prosím o kontrolu logu

[Mataa90]

Dobrý den, prosím o kontrolu logu. Zasekává se mi pc (především internetové prohlížeče a při otevírání souborů). Díky

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:14-12-2015
Ran by Martina (administrator) on IDEA-PC (16-04-2017 21:19:55)
Running from C:\Users\Martina\Desktop\Složky\Programy\na viry\FRST-OlderVersion
Loaded Profiles: Martina (Available Profiles: Martina)
Platform: Windows 8 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 10 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Electronic Arts Inc.) C:\Program Files (x86)\Electronic Arts\The Sims 3\Game\Bin\TS3W.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicatorCom.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [887968 2012-06-15] (Conexant Systems, Inc.)
HKLM\...\Run: [BtPreLoad] => C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe [64640 2012-09-30] ()
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17079376 2013-02-08] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [191568 2013-02-08] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [508656 2012-07-26] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [548864 2012-05-02] (Vimicro)
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2012-07-27] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [167024 2012-07-27] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [217088 2012-04-19] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [Philips Device Listener] => C:\Program Files (x86)\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe [380416 2012-02-15] ()
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [28330072 2017-04-14] (Dropbox, Inc.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\Run: [HP Deskjet 3050A J611 series (NET)] => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\Run: [BitTorrent] => C:\Users\Martina\AppData\Roaming\BitTorrent\BitTorrent.exe [1982152 2017-03-18] (BitTorrent Inc.)
HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27219928 2016-11-15] (Skype Technologies S.A.)
HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\MountPoints2: {1c3be7a9-71dc-11e2-be6b-806e6f6e6963} - "E:\autorun.exe"
HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\MountPoints2: {6a843982-84fe-11e3-bec9-2cd05a349e8e} - "F:\setup.exe"
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-04-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-04-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-04-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-04-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-04-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-04-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-04-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-04-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-04-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-04-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-04-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-04-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-04-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-04-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-04-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-04-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-04-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-04-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-04-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-04-14] (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-1443460809-2058308057-2046692019-1001] => 127.0.0.1:8013
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{D58DC935-FA05-437B-BA74-886A24E255C4}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
URLSearchHook: [S-1-5-21-1443460809-2058308057-2046692019-1001] ATTENTION => Default URLSearchHook is missing
SearchScopes: HKU\S-1-5-21-1443460809-2058308057-2046692019-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1443460809-2058308057-2046692019-1001 -> {24AB7B16-6C04-4E62-BADB-A3AF9C7BA5B2} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-1443460809-2058308057-2046692019-1001 -> {28DBDC09-CD74-4291-80D1-789ACD6F9883} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_13415
SearchScopes: HKU\S-1-5-21-1443460809-2058308057-2046692019-1001 -> {4E0C853B-1E34-451A-B946-3B8D7C8BCE5D} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-1443460809-2058308057-2046692019-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={searchTerms}&r ... {startPage}
SearchScopes: HKU\S-1-5-21-1443460809-2058308057-2046692019-1001 -> {6BC336E0-0860-4AFD-B849-E13CABFBD077} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_13415
SearchScopes: HKU\S-1-5-21-1443460809-2058308057-2046692019-1001 -> {764482F2-C192-4032-B5B2-7848E6928461} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_13415
SearchScopes: HKU\S-1-5-21-1443460809-2058308057-2046692019-1001 -> {8C35819E-0D88-4E0F-8946-73D1764A9500} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-1443460809-2058308057-2046692019-1001 -> {A82AFC07-BDDB-4D91-91BD-B3D6AB1E5B87} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_13415
SearchScopes: HKU\S-1-5-21-1443460809-2058308057-2046692019-1001 -> {CFDE9E19-18B2-4AC6-9F1E-14BD87C69D29} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2015-12-23] (IObit)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-06-26] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-06-26] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\lisxg3qz.default-1478951034493
FF Homepage: hxxps://www.pesweb.cz/cz/naplnte-misky
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_25_0_0_148.dll [2017-04-11] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll [2013-09-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_148.dll [2017-04-11] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 -> C:\windows\SysWOW64\npDeployJava1.dll [2013-06-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-06-26] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll [2013-09-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-12] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-12] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-03-28] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2017-03-28] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppluginrichmediaplayer.dll [2013-03-12] ()
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2017-03-29] [not signed]

Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.pesweb.cz/cz/naplnte-misky"
CHR Profile: C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-21]
CHR Extension: (Dokumenty Google) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-21]
CHR Extension: (Disk Google) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-21]
CHR Extension: (Rapport) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2016-02-10]
CHR Extension: (YouTube) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-21]
CHR Extension: (Vyhledávání Google) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-21]
CHR Extension: (Tabulky Google) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-19]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-10]
CHR Extension: (Gmail) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-21]
CHR Extension: (Chrome Media Router) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-05]
CHR HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [220288 2012-09-30] (Qualcomm Atheros Commnucations) [File not signed]
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-01-12] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-01-12] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [46408 2017-04-14] (Dropbox, Inc.)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2520928 2016-03-03] (ESET)
S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [1738808 2015-09-29] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6951992 2015-09-29] (GOG.com)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2960672 2016-05-27] (IObit)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2142728 2016-11-07] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2209296 2016-11-07] (Electronic Arts)
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2401264 2017-03-01] (IBM Corp.)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-09-30] (Atheros) [File not signed]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2016-05-16] ()
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-09-30] (Qualcomm Atheros)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-01-24] (Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [264552 2016-04-14] (ESET)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3265256 2012-09-20] (Broadcom Corporation)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [186784 2016-04-14] (ESET)
R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [170792 2016-04-14] (ESET)
S3 GEARAspiWDM; C:\Windows\SysWOW64\Drivers\GEARAspiWDM.sys [15664 2011-07-15] (GEAR Software Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2016-05-16] ()
R1 RapportAegle64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportAegle64.sys [382432 2017-03-01] (IBM Corp.)
R1 RapportCerberus_1804047; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1804047.sys [1264776 2017-02-21] (IBM Corp.)
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [582208 2017-03-01] (IBM Corp.)
R0 RapportHades64; C:\Windows\System32\Drivers\RapportHades64.sys [252288 2017-03-01] (IBM Corp.)
R0 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [506016 2017-03-01] (IBM Corp.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [605024 2017-03-01] (IBM Corp.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-27] (Synaptics Incorporated)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [975104 2012-08-24] (Vimicro Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [36288 2013-07-02] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [247216 2013-07-02] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
S3 dbx; system32\DRIVERS\dbx.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-04-16 18:04 - 2017-04-16 18:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-04-14 01:22 - 2017-04-14 01:22 - 00046408 _____ (Dropbox, Inc.) C:\windows\system32\DbxSvc.exe
2017-04-12 13:02 - 2017-04-12 15:23 - 1675480864 _____ C:\Users\Martina\Downloads\Wolyn---Hatred-2016-cz-titulky.avi
2017-04-12 00:41 - 2017-04-12 00:41 - 01300236 _____ C:\Users\Martina\Downloads\RihannaBalmainPrintBlouseAndLeatherSkirt_SantosFashion.rar
2017-04-12 00:41 - 2017-04-12 00:41 - 01261539 _____ C:\Users\Martina\Downloads\WallisLeatherBandeauTopDress2Versions_SantosFashion.rar
2017-04-12 00:41 - 2017-04-12 00:41 - 00456326 _____ C:\Users\Martina\Downloads\TrestinoCropTopPushUp_SantosFashion.rar
2017-04-12 00:40 - 2017-04-12 00:40 - 02446077 _____ C:\Users\Martina\Downloads\KylieJenner18thBirthdaySparklyDress_SantosFashion.rar
2017-04-12 00:40 - 2017-04-12 00:40 - 01980894 _____ C:\Users\Martina\Downloads\KarruecheTranBetAwards2015Blazer_SantosFashion.rar
2017-04-12 00:40 - 2017-04-12 00:40 - 00805551 _____ C:\Users\Martina\Downloads\KylieJennerVMAsAfterParty2015_SantosFashion.rar
2017-04-12 00:40 - 2017-04-12 00:40 - 00611817 _____ C:\Users\Martina\Downloads\CropTopLaceCrown_SantosFashion.rar
2017-04-12 00:39 - 2017-04-12 00:39 - 01086117 _____ C:\Users\Martina\Downloads\SequinsNeckholderTransparentDress_SantosFashion.rar
2017-04-12 00:39 - 2017-04-12 00:39 - 00933846 _____ C:\Users\Martina\Downloads\CutOutGownAlexandreVauthierFall2014_SantosFashion.rar
2017-04-12 00:38 - 2017-04-12 00:38 - 00949116 _____ C:\Users\Martina\Downloads\BandagePushUpTopAllOfTheLights_SantosFashion.sims3pack
2017-04-12 00:38 - 2017-04-12 00:38 - 00829764 _____ C:\Users\Martina\Downloads\StellaMcCartneyNaomiJumpsuitCutOut_SantosFashion.rar
2017-04-12 00:38 - 2017-04-12 00:38 - 00544852 _____ C:\Users\Martina\Downloads\NeckholderCropTopZipper_SantosFashion.rar
2017-04-12 00:37 - 2017-04-12 00:37 - 01811793 _____ C:\Users\Martina\Downloads\MIAMIJeansShortsWithSideBoobTankTop_SantosFashion.rar
2017-04-12 00:37 - 2017-04-12 00:37 - 00996109 _____ C:\Users\Martina\Downloads\DoubleDiamondNeckholderCropTop_SantosFashion.rar
2017-04-12 00:37 - 2017-04-12 00:37 - 00900243 _____ C:\Users\Martina\Downloads\BalmainStripeCatsuit_SantosFashion.rar
2017-04-12 00:37 - 2017-04-12 00:37 - 00632468 _____ C:\Users\Martina\Downloads\[SANTOSFxJRSCA]PartlyTransparentCropTop_SantosFashion.rar
2017-04-12 00:36 - 2017-04-12 00:36 - 01276190 _____ C:\Users\Martina\Downloads\ValentinesDateChokerJumpsuitTransparentParts_SantosFashion.rar
2017-04-12 00:34 - 2017-04-12 00:35 - 02287993 _____ C:\Users\Martina\Downloads\SavageShirtDress_SantosFashion.rar
2017-04-12 00:34 - 2017-04-12 00:34 - 00682127 _____ C:\Users\Martina\Downloads\BeachDateNight2PieceRomperTop_SantosFashion.rar
2017-04-12 00:30 - 2017-04-12 00:30 - 06641885 _____ C:\Users\Martina\Downloads\T-shirts.rar
2017-04-12 00:30 - 2017-04-12 00:30 - 00218264 _____ C:\Users\Martina\Downloads\FollowersGift.rar
2017-04-12 00:29 - 2017-04-12 00:29 - 05506194 _____ C:\Users\Martina\Downloads\Real-Life Top P1.rar
2017-04-12 00:29 - 2017-04-12 00:29 - 01377671 _____ C:\Users\Martina\Downloads\Tops.rar
2017-04-12 00:29 - 2017-04-12 00:29 - 00580226 _____ C:\Users\Martina\Downloads\shirt.rar
2017-04-12 00:28 - 2017-04-12 00:28 - 08300370 _____ C:\Users\Martina\Downloads\H&M inspired skirts.rar
2017-04-12 00:28 - 2017-04-12 00:28 - 05351962 _____ C:\Users\Martina\Downloads\Real-Life Skirts P2.rar
2017-04-12 00:28 - 2017-04-12 00:28 - 03496891 _____ C:\Users\Martina\Downloads\Real-Life skirtsP1.rar
2017-04-12 00:28 - 2017-04-12 00:28 - 01699813 _____ C:\Users\Martina\Downloads\Arrows Tattoo P2.rar
2017-04-12 00:27 - 2017-04-12 00:27 - 10801859 _____ C:\Users\Martina\Downloads\Romwe inspired P3.rar
2017-04-12 00:27 - 2017-04-12 00:27 - 09521353 _____ C:\Users\Martina\Downloads\Romwe t-shirts.rar
2017-04-12 00:27 - 2017-04-12 00:27 - 07386764 _____ C:\Users\Martina\Downloads\Romwe Inspired P4.rar
2017-04-12 00:27 - 2017-04-12 00:27 - 00917386 _____ C:\Users\Martina\Downloads\A&T.rar
2017-04-12 00:27 - 2017-04-12 00:27 - 00450907 _____ C:\Users\Martina\Downloads\Caramel_A.rar
2017-04-12 00:26 - 2017-04-12 00:26 - 08413516 _____ C:\Users\Martina\Downloads\Sweaters.rar
2017-04-12 00:26 - 2017-04-12 00:26 - 04388401 _____ C:\Users\Martina\Downloads\Blouses.rar
2017-04-12 00:26 - 2017-04-12 00:26 - 04235887 _____ C:\Users\Martina\Downloads\Tree Tattoos.rar
2017-04-12 00:26 - 2017-04-12 00:26 - 03847666 _____ C:\Users\Martina\Downloads\Dresses.rar
2017-04-12 00:25 - 2017-04-12 00:25 - 10842545 _____ C:\Users\Martina\Downloads\Winter Dresses.rar
2017-04-12 00:25 - 2017-04-12 00:25 - 10473021 _____ C:\Users\Martina\Downloads\Fab Collection P2.rar
2017-04-12 00:25 - 2017-04-12 00:25 - 08433493 _____ C:\Users\Martina\Downloads\Fab Collection.rar
2017-04-12 00:24 - 2017-04-12 00:24 - 15944931 _____ C:\Users\Martina\Downloads\Vintage.rar
2017-04-12 00:24 - 2017-04-12 00:24 - 07763614 _____ C:\Users\Martina\Downloads\Grunge.rar
2017-04-12 00:24 - 2017-04-12 00:24 - 04837425 _____ C:\Users\Martina\Downloads\Stripped Dresses.rar
2017-04-12 00:23 - 2017-04-12 00:23 - 13521773 _____ C:\Users\Martina\Downloads\Fancy Lady Collection.rar
2017-04-12 00:23 - 2017-04-12 00:23 - 10040671 _____ C:\Users\Martina\Downloads\Bad Girl Collection.rar
2017-04-12 00:22 - 2017-04-12 00:23 - 12918234 _____ C:\Users\Martina\Downloads\Fancy Lady Collection P2.rar
2017-04-12 00:19 - 2017-04-12 00:20 - 01539547 _____ C:\Users\Martina\Downloads\SimplexSims_EFGraphicTshirt.rar
2017-04-12 00:19 - 2017-04-12 00:19 - 01773332 _____ C:\Users\Martina\Downloads\SimplexSims_EFLifeguardShirt.rar
2017-04-11 20:18 - 2017-04-11 20:18 - 00000000 ____D C:\Users\Martina\Documents\TurboFLOORPLAN Dum & Interiér & Zahrada PRO 15
2017-04-11 20:18 - 2017-04-11 20:18 - 00000000 ____D C:\ProgramData\TurboFLOORPLAN Dum & Interiér & Zahrada PRO 15
2017-04-11 20:17 - 2017-04-11 20:17 - 00001859 _____ C:\Users\Public\Desktop\TurboFLOORPLAN Dum & Interiér & Zahrada PRO 15.lnk
2017-04-11 20:17 - 2017-04-11 20:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IMSIDesign
2017-04-11 20:17 - 2017-04-11 20:17 - 00000000 ____D C:\Program Files (x86)\Resource
2017-04-11 20:17 - 2017-04-11 20:17 - 00000000 ____D C:\Program Files (x86)\lib3ds
2017-04-11 20:16 - 2017-04-11 20:17 - 00000000 ____D C:\Program Files (x86)\Bin
2017-04-11 20:13 - 2017-04-11 20:15 - 00000000 ____D C:\Program Files (x86)\Help
2017-04-11 20:13 - 2017-04-11 20:13 - 00000000 ____D C:\ProgramData\IMSIDesign
2017-04-11 20:10 - 2017-04-11 20:10 - 00000000 _____ C:\Users\Martina\Downloads\_r_a_p_.tmp
2017-04-08 09:23 - 2017-04-13 15:09 - 00000000 ____D C:\Users\Martina\AppData\LocalLow\BitTorrent
2017-04-07 13:22 - 2017-04-07 13:26 - 00000000 ____D C:\Users\Martina\Downloads\What Lies Beneath (2000) DVDRip x264 Ac3 [TuGAZx]
2017-04-04 17:13 - 2017-04-04 18:02 - 449792000 _____ C:\Users\Martina\Downloads\Homeland-S06E01-CZ-tit.avi
2017-04-03 20:13 - 2017-04-03 20:13 - 00045106 _____ C:\Users\Martina\Downloads\Homeland-S06E01(0000281268).srt
2017-04-01 15:28 - 2017-04-01 15:52 - 620484775 _____ C:\Users\Martina\Downloads\TFP.exe
2017-03-30 14:24 - 2017-03-30 15:33 - 1239629228 _____ C:\Users\Martina\Downloads\V-zajetí-démonů-2_V-zajatí-démonov-2-(2016)-CZ-Dabing-NOVINKY.avi
2017-03-29 19:59 - 2017-03-29 19:59 - 03397200 _____ C:\Users\Martina\Downloads\GraphicalXTC-SexualDaydreams-Ver03.10.zip
2017-03-28 12:44 - 2017-03-28 16:31 - 727837679 _____ C:\Users\Martina\Downloads\Otrokem_I-Am-Slave_2010_titulky.CZ.mkv
2017-03-25 17:39 - 2017-03-25 18:58 - 965431952 _____ C:\Users\Martina\Downloads\Dont-Breathe---Smrt-ve-tme-2016-CZ-Titulky-v-obraze.avi.part
2017-03-22 05:57 - 2017-03-22 05:57 - 00045672 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-stable.sys
2017-03-22 05:57 - 2017-03-22 05:57 - 00045672 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-dev.sys
2017-03-22 05:57 - 2017-03-22 05:57 - 00045672 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-canary.sys

