----D---- C:\WINDOWS\system32\config
2016-01-24 17:50:49 ----D---- C:\WINDOWS\debug
2016-01-21 15:45:59 ----D---- C:\WINDOWS\system32\DriverStore
2016-01-21 15:40:19 ----D---- C:\WINDOWS\Microsoft.NET
2016-01-21 10:35:17 ----D---- C:\ProgramData\ProductData
2016-01-20 20:23:38 ----SHD---- C:\WINDOWS\Installer
2016-01-20 20:23:24 ----D---- C:\WINDOWS\system32\drivers
2016-01-20 16:08:58 ----D---- C:\WINDOWS\CbsTemp
2016-01-20 16:08:53 ----D---- C:\WINDOWS\WinSxS
2016-01-20 16:07:41 ----SD---- C:\WINDOWS\system32\CompatTel
2016-01-20 16:07:41 ----RD---- C:\WINDOWS\System32
2016-01-20 16:07:41 ----D---- C:\WINDOWS\system32\appraiser
2016-01-20 16:07:41 ----D---- C:\WINDOWS\apppatch
2016-01-20 12:44:31 ----D---- C:\WINDOWS\system32\Tasks
2016-01-20 12:44:30 ----D---- C:\ProgramData\IObit
2016-01-20 12:44:28 ----D---- C:\WINDOWS\SYSWOW64\drivers
2016-01-20 12:44:28 ----D---- C:\Users\Víťa\AppData\Roaming\IObit
2016-01-20 12:44:22 ----D---- C:\Program Files (x86)\IObit
2016-01-17 18:09:49 ----D---- C:\WINDOWS\SysWOW64
2016-01-17 18:09:49 ----D---- C:\Program Files\Internet Explorer
2016-01-17 18:08:16 ----SHD---- C:\System Volume Information
2016-01-14 09:38:46 ----D---- C:\Users\Víťa\AppData\Roaming\Seznam Browser
2016-01-13 20:58:28 ----HD---- C:\Program Files\WindowsApps
2016-01-13 20:58:28 ----D---- C:\WINDOWS\AppReadiness
2016-01-13 20:53:59 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-01-13 20:47:22 ----RD---- C:\Program Files (x86)\Skype
2016-01-13 14:20:56 ----D---- C:\WINDOWS\system32\MRT
2016-01-13 14:17:42 ----A---- C:\WINDOWS\system32\MRT.exe
2016-01-05 08:25:24 ----D---- C:\WINDOWS\SoftwareDistribution
2015-12-26 11:20:35 ----D---- C:\WINDOWS\system32\wdi

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHA;AVGIDSHA; C:\WINDOWS\system32\DRIVERS\avgidsha.sys [2015-08-20 298416]
R0 Avgloga;AVG Logging Driver; C:\WINDOWS\system32\DRIVERS\avgloga.sys [2015-08-14 398256]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\WINDOWS\system32\DRIVERS\avgmfx64.sys [2015-11-06 256432]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\WINDOWS\system32\DRIVERS\avgrkx64.sys [2015-08-10 42416]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-07-24 645952]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-09-07 17536]
R1 Avgdiska;AVG Disk Driver; C:\WINDOWS\system32\DRIVERS\avgdiska.sys [2015-11-06 184240]
R1 AVGIDSDriver;AVGIDSDriver; C:\WINDOWS\system32\DRIVERS\avgidsdrivera.sys [2015-11-06 313776]
R1 Avgldx64;AVG AVI Loader Driver; C:\WINDOWS\system32\DRIVERS\avgldx64.sys [2015-10-21 284080]
R1 Avgwfpa;AVG Firewall Driver; C:\WINDOWS\system32\DRIVERS\avgwfpa.sys [2015-10-08 306608]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [2016-01-20 26528]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R3 AiCharger;ASUS Charger Driver; C:\WINDOWS\system32\DRIVERS\AiCharger.sys [2012-07-24 17152]
R3 athr;@oem25.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\system32\DRIVERS\athw8x.sys [2013-08-22 3915264]
R3 ATP;@oem30.inf,%PS2.DeviceDesc%;ASUS PS/2 Port Input Device; C:\WINDOWS\System32\drivers\AsusTP.sys [2012-10-31 61824]
R3 BTATH_HCRP;@oem8.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\WINDOWS\System32\drivers\btath_hcrp.sys [2012-08-10 178840]
R3 BTATH_RCP;@oem11.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\WINDOWS\System32\drivers\btath_rcp.sys [2012-08-10 135832]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2014-01-28 593000]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2015-10-25 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\BthLEEnum.sys [2013-12-04 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2015-07-10 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2015-10-25 81920]
R3 HIDSwitch;@oem23.inf,%ASSW.DisplayName%;ASUS Wireless Radio Control; C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys [2013-10-09 20280]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2013-10-01 4177920]
R3 IntcDAud;@oem27.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 iwdbus;@oem34.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2013-08-22 26008]
R3 kbfiltr;@oem14.inf,%kbfiltr.SvcDesc%;Keyboard Filter; C:\WINDOWS\System32\drivers\kbfiltr.sys [2012-08-02 14992]
R3 L1C;@netl1c63x64.inf,%L1C.Service.DispName%;NDIS Miniport – ovladač pro řadič Qualcomm Atheros AR81xx PCI-E Ethernet; C:\WINDOWS\system32\DRIVERS\L1C63x64.sys [2013-06-18 129224]
R3 MEIx64;@oem28.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-07-02 62784]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2015-03-07 212736]
R3 VIAHdAudAddService;@oem29.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;VIA High Definition Audio Driver Service; C:\WINDOWS\system32\drivers\viahduaa.sys [2012-08-14 2206352]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S0 Avgboota;AVG Early Launch Anti-Malware Driver; C:\WINDOWS\system32\DRIVERS\avgboota.sys [2015-09-09 23152]
S3 AmUStor;@oem10.inf,%AmUStor.SvcDesc%;AM USB Stroage Driver; C:\WINDOWS\system32\drivers\AmUStor.SYS [2012-07-13 101504]
S3 AthBTPort;@oem6.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\WINDOWS\system32\DRIVERS\btath_flt.sys [2012-08-10 88728]
S3 BTATH_A2DP;@oem5.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\WINDOWS\system32\drivers\btath_a2dp.sys [2012-08-10 344216]
S3 btath_avdt;@oem5.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\WINDOWS\system32\drivers\btath_avdt.sys [2012-08-10 114840]
S3 BTATH_LWFLT;@oem16.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [2012-08-10 76952]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2015-10-25 1201664]
S3 HipShieldK;McAfee Inc. HipShieldK; C:\WINDOWS\system32\drivers\HipShieldK.sys [2013-09-23 197704]
S3 Huawei;@oem20.inf,%Huawei.DeviceDesc%;HUAWEI Mobile Connect - USB Smart Card Reader; C:\WINDOWS\system32\DRIVERS\ewdcsc.sys [2009-12-15 29696]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2009-12-15 117248]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\WINDOWS\system32\DRIVERS\ewusbdev.sys [2009-12-15 114304]
S3 intaud_WaveExtensible;@oem33.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2013-08-22 39320]
S3 mfencbdc;McAfee Inc. mfencbdc; C:\WINDOWS\system32\DRIVERS\mfencbdc.sys [2013-09-20 390552]
S3 mfencrk;McAfee Inc. mfencrk; C:\WINDOWS\system32\DRIVERS\mfencrk.sys [2013-09-20 95984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-10-28 82128]
R2 AdvancedSystemCareService8;Advanced SystemCare Service 8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [2014-11-04 815392]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2012-07-23 105120]
R2 ASUS InstantOn;ASUS InstantOn Service; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [2012-04-13 277120]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2012-08-10 211584]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2011-11-21 96896]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [2015-12-09 3857272]
R2 avgsvc;AVG Service; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [2016-01-12 1048488]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [2015-12-09 579776]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2016-01-08 1433216]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2016-01-08 1773696]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-03-07 38792]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-06-27 129856]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-06-25 166720]
R2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2015-08-10 2909472]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-17 277824]
R2 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2014-04-25 1738200]
R2 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2014-04-25 2081752]
R2 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2014-04-25 171928]
R2 StartMenuService;StartMenu8 Service; C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe [2013-12-09 72512]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-17 365376]
R2 VIAKaraokeService;@oem29.inf,%ViaKaraokeSrv.SvcDesc%;VIA Karaoke digital mixer Service; C:\WINDOWS\system32\viakaraokesrv.exe [2012-08-14 27792]
R2 vToolbarUpdater19.1.0;vToolbarUpdater19.1.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\19.1.0\ToolbarUpdater.exe [2015-12-11 1864592]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AvgAMPS;AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [2015-12-09 615584]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-03-07 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2013-10-01 279000]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01 144200]
S3 iumsvc;Intel(R) Update Manager; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25 178312]

-----------------EOF-----------------

[altrok]

Krasny den Vam preju



Odinstalujte Advanced System Care a dale i ostatni produkty od IObitu. Jsou to cinske smejdy, ktere svou karieru zapocaly kradezi databaze spolecnosti Malwarebytes a navic pri nekterych "opravach" timto produktem nekolikrat doslo k poskozeni operacniho systemu takovym zpusobem, ze vse zcela vyresil az kompletni reinstall. Obecne jsem proti vsem zrychlovacum a optimizerum krome nekolik let odzkouseneho CCleaneru, ktery je v defaultnim nastaveni neskodny.


