Vyosek prosím o kontrolu a pomoc.

[takos]

Dobrý den, stáhnul jsem si program SpyHunter4 jelikož jsem si svojí neopatrností stahnul do prohlížeče jeden sajrajt jménem oursurfing.com .Tento program to prý zvládne odstranit. Udělal jsem sken tímto programem a vylezlo mi toho požehnaně vis příloha. Jenže při volbě na mě vyběhla platbá za program. Né že bych to nechtěl zaplatit když mi to našlo tolik svinstva ale otázka je jestli je to pravda a ne jenom rejkamní tah se strachem klientů. Nechci s nima hrát tudle hrua a jelikož s vámi mám výbornou zkušenost a vaše ochota pomoc je namístě tak bych vás chtěl poprosit o radu a pomos co s tím. Děkuji Jirka D.

[takos]

pokráčování svinstva.

[vyosek]

Zdravim

SpyHunter je hodne diskutabilni - nechce se ucastnit srovnavacich testu a jednu dobu byl i na seznamu podvodnych programu - moje rada - ruce pryc od nej = odinstalovat a pouzijem osvedcene a bezplatne nastroje

Dejte log z FRST a mrknem na to

[takos]

Díky, odinstalováno ale pořád od té sryčk yvyskakují nějaké okna. No uvidíme. Můžete mi poslat odkaz na ten log z RSIT ale minule jsem používal něco jiného protože mi toto nešlo zpustit. Díky

[vyosek]

RSIT http://forum.viry.cz/viewtopic.php?f=30&t=130787
FRST http://forum.viry.cz/viewtopic.php?f=30&t=133101

Okna odpalime

[takos]

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 21-05-2015
Ran by sangoko (administrator) on TAKOS on 21-05-2015 17:23:31
Running from C:\Users\sangoko\Desktop
Loaded Profiles: sangoko (Available profiles: sangoko & Společnost)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Agere Systems) C:\Windows\System32\agrsmsvc.exe
(Firebird Project) C:\Program Files\Firebird\Firebird_2_5\bin\fbguard.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
( ) C:\Windows\System32\lxducoms.exe
(Motive Communications, Inc.) C:\Program Files\Common Files\Motive\McciCMService.exe
() C:\Program Files\Synergy\synergyd.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
(Memeo) C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.27.5\GoogleCrashHandler.exe
(Firebird Project) C:\Program Files\Firebird\Firebird_2_5\bin\fbserver.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
() C:\Program Files\RocketDock\RocketDock.exe
(Google Inc.) C:\Users\sangoko\AppData\Local\Google\Update\GoogleUpdate.exe
() C:\Users\sangoko\AppData\Roaming\Wandoujia2\Applications\2.76.0.7151\wandoujia_helper.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynToshiba.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1451304 2009-03-20] (Synaptics Incorporated)
HKLM-x32\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4489216 2007-06-13] (Realtek Semiconductor)
HKLM-x32\...\Run: [Skytel] => C:\Windows\Skytel.exe [1826816 2007-05-28] (Realtek Semiconductor Corp.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [981688 2015-04-30] (Microsoft Corporation)
HKU\S-1-5-21-750613624-948088251-3038114490-1000\...\Run: [RocketDock] => C:\Program Files\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-750613624-948088251-3038114490-1000\...\Run: [Google Update] => C:\Users\sangoko\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-07-24] (Google Inc.)
HKU\S-1-5-21-750613624-948088251-3038114490-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [4811032 2014-09-26] (Piriform Ltd)
Startup: C:\Users\sangoko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Bandwidth Meter.lnk [2010-11-02]
Startup: C:\Users\sangoko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\thunderbird.exe – zástupce.lnk [2014-05-21]
ShortcutTarget: thunderbird.exe – zástupce.lnk -> C:\Program Files\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
Startup: C:\Users\sangoko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\wandoujia_helper.lnk [2014-12-17]
ShortcutTarget: wandoujia_helper.lnk -> C:\Users\sangoko\AppData\Roaming\Wandoujia2\Applications\2.76.0.7151\wandoujia_helper.exe ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-04-28] (Google)
ShellIconOverlayIdentifiers: [GDriveSharedEditOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-04-28] (Google)
ShellIconOverlayIdentifiers: [GDriveSharedViewOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-04-28] (Google)
ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-04-28] (Google)
ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-04-28] (Google)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-750613624-948088251-3038114490-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = ?type=hppp&ts=1432140622&from=xtab&uid=EE37F7F59F8C4eb7ACB70257A39DCFE8
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = web/?type=dspp&ts=1432140622&from=xtab&uid=EE37F7F59F8C4eb7ACB70257A39DCFE8&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = ?type=hppp&ts=1432140622&from=xtab&uid=EE37F7F59F8C4eb7ACB70257A39DCFE8
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = web/?type=dspp&ts=1432140622&from=xtab&uid=EE37F7F59F8C4eb7ACB70257A39DCFE8&q={searchTerms}
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\S-1-5-21-750613624-948088251-3038114490-1000\Software\Microsoft\Internet Explorer\Main,Start Page = ?type=hppp&ts=1432140622&from=xtab&uid=EE37F7F59F8C4eb7ACB70257A39DCFE8
HKU\S-1-5-21-750613624-948088251-3038114490-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = web/?type=dspp&ts=1432140622&from=xtab&uid=EE37F7F59F8C4eb7ACB70257A39DCFE8&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = web/?type=dspp&ts=1432140622&from=xtab&uid=EE37F7F59F8C4eb7ACB70257A39DCFE8&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-750613624-948088251-3038114490-1000 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = web/?type=dspp&ts=1432140622&from=xtab&uid=EE37F7F59F8C4eb7ACB70257A39DCFE8&q={searchTerms}
SearchScopes: HKU\S-1-5-21-750613624-948088251-3038114490-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = web/?type=dspp&ts=1432140622&from=xtab&uid=EE37F7F59F8C4eb7ACB70257A39DCFE8&q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-02-03] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-03] (Oracle Corporation)
Toolbar: HKU\.DEFAULT -> No Name - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No File
Toolbar: HKU\.DEFAULT -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: {CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0017-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Winsock: Catalog5 02 C:\Windows\system32\napinsp.dll [50176 2008-06-26] (Společnost Microsoft)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default
FF NewTab: chrome://quick_start/content/index.html
FF DefaultSearchUrl: hxxp://www.google.com/search?btnG=Google+Search&q=
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: oursurfing
FF Homepage: http://www.google.cz
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-15] ()
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll No File
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-03] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-03] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-750613624-948088251-3038114490-1000: @lingea.com/x-lingea-translate -> C:\Program Files\Common Files\Lingea Shared\LG_Mozilla.dll [2011-10-20] (Lingea s.r.o.)
FF Plugin HKU\S-1-5-21-750613624-948088251-3038114490-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\sangoko\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2014-05-15] (Google)
FF Plugin HKU\S-1-5-21-750613624-948088251-3038114490-1000: @talk.google.com/O1DPlugin -> C:\Users\sangoko\AppData\Roaming\Mozilla\plugins\npo1d.dll [2014-05-15] (Google)
FF Plugin HKU\S-1-5-21-750613624-948088251-3038114490-1000: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npBitCometAgent.dll [2011-04-15] (BitComet)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll [2009-11-14] (DivX, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npLegitCheckPlugin.dll [2009-06-25] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np_gp.dll [2009-09-23] (NOS Microsystems Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Users\sangoko\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2014-05-15] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\sangoko\AppData\Roaming\mozilla\plugins\npo1d.dll [2014-05-15] (Google)
FF SearchPlugin: C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default\searchplugins\heurkacz.xml [2012-07-07]
FF SearchPlugin: C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default\searchplugins\oursurfing.xml [2015-05-20]
FF Extension: Download Youtube Videos + - C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default\Extensions\video.downloader.plugin@ffpimp.com [2012-03-22]
FF Extension: BlackFox V2-Blue - C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default\Extensions\zigboom.designs@gmail.com [2015-05-03]
FF Extension: FT DeepDark - C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default\Extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66} [2015-04-15]
FF Extension: FoxLingo - C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default\Extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66}(49) [2012-09-02]
FF Extension: Google Translator for Firefox - C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default\Extensions\translator@zoli.bod.xpi [2012-10-23]
FF Extension: Walnut for Firefox - C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default\Extensions\{5A170DD3-63CA-4c58-93B7-DE9FF536C2FF}.xpi [2011-07-13]
FF Extension: Video DownloadHelper - C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-03-15]
FF Extension: DownThemAll! - C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2012-06-26]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-04-23]