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-04-16 21:19 - 2015-03-30 14:16 - 00000000 ____D C:\FRST
2017-04-16 20:59 - 2017-01-12 15:54 - 00000926 _____ C:\windows\Tasks\DropboxUpdateTaskMachineUA.job
2017-04-16 19:25 - 2013-06-19 09:07 - 19456512 ___SH C:\Users\Martina\Desktop\Thumbs.db
2017-04-16 18:05 - 2017-01-12 15:53 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-04-16 17:46 - 2016-11-21 18:53 - 00000000 ____D C:\Users\Martina\AppData\LocalLow\Mozilla
2017-04-16 17:40 - 2013-02-08 13:38 - 14132924 _____ C:\windows\system32\perfh005.dat
2017-04-16 17:40 - 2013-02-08 13:38 - 04523490 _____ C:\windows\system32\perfc005.dat
2017-04-16 17:40 - 2012-07-26 09:28 - 00005434 _____ C:\windows\system32\PerfStringBackup.INI
2017-04-14 01:05 - 2013-11-26 21:58 - 00000000 ____D C:\Users\Martina\AppData\Roaming\BitTorrent
2017-04-13 15:15 - 2015-04-02 17:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ochrana koncového bodu Trusteer
2017-04-13 15:11 - 2013-07-07 19:50 - 00000000 ____D C:\Users\Martina\AppData\Roaming\Skype
2017-04-13 15:10 - 2015-08-09 16:24 - 00000000 ___RD C:\Users\Martina\Dropbox
2017-04-13 15:07 - 2017-01-12 15:54 - 00000922 _____ C:\windows\Tasks\DropboxUpdateTaskMachineCore.job
2017-04-13 15:06 - 2014-01-21 11:57 - 00424664 _____ C:\windows\system32\FNTCACHE.DAT
2017-04-13 15:06 - 2012-07-26 09:22 - 00000006 ____H C:\windows\Tasks\SA.DAT
2017-04-13 15:05 - 2016-12-10 16:14 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-04-13 15:05 - 2016-12-01 15:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-04-13 15:05 - 2012-07-26 07:26 - 00262144 ___SH C:\windows\system32\config\BBI
2017-04-12 18:49 - 2016-05-13 21:20 - 00003384 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-04-12 18:49 - 2016-05-13 21:20 - 00003256 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-04-12 12:53 - 2016-05-13 20:59 - 00004476 _____ C:\windows\System32\Tasks\Adobe Acrobat Update Task
2017-04-12 12:53 - 2013-09-15 18:31 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2017-04-12 00:47 - 2013-06-22 19:03 - 00016359 _____ C:\Users\Martina\Desktop\Nový textový dokument.txt
2017-04-11 20:36 - 2013-06-18 12:03 - 00004372 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2017-04-11 20:36 - 2012-07-26 10:12 - 00000000 ____D C:\windows\SysWOW64\Macromed
2017-04-11 20:36 - 2012-07-26 10:12 - 00000000 ____D C:\windows\system32\Macromed
2017-04-11 20:26 - 2013-02-08 13:17 - 00000000 ____D C:\ProgramData\Temp
2017-04-11 20:18 - 2013-02-08 12:50 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-04-11 08:36 - 2016-07-09 14:43 - 00000000 ____D C:\ProgramData\ProductData
2017-04-08 17:44 - 2013-06-22 19:10 - 00001552 _____ C:\Users\Martina\Desktop\filmy.txt
2017-04-06 19:49 - 2012-07-26 10:12 - 00000000 ____D C:\windows\AUInstallAgent
2017-04-06 19:48 - 2012-07-26 10:12 - 00000000 ___HD C:\Program Files\WindowsApps
2017-04-04 03:49 - 2015-12-30 20:45 - 00002206 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-04-04 03:49 - 2015-12-30 20:45 - 00002194 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-03-28 11:42 - 2013-06-19 22:29 - 00000000 ____D C:\Users\Martina\AppData\Local\CrashDumps
2017-03-25 18:22 - 2013-06-18 21:54 - 00000000 ____D C:\Users\Martina\AppData\Roaming\vlc
2017-03-25 17:38 - 2013-07-23 23:16 - 00000000 ____D C:\Users\Martina\Desktop\Filmy
2017-03-17 14:21 - 2013-06-18 11:41 - 00003600 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1443460809-2058308057-2046692019-1001