Dale odinstalujte

• Skype Click to Call - adware z instalace Skypu http://forum.viry.cz/viewtopic.php?p=1374439#p1374439

V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).


Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )

• ukoncete vsechny programy
• kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
• kliknete na Scan, pote na Cleaning
• po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner[Cx].txt), jehoz obsah mi zkopirujte do pristi odpovedi

[jansams]

Ahoj, zdravím, díky ... zde je log.

# AdwCleaner v5.031 - Logfile created 25/01/2016 at 19:19:29
# Updated 25/01/2016 by Xplode
# Database : 2016-01-25.3 [Server]
# Operating system : Windows 8.1 (x64)
# Username : Víťa - ASUS-NTB
# Running from : C:\Users\Víťa\Downloads\adwcleaner_5.031.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

[-] Service Deleted : vToolbarUpdater19.1.0

***** [ Folders ] *****

[-] Folder Deleted : C:\Program Files\AVG SafeGuard toolbar
[-] Folder Deleted : C:\Program Files (x86)\AVG SafeGuard toolbar
[-] Folder Deleted : C:\Program Files (x86)\AVG Security Toolbar
[-] Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
[-] Folder Deleted : C:\ProgramData\AVG SafeGuard toolbar
[-] Folder Deleted : C:\ProgramData\AVG Secure Search
[-] Folder Deleted : C:\ProgramData\AVG Security Toolbar
[-] Folder Deleted : C:\Users\Víťa\AppData\Local\AVG SafeGuard toolbar
[-] Folder Deleted : C:\Users\Víťa\AppData\LocalLow\AVG SafeGuard toolbar

***** [ Files ] *****

[-] File Deleted : C:\Users\Víťa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ndibdjnfmopecpmkdieinmbadjfpblof_0.localstorage
[-] File Deleted : C:\Users\Víťa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_gardeningenthusiast.dl.myway.com_0.localstorage
[-] File Deleted : C:\Users\Víťa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_gardeningenthusiast.dl.tb.ask.com_0.localstorage
[-] File Deleted : C:\Users\Víťa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage
[-] File Deleted : C:\Users\Víťa\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage

***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\handler\viprotocol
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
[-] Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKCU\Software\AVG Security Toolbar
[-] Key Deleted : HKCU\Software\Softonic
[-] Key Deleted : HKCU\Software\Video Player
[-] Key Deleted : HKLM\SOFTWARE\AVG Security Toolbar
[-] Key Deleted : [x64] HKLM\SOFTWARE\AVG Secure Search
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\icq.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\wlogin.icq.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
[-] Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI
[-] Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj
[-] Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj.1

***** [ Web browsers ] *****

[-] [C:\Users\Víťa\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : ndibdjnfmopecpmkdieinmbadjfpblof

*************************

:: "Tracing" keys removed
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [7883 bytes] ##########

[altrok]

Dejte logy FRST.txt a Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101
Pozn. pri druhem a dalsim spusteni FRST je pro vytvoreni logu Addition.txt nutne tuto volbu explicitne zatrhnout pred zacatkem skenu.

[jansams]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:25-01-2016
Ran by Víťa (administrator) on ASUS-NTB (25-01-2016 21:48:25)
Running from C:\Users\Víťa\Desktop
Loaded Profiles: Víťa (Available Profiles: Víťa)
Platform: Windows 8.1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Víťa\Desktop\FRSTLauncher (1).exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BtTray] => C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [764032 2012-08-10] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-08-10] (Qualcomm Atheros Commnucations)
HKLM\...\Run: [ACMON] => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [90832 2012-06-07] (ASUS)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40336 2015-09-24] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5264016 2012-08-16] (VIA)
HKLM-x32\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [366720 2012-08-23] (Alcor Micro Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe [3417984 2012-08-28] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101584 2014-04-25] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [179624 2016-01-12] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [3855272 2015-12-09] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2013-10-20] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2013-10-20] (IvoSoft)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk [2012-09-26]
ShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe (ASUSTeK Computer Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.5.1
Tcpip\..\Interfaces\{4C96F872-D6CF-4A56-B98F-72BC6C5B6DAE}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{DE3B156C-63D5-481A-9169-1AD2C2E75D97}: [DhcpNameServer] 192.168.5.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-1241823456-3240200628-3320752103-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
HKU\S-1-5-21-1241823456-3240200628-3320752103-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
SearchScopes: HKU\S-1-5-21-1241823456-3240200628-3320752103-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1241823456-3240200628-3320752103-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2013-10-20] (IvoSoft)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-08-10] (Qualcomm Atheros Commnucations)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2013-10-20] (IvoSoft)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2013-10-20] (IvoSoft)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2013-10-20] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2013-10-20] (IvoSoft)
Toolbar: HKLM - No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} - No File
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2013-10-20] (IvoSoft)
Toolbar: HKLM-x32 - No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} - No File
Filter: application/x-mfe-ipt - No CLSID Value

