Snap.do a další problémy

[Lucifix]

Zdravím,
včera jsem si, blbec, stáhla nějaký program a s ním bohužel hromadu problému....včera to nebylo tak šílené, místo googlu mi stále naskakovalo snap.do, podle instrukcí na netu jsem se ho pokusila odstanit a vypadalo to, že je to ok, dnes po zapnutí pc je to však horší, už mě to nepustí ani na internet, pouze v nouzovém režimu, vše se strašně seká a při avg kontrole se pc restartuje...prosím o pomoc . Děkuji moc....

Logfile of random's system information tool 1.10 (written by random/random)
Run by Jára at 2015-12-05 13:33:21
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 34 GB (14%) free of 250 GB
Total RAM: 4094 MB (82% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:33:25, on 5.12.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18098)
Boot mode: Safe mode with network support

Running processes:
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Jára.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTwkzwGbNf1VzsRiM5U0nqvM0Nvu6RYS6uJq8BAcaMc-AdGEM08ke77ux1Qk47vSMVX4yvBegWARFM4lCSR8FD-XBU-CSgB1PNf7ll0l4AfMUTy9FKZTWjswh_RUpDQYyNty7hhPLsq4tC52D4DECQKXaEp93OiyB6xhGdQ,,&q={searchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTwkzwGbNf1VzsRiM5U0nqvM0Nvu6RYS6uJq8BAcaMc-AdGEM08ke77ux1Qk47vSMVX4yvBegWARFM4lCSR8FD-XBU-CSgB1PNf7ll0l4AfMUTy9FKZTWjswh_RUpDQYyNty7hhPLsq4tC52D4DECQKXaEp93OiyB6xhGdQ,,&q={searchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTwkzwGbNf1VzsRiM5U0nqvM0Nvu6RYS6uJq8BAcaMc-AdGEM08ke77ux1Qk47vSMVX4yvBegWARFM4lCSR8FD-XBU-CSgB1PNf7ll0l4AfMUTy9FKZTWjswh_RUpDQYyNty7hhPLsq4tC52D4DECQKXaEp93OiyB6xhGdQ,,&q={searchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTwkzwGbNf1VzsRiM5U0nqvM0Nvu6RYS6uJq8BAcaMc-AdGEM08ke77ux1Qk47vSMVX4yvBegWARFM4lCSR8FD-XNda0o0Mr2KATmHFWj-Pqy32EvEBkcCkOTtgJXekz0vSZp0vOuVuDEkXhpylv0HZKiKvDDKG_pX_X3lg,,
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTwkzwGbNf1VzsRiM5U0nqvM0Nvu6RYS6uJq8BAcaMc-AdGEM08ke77ux1Qk47vSMVX4yvBegWARFM4lCSR8FD-XBU-CSgB1PNf7ll0l4AfMUTy9FKZTWjswh_RUpDQYyNty7hhPLsq4tC52D4DECQKXaEp93OiyB6xhGdQ,,&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Web TuneUp - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Web TuneUp\4.1.8.599\AVG Web TuneUp.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\Av\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguix.exe" /fmw.trayonly
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Jára\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MIF5BA~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MIF5BA~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - (no file)
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\ProgramData\Vaiafineco\Rankex.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AvgAMPS - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgamps.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgidsagent.exe
O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: Validity Fingerprint Service (vfsFPService) - Validity Sensors, Inc. - c:\Windows\system32\vfsFPService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater40.1.8 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.1.8\ToolbarUpdater.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: WtuSystemSupport - Unknown owner - C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe

--
End of file - 9864 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\Explorer.EXE
ctfmon.exe
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/Control/*DomRel-Enable/enable/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/PP_Ethersuggest_A7_Stable_R8/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Enabled/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/WebRTC-PeerConnectionDTLS1.2/Control/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-gpu-compositing --channel="1408.8.548233464\899576070" --font-cache-shared-handle=5196 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="1408.10.1733213839\2129407040" --use-gl=swiftshader --supports-dual-gpus=false --swiftshader-path="C:\Users\Jára\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159" --gpu-driver-bug-workarounds=2,23,51 --gpu-vendor-id=0x0000 --gpu-device-id=0x0000 --gpu-driver-vendor --gpu-driver-version --ignored=" --type=renderer " /prefetch:822062411
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\Jára\Desktop\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-09 462248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení k účtu Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG Web TuneUp - C:\Program Files (x86)\AVG Web TuneUp\4.1.8.599\AVG Web TuneUp.dll [2015-10-05 2426256]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-09 171944]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"cz.seznam.software.autoupdate"=C:\Users\Jára\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AVG_UI"=C:\Program Files (x86)\AVG\Av\avgui.exe [2015-11-20 3855272]
"AvgUi"=C:\Program Files (x86)\AVG\Framework\Common\avguix.exe [2015-11-12 1136552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\ProgramData\Vaiafineco\Truejob.dll"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MSIServer]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"RestrictRun"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"RestrictRun"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"VIDC.FPS1"=frapsv64.dll
"vidc.tscc"=C:\Windows\SysWOW64\tsccvid64.dll
"vidc.tsc2"=C:\Windows\SysWOW64\tsc2_codec64.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2015-12-05 13:33:21 ----D---- C:\rsit
2015-12-05 13:27:28 ----A---- C:\Windows\system32\FNTCACHE.DAT
2015-12-05 13:27:25 ----A---- C:\Windows\ntbtlog.txt
2015-12-05 13:05:30 ----D---- C:\32788R22FWJFW
2015-12-05 00:33:32 ----D---- C:\Users\Jára\AppData\Roaming\ASP
2015-12-04 23:24:38 ----D---- C:\Users\Jára\AppData\Roaming\Systweak
2015-12-04 20:35:22 ----D---- C:\Users\Jára\AppData\Roaming\AVG
2015-12-04 20:25:41 ----D---- C:\ProgramData\Avg
2015-12-04 18:34:02 ----D---- C:\ProgramData\Vaiafinecos
2015-12-04 18:33:52 ----D---- C:\ProgramData\Vaiafineco
2015-12-04 18:33:50 ----A---- C:\Program Files\Common Files\zdwcfetk.exe
2015-12-04 18:31:43 ----D---- C:\Program Files\Common Files\cylg2clr
2015-12-04 17:33:09 ----D---- C:\Users\Jára\AppData\Roaming\DamnVid
2015-12-04 17:31:25 ----D---- C:\Program Files\NixController
2015-12-04 17:30:45 ----D---- C:\ProgramData\Medlights
2015-12-04 17:30:35 ----D---- C:\ProgramData\ApplicationHosting
2015-12-03 14:30:13 ----A---- C:\Users\Jára\AppData\Roaming\Moses.dat
2015-11-26 18:40:36 ----A---- C:\Users\Jára\AppData\Roaming\ham.txt
2015-11-26 18:37:38 ----A---- C:\Users\Jára\AppData\Roaming\moses.exe
2015-11-26 10:34:43 ----A---- C:\Users\Jára\AppData\Roaming\Main.dat
2015-11-26 10:34:43 ----A---- C:\Users\Jára\AppData\Roaming\agent.dat
2015-11-12 17:30:10 ----A---- C:\Windows\system32\win32k.sys
2015-11-11 21:48:11 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-11-11 21:48:11 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-11-11 21:48:11 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-11-11 21:48:11 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-11-11 21:48:11 ----A---- C:\Windows\system32\wuwebv.dll
2015-11-11 21:48:11 ----A---- C:\Windows\system32\wups2.dll
2015-11-11 21:48:11 ----A---- C:\Windows\system32\wudriver.dll
2015-11-11 21:48:11 ----A---- C:\Windows\system32\wucltux.dll
2015-11-11 21:48:11 ----A---- C:\Windows\system32\wuaueng.dll
2015-11-11 21:48:11 ----A---- C:\Windows\system32\wuauclt.exe
2015-11-11 21:48:11 ----A---- C:\Windows\system32\wuapp.exe
2015-11-11 21:48:11 ----A---- C:\Windows\system32\wuapi.dll
2015-11-11 21:48:11 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-11-11 21:48:10 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-11-11 21:48:10 ----A---- C:\Windows\system32\wups.dll
2015-11-11 21:48:10 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-11-11 21:47:47 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-11-11 21:47:47 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-11-11 21:47:47 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-11-11 21:47:47 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-11-11 21:47:47 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-11-11 21:47:46 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-11-11 21:47:46 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-11-11 21:47:46 ----A---- C:\Windows\SYSWOW64\occache.dll
2015-11-11 21:47:46 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-11-11 21:47:46 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-11-11 21:47:46 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-11-11 21:47:46 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-11-11 21:47:46 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-11-11 21:47:46 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-11-11 21:47:46 ----A---- C:\Windows\system32\iernonce.dll
2015-11-11 21:47:46 ----A---- C:\Windows\system32\ie4uinit.exe
2015-11-11 21:47:44 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-11-11 21:47:44 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-11-11 21:47:44 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-11-11 21:47:44 ----A---- C:\Windows\system32\urlmon.dll
2015-11-11 21:47:44 ----A---- C:\Windows\system32\occache.dll
2015-11-11 21:47:44 ----A---- C:\Windows\system32\iedkcs32.dll
2015-11-11 21:47:43 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-11-11 21:47:43 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-11-11 21:47:43 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-11-11 21:47:43 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-11-11 21:47:43 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-11-11 21:47:42 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-11-11 21:47:42 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-11-11 21:47:42 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-11-11 21:47:42 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-11-11 21:47:42 ----A---- C:\Windows\system32\msfeeds.dll
2015-11-11 21:47:42 ----A---- C:\Windows\system32\dxtrans.dll
2015-11-11 21:47:41 ----A---- C:\Windows\system32\iesetup.dll
2015-11-11 21:47:41 ----A---- C:\Windows\system32\ieapfltr.dll
2015-11-11 21:47:40 ----A---- C:\Windows\system32\iertutil.dll
2015-11-11 21:47:39 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-11-11 21:47:39 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2015-11-11 21:47:39 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-11-11 21:47:39 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-11-11 21:47:39 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-11-11 21:47:39 ----A---- C:\Windows\system32\vbscript.dll
2015-11-11 21:47:39 ----A---- C:\Windows\system32\jsproxy.dll
2015-11-11 21:47:38 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-11-11 21:47:38 ----A---- C:\Windows\system32\ieui.dll
2015-11-11 21:47:38 ----A---- C:\Windows\system32\ieframe.dll
2015-11-11 21:47:38 ----A---- C:\Windows\system32\dxtmsft.dll
2015-11-11 21:47:37 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-11-11 21:47:37 ----A---- C:\Windows\system32\mshtmled.dll
2015-11-11 21:47:37 ----A---- C:\Windows\system32\ieUnatt.exe
2015-11-11 21:47:36 ----A---- C:\Windows\system32\wininet.dll
2015-11-11 21:47:36 ----A---- C:\Windows\system32\webcheck.dll
2015-11-11 21:47:36 ----A---- C:\Windows\system32\jscript9diag.dll
2015-11-11 21:47:36 ----A---- C:\Windows\system32\jscript9.dll
2015-11-11 21:47:36 ----A---- C:\Windows\system32\jscript.dll
2015-11-11 21:47:35 ----A---- C:\Windows\system32\msrating.dll
2015-11-11 21:47:35 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-11-11 21:47:34 ----A---- C:\Windows\system32\mshtml.dll
2015-11-11 21:47:15 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-11-11 21:47:15 ----A---- C:\Windows\system32\schannel.dll
2015-11-11 21:47:15 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-11-11 21:47:15 ----A---- C:\Windows\system32\kerberos.dll
2015-11-11 21:47:14 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-11-11 21:47:14 ----A---- C:\Windows\system32\ncrypt.dll
2015-11-11 21:47:14 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-11-11 21:47:13 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-11-11 21:47:13 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-11-11 21:47:13 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-11-11 21:47:13 ----A---- C:\Windows\SYSWOW64\bcryptprimitives.dll
2015-11-11 21:47:13 ----A---- C:\Windows\system32\kernel32.dll
2015-11-11 21:47:13 ----A---- C:\Windows\system32\drivers\cng.sys
2015-11-11 21:47:13 ----A---- C:\Windows\system32\bcryptprimitives.dll
2015-11-11 21:47:12 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-11-11 21:47:12 ----A---- C:\Windows\system32\ntdll.dll
2015-11-11 21:47:12 ----A---- C:\Windows\system32\lsasrv.dll
2015-11-11 21:47:11 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-11-11 21:47:10 ----A---- C:\Windows\system32\wow64.dll
2015-11-11 21:47:10 ----A---- C:\Windows\system32\winsrv.dll
2015-11-11 21:47:10 ----A---- C:\Windows\system32\srcore.dll
2015-11-11 21:47:10 ----A---- C:\Windows\system32\rpcrt4.dll
2015-11-11 21:47:10 ----A---- C:\Windows\system32\KernelBase.dll
2015-11-11 21:47:10 ----A---- C:\Windows\system32\conhost.exe
2015-11-11 21:47:09 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-11-11 21:47:09 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-11-11 21:47:09 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-11-11 21:47:09 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-11-11 21:47:09 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-11-11 21:47:09 ----A---- C:\Windows\system32\wdigest.dll
2015-11-11 21:47:09 ----A---- C:\Windows\system32\TSpkg.dll
2015-11-11 21:47:09 ----A---- C:\Windows\system32\sspicli.dll
2015-11-11 21:47:09 ----A---- C:\Windows\system32\smss.exe
2015-11-11 21:47:09 ----A---- C:\Windows\system32\rstrui.exe
2015-11-11 21:47:09 ----A---- C:\Windows\system32\msv1_0.dll
2015-11-11 21:47:09 ----A---- C:\Windows\system32\lsass.exe
2015-11-11 21:47:09 ----A---- C:\Windows\system32\auditpol.exe
2015-11-11 21:47:08 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-11-11 21:47:08 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-11-11 21:47:08 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-11-11 21:47:08 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2015-11-11 21:47:08 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-11-11 21:47:08 ----A---- C:\Windows\system32\wow64win.dll
2015-11-11 21:47:08 ----A---- C:\Windows\system32\sspisrv.dll
2015-11-11 21:47:08 ----A---- C:\Windows\system32\srclient.dll
2015-11-11 21:47:08 ----A---- C:\Windows\system32\secur32.dll
2015-11-11 21:47:08 ----A---- C:\Windows\system32\ntvdm64.dll
2015-11-11 21:47:08 ----A---- C:\Windows\system32\csrsrv.dll
2015-11-11 21:47:08 ----A---- C:\Windows\system32\cryptbase.dll
2015-11-11 21:47:08 ----A---- C:\Windows\system32\credssp.dll
2015-11-11 21:47:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-11-11 21:47:07 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-11 21:47:07 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-11-11 21:47:07 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-11-11 21:47:07 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2015-11-11 21:47:07 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-11-11 21:47:07 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-11-11 21:47:07 ----A---- C:\Windows\system32\wow64cpu.dll
2015-11-11 21:47:07 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-11-11 21:47:07 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-11-11 21:47:07 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-11-11 21:47:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-11 21:47:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-11-11 21:47:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-11-11 21:47:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-11 21:47:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-11-11 21:47:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-11 21:47:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-11 21:47:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-11 21:47:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-11-11 21:47:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-11-11 21:47:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-11 21:47:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-11 21:47:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-11-11 21:47:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-11-11 21:47:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-11-11 21:47:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-11-11 21:47:06 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-11-11 21:47:06 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-11-11 21:47:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-11 21:47:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-11-11 21:47:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-11-11 21:47:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-11-11 21:47:05 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-11-11 21:47:05 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-11-11 21:47:05 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-11-11 21:47:05 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-11-11 21:47:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-11-11 21:47:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-11-11 21:47:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-11-11 21:47:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-11 21:47:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-11-11 21:47:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-11 21:47:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-11-11 21:47:02 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-11-11 21:47:02 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-11-11 21:47:02 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-11 21:47:02 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-11-11 21:47:02 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-11-11 21:47:02 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-11 21:47:02 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-11 21:47:02 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-11 21:47:02 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-11 21:47:02 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-11-11 21:47:02 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-11-11 21:47:02 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-11 21:47:02 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-11-11 21:47:02 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-11 21:47:02 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-11-11 21:47:02 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-11 21:47:02 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-11-11 21:47:02 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-11-11 21:47:02 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-11-11 21:47:02 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-11 21:47:02 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-11-11 21:47:02 ----A---- C:\Windows\SYSWOW64\user.exe
2015-11-11 21:47:02 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-11-11 21:47:02 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-11-11 21:47:02 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-11-11 21:47:02 ----A---- C:\Windows\system32\apisetschema.dll
2015-11-11 21:47:02 ----A---- C:\Windows\system32\adtschema.dll
2015-11-11 21:47:01 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-11-11 21:47:01 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-11-11 21:47:01 ----A---- C:\Windows\system32\msobjs.dll
2015-11-11 21:47:01 ----A---- C:\Windows\system32\msaudite.dll
2015-11-11 21:46:45 ----A---- C:\Windows\system32\drivers\tdx.sys
2015-11-11 21:46:45 ----A---- C:\Windows\system32\drivers\afd.sys
2015-11-11 21:46:42 ----A---- C:\Windows\SYSWOW64\shimeng.dll
2015-11-11 21:46:42 ----A---- C:\Windows\SYSWOW64\sdbinst.exe
2015-11-11 21:46:42 ----A---- C:\Windows\SYSWOW64\apphelp.dll
2015-11-11 21:46:42 ----A---- C:\Windows\system32\shimeng.dll
2015-11-11 21:46:42 ----A---- C:\Windows\system32\sdbinst.exe
2015-11-11 21:46:42 ----A---- C:\Windows\system32\apphelp.dll
2015-11-11 21:46:42 ----A---- C:\Windows\system32\aelupsvc.dll
2015-11-11 21:46:39 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2015-11-11 21:46:39 ----A---- C:\Windows\system32\jnwmon.dll
2015-11-11 21:46:39 ----A---- C:\Windows\system32\InkEd.dll
2015-11-11 21:46:37 ----A---- C:\Windows\system32\drivers\ndis.sys
2015-11-09 22:53:06 ----A---- C:\Windows\aimpr.ini
2015-11-06 15:50:34 ----A---- C:\Windows\system32\drivers\avgdiska.sys
2015-11-06 15:49:38 ----A---- C:\Windows\system32\drivers\avgmfx64.sys
2015-11-06 15:49:38 ----A---- C:\Windows\system32\drivers\avgidsdrivera.sys

