Zvětšené ikony na ploše, nefunkční internet.

[agata]

Dobrý den,
PC se mi vypnul a po zapnutí zlobí
Děkuji

[Rudy]

Zdravím!
Dejte log FRST: https://forum.viry.cz/viewtopic.php?f=13&t=154679 .

[agata]

To je problém, mám jen 1 PC...

[Rudy]

Těžko mohu určit, proč se to děje bez kontroly běžících procesů v PC. Vy se nedostanete na internet? Snad ano, když se dostanete sem na fórum.

[agata]

Na internetu jsem na tabletu...

[Rudy]

Potom těžko něco na dálku řešit. Univerzální rada: zkuste obnovu systému k datu, kdy korketně fungoval.

[agata]

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 08.11.2018
Ran by Andrea (administrator) on ANDREA-PC (09-11-2018 14:17:18)
Running from C:\Users\Andrea\Desktop
Loaded Profiles: Andrea (Available Profiles: Andrea)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Safe Mode (minimal)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Farbar) C:\Users\Andrea\Desktop\ano.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [6703648 2009-01-06] (Realtek Semiconductor)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2017-04-19] (Adobe Systems Incorporated)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1993408 2018-03-13] (COMODO)
HKLM\...\Run: [IseUI] => C:\Program Files\COMODO\Internet Security Essentials\vkise.exe [4072376 2018-01-17] (COMODO)
Winlogon\Notify\VESWinlogon: C:\Windows\system32\VESWinlogon.dll [2009-01-19] (Sony Corporation)
HKU\S-1-5-21-229735995-3260258197-3374296045-1000\...\Run: [WwwAccessConnectorUrlMonitor] => C:\Program Files\Median\WwwAccessConnector\AudioHUB.Processing.WwwAccessConnectorUrlMonitor.exe [274944 2016-06-29] (MEDIAN s.r.o.)
HKU\S-1-5-21-229735995-3260258197-3374296045-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll => C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll [123392 2011-02-04] (Google)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Url Monitor.lnk [2015-09-01]
ShortcutTarget: Url Monitor.lnk -> C:\Program Files\Median\WwwAccessConnector\AudioHUB.Processing.WwwAccessConnectorUrlMonitor.exe (MEDIAN s.r.o.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 02 C:\Windows\system32\napinsp.dll [50176 2008-01-21] (Společnost Microsoft)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{5CDE5058-9E40-4DDC-828B-4E2609822D96}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{8C900FA7-380C-46AA-AF30-5FEC3355B95F}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-229735995-3260258197-3374296045-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-229735995-3260258197-3374296045-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/
HKU\S-1-5-21-229735995-3260258197-3374296045-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
SearchScopes: HKU\S-1-5-21-229735995-3260258197-3374296045-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-229735995-3260258197-3374296045-1000 -> {67C334C0-408D-4E6D-B5A7-0ADD6AFFA252} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre6\bin\ssv.dll [2009-03-09] (Sun Microsystems, Inc.)
BHO: Pomocník pro přihlášení ke službě Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-09] (Sun Microsystems, Inc.)
Toolbar: HKU\S-1-5-21-229735995-3260258197-3374296045-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll [2008-12-03] (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2008-10-28] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll [2008-12-03] (Microsoft Corporation)

FireFox:
========
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2011-02-08] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll [2008-10-05] ()
FF Plugin: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
StartMenuInternet: firefox.exe - firefox.exe

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/"
CHR Profile: C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default [2018-11-09]
CHR Extension: (Prezentace) - C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-04-02]
CHR Extension: (Dokumenty) - C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-04-02]
CHR Extension: (Disk Google) - C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-04-03]
CHR Extension: (YouTube) - C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Vyhledávání Google) - C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-29]
CHR Extension: (Tabulky) - C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-04-02]
CHR Extension: (Dokumenty Google offline) - C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [109056 2008-08-01] (ArcSoft Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2018-10-09] (Adobe Systems Incorporated) [File not signed]
S2 AudioHubWwwAccessConnector; C:\Program Files\Median\WwwAccessConnector\AudioHUB.Processing.WwwAccessConnector.exe [187392 2016-06-29] (MEDIAN s.r.o.) [File not signed]
S2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [8867672 2018-03-13] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2080448 2018-03-13] (COMODO)
S2 FolderSize; C:\Program Files\FolderSize\FolderSizeSvc.exe [114688 2013-02-13] (Brio) [File not signed]
S3 GoogleDesktopManager-051210-111108; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2011-02-04] (Google)
S2 isesrv; C:\Program Files\COMODO\Internet Security Essentials\isesrv.exe [1199544 2018-01-17] (COMODO)
S2 McciCMService; C:\Program Files\Common Files\Motive\McciCMService.exe [303104 2007-10-15] (Motive Communications, Inc.) [File not signed]
S3 PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [114688 2009-01-08] (Sony Corporation) [File not signed]
S3 SOHDBSvr; C:\Program Files\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [70952 2009-01-20] (Sony Corporation)
S3 SOHPlMgr; C:\Program Files\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [91432 2009-01-20] (Sony Corporation)
S2 uCamMonitor; C:\Program Files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
S3 VAIO Entertainment TV Device Arbitration Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe [69632 2009-01-21] (Sony Corporation) [File not signed]
S2 VAIO Event Service; C:\Program Files\Sony\VAIO Event Service\VESMgr.exe [203624 2009-01-19] (Sony Corporation)
S2 VcmIAlzMgr; C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [394536 2009-01-20] (Sony Corporation)
S3 Vcsw; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [313264 2009-01-21] (Sony Corporation)
S2 VzCdbSvc; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [192512 2009-01-21] (Sony Corporation) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
S2 XAudioService; [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [17920 2008-04-24] (ArcSoft, Inc.)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [21272 2018-01-31] (COMODO)
S1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [648560 2018-01-31] (COMODO)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-11] (Společnost Microsoft)
S1 isedrv; C:\Windows\system32\drivers\isedrv.sys [40672 2018-01-17] (COMODO)
S3 LgBttPort; C:\Windows\System32\DRIVERS\lgbtport.sys [12160 2009-09-29] (LG Electronics Inc.)
R3 lgbusenum; C:\Windows\System32\DRIVERS\lgbtbus.sys [10496 2009-09-29] (LG Electronics Inc.)
S3 lgmdbus; C:\Windows\System32\DRIVERS\lgmdbus.sys [89600 2008-07-08] (MCCI Corporation)
S3 lgmdmdfl; C:\Windows\System32\DRIVERS\lgmdmdfl.sys [14976 2008-07-08] (MCCI Corporation)
S3 lgmdmdm; C:\Windows\System32\DRIVERS\lgmdmdm.sys [121344 2008-07-08] (MCCI Corporation)
S3 lgmdmgmt; C:\Windows\System32\DRIVERS\lgmdmgmt.sys [114944 2008-07-08] (MCCI Corporation)
S3 lgmdobex; C:\Windows\System32\DRIVERS\lgmdobex.sys [111232 2008-07-08] (MCCI Corporation)
S3 LGVMODEM; C:\Windows\System32\DRIVERS\lgvmodem.sys [12928 2009-09-29] (LG Electronics Inc.)
S3 MREMP50; C:\Program Files\Common Files\Motive\MREMP50.sys [21248 2008-03-29] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 MRESP50; C:\Program Files\Common Files\Motive\MRESP50.sys [20096 2008-03-29] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
R3 Ntfs; C:\Windows\system32\Drivers\Ntfs.sys [1082232 2013-03-03] (Společnost Microsoft)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
S3 catchme; \??\C:\Users\Andrea\AppData\Local\Temp\catchme.sys [X] <==== ATTENTION
S3 MREMP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [X]
S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [X]
S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [X]
S3 MRESP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-11-09 14:17 - 2018-11-09 14:17 - 000013899 _____ C:\Users\Andrea\Desktop\FRST.txt
2018-11-09 14:17 - 2018-11-09 14:17 - 000000000 ____D C:\FRST
2018-11-09 13:44 - 2018-11-09 13:44 - 000000000 ____D C:\Users\Andrea\Desktop\Nová složka
2018-11-09 13:30 - 2018-11-09 13:05 - 001775616 _____ (Farbar) C:\Users\Andrea\Desktop\ano.exe
2018-11-03 10:11 - 2018-11-03 10:11 - 000000022 _____ C:\Users\Andrea\Documents\Nový WinRAR ZIP archiv.zip
2018-11-03 09:35 - 2018-11-03 09:35 - 000000000 ____D C:\Users\Andrea\AppData\Roaming\Roxio
2018-11-03 09:35 - 2018-11-03 09:35 - 000000000 ____D C:\ProgramData\Roxio
2018-11-01 16:12 - 2018-11-01 16:12 - 000000000 ____D C:\Users\Andrea\Desktop\HD Tune Pro 5.70 - Portable
2018-11-01 13:41 - 2018-11-09 14:17 - 000524286 _____ C:\Windows\ntbtlog.txt
2018-10-23 11:57 - 2018-10-23 11:57 - 000000000 ____D C:\Users\Andrea\Documents\WebCam Albums
2018-10-17 09:40 - 2018-10-17 09:40 - 000077064 _____ C:\Users\Andrea\Downloads\sedUM_pozvanka_A5_screen_dejvice.jpeg

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-11-09 14:09 - 2016-09-13 12:06 - 000007512 _____ C:\Users\Andrea\AppData\Local\d3d9caps.dat
2018-11-09 14:09 - 2015-09-01 11:33 - 002392064 _____ C:\Windows\system32\tempResults.db
2018-11-09 14:09 - 2006-11-02 14:01 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-11-09 14:09 - 2006-11-02 13:47 - 000003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2018-11-09 14:09 - 2006-11-02 13:47 - 000003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2018-11-09 14:08 - 2017-04-24 11:45 - 000149054 _____ C:\Windows\system32\Drivers\fvstore.dat
2018-11-09 14:08 - 2017-04-13 12:37 - 001412288 _____ C:\Windows\system32\Drivers\sfi.dat
2018-11-09 14:08 - 2006-11-02 14:01 - 000032560 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2018-11-06 08:55 - 2016-06-11 08:28 - 1467942912 _____ C:\Users\Andrea\Desktop\James-Bond---Casino-Royale-cz-avi.avi
2018-11-03 09:49 - 2006-11-02 13:37 - 000000000 ___RD C:\Users\Public\Recorded TV
2018-11-03 09:34 - 2009-03-09 19:09 - 000098586 _____ C:\Windows\system32\perfh005.dat
2018-11-03 09:34 - 2009-03-09 19:09 - 000030350 _____ C:\Windows\system32\perfc005.dat
2018-11-03 09:34 - 2006-11-02 12:18 - 000000000 ____D C:\Windows\inf
2018-11-03 09:34 - 2006-11-02 11:33 - 000119704 _____ C:\Windows\system32\PerfStringBackup.INI
2018-11-02 14:34 - 2011-02-04 15:41 - 000000000 ____D C:\Users\Andrea
2018-11-02 14:34 - 2006-11-02 12:18 - 000000000 ____D C:\Windows\system32\spool
2018-11-02 14:34 - 2006-11-02 12:18 - 000000000 ____D C:\Windows\system32\Msdtc
2018-11-02 14:34 - 2006-11-02 12:18 - 000000000 ____D C:\Windows\registration
2018-11-02 14:34 - 2006-11-02 11:22 - 060030976 _____ C:\Windows\system32\config\software_previous
2018-11-02 14:34 - 2006-11-02 11:22 - 036962304 _____ C:\Windows\system32\config\system_previous
2018-11-02 14:28 - 2006-11-02 11:22 - 000262144 _____ C:\Windows\system32\config\security_previous
2018-11-02 14:28 - 2006-11-02 11:22 - 000262144 _____ C:\Windows\system32\config\sam_previous
2018-11-02 13:25 - 2006-11-02 13:47 - 000021504 _____ C:\Windows\system32\umstartup.etl
2018-11-02 13:21 - 2006-11-02 11:22 - 000524288 _____ C:\Windows\system32\config\default_previous
2018-11-02 13:17 - 2006-11-02 11:22 - 084410368 _____ C:\Windows\system32\config\components_previous
2018-10-23 11:57 - 2016-09-11 15:54 - 000000000 ____D C:\Users\Andrea\AppData\Roaming\ArcSoft

==================== Files in the root of some directories =======

2011-11-21 12:45 - 2011-11-21 12:45 - 000000600 _____ () C:\Users\Andrea\AppData\Roaming\winscp.rnd
2011-02-24 11:47 - 2014-12-02 08:18 - 000001218 _____ () C:\Users\Andrea\AppData\Roaming\wklnhst.dat
2016-09-13 12:06 - 2018-11-09 14:09 - 000007512 _____ () C:\Users\Andrea\AppData\Local\d3d9caps.dat
2017-04-13 08:13 - 2017-04-13 08:13 - 000003584 _____ () C:\Users\Andrea\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-02-04 17:44 - 2011-02-04 17:47 - 000000184 _____ () C:\Users\Andrea\AppData\Local\setup.log
2017-06-25 09:14 - 2017-06-25 09:16 - 000000000 _____ () C:\Users\Andrea\AppData\Local\{33EF4A28-66D6-4BF4-85F2-3C0BA52CF8FF}
2017-05-16 11:15 - 2017-05-16 11:15 - 000000000 _____ () C:\Users\Andrea\AppData\Local\{650DDA52-F610-40AB-A85D-7A1B736F0CC4}
2017-04-27 08:42 - 2017-04-27 08:43 - 000000000 _____ () C:\Users\Andrea\AppData\Local\{A2419EC2-EB83-4E1D-A205-73A1E96C0320}