FireFox:
========
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [No File]
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1207148.dll [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1241823456-3240200628-3320752103-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Víťa\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [No File]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR DefaultSearchURL: Default -> hxxp://search.seznam.cz/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> seznam.cz
CHR DefaultSuggestURL: Default -> hxxp://suggest.fulltext.seznam.cz/fulltext_ff?phrase={searchTerms}
CHR Profile: C:\Users\Víťa\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\Víťa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-09]
CHR Extension: (Disk Google) - C:\Users\Víťa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Víťa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Vyhledávání Google) - C:\Users\Víťa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-29]
CHR Extension: (Dokumenty Google offline) - C:\Users\Víťa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-19]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Víťa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-26]
CHR Extension: (Gmail) - C:\Users\Víťa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [211584 2012-08-10] (Qualcomm Atheros Commnucations) [File not signed]
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [615584 2015-12-09] (AVG Technologies CZ, s.r.o.)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [3857272 2015-12-09] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1048488 2016-01-12] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [579776 2015-12-09] (AVG Technologies CZ, s.r.o.)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-08-10] (IObit)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738200 2014-04-25] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2081752 2014-04-25] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27792 2012-08-14] (VIA Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-08-10] (Atheros) [File not signed]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [61824 2012-10-31] (ASUS Corporation)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [23152 2015-09-09] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [184240 2015-11-06] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [313776 2015-11-06] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [298416 2015-08-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [284080 2015-10-21] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [398256 2015-08-14] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [256432 2015-11-06] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [42416 2015-08-10] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [306608 2015-10-08] (AVG Technologies CZ, s.r.o.)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-08-10] (Qualcomm Atheros)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
S3 Huawei; C:\Windows\system32\DRIVERS\ewdcsc.sys [29696 2009-12-15] (Huawei Tech. Co., Ltd.)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [26528 2016-01-20] (REALiX(tm))
S3 hwusbdev; C:\Windows\system32\DRIVERS\ewusbdev.sys [114304 2009-12-15] (Huawei Technologies Co., Ltd.)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
S3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [390552 2013-09-20] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [95984 2013-09-20] (McAfee, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-25 21:48 - 2016-01-25 21:48 - 00017789 _____ C:\Users\Víťa\Desktop\FRST.txt
2016-01-25 21:48 - 2016-01-25 21:48 - 00000000 ____D C:\FRST
2016-01-25 21:45 - 2016-01-25 21:45 - 00112640 _____ (forum.viry.cz) C:\Users\Víťa\Desktop\FRSTLauncher (1).exe
2016-01-25 21:42 - 2016-01-25 21:42 - 00000000 _____ C:\Users\Víťa\Downloads\FRSTLauncher.exe.8fy6lof.partial
2016-01-25 21:41 - 2016-01-25 21:41 - 00112640 _____ (forum.viry.cz) C:\Users\Víťa\Downloads\Nepotvrzeno 499367.crdownload
2016-01-25 21:41 - 2016-01-25 21:41 - 00112640 _____ (forum.viry.cz) C:\Users\Víťa\Desktop\Nepotvrzeno 271165.crdownload
2016-01-25 21:40 - 2016-01-25 21:40 - 02370560 _____ (Farbar) C:\Users\Víťa\Desktop\FRST64.exe
2016-01-25 19:15 - 2016-01-25 19:19 - 00000000 ____D C:\AdwCleaner
2016-01-25 19:11 - 2016-01-25 19:11 - 01507840 _____ C:\Users\Víťa\Downloads\adwcleaner_5.031.exe
2016-01-25 09:25 - 2016-01-25 09:26 - 00000000 ____D C:\rsit
2016-01-25 09:25 - 2016-01-25 09:26 - 00000000 ____D C:\Program Files\trend micro
2016-01-25 09:22 - 2016-01-25 09:22 - 01222144 _____ C:\Users\Víťa\Downloads\RSITx64.exe
2016-01-24 22:07 - 2016-01-24 22:07 - 00000000 ____H C:\asc_rdflag
2016-01-21 11:12 - 2016-01-21 11:12 - 00086706 _____ C:\Users\Víťa\Downloads\message_28585.eml
2016-01-20 20:23 - 2016-01-20 20:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2016-01-20 20:15 - 2016-01-20 20:15 - 05079040 _____ C:\WINDOWS\system32\config\DRIVERS.iodefrag.bak
2016-01-20 12:46 - 2016-01-20 12:46 - 05079040 _____ C:\WINDOWS\system32\config\DRIVERS.iobit
2016-01-20 12:44 - 2016-01-24 22:12 - 00002872 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (Víťa)
2016-01-20 12:44 - 2016-01-20 12:44 - 00026528 _____ (REALiX(tm)) C:\WINDOWS\SysWOW64\Drivers\HWiNFO64A.SYS
2016-01-17 18:08 - 2016-01-05 21:04 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-01-17 18:08 - 2016-01-05 21:04 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-01-13 13:58 - 2015-12-10 01:40 - 00033456 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-01-13 13:58 - 2015-11-17 22:07 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-01-13 13:58 - 2015-11-17 22:07 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-01-13 13:58 - 2015-11-17 22:07 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-01-13 11:43 - 2015-12-11 05:38 - 25837568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-01-13 11:43 - 2015-12-11 05:00 - 00571904 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-01-13 11:43 - 2015-12-11 04:55 - 06051328 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-01-13 11:43 - 2015-12-11 04:50 - 20367360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-01-13 11:43 - 2015-12-11 04:45 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-01-13 11:43 - 2015-12-11 04:21 - 00496640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-01-13 11:43 - 2015-12-11 04:18 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-01-13 11:43 - 2015-12-11 04:09 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-01-13 11:43 - 2015-12-11 04:09 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-01-13 11:43 - 2015-12-11 04:03 - 14456832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-01-13 11:43 - 2015-12-11 03:59 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-01-13 11:43 - 2015-12-11 03:43 - 04610560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-01-13 11:43 - 2015-12-11 03:43 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-01-13 11:43 - 2015-12-11 03:38 - 02487808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-01-13 11:43 - 2015-12-11 03:37 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-01-13 11:43 - 2015-12-11 03:35 - 12856320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-01-13 11:43 - 2015-12-11 03:26 - 01546752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-01-13 11:43 - 2015-12-11 03:14 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-01-13 11:43 - 2015-12-11 03:12 - 02011136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-01-13 11:43 - 2015-12-11 03:08 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-01-13 11:43 - 2015-12-11 03:07 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-01-13 11:42 - 2015-12-30 20:32 - 07453016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-01-13 11:42 - 2015-12-30 20:32 - 01735000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-01-13 11:42 - 2015-12-30 20:32 - 01499912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-01-13 11:42 - 2015-12-11 01:13 - 01164800 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-01-13 11:42 - 2015-12-11 01:13 - 00505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-01-13 11:42 - 2015-12-11 01:13 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-01-13 11:42 - 2015-12-08 20:08 - 00685432 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2016-01-13 11:42 - 2015-12-08 20:07 - 00507176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2016-01-13 11:42 - 2015-12-07 11:56 - 01380600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-01-13 11:42 - 2015-12-05 06:58 - 02745184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2016-01-13 11:42 - 2015-12-05 06:58 - 02528784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2016-01-13 11:42 - 2015-12-05 06:58 - 02450240 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVENCOD.DLL
2016-01-13 11:42 - 2015-12-05 06:58 - 02447136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVENCOD.DLL
2016-01-13 11:42 - 2015-12-05 06:58 - 02334104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-01-13 11:42 - 2015-12-05 06:58 - 02324744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-01-13 11:42 - 2015-12-05 06:58 - 01877504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
2016-01-13 11:42 - 2015-12-05 06:58 - 01798480 ____C (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
2016-01-13 11:42 - 2015-12-05 06:58 - 01484888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
2016-01-13 11:42 - 2015-12-05 06:58 - 01288128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-01-13 11:42 - 2015-12-05 06:58 - 01210200 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2016-01-13 11:42 - 2015-12-05 06:58 - 01150232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOE.DLL
2016-01-13 11:42 - 2015-12-05 06:58 - 01115640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-01-13 11:42 - 2015-12-05 06:58 - 01037680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2016-01-13 11:42 - 2015-12-05 06:58 - 00914672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOE.DLL
2016-01-13 11:42 - 2015-12-05 06:58 - 00850680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-01-13 11:42 - 2015-12-05 06:58 - 00735496 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-01-13 11:42 - 2015-12-05 06:58 - 00700360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-01-13 11:42 - 2015-12-05 06:58 - 00629600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP4SDECD.DLL
2016-01-13 11:42 - 2015-12-05 06:58 - 00584656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-01-13 11:42 - 2015-12-05 06:58 - 00557856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSDECD.DLL
2016-01-13 11:42 - 2015-12-05 06:58 - 00498472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-01-13 11:42 - 2015-12-05 06:58 - 00492736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSDECD.DLL
2016-01-13 11:42 - 2015-12-05 06:58 - 00463776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP4SDECD.DLL
2016-01-13 11:42 - 2015-12-05 06:58 - 00399776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-01-13 11:42 - 2015-12-05 06:58 - 00299080 _____ (Microsoft Corporation) C:\WINDOWS\system32\VIDRESZR.DLL
2016-01-13 11:42 - 2015-12-05 06:58 - 00275312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MPG4DECD.DLL
2016-01-13 11:42 - 2015-12-05 06:58 - 00274280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP43DECD.DLL
2016-01-13 11:42 - 2015-12-05 06:58 - 00250520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPG4DECD.DLL
2016-01-13 11:42 - 2015-12-05 06:58 - 00248432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP43DECD.DLL
2016-01-13 11:42 - 2015-12-05 06:58 - 00246856 _____ (Microsoft Corporation) C:\WINDOWS\system32\RESAMPLEDMO.DLL
2016-01-13 11:42 - 2015-12-05 06:58 - 00244296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-01-13 11:42 - 2015-12-05 06:58 - 00229272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RESAMPLEDMO.DLL
2016-01-13 11:42 - 2015-12-05 06:58 - 00203016 _____ (Microsoft Corporation) C:\WINDOWS\system32\COLORCNV.DLL
2016-01-13 11:42 - 2015-12-05 06:58 - 00184912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\COLORCNV.DLL
2016-01-13 11:42 - 2015-12-05 06:58 - 00183856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VIDRESZR.DLL
2016-01-13 11:42 - 2015-12-05 06:58 - 00116720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL
2016-01-13 11:42 - 2015-12-05 06:58 - 00110544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-01-13 11:42 - 2015-12-05 06:58 - 00099136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL
2016-01-13 11:42 - 2015-12-05 06:58 - 00090904 _____ (Microsoft Corporation) C:\WINDOWS\system32\devenum.dll
2016-01-13 11:42 - 2015-12-05 06:58 - 00090392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfvdsp.dll
2016-01-13 11:42 - 2015-12-05 06:58 - 00081032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devenum.dll
2016-01-13 11:42 - 2015-12-05 06:58 - 00076936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfvdsp.dll
2016-01-13 11:42 - 2015-12-04 16:00 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-01-13 11:42 - 2015-12-03 20:42 - 00561952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-01-13 11:42 - 2015-12-03 20:42 - 00397224 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2016-01-13 11:42 - 2015-12-03 20:42 - 00137968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncrypt.dll
2016-01-13 11:42 - 2015-12-03 20:42 - 00106960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2016-01-13 11:42 - 2015-12-03 20:41 - 00177488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-01-13 11:42 - 2015-12-03 19:52 - 00340872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2016-01-13 11:42 - 2015-12-03 19:52 - 00120376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncrypt.dll
2016-01-13 11:42 - 2015-12-03 19:52 - 00091416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2016-01-13 11:42 - 2015-12-03 19:28 - 00401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-01-13 11:42 - 2015-12-03 19:28 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-01-13 11:42 - 2015-12-03 19:07 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2016-01-13 11:42 - 2015-12-03 19:07 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2016-01-13 11:42 - 2015-12-03 19:05 - 00644608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVXENCD.DLL
2016-01-13 11:42 - 2015-12-03 19:02 - 01664000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2016-01-13 11:42 - 2015-12-03 19:00 - 00451072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSENCD.DLL
2016-01-13 11:42 - 2015-12-03 18:58 - 00378880 ____C (Microsoft Corporation) C:\WINDOWS\system32\SysFxUI.dll
2016-01-13 11:42 - 2015-12-03 18:51 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2016-01-13 11:42 - 2015-12-03 18:36 - 01697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2016-01-13 11:42 - 2015-12-03 18:30 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFWMAAEC.DLL
2016-01-13 11:42 - 2015-12-03 18:28 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-01-13 11:42 - 2015-12-03 18:28 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2016-01-13 11:42 - 2015-12-03 18:27 - 00736256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVXENCD.DLL
2016-01-13 11:42 - 2015-12-03 18:24 - 01411584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2016-01-13 11:42 - 2015-12-03 18:23 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSENCD.DLL
2016-01-13 11:42 - 2015-12-03 18:16 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2016-01-13 11:42 - 2015-12-03 18:13 - 01441280 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-01-13 11:42 - 2015-12-03 18:07 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-01-13 11:42 - 2015-12-03 18:06 - 01501184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2016-01-13 11:42 - 2015-12-03 18:01 - 00743936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFWMAAEC.DLL
2016-01-13 11:42 - 2015-12-03 17:45 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-01-13 11:42 - 2015-12-03 17:40 - 01010688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL
2016-01-13 11:42 - 2015-12-03 17:29 - 00887296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL
2016-01-13 11:42 - 2015-12-02 16:04 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2016-01-13 11:42 - 2015-12-02 16:01 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2016-01-06 17:56 - 2016-01-06 17:56 - 00000882 _____ C:\Users\Public\Desktop\AVG.lnk