==================== Files in the root of some directories =======

2004-06-01 17:21 - 2004-06-01 17:21 - 0289552 _____ (Microsoft Corporation) C:\Program Files (x86)\shlwapi.dll
2006-04-04 11:42 - 2006-04-04 11:42 - 0006537 _____ () C:\Program Files (x86)\XMLSchema1.xsd
2016-11-05 21:27 - 2016-11-05 21:27 - 0032038 _____ () C:\Users\Martina\AppData\Local\SquareClock.Production_Home_Siko_WebIcon.ico
2013-06-18 12:15 - 2013-06-18 12:15 - 0000057 _____ () C:\ProgramData\Ament.ini
2016-03-11 21:29 - 2016-03-11 21:29 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\Martina\AppData\Local\Temp\vlc-2.2.4-win32.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2017-04-11 20:34

==================== End of FRST.txt ============================

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

[Mataa90]

# AdwCleaner v5.025 - Logfile created 14/12/2015 at 14:14:53
# Updated 13/12/2015 by Xplode
# Database : 2015-12-13.2 [Server]
# Operating system : Windows 8 (x64)
# Username : Martina - IDEA-PC
# Running from : C:\Users\Martina\Desktop\Složky\Programy\na viry\adwcleaner_5.025.exe
# Option : Scan
# Support : hxxp://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****


***** [ Files ] *****


***** [ DLL ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****

Task Found : RestoreSearch

***** [ Registry ] *****

Key Found : HKCU\Software\Conduit
Key Found : HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\SavePass

***** [ Web browsers ] *****


########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [809 bytes] ##########
# AdwCleaner v4.201 - Log vytvořen 17/04/2017 v 13:35:19
# Aktualizováno 08/04/2015 by Xplode
# Databáze : 2015-04-08.1 [Local]
# Operační system : Windows 8 (x64)
# Uživatelské jméno : Martina - IDEA-PC
# Spuštěno z : C:\Users\Martina\Desktop\Složky\Programy\na viry\adwcleaner_4.201.exe
# Nastavení : Čištění

***** [ Služby ] *****


***** [ Soubory / Složky ] *****

Složka Smazáno : C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm
Soubor Smazáno : C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pkedcjkdefgpdelpbcmbmeomcjbeemfm_0.localstorage
Soubor Smazáno : C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pkedcjkdefgpdelpbcmbmeomcjbeemfm_0.localstorage-journal

***** [ Naplánované úlohy ] *****


***** [ Zástupci ] *****


***** [ Registry ] *****

Klíč Smazáno : HKCU\Software\Conduit
Data Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - 127.0.0.1:8013

***** [ Prohlížeče ] *****

-\\ Internet Explorer v10.0.9200.16537


-\\ Mozilla Firefox v52.0.2 (x86 cs)


-\\ Google Chrome v57.0.2987.133


*************************

AdwCleaner[C1].txt - [1640 bytů] - [19/04/2016 15:32:22]
AdwCleaner[C3].txt - [997 bytů] - [14/12/2015 15:40:55]
AdwCleaner[C4].txt - [1694 bytů] - [12/11/2016 18:01:57]
AdwCleaner[R3].txt - [2022 bytů] - [17/04/2017 03:28:02]
AdwCleaner[R4].txt - [2080 bytů] - [17/04/2017 13:31:04]
AdwCleaner[S1].txt - [1533 bytů] - [19/04/2016 15:26:38]
AdwCleaner[S2].txt - [1778 bytů] - [12/11/2016 17:02:07]
AdwCleaner[S3].txt - [2605 bytů] - [14/12/2015 15:14:53]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [2664 bytů] ##########

[Rudy]

Dejte nový log FRST.

[Mataa90]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:14-12-2015
Ran by Martina (administrator) on IDEA-PC (17-04-2017 19:14:36)
Running from C:\Users\Martina\Desktop\Složky\Programy\na viry\FRST-OlderVersion
Loaded Profiles: Martina (Available Profiles: Martina)
Platform: Windows 8 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 10 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe
(BitTorrent Inc.) C:\Users\Martina\AppData\Roaming\BitTorrent\BitTorrent.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(Vimicro) C:\Program Files (x86)\USB Camera\VM331STI.EXE
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
() C:\Program Files (x86)\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(BitTorrent Inc.) C:\Users\Martina\AppData\Roaming\BitTorrent\updates\7.9.9_43389\bittorrentie.exe
(BitTorrent Inc.) C:\Users\Martina\AppData\Roaming\BitTorrent\updates\7.9.9_43389\bittorrentie.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\WINWORD.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Electronic Arts Inc.) C:\Program Files (x86)\Electronic Arts\The Sims 3\Game\Bin\TS3W.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicatorCom.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [887968 2012-06-15] (Conexant Systems, Inc.)
HKLM\...\Run: [BtPreLoad] => C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe [64640 2012-09-30] ()
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17079376 2013-02-08] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [191568 2013-02-08] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [508656 2012-07-26] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [548864 2012-05-02] (Vimicro)
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2012-07-27] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [167024 2012-07-27] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [217088 2012-04-19] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [Philips Device Listener] => C:\Program Files (x86)\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe [380416 2012-02-15] ()
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [28330072 2017-04-14] (Dropbox, Inc.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\Run: [HP Deskjet 3050A J611 series (NET)] => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\Run: [BitTorrent] => C:\Users\Martina\AppData\Roaming\BitTorrent\BitTorrent.exe [1982152 2017-03-18] (BitTorrent Inc.)
HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27219928 2016-11-15] (Skype Technologies S.A.)
HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\MountPoints2: {1c3be7a9-71dc-11e2-be6b-806e6f6e6963} - "E:\autorun.exe"
HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\MountPoints2: {6a843982-84fe-11e3-bec9-2cd05a349e8e} - "F:\setup.exe"
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-04-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-04-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-04-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-04-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-04-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-04-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-04-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-04-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-04-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.15.0.dll [2017-04-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-04-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-04-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-04-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-04-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-04-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-04-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-04-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-04-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-04-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.15.0.dll [2017-04-14] (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-1443460809-2058308057-2046692019-1001] => 127.0.0.1:8013
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{D58DC935-FA05-437B-BA74-886A24E255C4}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
URLSearchHook: [S-1-5-21-1443460809-2058308057-2046692019-1001] ATTENTION => Default URLSearchHook is missing
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1443460809-2058308057-2046692019-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1443460809-2058308057-2046692019-1001 -> {24AB7B16-6C04-4E62-BADB-A3AF9C7BA5B2} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-1443460809-2058308057-2046692019-1001 -> {28DBDC09-CD74-4291-80D1-789ACD6F9883} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_13415
SearchScopes: HKU\S-1-5-21-1443460809-2058308057-2046692019-1001 -> {4E0C853B-1E34-451A-B946-3B8D7C8BCE5D} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-1443460809-2058308057-2046692019-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={searchTerms}&r ... {startPage}
SearchScopes: HKU\S-1-5-21-1443460809-2058308057-2046692019-1001 -> {6BC336E0-0860-4AFD-B849-E13CABFBD077} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_13415
SearchScopes: HKU\S-1-5-21-1443460809-2058308057-2046692019-1001 -> {764482F2-C192-4032-B5B2-7848E6928461} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_13415
SearchScopes: HKU\S-1-5-21-1443460809-2058308057-2046692019-1001 -> {8C35819E-0D88-4E0F-8946-73D1764A9500} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-1443460809-2058308057-2046692019-1001 -> {A82AFC07-BDDB-4D91-91BD-B3D6AB1E5B87} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_13415
SearchScopes: HKU\S-1-5-21-1443460809-2058308057-2046692019-1001 -> {CFDE9E19-18B2-4AC6-9F1E-14BD87C69D29} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2015-12-23] (IObit)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-06-26] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-06-26] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\lisxg3qz.default-1478951034493
FF Homepage: hxxps://www.pesweb.cz/cz/naplnte-misky
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_25_0_0_148.dll [2017-04-11] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll [2013-09-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_148.dll [2017-04-11] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 -> C:\windows\SysWOW64\npDeployJava1.dll [2013-06-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-06-26] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll [2013-09-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-12] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll [2017-04-12] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-03-28] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2017-03-28] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppluginrichmediaplayer.dll [2013-03-12] ()
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2017-03-29] [not signed]

Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.pesweb.cz/cz/naplnte-misky"
CHR Profile: C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-21]
CHR Extension: (Dokumenty Google) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-21]
CHR Extension: (Disk Google) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-21]
CHR Extension: (Rapport) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2016-02-10]
CHR Extension: (YouTube) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-21]
CHR Extension: (Vyhledávání Google) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-21]
CHR Extension: (Tabulky Google) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-19]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-10]
CHR Extension: (Gmail) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-21]
CHR HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [220288 2012-09-30] (Qualcomm Atheros Commnucations) [File not signed]
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-01-12] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-01-12] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [46408 2017-04-14] (Dropbox, Inc.)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2520928 2016-03-03] (ESET)
S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [1738808 2015-09-29] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6951992 2015-09-29] (GOG.com)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2960672 2016-05-27] (IObit)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2142728 2016-11-07] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2209296 2016-11-07] (Electronic Arts)
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2401264 2017-03-01] (IBM Corp.)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-09-30] (Atheros) [File not signed]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2016-05-16] ()
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-09-30] (Qualcomm Atheros)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-01-24] (Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [264552 2016-04-14] (ESET)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3265256 2012-09-20] (Broadcom Corporation)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [186784 2016-04-14] (ESET)
R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [170792 2016-04-14] (ESET)
S3 GEARAspiWDM; C:\Windows\SysWOW64\Drivers\GEARAspiWDM.sys [15664 2011-07-15] (GEAR Software Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2016-05-16] ()
R1 RapportAegle64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportAegle64.sys [382432 2017-03-01] (IBM Corp.)
R1 RapportCerberus_1804047; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1804047.sys [1264776 2017-02-21] (IBM Corp.)
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [582208 2017-03-01] (IBM Corp.)
R0 RapportHades64; C:\Windows\System32\Drivers\RapportHades64.sys [252288 2017-03-01] (IBM Corp.)
R0 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [506016 2017-03-01] (IBM Corp.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [605024 2017-03-01] (IBM Corp.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-27] (Synaptics Incorporated)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [975104 2012-08-24] (Vimicro Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [36288 2013-07-02] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [247216 2013-07-02] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
S3 dbx; system32\DRIVERS\dbx.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-04-16 21:33 - 2017-04-16 21:33 - 00119056 _____ C:\Users\Martina\Desktop\6978786.jpeg
2017-04-16 21:30 - 2017-04-16 21:30 - 00012624 _____ C:\Users\Martina\Desktop\Addition.rar
2017-04-16 21:25 - 2017-04-16 21:25 - 00041336 _____ C:\Users\Martina\Desktop\Addition.txt
2017-04-16 21:25 - 2017-04-16 21:25 - 00037225 _____ C:\Users\Martina\Desktop\FRST.txt
2017-04-16 18:04 - 2017-04-16 18:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-04-14 01:22 - 2017-04-14 01:22 - 00046408 _____ (Dropbox, Inc.) C:\windows\system32\DbxSvc.exe
2017-04-12 13:02 - 2017-04-12 15:23 - 1675480864 _____ C:\Users\Martina\Downloads\Wolyn---Hatred-2016-cz-titulky.avi
2017-04-12 00:41 - 2017-04-12 00:41 - 01300236 _____ C:\Users\Martina\Downloads\RihannaBalmainPrintBlouseAndLeatherSkirt_SantosFashion.rar
2017-04-12 00:41 - 2017-04-12 00:41 - 01261539 _____ C:\Users\Martina\Downloads\WallisLeatherBandeauTopDress2Versions_SantosFashion.rar
2017-04-12 00:41 - 2017-04-12 00:41 - 00456326 _____ C:\Users\Martina\Downloads\TrestinoCropTopPushUp_SantosFashion.rar
2017-04-12 00:40 - 2017-04-12 00:40 - 02446077 _____ C:\Users\Martina\Downloads\KylieJenner18thBirthdaySparklyDress_SantosFashion.rar
2017-04-12 00:40 - 2017-04-12 00:40 - 01980894 _____ C:\Users\Martina\Downloads\KarruecheTranBetAwards2015Blazer_SantosFashion.rar
2017-04-12 00:40 - 2017-04-12 00:40 - 00805551 _____ C:\Users\Martina\Downloads\KylieJennerVMAsAfterParty2015_SantosFashion.rar
2017-04-12 00:40 - 2017-04-12 00:40 - 00611817 _____ C:\Users\Martina\Downloads\CropTopLaceCrown_SantosFashion.rar
2017-04-12 00:39 - 2017-04-12 00:39 - 01086117 _____ C:\Users\Martina\Downloads\SequinsNeckholderTransparentDress_SantosFashion.rar
2017-04-12 00:39 - 2017-04-12 00:39 - 00933846 _____ C:\Users\Martina\Downloads\CutOutGownAlexandreVauthierFall2014_SantosFashion.rar
2017-04-12 00:38 - 2017-04-12 00:38 - 00949116 _____ C:\Users\Martina\Downloads\BandagePushUpTopAllOfTheLights_SantosFashion.sims3pack
2017-04-12 00:38 - 2017-04-12 00:38 - 00829764 _____ C:\Users\Martina\Downloads\StellaMcCartneyNaomiJumpsuitCutOut_SantosFashion.rar
2017-04-12 00:38 - 2017-04-12 00:38 - 00544852 _____ C:\Users\Martina\Downloads\NeckholderCropTopZipper_SantosFashion.rar
2017-04-12 00:37 - 2017-04-12 00:37 - 01811793 _____ C:\Users\Martina\Downloads\MIAMIJeansShortsWithSideBoobTankTop_SantosFashion.rar