Some files in TEMP:
====================
2017-05-14 08:26 - 2007-11-29 10:13 - 000540672 _____ (Motive Communications, Inc.) C:\Users\Andrea\AppData\Local\temp\IHU1209.tmp.exe
2018-04-06 21:16 - 2007-11-29 10:13 - 000540672 _____ (Motive Communications, Inc.) C:\Users\Andrea\AppData\Local\temp\IHU15FF.tmp.exe
2017-05-30 11:40 - 2007-11-29 10:13 - 000540672 _____ (Motive Communications, Inc.) C:\Users\Andrea\AppData\Local\temp\IHU163E.tmp.exe
2017-06-02 08:38 - 2007-11-29 10:13 - 000540672 _____ (Motive Communications, Inc.) C:\Users\Andrea\AppData\Local\temp\IHU17C4.tmp.exe
2017-07-06 09:17 - 2007-11-29 10:13 - 000540672 _____ (Motive Communications, Inc.) C:\Users\Andrea\AppData\Local\temp\IHU1E2A.tmp.exe
2017-10-10 09:08 - 2007-11-29 10:13 - 000540672 _____ (Motive Communications, Inc.) C:\Users\Andrea\AppData\Local\temp\IHU1EA6.tmp.exe
2017-11-23 11:04 - 2007-11-29 10:13 - 000540672 _____ (Motive Communications, Inc.) C:\Users\Andrea\AppData\Local\temp\IHU24DE.tmp.exe
2017-12-03 19:39 - 2007-11-29 10:13 - 000540672 _____ (Motive Communications, Inc.) C:\Users\Andrea\AppData\Local\temp\IHU2FD6.tmp.exe
2017-04-24 12:00 - 2007-11-29 10:13 - 000540672 _____ (Motive Communications, Inc.) C:\Users\Andrea\AppData\Local\temp\IHU38EA.tmp.exe
2018-07-25 13:09 - 2007-11-29 10:13 - 000540672 _____ (Motive Communications, Inc.) C:\Users\Andrea\AppData\Local\temp\IHU3E85.tmp.exe
2018-07-19 12:55 - 2007-11-29 10:13 - 000540672 _____ (Motive Communications, Inc.) C:\Users\Andrea\AppData\Local\temp\IHU97DB.tmp.exe
2018-06-26 09:06 - 2007-11-29 10:13 - 000540672 _____ (Motive Communications, Inc.) C:\Users\Andrea\AppData\Local\temp\IHUA1D.tmp.exe
2018-11-01 13:52 - 2007-11-29 10:13 - 000540672 _____ (Motive Communications, Inc.) C:\Users\Andrea\AppData\Local\temp\IHUB634.tmp.exe
2018-10-04 09:19 - 2007-11-29 10:13 - 000540672 _____ (Motive Communications, Inc.) C:\Users\Andrea\AppData\Local\temp\IHUBEEB.tmp.exe
2018-11-01 14:01 - 2007-11-29 10:13 - 000540672 _____ (Motive Communications, Inc.) C:\Users\Andrea\AppData\Local\temp\IHUC4A5.tmp.exe
2017-06-13 09:15 - 2017-07-17 08:54 - 004113960 _____ (COMODO) C:\Users\Andrea\AppData\Local\temp\ise_installer.exe
2016-03-03 10:50 - 2015-07-29 21:08 - 000681097 _____ (SQLite Development Team) C:\Users\Andrea\AppData\Local\temp\sqlite3.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-11-09 13:33

==================== End of FRST.txt ============================

[agata]