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-25 21:48 - 2013-08-22 14:36 - 00000000 ____D C:\Windows
2016-01-25 21:39 - 2013-09-06 10:50 - 00000000 ____D C:\ProgramData\MFAData
2016-01-25 21:39 - 2013-09-06 10:36 - 00000380 _____ C:\Users\Víťa\AppData\Roaming\sp_data.sys
2016-01-25 19:40 - 2013-10-20 12:35 - 00000942 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1241823456-3240200628-3320752103-1001UA.job
2016-01-25 19:28 - 2015-12-05 10:23 - 00000978 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-25 19:22 - 2015-12-05 10:23 - 00000974 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-25 19:22 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-01-25 19:20 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-01-25 19:06 - 2014-08-03 10:32 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-01-25 18:33 - 2013-09-06 10:41 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1241823456-3240200628-3320752103-1001
2016-01-25 18:21 - 2015-01-13 10:35 - 00000000 ____D C:\ProgramData\ProductData
2016-01-25 18:21 - 2014-05-04 19:37 - 00000000 ____D C:\Program Files (x86)\IObit
2016-01-25 18:15 - 2013-11-10 11:50 - 00003966 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{9141E56F-8FF6-471D-A1E9-0437C35FBAF7}
2016-01-25 08:58 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\Inf
2016-01-24 22:10 - 2014-05-04 19:37 - 00165659 _____ C:\MyXML.xml
2016-01-24 22:08 - 2015-04-11 07:07 - 82436096 _____ C:\WINDOWS\system32\config\SOFTWARE.iodefrag.bak
2016-01-24 22:08 - 2015-04-11 07:07 - 05140480 _____ C:\WINDOWS\system32\config\DEFAULT.iodefrag.bak
2016-01-24 22:08 - 2015-04-11 07:07 - 00065536 _____ C:\WINDOWS\system32\config\SECURITY.iodefrag.bak
2016-01-24 22:08 - 2015-04-11 07:07 - 00024576 _____ C:\WINDOWS\system32\config\SAM.iodefrag.bak
2016-01-24 17:41 - 2014-05-04 19:45 - 00000000 _____ C:\Users\Víťa\AppData\LocalLow\ChangeTaskbarRect
2016-01-24 11:04 - 2015-03-08 15:06 - 00000000 ____D C:\Users\Víťa\AppData\Local\Seznam.cz
2016-01-21 10:36 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2016-01-20 16:08 - 2012-07-26 08:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-01-20 16:07 - 2014-12-16 21:38 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-01-20 16:07 - 2014-07-12 18:07 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2016-01-20 12:44 - 2015-01-13 10:35 - 00000000 ____D C:\Users\Víťa\AppData\Roaming\IObit
2016-01-20 12:44 - 2014-05-04 19:38 - 00000000 ____D C:\ProgramData\IObit
2016-01-20 12:44 - 2014-05-04 19:37 - 00000000 ____D C:\Users\Víťa\AppData\LocalLow\IObit
2016-01-14 09:38 - 2015-03-08 15:05 - 00000000 ____D C:\Users\Víťa\AppData\Roaming\Seznam Browser
2016-01-14 09:29 - 2015-07-18 09:54 - 66715648 _____ C:\WINDOWS\system32\config\COMPONENTS.iodefrag.bak
2016-01-13 20:58 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-01-13 20:58 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-01-13 20:53 - 2013-11-08 12:29 - 01745984 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-01-13 20:53 - 2013-09-30 04:56 - 00739924 _____ C:\WINDOWS\system32\perfh005.dat
2016-01-13 20:53 - 2013-09-30 04:56 - 00151610 _____ C:\WINDOWS\system32\perfc005.dat
2016-01-13 14:20 - 2013-10-20 11:44 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-01-13 14:17 - 2013-10-20 11:44 - 143671360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-01-13 13:40 - 2013-10-20 12:35 - 00000920 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1241823456-3240200628-3320752103-1001Core.job
2016-01-06 17:56 - 2015-12-09 11:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2016-01-02 14:59 - 2013-09-15 14:18 - 00000000 ____D C:\Users\Víťa\Desktop\Naša super família ))

==================== Files in the root of some directories =======

2013-09-06 10:36 - 2016-01-25 21:39 - 0000380 _____ () C:\Users\Víťa\AppData\Roaming\sp_data.sys
2015-12-25 11:14 - 2015-12-25 11:14 - 0000017 _____ () C:\Users\Víťa\AppData\Local\resmon.resmoncfg
2012-08-04 18:37 - 2012-07-30 07:03 - 0000217 _____ () C:\ProgramData\SetStretch.cmd
2012-08-04 18:37 - 2009-07-22 11:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe

Some files in TEMP:
====================
C:\Users\Víťa\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1241823456-3240200628-3320752103-1001Core.job => C:\Users\Víťa\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1241823456-3240200628-3320752103-1001UA.job => C:\Users\Víťa\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Víťa.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG AntiVirus Free Edition (Disabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: AVG AntiVirus Free Edition (Disabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\V��a\Desktop" je 11915 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDTray.exe"="C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access"
"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDFSSvc.exe"="C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDUpdate.exe"="C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDUpdSvc.exe"="C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

[altrok]

Odinstalujte Spybot - Search & Destroy nebo alespon vypnete jeho real-time ochranu, protoze jeho antispywarovy stit muze byt v kolizi s AVG

AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: AVG AntiVirus Free Edition (Disabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}

Velikost plochy by nemela presahovat 200 MB. Zpomaluje se pak start i samotny chod celeho PC. Doporucuji hlavne velke soubory a slozky premistit napr. do Dokumentu a na plochu umistit pouze zastupce.


Po restartu dejte vedet, jak se PC chova.

• Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
• ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
• znovu spustte FRST a kliknete na Fix
• po restartu bude na plose ulozen fixlog, jehoz obsah vlozte do pristi odpovedi

  Kód: Vybrat vše

  Start
  CreateRestorePoint:
  CloseProcesses:
  HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40336 2015-09-24] (Adobe Systems Incorporated)
  HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
  SearchScopes: HKU\S-1-5-21-1241823456-3240200628-3320752103-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
  SearchScopes: HKU\S-1-5-21-1241823456-3240200628-3320752103-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
  Toolbar: HKLM - No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} - No File
  Toolbar: HKLM-x32 - No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} - No File
  FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [No File]
  FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1207148.dll [No File]
  FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [No File]
  2016-01-25 19:15 - 2016-01-25 19:19 - 00000000 ____D C:\AdwCleaner
  2016-01-25 19:11 - 2016-01-25 19:11 - 01507840 _____ C:\Users\Víťa\Downloads\adwcleaner_5.031.exe
  2016-01-25 09:25 - 2016-01-25 09:26 - 00000000 ____D C:\rsit
  2016-01-25 09:25 - 2016-01-25 09:26 - 00000000 ____D C:\Program Files\trend micro
  2016-01-25 09:22 - 2016-01-25 09:22 - 01222144 _____ C:\Users\Víťa\Downloads\RSITx64.exe
  2016-01-25 21:39 - 2013-09-06 10:36 - 00000380 _____ C:\Users\Víťa\AppData\Roaming\sp_data.sys
  Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1241823456-3240200628-3320752103-1001Core.job => C:\Users\Víťa\AppData\Local\Facebook\Update\FacebookUpdate.exe
  Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1241823456-3240200628-3320752103-1001UA.job => C:\Users\Víťa\AppData\Local\Facebook\Update\FacebookUpdate.exe
  Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Víťa.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
  EmptyTemp:
  End

[jansams]

proběhlo to na dvakrát. poprvé zátuh ...