======List of files/folders modified in the last 1 month======

2015-12-05 13:33:22 ----D---- C:\Program Files\trend micro
2015-12-05 13:27:46 ----D---- C:\Windows\Minidump
2015-12-05 13:27:28 ----D---- C:\Windows\System32
2015-12-05 13:27:25 ----D---- C:\Windows
2015-12-05 13:27:22 ----D---- C:\Config.Msi
2015-12-05 13:24:12 ----D---- C:\Windows\temp
2015-12-05 13:13:43 ----D---- C:\Windows\system32\LogFiles
2015-12-05 13:13:24 ----D---- C:\Windows\inf
2015-12-05 13:09:09 ----SHD---- C:\Windows\Installer
2015-12-05 13:08:36 ----D---- C:\Windows\SysWOW64
2015-12-05 13:03:18 ----D---- C:\Windows\system32\Tasks
2015-12-05 13:02:13 ----RD---- C:\Program Files (x86)
2015-12-05 13:02:12 ----D---- C:\ProgramData
2015-12-05 12:51:45 ----D---- C:\Windows\Tasks
2015-12-05 12:15:23 ----D---- C:\ProgramData\MFAData
2015-12-05 12:12:58 ----D---- C:\Windows\system32\config
2015-12-04 23:44:53 ----SHD---- C:\System Volume Information
2015-12-04 20:50:16 ----D---- C:\Program Files (x86)\AVG
2015-12-04 20:46:37 ----D---- C:\Users\Jára\AppData\Roaming\Seznam.cz
2015-12-04 20:42:40 ----D---- C:\Windows\Prefetch
2015-12-04 20:40:17 ----D---- C:\ProgramData\AVG2015
2015-12-04 20:35:04 ----HD---- C:\$AVG
2015-12-04 20:34:14 ----D---- C:\Program Files\Common Files\AV
2015-12-04 20:32:28 ----D---- C:\Windows\system32\drivers
2015-12-04 18:33:50 ----D---- C:\Program Files\Common Files
2015-12-04 17:36:57 ----D---- C:\Program Files (x86)\Common Files
2015-12-04 17:31:25 ----RD---- C:\Program Files
2015-11-24 16:47:26 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-11-13 20:28:29 ----D---- C:\Windows\winsxs
2015-11-12 20:23:09 ----D---- C:\Windows\rescache
2015-11-12 17:23:14 ----D---- C:\Windows\Microsoft.NET
2015-11-12 12:09:51 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-11-12 12:09:51 ----D---- C:\Windows\system32\cs-CZ
2015-11-12 12:09:49 ----D---- C:\Program Files\Internet Explorer
2015-11-12 12:09:47 ----D---- C:\Windows\SYSWOW64\en-US
2015-11-12 12:09:43 ----D---- C:\Windows\system32\en-US
2015-11-12 12:09:37 ----D---- C:\Program Files (x86)\Internet Explorer
2015-11-12 12:09:25 ----D---- C:\Windows\AppPatch
2015-11-12 12:09:17 ----D---- C:\Windows\system32\migration
2015-11-11 22:27:29 ----RSD---- C:\Windows\assembly
2015-11-11 22:26:53 ----D---- C:\ProgramData\Microsoft Help
2015-11-11 22:18:09 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-11-11 22:13:08 ----D---- C:\Program Files\Windows Journal
2015-11-11 21:46:06 ----D---- C:\Windows\system32\catroot2
2015-11-11 21:14:10 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-11-07 18:25:28 ----D---- C:\Program Files (x86)\TeamViewer

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2015-08-20 298416]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2015-11-06 256432]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2015-08-10 42416]
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 30008]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6a.sys [2015-08-29 97208]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2015-10-08 302000]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 43320]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-10-09 1394176]
R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2008-09-04 64000]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2009-04-29 18432]
R3 RTL8167;Ovladač Realtek 8167 NT; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-04-30 267312]
S0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2015-08-14 398256]
S1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2015-11-06 184240]
S1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2015-11-06 313776]
S1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2015-10-21 284080]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2011-05-13 36328]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-18 6037504]
S3 ATP;Comodo Unite Miniport Driver; C:\Windows\system32\DRIVERS\cmdatp.sys []
S3 AVerAF15;HP DVB-T TV Tuner; C:\Windows\System32\Drivers\AVerAF15.sys [2008-07-04 306688]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 cpuz135;cpuz135; \??\C:\Program Files (x86)\CPUID\PC Wizard 2012\pcwiz_x64.sys [2012-08-11 24368]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2008-10-23 128352]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920]
S3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt64.sys []
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 vfs101a;vfs101a; C:\Windows\system32\drivers\vfs101a.sys [2008-09-16 49968]
S3 WinUsb;WinUsb; C:\Windows\system32\drivers\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

S2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-18 203264]
S2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\Av\avgfws.exe [2015-11-20 1587128]
S2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [2015-11-20 3857272]
S2 avgsvc;AVG Service; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [2015-11-12 1046952]
S2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [2015-11-20 579776]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 30520]
S2 TeamViewer;TeamViewer 10; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2014-12-15 5426448]
S2 vfsFPService;Validity Fingerprint Service; c:\Windows\system32\vfsFPService.exe [2008-09-16 719152]
S2 vToolbarUpdater40.1.8;vToolbarUpdater40.1.8; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.1.8\ToolbarUpdater.exe [2015-10-05 1875856]
S2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
S2 WtuSystemSupport;WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [2015-10-05 1205136]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-11 269000]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S3 AvgAMPS;AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [2015-11-20 615584]
S3 Com4QLBEx;Com4QLBEx; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 hpqwmiex;hpqwmiex; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2009-04-30 229944]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-10-31 114688]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-10-05 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S4 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]

-----------------EOF-----------------

[Lucifix]

info.txt logfile of random's system information tool 1.10 2015-12-05 13:33:29

======MBR======

0x33C08ED0BC007C8EC08ED8BE007CBF0006B90002FCF3A450681C06CBFBB90400BDBE07807E00007C0B0F850E0183C510E2F1CD1888560055C6461105C6461000B441BBAA55CD135D720F81FB55AA7509F7C101007403FE46106660807E1000742666680000000066FF760868000068007C680100681000B4428A56008BF4CD139F83C4109EEB14B80102BB007C8A56008A76018A4E028A6E03CD136661731CFE4E11750C807E00800F848A00B280EB845532E48A5600CD135DEB9E813EFE7D55AA756EFF7600E88D007517FAB0D1E664E88300B0DFE660E87C00B0FFE664E87500FBB800BBCD1A6623C0753B6681FB54435041753281F90201722C666807BB00006668000200006668080000006653665366556668000000006668007C0000666168000007CD1A5A32F6EA007C0000CD18A0B707EB08A0B607EB03A0B50732E40500078BF0AC3C007409BB0700B40ECD10EBF2F4EBFD2BC9E464EB002402E0F82402C3496E76616C696420706172746974696F6E207461626C65004572726F72206C6F6164696E67206F7065726174696E672073797374656D004D697373696E67206F7065726174696E672073797374656D000000637B9A834C844C00008020210007DF130C000800000020030000DF140C07FEFFFF002803000060811E00FEFFFF07FEFFFF0088841E00D0B31B0000000000000000000000000000000055AA

======Uninstall list======

-->C:\PROGRA~3\INSTAL~1\{D5853~1\Setup.exe /remove /q0
-->MsiExec /X{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}
Adobe AIR-->C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Community Help-->msiexec /qb /x {0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}
Adobe Community Help-->MsiExec.exe /I{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}
Adobe Flash Player 19 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_19_0_0_245_ActiveX.exe -maintain activex
Adobe Flash Player 19 NPAPI-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_19_0_0_245_Plugin.exe -maintain plugin
AMD USB Audio Driver Filter-->MsiExec.exe /X{A3AB35FA-943E-4799-99DC-46EFD59E998F}
AVG 2016-->MsiExec.exe /I{37EAACC8-78A9-4C52-A2FD-E758B8F0C9E5}
AVG Protection-->C:\Program Files (x86)\AVG\Setup\avgsetupx.exe /mode=offline /uninstall=av
AVG Web TuneUp-->C:\Program Files (x86)\AVG Web TuneUp\UNINSTALL.exe /PROMPT /UNINSTALL
AVG Zen-->MsiExec.exe /I{4BB3F53A-125D-4CD0-8448-620E9898CF96}
AVG-->C:\Program Files (x86)\AVG\Setup\avgsetupx.exe /mode=offline /uninstall=zen
AVG-->MsiExec.exe /I{AB11E7BD-211E-4EBD-9EAE-0C11CE7B48AE}
Avidemux 2.6 (32-bit)-->C:\Program Files (x86)\Avidemux 2.6\uninstall.exe
Balíček ovladače systému Windows - ENE (enecir) HIDClass (09/04/2008 2.6.0.0)-->C:\PROGRA~1\DIFX\0169CE3A95F06636\DPInst.exe /u C:\Windows\System32\DriverStore\FileRepository\enecir.inf_amd64_neutral_82d736bafda2506c\enecir.inf
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF}
Definition Update for Microsoft Office 2010 (KB3101540) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{E26C085F-C2D6-4BF0-B002-F539788473E4}" "1029" "0"
FMW 1-->MsiExec.exe /I{BCA7CC8C-745B-4340-B3A8-BC79A8498107}
Fotogalerie-->MsiExec.exe /X{AEA7CE08-09DC-4186-99FD-66A26F3B8B21}
Google Chrome-->"C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.73\Installer\setup.exe" --uninstall --multi-install --chrome --system-level
Google Update Helper-->MsiExec.exe /I{60EC980A-BDA2-4CB6-A427

[altrok]

Krasny den Vam preju



V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).