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 08.11.2018
Ran by Andrea (09-11-2018 14:18:49)
Running from C:\Users\Andrea\Desktop
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) (2011-01-28 20:19:17)
Boot Mode: Safe Mode (minimal)
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-229735995-3260258197-3374296045-500 - Administrator - Disabled)
Andrea (S-1-5-21-229735995-3260258197-3374296045-1000 - Administrator - Enabled) => C:\Users\Andrea
Guest (S-1-5-21-229735995-3260258197-3374296045-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: COMODO Antivirus (Enabled - Out of date) {08B84BA8-CC77-5A8B-A100-3F522B1B6106}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: COMODO Advanced Protection (Enabled - Up to date) {B3D9AA4C-EA4D-5505-9BB0-0420509C2BBB}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
7-Zip 17.00 beta (HKLM\...\7-Zip) (Version: 17.00 beta - Igor Pavlov)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.6.0.6090 - Adobe Systems Incorporated)
Adobe Flash Player 10 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 10.0.12.36 - Adobe Systems Incorporated)
Adobe Flash Player 31 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 31.0.0.122 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Altap Salamander 2.53 beta 2 (HKLM\...\Altap Salamander 2.53 beta 2) (Version: 2.53 beta 2 - ALTAP)
ArcSoft Magic-i Visual Effects 2 (HKLM\...\{7BB90344-0647-468E-925A-7F69F7983421}) (Version: 2.0.1.39 - ArcSoft)
ArcSoft WebCam Companion 2 (HKLM\...\{9973498D-EA29-4A68-BE0B-C88D6E03E928}) (Version: - ArcSoft)
Asistent pro přihlášení ke službě Windows Live (HKLM\...\{BD86C297-41C7-4DB5-82C4-98DE3399A2EF}) (Version: 5.000.818.6 - Microsoft Corporation)
ATI Catalyst Install Manager (HKLM\...\{252E50FD-F27C-C8DD-C9E2-D2845A2DC399}) (Version: 3.0.682.0 - ATI Technologies, Inc.)
AudioHUBWwwAccessConnector 1.0.0.1976 (HKLM\...\AudioHUBWwwAccessConnector) (Version: 1.0.0.1976 - MEDIAN s.r.o.)
ccc-core-static (HKLM\...\{A939F952-1C7E-CBF8-EE77-CFBD9C6A4ECC}) (Version: 2008.0717.2343.40629 - ATI) Hidden
Click to Disc (HKLM\...\{47A2CE5C-EA1F-4F58-8A0A-9452CBA795CD}) (Version: 1.2.60.13210 - Sony Corporation) Hidden
Click to Disc (HKLM\...\{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}) (Version: 1.2.60.13210 - Sony Corporation)
Click to Disc Editor (HKLM\...\{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}) (Version: 2.0.00 - Sony Corporation) Hidden
Click to Disc Editor (HKLM\...\InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}) (Version: 2.0.00 - Sony Corporation)
COMODO Antivirus (HKLM\...\{C7C71F0C-4CC1-4B17-943C-96E5196DDA74}) (Version: 10.2.0.6526 - COMODO Security Solutions Inc.)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Cucusoft MPEG/AVI to DVD/VCD/SVCD/MPEG Converter Pro 5.11 (HKLM\...\Cucusoft MPEG/AVI to DVD/VCD/SVCD/MPEG Converter Pro_is1) (Version: - Cucusoft, Inc.)
CV Curriculum vitae CREATOR (HKLM\...\CV Curriculum vitae CREATOR) (Version: - )
EPSON Copy Utility (HKLM\...\{B69CC1A5-0404-11D6-ABCB-005004C21D30}) (Version: - )
EPSON Photo Print (HKLM\...\{9391F2BC-B6F3-4AAC-82CC-5A74A4ED388E}) (Version: - )
EPSON Printer Software (HKLM\...\EPSON Printer and Utilities) (Version: - )
EPSON Smart Panel (HKLM\...\{6C11D561-620B-47DA-A693-4C597F3CDF40}) (Version: - )
Folder Size (HKLM\...\{FC8D21C8-7B29-4104-ADB0-FEE9CA1C7922}) (Version: 2.6 - Brio)
Free File Opener v2011.6.0.4 (HKLM\...\Free File Opener_is1) (Version: 2011.6.0.4 - Free File Opener, LLC)
Google Desktop (HKLM\...\Google Desktop) (Version: 5.9.1005.12335 - Google)
Google Chrome (HKLM\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Choice Guard (HKLM\...\{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}) (Version: 1.2.87.0 - Microsoft Corporation) Hidden
Internet Security Essentials (HKLM\...\ComodoIse) (Version: 1.3.438464.135 - Comodo)
Java(TM) 6 Update 11 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216011FF}) (Version: 6.0.110 - Sun Microsystems, Inc.)
K-Lite Mega Codec Pack 12.3.5 (HKLM\...\KLiteCodecPack_is1) (Version: 12.3.5 - KLCP)
LG Bluetooth Drivers (HKLM\...\{AC7EE5F1-0DE4-4256-8E43-92B73C8E6019}) (Version: 1.1 - LG Electronics)
LG MC USB U330 driver (HKLM\...\{ABD7DBE3-E344-4BCA-B8AD-4360494DD1D9}) (Version: 1.0.0.0000 - LG Electronics)
LG United Mobile Drivers (HKLM\...\{5C85747A-91B6-4233-AAF8-063506D0FF4F}) (Version: 1.0 - LG Electronics)
Me&My VAIO (HKLM\...\{76D7CCD6-8369-405C-B494-5F34FAE67249}) (Version: 1.2.0.14020 - Sony Corporation)
Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - csy) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Works (HKLM\...\{67E03279-F703-408F-B4BF-46B5FC8D70CD}) (Version: 9.7.0621 - Microsoft Corporation)
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Music Transfer (HKLM\...\{CE2121C6-C94D-4A73-8EA4-6943F33EE335}) (Version: 1.3.01.13160 - Sony Corporation)
O2 Internet Konfigurator (HKLM\...\O2 Internet Konfigurator) (Version: - )
Odinstalovat LG PC Suite III (HKLM\...\{D94BA408-F110-488B-A65E-3AE7945F79E6}_is1) (Version: - LG Electronics)
OpenMG Secure Module 5.3.00 (HKLM\...\{DEF97A70-C67D-41E1-837C-6462C97A6F65}) (Version: 5.3.00.13080 - Sony Corporation) Hidden
OpenMG Secure Module 5.3.00 (HKLM\...\InstallShield_{DEF97A70-C67D-41E1-837C-6462C97A6F65}) (Version: 5.3.00.13080 - Sony Corporation)
PhotoRazor (HKLM\...\PhotoRazor) (Version: - )
Primo (HKLM\...\{14291118-0C19-45EA-A4FA-5C1C0F5FDE09}) (Version: 1.00.0000 - Your Company Name) Hidden
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5759 - Realtek Semiconductor Corp.)
Roxio Easy Media Creator 10 LJ (HKLM\...\{537BF16E-7412-448C-95D8-846E85A1D817}) (Version: 10.1 - Roxio)
Runtime (HKLM\...\{DABF43D9-1104-4764-927B-5BED1274A3B0}) (Version: 1.00.0000 - Your Company Name) Hidden
ScanToWeb (HKLM\...\{EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}) (Version: - )
Setting Utility Series (HKLM\...\{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}) (Version: 4.3.0.14120 - Sony Corporation)
Skins (HKLM\...\{8C467DE1-6E04-0888-B281-172909C96F37}) (Version: 2008.0717.2343.40629 - ATI) Hidden
Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SoftPerfect WiFi Guard version 1.0.0 (HKLM\...\{38AFD787-4D2E-4442-92D2-7739F5F92CF4}_is1) (Version: 1.0.0 - SoftPerfect Research)
Software Info for Me&My VAIO (HKLM\...\{69C8B1E3-2665-4A0F-B049-67746E5C4CE3}) (Version: 1.0.0.14020 - Sony Corporation)
Some PDF to Word Converter 1.5 (HKLM\...\Some PDF to Word Converter_is1) (Version: - SomePDF.com)
Sony Home Network Library (HKLM\...\{6EB6A82E-4918-481F-9AF8-3129E6D29B7E}) (Version: 1.4.0.13200 - Sony Corporation) Hidden
Sony Home Network Library (HKLM\...\{D03D02D8-AB64-4785-A48E-5AA8B0FB8C14}) (Version: 1.4.0.13200 - Sony Corporation)
Sony Picture Utility (HKLM\...\{D5068583-D569-468B-9755-5FBF5848F46F}) (Version: 4.2.12.14260 - Sony Corporation)
Sony Video Shared Library (HKLM\...\{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}) (Version: 3.5.00 - Sony Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 9.1.13.0 - Synaptics)
VAIO Content Folder Setting (HKLM\...\{23825B69-36DF-4DAD-9CFD-118D11D80F16}) (Version: 2.3.0.12220 - Sony Corporation)
VAIO Content Folder Watcher (HKLM\...\{2878C3C9-9D91-430F-8F50-885BB23DB001}) (Version: 1.1.0.13140 - Sony Corporation) Hidden
VAIO Content Folder Watcher (HKLM\...\{327B75F0-92AF-420A-988F-FA596A218E0B}) (Version: 1.1.0.13140 - Sony Corporation)
VAIO Content Folder Watcher (HKLM\...\{64DBE9FE-A07D-41A0-B81A-8D416D9647FF}) (Version: 1.1.0.13140 - Sony Corporation) Hidden
VAIO Content Metadata Intelligent Analyzing Manager (HKLM\...\{068F037B-2723-48E3-85F1-4D7D93A29D2A}) (Version: 3.4.0.13192 - Sony Corporation) Hidden
VAIO Content Metadata Intelligent Analyzing Manager (HKLM\...\{BFD85D24-D4F3-4CCC-B518-D7C4FC29C76D}) (Version: 3.4.0.13192 - Sony Corporation)
VAIO Content Metadata Intelligent Analyzing Manager (HKLM\...\{CD7E6232-D41D-4E5B-ABE1-0264B6260309}) (Version: 3.4.0.13192 - Sony Corporation) Hidden
VAIO Content Metadata Manager Setting (HKLM\...\{C62AEA0E-90B0-4049-9780-8499A18A34D7}) (Version: 3.4.0.13160 - Sony Corporation) Hidden
VAIO Content Metadata Manager Setting (HKLM\...\{EADE97A7-E7AA-43FD-A042-92A68E0187A6}) (Version: 3.4.0.13160 - Sony Corporation)
VAIO Content Metadata XML Interface Library (HKLM\...\{C1555BC5-88B1-466B-BC79-062B5715DF92}) (Version: 3.4.0.13160 - Sony Corporation) Hidden
VAIO Content Metadata XML Interface Library (HKLM\...\{E3453B1B-C91B-4C48-B046-8DF635DD46F2}) (Version: 3.4.0.13160 - Sony Corporation)
VAIO Control Center (HKLM\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 3.3.0.12240 - Sony Corporation)
VAIO Data Restore Tool (HKLM\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.1.00.13080 - Sony Corporation)
VAIO DVD Menu Data Basic (HKLM\...\{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}) (Version: 1.0.00.08130 - Sony Corporation)
VAIO Entertainment Platform (HKLM\...\{6B1F20F2-6321-4669-A58C-33DF8E7517FF}) (Version: 3.4.0.13210 - Sony Corporation)
VAIO Entertainment Platform (HKLM\...\{A9D3D707-4A1A-4227-BE6E-F16448B4CB63}) (Version: 3.4.0.13210 - Sony Corporation) Hidden
VAIO Event Service (HKLM\...\{C7477742-DDB4-43E5-AC8D-0259E1E661B1}) (Version: 4.3.0.13190 - Sony Corporation)
VAIO Launcher (HKLM\...\{15D5C238-4C2E-4AEA-A66D-D6989A4C586B}) (Version: 2.3.0.15090 - Sony Corporation)
VAIO Marketing Tools (HKLM\...\MarketingTools) (Version: - Sony Corporation)
VAIO Media plus (HKLM\...\{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}) (Version: 1.4.0.13200 - Sony Corporation)
VAIO Media plus Opening Movie (HKLM\...\{9238E8A4-BEBA-43A3-B926-769BDBF194C5}) (Version: 1.2.0.09100 - Sony Corporation)
VAIO Movie Story (HKLM\...\{7B79CD75-F848-4B33-83E3-0EE1A1805A8C}) (Version: 1.4.00.13080 - Sony Corporation) Hidden
VAIO Movie Story (HKLM\...\{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}) (Version: 1.4.00.13080 - Sony Corporation)
VAIO Movie Story Template Data (HKLM\...\{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}) (Version: 1.4.00.13080 - Sony Corporation)
VAIO MusicBox (HKLM\...\{D613E659-6503-42A8-9617-4F599061EAD5}) (Version: 2.2.0.13091 - Sony Corporation)
VAIO MusicBox Sample Music (HKLM\...\{98FC7A64-774B-49B5-B046-4B4EBC053FA9}) (Version: 1.1.00.14140 - Sony Corporation)
VAIO Original Function Setting (HKLM\...\{A63E7492-A0BC-4BB9-89A7-352965222380}) (Version: 1.5.01.10310 - Sony Corporation)
VAIO Power Management (HKLM\...\{5F5867F0-2D23-4338-A206-01A76C823924}) (Version: 3.3.0.12190 - Sony Corporation)
VAIO Presentation Support (HKLM\...\{2018C019-30D9-4240-8C01-0865C10DCF5A}) (Version: 1.2.0.12240 - Sony Corporation)
VAIO Update 4 (HKLM\...\{83CDA18E-0BF3-4ACA-872C-B4CDABF2360E}) (Version: 4.1.0.12180 - Sony Corporation)
VAIO Wallpaper Contents (HKLM\...\{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}) (Version: 1.3.0.10310 - Sony Corporation)
Widevine Media Optimizer Chrome 6.0.0 (HKLM\...\optimizer_chrome) (Version: 6.0.0.12757 - Widevine Technologies)
Widevine Media Optimizer Chrome 6.0.0 (HKU\S-1-5-21-229735995-3260258197-3374296045-1000\...\optimizer_chrome) (Version: 6.0.0.12757 - Widevine Technologies)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8050.1202 - Microsoft Corporation)
Windows Live Upload Tool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
WinDVD for VAIO (HKLM\...\{20471B27-D702-4FE8-8DEC-0702CC8C0A85}) (Version: 8.0-B9.726 - InterVideo Inc.) Hidden
WinDVD for VAIO (HKLM\...\InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}) (Version: 8.0-B9.726 - InterVideo Inc.)
WinRAR 5.21 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-229735995-3260258197-3374296045-1000_Classes\CLSID\{30991014-C94F-11D1-BE8B-0060971F5386}\InprocServer32 -> C:\Program Files\Altap Salamander (beta)\plugins\eroiica\PFltWmf.dll (Parallax69 Software Int'l)
CustomCLSID: HKU\S-1-5-21-229735995-3260258197-3374296045-1000_Classes\CLSID\{30992102-C94F-11D1-BE8B-0060971F5386}\InprocServer32 -> C:\Program Files\Altap Salamander (beta)\plugins\eroiica\erfBmp.dll (Parallax69 Software International s.r.o.)
CustomCLSID: HKU\S-1-5-21-229735995-3260258197-3374296045-1000_Classes\CLSID\{3099210D-C94F-11D1-BE8B-0060971F5386}\InprocServer32 -> C:\Program Files\Altap Salamander (beta)\plugins\eroiica\erfDsi.dll (Parallax69 Software International s.r.o.)
CustomCLSID: HKU\S-1-5-21-229735995-3260258197-3374296045-1000_Classes\CLSID\{30992117-C94F-11D1-BE8B-0060971F5386}\InprocServer32 -> C:\Program Files\Altap Salamander (beta)\plugins\eroiica\erfJpg.dll (Parallax69 Software International s.r.o.)
CustomCLSID: HKU\S-1-5-21-229735995-3260258197-3374296045-1000_Classes\CLSID\{30992121-C94F-11D1-BE8B-0060971F5386}\InprocServer32 -> C:\Program Files\Altap Salamander (beta)\plugins\eroiica\erfPng.dll (Parallax69 Software International s.r.o.)
CustomCLSID: HKU\S-1-5-21-229735995-3260258197-3374296045-1000_Classes\CLSID\{30992143-C94F-11D1-BE8B-0060971F5386}\InprocServer32 -> C:\Program Files\Altap Salamander (beta)\plugins\eroiica\erfGif.dll (Parallax69 Software International s.r.o.)
CustomCLSID: HKU\S-1-5-21-229735995-3260258197-3374296045-1000_Classes\CLSID\{4052D303-74C5-49EA-BC6B-66099C8D4007}\InprocServer32 -> C:\Program Files\Google\Google Desktop Search\GoogleDesktopAPI2.dll (Google)
CustomCLSID: HKU\S-1-5-21-229735995-3260258197-3374296045-1000_Classes\CLSID\{C78B613E-F3EA-11D2-94A1-00E0292A01E3}\InprocServer32 -> C:\Program Files\Altap Salamander (beta)\plugins\salamext.dll (ALTAP)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2017-04-29] (Igor Pavlov)
ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2018-03-13] (COMODO)
ContextMenuHandlers1: [RXDCExtSvr] -> {70D0238E-E029-4a94-B68D-182018B6C4FF} => C:\Program Files\Roxio\Virtual Drive 10\DC_ShellExt.dll [2008-11-30] (Sonic Solutions)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2018-03-13] (COMODO)
ContextMenuHandlers2: [RXDCExtSvr] -> {70D0238E-E029-4a94-B68D-182018B6C4FF} => C:\Program Files\Roxio\Virtual Drive 10\DC_ShellExt.dll [2008-11-30] (Sonic Solutions)
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2017-04-29] (Igor Pavlov)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll [2008-07-02] (Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2017-04-29] (Igor Pavlov)
ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2018-03-13] (COMODO)
ContextMenuHandlers6: [RXDCExtSvr] -> {70D0238E-E029-4a94-B68D-182018B6C4FF} => C:\Program Files\Roxio\Virtual Drive 10\DC_ShellExt.dll [2008-11-30] (Sonic Solutions)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01CF1725-E2DC-44BD-B408-98E145376074} - System32\Tasks\{76A7FDF9-4D62-4B0A-A5D3-401532E38DCF} => C:\Windows\system32\pcalua.exe -a C:\Users\Andrea\Downloads\MOHAA_Spearhead_demo.EXE -d C:\Users\Andrea\Downloads
Task: {0BAC1BBF-935B-4440-9145-F9A9403B326B} - System32\Tasks\SONY\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe [2008-12-18] (Sony Corporation)
Task: {0C3AF200-FADC-49E5-880E-DEE192C8B79A} - System32\Tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask => C:\Windows\system32\RAServer.exe [2008-01-21] (Společnost Microsoft)
Task: {3EC9BAF6-8CCF-45A6-96B2-5A6BB73F2C73} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {3FA66E01-73C6-465F-B4E0-0449B0881E4E} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2018-03-13] (COMODO)
Task: {43D5CD48-DE70-450D-A48B-5ECF80AAC13D} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2018-03-13] (COMODO)
Task: {5E9F2E46-3882-45A0-8730-6C11144C7276} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2018-03-13] (COMODO)
Task: {A4D44E0D-F3F3-4315-89F7-10DA274302C5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {A8C40234-300E-4103-86A9-0FBFEA810704} - System32\Tasks\IHUninstallTrackingTASK => CMD /C DEL C:\Users\Andrea\AppData\Local\Temp\IHUABE7.tmp.exe <==== ATTENTION
Task: {AB5A68BC-9C5A-4E76-A969-96571FD07171} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2018-03-13] (COMODO)
Task: {AF81BDCF-56BA-4B20-A91C-B1EBA90D7F10} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2018-03-13] (COMODO)
Task: {C5968E74-F41D-4EC8-80F1-0DF9C5721713} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {D7F63CF4-A813-4B40-B87B-3954FA796517} - System32\Tasks\SONY\Me&My VAIO\Me&My VAIO => C:\Program Files\Sony\Me&My VAIO\QLGuide.exe [2009-02-03] (Sony Corporation)
Task: {DBAC4537-60F9-4938-8216-F45949A14F64} - System32\Tasks\COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [2018-03-13] (COMODO)
Task: {DBEFCAA2-9513-45F1-A8CD-7A60DE254016} - System32\Tasks\MotiveReportingUninstall => C:\Program Files\Common Files\Motive\InstallHelper.exe [2007-11-29] (Motive Communications, Inc.)
Task: {DF8073F3-6E1E-47C0-B327-8C59D9D89B01} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2018-10-09] (Adobe Systems Incorporated)
Task: {EA843ABC-E132-4DB7-BC40-BAC445EE263D} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2018-03-13] (COMODO)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\":
WMI:subscription\__EventFilter->BVTFilter:
WMI:subscription\CommandLineEventConsumer->BVTConsumer:

==================== Loaded Modules (Whitelisted) ==============


==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Andrea\Desktop\24-s09e11---9.00-p.m.---10.00-p.m----tit.CZ-v-obraze.avi:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Desktop\24-s09e12---Day-9-10.00-p.m.-%13-11.00-a.m.-[tit.-CZ-v-obraze].avi:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Desktop\24.S09E01-cz.tit..avi:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Desktop\James-Bond---Casino-Royale-cz-avi.avi:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Desktop\Kočka-na-rozpálené-plechové-střeše---Cat-on-a-Hot-Tin-Roof-1958,-CZ-tit.avi:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Desktop\Le-Samourai-The-Godson-1967-Samuraj-Alain-Delon-cz-en.avi:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Desktop\Na-východ-od-ráje---East-of-Eden-1955,-CZ-tit.avi:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Desktop\První klidná noc.avi:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Desktop\Sicilský-klan-(Le-clan-des-Siciliens,-1968,-původní-český-dabing).mpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Andrea\Desktop\Tony-Arzenta-(A.Delon)CZ-TIT.avi:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Desktop\Zatmění-Eclisse,-L-Antonioni-1962.avi:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Desktop\Zpovídám-se---I-Confess-1953,-CZ-tit.avi:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Desktop\Závrať---Vertigo-1958,-CZ-tit.avi:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Desktop\Ďáblova-krása---La-Beauté-du-diable-1950,-CZ-tit.avi:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Downloads\První-klidná-noc-(drama-1972---A.Delon)CZ-TIT---IRISA.avi:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Downloads\touch-s02e13-hdtv-x264-lol-přes-MultiLoad.cz.mp4:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Downloads\Touch.S02E08.720p.HDTV.X264-DIMENSION.mkv:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Downloads\volnemisto_pracovniksluzeb.docx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Andrea\Documents\24-hodin-S08E23+titulky-CZpe.avi:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Documents\Dva-muži-ve-městě-krimi-cz-lagis1.avi:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Documents\hrabenka-z-honkongu-a-countess-from-hong-kong_cz_en.avi:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Documents\On-the-Waterfront-(1954)-eng-DVDRip.x264.CZsub-JrK.mkv:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Documents\Sestup.avi.avi:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Documents\Sladký-pták-mládí---Sweet-Bird-of-Youth-1962,-CZ-tit (1).avi:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Documents\Slovo policajta.avi:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Documents\Touch.S01E11.HDTV.XviD-AFG.[scz].cz.tit.avi:TOC.WMV [130]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="1"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKLM\...\cmdfile\DefaultIcon: %SystemRoot%\System32\imageres.dll,-68 <==== ATTENTION