Fix result of Farbar Recovery Scan Tool (x64) Version:25-01-2016
Ran by Víťa (2016-01-25 23:20:53) Run:2
Running from C:\Users\Víťa\Desktop
Loaded Profiles: Víťa (Available Profiles: Víťa)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40336 2015-09-24] (Adobe Systems Incorporated)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-21-1241823456-3240200628-3320752103-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1241823456-3240200628-3320752103-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Toolbar: HKLM - No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} - No File
Toolbar: HKLM-x32 - No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} - No File
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [No File]
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1207148.dll [No File]
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [No File]
2016-01-25 19:15 - 2016-01-25 19:19 - 00000000 ____D C:\AdwCleaner
2016-01-25 19:11 - 2016-01-25 19:11 - 01507840 _____ C:\Users\Víťa\Downloads\adwcleaner_5.031.exe
2016-01-25 09:25 - 2016-01-25 09:26 - 00000000 ____D C:\rsit
2016-01-25 09:25 - 2016-01-25 09:26 - 00000000 ____D C:\Program Files\trend micro
2016-01-25 09:22 - 2016-01-25 09:22 - 01222144 _____ C:\Users\Víťa\Downloads\RSITx64.exe
2016-01-25 21:39 - 2013-09-06 10:36 - 00000380 _____ C:\Users\Víťa\AppData\Roaming\sp_data.sys
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1241823456-3240200628-3320752103-1001Core.job => C:\Users\Víťa\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1241823456-3240200628-3320752103-1001UA.job => C:\Users\Víťa\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Víťa.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
EmptyTemp:
End
*****************

Restore point was successfully created.
Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher => value removed successfully
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
HKU\S-1-5-21-1241823456-3240200628-3320752103-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-1241823456-3240200628-3320752103-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{95B7759C-8C7F-4BF1-B163-73684A933233} => value removed successfully
HKCR\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{95B7759C-8C7F-4BF1-B163-73684A933233} => value removed successfully
HKCR\Wow6432Node\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => key not found.
"HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@mcafee.com/MSC,version=10" => key removed successfully
C:\AdwCleaner => moved successfully
C:\Users\Víťa\Downloads\adwcleaner_5.031.exe => moved successfully
C:\rsit => moved successfully
C:\Program Files\trend micro => moved successfully
C:\Users\Víťa\Downloads\RSITx64.exe => moved successfully
C:\Users\Víťa\AppData\Roaming\sp_data.sys => moved successfully
C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1241823456-3240200628-3320752103-1001Core.job => moved successfully
C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1241823456-3240200628-3320752103-1001UA.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\WINDOWS\Tasks\Uninstaller_SkipUac_Víťa.job => moved successfully

--------------------
a podruhé
--------------------

Fix result of Farbar Recovery Scan Tool (x64) Version:25-01-2016
Ran by Víťa (2016-01-26 22:54:15) Run:3
Running from C:\Users\Víťa\Desktop
Loaded Profiles: Víťa (Available Profiles: Víťa)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40336 2015-09-24] (Adobe Systems Incorporated)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-21-1241823456-3240200628-3320752103-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1241823456-3240200628-3320752103-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Toolbar: HKLM - No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} - No File
Toolbar: HKLM-x32 - No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} - No File
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [No File]
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1207148.dll [No File]
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [No File]
2016-01-25 19:15 - 2016-01-25 19:19 - 00000000 ____D C:\AdwCleaner
2016-01-25 19:11 - 2016-01-25 19:11 - 01507840 _____ C:\Users\Víťa\Downloads\adwcleaner_5.031.exe
2016-01-25 09:25 - 2016-01-25 09:26 - 00000000 ____D C:\rsit
2016-01-25 09:25 - 2016-01-25 09:26 - 00000000 ____D C:\Program Files\trend micro
2016-01-25 09:22 - 2016-01-25 09:22 - 01222144 _____ C:\Users\Víťa\Downloads\RSITx64.exe
2016-01-25 21:39 - 2013-09-06 10:36 - 00000380 _____ C:\Users\Víťa\AppData\Roaming\sp_data.sys
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1241823456-3240200628-3320752103-1001Core.job => C:\Users\Víťa\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1241823456-3240200628-3320752103-1001UA.job => C:\Users\Víťa\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Víťa.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
EmptyTemp:
End
*****************

Restore point was successfully created.
Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe Reader Speed Launcher => value not found.
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => key not found.
HKU\S-1-5-21-1241823456-3240200628-3320752103-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value not found.
HKU\S-1-5-21-1241823456-3240200628-3320752103-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{95B7759C-8C7F-4BF1-B163-73684A933233} => value not found.
HKCR\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{95B7759C-8C7F-4BF1-B163-73684A933233} => value not found.
HKCR\Wow6432Node\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => key not found.
HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10 => key not found.
HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer => key not found.
HKLM\Software\Wow6432Node\MozillaPlugins\@mcafee.com/MSC,version=10 => key not found.
"C:\AdwCleaner" => not found.
"C:\Users\Víťa\Downloads\adwcleaner_5.031.exe" => not found.
"C:\rsit" => not found.
"C:\Program Files\trend micro" => not found.
"C:\Users\Víťa\Downloads\RSITx64.exe" => not found.
C:\Users\Víťa\AppData\Roaming\sp_data.sys => moved successfully
C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1241823456-3240200628-3320752103-1001Core.job => not found.
C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1241823456-3240200628-3320752103-1001UA.job => not found.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => not found.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => not found.
C:\WINDOWS\Tasks\Uninstaller_SkipUac_Víťa.job => not found.
EmptyTemp: => 4 MB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 22:56:00 ====

[jansams]

Změna k lepšímu je, ale pořád je start NB hodně pomalý. Další činnost už je asi v poho.

[altrok]

• Stahnete Crystal Disk Info (CDI) http://sourceforge.jp/frs/redir.php?m=j ... o6_2_2.zip
• archiv extrahujte a spustte vyextrahovany soubor DiskInfo.exe
• ve spustenem programu kliknete nahore na Upravy -> Kopirovat (log mate nyni zkopirovany ve schrance)
• log vlozte do dalsi odpovedi (Ctrl + V)

Nainstalujte MBAM a udelejte vlastni sken vsech disku - http://forum.viry.cz/viewtopic.php?f=29&t=144868

• Upozorneni: tento sken zabere od 30 minut po nekolik hodin

[jansams]

----------------------------------------------------------------------------
CrystalDiskInfo 6.2.2 (C) 2008-2014 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 8.1 [6.3 Build 9600] (x64)
Date : 2016/01/27 16:24:16

-- Controller Map ----------------------------------------------------------
+ Intel(R) 7 Series Chipset Family SATA AHCI Controller [ATA]
- WDC WD7500BPVT-80HXZT3
- MATSHITADVD-RAM
- Řadič prostorů úložišť [SCSI]

-- Disk List ---------------------------------------------------------------
(1) WDC WD7500BPVT-80HXZT3 : 750,1 GB [0/0/0, pd1] - wd

----------------------------------------------------------------------------
(1) WDC WD7500BPVT-80HXZT3
----------------------------------------------------------------------------
Model : WDC WD7500BPVT-80HXZT3
Firmware : 01.01A01
Serial Number : WD-WXC1E32YNT65
Disk Size : 750,1 GB (8,4/137,4/750,1/750,1)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 1465149168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : ---- | SATA/300
Power On Hours : 1476 hod.
Power On Count : 1777 krát
Temperature : 26 C (78 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 0060h [ON]
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 178 175 _21 00000000080A Čas na roztočení ploten
04 _97 _97 __0 000000000E9E Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 200 200 __0 000000000000 Počet chybných hledání
09 _98 _98 __0 0000000005C4 Hodin v činnosti
0A 100 100 __0 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _99 _99 __0 0000000006F1 Počet cyklů zapnutí zařízení
BF __1 __1 __0 0000000001B7 Počet udalostí zaznamenaných otřesovým senzorem
C0 200 200 __0 000000000007 Počet vypnutí disku
C1 158 158 __0 00000001F51C Počet cyklů načítání/vymazání
C2 121 105 __0 00000000001A Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 100 253 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 253 __0 000000000000 Počet chyb při zápisu sektorů