Chrome:
=======
CHR Profile: C:\Users\sangoko\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\sangoko\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-23]
CHR Extension: (Google Docs) - C:\Users\sangoko\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-23]
CHR Extension: (Google Drive) - C:\Users\sangoko\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-23]
CHR Extension: (YouTube) - C:\Users\sangoko\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-23]
CHR Extension: (Google Search) - C:\Users\sangoko\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-23]
CHR Extension: (Google Sheets) - C:\Users\sangoko\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-23]
CHR Extension: (Bookmark Manager) - C:\Users\sangoko\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-30]
CHR Extension: (Google Wallet) - C:\Users\sangoko\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-23]
CHR Extension: (Gmail) - C:\Users\sangoko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-23]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BrYNSvc; C:\Program Files\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed]
S3 CFSvcs; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [40960 2006-11-14] (TOSHIBA CORPORATION) [File not signed]
R2 FirebirdGuardianDefaultInstance; C:\Program Files\Firebird\Firebird_2_5\bin\fbguard.exe [98304 2013-03-19] (Firebird Project) [File not signed]
R3 FirebirdServerDefaultInstance; C:\Program Files\Firebird\Firebird_2_5\bin\fbserver.exe [3784704 2013-03-19] (Firebird Project) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S2 lxduCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxduserv.exe [98984 2008-05-24] (Lexmark International, Inc.)
R2 lxdu_device; C:\Windows\system32\lxducoms.exe [594600 2008-05-24] ( )
R2 McciCMService; C:\Program Files\Common Files\Motive\McciCMService.exe [303104 2007-10-15] (Motive Communications, Inc.) [File not signed]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2015-04-30] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [284504 2015-04-30] (Microsoft Corporation)
R2 Synergy; C:\Program Files\Synergy\synergyd.exe [318976 2013-05-03] ()
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5448464 2015-03-30] (TeamViewer GmbH)
R2 TNaviSrv; C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe [77824 2007-06-28] (TOSHIBA Corporation) [File not signed]
R2 TODDSrv; C:\Windows\system32\TODDSrv.exe [114688 2006-05-25] (TOSHIBA Corporation) [File not signed]
S3 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-08-23] (Ulead Systems, Inc.) [File not signed]
R2 WDDMService; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [110592 2009-11-13] (WDC) [File not signed]
R2 WDSmartWareBackgroundService; C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [20480 2009-06-16] (Memeo) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-19] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BVRPMPR5; C:\Windows\system32\drivers\BVRPMPR5.SYS [44224 2006-09-06] (BVRP Software) [File not signed]
R0 CplIR; C:\Windows\System32\DRIVERS\CplIR.SYS [14848 2007-03-06] (COMPAL ELECTRONIC INC.)
S3 DrvAgent32; C:\Windows\system32\Drivers\DrvAgent32.sys [23456 2015-05-20] (Phoenix Technologies) [File not signed]
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-11] (Společnost Microsoft)
S3 FreshIO; C:\Program Files\FreshDevices\FreshDiagnose\FreshIO.sys [2410 2004-10-26] () [File not signed]
R0 FSProFilter; C:\Windows\System32\Drivers\FSPFltd.sys [41912 2010-07-22] (FSPro Labs)
S3 GemCCID; C:\Windows\System32\DRIVERS\GemCCID.sys [98816 2013-04-24] (Gemalto)
R0 LPCFilter; C:\Windows\System32\DRIVERS\LPCFilter.sys [19456 2006-07-28] (COMPAL ELECTRONIC INC.)
S3 LVPr2Mon; C:\Windows\System32\Drivers\LVPr2Mon.sys [25752 2009-10-07] ()
R3 LVUSBSta; C:\Windows\System32\drivers\LVUSBSta.sys [41752 2008-12-17] (Logitech Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [245096 2015-03-04] (Microsoft Corporation)
S3 MREMP50; C:\Program Files\Common Files\Motive\MREMP50.sys [21248 2008-03-29] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 MRESP50; C:\Program Files\Common Files\Motive\MRESP50.sys [20096 2008-03-29] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
R2 npf; C:\Windows\System32\drivers\npf.sys [34064 2008-06-01] (CACE Technologies)
R3 Ntfs; C:\Windows\system32\Drivers\Ntfs.sys [1082232 2013-03-03] (Společnost Microsoft)
S3 pepifilter; C:\Windows\System32\DRIVERS\lv302af.sys [13976 2009-05-01] (Logitech Inc.)
S3 PID_PEPI; C:\Windows\System32\DRIVERS\LV302V32.SYS [2687512 2009-05-01] (Logitech Inc.)
S3 sonypvs1; C:\Windows\System32\DRIVERS\sonypvs1.sys [102220 2002-10-15] (Sony Corporation) [File not signed]
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [477240 2012-06-16] (Duplex Secure Ltd.)
S3 tosporte; C:\Windows\System32\DRIVERS\tosporte.sys [41600 2006-10-10] (TOSHIBA Corporation) [File not signed]
S3 tosrfbd; C:\Windows\System32\DRIVERS\tosrfbd.sys [113920 2007-02-22] (TOSHIBA CORPORATION) [File not signed]
S3 tosrfbnp; C:\Windows\System32\Drivers\tosrfbnp.sys [36480 2006-11-20] (TOSHIBA Corporation) [File not signed]
S1 Tosrfcom; C:\Windows\System32\Drivers\tosrfcom.sys [64896 2005-08-01] (TOSHIBA Corporation) [File not signed]
S3 Tosrfhid; C:\Windows\System32\DRIVERS\Tosrfhid.sys [73728 2007-03-01] (TOSHIBA Corporation.) [File not signed]
S3 tosrfnds; C:\Windows\System32\DRIVERS\tosrfnds.sys [18612 2005-01-06] (TOSHIBA Corporation.) [File not signed]