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 11:23 - 2017-04-12 15:42 - 000000027 _____ C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-229735995-3260258197-3374296045-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Andrea\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\startupreg: ehTray.exe => C:\Windows\ehome\ehTray.exe
MSCONFIG\startupreg: Google Desktop Search => "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
MSCONFIG\startupreg: ISBMgr.exe => "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
MSCONFIG\startupreg: MarketingTools => C:\Program Files\Sony\Marketing Tools\MarketingTools.exe
MSCONFIG\startupreg: Me&My VAIO => C:\Program Files\Sony\Me&My VAIO\MAMV.exe /autorun
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
MSCONFIG\startupreg: Skytel => C:\Program Files\Realtek\Audio\HDA\Skytel.exe
MSCONFIG\startupreg: StartCCC => "c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: SynTPEnh => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
MSCONFIG\startupreg: TO2SSM_McciTrayApp => C:\Program Files\TO2SSM\McciTrayApp.exe
MSCONFIG\startupreg: Windows Defender => %ProgramFiles%\Windows Defender\MSASCui.exe -hide
MSCONFIG\startupreg: WMPNSCFG => C:\Program Files\Windows Media Player\WMPNSCFG.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [{6F50B6A6-1723-4AC9-A933-894926AE77D3}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{95DA1FF4-DA27-4A60-BECA-2DF1047DC54B}] => (Allow) C:\Program Files\Windows Live\Messenger\wlcsdk.exe
FirewallRules: [{AA40C3D0-9084-4205-BE4D-8BE2449FB2E8}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{99A53C9B-5077-44A3-82D9-BF851A15DF7B}] => (Allow) svchost.exe
FirewallRules: [{6AD38708-0684-4103-A1E2-BED24B38792A}] => (Allow) LPort=80
FirewallRules: [{425B7032-0F70-4826-857E-5049A2D017A3}] => (Allow) LPort=80
FirewallRules: [{54CEDEDC-D3C2-44FD-BF1C-F81DF2427FA4}] => (Allow) LPort=80
FirewallRules: [{7C1FD24D-5FC7-45EC-A6A0-4179F97A04D0}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{D14DB9B0-9C4F-4032-BA6E-D61AE23B12E9}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/09/2018 02:13:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (11/09/2018 02:12:56 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\WksWP.exe se nezdařilo.
Závislé sestavení msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (11/09/2018 02:12:56 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\WksWP.exe se nezdařilo.
Závislé sestavení msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (11/09/2018 02:12:55 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\wksss.exe se nezdařilo.
Závislé sestavení msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (11/09/2018 02:12:55 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\wksss.exe se nezdařilo.
Závislé sestavení msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (11/09/2018 02:12:55 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\wksdb.exe se nezdařilo.
Závislé sestavení msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (11/09/2018 02:12:55 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\wksdb.exe se nezdařilo.
Závislé sestavení msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (11/09/2018 02:12:55 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\WksCal.exe se nezdařilo.
Závislé sestavení msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.


System errors:
=============
Error: (11/09/2018 02:16:10 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Služba seznamu sítí závisí na službě Sledování umístění v síti (NLA), která neuspěla při spuštění v důsledku následující chyby:
Nepodařilo se zahájit závislou službu nebo skupinu.

Error: (11/09/2018 02:16:10 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Služba seznamu sítí závisí na službě Sledování umístění v síti (NLA), která neuspěla při spuštění v důsledku následující chyby:
Nepodařilo se zahájit závislou službu nebo skupinu.

Error: (11/09/2018 02:13:26 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Služba seznamu sítí závisí na službě Sledování umístění v síti (NLA), která neuspěla při spuštění v důsledku následující chyby:
Nepodařilo se zahájit závislou službu nebo skupinu.

Error: (11/09/2018 02:13:14 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Služba seznamu sítí závisí na službě Sledování umístění v síti (NLA), která neuspěla při spuštění v důsledku následující chyby:
Nepodařilo se zahájit závislou službu nebo skupinu.

Error: (11/09/2018 02:13:14 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Služba seznamu sítí závisí na službě Sledování umístění v síti (NLA), která neuspěla při spuštění v důsledku následující chyby:
Nepodařilo se zahájit závislou službu nebo skupinu.

Error: (11/09/2018 02:13:14 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Služba seznamu sítí závisí na službě Sledování umístění v síti (NLA), která neuspěla při spuštění v důsledku následující chyby:
Nepodařilo se zahájit závislou službu nebo skupinu.

Error: (11/09/2018 02:13:14 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
AFD
cmdGuard
DfsC
DMICall
NetBIOS
netbt
nsiproxy
PSched
RasAcd
rdbss
Smb
spldr
tdx
Wanarpv6
ws2ifsl

Error: (11/09/2018 02:13:14 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Služba seznamu sítí závisí na službě Sledování umístění v síti (NLA), která neuspěla při spuštění v důsledku následující chyby:
Nepodařilo se zahájit závislou službu nebo skupinu.


CodeIntegrity:
===================================

Date: 2018-11-02 17:27:19.536
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-11-02 17:27:18.511
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-11-02 17:26:36.634
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-11-02 17:26:35.744
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-11-02 17:26:25.362
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-11-02 17:26:24.447
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-07-02 12:20:14.053
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-07-02 12:20:12.711
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Pentium(R) Dual CPU T3400 @ 2.16GHz
Percentage of memory in use: 18%
Total physical RAM: 3038.13 MB
Available physical RAM: 2470.28 MB
Total Virtual: 6276.52 MB
Available Virtual: 5976.68 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:283.78 GB) (Free:147.27 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive g: () (Removable) (Total:7.69 GB) (Free:6.67 GB) FAT32

\\?\Volume{3b08f2e7-2b1b-11e0-bf17-806e6f6e6963}\ (Recovery) (Fixed) (Total:14.31 GB) (Free:0.72 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: 81BCE4FD)
Partition 1: (Not Active) - (Size=14.3 GB) - (Type=27)
Partition 2: (Active) - (Size=283.8 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (Size: 7.7 GB) (Disk ID: E826B177)
Partition 1: (Not Active) - (Size=7.7 GB) - (Type=0B)

==================== End of Addition.txt ============================

[Rudy]

Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

[agata]

# -------------------------------
# Malwarebytes AdwCleaner 7.2.4.0
# -------------------------------
# Build: 09-25-2018
# Database: 2018-09-21.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 11-11-2018
# Duration: 00:00:03
# OS: Windows Vista (TM) Home Premium
# Cleaned: 11
# Failed: 3


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Users\Andrea\AppData\Local\VirtualStore\Program Files\Free Offers from Freeze.com

***** [ Files ] *****

Deleted C:\Windows\System32\drivers\DrvAgent32.sys
Deleted C:\Users\Andrea\Downloads\DriverToolkitInstaller.exe
Deleted C:\Users\Andrea\Downloads\SpyHunter-Installer.exe

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted C:\Windows\System32\Tasks\IHUninstallTrackingTASK

***** [ Registry ] *****

Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C6565F37-655B-4C9E-AA5F-0307AC976ED4}
Not Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1868254E-75AA-4DC2-BD4D-A9CCDFCB47FE}
Not Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1868254E-75AA-4DC2-BD4D-A9CCDFCB47FE}
Not Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\IHUninstallTrackingTASK
Deleted HKLM\System\CurrentControlSet\Services\EventLog\Application\geekbuddyrsp
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\staticimgfarm.com
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\slunecnice.cz
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com
Deleted HKLM\Software\Common Toolkit Suite

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2666 octets] - [11/11/2018 13:59:34]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

[Rudy]

Dejte nový log FRST.

[agata]