2017-04-12 00:37 - 2017-04-12 00:37 - 00996109 _____ C:\Users\Martina\Downloads\DoubleDiamondNeckholderCropTop_SantosFashion.rar
2017-04-12 00:37 - 2017-04-12 00:37 - 00900243 _____ C:\Users\Martina\Downloads\BalmainStripeCatsuit_SantosFashion.rar
2017-04-12 00:37 - 2017-04-12 00:37 - 00632468 _____ C:\Users\Martina\Downloads\[SANTOSFxJRSCA]PartlyTransparentCropTop_SantosFashion.rar
2017-04-12 00:36 - 2017-04-12 00:36 - 01276190 _____ C:\Users\Martina\Downloads\ValentinesDateChokerJumpsuitTransparentParts_SantosFashion.rar
2017-04-12 00:34 - 2017-04-12 00:35 - 02287993 _____ C:\Users\Martina\Downloads\SavageShirtDress_SantosFashion.rar
2017-04-12 00:34 - 2017-04-12 00:34 - 00682127 _____ C:\Users\Martina\Downloads\BeachDateNight2PieceRomperTop_SantosFashion.rar
2017-04-12 00:30 - 2017-04-12 00:30 - 06641885 _____ C:\Users\Martina\Downloads\T-shirts.rar
2017-04-12 00:30 - 2017-04-12 00:30 - 00218264 _____ C:\Users\Martina\Downloads\FollowersGift.rar
2017-04-12 00:29 - 2017-04-12 00:29 - 05506194 _____ C:\Users\Martina\Downloads\Real-Life Top P1.rar
2017-04-12 00:29 - 2017-04-12 00:29 - 01377671 _____ C:\Users\Martina\Downloads\Tops.rar
2017-04-12 00:29 - 2017-04-12 00:29 - 00580226 _____ C:\Users\Martina\Downloads\shirt.rar
2017-04-12 00:28 - 2017-04-12 00:28 - 08300370 _____ C:\Users\Martina\Downloads\H&M inspired skirts.rar
2017-04-12 00:28 - 2017-04-12 00:28 - 05351962 _____ C:\Users\Martina\Downloads\Real-Life Skirts P2.rar
2017-04-12 00:28 - 2017-04-12 00:28 - 03496891 _____ C:\Users\Martina\Downloads\Real-Life skirtsP1.rar
2017-04-12 00:28 - 2017-04-12 00:28 - 01699813 _____ C:\Users\Martina\Downloads\Arrows Tattoo P2.rar
2017-04-12 00:27 - 2017-04-12 00:27 - 10801859 _____ C:\Users\Martina\Downloads\Romwe inspired P3.rar
2017-04-12 00:27 - 2017-04-12 00:27 - 09521353 _____ C:\Users\Martina\Downloads\Romwe t-shirts.rar
2017-04-12 00:27 - 2017-04-12 00:27 - 07386764 _____ C:\Users\Martina\Downloads\Romwe Inspired P4.rar
2017-04-12 00:27 - 2017-04-12 00:27 - 00917386 _____ C:\Users\Martina\Downloads\A&T.rar
2017-04-12 00:27 - 2017-04-12 00:27 - 00450907 _____ C:\Users\Martina\Downloads\Caramel_A.rar
2017-04-12 00:26 - 2017-04-12 00:26 - 08413516 _____ C:\Users\Martina\Downloads\Sweaters.rar
2017-04-12 00:26 - 2017-04-12 00:26 - 04388401 _____ C:\Users\Martina\Downloads\Blouses.rar
2017-04-12 00:26 - 2017-04-12 00:26 - 04235887 _____ C:\Users\Martina\Downloads\Tree Tattoos.rar
2017-04-12 00:26 - 2017-04-12 00:26 - 03847666 _____ C:\Users\Martina\Downloads\Dresses.rar
2017-04-12 00:25 - 2017-04-12 00:25 - 10842545 _____ C:\Users\Martina\Downloads\Winter Dresses.rar
2017-04-12 00:25 - 2017-04-12 00:25 - 10473021 _____ C:\Users\Martina\Downloads\Fab Collection P2.rar
2017-04-12 00:25 - 2017-04-12 00:25 - 08433493 _____ C:\Users\Martina\Downloads\Fab Collection.rar
2017-04-12 00:24 - 2017-04-12 00:24 - 15944931 _____ C:\Users\Martina\Downloads\Vintage.rar
2017-04-12 00:24 - 2017-04-12 00:24 - 07763614 _____ C:\Users\Martina\Downloads\Grunge.rar
2017-04-12 00:24 - 2017-04-12 00:24 - 04837425 _____ C:\Users\Martina\Downloads\Stripped Dresses.rar
2017-04-12 00:23 - 2017-04-12 00:23 - 13521773 _____ C:\Users\Martina\Downloads\Fancy Lady Collection.rar
2017-04-12 00:23 - 2017-04-12 00:23 - 10040671 _____ C:\Users\Martina\Downloads\Bad Girl Collection.rar
2017-04-12 00:22 - 2017-04-12 00:23 - 12918234 _____ C:\Users\Martina\Downloads\Fancy Lady Collection P2.rar
2017-04-12 00:19 - 2017-04-12 00:20 - 01539547 _____ C:\Users\Martina\Downloads\SimplexSims_EFGraphicTshirt.rar
2017-04-12 00:19 - 2017-04-12 00:19 - 01773332 _____ C:\Users\Martina\Downloads\SimplexSims_EFLifeguardShirt.rar
2017-04-11 20:18 - 2017-04-11 20:18 - 00000000 ____D C:\Users\Martina\Documents\TurboFLOORPLAN Dum & Interiér & Zahrada PRO 15
2017-04-11 20:18 - 2017-04-11 20:18 - 00000000 ____D C:\ProgramData\TurboFLOORPLAN Dum & Interiér & Zahrada PRO 15
2017-04-11 20:17 - 2017-04-11 20:17 - 00001859 _____ C:\Users\Public\Desktop\TurboFLOORPLAN Dum & Interiér & Zahrada PRO 15.lnk
2017-04-11 20:17 - 2017-04-11 20:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IMSIDesign
2017-04-11 20:17 - 2017-04-11 20:17 - 00000000 ____D C:\Program Files (x86)\Resource
2017-04-11 20:17 - 2017-04-11 20:17 - 00000000 ____D C:\Program Files (x86)\lib3ds
2017-04-11 20:16 - 2017-04-11 20:17 - 00000000 ____D C:\Program Files (x86)\Bin
2017-04-11 20:13 - 2017-04-11 20:15 - 00000000 ____D C:\Program Files (x86)\Help
2017-04-11 20:13 - 2017-04-11 20:13 - 00000000 ____D C:\ProgramData\IMSIDesign
2017-04-11 20:10 - 2017-04-11 20:10 - 00000000 _____ C:\Users\Martina\Downloads\_r_a_p_.tmp
2017-04-08 09:23 - 2017-04-17 13:39 - 00000000 ____D C:\Users\Martina\AppData\LocalLow\BitTorrent
2017-04-07 13:22 - 2017-04-07 13:26 - 00000000 ____D C:\Users\Martina\Downloads\What Lies Beneath (2000) DVDRip x264 Ac3 [TuGAZx]
2017-04-04 17:13 - 2017-04-04 18:02 - 449792000 _____ C:\Users\Martina\Downloads\Homeland-S06E01-CZ-tit.avi
2017-04-03 20:13 - 2017-04-03 20:13 - 00045106 _____ C:\Users\Martina\Downloads\Homeland-S06E01(0000281268).srt
2017-04-01 15:28 - 2017-04-01 15:52 - 620484775 _____ C:\Users\Martina\Downloads\TFP.exe
2017-03-30 14:24 - 2017-03-30 15:33 - 1239629228 _____ C:\Users\Martina\Downloads\V-zajetí-démonů-2_V-zajatí-démonov-2-(2016)-CZ-Dabing-NOVINKY.avi
2017-03-29 19:59 - 2017-03-29 19:59 - 03397200 _____ C:\Users\Martina\Downloads\GraphicalXTC-SexualDaydreams-Ver03.10.zip
2017-03-28 12:44 - 2017-03-28 16:31 - 727837679 _____ C:\Users\Martina\Downloads\Otrokem_I-Am-Slave_2010_titulky.CZ.mkv
2017-03-25 17:39 - 2017-03-25 18:58 - 965431952 _____ C:\Users\Martina\Downloads\Dont-Breathe---Smrt-ve-tme-2016-CZ-Titulky-v-obraze.avi.part
2017-03-22 05:57 - 2017-03-22 05:57 - 00045672 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-stable.sys
2017-03-22 05:57 - 2017-03-22 05:57 - 00045672 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-dev.sys
2017-03-22 05:57 - 2017-03-22 05:57 - 00045672 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-canary.sys