S3 TosRfSnd; C:\Windows\System32\drivers\tosrfsnd.sys [53376 2007-01-22] (TOSHIBA Corporation) [File not signed]
S3 Tosrfusb; C:\Windows\System32\DRIVERS\tosrfusb.sys [41344 2007-02-28] (TOSHIBA CORPORATION) [File not signed]
S3 usbbus; C:\Windows\System32\DRIVERS\lgusbbus.sys [21344 2005-05-26] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgusbdiag.sys [38144 2005-05-26] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgusbmodem.sys [39036 2005-06-24] (LG Electronics Inc.)
R3 UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [11776 2007-04-16] (Chicony Electronics Co., Ltd.)
R2 v2imount; C:\Windows\System32\DRIVERS\v2imount.sys [38112 2008-01-19] (Symantec Corporation)
S3 WinRing0_1_2_0; C:\Program Files\BatteryCare\WinRing0.sys [14416 2014-03-22] (OpenLibSys.org)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-19] (Microsoft Corporation)
U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [43904 2009-02-18] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-21 17:23 - 2015-05-21 17:24 - 00024145 _____ () C:\Users\sangoko\Desktop\FRST.txt
2015-05-21 17:21 - 2015-05-21 17:23 - 00000000 ____D () C:\FRST
2015-05-21 17:09 - 2015-05-21 17:10 - 00000000 ____D () C:\Program Files\trend micro
2015-05-21 17:09 - 2015-05-21 17:09 - 01147392 _____ (Farbar) C:\Users\sangoko\Desktop\FRST.exe
2015-05-21 17:09 - 2015-05-21 17:09 - 00000000 ____D () C:\rsit
2015-05-21 17:07 - 2015-05-21 17:07 - 01107968 _____ () C:\Users\sangoko\Desktop\RSIT.exe
2015-05-21 16:47 - 2015-05-21 16:47 - 00007684 _____ () C:\Windows\PFRO.log
2015-05-21 07:21 - 2015-05-21 07:21 - 00019984 _____ () C:\Windows\system32\Drivers\EsgScanner.sys
2015-05-21 07:21 - 2015-05-21 07:21 - 00000000 ____D () C:\Program Files\Enigma Software Group
2015-05-21 06:58 - 2015-05-21 06:58 - 00075888 _____ () C:\Users\sangoko\AppData\Local\GDIPFONTCACHEV1.DAT
2015-05-21 06:54 - 2015-05-21 06:55 - 03659600 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-21 00:18 - 2015-05-21 00:18 - 00000000 ____D () C:\Users\sangoko\AppData\Roaming\BatteryCare
2015-05-21 00:18 - 2015-05-21 00:18 - 00000000 ____D () C:\Program Files\BatteryCare
2015-05-20 19:23 - 2015-05-20 19:23 - 00019456 _____ () C:\Users\sangoko\Desktop\launcher32.dll
2015-05-20 16:13 - 2015-05-20 16:13 - 00000000 ____D () C:\Users\sangoko\AppData\Local\Intel
2015-05-20 16:12 - 2015-05-20 16:12 - 00001004 _____ () C:\Users\Public\Desktop\Intel(R) Driver Update Utility 2.0.lnk
2015-05-20 16:12 - 2015-05-20 16:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility
2015-05-20 16:12 - 2015-05-20 16:12 - 00000000 ____D () C:\Program Files\Intel Driver Update Utility
2015-05-20 16:05 - 2015-05-20 16:05 - 00023456 _____ (Phoenix Technologies) C:\Windows\system32\Drivers\DrvAgent32.sys
2015-05-20 16:05 - 2015-05-20 16:05 - 00000000 ____D () C:\Users\sangoko\AppData\Local\eSupport.com
2015-05-20 15:09 - 2015-05-20 15:09 - 00674944 _____ (Copyright © 2010 eSupport.com. All Rights Reserved.) C:\Users\sangoko\Desktop\biosagentplus_40.exe
2015-05-20 14:33 - 2015-05-20 14:33 - 00000000 ____D () C:\Users\sangoko\AppData\Local\Tamir_Khason
2015-05-20 13:04 - 2015-05-20 13:04 - 00000000 ____D () C:\Users\sangoko\AppData\Roaming\AVG
2015-05-20 13:03 - 2015-05-20 13:03 - 00000000 ____D () C:\Users\sangoko\AppData\Local\Avg
2015-05-20 13:03 - 2015-05-20 13:03 - 00000000 ____D () C:\Program Files\AVG
2015-05-20 13:01 - 2015-05-20 13:01 - 00000000 ____D () C:\Users\sangoko\AppData\Roaming\OpenCandy
2015-05-18 12:07 - 2015-05-21 02:13 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-05-16 08:28 - 2015-05-16 08:42 - 00007039 _____ () C:\Users\Společnost\Downloads\Vyhledane pohyby (8).csv
2015-05-16 08:23 - 2015-05-16 08:23 - 00003671 _____ () C:\Users\Společnost\Downloads\Vyhledane pohyby (7).csv
2015-05-16 08:20 - 2015-05-16 08:20 - 00003671 _____ () C:\Users\Společnost\Downloads\Vyhledane pohyby (6).csv
2015-05-15 09:15 - 2015-05-15 09:17 - 00002383 _____ () C:\Users\Společnost\Downloads\Vyhledane pohyby (5).csv
2015-05-15 09:08 - 2015-05-15 09:08 - 00014313 _____ () C:\Users\Společnost\Desktop\Výpis Bohemia domus příjem.csv
2015-05-15 09:00 - 2015-05-15 09:00 - 00019241 _____ () C:\Users\Společnost\Downloads\Vyhledane pohyby (4).csv
2015-05-15 08:47 - 2015-05-15 08:57 - 00003431 _____ () C:\Users\Společnost\Downloads\Vyhledane pohyby (3).csv
2015-05-15 08:47 - 2015-05-15 08:47 - 00005197 _____ () C:\Users\Společnost\Downloads\Vyhledane pohyby (2).csv
2015-05-15 08:28 - 2015-05-15 08:47 - 00003622 _____ () C:\Users\Společnost\Downloads\Vyhledane pohyby (1).csv
2015-05-15 08:19 - 2015-05-15 08:27 - 00001218 _____ () C:\Users\Společnost\Downloads\Vyhledane pohyby.csv