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 08.11.2018
Ran by Andrea (12-11-2018 09:49:42)
Running from C:\Users\Andrea\Desktop
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) (2011-01-28 20:19:17)
Boot Mode: Safe Mode (minimal)
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-229735995-3260258197-3374296045-500 - Administrator - Disabled)
Andrea (S-1-5-21-229735995-3260258197-3374296045-1000 - Administrator - Enabled) => C:\Users\Andrea
Guest (S-1-5-21-229735995-3260258197-3374296045-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: COMODO Antivirus (Enabled - Out of date) {08B84BA8-CC77-5A8B-A100-3F522B1B6106}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: COMODO Advanced Protection (Enabled - Up to date) {B3D9AA4C-EA4D-5505-9BB0-0420509C2BBB}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version: - Microsoft) Hidden
7-Zip 17.00 beta (HKLM\...\7-Zip) (Version: 17.00 beta - Igor Pavlov)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.6.0.6090 - Adobe Systems Incorporated)
Adobe Flash Player 10 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 10.0.12.36 - Adobe Systems Incorporated)
Adobe Flash Player 31 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 31.0.0.122 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Altap Salamander 2.53 beta 2 (HKLM\...\Altap Salamander 2.53 beta 2) (Version: 2.53 beta 2 - ALTAP)
ArcSoft Magic-i Visual Effects 2 (HKLM\...\{7BB90344-0647-468E-925A-7F69F7983421}) (Version: 2.0.1.39 - ArcSoft)
ArcSoft WebCam Companion 2 (HKLM\...\{9973498D-EA29-4A68-BE0B-C88D6E03E928}) (Version: - ArcSoft)
Asistent pro přihlášení ke službě Windows Live (HKLM\...\{BD86C297-41C7-4DB5-82C4-98DE3399A2EF}) (Version: 5.000.818.6 - Microsoft Corporation)
ATI Catalyst Install Manager (HKLM\...\{252E50FD-F27C-C8DD-C9E2-D2845A2DC399}) (Version: 3.0.682.0 - ATI Technologies, Inc.)
AudioHUBWwwAccessConnector 1.0.0.1976 (HKLM\...\AudioHUBWwwAccessConnector) (Version: 1.0.0.1976 - MEDIAN s.r.o.)
ccc-core-static (HKLM\...\{A939F952-1C7E-CBF8-EE77-CFBD9C6A4ECC}) (Version: 2008.0717.2343.40629 - ATI) Hidden
Click to Disc (HKLM\...\{47A2CE5C-EA1F-4F58-8A0A-9452CBA795CD}) (Version: 1.2.60.13210 - Sony Corporation) Hidden
Click to Disc (HKLM\...\{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}) (Version: 1.2.60.13210 - Sony Corporation)
Click to Disc Editor (HKLM\...\{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}) (Version: 2.0.00 - Sony Corporation) Hidden
Click to Disc Editor (HKLM\...\InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}) (Version: 2.0.00 - Sony Corporation)
COMODO Antivirus (HKLM\...\{C7C71F0C-4CC1-4B17-943C-96E5196DDA74}) (Version: 10.2.0.6526 - COMODO Security Solutions Inc.)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Cucusoft MPEG/AVI to DVD/VCD/SVCD/MPEG Converter Pro 5.11 (HKLM\...\Cucusoft MPEG/AVI to DVD/VCD/SVCD/MPEG Converter Pro_is1) (Version: - Cucusoft, Inc.)
CV Curriculum vitae CREATOR (HKLM\...\CV Curriculum vitae CREATOR) (Version: - )
EPSON Copy Utility (HKLM\...\{B69CC1A5-0404-11D6-ABCB-005004C21D30}) (Version: - )
EPSON Photo Print (HKLM\...\{9391F2BC-B6F3-4AAC-82CC-5A74A4ED388E}) (Version: - )
EPSON Printer Software (HKLM\...\EPSON Printer and Utilities) (Version: - )
EPSON Smart Panel (HKLM\...\{6C11D561-620B-47DA-A693-4C597F3CDF40}) (Version: - )
Folder Size (HKLM\...\{FC8D21C8-7B29-4104-ADB0-FEE9CA1C7922}) (Version: 2.6 - Brio)
Free File Opener v2011.6.0.4 (HKLM\...\Free File Opener_is1) (Version: 2011.6.0.4 - Free File Opener, LLC)
Google Desktop (HKLM\...\Google Desktop) (Version: 5.9.1005.12335 - Google)
Google Chrome (HKLM\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Choice Guard (HKLM\...\{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}) (Version: 1.2.87.0 - Microsoft Corporation) Hidden
Internet Security Essentials (HKLM\...\ComodoIse) (Version: 1.3.438464.135 - Comodo)
Java(TM) 6 Update 11 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216011FF}) (Version: 6.0.110 - Sun Microsystems, Inc.)
K-Lite Mega Codec Pack 12.3.5 (HKLM\...\KLiteCodecPack_is1) (Version: 12.3.5 - KLCP)
LG Bluetooth Drivers (HKLM\...\{AC7EE5F1-0DE4-4256-8E43-92B73C8E6019}) (Version: 1.1 - LG Electronics)
LG MC USB U330 driver (HKLM\...\{ABD7DBE3-E344-4BCA-B8AD-4360494DD1D9}) (Version: 1.0.0.0000 - LG Electronics)
LG United Mobile Drivers (HKLM\...\{5C85747A-91B6-4233-AAF8-063506D0FF4F}) (Version: 1.0 - LG Electronics)
Me&My VAIO (HKLM\...\{76D7CCD6-8369-405C-B494-5F34FAE67249}) (Version: 1.2.0.14020 - Sony Corporation)
Microsoft .NET Framework 3.5 SP1 – jazyková sada – CSY (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - csy) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Works (HKLM\...\{67E03279-F703-408F-B4BF-46B5FC8D70CD}) (Version: 9.7.0621 - Microsoft Corporation)
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Music Transfer (HKLM\...\{CE2121C6-C94D-4A73-8EA4-6943F33EE335}) (Version: 1.3.01.13160 - Sony Corporation)
O2 Internet Konfigurator (HKLM\...\O2 Internet Konfigurator) (Version: - )
Odinstalovat LG PC Suite III (HKLM\...\{D94BA408-F110-488B-A65E-3AE7945F79E6}_is1) (Version: - LG Electronics)
OpenMG Secure Module 5.3.00 (HKLM\...\{DEF97A70-C67D-41E1-837C-6462C97A6F65}) (Version: 5.3.00.13080 - Sony Corporation) Hidden
OpenMG Secure Module 5.3.00 (HKLM\...\InstallShield_{DEF97A70-C67D-41E1-837C-6462C97A6F65}) (Version: 5.3.00.13080 - Sony Corporation)
PhotoRazor (HKLM\...\PhotoRazor) (Version: - )
Primo (HKLM\...\{14291118-0C19-45EA-A4FA-5C1C0F5FDE09}) (Version: 1.00.0000 - Your Company Name) Hidden
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5759 - Realtek Semiconductor Corp.)
Roxio Easy Media Creator 10 LJ (HKLM\...\{537BF16E-7412-448C-95D8-846E85A1D817}) (Version: 10.1 - Roxio)
Runtime (HKLM\...\{DABF43D9-1104-4764-927B-5BED1274A3B0}) (Version: 1.00.0000 - Your Company Name) Hidden
ScanToWeb (HKLM\...\{EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}) (Version: - )
Setting Utility Series (HKLM\...\{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}) (Version: 4.3.0.14120 - Sony Corporation)
Skins (HKLM\...\{8C467DE1-6E04-0888-B281-172909C96F37}) (Version: 2008.0717.2343.40629 - ATI) Hidden
Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SoftPerfect WiFi Guard version 1.0.0 (HKLM\...\{38AFD787-4D2E-4442-92D2-7739F5F92CF4}_is1) (Version: 1.0.0 - SoftPerfect Research)
Software Info for Me&My VAIO (HKLM\...\{69C8B1E3-2665-4A0F-B049-67746E5C4CE3}) (Version: 1.0.0.14020 - Sony Corporation)
Some PDF to Word Converter 1.5 (HKLM\...\Some PDF to Word Converter_is1) (Version: - SomePDF.com)
Sony Home Network Library (HKLM\...\{6EB6A82E-4918-481F-9AF8-3129E6D29B7E}) (Version: 1.4.0.13200 - Sony Corporation) Hidden
Sony Home Network Library (HKLM\...\{D03D02D8-AB64-4785-A48E-5AA8B0FB8C14}) (Version: 1.4.0.13200 - Sony Corporation)
Sony Picture Utility (HKLM\...\{D5068583-D569-468B-9755-5FBF5848F46F}) (Version: 4.2.12.14260 - Sony Corporation)
Sony Video Shared Library (HKLM\...\{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}) (Version: 3.5.00 - Sony Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 9.1.13.0 - Synaptics)
VAIO Content Folder Setting (HKLM\...\{23825B69-36DF-4DAD-9CFD-118D11D80F16}) (Version: 2.3.0.12220 - Sony Corporation)
VAIO Content Folder Watcher (HKLM\...\{2878C3C9-9D91-430F-8F50-885BB23DB001}) (Version: 1.1.0.13140 - Sony Corporation) Hidden
VAIO Content Folder Watcher (HKLM\...\{327B75F0-92AF-420A-988F-FA596A218E0B}) (Version: 1.1.0.13140 - Sony Corporation)
VAIO Content Folder Watcher (HKLM\...\{64DBE9FE-A07D-41A0-B81A-8D416D9647FF}) (Version: 1.1.0.13140 - Sony Corporation) Hidden
VAIO Content Metadata Intelligent Analyzing Manager (HKLM\...\{068F037B-2723-48E3-85F1-4D7D93A29D2A}) (Version: 3.4.0.13192 - Sony Corporation) Hidden
VAIO Content Metadata Intelligent Analyzing Manager (HKLM\...\{BFD85D24-D4F3-4CCC-B518-D7C4FC29C76D}) (Version: 3.4.0.13192 - Sony Corporation)
VAIO Content Metadata Intelligent Analyzing Manager (HKLM\...\{CD7E6232-D41D-4E5B-ABE1-0264B6260309}) (Version: 3.4.0.13192 - Sony Corporation) Hidden
VAIO Content Metadata Manager Setting (HKLM\...\{C62AEA0E-90B0-4049-9780-8499A18A34D7}) (Version: 3.4.0.13160 - Sony Corporation) Hidden
VAIO Content Metadata Manager Setting (HKLM\...\{EADE97A7-E7AA-43FD-A042-92A68E0187A6}) (Version: 3.4.0.13160 - Sony Corporation)
VAIO Content Metadata XML Interface Library (HKLM\...\{C1555BC5-88B1-466B-BC79-062B5715DF92}) (Version: 3.4.0.13160 - Sony Corporation) Hidden
VAIO Content Metadata XML Interface Library (HKLM\...\{E3453B1B-C91B-4C48-B046-8DF635DD46F2}) (Version: 3.4.0.13160 - Sony Corporation)
VAIO Control Center (HKLM\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 3.3.0.12240 - Sony Corporation)
VAIO Data Restore Tool (HKLM\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.1.00.13080 - Sony Corporation)
VAIO DVD Menu Data Basic (HKLM\...\{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}) (Version: 1.0.00.08130 - Sony Corporation)
VAIO Entertainment Platform (HKLM\...\{6B1F20F2-6321-4669-A58C-33DF8E7517FF}) (Version: 3.4.0.13210 - Sony Corporation)
VAIO Entertainment Platform (HKLM\...\{A9D3D707-4A1A-4227-BE6E-F16448B4CB63}) (Version: 3.4.0.13210 - Sony Corporation) Hidden
VAIO Event Service (HKLM\...\{C7477742-DDB4-43E5-AC8D-0259E1E661B1}) (Version: 4.3.0.13190 - Sony Corporation)
VAIO Launcher (HKLM\...\{15D5C238-4C2E-4AEA-A66D-D6989A4C586B}) (Version: 2.3.0.15090 - Sony Corporation)
VAIO Marketing Tools (HKLM\...\MarketingTools) (Version: - Sony Corporation)
VAIO Media plus (HKLM\...\{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}) (Version: 1.4.0.13200 - Sony Corporation)
VAIO Media plus Opening Movie (HKLM\...\{9238E8A4-BEBA-43A3-B926-769BDBF194C5}) (Version: 1.2.0.09100 - Sony Corporation)
VAIO Movie Story (HKLM\...\{7B79CD75-F848-4B33-83E3-0EE1A1805A8C}) (Version: 1.4.00.13080 - Sony Corporation) Hidden
VAIO Movie Story (HKLM\...\{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}) (Version: 1.4.00.13080 - Sony Corporation)
VAIO Movie Story Template Data (HKLM\...\{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}) (Version: 1.4.00.13080 - Sony Corporation)
VAIO MusicBox (HKLM\...\{D613E659-6503-42A8-9617-4F599061EAD5}) (Version: 2.2.0.13091 - Sony Corporation)
VAIO MusicBox Sample Music (HKLM\...\{98FC7A64-774B-49B5-B046-4B4EBC053FA9}) (Version: 1.1.00.14140 - Sony Corporation)
VAIO Original Function Setting (HKLM\...\{A63E7492-A0BC-4BB9-89A7-352965222380}) (Version: 1.5.01.10310 - Sony Corporation)
VAIO Power Management (HKLM\...\{5F5867F0-2D23-4338-A206-01A76C823924}) (Version: 3.3.0.12190 - Sony Corporation)
VAIO Presentation Support (HKLM\...\{2018C019-30D9-4240-8C01-0865C10DCF5A}) (Version: 1.2.0.12240 - Sony Corporation)
VAIO Update 4 (HKLM\...\{83CDA18E-0BF3-4ACA-872C-B4CDABF2360E}) (Version: 4.1.0.12180 - Sony Corporation)
VAIO Wallpaper Contents (HKLM\...\{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}) (Version: 1.3.0.10310 - Sony Corporation)
Widevine Media Optimizer Chrome 6.0.0 (HKLM\...\optimizer_chrome) (Version: 6.0.0.12757 - Widevine Technologies)
Widevine Media Optimizer Chrome 6.0.0 (HKU\S-1-5-21-229735995-3260258197-3374296045-1000\...\optimizer_chrome) (Version: 6.0.0.12757 - Widevine Technologies)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8050.1202 - Microsoft Corporation)
Windows Live Upload Tool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
WinDVD for VAIO (HKLM\...\{20471B27-D702-4FE8-8DEC-0702CC8C0A85}) (Version: 8.0-B9.726 - InterVideo Inc.) Hidden
WinDVD for VAIO (HKLM\...\InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}) (Version: 8.0-B9.726 - InterVideo Inc.)
WinRAR 5.21 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-229735995-3260258197-3374296045-1000_Classes\CLSID\{30991014-C94F-11D1-BE8B-0060971F5386}\InprocServer32 -> C:\Program Files\Altap Salamander (beta)\plugins\eroiica\PFltWmf.dll (Parallax69 Software Int'l)
CustomCLSID: HKU\S-1-5-21-229735995-3260258197-3374296045-1000_Classes\CLSID\{30992102-C94F-11D1-BE8B-0060971F5386}\InprocServer32 -> C:\Program Files\Altap Salamander (beta)\plugins\eroiica\erfBmp.dll (Parallax69 Software International s.r.o.)
CustomCLSID: HKU\S-1-5-21-229735995-3260258197-3374296045-1000_Classes\CLSID\{3099210D-C94F-11D1-BE8B-0060971F5386}\InprocServer32 -> C:\Program Files\Altap Salamander (beta)\plugins\eroiica\erfDsi.dll (Parallax69 Software International s.r.o.)
CustomCLSID: HKU\S-1-5-21-229735995-3260258197-3374296045-1000_Classes\CLSID\{30992117-C94F-11D1-BE8B-0060971F5386}\InprocServer32 -> C:\Program Files\Altap Salamander (beta)\plugins\eroiica\erfJpg.dll (Parallax69 Software International s.r.o.)
CustomCLSID: HKU\S-1-5-21-229735995-3260258197-3374296045-1000_Classes\CLSID\{30992121-C94F-11D1-BE8B-0060971F5386}\InprocServer32 -> C:\Program Files\Altap Salamander (beta)\plugins\eroiica\erfPng.dll (Parallax69 Software International s.r.o.)
CustomCLSID: HKU\S-1-5-21-229735995-3260258197-3374296045-1000_Classes\CLSID\{30992143-C94F-11D1-BE8B-0060971F5386}\InprocServer32 -> C:\Program Files\Altap Salamander (beta)\plugins\eroiica\erfGif.dll (Parallax69 Software International s.r.o.)
CustomCLSID: HKU\S-1-5-21-229735995-3260258197-3374296045-1000_Classes\CLSID\{4052D303-74C5-49EA-BC6B-66099C8D4007}\InprocServer32 -> C:\Program Files\Google\Google Desktop Search\GoogleDesktopAPI2.dll (Google)
CustomCLSID: HKU\S-1-5-21-229735995-3260258197-3374296045-1000_Classes\CLSID\{C78B613E-F3EA-11D2-94A1-00E0292A01E3}\InprocServer32 -> C:\Program Files\Altap Salamander (beta)\plugins\salamext.dll (ALTAP)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2017-04-29] (Igor Pavlov)
ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2018-03-13] (COMODO)
ContextMenuHandlers1: [RXDCExtSvr] -> {70D0238E-E029-4a94-B68D-182018B6C4FF} => C:\Program Files\Roxio\Virtual Drive 10\DC_ShellExt.dll [2008-11-30] (Sonic Solutions)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2018-03-13] (COMODO)
ContextMenuHandlers2: [RXDCExtSvr] -> {70D0238E-E029-4a94-B68D-182018B6C4FF} => C:\Program Files\Roxio\Virtual Drive 10\DC_ShellExt.dll [2008-11-30] (Sonic Solutions)
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2017-04-29] (Igor Pavlov)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll [2008-07-02] (Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2017-04-29] (Igor Pavlov)
ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2018-03-13] (COMODO)
ContextMenuHandlers6: [RXDCExtSvr] -> {70D0238E-E029-4a94-B68D-182018B6C4FF} => C:\Program Files\Roxio\Virtual Drive 10\DC_ShellExt.dll [2008-11-30] (Sonic Solutions)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01CF1725-E2DC-44BD-B408-98E145376074} - System32\Tasks\{76A7FDF9-4D62-4B0A-A5D3-401532E38DCF} => C:\Windows\system32\pcalua.exe -a C:\Users\Andrea\Downloads\MOHAA_Spearhead_demo.EXE -d C:\Users\Andrea\Downloads
Task: {0BAC1BBF-935B-4440-9145-F9A9403B326B} - System32\Tasks\SONY\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe [2008-12-18] (Sony Corporation)
Task: {0C3AF200-FADC-49E5-880E-DEE192C8B79A} - System32\Tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask => C:\Windows\system32\RAServer.exe [2008-01-21] (Společnost Microsoft)
Task: {1868254E-75AA-4DC2-BD4D-A9CCDFCB47FE} - \IHUninstallTrackingTASK -> No File <==== ATTENTION
Task: {3EC9BAF6-8CCF-45A6-96B2-5A6BB73F2C73} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {3FA66E01-73C6-465F-B4E0-0449B0881E4E} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2018-03-13] (COMODO)
Task: {43D5CD48-DE70-450D-A48B-5ECF80AAC13D} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2018-03-13] (COMODO)
Task: {5E9F2E46-3882-45A0-8730-6C11144C7276} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2018-03-13] (COMODO)
Task: {A4D44E0D-F3F3-4315-89F7-10DA274302C5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {AB5A68BC-9C5A-4E76-A969-96571FD07171} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2018-03-13] (COMODO)
Task: {AF81BDCF-56BA-4B20-A91C-B1EBA90D7F10} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2018-03-13] (COMODO)
Task: {C5968E74-F41D-4EC8-80F1-0DF9C5721713} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {D7F63CF4-A813-4B40-B87B-3954FA796517} - System32\Tasks\SONY\Me&My VAIO\Me&My VAIO => C:\Program Files\Sony\Me&My VAIO\QLGuide.exe [2009-02-03] (Sony Corporation)
Task: {DBAC4537-60F9-4938-8216-F45949A14F64} - System32\Tasks\COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [2018-03-13] (COMODO)
Task: {DBEFCAA2-9513-45F1-A8CD-7A60DE254016} - System32\Tasks\MotiveReportingUninstall => C:\Program Files\Common Files\Motive\InstallHelper.exe [2007-11-29] (Motive Communications, Inc.)
Task: {DF8073F3-6E1E-47C0-B327-8C59D9D89B01} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2018-10-09] (Adobe Systems Incorporated)
Task: {EA843ABC-E132-4DB7-BC40-BAC445EE263D} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2018-03-13] (COMODO)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\":
WMI:subscription\__EventFilter->BVTFilter:
WMI:subscription\CommandLineEventConsumer->BVTConsumer:

==================== Loaded Modules (Whitelisted) ==============


==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Andrea\Desktop\24-s09e11---9.00-p.m.---10.00-p.m----tit.CZ-v-obraze.avi:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Desktop\24-s09e12---Day-9-10.00-p.m.-%13-11.00-a.m.-[tit.-CZ-v-obraze].avi:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Desktop\24.S09E01-cz.tit..avi:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Desktop\James-Bond---Casino-Royale-cz-avi.avi:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Desktop\Kočka-na-rozpálené-plechové-střeše---Cat-on-a-Hot-Tin-Roof-1958,-CZ-tit.avi:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Desktop\Le-Samourai-The-Godson-1967-Samuraj-Alain-Delon-cz-en.avi:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Desktop\Na-východ-od-ráje---East-of-Eden-1955,-CZ-tit.avi:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Desktop\První klidná noc.avi:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Desktop\Sicilský-klan-(Le-clan-des-Siciliens,-1968,-původní-český-dabing).mpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Andrea\Desktop\Tony-Arzenta-(A.Delon)CZ-TIT.avi:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Desktop\Zatmění-Eclisse,-L-Antonioni-1962.avi:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Desktop\Zpovídám-se---I-Confess-1953,-CZ-tit.avi:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Desktop\Závrať---Vertigo-1958,-CZ-tit.avi:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Desktop\Ďáblova-krása---La-Beauté-du-diable-1950,-CZ-tit.avi:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Downloads\První-klidná-noc-(drama-1972---A.Delon)CZ-TIT---IRISA.avi:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Downloads\touch-s02e13-hdtv-x264-lol-přes-MultiLoad.cz.mp4:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Downloads\Touch.S02E08.720p.HDTV.X264-DIMENSION.mkv:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Downloads\volnemisto_pracovniksluzeb.docx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Andrea\Documents\24-hodin-S08E23+titulky-CZpe.avi:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Documents\Dva-muži-ve-městě-krimi-cz-lagis1.avi:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Documents\hrabenka-z-honkongu-a-countess-from-hong-kong_cz_en.avi:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Documents\On-the-Waterfront-(1954)-eng-DVDRip.x264.CZsub-JrK.mkv:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Documents\Sestup.avi.avi:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Documents\Sladký-pták-mládí---Sweet-Bird-of-Youth-1962,-CZ-tit (1).avi:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Documents\Slovo policajta.avi:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Documents\Touch.S01E11.HDTV.XviD-AFG.[scz].cz.tit.avi:TOC.WMV [130]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="1"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKLM\...\cmdfile\DefaultIcon: %SystemRoot%\System32\imageres.dll,-68 <==== ATTENTION

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 11:23 - 2017-04-12 15:42 - 000000027 _____ C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-229735995-3260258197-3374296045-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Andrea\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\startupreg: ehTray.exe => C:\Windows\ehome\ehTray.exe
MSCONFIG\startupreg: Google Desktop Search => "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
MSCONFIG\startupreg: ISBMgr.exe => "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
MSCONFIG\startupreg: MarketingTools => C:\Program Files\Sony\Marketing Tools\MarketingTools.exe
MSCONFIG\startupreg: Me&My VAIO => C:\Program Files\Sony\Me&My VAIO\MAMV.exe /autorun
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
MSCONFIG\startupreg: Skytel => C:\Program Files\Realtek\Audio\HDA\Skytel.exe
MSCONFIG\startupreg: StartCCC => "c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: SynTPEnh => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
MSCONFIG\startupreg: TO2SSM_McciTrayApp => C:\Program Files\TO2SSM\McciTrayApp.exe
MSCONFIG\startupreg: Windows Defender => %ProgramFiles%\Windows Defender\MSASCui.exe -hide
MSCONFIG\startupreg: WMPNSCFG => C:\Program Files\Windows Media Player\WMPNSCFG.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [{6F50B6A6-1723-4AC9-A933-894926AE77D3}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{95DA1FF4-DA27-4A60-BECA-2DF1047DC54B}] => (Allow) C:\Program Files\Windows Live\Messenger\wlcsdk.exe
FirewallRules: [{AA40C3D0-9084-4205-BE4D-8BE2449FB2E8}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{99A53C9B-5077-44A3-82D9-BF851A15DF7B}] => (Allow) svchost.exe
FirewallRules: [{6AD38708-0684-4103-A1E2-BED24B38792A}] => (Allow) LPort=80
FirewallRules: [{425B7032-0F70-4826-857E-5049A2D017A3}] => (Allow) LPort=80
FirewallRules: [{54CEDEDC-D3C2-44FD-BF1C-F81DF2427FA4}] => (Allow) LPort=80
FirewallRules: [{7C1FD24D-5FC7-45EC-A6A0-4179F97A04D0}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{D14DB9B0-9C4F-4032-BA6E-D61AE23B12E9}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/12/2018 09:48:02 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (11/12/2018 09:47:44 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\WksWP.exe se nezdařilo.
Závislé sestavení msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (11/12/2018 09:47:44 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\WksWP.exe se nezdařilo.
Závislé sestavení msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (11/12/2018 09:47:44 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\wksss.exe se nezdařilo.
Závislé sestavení msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (11/12/2018 09:47:44 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\wksss.exe se nezdařilo.
Závislé sestavení msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (11/12/2018 09:47:44 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\wksdb.exe se nezdařilo.
Závislé sestavení msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (11/12/2018 09:47:44 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\wksdb.exe se nezdařilo.
Závislé sestavení msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (11/12/2018 09:47:44 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\WksCal.exe se nezdařilo.
Závislé sestavení msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.


System errors:
=============
Error: (11/12/2018 09:48:15 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Služba seznamu sítí závisí na službě Sledování umístění v síti (NLA), která neuspěla při spuštění v důsledku následující chyby:
Nepodařilo se zahájit závislou službu nebo skupinu.

Error: (11/12/2018 09:48:03 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Služba seznamu sítí závisí na službě Sledování umístění v síti (NLA), která neuspěla při spuštění v důsledku následující chyby:
Nepodařilo se zahájit závislou službu nebo skupinu.

Error: (11/12/2018 09:48:03 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Služba seznamu sítí závisí na službě Sledování umístění v síti (NLA), která neuspěla při spuštění v důsledku následující chyby:
Nepodařilo se zahájit závislou službu nebo skupinu.

Error: (11/12/2018 09:48:03 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Služba seznamu sítí závisí na službě Sledování umístění v síti (NLA), která neuspěla při spuštění v důsledku následující chyby:
Nepodařilo se zahájit závislou službu nebo skupinu.

Error: (11/12/2018 09:48:03 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
AFD
cmdGuard
DfsC
DMICall
NetBIOS
netbt
nsiproxy
PSched
RasAcd
rdbss
Smb
spldr
tdx
Wanarpv6
ws2ifsl

Error: (11/12/2018 09:48:03 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Služba seznamu sítí závisí na službě Sledování umístění v síti (NLA), která neuspěla při spuštění v důsledku následující chyby:
Nepodařilo se zahájit závislou službu nebo skupinu.

Error: (11/12/2018 09:48:03 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Sledování umístění v síti (NLA) závisí na službě Služba rozhraní síťového úložiště, která neuspěla při spuštění v důsledku následující chyby:
Nepodařilo se zahájit závislou službu nebo skupinu.

Error: (11/12/2018 09:48:03 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Síťová připojení závisí na službě Služba rozhraní síťového úložiště, která neuspěla při spuštění v důsledku následující chyby:
Nepodařilo se zahájit závislou službu nebo skupinu.


CodeIntegrity:
===================================

Date: 2018-11-02 17:27:19.536
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-11-02 17:27:18.511
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-11-02 17:26:36.634
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-11-02 17:26:35.744
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-11-02 17:26:25.362
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-11-02 17:26:24.447
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-07-02 12:20:14.053
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-07-02 12:20:12.711
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Pentium(R) Dual CPU T3400 @ 2.16GHz
Percentage of memory in use: 18%
Total physical RAM: 3038.13 MB
Available physical RAM: 2488.97 MB
Total Virtual: 6276.52 MB
Available Virtual: 5994.59 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:283.78 GB) (Free:147.25 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive g: () (Removable) (Total:7.69 GB) (Free:6.66 GB) FAT32

\\?\Volume{3b08f2e7-2b1b-11e0-bf17-806e6f6e6963}\ (Recovery) (Fixed) (Total:14.31 GB) (Free:0.72 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: 81BCE4FD)
Partition 1: (Not Active) - (Size=14.3 GB) - (Type=27)
Partition 2: (Active) - (Size=283.8 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (Size: 7.7 GB) (Disk ID: E826B177)
Partition 1: (Not Active) - (Size=7.7 GB) - (Type=0B)

==================== End of Addition.txt ============================

[agata]

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 08.11.2018
Ran by Andrea (administrator) on ANDREA-PC (12-11-2018 09:48:05)
Running from C:\Users\Andrea\Desktop
Loaded Profiles: Andrea (Available Profiles: Andrea)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Safe Mode (minimal)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\AtBroker.exe
(Farbar) C:\Users\Andrea\Desktop\ano.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [6703648 2009-01-06] (Realtek Semiconductor)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2017-04-19] (Adobe Systems Incorporated)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1993408 2018-03-13] (COMODO)
HKLM\...\Run: [IseUI] => C:\Program Files\COMODO\Internet Security Essentials\vkise.exe [4072376 2018-01-17] (COMODO)
Winlogon\Notify\VESWinlogon: C:\Windows\system32\VESWinlogon.dll [2009-01-19] (Sony Corporation)
HKU\S-1-5-21-229735995-3260258197-3374296045-1000\...\Run: [WwwAccessConnectorUrlMonitor] => C:\Program Files\Median\WwwAccessConnector\AudioHUB.Processing.WwwAccessConnectorUrlMonitor.exe [274944 2016-06-29] (MEDIAN s.r.o.)
HKU\S-1-5-21-229735995-3260258197-3374296045-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll => C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll [123392 2011-02-04] (Google)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Url Monitor.lnk [2015-09-01]
ShortcutTarget: Url Monitor.lnk -> C:\Program Files\Median\WwwAccessConnector\AudioHUB.Processing.WwwAccessConnectorUrlMonitor.exe (MEDIAN s.r.o.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 02 C:\Windows\system32\napinsp.dll [50176 2008-01-21] (Společnost Microsoft)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{5CDE5058-9E40-4DDC-828B-4E2609822D96}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{8C900FA7-380C-46AA-AF30-5FEC3355B95F}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-229735995-3260258197-3374296045-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-229735995-3260258197-3374296045-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/
HKU\S-1-5-21-229735995-3260258197-3374296045-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
SearchScopes: HKU\S-1-5-21-229735995-3260258197-3374296045-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-229735995-3260258197-3374296045-1000 -> {67C334C0-408D-4E6D-B5A7-0ADD6AFFA252} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre6\bin\ssv.dll [2009-03-09] (Sun Microsystems, Inc.)
BHO: Pomocník pro přihlášení ke službě Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-09] (Sun Microsystems, Inc.)
Toolbar: HKU\S-1-5-21-229735995-3260258197-3374296045-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll [2008-12-03] (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2008-10-28] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll [2008-12-03] (Microsoft Corporation)

FireFox:
========
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2011-02-08] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll [2008-10-05] ()
FF Plugin: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
StartMenuInternet: firefox.exe - firefox.exe