• Ulozte na plochu OTM - http://oldtimer.geekstogo.com/OTM.exe
• ukoncete vsechny programy
• kliknete pravym na ikonu OTM.exe a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
• obsah bileho pole zkopirujte do leveho okna OTM a kliknete na MoveIt!
• po restartu vlozte log, ktery bude v C:\_OTM\MovedFiles\mmddyyyy_hhmmss.log

  Kód: Vybrat vše

  :commands
  [Purity]
  [EmptyTemp]
  [EmptyFlash]
  [EmptyJava]
  [ResetHosts]
  [CreateRestorePoint]
  
  :files
  %windir%\system32\*.tmp.dll /s
  %windir%\system32\SET*.tmp /s
  %windir%\*.tmp /s
  C:\ProgramData\Vaiafinecos
  C:\ProgramData\Vaiafineco
  C:\Program Files\Common Files\zdwcfetk.exe
  C:\Program Files\Common Files\cylg2clr
  C:\Users\Jára\AppData\Roaming\DamnVid
  C:\Program Files\NixController
  C:\ProgramData\Medlights
  C:\ProgramData\ApplicationHosting
  C:\Users\Jára\AppData\Roaming\Moses.dat
  C:\Users\Jára\AppData\Roaming\ham.txt
  C:\Users\Jára\AppData\Roaming\moses.exe
  C:\Users\Jára\AppData\Roaming\Main.dat
  C:\Users\Jára\AppData\Roaming\agent.dat
  
  :reg
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
  "AppInit_DLLs"=""
  

[Lucifix]

Provedeno a vkládám log z OTM.....díky moc za pomoc

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 41620 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: hedev
->Temp folder emptied: 0 bytes

User: J ra
->Temp folder emptied: 0 bytes

User: Jára
->Temp folder emptied: 70981932 bytes
->Temporary Internet Files folder emptied: 5640648 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 3335037 bytes
->Google Chrome cache emptied: 11782654 bytes
->Flash cache emptied: 614 bytes

User: Jßra
->Temp folder emptied: 0 bytes

User: JᲡ
->Temp folder emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 1525518 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 9501165 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 3423543 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 43262339 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 143,00 mb


[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: hedev

User: J ra

User: Jára
->Flash cache emptied: 0 bytes

User: Jßra

User: JᲡ

User: Public

Total Flash Files Cleaned = 0,00 mb


[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: hedev

User: J ra

User: Jára
->Java cache emptied: 0 bytes

User: Jßra

User: JᲡ

User: Public

Total Java Files Cleaned = 0,00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Error creating restore point.
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP23C8.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3ACE.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8A3A.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPA534.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPA845.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPABAF.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPC788.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP259A.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP2847.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP2895.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP2CE.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP2EE.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP43E2.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP5051.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP5B29.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP758C.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPAFBE.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPB750.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPBE54.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPC1CA.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPD182.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPD25B.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPD53A.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPD6DF.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPDC11.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPEDB8.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPF3DF.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPF51.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPF94F.tmp folder moved successfully.
C:\Windows\Installer\MSI1576.tmp moved successfully.
C:\Windows\Installer\MSI437.tmp moved successfully.
C:\Windows\Installer\MSI51A0.tmp moved successfully.
C:\Windows\Installer\MSI536F.tmp moved successfully.
C:\Windows\Installer\MSI56C3.tmp moved successfully.
C:\Windows\Installer\MSI6025.tmp moved successfully.
C:\Windows\Installer\MSI6504.tmp moved successfully.
C:\ProgramData\Vaiafinecos folder moved successfully.
C:\ProgramData\Vaiafineco\ondemand folder moved successfully.
C:\ProgramData\Vaiafineco folder moved successfully.
C:\Program Files\Common Files\zdwcfetk.exe moved successfully.
C:\Program Files\Common Files\cylg2clr folder moved successfully.
C:\Users\Jára\AppData\Roaming\DamnVid\modules\youtube folder moved successfully.
C:\Users\Jára\AppData\Roaming\DamnVid\modules\youku folder moved successfully.
C:\Users\Jára\AppData\Roaming\DamnVid\modules\wegame folder moved successfully.
C:\Users\Jára\AppData\Roaming\DamnVid\modules\wattv folder moved successfully.
C:\Users\Jára\AppData\Roaming\DamnVid\modules\vimeo folder moved successfully.
C:\Users\Jára\AppData\Roaming\DamnVid\modules\veoh folder moved successfully.
C:\Users\Jára\AppData\Roaming\DamnVid\modules\tmtube folder moved successfully.
C:\Users\Jára\AppData\Roaming\DamnVid\modules\revver folder moved successfully.
C:\Users\Jára\AppData\Roaming\DamnVid\modules\onn folder moved successfully.
C:\Users\Jára\AppData\Roaming\DamnVid\modules\newgrounds folder moved successfully.
C:\Users\Jára\AppData\Roaming\DamnVid\modules\myspacetv folder moved successfully.
C:\Users\Jára\AppData\Roaming\DamnVid\modules\metacafe folder moved successfully.
C:\Users\Jára\AppData\Roaming\DamnVid\modules\megavideo folder moved successfully.
C:\Users\Jára\AppData\Roaming\DamnVid\modules\livevideo folder moved successfully.
C:\Users\Jára\AppData\Roaming\DamnVid\modules\jeuxvideocom folder moved successfully.
C:\Users\Jára\AppData\Roaming\DamnVid\modules\itmspodcasts folder moved successfully.
C:\Users\Jára\AppData\Roaming\DamnVid\modules\ignvideo folder moved successfully.
C:\Users\Jára\AppData\Roaming\DamnVid\modules\googlevideo folder moved successfully.
C:\Users\Jára\AppData\Roaming\DamnVid\modules\gamevideos folder moved successfully.
C:\Users\Jára\AppData\Roaming\DamnVid\modules\gametrailers folder moved successfully.
C:\Users\Jára\AppData\Roaming\DamnVid\modules\flickr folder moved successfully.
C:\Users\Jára\AppData\Roaming\DamnVid\modules\escapistmagazine folder moved successfully.
C:\Users\Jára\AppData\Roaming\DamnVid\modules\deviantart folder moved successfully.
C:\Users\Jára\AppData\Roaming\DamnVid\modules\dailymotion folder moved successfully.
C:\Users\Jára\AppData\Roaming\DamnVid\modules\crunchyroll folder moved successfully.
C:\Users\Jára\AppData\Roaming\DamnVid\modules\collegehumor folder moved successfully.
C:\Users\Jára\AppData\Roaming\DamnVid\modules\clubic folder moved successfully.
C:\Users\Jára\AppData\Roaming\DamnVid\modules\canalplus folder moved successfully.
C:\Users\Jára\AppData\Roaming\DamnVid\modules\break folder moved successfully.
C:\Users\Jára\AppData\Roaming\DamnVid\modules\bliptv folder moved successfully.
C:\Users\Jára\AppData\Roaming\DamnVid\modules folder moved successfully.
C:\Users\Jára\AppData\Roaming\DamnVid folder moved successfully.
C:\Program Files\NixController folder moved successfully.
C:\ProgramData\Medlights folder moved successfully.
C:\ProgramData\ApplicationHosting folder moved successfully.
C:\Users\Jára\AppData\Roaming\Moses.dat moved successfully.
C:\Users\Jára\AppData\Roaming\ham.txt moved successfully.
C:\Users\Jára\AppData\Roaming\moses.exe moved successfully.
C:\Users\Jára\AppData\Roaming\Main.dat moved successfully.
C:\Users\Jára\AppData\Roaming\agent.dat moved successfully.
========== REGISTRY ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\"AppInit_DLLs"|"" /E : value set successfully!

OTM by OldTimer - Version 3.1.21.0 log created on 12052015_140802

[altrok]

Ted by mel o neco lepe fungovat normalni rezim - pokud to pujde, pokracujte v normalnim rezimu.


Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )

• ukoncete vsechny programy
• kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
• kliknete na Scan, pote na Cleaning
• po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner[Cx].txt), jehoz obsah mi zkopirujte do pristi odpovedi

[Lucifix]

Tak hlásím, že jsem se již dostala, díky vám, do normálního režimu a házím log....jen raději ještě říkám, že místo googlu mi ted zase naskakuje feed.sonic a v nastavení vyhledavače mám upozornění, že bylo přidáno nové rozšíření wiki-search.me


# AdwCleaner v5.023 - Logfile created 05/12/2015 at 14:50:32
# Updated 30/11/2015 by Xplode
# Database : 2015-12-03.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Jára - JÁRA-PC
# Running from : C:\Users\Jára\Desktop\adwcleaner_5.023.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

[-] Service Deleted : vToolbarUpdater40.1.8

***** [ Folders ] *****

[-] Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
[-] Folder Deleted : C:\ProgramData\AVG Secure Search
[-] Folder Deleted : C:\ProgramData\AVG Security Toolbar
[-] Folder Deleted : C:\ProgramData\FreeWorldApp
[-] Folder Deleted : C:\ProgramData\Avg_Update_0215tb
[-] Folder Deleted : C:\Users\Jára\AppData\Local\Systweak
[-] Folder Deleted : C:\Users\Jára\AppData\Local\20065
[-] Folder Deleted : C:\Users\Jára\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf
[-] Folder Deleted : C:\Users\Jára\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn
[-] Folder Deleted : C:\Users\Jára\AppData\Roaming\ASP
[-] Folder Deleted : C:\Users\Jára\AppData\Roaming\Systweak
[-] Folder Deleted : C:\Users\Jára\AppData\Roaming\Mozilla\Firefox\Profiles\el4n319l.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[-] Folder Deleted : C:\Windows\SysWOW64\config\systemprofile\AppData\Local\FileTypeAssistant

***** [ Files ] *****

[-] File Deleted : C:\ProgramData\whlb32g.dll
[-] File Deleted : C:\Users\Jára\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mpcknfcdcgpffjddjeceioobdelceffo_0.localstorage
[-] File Deleted : C:\Users\Jára\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_nafaimnnclfjfedmmabolbppcngeolgf_0.localstorage
[-] File Deleted : C:\Users\Jára\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_chfdnecihphmhljaaejmgoiahnihplgn_0.localstorage
[-] File Deleted : C:\Users\Jára\AppData\Roaming\Mozilla\Firefox\Profiles\el4n319l.default\searchplugins\findit.xml
[-] File Deleted : C:\Windows\SysWOW64\findit.xml

***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****

[-] Task Deleted : YTAUpdate

***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
[-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
[-] Key Deleted : HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\IELNKSRCH
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
[-] Key Deleted : HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APP PATHS\Stpro.exe
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\dream.capture
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{61AB12E1-A5FF-11D1-B2E9-444553540000}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82351441-9094-11D1-A24B-00A0C932C7DF}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{82351433-9094-11D1-A24B-00A0C932C7DF}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{444785F1-DE89-4295-863A-D46C3A781394}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKCU\Software\Avg Secure Update
[-] Key Deleted : HKCU\Software\OB
[-] Key Deleted : HKU\.DEFAULT\Software\AskPartnerNetwork
[-] Key Deleted : HKU\.DEFAULT\Software\Goobzo
[-] Key Deleted : HKU\.DEFAULT\Software\Avg Secure Update
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\SavePass 1.1
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\Sense
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\Ge-Force
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
[-] Key Deleted : HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\SavePass 1.1
[-] Key Deleted : HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Sense
[-] Key Deleted : HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Ge-Force
[-] Key Deleted : HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\_CrossriderRegNamePlaceHolder_
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{ielnksrch}
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[!] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\ielnksrch

***** [ Web browsers ] *****

[-] [C:\Users\Jára\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : chfdnecihphmhljaaejmgoiahnihplgn
[-] [C:\Users\Jára\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : fcgnigmofekcllgbiejhmigggmgehkip
[-] [C:\Users\Jára\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : nafaimnnclfjfedmmabolbppcngeolgf

*************************

:: "Tracing" keys removed
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C5].txt - [6848 bytes] ##########

[altrok]

Dejte log FRST.txt, prilozte i Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101

[Lucifix]

Omlouvám se, ted nevím.... Když kliknu na stažení FRSTLauncheru otevře se mi červená strana s křížkem, že web obsahuje škodlivé programy, musím stahovat aj ten Launcher nebo jen FRST? A omlouvám se, že se ptám Vypla jsem web štít aj Firewall a stále mě to nepustí Tak jsem dala navštívit stránku i přes toto nebezpečí a vyskočilo na mě varovné okno o 2 trojských koních a poté - stránka nebyla nalezena

[altrok]

Konkretne na tomto webu (koleguv) se jedna o false positive. FRSTLauncher neni nezbytne nutne stahovat, spustte tedy jen samotny FRST.

[Lucifix]

Já vím, koukala jsem, že je to váš kolega, přesto se mi stránka nezobrazila, možná jsem měla vypnout celé avg.... přikládám tedy ten log

Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-12-2015
Ran by Jára (2015-12-05 15:39:48)
Running from C:\Users\Jára\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2013-10-04 21:42:15)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4030809380-311013274-366993075-500 - Administrator - Disabled)
Guest (S-1-5-21-4030809380-311013274-366993075-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4030809380-311013274-366993075-1002 - Limited - Enabled)
Jára (S-1-5-21-4030809380-311013274-366993075-1001 - Administrator - Enabled) => C:\Users\Jára