2015-05-13 18:35 - 2015-04-30 18:03 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-13 18:30 - 2015-04-19 23:24 - 01029120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2015-05-13 18:30 - 2015-04-19 23:24 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2015-05-13 18:30 - 2015-04-19 23:24 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2015-05-13 18:30 - 2015-04-19 23:24 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2015-05-13 18:30 - 2015-04-19 22:19 - 01172480 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-05-13 18:30 - 2015-04-19 22:18 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2015-05-13 18:30 - 2015-04-19 22:13 - 00682496 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-05-13 18:30 - 2015-04-19 22:12 - 01072640 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-13 18:30 - 2015-04-19 22:12 - 00801792 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-13 18:30 - 2015-04-19 06:59 - 02065408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-13 18:29 - 2015-04-30 15:14 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 18:09 - 2015-04-11 01:22 - 00279552 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-13 16:04 - 2015-04-10 16:06 - 01214976 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-13 16:04 - 2015-04-10 16:06 - 00916992 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-13 16:04 - 2015-04-10 16:06 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-13 16:04 - 2015-04-10 16:06 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-05-13 16:04 - 2015-04-10 16:05 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-05-13 16:04 - 2015-04-10 16:04 - 06007808 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-13 16:04 - 2015-04-10 16:04 - 00630784 _____ (Microsoft Corporation) C:\Windows\system32\mstime.dll
2015-05-13 16:04 - 2015-04-10 16:04 - 00630272 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-13 16:04 - 2015-04-10 16:04 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-13 16:04 - 2015-04-10 16:04 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-05-13 16:04 - 2015-04-10 16:03 - 11084800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-13 16:04 - 2015-04-10 16:03 - 02006016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-13 16:04 - 2015-04-10 16:03 - 01469440 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-13 16:04 - 2015-04-10 16:03 - 00727552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-13 16:04 - 2015-04-10 16:03 - 00387584 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-13 16:04 - 2015-04-10 16:03 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-05-13 16:04 - 2015-04-10 16:03 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-13 16:04 - 2015-04-10 16:03 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2015-05-13 16:04 - 2015-04-10 16:03 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-05-13 16:04 - 2015-04-10 16:03 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-05-13 16:04 - 2015-04-10 16:03 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2015-05-13 16:04 - 2015-04-10 16:03 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-13 16:04 - 2015-04-10 16:02 - 00348160 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-13 16:04 - 2015-04-10 16:02 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-13 16:04 - 2015-04-10 16:02 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\corpol.dll
2015-05-13 16:04 - 2015-04-10 08:45 - 00385024 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-13 16:04 - 2015-04-10 07:01 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-13 16:04 - 2015-04-10 07:01 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-13 16:04 - 2015-04-10 06:59 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-05-13 16:04 - 2015-04-10 06:58 - 01638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-10 08:43 - 2015-05-10 09:25 - 00098900 _____ () C:\Users\Společnost\Documents\VZOR - Pracovní - předpis.ods
2015-05-08 08:24 - 2015-05-08 08:40 - 00031752 _____ () C:\Users\Společnost\Documents\Souhrn trvalých plateb u firem a objektů - Bohemia Domus.ods
2015-05-08 07:04 - 2015-05-08 07:04 - 00017204 _____ () C:\Users\Společnost\Documents\Souhrn trvalých plateb u firem a objektů.ods
2015-05-06 15:40 - 2015-05-06 15:40 - 00000000 ____D () C:\Users\sangoko\AppData\Local\{EE5F4C92-A8FD-4918-9F80-C71BC859AA50}
2015-05-05 16:48 - 2015-05-05 16:49 - 00000000 ____D () C:\Users\Společnost\Desktop\vícuc datovek celý
2015-05-05 07:36 - 2015-05-05 07:36 - 00020155 _____ () C:\Users\Společnost\Documents\Souhrn datovek - formulář.ods
2015-05-04 22:21 - 2015-05-05 18:08 - 00000000 ____D () C:\Users\Společnost\Desktop\AAA Datové správy
2015-05-04 17:03 - 2015-05-05 07:19 - 00000000 ____D () C:\Users\Společnost\Desktop\výpisy Věra
2015-05-04 14:20 - 2015-05-12 16:38 - 00026624 _____ () C:\Users\sangoko\Desktop\platby bez dokladu Dianetika 2014.xls
2015-05-03 17:25 - 2015-05-03 17:25 - 00045971 _____ () C:\Users\Společnost\Desktop\učty Vyhledane pohyby (6).ods
2015-05-03 13:40 - 2015-05-03 13:40 - 00005252 _____ () C:\Users\Společnost\Desktop\Karoza, Obrnice 181 nájem 2015 z účtu.csv
2015-05-03 13:08 - 2015-05-03 13:44 - 00003588 _____ () C:\Users\Společnost\Desktop\Nájmy 2015 Obrnice z účtu.csv
2015-05-01 22:27 - 2015-05-01 22:27 - 00048110 _____ () C:\Users\Společnost\Downloads\Game.of.Thrones.S05E01.HDTV.x264-ASAP.srt
2015-04-28 19:36 - 2015-04-28 19:37 - 00045212 _____ () C:\Users\Společnost\Desktop\Datovky firem bez hesel.ods
2015-04-28 18:16 - 2015-04-28 18:16 - 00025088 _____ () C:\Users\sangoko\Desktop\platby bez dokladu Dianetika 1. Q 2015-1.xls
2015-04-28 13:09 - 2015-04-30 10:57 - 00000000 ____D () C:\Users\Společnost\AppData\Roaming\vlc
2015-04-27 17:01 - 2015-04-27 17:01 - 00028411 _____ () C:\Users\sangoko\Desktop\ČEKLIST EXAMINÁTORA.odt
2015-04-26 14:51 - 2015-04-26 14:51 - 00059745 _____ () C:\Users\sangoko\Desktop\Program Rundow Přežití.odt
2015-04-26 14:10 - 2015-04-26 14:14 - 00043937 _____ () C:\Users\sangoko\Desktop\Zkratky projevů.ods
2015-04-25 07:23 - 2015-04-25 07:21 - 00007135 _____ () C:\Users\Společnost\Desktop\214658_Moje účty.xlsx