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/"
CHR Profile: C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default [2018-11-09]
CHR Extension: (Prezentace) - C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-04-02]
CHR Extension: (Dokumenty) - C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-04-02]
CHR Extension: (Disk Google) - C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-04-03]
CHR Extension: (YouTube) - C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Vyhledávání Google) - C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-29]
CHR Extension: (Tabulky) - C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-04-02]
CHR Extension: (Dokumenty Google offline) - C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [109056 2008-08-01] (ArcSoft Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2018-10-09] (Adobe Systems Incorporated) [File not signed]
S2 AudioHubWwwAccessConnector; C:\Program Files\Median\WwwAccessConnector\AudioHUB.Processing.WwwAccessConnector.exe [187392 2016-06-29] (MEDIAN s.r.o.) [File not signed]
S2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [8867672 2018-03-13] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2080448 2018-03-13] (COMODO)
S2 FolderSize; C:\Program Files\FolderSize\FolderSizeSvc.exe [114688 2013-02-13] (Brio) [File not signed]
S3 GoogleDesktopManager-051210-111108; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2011-02-04] (Google)
S2 isesrv; C:\Program Files\COMODO\Internet Security Essentials\isesrv.exe [1199544 2018-01-17] (COMODO)
S2 McciCMService; C:\Program Files\Common Files\Motive\McciCMService.exe [303104 2007-10-15] (Motive Communications, Inc.) [File not signed]
S3 PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [114688 2009-01-08] (Sony Corporation) [File not signed]
S3 SOHDBSvr; C:\Program Files\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [70952 2009-01-20] (Sony Corporation)
S3 SOHPlMgr; C:\Program Files\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [91432 2009-01-20] (Sony Corporation)
S2 uCamMonitor; C:\Program Files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
S3 VAIO Entertainment TV Device Arbitration Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe [69632 2009-01-21] (Sony Corporation) [File not signed]
S2 VAIO Event Service; C:\Program Files\Sony\VAIO Event Service\VESMgr.exe [203624 2009-01-19] (Sony Corporation)
S2 VcmIAlzMgr; C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [394536 2009-01-20] (Sony Corporation)
S3 Vcsw; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [313264 2009-01-21] (Sony Corporation)
S2 VzCdbSvc; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [192512 2009-01-21] (Sony Corporation) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
S2 XAudioService; [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [17920 2008-04-24] (ArcSoft, Inc.)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [21272 2018-01-31] (COMODO)
S1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [648560 2018-01-31] (COMODO)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-11] (Společnost Microsoft)
S1 isedrv; C:\Windows\system32\drivers\isedrv.sys [40672 2018-01-17] (COMODO)
S3 LgBttPort; C:\Windows\System32\DRIVERS\lgbtport.sys [12160 2009-09-29] (LG Electronics Inc.)
R3 lgbusenum; C:\Windows\System32\DRIVERS\lgbtbus.sys [10496 2009-09-29] (LG Electronics Inc.)
S3 lgmdbus; C:\Windows\System32\DRIVERS\lgmdbus.sys [89600 2008-07-08] (MCCI Corporation)
S3 lgmdmdfl; C:\Windows\System32\DRIVERS\lgmdmdfl.sys [14976 2008-07-08] (MCCI Corporation)
S3 lgmdmdm; C:\Windows\System32\DRIVERS\lgmdmdm.sys [121344 2008-07-08] (MCCI Corporation)
S3 lgmdmgmt; C:\Windows\System32\DRIVERS\lgmdmgmt.sys [114944 2008-07-08] (MCCI Corporation)
S3 lgmdobex; C:\Windows\System32\DRIVERS\lgmdobex.sys [111232 2008-07-08] (MCCI Corporation)
S3 LGVMODEM; C:\Windows\System32\DRIVERS\lgvmodem.sys [12928 2009-09-29] (LG Electronics Inc.)
S3 MREMP50; C:\Program Files\Common Files\Motive\MREMP50.sys [21248 2008-03-29] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 MRESP50; C:\Program Files\Common Files\Motive\MRESP50.sys [20096 2008-03-29] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
R3 Ntfs; C:\Windows\system32\Drivers\Ntfs.sys [1082232 2013-03-03] (Společnost Microsoft)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
S3 catchme; \??\C:\Users\Andrea\AppData\Local\Temp\catchme.sys [X] <==== ATTENTION
S3 DrvAgent32; \??\C:\Windows\system32\Drivers\DrvAgent32.sys [X]
S3 MREMP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [X]
S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [X]
S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [X]
S3 MRESP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-11-11 13:58 - 2018-11-11 13:31 - 007592144 _____ (Malwarebytes) C:\Users\Andrea\Desktop\AdwCleaner.exe
2018-11-09 14:18 - 2018-11-09 14:20 - 000042396 _____ C:\Users\Andrea\Desktop\Addition.txt
2018-11-09 14:17 - 2018-11-12 09:48 - 000014024 _____ C:\Users\Andrea\Desktop\FRST.txt
2018-11-09 14:17 - 2018-11-12 09:48 - 000000000 ____D C:\FRST
2018-11-09 13:44 - 2018-11-11 14:06 - 000000000 ____D C:\Users\Andrea\Desktop\Nová složka
2018-11-09 13:30 - 2018-11-09 13:05 - 001775616 _____ (Farbar) C:\Users\Andrea\Desktop\ano.exe
2018-11-03 10:11 - 2018-11-03 10:11 - 000000022 _____ C:\Users\Andrea\Documents\Nový WinRAR ZIP archiv.zip
2018-11-03 09:35 - 2018-11-03 09:35 - 000000000 ____D C:\Users\Andrea\AppData\Roaming\Roxio
2018-11-03 09:35 - 2018-11-03 09:35 - 000000000 ____D C:\ProgramData\Roxio
2018-11-01 16:12 - 2018-11-01 16:12 - 000000000 ____D C:\Users\Andrea\Desktop\HD Tune Pro 5.70 - Portable
2018-11-01 13:41 - 2018-11-12 09:48 - 000870044 _____ C:\Windows\ntbtlog.txt
2018-10-23 11:57 - 2018-10-23 11:57 - 000000000 ____D C:\Users\Andrea\Documents\WebCam Albums
2018-10-17 09:40 - 2018-10-17 09:40 - 000077064 _____ C:\Users\Andrea\Downloads\sedUM_pozvanka_A5_screen_dejvice.jpeg

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-11-12 09:45 - 2016-09-13 12:06 - 000007512 _____ C:\Users\Andrea\AppData\Local\d3d9caps.dat
2018-11-12 09:45 - 2006-11-02 14:01 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-11-12 09:45 - 2006-11-02 13:47 - 000003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2018-11-12 09:45 - 2006-11-02 13:47 - 000003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2018-11-12 09:44 - 2017-04-24 11:45 - 000152334 _____ C:\Windows\system32\Drivers\fvstore.dat
2018-11-12 09:44 - 2017-04-13 12:37 - 001412337 _____ C:\Windows\system32\Drivers\sfi.dat
2018-11-12 09:44 - 2006-11-02 14:01 - 000032560 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2018-11-12 09:35 - 2015-09-01 11:33 - 002396160 _____ C:\Windows\system32\tempResults.db
2018-11-11 13:59 - 2013-12-11 09:19 - 000000000 ____D C:\AdwCleaner
2018-11-06 08:55 - 2016-06-11 08:28 - 1467942912 _____ C:\Users\Andrea\Desktop\James-Bond---Casino-Royale-cz-avi.avi
2018-11-03 09:49 - 2006-11-02 13:37 - 000000000 ___RD C:\Users\Public\Recorded TV
2018-11-03 09:34 - 2009-03-09 19:09 - 000098586 _____ C:\Windows\system32\perfh005.dat
2018-11-03 09:34 - 2009-03-09 19:09 - 000030350 _____ C:\Windows\system32\perfc005.dat
2018-11-03 09:34 - 2006-11-02 12:18 - 000000000 ____D C:\Windows\inf
2018-11-03 09:34 - 2006-11-02 11:33 - 000119704 _____ C:\Windows\system32\PerfStringBackup.INI
2018-11-02 14:34 - 2011-02-04 15:41 - 000000000 ____D C:\Users\Andrea
2018-11-02 14:34 - 2006-11-02 12:18 - 000000000 ____D C:\Windows\system32\spool
2018-11-02 14:34 - 2006-11-02 12:18 - 000000000 ____D C:\Windows\system32\Msdtc
2018-11-02 14:34 - 2006-11-02 12:18 - 000000000 ____D C:\Windows\registration
2018-11-02 14:34 - 2006-11-02 11:22 - 060030976 _____ C:\Windows\system32\config\software_previous
2018-11-02 14:34 - 2006-11-02 11:22 - 036962304 _____ C:\Windows\system32\config\system_previous
2018-11-02 14:28 - 2006-11-02 11:22 - 000262144 _____ C:\Windows\system32\config\security_previous
2018-11-02 14:28 - 2006-11-02 11:22 - 000262144 _____ C:\Windows\system32\config\sam_previous
2018-11-02 13:25 - 2006-11-02 13:47 - 000021504 _____ C:\Windows\system32\umstartup.etl
2018-11-02 13:21 - 2006-11-02 11:22 - 000524288 _____ C:\Windows\system32\config\default_previous
2018-11-02 13:17 - 2006-11-02 11:22 - 084410368 _____ C:\Windows\system32\config\components_previous
2018-10-23 11:57 - 2016-09-11 15:54 - 000000000 ____D C:\Users\Andrea\AppData\Roaming\ArcSoft

==================== Files in the root of some directories =======

2011-11-21 12:45 - 2011-11-21 12:45 - 000000600 _____ () C:\Users\Andrea\AppData\Roaming\winscp.rnd
2011-02-24 11:47 - 2014-12-02 08:18 - 000001218 _____ () C:\Users\Andrea\AppData\Roaming\wklnhst.dat
2016-09-13 12:06 - 2018-11-12 09:45 - 000007512 _____ () C:\Users\Andrea\AppData\Local\d3d9caps.dat
2017-04-13 08:13 - 2017-04-13 08:13 - 000003584 _____ () C:\Users\Andrea\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-02-04 17:44 - 2011-02-04 17:47 - 000000184 _____ () C:\Users\Andrea\AppData\Local\setup.log
2017-06-25 09:14 - 2017-06-25 09:16 - 000000000 _____ () C:\Users\Andrea\AppData\Local\{33EF4A28-66D6-4BF4-85F2-3C0BA52CF8FF}
2017-05-16 11:15 - 2017-05-16 11:15 - 000000000 _____ () C:\Users\Andrea\AppData\Local\{650DDA52-F610-40AB-A85D-7A1B736F0CC4}
2017-04-27 08:42 - 2017-04-27 08:43 - 000000000 _____ () C:\Users\Andrea\AppData\Local\{A2419EC2-EB83-4E1D-A205-73A1E96C0320}

Some files in TEMP:
====================
2017-05-14 08:26 - 2007-11-29 10:13 - 000540672 _____ (Motive Communications, Inc.) C:\Users\Andrea\AppData\Local\temp\IHU1209.tmp.exe
2018-04-06 21:16 - 2007-11-29 10:13 - 000540672 _____ (Motive Communications, Inc.) C:\Users\Andrea\AppData\Local\temp\IHU15FF.tmp.exe
2017-05-30 11:40 - 2007-11-29 10:13 - 000540672 _____ (Motive Communications, Inc.) C:\Users\Andrea\AppData\Local\temp\IHU163E.tmp.exe
2017-06-02 08:38 - 2007-11-29 10:13 - 000540672 _____ (Motive Communications, Inc.) C:\Users\Andrea\AppData\Local\temp\IHU17C4.tmp.exe
2017-07-06 09:17 - 2007-11-29 10:13 - 000540672 _____ (Motive Communications, Inc.) C:\Users\Andrea\AppData\Local\temp\IHU1E2A.tmp.exe
2017-10-10 09:08 - 2007-11-29 10:13 - 000540672 _____ (Motive Communications, Inc.) C:\Users\Andrea\AppData\Local\temp\IHU1EA6.tmp.exe
2017-11-23 11:04 - 2007-11-29 10:13 - 000540672 _____ (Motive Communications, Inc.) C:\Users\Andrea\AppData\Local\temp\IHU24DE.tmp.exe
2017-12-03 19:39 - 2007-11-29 10:13 - 000540672 _____ (Motive Communications, Inc.) C:\Users\Andrea\AppData\Local\temp\IHU2FD6.tmp.exe
2017-04-24 12:00 - 2007-11-29 10:13 - 000540672 _____ (Motive Communications, Inc.) C:\Users\Andrea\AppData\Local\temp\IHU38EA.tmp.exe
2018-07-25 13:09 - 2007-11-29 10:13 - 000540672 _____ (Motive Communications, Inc.) C:\Users\Andrea\AppData\Local\temp\IHU3E85.tmp.exe
2018-11-12 09:35 - 2007-11-29 10:13 - 000540672 _____ (Motive Communications, Inc.) C:\Users\Andrea\AppData\Local\temp\IHU95D8.tmp.exe
2018-07-19 12:55 - 2007-11-29 10:13 - 000540672 _____ (Motive Communications, Inc.) C:\Users\Andrea\AppData\Local\temp\IHU97DB.tmp.exe
2018-11-11 14:01 - 2007-11-29 10:13 - 000540672 _____ (Motive Communications, Inc.) C:\Users\Andrea\AppData\Local\temp\IHUA015.tmp.exe
2018-06-26 09:06 - 2007-11-29 10:13 - 000540672 _____ (Motive Communications, Inc.) C:\Users\Andrea\AppData\Local\temp\IHUA1D.tmp.exe
2018-11-01 13:52 - 2007-11-29 10:13 - 000540672 _____ (Motive Communications, Inc.) C:\Users\Andrea\AppData\Local\temp\IHUB634.tmp.exe
2018-10-04 09:19 - 2007-11-29 10:13 - 000540672 _____ (Motive Communications, Inc.) C:\Users\Andrea\AppData\Local\temp\IHUBEEB.tmp.exe
2018-11-01 14:01 - 2007-11-29 10:13 - 000540672 _____ (Motive Communications, Inc.) C:\Users\Andrea\AppData\Local\temp\IHUC4A5.tmp.exe
2017-06-13 09:15 - 2017-07-17 08:54 - 004113960 _____ (COMODO) C:\Users\Andrea\AppData\Local\temp\ise_installer.exe
2016-03-03 10:50 - 2015-07-29 21:08 - 000681097 _____ (SQLite Development Team) C:\Users\Andrea\AppData\Local\temp\sqlite3.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-11-12 09:42