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-04-17 19:15 - 2013-11-26 21:58 - 00000000 ____D C:\Users\Martina\AppData\Roaming\BitTorrent
2017-04-17 19:14 - 2015-03-30 14:16 - 00000000 ____D C:\FRST
2017-04-17 18:59 - 2017-01-12 15:54 - 00000926 _____ C:\windows\Tasks\DropboxUpdateTaskMachineUA.job
2017-04-17 18:56 - 2013-02-08 13:38 - 14160588 _____ C:\windows\system32\perfh005.dat
2017-04-17 18:56 - 2013-02-08 13:38 - 04532650 _____ C:\windows\system32\perfc005.dat
2017-04-17 18:56 - 2012-07-26 09:28 - 00005434 _____ C:\windows\system32\PerfStringBackup.INI
2017-04-17 15:24 - 2013-06-22 19:03 - 00016381 _____ C:\Users\Martina\Desktop\Nový textový dokument.txt
2017-04-17 14:59 - 2017-01-12 15:54 - 00000922 _____ C:\windows\Tasks\DropboxUpdateTaskMachineCore.job
2017-04-17 13:41 - 2015-08-09 16:24 - 00000000 ___RD C:\Users\Martina\Dropbox
2017-04-17 13:40 - 2016-11-21 18:53 - 00000000 ____D C:\Users\Martina\AppData\LocalLow\Mozilla
2017-04-17 13:40 - 2013-07-07 19:50 - 00000000 ____D C:\Users\Martina\AppData\Roaming\Skype
2017-04-17 13:38 - 2013-06-19 09:07 - 19456512 ___SH C:\Users\Martina\Desktop\Thumbs.db
2017-04-17 13:37 - 2012-07-26 09:22 - 00000006 ____H C:\windows\Tasks\SA.DAT
2017-04-17 13:36 - 2012-07-26 07:26 - 00262144 ___SH C:\windows\system32\config\BBI
2017-04-17 13:35 - 2015-12-14 15:14 - 00000000 ____D C:\AdwCleaner
2017-04-16 21:25 - 2012-07-26 07:37 - 00000000 ____D C:\Windows
2017-04-16 18:05 - 2017-01-12 15:53 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-04-13 15:15 - 2015-04-02 17:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ochrana koncového bodu Trusteer
2017-04-13 15:06 - 2014-01-21 11:57 - 00424664 _____ C:\windows\system32\FNTCACHE.DAT
2017-04-13 15:05 - 2016-12-10 16:14 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-04-13 15:05 - 2016-12-01 15:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-04-12 18:49 - 2016-05-13 21:20 - 00003384 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-04-12 18:49 - 2016-05-13 21:20 - 00003256 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-04-12 12:53 - 2016-05-13 20:59 - 00004476 _____ C:\windows\System32\Tasks\Adobe Acrobat Update Task
2017-04-12 12:53 - 2013-09-15 18:31 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2017-04-11 20:36 - 2013-06-18 12:03 - 00004372 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2017-04-11 20:36 - 2012-07-26 10:12 - 00000000 ____D C:\windows\SysWOW64\Macromed
2017-04-11 20:36 - 2012-07-26 10:12 - 00000000 ____D C:\windows\system32\Macromed
2017-04-11 20:26 - 2013-02-08 13:17 - 00000000 ____D C:\ProgramData\Temp
2017-04-11 20:18 - 2013-02-08 12:50 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-04-11 08:36 - 2016-07-09 14:43 - 00000000 ____D C:\ProgramData\ProductData
2017-04-08 17:44 - 2013-06-22 19:10 - 00001552 _____ C:\Users\Martina\Desktop\filmy.txt
2017-04-08 00:06 - 2013-06-26 22:38 - 00532136 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2017-04-06 19:49 - 2012-07-26 10:12 - 00000000 ____D C:\windows\AUInstallAgent
2017-04-06 19:48 - 2012-07-26 10:12 - 00000000 ___HD C:\Program Files\WindowsApps
2017-04-04 03:49 - 2015-12-30 20:45 - 00002206 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-04-04 03:49 - 2015-12-30 20:45 - 00002194 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-03-28 11:42 - 2013-06-19 22:29 - 00000000 ____D C:\Users\Martina\AppData\Local\CrashDumps
2017-03-25 18:22 - 2013-06-18 21:54 - 00000000 ____D C:\Users\Martina\AppData\Roaming\vlc
2017-03-25 17:38 - 2013-07-23 23:16 - 00000000 ____D C:\Users\Martina\Desktop\Filmy