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG Internet Security (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Internet Security (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
FW: AVG Internet Security (Enabled) {757AB44A-78C2-7D1A-E37F-CA42A037B368}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 19 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated)
AMD USB Audio Driver Filter (HKLM-x32\...\{A3AB35FA-943E-4799-99DC-46EFD59E998F}) (Version: 1.0.7.0031 - Advanced Micro Devices, Inc.)
AVG (HKLM\...\AvgZen) (Version: 1.22.1.40089 - AVG Technologies)
AVG (Version: 16.12.7294 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4483 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.12.7294 - AVG Technologies)
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.1.8.599 - AVG Technologies)
AVG Zen (Version: 1.22.1 - AVG Technologies) Hidden
Avidemux 2.6 (32-bit) (HKLM-x32\...\Avidemux 2.6) (Version: 2.6.8.9045 - )
Balíček ovladače systému Windows - ENE (enecir) HIDClass (09/04/2008 2.6.0.0) (HKLM\...\07B260955637F1FF7587ED2AA87459040DD09BF7) (Version: 09/04/2008 2.6.0.0 - ENE)
CCleaner (HKLM\...\CCleaner) (Version: 4.07 - Piriform)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
FMW 1 (Version: 1.32.2 - AVG Technologies) Hidden
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.73 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Hauppauge MCE XP/Vista Software Encoder (2.0.26057) (HKLM-x32\...\Hauppauge MCE2005 Software Encoder) (Version: 2.0.26057 - Hauppauge Computer Works, Inc.)
HD Tune Pro 5.50 (HKLM-x32\...\HD Tune Pro_is1) (Version: - EFD Software)
HP MiniCard Hybrid TV 1.3.64.69 (HKLM-x32\...\HP MiniCard Hybrid TV) (Version: 1.3.64.69 - AVerMedia TECHNOLOGIES, Inc.)
HP Quick Launch Buttons (HKLM-x32\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.50.4.2 - Hewlett-Packard)
Java 7 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.400 - Oracle)
JMicron JMB38X Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.00.20.07 - JMicron Technology Corp.)
Microsoft .NET Framework 4.5.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
PC Wizard 2012.2.11 (HKLM-x32\...\PC Wizard 2012_is1) (Version: - CPUID)
Photo-Brush 5.30 (HKLM-x32\...\Photo-Brush_is1) (Version: Photo-Brush 5.30 - Mediachance Corp.)
QLBCASL (x32 Version: 6.40.17.2 - Hewlett-Packard) Hidden
Realtek USB 2.0 Card Reader (HKLM-x32\...\{DC24971E-1946-445D-8A82-CE685433FA7D}) (Version: 3.0.1.3 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Seznam Software (HKU\S-1-5-21-4030809380-311013274-366993075-1001\...\SeznamInstall) (Version: - Seznam.cz)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 13.0.4.0 - Synaptics Incorporated)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.36897 - TeamViewer)
Validity Sensors software (HKLM\...\{567E8236-C414-4888-8211-3D61608D57AE}) (Version: 2.7.500 - Validity Sensors, Inc.)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Widevine Media Optimizer Chrome 6.0.0 (HKU\S-1-5-21-4030809380-311013274-366993075-1001\...\optimizer_chrome) (Version: 6.0.0.12757 - Widevine Technologies)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2015-12-05 14:08 - 00000098 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost
::1 localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0F0E928D-07B3-476A-B8F6-CDB551526CBA} - System32\Tasks\Open Chrome => Chrome.exe toolbar.avg.com/ch-uninstall?cid={AE7CAC46-771E-44CA-8DA0-47CDFDFC9BB2}&mid=1e6473f849af47d2b028d16d38c05e18-ff9705ac7f8470ae1bebc0c0d41224e31fea7b3b&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0415tb&pr=fr&d=&v=4.1.8.599&pid=wtu&sg=
Task: {3C811B38-C9D3-4AA6-8C1B-5E4071F61609} - System32\Tasks\{2EF9220E-1F8A-47D5-8312-1950F7902359} => pcalua.exe -a C:\Users\Jára\AppData\Roaming\Seznam.cz\szninstall.exe -c -X
Task: {4A48BF12-06F5-4789-8016-A727BCE98353} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {73E38FF5-59AC-4CD8-A7F4-72F2DE58A9F8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-10-22] (Piriform Ltd)
Task: {8F6CA9F9-39CA-4FAE-A4F7-86D1D6C98743} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-11] (Adobe Systems Incorporated)
Task: {B1F423F2-5407-45E3-81E4-CE4E9AE3874D} - System32\Tasks\{63CF3CF2-8E8E-4660-B481-F518BFDF9A95} => pcalua.exe -a C:\Users\Jára\AppData\Roaming\webssearches\UninstallManager.exe -c -ptid=cvs <==== ATTENTION
Task: {B33F4162-E371-4BD4-AA5C-1965338B1386} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {B89D5454-D2BC-4317-9F4C-03F6FED39D90} - System32\Tasks\{CA3F5BDD-BDF0-4AFF-B696-87456AA1517A} => Chrome.exe hxxp://www.skype.com/go/downloading?source=lig ... rror=12002
Task: {B9D362B7-ECA0-483C-ADB6-BB95EEA1C150} - System32\Tasks\t30r22aa => C:\Program Files\Common Files\cylg2clr\ca705otaak2vz.exe <==== ATTENTION
Task: {BBC03A06-290E-44D1-96D1-A5E5C38DCF0A} - System32\Tasks\AdobeAAMUpdater-1.0-Jára-PC-Jára => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-01-26] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-02-26 17:07 - 2015-10-05 11:08 - 01205136 _____ () C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
2015-12-04 20:25 - 2015-12-04 20:25 - 40500224 _____ () C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll
2015-12-03 17:52 - 2015-11-24 09:00 - 01583432 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.73\libglesv2.dll
2015-12-03 17:52 - 2015-11-24 09:00 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.73\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:56E2E879

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MSIServer => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4030809380-311013274-366993075-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jára\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{41520350-FC1B-4BFC-B97B-E72EB80E8962}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{245288EC-1748-4B70-BBEF-F14B81D75779}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{608416DE-3BE8-47D4-9585-264DD6FDBCCB}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{8B5495EC-58A5-43A0-A9E8-137E32FB3AF5}] => (Allow) LPort=2869
FirewallRules: [{E5DBC035-004C-44C9-B8EF-9BD823C207A0}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{81F25CF6-31C9-439E-9A65-5D4753B12237}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{B0CB949B-1D12-4FAC-B216-BF70AD758AA4}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{950D598D-FDCD-4C1E-86BC-FABDFDF781F9}D:\cs s\hl2.exe] => (Block) D:\cs s\hl2.exe
FirewallRules: [UDP Query User{C85361C0-1246-4B65-958E-135DA9E0430C}D:\cs s\hl2.exe] => (Block) D:\cs s\hl2.exe
FirewallRules: [{B460B5DA-ED4A-48B0-8D3B-B6B804C6A21D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{C816569B-B943-4684-8D7A-CA75D423370F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{AFDDA6E7-5AD3-4690-BB9E-25F2FF15F75E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{BDDDD3E2-831B-4460-918D-B3C8EB51B718}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{EE142F43-B639-4C62-A2B7-AA79E6183799}C:\users\jára\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\users\jára\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{A8D4DCC0-E988-47B5-B6C5-9FE510D194C8}C:\users\jára\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\users\jára\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{78ABE9B5-386A-4CD2-8171-C8B57B97A5F0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{67150AE6-F92E-48BE-A2B9-C6AF9C0AD405}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{10089A30-E49D-4487-9E33-23C33DA577A9}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{BC165D1A-4E64-492D-A14D-460461C61F88}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{1FFA37F0-2524-44DB-AE72-120A4C04D20C}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{C17760C8-BDD7-43EF-9E8C-5A954E74FD0B}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{AE49F21D-7B6B-4755-8D17-F20B82DDD000}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{85805BCA-5DAD-43DB-AB1C-1377E74CEE35}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{C539C0E1-C26B-4BFC-BBEB-619DB42D39F6}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe

==================== Faulty Device Manager Devices =============

Name: A309
Description: A309
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/05/2015 02:45:24 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Index nebyl inicializován.

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/05/2015 02:45:24 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Aplikace nebyla inicializována.

Kontext: aplikace Windows

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/05/2015 02:45:24 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Objekt indexování nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/05/2015 02:45:24 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Modul plug-in v <Search.TripoliIndexer> nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Prvek nebyl nalezen. (HRESULT : 0x80070490) (0x80070490)

Error: (12/05/2015 02:45:21 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Modul plug-in v <Search.JetPropStore> nebyl inicializován.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/05/2015 02:45:21 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Služba Windows Search nenačetla informace o úložišti vlastností.

Kontext: aplikace Windows, katalog SystemIndex

Podrobnosti:
Databáze indexu obsahu je poškozená. (HRESULT : 0xc0041800) (0xc0041800)

Error: (12/05/2015 02:45:21 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Služba Windows Search byla zastavena, protože došlo k problému s indexovacím modulem The catalog is corrupt.

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/05/2015 02:45:21 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: Vyhledávací služby zjistila, že index {id=4700} obsahuje poškozené datové soubory. Služba se pokusí tyto potíže automaticky odstranit vytvořením nového indexu.

Podrobnosti:
Katalog indexu obsahu je poškozený. (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/05/2015 02:45:21 PM) (Source: Windows Search Service) (EventID: 9000) (User: )
Description: Služba Windows Search neotevřela úložiště vlastností databázového stroje Jet.

Podrobnosti:
0x%08x (0xc0041800 - Databáze indexu obsahu je poškozená. (HRESULT : 0xc0041800))

Error: (12/05/2015 02:45:21 PM) (Source: ESENT) (EventID: 455) (User: )
Description: Windows (4568) Windows: Při otevírání souboru protokolu C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS0009E.log došlo k chybě -1811.


System errors:
=============
Error: (12/05/2015 02:53:14 PM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active

Error: (12/05/2015 02:53:14 PM) (Source: atikmdag) (EventID: 19468) (User: )
Description: CPLIB :: General - Invalid Parameter

Error: (12/05/2015 02:51:02 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Správce služeb se pokusil o opravnou akci (Restartovat službu) po nečekaném ukončení služby Windows Search, ale tato akce selhala kvůli následující chybě:
%%1056

Error: (12/05/2015 02:50:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (12/05/2015 02:50:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (12/05/2015 02:50:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Ochrana softwaru byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.

Error: (12/05/2015 02:50:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Live ID Sign-in Assistant byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (12/05/2015 02:50:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba vToolbarUpdater40.1.8 byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (12/05/2015 02:50:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba AVG Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (12/05/2015 02:50:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba zařazování tisku byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.


CodeIntegrity:
===================================
Date: 2014-11-04 19:16:21.593
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-11-04 19:16:21.343
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-11-04 19:16:21.094
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-11-04 19:16:20.844
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-10-31 23:03:42.552
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-10-31 23:03:42.411
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: AMD Turion(tm) X2 Ultra Dual-Core Mobile ZM-82
Percentage of memory in use: 41%
Total physical RAM: 4093.84 MB
Available physical RAM: 2391.93 MB
Total Virtual: 10231.04 MB
Available Virtual: 8440.62 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:244.04 GB) (Free:33.51 GB) NTFS
Drive d: () (Fixed) (Total:221.62 GB) (Free:183.91 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 4C844C83)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=244 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=221.6 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================



Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-12-2015
Ran by Jára (administrator) on JÁRA-PC (05-12-2015 15:38:20)
Running from C:\Users\Jára\Desktop
Loaded Profiles: Jára (Available Profiles: Jára)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Validity Sensors, Inc.) C:\Windows\System32\vfsFPService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [3855272 2015-11-20] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguix.exe [1136552 2015-11-12] (AVG Technologies CZ, s.r.o.)
HKLM\...\Policies\Explorer: [RestrictRun] 0
HKU\S-1-5-21-4030809380-311013274-366993075-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Jára\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-4030809380-311013274-366993075-1001\...\Policies\Explorer: [RestrictRun] 0
AppInit_DLLs: C:\ProgramData\Vaiafineco\Truejob.dll => No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
BootExecute: sasnative64autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{ADE534AD-C8E2-402C-BB72-A300C598F7E4}: [DhcpNameServer] 192.168.1.1 192.168.1.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-4030809380-311013274-366993075-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-4030809380-311013274-366993075-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTwkzwGbNf1VzsRiM5U0nqvM0Nvu6RYS6uJq8BAcaMc-AdGEM08ke77ux1Qk47vSMVX4yvBegWARFM4lCSR8FD-XBU-CSgB1PNf7ll0l4AfMUTy9FKZTWjswh_RUpDQYyNty7hhPLsq4tC52D4DECQKXaEp93OiyB6xhGdQ,,&q={searchTerms}
HKU\S-1-5-21-4030809380-311013274-366993075-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTwkzwGbNf1VzsRiM5U0nqvM0Nvu6RYS6uJq8BAcaMc-AdGEM08ke77ux1Qk47vSMVX4yvBegWARFM4lCSR8FD-XNda0o0Mr2KATmHFWj-Pqy32EvEBkcCkOTtgJXekz0vSZp0vOuVuDEkXhpylv0HZKiKvDDKG_pX_X3lg,,
HKU\S-1-5-21-4030809380-311013274-366993075-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTwkzwGbNf1VzsRiM5U0nqvM0Nvu6RYS6uJq8BAcaMc-AdGEM08ke77ux1Qk47vSMVX4yvBegWARFM4lCSR8FD-XBU-CSgB1PNf7ll0l4AfMUTy9FKZTWjswh_RUpDQYyNty7hhPLsq4tC52D4DECQKXaEp93OiyB6xhGdQ,,&q={searchTerms}
HKU\S-1-5-21-4030809380-311013274-366993075-1001\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTwkzwGbNf1VzsRiM5U0nqvM0Nvu6RYS6uJq8BAcaMc-AdGEM08ke77ux1Qk47vSMVX4yvBegWARFM4lCSR8FD-XBU-CSgB1PNf7ll0l4AfMUTy9FKZTWjswh_RUpDQYyNty7hhPLsq4tC52D4DECQKXaEp93OiyB6xhGdQ,,&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL =
SearchScopes: HKU\S-1-5-21-4030809380-311013274-366993075-1001 -> {01CC2A84-6A71-4C55-8C53-EC8F7BC71636} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
SearchScopes: HKU\S-1-5-21-4030809380-311013274-366993075-1001 -> {1B1E480E-FDB8-4CAF-976D-99A2C8228ACE} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-4030809380-311013274-366993075-1001 -> {27D2ECB5-1C01-4928-BCBB-ADA56FAB2A4F} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-4030809380-311013274-366993075-1001 -> {870FD5AD-0981-4B16-B11B-E338B9CEA7E2} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12454
SearchScopes: HKU\S-1-5-21-4030809380-311013274-366993075-1001 -> {92E75BAC-7621-4ECB-A235-8F40B8D74278} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12454
SearchScopes: HKU\S-1-5-21-4030809380-311013274-366993075-1001 -> {977E8A46-4F29-46D6-9088-1F246A7C7599} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
SearchScopes: HKU\S-1-5-21-4030809380-311013274-366993075-1001 -> {9D077F7E-FFD6-40EB-943C-679D73BC1832} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-4030809380-311013274-366993075-1001 -> {A0D4C9D7-FD88-4D2D-A873-3EF73767474C} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-4030809380-311013274-366993075-1001 -> {EDF7CDB1-DC50-4717-AE9F-CCB0D2CB73BC} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-09] (Oracle Corporation)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-09] (Oracle Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File

FireFox:
========
FF ProfilePath: C:\Users\Jára\AppData\Roaming\Mozilla\Firefox\Profiles\el4n319l.default
FF NewTab: C:\ProgramData\Vaiafinecos\ff.NT
FF Homepage: C:\ProgramData\Vaiafinecos\ff.HP
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-11] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-11] ()
FF Plugin-x32: @java.com/DTPlugin,version=10.40.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2013-10-09] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.40.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-10-09] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Extension: No Name - C:\Users\Jára\AppData\Roaming\Mozilla\Firefox\Profiles\el4n319l.default\extensions\{4C59F3E5-BBD0-4344-8DD2-30866FA0B31E} [not found]
FF Extension: No Name - C:\Users\Jára\AppData\Roaming\Mozilla\Firefox\Profiles\el4n319l.default\extensions\ICNAV48208908@SQB67903245.com [not found]
FF Extension: No Name - C:\Users\Jára\AppData\Roaming\Mozilla\Firefox\Profiles\el4n319l.default\extensions\ICNAV48208908@SQB67903245.com [not found]