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-21 17:24 - 2014-10-24 08:02 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-21 17:21 - 2015-04-12 19:10 - 00000446 ____H () C:\Windows\Tasks\User_Feed_Synchronization-{7FA545D4-2B59-4223-87BD-BC37232271A9}.job
2015-05-21 17:05 - 2012-06-17 00:46 - 01611466 _____ () C:\Windows\WindowsUpdate.log
2015-05-21 17:00 - 2008-02-16 21:02 - 00000000 ____D () C:\Users\sangoko\AppData\Local\Google
2015-05-21 16:49 - 2014-10-24 08:02 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-21 16:49 - 2011-01-12 23:23 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2015-05-21 16:49 - 2009-12-07 16:32 - 00000435 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2015-05-21 16:49 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-21 16:49 - 2006-11-02 14:47 - 00003296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-21 16:49 - 2006-11-02 14:47 - 00003296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-21 16:46 - 2011-01-17 21:34 - 00000012 _____ () C:\Windows\bthservsdp.dat
2015-05-21 16:46 - 2006-11-02 15:01 - 00032510 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-05-21 16:45 - 2013-11-01 16:04 - 00000000 ____D () C:\Users\sangoko\AppData\Roaming\Wandoujia2
2015-05-21 16:31 - 2008-01-17 15:01 - 00000000 ____D () C:\Users\sangoko
2015-05-21 14:58 - 2014-10-23 16:51 - 00000440 ____H () C:\Windows\Tasks\User_Feed_Synchronization-{1FD776CB-3058-4844-897A-E17B4997AABB}.job
2015-05-21 12:15 - 2014-10-22 15:56 - 00000918 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-750613624-948088251-3038114490-1000Core.job
2015-05-21 06:53 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\LogFiles
2015-05-20 17:26 - 2008-01-17 15:01 - 00000000 ___RD () C:\Users\sangoko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-20 16:11 - 2015-03-18 12:08 - 00000000 ____D () C:\ProgramData\Package Cache
2015-05-20 16:02 - 2015-04-01 19:18 - 00061047 _____ () C:\Users\sangoko\Desktop\Rozvrh Ko-auditingu zz.ods
2015-05-20 15:52 - 2012-06-17 01:35 - 00001117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-05-20 15:48 - 2006-11-02 12:33 - 01558484 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-20 13:07 - 2013-02-20 20:24 - 00000000 ____D () C:\ProgramData\AVG
2015-05-19 07:24 - 2012-05-13 18:36 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-05-18 12:36 - 2015-03-18 11:40 - 00000000 ____D () C:\Users\sangoko\AppData\Roaming\PrimoPDF
2015-05-18 12:35 - 2015-04-01 13:38 - 00000000 ____D () C:\Users\sangoko\Desktop\faktury 1čtvrdletí
2015-05-18 09:23 - 2015-04-04 14:03 - 00070556 _____ () C:\Users\Společnost\Desktop\Přehled dat o společnostech.ods
2015-05-18 09:11 - 2015-04-19 16:06 - 00050875 _____ () C:\Users\Společnost\Desktop\Domluva hodnocení Placení Vaško.ods
2015-05-17 12:10 - 2014-10-22 15:56 - 00000970 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-750613624-948088251-3038114490-1000UA.job
2015-05-13 19:08 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-05-13 18:46 - 2006-11-02 14:37 - 00000000 ____D () C:\Windows\system32\XPSViewer
2015-05-13 18:46 - 2006-11-02 14:37 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-13 18:45 - 2008-02-22 08:20 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-05-13 18:35 - 2015-02-12 13:47 - 00001912 _____ () C:\Windows\epplauncher.mif
2015-05-13 18:35 - 2014-12-03 18:01 - 00001791 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2015-05-13 18:34 - 2012-12-15 18:44 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2015-05-13 18:28 - 2013-07-11 18:15 - 00000000 ____D () C:\Windows\system32\MRT
2015-05-13 18:12 - 2006-11-02 12:24 - 137310008 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-05-13 18:09 - 2010-06-04 21:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-11 17:21 - 2014-02-25 18:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-05-11 12:44 - 2012-08-31 17:55 - 00001356 _____ () C:\Users\sangoko\AppData\Local\d3d9caps.dat
2015-05-11 12:32 - 2015-03-09 13:57 - 00000000 ____D () C:\Users\Společnost
2015-05-11 12:32 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\spool
2015-05-11 12:32 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\Msdtc
2015-05-11 12:32 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\registration
2015-05-11 12:32 - 2006-11-02 12:22 - 55836672 _____ () C:\Windows\system32\config\software_previous
2015-05-11 12:32 - 2006-11-02 12:22 - 52166656 _____ () C:\Windows\system32\config\system_previous
2015-05-11 12:28 - 2006-11-02 12:22 - 46923776 _____ () C:\Windows\system32\config\components_previous
2015-05-11 12:28 - 2006-11-02 12:22 - 00094208 _____ () C:\Windows\system32\config\sam_previous
2015-05-11 11:27 - 2006-11-02 12:22 - 00786432 _____ () C:\Windows\system32\config\default_previous
2015-05-11 11:27 - 2006-11-02 12:22 - 00028672 _____ () C:\Windows\system32\config\security_previous
2015-04-30 11:28 - 2015-04-08 12:41 - 00030597 _____ () C:\Users\Společnost\Desktop\Pravidla spolupráce.odt
2015-04-29 12:49 - 2010-12-31 01:25 - 00000000 ____D () C:\Users\sangoko\AppData\Roaming\TeamViewer
2015-04-29 12:49 - 2008-02-16 21:03 - 00000000 ____D () C:\Users\sangoko\AppData\Roaming\Skype
2015-04-29 12:49 - 2008-02-16 21:02 - 00000000 ____D () C:\ProgramData\Skype
2015-04-27 17:50 - 2015-01-04 19:10 - 00000000 ____D () C:\Users\sangoko\Documents\Sharan
2015-04-27 11:51 - 2015-04-08 22:02 - 00000000 ____D () C:\Users\Společnost\Desktop\Plocha
2015-04-21 14:49 - 2015-04-20 18:23 - 00046411 _____ () C:\Users\sangoko\Desktop\Doložené faktury.ods