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 5758 4331 4533 3259 4E54 3635
020: 0000 4000 0032 3031 2E30 3141 3031 5744 4320 5744
030: 3735 3030 4250 5654 2D38 3048 585A 5433 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 1F06 0000 004C 0048
080: 01FE 0000 746B 7D09 6123 7469 BC09 6123 207F 0057
090: 0057 0060 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 66F0 5754 0000 0000 0000 0000 6003 0000 5001 4EE6
110: 57F0 D308 0000 0000 0000 0000 0000 0000 0000 4018
120: 4018 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 16FE 012D 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 7035 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 101E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 D0A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 C8 C8 00 00 00 00 00 00 00 03 27
010: 00 B2 AF 0A 08 00 00 00 00 00 04 32 00 61 61 9E
020: 0E 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 2E 00 C8 C8 00 00 00 00 00 00 00 09 32
040: 00 62 62 C4 05 00 00 00 00 00 0A 32 00 64 64 00
050: 00 00 00 00 00 00 0B 32 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 63 63 F1 06 00 00 00 00 00 BF 32
070: 00 01 01 B7 01 00 00 00 00 00 C0 32 00 C8 C8 07
080: 00 00 00 00 00 00 C1 32 00 9E 9E 1C F5 01 00 00
090: 00 00 C2 22 00 79 69 1A 00 00 00 00 00 00 C4 32
0A0: 00 C8 C8 00 00 00 00 00 00 00 C5 32 00 C8 C8 00
0B0: 00 00 00 00 00 00 C6 30 00 64 FD 00 00 00 00 00
0C0: 00 00 C7 32 00 C8 C8 00 00 00 00 00 00 00 C8 08
0D0: 00 64 FD 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 CC 42 01 7B
170: 03 00 01 00 02 A8 05 00 00 00 00 00 00 00 00 00
180: 00 00 01 04 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 E1

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 C8 C8 00 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 00 C8 C8 C8 C8 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 00 00 00 00 00
050: 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 BF 00
070: 00 00 00 00 00 00 00 00 00 00 C0 00 00 00 00 00
080: 00 00 00 00 00 00 C1 00 00 00 00 00 00 00 00 00
090: 00 00 C2 00 00 00 00 00 00 00 00 00 00 00 C4 00
0A0: 00 00 00 00 00 00 00 00 00 00 C5 00 00 00 00 00
0B0: 00 00 00 00 00 00 C6 00 00 00 00 00 00 00 00 00
0C0: 00 00 C7 00 00 00 00 00 00 00 00 00 00 00 C8 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 BE

[altrok]

Pokracujte prosim MBAM.

[jansams]

Dobrý den, 2 x omluva. Ted jsem nebyl nějakou dobu doma a pak se me nepovedlo ulozit log. v příloze screen toho, co mbam uložil do karanteny.

Diky

[altrok]

Dejte logy FRST.txt a Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101
Pozn. pri druhem a dalsim spusteni FRST je pro vytvoreni logu Addition.txt nutne tuto volbu explicitne zatrhnout pred zacatkem skenu.

[jansams]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:25-01-2016
Ran by Víťa (administrator) on ASUS-NTB (01-02-2016 21:02:47)
Running from C:\Users\Víťa\Desktop
Loaded Profiles: Víťa & (Available Profiles: Víťa)
Platform: Windows 8.1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\mspaint.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe
(Microsoft Corporation) C:\Windows\WinStore\WSHost.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\ielowutil.exe
(forum.viry.cz) C:\Users\Víťa\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BtTray] => C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [764032 2012-08-10] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-08-10] (Qualcomm Atheros Commnucations)
HKLM\...\Run: [ACMON] => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [90832 2012-06-07] (ASUS)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5264016 2012-08-16] (VIA)
HKLM-x32\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [366720 2012-08-23] (Alcor Micro Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe [3417984 2012-08-28] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [179624 2016-01-12] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AVG_UI] => "C:\Program Files (x86)\AVG\Av\avgui.exe" /TRAYONLY
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2013-10-20] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2013-10-20] (IvoSoft)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk [2012-09-26]
ShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe (ASUSTeK Computer Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{4C96F872-D6CF-4A56-B98F-72BC6C5B6DAE}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{DE3B156C-63D5-481A-9169-1AD2C2E75D97}: [DhcpNameServer] 192.168.43.1

Internet Explorer:
==================
HKU\S-1-5-21-1241823456-3240200628-3320752103-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
HKU\S-1-5-21-1241823456-3240200628-3320752103-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
HKU\S-1-5-21-1241823456-3240200628-3320752103-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
HKU\S-1-5-21-1241823456-3240200628-3320752103-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2013-10-20] (IvoSoft)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-08-10] (Qualcomm Atheros Commnucations)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2013-10-20] (IvoSoft)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2013-10-20] (IvoSoft)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2013-10-20] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2013-10-20] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2013-10-20] (IvoSoft)
Filter: application/x-mfe-ipt - No CLSID Value