Chrome:
=======
CHR HomePage: Default -> hxxp://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTwkzwGbNf1VzsRiM5U0nqvM0Nvu6RYS6uJq8BAcaMc-AdGEM08ke77ux1Qk47vSMVX4yvBegWARFM4lCSR8FD-XBSC78LEEV4GFQLbadAtw93Pl1uJuZJC_rDQBMgkAs0hgC8q1j-ZcspFQUnEob_ui-KxQ9Na_bBZEB-Q,,
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSearchURL: Default -> hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTwkzwGbNf1VzsRiM5U0nqvM0Nvu6RYS6uJq8BAcaMc-AdGEM08ke77ux1Qk47vSMVX4yvBegWARFM4lCSR8FD-XBRHNmrqn60s17r4lY7vluPJU_NB_m70Oc8LPxRXflU7wc0Z2uDr_iV2OCPiPUYGk0cTrg7HR7Vvp3Gg,,&q={searchTerms}
CHR DefaultSearchKeyword: Default -> feed.sonic-search.com
CHR DefaultSuggestURL: Default -> hxxps://search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command={searchTerms}
CHR Profile: C:\Users\Jára\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Jára\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-07]
CHR Extension: (Dokumenty Google) - C:\Users\Jára\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-07]
CHR Extension: (Disk Google) - C:\Users\Jára\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Jára\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Vyhledávání Google) - C:\Users\Jára\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Wiki Search.me) - C:\Users\Jára\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcgnigmofekcllgbiejhmigggmgehkip [2015-12-05]
CHR Extension: (Tabulky Google) - C:\Users\Jára\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-07]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jára\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jára\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-28]
CHR Extension: (Gmail) - C:\Users\Jára\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR HKLM-x32\...\Chrome\Extension: [fcgnigmofekcllgbiejhmigggmgehkip] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [615584 2015-11-20] (AVG Technologies CZ, s.r.o.)
R2 avgfws; C:\Program Files (x86)\AVG\Av\avgfws.exe [1587128 2015-11-20] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [3857272 2015-11-20] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1046952 2015-11-12] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [579776 2015-11-20] (AVG Technologies CZ, s.r.o.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5426448 2014-12-15] (TeamViewer GmbH)
R2 vfsFPService; c:\Windows\system32\vfsFPService.exe [719152 2008-09-16] (Validity Sensors, Inc.)
R2 vfsFPService; c:\Windows\SysWOW64\vfsFPService.exe [599344 2008-09-16] (Validity Sensors, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [1205136 2015-10-05] ()

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 AVerAF15; C:\Windows\System32\Drivers\AVerAF15.sys [306688 2008-07-04] (AVerMedia TECHNOLOGIES, Inc.) [File not signed]
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [184240 2015-11-06] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [97208 2015-08-29] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [313776 2015-11-06] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [298416 2015-08-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [284080 2015-10-21] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [398256 2015-08-14] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [256432 2015-11-06] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [42416 2015-08-10] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [302000 2015-10-08] (AVG Technologies CZ, s.r.o.)
S3 cpuz135; C:\Program Files (x86)\CPUID\PC Wizard 2012\pcwiz_x64.sys [24368 2012-08-11] (CPUID)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 vfs101a; C:\Windows\System32\drivers\vfs101a.sys [49968 2008-09-16] (Validity Sensors, Inc.)
S3 ATP; system32\DRIVERS\cmdatp.sys [X]
S3 STHDA; system32\DRIVERS\stwrt64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-05 15:38 - 2015-12-05 15:39 - 00017478 _____ C:\Users\Jára\Desktop\FRST.txt
2015-12-05 15:21 - 2015-12-05 15:20 - 02369024 _____ (Farbar) C:\Users\Jára\Desktop\FRST64.exe
2015-12-05 15:20 - 2015-12-05 15:20 - 02369024 _____ (Farbar) C:\Users\Jára\Downloads\FRST64.exe
2015-12-05 14:42 - 2015-12-05 14:41 - 01736704 _____ C:\Users\Jára\Desktop\adwcleaner_5.023.exe
2015-12-05 14:41 - 2015-12-05 14:41 - 01736704 _____ C:\Users\Jára\Downloads\adwcleaner_5.023.exe
2015-12-05 14:08 - 2015-12-05 14:08 - 00000000 ____D C:\_OTM
2015-12-05 14:06 - 2015-12-05 14:05 - 00522240 _____ (OldTimer Tools) C:\Users\Jára\Desktop\OTM.exe
2015-12-05 14:05 - 2015-12-05 14:05 - 00522240 _____ (OldTimer Tools) C:\Users\Jára\Downloads\OTM.exe
2015-12-05 13:33 - 2015-12-05 13:33 - 00000000 ____D C:\rsit
2015-12-05 13:31 - 2015-12-05 13:31 - 01222144 _____ C:\Users\Jára\Desktop\RSITx64.exe
2015-12-05 13:31 - 2015-12-05 13:31 - 00109296 _____ C:\Users\Jára\AppData\Local\GDIPFONTCACHEV1.DAT
2015-12-05 13:27 - 2015-12-05 14:14 - 00212206 _____ C:\Windows\ntbtlog.txt
2015-12-05 13:27 - 2015-12-05 13:29 - 04967816 _____ C:\Windows\system32\FNTCACHE.DAT
2015-12-05 13:27 - 2015-12-05 13:28 - 00282008 _____ C:\Windows\Minidump\120515-44273-01.dmp
2015-12-05 13:27 - 2015-12-05 13:27 - 542267545 _____ C:\Windows\MEMORY.DMP
2015-12-05 13:05 - 2015-12-05 13:05 - 00000000 ____D C:\32788R22FWJFW
2015-12-05 13:03 - 2015-12-05 13:03 - 00003756 _____ C:\Windows\System32\Tasks\Open Chrome
2015-12-04 23:24 - 2015-12-04 23:24 - 05822720 _____ (Advanced System Protector ) C:\Users\Jára\Downloads\aspsetup.exe
2015-12-04 20:35 - 2015-12-04 20:50 - 00000000 ____D C:\Users\Jára\AppData\Roaming\AVG
2015-12-04 20:26 - 2015-12-04 20:26 - 00000932 _____ C:\Users\Public\Desktop\AVG.lnk
2015-12-04 20:26 - 2015-12-04 20:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2015-12-04 20:25 - 2015-12-04 20:50 - 00000000 ____D C:\ProgramData\Avg
2015-12-04 20:24 - 2015-12-05 13:09 - 00000000 ____D C:\Users\Jára\AppData\Local\AvgSetupLog
2015-12-04 20:24 - 2015-12-04 20:24 - 02970984 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Jára\Downloads\AVG_Protection_Free_698.exe
2015-12-04 18:31 - 2015-12-04 18:31 - 00003388 _____ C:\Windows\System32\Tasks\t30r22aa
2015-12-04 17:37 - 2015-12-04 17:48 - 1293609930 _____ C:\Users\Jára\Downloads\Fakju pane učiteli 2 (2015).mkv
2015-12-04 17:31 - 2015-12-04 17:31 - 00000187 _____ C:\Users\Jára\AppData\Local\subhex.exe.config
2015-12-04 17:26 - 2015-12-04 17:36 - 1172307552 _____ C:\Users\Jára\Downloads\Fakju pane učiteli 2 (2015).mkv.crdownload
2015-11-28 14:54 - 2015-11-28 14:54 - 01690253 _____ C:\Users\Jára\Downloads\uprchlicka_krize_a_hodnoceni_vrcholnych_politiku_cr_a_eu_(publikovano_26.11.2015).pptx
2015-11-26 18:39 - 2015-12-03 14:29 - 00005568 _____ C:\Users\Jára\AppData\Roaming\md.xml
2015-11-26 10:34 - 2015-12-04 13:40 - 00058272 _____ C:\Users\Jára\AppData\Roaming\Config.xml
2015-11-23 21:11 - 2015-11-23 21:20 - 1187759430 _____ C:\Users\Jára\Downloads\The-Stoning-of-Soraya-M.---Ukamenování-Sorayi-M.-2008,-CZ-tit.avi
2015-11-23 19:52 - 2015-11-23 19:58 - 733669006 _____ C:\Users\Jára\Downloads\Variete, Burlesque, Cz Dabing (2010).avi
2015-11-21 16:25 - 2015-11-21 16:35 - 104059632 _____ C:\Users\Jára\Downloads\ALJAZERA_201511.zip
2015-11-13 20:22 - 2015-11-13 20:40 - 939315200 _____ C:\Users\Jára\Downloads\Hluboko v lesích (2012)CZ Dabing,thriller, drama, akční.avi
2015-11-13 20:21 - 2015-11-13 20:39 - 936252588 _____ C:\Users\Jára\Downloads\Aloha (2015) CZ dabing.avi
2015-11-13 20:21 - 2015-11-13 20:37 - 734988288 _____ C:\Users\Jára\Downloads\Gambler (2014) CZ-Dabing NOVINKA.avi
2015-11-13 20:17 - 2015-11-13 20:41 - 938059924 _____ C:\Users\Jára\Downloads\Zabijáci [Fasandraeberne] (2014) CZ dabing.avi
2015-11-12 17:30 - 2015-11-03 18:55 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-11-11 21:48 - 2015-10-20 19:42 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-11-11 21:48 - 2015-10-20 19:42 - 02608128 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-11-11 21:48 - 2015-10-20 19:42 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-11-11 21:48 - 2015-10-20 19:42 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-11-11 21:48 - 2015-10-20 19:42 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-11-11 21:48 - 2015-10-20 19:42 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-11-11 21:48 - 2015-10-20 19:42 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-11-11 21:48 - 2015-10-20 19:41 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-11-11 21:48 - 2015-10-20 19:41 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-11-11 21:48 - 2015-10-20 19:41 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-11-11 21:48 - 2015-10-20 19:41 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-11-11 21:48 - 2015-10-20 18:46 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-11-11 21:48 - 2015-10-20 18:46 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-11-11 21:48 - 2015-10-20 18:46 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-11-11 21:48 - 2015-10-20 18:46 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-11-11 21:48 - 2015-10-20 18:45 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-11-11 21:47 - 2015-11-03 23:10 - 00390344 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-11-11 21:47 - 2015-11-03 22:51 - 00342728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-11-11 21:47 - 2015-10-31 00:46 - 25818624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-11-11 21:47 - 2015-10-31 00:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-11-11 21:47 - 2015-10-31 00:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-11-11 21:47 - 2015-10-31 00:25 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-11-11 21:47 - 2015-10-31 00:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-11-11 21:47 - 2015-10-31 00:25 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-11-11 21:47 - 2015-10-31 00:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-11-11 21:47 - 2015-10-31 00:24 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-11-11 21:47 - 2015-10-31 00:24 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-11-11 21:47 - 2015-10-31 00:17 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-11-11 21:47 - 2015-10-31 00:16 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-11-11 21:47 - 2015-10-31 00:13 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-11-11 21:47 - 2015-10-31 00:12 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-11-11 21:47 - 2015-10-31 00:12 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-11-11 21:47 - 2015-10-31 00:11 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-11-11 21:47 - 2015-10-31 00:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-11-11 21:47 - 2015-10-31 00:11 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-11-11 21:47 - 2015-10-31 00:04 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-11-11 21:47 - 2015-10-31 00:01 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-11-11 21:47 - 2015-10-30 23:58 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-11-11 21:47 - 2015-10-30 23:53 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-11-11 21:47 - 2015-10-30 23:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-11-11 21:47 - 2015-10-30 23:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-11-11 21:47 - 2015-10-30 23:49 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-11-11 21:47 - 2015-10-30 23:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-11-11 21:47 - 2015-10-30 23:46 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-11-11 21:47 - 2015-10-30 23:46 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-11-11 21:47 - 2015-10-30 23:45 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-11-11 21:47 - 2015-10-30 23:45 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-11-11 21:47 - 2015-10-30 23:44 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-11-11 21:47 - 2015-10-30 23:44 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-11-11 21:47 - 2015-10-30 23:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-11-11 21:47 - 2015-10-30 23:39 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-11-11 21:47 - 2015-10-30 23:39 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-11-11 21:47 - 2015-10-30 23:37 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-11-11 21:47 - 2015-10-30 23:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-11-11 21:47 - 2015-10-30 23:36 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-11-11 21:47 - 2015-10-30 23:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-11-11 21:47 - 2015-10-30 23:34 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-11-11 21:47 - 2015-10-30 23:32 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-11-11 21:47 - 2015-10-30 23:31 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-11-11 21:47 - 2015-10-30 23:29 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-11-11 21:47 - 2015-10-30 23:29 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-11-11 21:47 - 2015-10-30 23:28 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-11-11 21:47 - 2015-10-30 23:23 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-11-11 21:47 - 2015-10-30 23:22 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-11-11 21:47 - 2015-10-30 23:21 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-11-11 21:47 - 2015-10-30 23:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-11-11 21:47 - 2015-10-30 23:18 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-11-11 21:47 - 2015-10-30 23:17 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-11-11 21:47 - 2015-10-30 23:17 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-11-11 21:47 - 2015-10-30 23:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-11-11 21:47 - 2015-10-30 23:11 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-11-11 21:47 - 2015-10-30 23:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-11-11 21:47 - 2015-10-30 23:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-11-11 21:47 - 2015-10-30 23:09 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-11-11 21:47 - 2015-10-30 23:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-11-11 21:47 - 2015-10-30 23:04 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-11-11 21:47 - 2015-10-30 22:53 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-11-11 21:47 - 2015-10-30 22:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-11-11 21:47 - 2015-10-30 22:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-11-11 21:47 - 2015-10-30 22:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-11-11 21:47 - 2015-10-20 02:12 - 05570496 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-11-11 21:47 - 2015-10-20 02:12 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-11-11 21:47 - 2015-10-20 02:12 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-11-11 21:47 - 2015-10-20 02:09 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-11-11 21:47 - 2015-10-20 02:06 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-11-11 21:47 - 2015-10-20 02:06 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-11-11 21:47 - 2015-10-20 02:06 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-11-11 21:47 - 2015-10-20 02:06 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-11-11 21:47 - 2015-10-20 02:05 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-11-11 21:47 - 2015-10-20 02:05 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-11-11 21:47 - 2015-10-20 02:05 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-11-11 21:47 - 2015-10-20 02:05 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-11 21:47 - 2015-10-20 02:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-11-11 21:47 - 2015-10-20 02:05 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-11-11 21:47 - 2015-10-20 02:05 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-11-11 21:47 - 2015-10-20 02:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-11-11 21:47 - 2015-10-20 02:05 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-11-11 21:47 - 2015-10-20 02:05 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-11-11 21:47 - 2015-10-20 02:05 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-11-11 21:47 - 2015-10-20 02:05 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-11-11 21:47 - 2015-10-20 02:05 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-11-11 21:47 - 2015-10-20 02:05 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-11-11 21:47 - 2015-10-20 02:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-11-11 21:47 - 2015-10-20 02:05 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-11-11 21:47 - 2015-10-20 02:05 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-11-11 21:47 - 2015-10-20 02:05 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-11-11 21:47 - 2015-10-20 02:05 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-11-11 21:47 - 2015-10-20 02:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-11-11 21:47 - 2015-10-20 02:05 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-11-11 21:47 - 2015-10-20 02:04 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-11-11 21:47 - 2015-10-20 02:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-11-11 21:47 - 2015-10-20 02:04 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-11-11 21:47 - 2015-10-20 02:00 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-11-11 21:47 - 2015-10-20 01:59 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-11-11 21:47 - 2015-10-20 01:53 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-11-11 21:47 - 2015-10-20 01:53 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-11-11 21:47 - 2015-10-20 01:53 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-11-11 21:47 - 2015-10-20 01:53 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-11-11 21:47 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-11 21:47 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-11 21:47 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-11 21:47 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-11-11 21:47 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-11 21:47 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-11-11 21:47 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-11 21:47 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-11 21:47 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-11 21:47 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-11-11 21:47 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-11-11 21:47 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-11 21:47 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-11-11 21:47 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-11-11 21:47 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-11-11 21:47 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-11-11 21:47 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-11-11 21:47 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-11-11 21:47 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-11 21:47 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-11-11 21:47 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-11-11 21:47 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-11 21:47 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-11-11 21:47 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-11-11 21:47 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-11-11 21:47 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-11-11 21:47 - 2015-10-20 01:52 - 03991488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-11-11 21:47 - 2015-10-20 01:52 - 03935680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-11-11 21:47 - 2015-10-20 01:48 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-11-11 21:47 - 2015-10-20 01:45 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-11-11 21:47 - 2015-10-20 01:45 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-11-11 21:47 - 2015-10-20 01:45 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-11-11 21:47 - 2015-10-20 01:45 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-11-11 21:47 - 2015-10-20 01:45 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-11-11 21:47 - 2015-10-20 01:45 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-11-11 21:47 - 2015-10-20 01:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-11-11 21:47 - 2015-10-20 01:45 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-11-11 21:47 - 2015-10-20 01:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-11-11 21:47 - 2015-10-20 01:45 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-11-11 21:47 - 2015-10-20 01:45 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-11-11 21:47 - 2015-10-20 01:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-11-11 21:47 - 2015-10-20 01:44 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-11-11 21:47 - 2015-10-20 01:44 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-11-11 21:47 - 2015-10-20 01:44 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-11-11 21:47 - 2015-10-20 01:44 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-11-11 21:47 - 2015-10-20 01:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-11-11 21:47 - 2015-10-20 01:44 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-11-11 21:47 - 2015-10-20 01:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-11-11 21:47 - 2015-10-20 01:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-11-11 21:47 - 2015-10-20 01:35 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-11-11 21:47 - 2015-10-20 01:35 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-11-11 21:47 - 2015-10-20 01:35 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-11-11 21:47 - 2015-10-20 01:35 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-11 21:47 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-11 21:47 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-11-11 21:47 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-11-11 21:47 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-11 21:47 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-11-11 21:47 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-11 21:47 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-11 21:47 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-11-11 21:47 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-11 21:47 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-11 21:47 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-11-11 21:47 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-11-11 21:47 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-11 21:47 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-11-11 21:47 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-11-11 21:47 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-11-11 21:47 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-11-11 21:47 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-11 21:47 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-11-11 21:47 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-11-11 21:47 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-11-11 21:47 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-11-11 21:47 - 2015-10-20 00:41 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-11-11 21:47 - 2015-10-20 00:40 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-11-11 21:47 - 2015-10-20 00:40 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-11-11 21:47 - 2015-10-20 00:29 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-11-11 21:47 - 2015-10-20 00:29 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-11-11 21:47 - 2015-10-20 00:27 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-11-11 21:47 - 2015-10-20 00:27 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-11 21:47 - 2015-10-20 00:27 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-11-11 21:47 - 2015-10-20 00:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-11-11 21:47 - 2015-09-23 14:15 - 00460776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-11-11 21:47 - 2015-09-23 14:15 - 00299632 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2015-11-11 21:47 - 2015-09-23 14:09 - 00251000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2015-11-11 21:46 - 2015-10-29 18:50 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-11-11 21:46 - 2015-10-29 18:50 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-11-11 21:46 - 2015-10-29 18:50 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-11-11 21:46 - 2015-10-29 18:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-11-11 21:46 - 2015-10-29 18:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-11-11 21:46 - 2015-10-29 18:49 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-11-11 21:46 - 2015-10-29 18:49 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-11-11 21:46 - 2015-10-13 17:41 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-11-11 21:46 - 2015-10-13 17:40 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-11-11 21:46 - 2015-10-13 05:57 - 00950720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-11-11 21:46 - 2015-10-01 19:00 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-11-11 21:46 - 2015-10-01 19:00 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-11-11 21:46 - 2015-10-01 18:50 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-11-10 22:09 - 2015-11-10 22:09 - 00051712 _____ C:\Users\Jára\Downloads\Firemnifinance_vzor_faktury_pro_neplatce_dph_I.xls
2015-11-09 22:53 - 2015-11-09 23:02 - 00000183 _____ C:\Windows\aimpr.ini
2015-11-08 23:23 - 2015-11-08 23:23 - 00081108 _____ C:\Users\Jára\Downloads\394652648.pdf
2015-11-08 23:23 - 2015-11-08 23:23 - 00070076 _____ C:\Users\Jára\Downloads\390767529.pdf
2015-11-07 21:09 - 2015-11-07 21:15 - 701358080 _____ C:\Users\Jára\Downloads\Cindy-(1984)-Romanticky-Hudebni.avi
2015-11-07 14:24 - 2015-11-07 14:31 - 736835584 _____ C:\Users\Jára\Downloads\Dabluv dvojnik Devil's Double, The (2011)czdabing.avi
2015-11-06 17:08 - 2015-11-06 17:16 - 941509296 _____ C:\Users\Jára\Downloads\Fakjů pane učiteli (2013) CZ dabing.avi
2015-11-06 15:50 - 2015-11-06 15:50 - 00184240 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgdiska.sys
2015-11-06 15:49 - 2015-11-06 15:49 - 00313776 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2015-11-06 15:49 - 2015-11-06 15:49 - 00256432 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx64.sys