==================== Files in the root of some directories =======

2010-03-05 02:43 - 2010-06-13 09:22 - 0022328 _____ () C:\Users\sangoko\AppData\Roaming\PnkBstrK.sys
2009-04-29 21:50 - 2014-08-17 12:19 - 0027660 _____ () C:\Users\sangoko\AppData\Roaming\UserTile.png
2012-08-31 17:55 - 2015-05-11 12:44 - 0001356 _____ () C:\Users\sangoko\AppData\Local\d3d9caps.dat
2012-08-10 08:32 - 2012-08-10 08:32 - 0000095 _____ () C:\Users\sangoko\AppData\Local\fusioncache.dat
2008-07-06 20:47 - 2008-07-06 20:47 - 0000048 ____H () C:\ProgramData\ezsidmv.dat
2008-04-24 23:46 - 2009-04-22 17:23 - 0788412 _____ () C:\ProgramData\LUUnInstall.LiveUpdate
2010-09-11 20:13 - 2010-09-11 20:13 - 0000089 _____ () C:\ProgramData\lxdu.log
2011-03-04 01:41 - 2011-12-06 23:36 - 0000846 _____ () C:\ProgramData\lxduDiagnostics.log
2012-06-19 00:32 - 2012-07-27 12:41 - 0000193 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

Some files in TEMP:
====================
C:\Users\sangoko\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\sangoko\AppData\Local\Temp\IHUDA28.tmp.exe
C:\Users\sangoko\AppData\Local\Temp\IHUFF73.tmp.exe
C:\Users\sangoko\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Společnost\AppData\Local\Temp\SkypeSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-21 16:59

==================== End of log ============================

[vyosek]

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Po spusteni probehne stazeni databaze
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

[takos]

# AdwCleaner v4.205 - Log vytvořen 21/05/2015 v 20:26:32
# Aktualizováno 21/05/2015 by Xplode
# Databáze : 2015-05-21.2 [Local]
# Operační system : Windows Vista (TM) Home Premium Service Pack 2 (x86)
# Uživatelské jméno : sangoko - TAKOS
# Spuštěno z : C:\Users\sangoko\Desktop\adwcleaner_4.205.exe
# Nastavení : Čištění

***** [ Služby ] *****


***** [ Soubory / Složky ] *****

Složka Smazáno : C:\ProgramData\baidu
Složka Smazáno : C:\Users\sangoko\AppData\Local\eSupport.com
Složka Smazáno : C:\Users\sangoko\AppData\Roaming\OpenCandy
Soubor Smazáno : C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default\searchplugins\oursurfing.xml

***** [ Naplánované úlohy ] *****

Úloha Smazáno : IHSelfDeleteTASK
Úloha Smazáno : IHUninstallTrackingTASK
Úloha Smazáno : LuckyTab

***** [ Zástupci ] *****

Zástupce Vyléčeno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Zástupce Vyléčeno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Zástupce Vyléčeno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreshDevices\FreshDiagnose\Get Free Registration Code!!.lnk
Zástupce Vyléčeno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Webová stránka Labtec® Keyboard.lnk
Zástupce Vyléčeno : C:\Users\sangoko\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Zástupce Vyléčeno : C:\Users\sangoko\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk

***** [ Registry ] *****

Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Klíč Smazáno : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Klíč Smazáno : HKCU\Software\XTTB00001
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Klíč Smazáno : HKCU\Software\eSupport.com
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Data Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - local

***** [ Prohlížeče ] *****

-\\ Internet Explorer v8.0.6001.19621


-\\ Mozilla Firefox v38.0.1 (x86 cs)

[qu52wjqv.default\prefs.js] - Řádek Smazáno : user_pref("browser.newtab.url", "chrome://quick_start/content/index.html");
[qu52wjqv.default\prefs.js] - Řádek Smazáno : user_pref("browser.search.searchengine.alias", "oursurfing");
[qu52wjqv.default\prefs.js] - Řádek Smazáno : user_pref("browser.search.searchengine.iconURL", "hxxp://www.oursurfing.com/favicon.ico");
[qu52wjqv.default\prefs.js] - Řádek Smazáno : user_pref("browser.search.searchengine.name", "oursurfing");
[qu52wjqv.default\prefs.js] - Řádek Smazáno : user_pref("browser.search.searchengine.url", "hxxp://www.oursurfing.com/web/?type=ds&ts=1432 ... B26MYYX&q={[...]
[qu52wjqv.default\prefs.js] - Řádek Smazáno : user_pref("browser.search.selectedEngine", "oursurfing");
[qu52wjqv.default\prefs.js] - Řádek Smazáno : user_pref("extensions.quick_start.enable_search1", false);
[qu52wjqv.default\prefs.js] - Řádek Smazáno : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);
[qu52wjqv.default\prefs.js] - Řádek Smazáno : user_pref("extensions.ui.lastCategory", "addons://search/oursurfing.com");

-\\ Google Chrome v43.0.2357.65


*************************

AdwCleaner[R1].txt - [7037 bytů] - [21/05/2015 20:21:45]
AdwCleaner[R2].txt - [7095 bytů] - [21/05/2015 20:24:06]
AdwCleaner[S1].txt - [6899 bytů] - [21/05/2015 20:26:32]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [6957 bytů] ##########

[vyosek]

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

• Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
• Do okna vlozte skript nize

• Kód: Vybrat vše

  autoclean;
  resethosts;
  emptyclsid;
  IEdefaults;
  FFdefaults;
  CHRdefaults;
  emptyIEcache;
  emptyFFcache;
  emptyCHRcache;
  emptyalltemp;
  emptyflash;
  emptyjava;
  emptyrecycle.bin;
  

• Nasledne kliknete na Run Script
• PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

[takos]

Zdravím program se zasekl v tomto bodě co s tím mám dělat dál? Díky

[vyosek]

Poprosim o novy log z FRST

[takos]

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 21-05-2015
Ran by sangoko (administrator) on TAKOS on 22-05-2015 14:55:28
Running from C:\Users\sangoko\Desktop
Loaded Profiles: sangoko & Společnost (Available profiles: sangoko & Společnost)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.27.5\GoogleCrashHandler.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
() C:\Program Files\RocketDock\RocketDock.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynToshiba.exe
(Google Inc.) C:\Users\sangoko\AppData\Local\Google\Update\GoogleUpdate.exe
() C:\Users\sangoko\AppData\Roaming\Wandoujia2\Applications\2.76.0.7151\wandoujia_helper.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Agere Systems) C:\Windows\System32\agrsmsvc.exe
(Firebird Project) C:\Program Files\Firebird\Firebird_2_5\bin\fbguard.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
( ) C:\Windows\System32\lxducoms.exe
(Motive Communications, Inc.) C:\Program Files\Common Files\Motive\McciCMService.exe
() C:\Program Files\Synergy\synergyd.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
(Memeo) C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
(Firebird Project) C:\Program Files\Firebird\Firebird_2_5\bin\fbserver.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(TOSHIBA) C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
() C:\Program Files\RocketDock\RocketDock.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynToshiba.exe
(Mozilla Corporation) C:\Program Files\Mozilla Thunderbird\thunderbird.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\wercon.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1451304 2009-03-20] (Synaptics Incorporated)
HKLM-x32\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4489216 2007-06-13] (Realtek Semiconductor)
HKLM-x32\...\Run: [Skytel] => C:\Windows\Skytel.exe [1826816 2007-05-28] (Realtek Semiconductor Corp.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [981688 2015-04-30] (Microsoft Corporation)
HKU\S-1-5-21-750613624-948088251-3038114490-1000\...\Run: [RocketDock] => C:\Program Files\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-750613624-948088251-3038114490-1000\...\Run: [Google Update] => C:\Users\sangoko\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-07-24] (Google Inc.)
HKU\S-1-5-21-750613624-948088251-3038114490-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [4811032 2014-09-26] (Piriform Ltd)
HKU\S-1-5-21-750613624-948088251-3038114490-1391\...\Run: [TOSCDSPD] => TOSCDSPD.EXE
HKU\S-1-5-21-750613624-948088251-3038114490-1391\...\Run: [RocketDock] => C:\Program Files\RocketDock\RocketDock.exe [495616 2007-09-02] ()
Startup: C:\Users\sangoko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Bandwidth Meter.lnk [2010-11-02]
Startup: C:\Users\sangoko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\thunderbird.exe – zástupce.lnk [2014-05-21]
ShortcutTarget: thunderbird.exe – zástupce.lnk -> C:\Program Files\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
Startup: C:\Users\sangoko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\wandoujia_helper.lnk [2014-12-17]
ShortcutTarget: wandoujia_helper.lnk -> C:\Users\sangoko\AppData\Roaming\Wandoujia2\Applications\2.76.0.7151\wandoujia_helper.exe ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-04-28] (Google)
ShellIconOverlayIdentifiers: [GDriveSharedEditOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-04-28] (Google)
ShellIconOverlayIdentifiers: [GDriveSharedViewOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-04-28] (Google)
ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-04-28] (Google)
ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-04-28] (Google)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-750613624-948088251-3038114490-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = ?type=hppp&ts=1432140622&from=xtab&uid=EE37F7F59F8C4eb7ACB70257A39DCFE8
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = web/?type=dspp&ts=1432140622&from=xtab&uid=EE37F7F59F8C4eb7ACB70257A39DCFE8&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = ?type=hppp&ts=1432140622&from=xtab&uid=EE37F7F59F8C4eb7ACB70257A39DCFE8
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = web/?type=dspp&ts=1432140622&from=xtab&uid=EE37F7F59F8C4eb7ACB70257A39DCFE8&q={searchTerms}
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\S-1-5-21-750613624-948088251-3038114490-1000\Software\Microsoft\Internet Explorer\Main,Start Page = ?type=hppp&ts=1432140622&from=xtab&uid=EE37F7F59F8C4eb7ACB70257A39DCFE8
HKU\S-1-5-21-750613624-948088251-3038114490-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = www.bing.com
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = web/?type=dspp&ts=1432140622&from=xtab&uid=EE37F7F59F8C4eb7ACB70257A39DCFE8&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-750613624-948088251-3038114490-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-750613624-948088251-3038114490-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = web/?type=dspp&ts=1432140622&from=xtab&uid=EE37F7F59F8C4eb7ACB70257A39DCFE8&q={searchTerms}
SearchScopes: HKU\S-1-5-21-750613624-948088251-3038114490-1391 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-02-03] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-03] (Oracle Corporation)
Toolbar: HKU\.DEFAULT -> No Name - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No File
Toolbar: HKU\.DEFAULT -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: {CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0017-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Winsock: Catalog5 02 C:\Windows\system32\napinsp.dll [50176 2008-06-26] (Společnost Microsoft)
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36