FireFox:
========
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1241823456-3240200628-3320752103-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Víťa\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [No File]
FF Plugin HKU\S-1-5-21-1241823456-3240200628-3320752103-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Víťa\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [No File]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR DefaultSearchURL: Default -> hxxp://search.seznam.cz/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> seznam.cz
CHR DefaultSuggestURL: Default -> hxxp://suggest.fulltext.seznam.cz/fulltext_ff?phrase={searchTerms}
CHR Profile: C:\Users\Víťa\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\Víťa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-09]
CHR Extension: (Disk Google) - C:\Users\Víťa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Víťa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Vyhledávání Google) - C:\Users\Víťa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-29]
CHR Extension: (Dokumenty Google offline) - C:\Users\Víťa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-19]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Víťa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-26]
CHR Extension: (Gmail) - C:\Users\Víťa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [211584 2012-08-10] (Qualcomm Atheros Commnucations) [File not signed]
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1048488 2016-01-12] (AVG Technologies CZ, s.r.o.)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-08-10] (IObit)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27792 2012-08-14] (VIA Technologies, Inc.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-08-10] (Atheros) [File not signed]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [61824 2012-10-31] (ASUS Corporation)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-08-10] (Qualcomm Atheros)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
S3 Huawei; C:\Windows\system32\DRIVERS\ewdcsc.sys [29696 2009-12-15] (Huawei Tech. Co., Ltd.)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [26528 2016-01-20] (REALiX(tm))
S3 hwusbdev; C:\Windows\system32\DRIVERS\ewusbdev.sys [114304 2009-12-15] (Huawei Technologies Co., Ltd.)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-01-27] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
S3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [390552 2013-09-20] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [95984 2013-09-20] (McAfee, Inc.)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-01 21:02 - 2016-02-01 21:03 - 00016224 _____ C:\Users\Víťa\Desktop\FRST.txt
2016-01-27 16:28 - 2016-01-27 20:51 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-01-27 16:27 - 2016-01-27 16:27 - 00001136 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-01-27 16:27 - 2016-01-27 16:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-01-27 16:27 - 2016-01-27 16:27 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-01-27 16:27 - 2016-01-27 16:27 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-01-27 16:27 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-01-27 16:27 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-01-27 16:27 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-01-27 16:26 - 2016-01-27 16:26 - 22908888 _____ (Malwarebytes ) C:\Users\Víťa\Downloads\mbam-setup-2.2.0.1024.exe
2016-01-27 16:22 - 2016-01-27 16:23 - 00000000 ____D C:\Users\Víťa\Downloads\CrystalDiskInfo6_2_2
2016-01-27 16:21 - 2016-01-27 16:21 - 02817875 _____ C:\Users\Víťa\Downloads\CrystalDiskInfo6_2_2.zip
2016-01-26 22:58 - 2016-02-01 20:57 - 00000380 _____ C:\Users\Víťa\AppData\Roaming\sp_data.sys
2016-01-26 22:54 - 2016-01-26 22:56 - 00004582 _____ C:\Users\Víťa\Desktop\Fixlog.txt
2016-01-25 23:20 - 2016-01-25 23:22 - 00004636 _____ C:\Users\Víťa\Desktop\Fixlog0.txt
2016-01-25 23:04 - 2016-01-25 23:04 - 00112640 _____ (forum.viry.cz) C:\Users\Víťa\Desktop\FRSTLauncher.exe
2016-01-25 23:00 - 2015-12-09 04:39 - 00301728 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-01-25 22:33 - 2016-01-25 22:33 - 00000000 _____ C:\Users\Víťa\Desktop\FRSTLauncher.exe.3n064lw.partial
2016-01-25 22:31 - 2016-01-25 22:31 - 00000000 _____ C:\Users\Víťa\Downloads\FRSTLauncher (2).exe.5l685wn.partial
2016-01-25 22:31 - 2016-01-25 22:31 - 00000000 _____ C:\Users\Víťa\Downloads\FRSTLauncher (1).exe.ayowt78.partial
2016-01-25 21:59 - 2016-01-25 21:59 - 00005198 _____ C:\Users\Víťa\Desktop\Addition.zip
2016-01-25 21:48 - 2016-02-01 21:02 - 00000000 ____D C:\FRST
2016-01-25 21:45 - 2016-01-25 21:45 - 00112640 _____ (forum.viry.cz) C:\Users\Víťa\Desktop\FRSTLauncher (1).exe
2016-01-25 21:42 - 2016-01-25 21:42 - 00000000 _____ C:\Users\Víťa\Downloads\FRSTLauncher.exe.8fy6lof.partial
2016-01-25 21:41 - 2016-01-25 21:41 - 00112640 _____ (forum.viry.cz) C:\Users\Víťa\Downloads\Nepotvrzeno 499367.crdownload
2016-01-25 21:40 - 2016-01-25 21:40 - 02370560 _____ (Farbar) C:\Users\Víťa\Desktop\FRST64.exe
2016-01-24 22:07 - 2016-01-24 22:07 - 00000000 ____H C:\asc_rdflag
2016-01-21 11:12 - 2016-01-21 11:12 - 00086706 _____ C:\Users\Víťa\Downloads\message_28585.eml
2016-01-20 20:15 - 2016-01-20 20:15 - 05079040 _____ C:\WINDOWS\system32\config\DRIVERS.iodefrag.bak
2016-01-20 12:46 - 2016-01-20 12:46 - 05079040 _____ C:\WINDOWS\system32\config\DRIVERS.iobit
2016-01-20 12:44 - 2016-01-24 22:12 - 00002872 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (Víťa)
2016-01-20 12:44 - 2016-01-20 12:44 - 00026528 _____ (REALiX(tm)) C:\WINDOWS\SysWOW64\Drivers\HWiNFO64A.SYS
2016-01-17 18:08 - 2016-01-05 21:04 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-01-17 18:08 - 2016-01-05 21:04 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-01-13 13:58 - 2015-12-10 01:40 - 00033456 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-01-13 13:58 - 2015-11-17 22:07 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-01-13 13:58 - 2015-11-17 22:07 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-01-13 13:58 - 2015-11-17 22:07 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-01-13 11:43 - 2015-12-11 05:38 - 25837568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-01-13 11:43 - 2015-12-11 05:00 - 00571904 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-01-13 11:43 - 2015-12-11 04:55 - 06051328 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-01-13 11:43 - 2015-12-11 04:50 - 20367360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-01-13 11:43 - 2015-12-11 04:45 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-01-13 11:43 - 2015-12-11 04:21 - 00496640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-01-13 11:43 - 2015-12-11 04:18 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-01-13 11:43 - 2015-12-11 04:09 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-01-13 11:43 - 2015-12-11 04:09 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-01-13 11:43 - 2015-12-11 04:03 - 14456832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-01-13 11:43 - 2015-12-11 03:59 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-01-13 11:43 - 2015-12-11 03:43 - 04610560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-01-13 11:43 - 2015-12-11 03:43 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-01-13 11:43 - 2015-12-11 03:38 - 02487808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-01-13 11:43 - 2015-12-11 03:37 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-01-13 11:43 - 2015-12-11 03:35 - 12856320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-01-13 11:43 - 2015-12-11 03:26 - 01546752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-01-13 11:43 - 2015-12-11 03:14 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-01-13 11:43 - 2015-12-11 03:12 - 02011136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-01-13 11:43 - 2015-12-11 03:08 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-01-13 11:43 - 2015-12-11 03:07 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-01-13 11:42 - 2015-12-30 20:32 - 07453016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-01-13 11:42 - 2015-12-30 20:32 - 01735000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-01-13 11:42 - 2015-12-30 20:32 - 01499912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-01-13 11:42 - 2015-12-11 01:13 - 01164800 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-01-13 11:42 - 2015-12-11 01:13 - 00505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-01-13 11:42 - 2015-12-11 01:13 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-01-13 11:42 - 2015-12-08 20:08 - 00685432 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2016-01-13 11:42 - 2015-12-08 20:07 - 00507176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2016-01-13 11:42 - 2015-12-07 11:56 - 01380600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-01-13 11:42 - 2015-12-05 06:58 - 02745184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2016-01-13 11:42 - 2015-12-05 06:58 - 02528784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2016-01-13 11:42 - 2015-12-05 06:58 - 02450240 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVENCOD.DLL
2016-01-13 11:42 - 2015-12-05 06:58 - 02447136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVENCOD.DLL
2016-01-13 11:42 - 2015-12-05 06:58 - 02334104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-01-13 11:42 - 2015-12-05 06:58 - 02324744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-01-13 11:42 - 2015-12-05 06:58 - 01877504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
2016-01-13 11:42 - 2015-12-05 06:58 - 01798480 ____C (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
2016-01-13 11:42 - 2015-12-05 06:58 - 01484888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
2016-01-13 11:42 - 2015-12-05 06:58 - 01288128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-01-13 11:42 - 2015-12-05 06:58 - 01210200 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2016-01-13 11:42 - 2015-12-05 06:58 - 01150232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOE.DLL
2016-01-13 11:42 - 2015-12-05 06:58 - 01115640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-01-13 11:42 - 2015-12-05 06:58 - 01037680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2016-01-13 11:42 - 2015-12-05 06:58 - 00914672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOE.DLL
2016-01-13 11:42 - 2015-12-05 06:58 - 00850680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-01-13 11:42 - 2015-12-05 06:58 - 00735496 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-01-13 11:42 - 2015-12-05 06:58 - 00700360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-01-13 11:42 - 2015-12-05 06:58 - 00629600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP4SDECD.DLL
2016-01-13 11:42 - 2015-12-05 06:58 - 00584656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-01-13 11:42 - 2015-12-05 06:58 - 00557856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSDECD.DLL
2016-01-13 11:42 - 2015-12-05 06:58 - 00498472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-01-13 11:42 - 2015-12-05 06:58 - 00492736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSDECD.DLL
2016-01-13 11:42 - 2015-12-05 06:58 - 00463776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP4SDECD.DLL
2016-01-13 11:42 - 2015-12-05 06:58 - 00399776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-01-13 11:42 - 2015-12-05 06:58 - 00299080 _____ (Microsoft Corporation) C:\WINDOWS\system32\VIDRESZR.DLL
2016-01-13 11:42 - 2015-12-05 06:58 - 00275312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MPG4DECD.DLL
2016-01-13 11:42 - 2015-12-05 06:58 - 00274280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP43DECD.DLL
2016-01-13 11:42 - 2015-12-05 06:58 - 00250520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPG4DECD.DLL
2016-01-13 11:42 - 2015-12-05 06:58 - 00248432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP43DECD.DLL
2016-01-13 11:42 - 2015-12-05 06:58 - 00246856 _____ (Microsoft Corporation) C:\WINDOWS\system32\RESAMPLEDMO.DLL
2016-01-13 11:42 - 2015-12-05 06:58 - 00244296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-01-13 11:42 - 2015-12-05 06:58 - 00229272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RESAMPLEDMO.DLL
2016-01-13 11:42 - 2015-12-05 06:58 - 00203016 _____ (Microsoft Corporation) C:\WINDOWS\system32\COLORCNV.DLL
2016-01-13 11:42 - 2015-12-05 06:58 - 00184912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\COLORCNV.DLL
2016-01-13 11:42 - 2015-12-05 06:58 - 00183856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VIDRESZR.DLL
2016-01-13 11:42 - 2015-12-05 06:58 - 00116720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL
2016-01-13 11:42 - 2015-12-05 06:58 - 00110544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-01-13 11:42 - 2015-12-05 06:58 - 00099136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL
2016-01-13 11:42 - 2015-12-05 06:58 - 00090904 _____ (Microsoft Corporation) C:\WINDOWS\system32\devenum.dll
2016-01-13 11:42 - 2015-12-05 06:58 - 00090392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfvdsp.dll
2016-01-13 11:42 - 2015-12-05 06:58 - 00081032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devenum.dll
2016-01-13 11:42 - 2015-12-05 06:58 - 00076936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfvdsp.dll
2016-01-13 11:42 - 2015-12-04 16:00 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-01-13 11:42 - 2015-12-03 20:42 - 00561952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-01-13 11:42 - 2015-12-03 20:42 - 00397224 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2016-01-13 11:42 - 2015-12-03 20:42 - 00137968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncrypt.dll
2016-01-13 11:42 - 2015-12-03 20:42 - 00106960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2016-01-13 11:42 - 2015-12-03 20:41 - 00177488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-01-13 11:42 - 2015-12-03 19:52 - 00340872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2016-01-13 11:42 - 2015-12-03 19:52 - 00120376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncrypt.dll
2016-01-13 11:42 - 2015-12-03 19:52 - 00091416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2016-01-13 11:42 - 2015-12-03 19:28 - 00401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-01-13 11:42 - 2015-12-03 19:28 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-01-13 11:42 - 2015-12-03 19:07 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2016-01-13 11:42 - 2015-12-03 19:07 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2016-01-13 11:42 - 2015-12-03 19:05 - 00644608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVXENCD.DLL
2016-01-13 11:42 - 2015-12-03 19:02 - 01664000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2016-01-13 11:42 - 2015-12-03 19:00 - 00451072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSENCD.DLL
2016-01-13 11:42 - 2015-12-03 18:58 - 00378880 ____C (Microsoft Corporation) C:\WINDOWS\system32\SysFxUI.dll
2016-01-13 11:42 - 2015-12-03 18:51 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2016-01-13 11:42 - 2015-12-03 18:36 - 01697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2016-01-13 11:42 - 2015-12-03 18:30 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFWMAAEC.DLL
2016-01-13 11:42 - 2015-12-03 18:28 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-01-13 11:42 - 2015-12-03 18:28 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2016-01-13 11:42 - 2015-12-03 18:27 - 00736256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVXENCD.DLL
2016-01-13 11:42 - 2015-12-03 18:24 - 01411584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2016-01-13 11:42 - 2015-12-03 18:23 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSENCD.DLL
2016-01-13 11:42 - 2015-12-03 18:16 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2016-01-13 11:42 - 2015-12-03 18:13 - 01441280 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-01-13 11:42 - 2015-12-03 18:07 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-01-13 11:42 - 2015-12-03 18:06 - 01501184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2016-01-13 11:42 - 2015-12-03 18:01 - 00743936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFWMAAEC.DLL
2016-01-13 11:42 - 2015-12-03 17:45 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-01-13 11:42 - 2015-12-03 17:40 - 01010688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL
2016-01-13 11:42 - 2015-12-03 17:29 - 00887296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL
2016-01-13 11:42 - 2015-12-02 16:04 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2016-01-13 11:42 - 2015-12-02 16:01 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2016-01-06 17:56 - 2016-01-06 17:56 - 00000882 _____ C:\Users\Public\Desktop\AVG.lnk