==================== Files in the root of some directories =======

2004-06-01 17:21 - 2004-06-01 17:21 - 0289552 _____ (Microsoft Corporation) C:\Program Files (x86)\shlwapi.dll
2006-04-04 11:42 - 2006-04-04 11:42 - 0006537 _____ () C:\Program Files (x86)\XMLSchema1.xsd
2016-11-05 21:27 - 2016-11-05 21:27 - 0032038 _____ () C:\Users\Martina\AppData\Local\SquareClock.Production_Home_Siko_WebIcon.ico
2013-06-18 12:15 - 2013-06-18 12:15 - 0000057 _____ () C:\ProgramData\Ament.ini
2016-03-11 21:29 - 2016-03-11 21:29 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\Martina\AppData\Local\Temp\Quarantine.exe
C:\Users\Martina\AppData\Local\Temp\sqlite3.dll
C:\Users\Martina\AppData\Local\Temp\vlc-2.2.4-win32.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2017-04-11 20:34

==================== End of FRST.txt ============================

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\MountPoints2: {1c3be7a9-71dc-11e2-be6b-806e6f6e6963} - "E:\autorun.exe"
HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\MountPoints2: {6a843982-84fe-11e3-bec9-2cd05a349e8e} - "F:\setup.exe"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
URLSearchHook: [S-1-5-21-1443460809-2058308057-2046692019-1001] ATTENTION => Default URLSearchHook is missing
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\ProgramData\DP45977C.lfl
C:\Users\Martina\AppData\Local\Temp
Shortcut: C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Intеrnеt Ехplоrеr.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.bat (No File) <==== ATTENTION
Shortcut: C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Gооglе Сhrоmе.lnk -> C:\Users\Martina\AppData\Local\Google\Chrome\Application\chrome.bat (No File) <==== ATTENTION
Shortcut: C:\Users\Martina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Gооglе Сhrоmе.lnk -> C:\Users\Martina\AppData\Local\Google\Chrome\Application\chrome.bat (No File) <==== ATTENTION
Shortcut: C:\Users\Martina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Lаunсh Intеrnеt Ехplоrеr Вrоwsеr.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.bat (No File) <==== ATTENTION
Shortcut: C:\Users\Martina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Gооglе Сhrоmе.lnk -> C:\Users\Martina\AppData\Local\Google\Chrome\Application\chrome.bat (No File) <==== ATTENTION
Shortcut: C:\Users\Martina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Intеrnеt Ехplоrеr.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.bat (No File) <==== ATTENTION
Shortcut: C:\Users\Martina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Моzillа Firеfох.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.bat () <==== ATTENTION
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Моzillа Firеfох.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.bat () <==== ATTENTION
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm
AlternateDataStreams: C:\ProgramData\Temp:66BB1E73
AlternateDataStreams: C:\Users\Martina\Desktop\Dropbox.rar:com.dropbox.attributes

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[Mataa90]

Fix result of Farbar Recovery Scan Tool (x64) Version:14-12-2015
Ran by Martina (2017-04-18 19:25:07) Run:8
Running from C:\Users\Martina\Desktop\Složky\Programy\na viry\FRST-OlderVersion
Loaded Profiles: Martina (Available Profiles: Martina)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\MountPoints2: {1c3be7a9-71dc-11e2-be6b-806e6f6e6963} - "E:\autorun.exe"
HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\MountPoints2: {6a843982-84fe-11e3-bec9-2cd05a349e8e} - "F:\setup.exe"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
URLSearchHook: [S-1-5-21-1443460809-2058308057-2046692019-1001] ATTENTION => Default URLSearchHook is missing
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\ProgramData\DP45977C.lfl
C:\Users\Martina\AppData\Local\Temp
Shortcut: C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Intеrnеt Ехplоrеr.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.bat (No File) <==== ATTENTION
Shortcut: C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Gооglе Сhrоmе.lnk -> C:\Users\Martina\AppData\Local\Google\Chrome\Application\chrome.bat (No File) <==== ATTENTION
Shortcut: C:\Users\Martina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Gооglе Сhrоmе.lnk -> C:\Users\Martina\AppData\Local\Google\Chrome\Application\chrome.bat (No File) <==== ATTENTION
Shortcut: C:\Users\Martina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Lаunсh Intеrnеt Ехplоrеr Вrоwsеr.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.bat (No File) <==== ATTENTION
Shortcut: C:\Users\Martina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Gооglе Сhrоmе.lnk -> C:\Users\Martina\AppData\Local\Google\Chrome\Application\chrome.bat (No File) <==== ATTENTION
Shortcut: C:\Users\Martina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Intеrnеt Ехplоrеr.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.bat (No File) <==== ATTENTION
Shortcut: C:\Users\Martina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Моzillа Firеfох.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.bat () <==== ATTENTION
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Моzillа Firеfох.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.bat () <==== ATTENTION
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm
AlternateDataStreams: C:\ProgramData\Temp:66BB1E73
AlternateDataStreams: C:\Users\Martina\Desktop\Dropbox.rar:com.dropbox.attributes

EmptyTemp:
End
*****************

"HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1c3be7a9-71dc-11e2-be6b-806e6f6e6963}" => key removed successfully
HKCR\CLSID\{1c3be7a9-71dc-11e2-be6b-806e6f6e6963} => key not found.
"HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6a843982-84fe-11e3-bec9-2cd05a349e8e}" => key removed successfully
HKCR\CLSID\{6a843982-84fe-11e3-bec9-2cd05a349e8e} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => key removed successfully
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found.
Could not restore Default URLSearchHook.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
Could not move "C:\ProgramData\DP45977C.lfl" => Scheduled to move on reboot.

"C:\Users\Martina\AppData\Local\Temp" folder move:

"C:\Users\Martina\AppData\Local\Temp" => folder moved successfully

Shortcut: C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Intеrnеt Ехplоrеr.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.bat (No File) <==== ATTENTION => Error: No automatic fix found for this entry.
Shortcut: C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Gооglе Сhrоmе.lnk -> C:\Users\Martina\AppData\Local\Google\Chrome\Application\chrome.bat (No File) <==== ATTENTION => Error: No automatic fix found for this entry.
Shortcut: C:\Users\Martina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Gооglе Сhrоmе.lnk -> C:\Users\Martina\AppData\Local\Google\Chrome\Application\chrome.bat (No File) <==== ATTENTION => Error: No automatic fix found for this entry.
Shortcut: C:\Users\Martina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Lаunсh Intеrnеt Ехplоrеr Вrоwsеr.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.bat (No File) <==== ATTENTION => Error: No automatic fix found for this entry.
Shortcut: C:\Users\Martina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Gооglе Сhrоmе.lnk -> C:\Users\Martina\AppData\Local\Google\Chrome\Application\chrome.bat (No File) <==== ATTENTION => Error: No automatic fix found for this entry.
Shortcut: C:\Users\Martina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Intеrnеt Ехplоrеr.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.bat (No File) <==== ATTENTION => Error: No automatic fix found for this entry.
Shortcut: C:\Users\Martina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Моzillа Firеfох.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.bat () <==== ATTENTION => Error: No automatic fix found for this entry.
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Моzillа Firеfох.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.bat () <==== ATTENTION => Error: No automatic fix found for this entry.
C:\ProgramData\Reprise => ":wupeogjxldtlfudivq`qsp`26hfm" ADS removed successfully.
C:\ProgramData\Temp => ":66BB1E73" ADS removed successfully.
C:\Users\Martina\Desktop\Dropbox.rar => ":com.dropbox.attributes" ADS removed successfully.
EmptyTemp: => 917.3 MB temporary data Removed.

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2017-04-18 19:30:20)

C:\ProgramData\DP45977C.lfl => Is moved successfully

==== End of Fixlog 19:30:20 ====

[Rudy]

Smazáno. Nastala nějaká změna?

[Mataa90]

Zdá se, že je to v pořádku. Díky moc!

[Rudy]

Nemáte zač!