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-05 15:38 - 2013-10-30 20:36 - 00000000 ____D C:\FRST
2015-12-05 15:14 - 2014-12-12 17:08 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-05 15:01 - 2009-07-14 05:45 - 00022464 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-05 15:01 - 2009-07-14 05:45 - 00022464 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-05 14:58 - 2013-10-11 20:11 - 00000000 ____D C:\Users\Jára\AppData\Roaming\Seznam.cz
2015-12-05 14:56 - 2014-11-14 22:16 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-05 14:54 - 2014-10-19 14:35 - 00000000 ____D C:\ProgramData\MFAData
2015-12-05 14:53 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-05 14:53 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2015-12-05 14:50 - 2014-11-04 19:23 - 00000000 ____D C:\AdwCleaner
2015-12-05 14:44 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2015-12-05 13:33 - 2014-11-05 21:52 - 00000000 ____D C:\Program Files\trend micro
2015-12-05 13:27 - 2013-10-29 19:38 - 00000000 ____D C:\Windows\Minidump
2015-12-05 13:11 - 2014-07-16 15:49 - 00000000 ____D C:\Users\Jára\Desktop\italy music
2015-12-05 12:51 - 2014-11-14 22:16 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-05 12:51 - 2013-11-30 00:08 - 00003948 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-05 12:51 - 2013-11-30 00:07 - 00003696 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-05 00:10 - 2013-10-31 21:20 - 00002770 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-12-04 21:47 - 2013-10-04 22:42 - 00000000 ____D C:\Users\Jára
2015-12-04 20:50 - 2015-05-22 11:15 - 00000000 ____D C:\Users\Jára\AppData\Local\Avg
2015-12-04 20:50 - 2014-10-19 14:38 - 00000000 ____D C:\Program Files (x86)\AVG
2015-12-04 20:40 - 2014-10-19 14:39 - 00000000 ____D C:\ProgramData\AVG2015
2015-12-04 20:35 - 2014-10-19 14:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-12-04 20:35 - 2014-10-19 14:39 - 00000000 ___HD C:\$AVG
2015-12-04 20:34 - 2015-06-11 11:26 - 00000000 ____D C:\Program Files\Common Files\AV
2015-12-04 20:33 - 2015-02-26 17:07 - 00000000 ____D C:\Users\Jára\AppData\Local\AVG Web TuneUp
2015-12-04 18:34 - 2013-10-11 13:12 - 00002195 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-11-24 16:47 - 2009-07-14 16:18 - 00669116 _____ C:\Windows\system32\perfh005.dat
2015-11-24 16:47 - 2009-07-14 16:18 - 00141744 _____ C:\Windows\system32\perfc005.dat
2015-11-24 16:47 - 2009-07-14 06:13 - 01584554 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-19 16:23 - 2009-07-14 06:08 - 00032586 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-11-12 20:23 - 2015-08-16 12:44 - 00000000 ____D C:\Windows\rescache
2015-11-11 22:26 - 2014-09-21 11:40 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-11-11 22:18 - 2014-01-17 19:19 - 01560204 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-11-11 22:13 - 2009-07-14 16:37 - 00000000 ____D C:\Program Files\Windows Journal
2015-11-11 21:14 - 2014-12-12 17:08 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-11-11 21:14 - 2014-02-15 11:23 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-11-11 21:14 - 2014-02-15 11:23 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-07 18:25 - 2013-10-31 21:08 - 00000000 ____D C:\Program Files (x86)\TeamViewer

==================== Files in the root of some directories =======

2015-11-26 10:34 - 2015-12-04 13:40 - 0058272 _____ () C:\Users\Jára\AppData\Roaming\Config.xml
2015-11-26 18:39 - 2015-12-03 14:29 - 0005568 _____ () C:\Users\Jára\AppData\Roaming\md.xml
2014-09-03 22:36 - 2014-09-03 22:36 - 0002086 _____ () C:\Users\Jára\AppData\Roaming\OPSN
2015-11-26 18:40 - 2015-11-19 14:26 - 0004134 _____ () C:\Users\Jára\AppData\Roaming\shem.jpg
2014-01-03 00:46 - 2014-01-03 00:46 - 0703117 _____ () C:\Users\Jára\AppData\Roaming\technic-launcher.jar
2013-10-28 21:53 - 2013-10-28 21:53 - 0050020 _____ () C:\Users\Jára\AppData\Roaming\VideoPad.dmp
2013-10-04 23:14 - 2013-10-04 23:14 - 0000000 _____ () C:\Users\Jára\AppData\Local\AtStart.txt
2014-01-17 22:05 - 2014-10-26 16:46 - 0004608 _____ () C:\Users\Jára\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-10-04 23:14 - 2013-10-04 23:14 - 0000000 _____ () C:\Users\Jára\AppData\Local\DSwitch.txt
2013-10-04 23:14 - 2013-10-04 23:14 - 0000000 _____ () C:\Users\Jára\AppData\Local\QSwitch.txt
2015-12-04 17:31 - 2015-12-04 17:31 - 0000187 _____ () C:\Users\Jára\AppData\Local\subhex.exe.config
2014-01-28 13:37 - 2014-02-03 16:16 - 0828671 ____N () C:\Users\Jára\AppData\Local\Tempmusic.ogg

Some files in TEMP:
====================
C:\Users\Jára\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-11-30 19:46

==================== End of FRST.txt ============================

[altrok]

OTM z nejakeho duvodu nemohlo vytvorit bod obnoveni. Pokuste se vytvorit bod obnoveni rucne.


Nainstalujte MBAM a udelejte vlastni sken vsech disku - http://forum.viry.cz/viewtopic.php?f=29&t=144868

• Upozorneni: tento sken zabere od 30 minut po nekolik hodin - nic predem nemazte!

[Lucifix]

Jsem tu, ale bez logu a opět v nouzovém režimu. Malwarebytes se mi na 119049 položce při skenování C://Windows/SysWOW64/compstui.dll sekne, přestane reagovat, procesor mi klesl na 1, po 10min. byl na 24. Nic nefungovalo a vše se jen dlouho načítalo. Po půl hodině od tohoto problému jsem natvrdo restartovala pc a zkusila znova. Bohužel se to opakovalo, jen s tím, že tentokrát na mě při skenu vyskočila chyba: Chyba aplikace TASKMGR.EXE Instrukce na 0x000007FEFB2EDEFC se odkazovala na pamět na 0x000007FEFB2EDEFC- požadovaná data nebyla umístěna do paměti kvůli vstupně-výstupní chybě na 0x0000185. Ukončit program. Procesor opět na 1, pak na 37. Chtěla jsem vám hned psát, ale google mi nechtěl načíst stránku, kurzor se stále točil a za chvíli mi to hlásilo Google Chrome spadl.....monitor zčernal, pak naskočila jedna ikona z plochy přes celý monitor a musela jsem opět na tvrdo restartovat a připojit se z nouzového . Už jsem z toho na švestku

[Lucifix]

Už mám ten log z Malwarebytes...uff....