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-01 21:02 - 2013-11-10 11:50 - 00003966 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{9141E56F-8FF6-471D-A1E9-0437C35FBAF7}
2016-02-01 20:53 - 2015-01-13 10:35 - 00000000 ____D C:\ProgramData\ProductData
2016-01-29 09:50 - 2013-10-02 19:46 - 00002234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-01-27 16:53 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-01-27 16:52 - 2013-08-22 16:36 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-01-27 16:37 - 2013-09-06 10:41 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1241823456-3240200628-3320752103-1001
2016-01-26 22:56 - 2013-11-08 12:16 - 00000000 ____D C:\Users\Víťa
2016-01-25 23:14 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache
2016-01-25 22:47 - 2015-12-09 11:36 - 00000000 ____D C:\ProgramData\Avg
2016-01-25 22:47 - 2014-11-25 09:08 - 00000000 ____D C:\Users\Víťa\AppData\Local\Avg
2016-01-25 22:47 - 2013-09-06 10:53 - 00000000 ____D C:\Program Files (x86)\AVG
2016-01-25 22:47 - 2013-09-06 10:50 - 00000000 ____D C:\ProgramData\MFAData
2016-01-25 22:47 - 2012-07-26 09:12 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-01-25 22:42 - 2015-07-18 12:01 - 00000000 ____D C:\Users\Víťa\AppData\Local\ElevatedDiagnostics
2016-01-25 22:36 - 2015-10-25 08:18 - 00000000 ____D C:\Users\Víťa\AppData\Local\AvgSetupLog
2016-01-25 22:22 - 2014-05-04 19:05 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-01-25 22:20 - 2014-05-04 19:19 - 00000286 _____ C:\WINDOWS\wininit.ini
2016-01-25 22:20 - 2014-05-04 19:05 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-01-25 21:53 - 2013-08-22 14:36 - 00000000 ____D C:\Windows
2016-01-25 19:20 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-01-25 19:06 - 2014-08-03 10:32 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-01-25 18:21 - 2014-05-04 19:37 - 00000000 ____D C:\Program Files (x86)\IObit
2016-01-25 08:58 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\Inf
2016-01-24 22:10 - 2014-05-04 19:37 - 00165659 _____ C:\MyXML.xml
2016-01-24 22:08 - 2015-04-11 07:07 - 82436096 _____ C:\WINDOWS\system32\config\SOFTWARE.iodefrag.bak
2016-01-24 22:08 - 2015-04-11 07:07 - 05140480 _____ C:\WINDOWS\system32\config\DEFAULT.iodefrag.bak
2016-01-24 22:08 - 2015-04-11 07:07 - 00065536 _____ C:\WINDOWS\system32\config\SECURITY.iodefrag.bak
2016-01-24 22:08 - 2015-04-11 07:07 - 00024576 _____ C:\WINDOWS\system32\config\SAM.iodefrag.bak
2016-01-24 17:41 - 2014-05-04 19:45 - 00000000 _____ C:\Users\Víťa\AppData\LocalLow\ChangeTaskbarRect
2016-01-24 11:04 - 2015-03-08 15:06 - 00000000 ____D C:\Users\Víťa\AppData\Local\Seznam.cz
2016-01-21 10:36 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2016-01-20 16:08 - 2012-07-26 08:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-01-20 16:07 - 2014-12-16 21:38 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-01-20 16:07 - 2014-07-12 18:07 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2016-01-20 12:44 - 2015-01-13 10:35 - 00000000 ____D C:\Users\Víťa\AppData\Roaming\IObit
2016-01-20 12:44 - 2014-05-04 19:38 - 00000000 ____D C:\ProgramData\IObit
2016-01-20 12:44 - 2014-05-04 19:37 - 00000000 ____D C:\Users\Víťa\AppData\LocalLow\IObit
2016-01-14 09:38 - 2015-03-08 15:05 - 00000000 ____D C:\Users\Víťa\AppData\Roaming\Seznam Browser
2016-01-14 09:29 - 2015-07-18 09:54 - 66715648 _____ C:\WINDOWS\system32\config\COMPONENTS.iodefrag.bak
2016-01-13 20:58 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-01-13 20:58 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-01-13 20:53 - 2013-11-08 12:29 - 01745984 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-01-13 20:53 - 2013-09-30 04:56 - 00739924 _____ C:\WINDOWS\system32\perfh005.dat
2016-01-13 20:53 - 2013-09-30 04:56 - 00151610 _____ C:\WINDOWS\system32\perfc005.dat
2016-01-13 14:20 - 2013-10-20 11:44 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-01-13 14:17 - 2013-10-20 11:44 - 143671360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-01-06 17:56 - 2015-12-09 11:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen

==================== Files in the root of some directories =======

2016-01-26 22:58 - 2016-02-01 20:57 - 0000380 _____ () C:\Users\Víťa\AppData\Roaming\sp_data.sys
2015-12-25 11:14 - 2015-12-25 11:14 - 0000017 _____ () C:\Users\Víťa\AppData\Local\resmon.resmoncfg
2012-08-04 18:37 - 2012-07-30 07:03 - 0000217 _____ () C:\ProgramData\SetStretch.cmd
2012-08-04 18:37 - 2009-07-22 11:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\V��a\Desktop" je 2604 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

[altrok]

AVG byl poskozen nebo castecne odinstalovan. Pokud jej chcete pouzivat, preinstalujte jej - pri instalaci pozor na zaskrtavaci policka (checkboxy), abyste si do PC nenainstaloval i neco, co nepotrebujete - AVG Toolbar, TuneUp apod. Dale v takovem pripade deaktivujte Windows Defender.

• Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
• ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
• znovu spustte FRST a kliknete na Fix
• po restartu bude na plose ulozen fixlog, jehoz obsah vlozte do pristi odpovedi

  Kód: Vybrat vše

  Start
  CloseProcesses:
  C:\Users\Víťa\AppData\Roaming\sp_data.sys
  CMD: dir "C:\PROGRA~1"
  CMD: dir "C:\PROGRA~2"
  CMD: dir "C:\PROGRA~3"
  CMD: dir "%localappdata%"
  CMD: dir "%appdata%"
  End