==================== End of FRST.txt ============================

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
SearchScopes: HKU\S-1-5-21-229735995-3260258197-3374296045-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-229735995-3260258197-3374296045-1000 -> {67C334C0-408D-4E6D-B5A7-0ADD6AFFA252} URL =
Toolbar: HKU\S-1-5-21-229735995-3260258197-3374296045-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
S2 XAudioService; [X]
S3 catchme; \??\C:\Users\Andrea\AppData\Local\Temp\catchme.sys [X] <==== ATTENTION
C:\Users\Andrea\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Users\Andrea\AppData\Local\{33EF4A28-66D6-4BF4-85F2-3C0BA52CF8FF}
C:\Users\Andrea\AppData\Local\{650DDA52-F610-40AB-A85D-7A1B736F0CC4}
C:\Users\Andrea\AppData\Local\{A2419EC2-EB83-4E1D-A205-73A1E96C0320}
C:\Users\Andrea\AppData\Local\temp
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Task: {1868254E-75AA-4DC2-BD4D-A9CCDFCB47FE} - \IHUninstallTrackingTASK -> No File <==== ATTENTION
Task: {3EC9BAF6-8CCF-45A6-96B2-5A6BB73F2C73} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {A4D44E0D-F3F3-4315-89F7-10DA274302C5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
AlternateDataStreams: C:\Users\Andrea\Desktop\24-s09e11---9.00-p.m.---10.00-p.m----tit.CZ-v-obraze.avi:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Desktop\24-s09e12---Day-9-10.00-p.m.-%13-11.00-a.m.-[tit.-CZ-v-obraze].avi:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Desktop\24.S09E01-cz.tit..avi:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Desktop\James-Bond---Casino-Royale-cz-avi.avi:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Desktop\Kočka-na-rozpálené-plechové-střeše---Cat-on-a-Hot-Tin-Roof-1958,-CZ-tit.avi:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Desktop\Le-Samourai-The-Godson-1967-Samuraj-Alain-Delon-cz-en.avi:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Desktop\Na-východ-od-ráje---East-of-Eden-1955,-CZ-tit.avi:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Desktop\První klidná noc.avi:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Desktop\Sicilský-klan-(Le-clan-des-Siciliens,-1968,-původní-český-dabing).mpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Andrea\Desktop\Tony-Arzenta-(A.Delon)CZ-TIT.avi:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Desktop\Zatmění-Eclisse,-L-Antonioni-1962.avi:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Desktop\Zpovídám-se---I-Confess-1953,-CZ-tit.avi:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Desktop\Závrať---Vertigo-1958,-CZ-tit.avi:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Desktop\Ďáblova-krása---La-Beauté-du-diable-1950,-CZ-tit.avi:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Downloads\První-klidná-noc-(drama-1972---A.Delon)CZ-TIT---IRISA.avi:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Downloads\touch-s02e13-hdtv-x264-lol-přes-MultiLoad.cz.mp4:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Downloads\Touch.S02E08.720p.HDTV.X264-DIMENSION.mkv:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Downloads\volnemisto_pracovniksluzeb.docx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Andrea\Documents\24-hodin-S08E23+titulky-CZpe.avi:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Documents\Dva-muži-ve-městě-krimi-cz-lagis1.avi:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Documents\hrabenka-z-honkongu-a-countess-from-hong-kong_cz_en.avi:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Documents\On-the-Waterfront-(1954)-eng-DVDRip.x264.CZsub-JrK.mkv:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Documents\Sestup.avi.avi:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Documents\Sladký-pták-mládí---Sweet-Bird-of-Youth-1962,-CZ-tit (1).avi:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Documents\Slovo policajta.avi:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Documents\Touch.S01E11.HDTV.XviD-AFG.[scz].cz.tit.avi:TOC.WMV [130]
HKLM\...\cmdfile\DefaultIcon: %SystemRoot%\System32\imageres.dll,-68 <==== ATTENTION

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[agata]

Fix result of Farbar Recovery Scan Tool (x86) Version: 08.11.2018
Ran by Andrea (13-11-2018 10:55:16) Run:1
Running from C:\Users\Andrea\Desktop
Loaded Profiles: Andrea (Available Profiles: Andrea)
Boot Mode: Safe Mode (minimal)

==============================================

fixlist content:
*****************
Start

CloseProcesses:
SearchScopes: HKU\S-1-5-21-229735995-3260258197-3374296045-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-229735995-3260258197-3374296045-1000 -> {67C334C0-408D-4E6D-B5A7-0ADD6AFFA252} URL =
Toolbar: HKU\S-1-5-21-229735995-3260258197-3374296045-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
S2 XAudioService; [X]
S3 catchme; \??\C:\Users\Andrea\AppData\Local\Temp\catchme.sys [X] <==== ATTENTION
C:\Users\Andrea\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Users\Andrea\AppData\Local\{33EF4A28-66D6-4BF4-85F2-3C0BA52CF8FF}
C:\Users\Andrea\AppData\Local\{650DDA52-F610-40AB-A85D-7A1B736F0CC4}
C:\Users\Andrea\AppData\Local\{A2419EC2-EB83-4E1D-A205-73A1E96C0320}
C:\Users\Andrea\AppData\Local\temp
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Task: {1868254E-75AA-4DC2-BD4D-A9CCDFCB47FE} - \IHUninstallTrackingTASK -> No File <==== ATTENTION
Task: {3EC9BAF6-8CCF-45A6-96B2-5A6BB73F2C73} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {A4D44E0D-F3F3-4315-89F7-10DA274302C5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
AlternateDataStreams: C:\Users\Andrea\Desktop\24-s09e11---9.00-p.m.---10.00-p.m----tit.CZ-v-obraze.avi:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Desktop\24-s09e12---Day-9-10.00-p.m.-%13-11.00-a.m.-[tit.-CZ-v-obraze].avi:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Desktop\24.S09E01-cz.tit..avi:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Desktop\James-Bond---Casino-Royale-cz-avi.avi:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Desktop\Kočka-na-rozpálené-plechové-střeše---Cat-on-a-Hot-Tin-Roof-1958,-CZ-tit.avi:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Desktop\Le-Samourai-The-Godson-1967-Samuraj-Alain-Delon-cz-en.avi:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Desktop\Na-východ-od-ráje---East-of-Eden-1955,-CZ-tit.avi:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Desktop\První klidná noc.avi:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Desktop\Sicilský-klan-(Le-clan-des-Siciliens,-1968,-původní-český-dabing).mpg:$CmdZnID [26]
AlternateDataStreams: C:\Users\Andrea\Desktop\Tony-Arzenta-(A.Delon)CZ-TIT.avi:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Desktop\Zatmění-Eclisse,-L-Antonioni-1962.avi:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Desktop\Zpovídám-se---I-Confess-1953,-CZ-tit.avi:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Desktop\Závrať---Vertigo-1958,-CZ-tit.avi:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Desktop\Ďáblova-krása---La-Beauté-du-diable-1950,-CZ-tit.avi:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Downloads\První-klidná-noc-(drama-1972---A.Delon)CZ-TIT---IRISA.avi:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Downloads\touch-s02e13-hdtv-x264-lol-přes-MultiLoad.cz.mp4:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Downloads\Touch.S02E08.720p.HDTV.X264-DIMENSION.mkv:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Downloads\volnemisto_pracovniksluzeb.docx:$CmdZnID [26]
AlternateDataStreams: C:\Users\Andrea\Documents\24-hodin-S08E23+titulky-CZpe.avi:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Documents\Dva-muži-ve-městě-krimi-cz-lagis1.avi:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Documents\hrabenka-z-honkongu-a-countess-from-hong-kong_cz_en.avi:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Documents\On-the-Waterfront-(1954)-eng-DVDRip.x264.CZsub-JrK.mkv:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Documents\Sestup.avi.avi:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Documents\Sladký-pták-mládí---Sweet-Bird-of-Youth-1962,-CZ-tit (1).avi:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Documents\Slovo policajta.avi:TOC.WMV [130]
AlternateDataStreams: C:\Users\Andrea\Documents\Touch.S01E11.HDTV.XviD-AFG.[scz].cz.tit.avi:TOC.WMV [130]
HKLM\...\cmdfile\DefaultIcon: %SystemRoot%\System32\imageres.dll,-68 <==== ATTENTION

EmptyTemp:
End
*****************

Processes closed successfully.
HKU\S-1-5-21-229735995-3260258197-3374296045-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully.
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
HKU\S-1-5-21-229735995-3260258197-3374296045-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{67C334C0-408D-4E6D-B5A7-0ADD6AFFA252} => removed successfully.
HKLM\Software\Classes\CLSID\{67C334C0-408D-4E6D-B5A7-0ADD6AFFA252} => not found
"HKU\S-1-5-21-229735995-3260258197-3374296045-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F}" => removed successfully.
HKLM\Software\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => not found
HKLM\System\CurrentControlSet\Services\XAudioService => removed successfully.
XAudioService => service removed successfully.
HKLM\System\CurrentControlSet\Services\catchme => removed successfully.
catchme => service removed successfully.
C:\Users\Andrea\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
C:\Users\Andrea\AppData\Local\{33EF4A28-66D6-4BF4-85F2-3C0BA52CF8FF} => moved successfully
C:\Users\Andrea\AppData\Local\{650DDA52-F610-40AB-A85D-7A1B736F0CC4} => moved successfully
C:\Users\Andrea\AppData\Local\{A2419EC2-EB83-4E1D-A205-73A1E96C0320} => moved successfully
C:\Users\Andrea\AppData\Local\temp => moved successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\00avast => removed successfully.
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully.
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1868254E-75AA-4DC2-BD4D-A9CCDFCB47FE}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1868254E-75AA-4DC2-BD4D-A9CCDFCB47FE}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\IHUninstallTrackingTASK" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3EC9BAF6-8CCF-45A6-96B2-5A6BB73F2C73}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3EC9BAF6-8CCF-45A6-96B2-5A6BB73F2C73}" => removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A4D44E0D-F3F3-4315-89F7-10DA274302C5}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A4D44E0D-F3F3-4315-89F7-10DA274302C5}" => removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully.
"C:\Users\Andrea\Desktop\24-s09e11---9.00-p.m.---10.00-p.m----tit.CZ-v-obraze.avi" => ":TOC.WMV" ADS not found.
"C:\Users\Andrea\Desktop\24-s09e12---Day-9-10.00-p.m.-%13-11.00-a.m.-[tit.-CZ-v-obraze].avi" => ":TOC.WMV" ADS not found.
"C:\Users\Andrea\Desktop\24.S09E01-cz.tit..avi" => ":TOC.WMV" ADS not found.
"C:\Users\Andrea\Desktop\James-Bond---Casino-Royale-cz-avi.avi" => ":TOC.WMV" ADS not found.
"C:\Users\Andrea\Desktop\Kočka-na-rozpálené-plechové-střeše---Cat-on-a-Hot-Tin-Roof-1958,-CZ-tit.avi" => ":TOC.WMV" ADS not found.
"C:\Users\Andrea\Desktop\Le-Samourai-The-Godson-1967-Samuraj-Alain-Delon-cz-en.avi" => ":TOC.WMV" ADS not found.
"C:\Users\Andrea\Desktop\Na-východ-od-ráje---East-of-Eden-1955,-CZ-tit.avi" => ":TOC.WMV" ADS not found.
"C:\Users\Andrea\Desktop\První klidná noc.avi" => ":TOC.WMV" ADS not found.
"C:\Users\Andrea\Desktop\Sicilský-klan-(Le-clan-des-Siciliens,-1968,-původní-český-dabing).mpg" => ":$CmdZnID" ADS not found.
"C:\Users\Andrea\Desktop\Tony-Arzenta-(A.Delon)CZ-TIT.avi" => ":TOC.WMV" ADS not found.
"C:\Users\Andrea\Desktop\Zatmění-Eclisse,-L-Antonioni-1962.avi" => ":TOC.WMV" ADS not found.
"C:\Users\Andrea\Desktop\Zpovídám-se---I-Confess-1953,-CZ-tit.avi" => ":TOC.WMV" ADS not found.
"C:\Users\Andrea\Desktop\Závrať---Vertigo-1958,-CZ-tit.avi" => ":TOC.WMV" ADS not found.
"C:\Users\Andrea\Desktop\Ďáblova-krása---La-Beauté-du-diable-1950,-CZ-tit.avi" => ":TOC.WMV" ADS not found.
C:\Users\Andrea\Downloads\První-klidná-noc-(drama-1972---A.Delon)CZ-TIT---IRISA.avi => ":TOC.WMV" ADS could not remove.
C:\Users\Andrea\Downloads\touch-s02e13-hdtv-x264-lol-přes-MultiLoad.cz.mp4 => ":TOC.WMV" ADS could not remove.
C:\Users\Andrea\Downloads\Touch.S02E08.720p.HDTV.X264-DIMENSION.mkv => ":TOC.WMV" ADS could not remove.
C:\Users\Andrea\Downloads\volnemisto_pracovniksluzeb.docx => ":$CmdZnID" ADS could not remove.
C:\Users\Andrea\Documents\24-hodin-S08E23+titulky-CZpe.avi => ":TOC.WMV" ADS removed successfully.
C:\Users\Andrea\Documents\Dva-muži-ve-městě-krimi-cz-lagis1.avi => ":TOC.WMV" ADS removed successfully.
C:\Users\Andrea\Documents\hrabenka-z-honkongu-a-countess-from-hong-kong_cz_en.avi => ":TOC.WMV" ADS removed successfully.
C:\Users\Andrea\Documents\On-the-Waterfront-(1954)-eng-DVDRip.x264.CZsub-JrK.mkv => ":TOC.WMV" ADS removed successfully.
C:\Users\Andrea\Documents\Sestup.avi.avi => ":TOC.WMV" ADS removed successfully.
C:\Users\Andrea\Documents\Sladký-pták-mládí---Sweet-Bird-of-Youth-1962,-CZ-tit (1).avi => ":TOC.WMV" ADS removed successfully.
C:\Users\Andrea\Documents\Slovo policajta.avi => ":TOC.WMV" ADS removed successfully.
C:\Users\Andrea\Documents\Touch.S01E11.HDTV.XviD-AFG.[scz].cz.tit.avi => ":TOC.WMV" ADS removed successfully.
HKLM\Software\Classes\cmdfile\DefaultIcon\\Default => value restored successfully

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 78847985 B
Java, Flash, Steam htmlcache => 2160 B
Windows/system/drivers => 97463276 B
Edge => 0 B
Chrome => 391108398 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 290 B
Public => 0 B
ProgramData => 0 B
systemprofile => 233518 B
LocalService => 24306616 B
NetworkService => 1069680 B
Andrea => 339652336 B

RecycleBin => 1680219763 B
EmptyTemp: => 2.4 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 10:57:34 ====