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 5.12.2015
Čas skenování: 20:22
Protokol: sken.txt
Správce: Ano

Verze: 2.2.0.1024
Databáze malwaru: v2015.12.05.04
Databáze rootkitů: v2015.11.26.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Jára

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 636339
Uplynulý čas: 4 hod, 21 min, 22 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 13
PUP.Optional.Amonetize, HKLM\SOFTWARE\MICROSOFT\TRACING\hotnix_RASAPI32, , [4f29643da5e60630d5af6491956e649c],
PUP.Optional.Amonetize, HKLM\SOFTWARE\MICROSOFT\TRACING\hotnix_RASMANCS, , [6a0eb8e9d7b47bbb790b02f314ef28d8],
PUP.Optional.Linkury.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\mtVaiafineco, , [a6d26b364d3e0d2902f13c61aa589b65],
PUP.Optional.WikiSearchMe, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\fcgnigmofekcllgbiejhmigggmgehkip, , [a0d87f227c0ff73f42cefac738cb857b],
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\NATIVEMESSAGINGHOSTS\nmhostct3289075, , [7ff9dfc292f96fc76305495a6c96b050],
PUP.Optional.Linkury, HKU\S-1-5-21-4030809380-311013274-366993075-1001\SOFTWARE\mtMedlight, , [ef89cbd61477e65004d0dac3b74b04fc],
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-4030809380-311013274-366993075-1001\SOFTWARE\mtVaiafineco, , [0672f3aeddae49edde0c3d60be446f91],
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-4030809380-311013274-366993075-1001\SOFTWARE\GOOGLE\CHROME\NATIVEMESSAGINGHOSTS\nmhostct3289075, , [5325f5acb0dbe74fb8ab5f44956d6b95],
PUP.Optional.CrossRider, HKU\S-1-5-21-4030809380-311013274-366993075-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{208614C1-D950-45E2-B339-8B7211F6A1B4}, , [58203170c7c4a0968eea454035ce4cb4],
PUP.Optional.CrossRider, HKU\S-1-5-21-4030809380-311013274-366993075-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C6B9C62F-412A-4C54-AEE3-4D9D9BC19716}, , [7701524fcebdd4621166562f0ef57888],
PUP.Optional.CrossRider, HKU\S-1-5-21-4030809380-311013274-366993075-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D8577142-A581-44D1-8487-89A66B3B5FB2}, , [ff79524fc3c8ab8b37405c29b84b49b7],
PUP.Optional.CrossRider, HKU\S-1-5-21-4030809380-311013274-366993075-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EFD20743-7908-41AC-9E8E-64E38E954436}, , [fb7db4ed305b92a42058b4d1ee153cc4],
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-4030809380-311013274-366993075-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\CHCT3289075, , [48309110adde7bbb10612e41f112fd03],

Hodnoty registru: 8
PUP.Optional.Linkury.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTwkzwGbNf1VzsRiM5U0nqvM0Nvu6RYS6uJq8BAcaMc-AdGEM08ke77ux1Qk47vSMVX4yvBegWARFM4lCSR8FD-XBU-CSgB1PNf7ll0l4AfMUTy9FKZTWjswh_RUpDQYyNty7hhPLsq4tC52D4DECQKXaEp93OiyB6xhGdQ,,&q={searchTerms}, , [afc95a472d5e7eb8f4e9323f41c243bd]
PUP.Optional.Linkury, HKU\S-1-5-21-4030809380-311013274-366993075-1001\ENVIRONMENT|SNP, http://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D?publisher=APSFRest&co=CZ&userid=342a869f-116b-fb14-5d57-5c374edd605d&searchtype=sc&installDate=04.12.2015&barcodeid=50066888&channelid=888, , [3d3b227f38532115b6f2d5c01be86f91]
PUP.Optional.Linkury, HKU\S-1-5-21-4030809380-311013274-366993075-1001\ENVIRONMENT|SNF, C:\ProgramData\Vaiafinecos\snp.sc, , [3b3dcdd49deed066f1b67c19e51e4fb1]
PUP.Optional.CrossRider, HKU\S-1-5-21-4030809380-311013274-366993075-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{208614C1-D950-45E2-B339-8B7211F6A1B4}|AppName, 3f7fa125-46f0-47c8-a398-62e472fd142b-2.exe-codedownloader.exe, , [58203170c7c4a0968eea454035ce4cb4]
PUP.Optional.CrossRider, HKU\S-1-5-21-4030809380-311013274-366993075-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C6B9C62F-412A-4C54-AEE3-4D9D9BC19716}|AppName, 6485d93c-e2c1-4886-ab1d-6ff965ada4ae-2.exe-buttonutil.exe, , [7701524fcebdd4621166562f0ef57888]
PUP.Optional.CrossRider, HKU\S-1-5-21-4030809380-311013274-366993075-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D8577142-A581-44D1-8487-89A66B3B5FB2}|AppName, c0fe6bdf-0515-4f6f-80fe-9ec4a9eab686-2.exe-buttonutil.exe, , [ff79524fc3c8ab8b37405c29b84b49b7]
PUP.Optional.CrossRider, HKU\S-1-5-21-4030809380-311013274-366993075-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EFD20743-7908-41AC-9E8E-64E38E954436}|AppName, 03028fde-b6ef-4928-878a-0e9ddec76e17-2.exe-codedownloader.exe, , [fb7db4ed305b92a42058b4d1ee153cc4]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-4030809380-311013274-366993075-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTwkzwGbNf1VzsRiM5U0nqvM0Nvu6RYS6uJq8BAcaMc-AdGEM08ke77ux1Qk47vSMVX4yvBegWARFM4lCSR8FD-XBU-CSgB1PNf7ll0l4AfMUTy9FKZTWjswh_RUpDQYyNty7hhPLsq4tC52D4DECQKXaEp93OiyB6xhGdQ,,&q={searchTerms}, , [e890138e0f7c082e2baf6d04ab58a858]

Data registru: 6
PUP.Optional.Linkury.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {ielnksrch}, Dobré: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Špatné: ({ielnksrch}),,[a3d53f620388b2847c4de88bee1606fa]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-4030809380-311013274-366993075-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTwkzwGbNf1VzsRiM5U0nqvM0Nvu6RYS6uJq8BAcaMc-AdGEM08ke77ux1Qk47vSMVX4yvBegWARFM4lCSR8FD-XBU-CSgB1PNf7ll0l4AfMUTy9FKZTWjswh_RUpDQYyNty7hhPLsq4tC52D4DECQKXaEp93OiyB6xhGdQ,,&q={searchTerms}, Dobré: (www.google.com), Špatné: (http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTwkzwGbNf1VzsRiM5U0nqvM0Nvu6RYS6uJq8BAcaMc-AdGEM08ke77ux1Qk47vSMVX4yvBegWARFM4lCSR8FD-XBU-CSgB1PNf7ll0l4AfMUTy9FKZTWjswh_RUpDQYyNty7hhPLsq4tC52D4DECQKXaEp93OiyB6xhGdQ,,&q={searchTerms}),,[beba08997d0e63d33e85b3c0e81c35cb]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-4030809380-311013274-366993075-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTwkzwGbNf1VzsRiM5U0nqvM0Nvu6RYS6uJq8BAcaMc-AdGEM08ke77ux1Qk47vSMVX4yvBegWARFM4lCSR8FD-XNda0o0Mr2KATmHFWj-Pqy32EvEBkcCkOTtgJXekz0vSZp0vOuVuDEkXhpylv0HZKiKvDDKG_pX_X3lg,,, Dobré: (www.google.com), Špatné: (http://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTwkzwGbNf1VzsRiM5U0nqvM0Nvu6RYS6uJq8BAcaMc-AdGEM08ke77ux1Qk47vSMVX4yvBegWARFM4lCSR8FD-XNda0o0Mr2KATmHFWj-Pqy32EvEBkcCkOTtgJXekz0vSZp0vOuVuDEkXhpylv0HZKiKvDDKG_pX_X3lg,,),,[b0c8158cb3d864d2477d98dbcc38758b]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-4030809380-311013274-366993075-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Bar, http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTwkzwGbNf1VzsRiM5U0nqvM0Nvu6RYS6uJq8BAcaMc-AdGEM08ke77ux1Qk47vSMVX4yvBegWARFM4lCSR8FD-XBU-CSgB1PNf7ll0l4AfMUTy9FKZTWjswh_RUpDQYyNty7hhPLsq4tC52D4DECQKXaEp93OiyB6xhGdQ,,&q={searchTerms}, Dobré: (www.google.com), Špatné: (http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTwkzwGbNf1VzsRiM5U0nqvM0Nvu6RYS6uJq8BAcaMc-AdGEM08ke77ux1Qk47vSMVX4yvBegWARFM4lCSR8FD-XBU-CSgB1PNf7ll0l4AfMUTy9FKZTWjswh_RUpDQYyNty7hhPLsq4tC52D4DECQKXaEp93OiyB6xhGdQ,,&q={searchTerms}),,[33452e736625360005be98db8183ba46]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-4030809380-311013274-366993075-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|SearchAssistant, http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTwkzwGbNf1VzsRiM5U0nqvM0Nvu6RYS6uJq8BAcaMc-AdGEM08ke77ux1Qk47vSMVX4yvBegWARFM4lCSR8FD-XBU-CSgB1PNf7ll0l4AfMUTy9FKZTWjswh_RUpDQYyNty7hhPLsq4tC52D4DECQKXaEp93OiyB6xhGdQ,,&q={searchTerms}, Dobré: (www.google.com), Špatné: (http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTwkzwGbNf1VzsRiM5U0nqvM0Nvu6RYS6uJq8BAcaMc-AdGEM08ke77ux1Qk47vSMVX4yvBegWARFM4lCSR8FD-XBU-CSgB1PNf7ll0l4AfMUTy9FKZTWjswh_RUpDQYyNty7hhPLsq4tC52D4DECQKXaEp93OiyB6xhGdQ,,&q={searchTerms}),,[fc7c762bed9efe38bc07ea89e71db54b]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-4030809380-311013274-366993075-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Default_Search_URL, http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTwkzwGbNf1VzsRiM5U0nqvM0Nvu6RYS6uJq8BAcaMc-AdGEM08ke77ux1Qk47vSMVX4yvBegWARFM4lCSR8FD-XBU-CSgB1PNf7ll0l4AfMUTy9FKZTWjswh_RUpDQYyNty7hhPLsq4tC52D4DECQKXaEp93OiyB6xhGdQ,,&q={searchTerms}, Dobré: (www.google.com), Špatné: (http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTwkzwGbNf1VzsRiM5U0nqvM0Nvu6RYS6uJq8BAcaMc-AdGEM08ke77ux1Qk47vSMVX4yvBegWARFM4lCSR8FD-XBU-CSgB1PNf7ll0l4AfMUTy9FKZTWjswh_RUpDQYyNty7hhPLsq4tC52D4DECQKXaEp93OiyB6xhGdQ,,&q={searchTerms}),,[3048f8a95734ee48e6dfe093fd07718f]

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 13
PUP.Optional.SearchProtect.AppFlsh, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\Loader32.exe.vir, , [8fe9455ccfbcb086018c9d0bb948e31d],
PUP.Optional.SearchProtect.AppFlsh, C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\Loader64.exe.vir, , [5028f2af8407c96d503cc1e7976ae917],
PUP.Optional.ClientConnect, C:\AdwCleaner\Quarantine\C\Users\Jára\AppData\Local\Google\Chrome\User Data\Default\Extensions\cflheckfmhopnialghigdlggahiomebp\10.31.4.510_0\APISupport\APISupport.dll.vir, , [98e0673afd8ef1452be509b7847c27d9],
PUP.Optional.ClientConnect, C:\AdwCleaner\Quarantine\C\Users\Jára\AppData\Local\Google\Chrome\User Data\Default\Extensions\cflheckfmhopnialghigdlggahiomebp\10.31.4.510_0\nativeMessaging\TBMessagingHost.exe.vir, , [d6a27031ef9cf34369a7b907b34d05fb],
PUP.Optional.ClientConnect, C:\AdwCleaner\Quarantine\C\Users\Jára\AppData\Local\Google\Chrome\User Data\Default\Extensions\cflheckfmhopnialghigdlggahiomebp\10.31.4.510_0\plugins\ChromeApiPlugin.dll.vir, , [7404efb25e2d6ccaae629d23a65a8878],
PUP.Optional.APNToolBar, C:\FRST\Quarantine\APNSetup.exe, , [591f3d6402897fb7efee43e61be619e7],
PUP.Optional.APNToolBar, C:\FRST\Quarantine\AskPartnerNetwork\AskPartnerNetwork\Toolbar\APNSetup.exe, , [0a6e9b06d8b35cda32abea3f7e83867a],
PUP.Optional.Linkury, C:\_OTM\MovedFiles\12052015_140802\C_Program Files\Common Files\cylg2clr\ca705otaak2vz.exe, , [08704c554a410234598af2331ee3a45c],
PUP.Optional.Bundler, C:\_OTM\MovedFiles\12052015_140802\C_ProgramData\Vaiafineco\Rankex.dll, , [b2c6326fdab1c17530015e0cbc489070],
PUP.Optional.Bundler, C:\_OTM\MovedFiles\12052015_140802\C_ProgramData\Vaiafineco\StrongZimeco.exe, , [3444435ed7b40432d9f0e1423fc333cd],
PUP.Optional.Bundler, C:\_OTM\MovedFiles\12052015_140802\C_ProgramData\Vaiafineco\Truejob.dll, , [c1b7f9a8ee9de94db9795e0c10f47a86],
PUP.Optional.Linkury.ShrtCln, C:\Users\Jára\AppData\Roaming\Mozilla\Firefox\Profiles\el4n319l.default\prefs.js, Dobré: (), Špatné: (user_pref("browser.newtab.url", "C:\ProgramData\Vaiafinecos\ff.NT");), ,[f286d0d1b1da6fc7f303f0a91de75da3]
PUP.Optional.Linkury.ShrtCln, C:\Users\Jára\AppData\Roaming\Mozilla\Firefox\Profiles\el4n319l.default\prefs.js, Dobré: (browser.startup.homepage", "https://www.malwarebytes.org/restorebrowser/), Špatné: (browser.startup.homepage", "C:\ProgramData\Vaiafinecos\ff.HP), ,[ed8b6c351873a492a098b5ec13f134cc]

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

[altrok]

Nezoufejte, vsechno zvladneme


Pokud jste jeste MBAM neukoncila, vsechny nalezy smate/presunte do karanteny.

• Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
• ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
• znovu spustte FRST a kliknete na Fix
• po restartu bude na plose ulozen fixlog, jehoz obsah mi vlozte do pristi odpovedi

  Kód: Vybrat vše

  Start
  CloseProcesses:
  Task: {0F0E928D-07B3-476A-B8F6-CDB551526CBA} - System32\Tasks\Open Chrome => Chrome.exe toolbar.avg.com/ch-uninstall?cid={AE7CAC46-771E-44CA-8DA0-47CDFDFC9BB2}&mid=1e6473f849af47d2b028d16d38c05e18-ff9705ac7f8470ae1bebc0c0d41224e31fea7b3b&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0415tb&pr=fr&d=&v=4.1.8.599&pid=wtu&sg=
  Task: {3C811B38-C9D3-4AA6-8C1B-5E4071F61609} - System32\Tasks\{2EF9220E-1F8A-47D5-8312-1950F7902359} => pcalua.exe -a C:\Users\Jára\AppData\Roaming\Seznam.cz\szninstall.exe -c -X
  Task: {B1F423F2-5407-45E3-81E4-CE4E9AE3874D} - System32\Tasks\{63CF3CF2-8E8E-4660-B481-F518BFDF9A95} => pcalua.exe -a C:\Users\Jára\AppData\Roaming\webssearches\UninstallManager.exe -c -ptid=cvs <==== ATTENTION
  C:\Users\Jára\AppData\Roaming\webssearches
  Task: {B9D362B7-ECA0-483C-ADB6-BB95EEA1C150} - System32\Tasks\t30r22aa => C:\Program Files\Common Files\cylg2clr\ca705otaak2vz.exe <==== ATTENTION
  C:\Program Files\Common Files\cylg2clr
  Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  AlternateDataStreams: C:\ProgramData\TEMP:56E2E879
  HKLM\...\Policies\Explorer: [RestrictRun] 0
  HKU\S-1-5-21-4030809380-311013274-366993075-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Jára\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
  HKU\S-1-5-21-4030809380-311013274-366993075-1001\...\Policies\Explorer: [RestrictRun] 0
  AppInit_DLLs: C:\ProgramData\Vaiafineco\Truejob.dll => No File
  ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
  BootExecute: sasnative64autocheck autochk * sdnclean64.exe
  HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
  HKU\S-1-5-21-4030809380-311013274-366993075-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
  HKU\S-1-5-21-4030809380-311013274-366993075-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73 ... xhGdQ,,&q={searchTerms}
  HKU\S-1-5-21-4030809380-311013274-366993075-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://%66%65%65%64.%73%6E%61%70%64%6F. ... G_pX_X3lg,,
  HKU\S-1-5-21-4030809380-311013274-366993075-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73 ... xhGdQ,,&q={searchTerms}
  HKU\S-1-5-21-4030809380-311013274-366993075-1001\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73 ... xhGdQ,,&q={searchTerms}
  SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL = 
  FF NewTab: C:\ProgramData\Vaiafinecos\ff.NT
  FF Homepage: C:\ProgramData\Vaiafinecos\ff.HP
  FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
  FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
  FF Extension: No Name - C:\Users\Jára\AppData\Roaming\Mozilla\Firefox\Profiles\el4n319l.default\extensions\{4C59F3E5-BBD0-4344-8DD2-30866FA0B31E} [not found]
  FF Extension: No Name - C:\Users\Jára\AppData\Roaming\Mozilla\Firefox\Profiles\el4n319l.default\extensions\ICNAV48208908@SQB67903245.com [not found]
  FF Extension: No Name - C:\Users\Jára\AppData\Roaming\Mozilla\Firefox\Profiles\el4n319l.default\extensions\ICNAV48208908@SQB67903245.com [not found]
  CHR HomePage: Default -> hxxp://%66%65%65%64.%73%6E%61%70%64%6F. ... a_bBZEB-Q,,
  CHR DefaultSearchURL: Default -> hxxp://%66%65%65%64.%73%6F%6E%69%63-%73 ... vp3Gg,,&q={searchTerms}
  CHR DefaultSearchKeyword: Default -> feed.sonic-search.com
  CHR DefaultSuggestURL: Default -> hxxps://search.yahoo.com/sugg/chrome?ou ... s&command={searchTerms}
  CHR Extension: (Wiki Search.me) - C:\Users\Jára\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcgnigmofekcllgbiejhmigggmgehkip [2015-12-05]
  2015-12-05 15:38 - 2015-12-05 15:39 - 00017478 _____ C:\Users\Jára\Desktop\FRST.txt
  2015-12-05 14:42 - 2015-12-05 14:41 - 01736704 _____ C:\Users\Jára\Desktop\adwcleaner_5.023.exe
  2015-12-05 14:41 - 2015-12-05 14:41 - 01736704 _____ C:\Users\Jára\Downloads\adwcleaner_5.023.exe
  2015-12-05 13:33 - 2015-12-05 13:33 - 00000000 ____D C:\rsit
  2015-12-05 13:31 - 2015-12-05 13:31 - 01222144 _____ C:\Users\Jára\Desktop\RSITx64.exe
  2015-12-05 14:50 - 2014-11-04 19:23 - 00000000 ____D C:\AdwCleaner
  2015-12-05 13:33 - 2014-11-05 21:52 - 00000000 ____D C:\Program Files\trend micro
  2015-12-04 17:31 - 2015-12-04 17:31 - 0000187 _____ () C:\Users\Jára\AppData\Local\subhex.exe.config
  Hosts:
  EmptyTemp:
  End

[Lucifix]

Dobré ranko Naštěstí jsem MBAM nevypla, takže provedeno a vkládám nový log....

Fix result of Farbar Recovery Scan Tool (x64) Version:05-12-2015
Ran by Jára (2015-12-06 10:02:26) Run:2
Running from C:\Users\Jára\Desktop
Loaded Profiles: Jára (Available Profiles: Jára)
Boot Mode: Safe Mode (with Networking)
==============================================

fixlist content:
*****************
Start
CloseProcesses:
Task: {0F0E928D-07B3-476A-B8F6-CDB551526CBA} - System32\Tasks\Open Chrome => Chrome.exe toolbar.avg.com/ch-uninstall?cid={AE7CAC46-771E-44CA-8DA0-47CDFDFC9BB2}&mid=1e6473f849af47d2b028d16d38c05e18-ff9705ac7f8470ae1bebc0c0d41224e31fea7b3b&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0415tb&pr=fr&d=&v=4.1.8.599&pid=wtu&sg=
Task: {3C811B38-C9D3-4AA6-8C1B-5E4071F61609} - System32\Tasks\{2EF9220E-1F8A-47D5-8312-1950F7902359} => pcalua.exe -a C:\Users\Jára\AppData\Roaming\Seznam.cz\szninstall.exe -c -X
Task: {B1F423F2-5407-45E3-81E4-CE4E9AE3874D} - System32\Tasks\{63CF3CF2-8E8E-4660-B481-F518BFDF9A95} => pcalua.exe -a C:\Users\Jára\AppData\Roaming\webssearches\UninstallManager.exe -c -ptid=cvs <==== ATTENTION
C:\Users\Jára\AppData\Roaming\webssearches
Task: {B9D362B7-ECA0-483C-ADB6-BB95EEA1C150} - System32\Tasks\t30r22aa => C:\Program Files\Common Files\cylg2clr\ca705otaak2vz.exe <==== ATTENTION
C:\Program Files\Common Files\cylg2clr
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
AlternateDataStreams: C:\ProgramData\TEMP:56E2E879
HKLM\...\Policies\Explorer: [RestrictRun] 0
HKU\S-1-5-21-4030809380-311013274-366993075-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Jára\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-4030809380-311013274-366993075-1001\...\Policies\Explorer: [RestrictRun] 0
AppInit_DLLs: C:\ProgramData\Vaiafineco\Truejob.dll => No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
BootExecute: sasnative64autocheck autochk * sdnclean64.exe
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-4030809380-311013274-366993075-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-4030809380-311013274-366993075-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73 ... xhGdQ,,&q={searchTerms}
HKU\S-1-5-21-4030809380-311013274-366993075-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://%66%65%65%64.%73%6E%61%70%64%6F. ... G_pX_X3lg,,
HKU\S-1-5-21-4030809380-311013274-366993075-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73 ... xhGdQ,,&q={searchTerms}
HKU\S-1-5-21-4030809380-311013274-366993075-1001\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73 ... xhGdQ,,&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL =
FF NewTab: C:\ProgramData\Vaiafinecos\ff.NT
FF Homepage: C:\ProgramData\Vaiafinecos\ff.HP
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Extension: No Name - C:\Users\Jára\AppData\Roaming\Mozilla\Firefox\Profiles\el4n319l.default\extensions\{4C59F3E5-BBD0-4344-8DD2-30866FA0B31E} [not found]
FF Extension: No Name - C:\Users\Jára\AppData\Roaming\Mozilla\Firefox\Profiles\el4n319l.default\extensions\ICNAV48208908@SQB67903245.com [not found]
FF Extension: No Name - C:\Users\Jára\AppData\Roaming\Mozilla\Firefox\Profiles\el4n319l.default\extensions\ICNAV48208908@SQB67903245.com [not found]
CHR HomePage: Default -> hxxp://%66%65%65%64.%73%6E%61%70%64%6F. ... a_bBZEB-Q,,
CHR DefaultSearchURL: Default -> hxxp://%66%65%65%64.%73%6F%6E%69%63-%73 ... vp3Gg,,&q={searchTerms}
CHR DefaultSearchKeyword: Default -> feed.sonic-search.com
CHR DefaultSuggestURL: Default -> hxxps://search.yahoo.com/sugg/chrome?ou ... s&command={searchTerms}
CHR Extension: (Wiki Search.me) - C:\Users\Jára\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcgnigmofekcllgbiejhmigggmgehkip [2015-12-05]
2015-12-05 15:38 - 2015-12-05 15:39 - 00017478 _____ C:\Users\Jára\Desktop\FRST.txt
2015-12-05 14:42 - 2015-12-05 14:41 - 01736704 _____ C:\Users\Jára\Desktop\adwcleaner_5.023.exe
2015-12-05 14:41 - 2015-12-05 14:41 - 01736704 _____ C:\Users\Jára\Downloads\adwcleaner_5.023.exe
2015-12-05 13:33 - 2015-12-05 13:33 - 00000000 ____D C:\rsit
2015-12-05 13:31 - 2015-12-05 13:31 - 01222144 _____ C:\Users\Jára\Desktop\RSITx64.exe
2015-12-05 14:50 - 2014-11-04 19:23 - 00000000 ____D C:\AdwCleaner
2015-12-05 13:33 - 2014-11-05 21:52 - 00000000 ____D C:\Program Files\trend micro
2015-12-04 17:31 - 2015-12-04 17:31 - 0000187 _____ () C:\Users\Jára\AppData\Local\subhex.exe.config
Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0F0E928D-07B3-476A-B8F6-CDB551526CBA}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0F0E928D-07B3-476A-B8F6-CDB551526CBA}" => key removed successfully
C:\Windows\System32\Tasks\Open Chrome => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Open Chrome" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3C811B38-C9D3-4AA6-8C1B-5E4071F61609}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3C811B38-C9D3-4AA6-8C1B-5E4071F61609}" => key removed successfully
C:\Windows\System32\Tasks\{2EF9220E-1F8A-47D5-8312-1950F7902359} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{2EF9220E-1F8A-47D5-8312-1950F7902359}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B1F423F2-5407-45E3-81E4-CE4E9AE3874D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B1F423F2-5407-45E3-81E4-CE4E9AE3874D}" => key removed successfully
C:\Windows\System32\Tasks\{63CF3CF2-8E8E-4660-B481-F518BFDF9A95} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{63CF3CF2-8E8E-4660-B481-F518BFDF9A95}" => key removed successfully
"C:\Users\Jára\AppData\Roaming\webssearches" => not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B9D362B7-ECA0-483C-ADB6-BB95EEA1C150}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B9D362B7-ECA0-483C-ADB6-BB95EEA1C150}" => key removed successfully
C:\Windows\System32\Tasks\t30r22aa => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\t30r22aa" => key removed successfully
"C:\Program Files\Common Files\cylg2clr" => not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\ProgramData\TEMP => ":56E2E879" ADS removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\RestrictRun => value removed successfully
HKU\S-1-5-21-4030809380-311013274-366993075-1001\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.autoupdate => value removed successfully
HKU\S-1-5-21-4030809380-311013274-366993075-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\RestrictRun => value removed successfully
"C:\ProgramData\Vaiafineco\Truejob.dll" => Value data not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => key removed successfully
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found.
hklm\System\CurrentControlSet\Control\Session Manager\\BootExecute => value restored successfully
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
"HKU\S-1-5-21-4030809380-311013274-366993075-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
HKU\S-1-5-21-4030809380-311013274-366993075-1001\Software\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKU\S-1-5-21-4030809380-311013274-366993075-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-4030809380-311013274-366993075-1001\Software\Microsoft\Internet Explorer\Main\\Search Bar => value removed successfully
HKU\S-1-5-21-4030809380-311013274-366993075-1001\Software\Microsoft\Internet Explorer\Main\\SearchAssistant => value removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
FF NewTab: C:\ProgramData\Vaiafinecos\ff.NT => not found
Firefox "homepage" removed successfully
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
C:\Users\Jára\AppData\Roaming\Mozilla\Firefox\Profiles\el4n319l.default\extensions\{4C59F3E5-BBD0-4344-8DD2-30866FA0B31E} => path removed successfully
C:\Users\Jára\AppData\Roaming\Mozilla\Firefox\Profiles\el4n319l.default\extensions\ICNAV48208908@SQB67903245.com => path removed successfully
C:\Users\Jára\AppData\Roaming\Mozilla\Firefox\Profiles\el4n319l.default\extensions\ICNAV48208908@SQB67903245.com => path removed successfully
Chrome HomePage => removed successfully
Chrome DefaultSearchURL => removed successfully
Chrome DefaultSearchKeyword => removed successfully
Chrome DefaultSuggestURL => removed successfully
C:\Users\Jára\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcgnigmofekcllgbiejhmigggmgehkip => not found
C:\Users\Jára\Desktop\FRST.txt => moved successfully
C:\Users\Jára\Desktop\adwcleaner_5.023.exe => moved successfully
C:\Users\Jára\Downloads\adwcleaner_5.023.exe => moved successfully
C:\rsit => moved successfully
C:\Users\Jára\Desktop\RSITx64.exe => moved successfully
C:\AdwCleaner => moved successfully
C:\Program Files\trend micro => moved successfully
C:\Users\Jára\AppData\Local\subhex.exe.config => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 180.1 MB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 10:02:36 ====