FireFox:
========
FF ProfilePath: C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default
FF Homepage: www.google.cz
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-15] ()
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll No File
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-03] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-03] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-750613624-948088251-3038114490-1000: @lingea.com/x-lingea-translate -> C:\Program Files\Common Files\Lingea Shared\LG_Mozilla.dll [2011-10-20] (Lingea s.r.o.)
FF Plugin HKU\S-1-5-21-750613624-948088251-3038114490-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\sangoko\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2014-05-15] (Google)
FF Plugin HKU\S-1-5-21-750613624-948088251-3038114490-1000: @talk.google.com/O1DPlugin -> C:\Users\sangoko\AppData\Roaming\Mozilla\plugins\npo1d.dll [2014-05-15] (Google)
FF Plugin HKU\S-1-5-21-750613624-948088251-3038114490-1000: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npBitCometAgent.dll [2011-04-15] (BitComet)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll [2009-11-14] (DivX, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npLegitCheckPlugin.dll [2009-06-25] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np_gp.dll [2009-09-23] (NOS Microsystems Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Users\sangoko\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2014-05-15] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\sangoko\AppData\Roaming\mozilla\plugins\npo1d.dll [2014-05-15] (Google)
FF SearchPlugin: C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default\searchplugins\heurkacz.xml [2012-07-07]
FF Extension: Download Youtube Videos + - C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default\Extensions\video.downloader.plugin@ffpimp.com [2012-03-22]
FF Extension: BlackFox V2-Blue - C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default\Extensions\zigboom.designs@gmail.com [2015-05-03]
FF Extension: FT DeepDark - C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default\Extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66} [2015-04-15]
FF Extension: FoxLingo - C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default\Extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66}(49) [2012-09-02]
FF Extension: Google Translator for Firefox - C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default\Extensions\translator@zoli.bod.xpi [2012-10-23]
FF Extension: Walnut for Firefox - C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default\Extensions\{5A170DD3-63CA-4c58-93B7-DE9FF536C2FF}.xpi [2011-07-13]
FF Extension: Video DownloadHelper - C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-03-15]
FF Extension: DownThemAll! - C:\Users\sangoko\AppData\Roaming\Mozilla\Firefox\Profiles\qu52wjqv.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2012-06-26]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-04-23]

Chrome:
=======
CHR Profile: C:\Users\sangoko\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\sangoko\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-23]
CHR Extension: (Google Docs) - C:\Users\sangoko\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-23]
CHR Extension: (Google Drive) - C:\Users\sangoko\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-23]
CHR Extension: (YouTube) - C:\Users\sangoko\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-23]
CHR Extension: (Google Search) - C:\Users\sangoko\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-23]
CHR Extension: (Google Sheets) - C:\Users\sangoko\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-23]
CHR Extension: (Bookmark Manager) - C:\Users\sangoko\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-30]
CHR Extension: (Google Wallet) - C:\Users\sangoko\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-23]
CHR Extension: (Gmail) - C:\Users\sangoko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-23]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BrYNSvc; C:\Program Files\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed]
S3 CFSvcs; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [40960 2006-11-14] (TOSHIBA CORPORATION) [File not signed]
R2 FirebirdGuardianDefaultInstance; C:\Program Files\Firebird\Firebird_2_5\bin\fbguard.exe [98304 2013-03-19] (Firebird Project) [File not signed]
R3 FirebirdServerDefaultInstance; C:\Program Files\Firebird\Firebird_2_5\bin\fbserver.exe [3784704 2013-03-19] (Firebird Project) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S2 lxduCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxduserv.exe [98984 2008-05-24] (Lexmark International, Inc.)
R2 lxdu_device; C:\Windows\system32\lxducoms.exe [594600 2008-05-24] ( )
R2 McciCMService; C:\Program Files\Common Files\Motive\McciCMService.exe [303104 2007-10-15] (Motive Communications, Inc.) [File not signed]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2015-04-30] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [284504 2015-04-30] (Microsoft Corporation)
R2 Synergy; C:\Program Files\Synergy\synergyd.exe [318976 2013-05-03] ()
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5448464 2015-03-30] (TeamViewer GmbH)
R2 TNaviSrv; C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe [77824 2007-06-28] (TOSHIBA Corporation) [File not signed]
R2 TODDSrv; C:\Windows\system32\TODDSrv.exe [114688 2006-05-25] (TOSHIBA Corporation) [File not signed]
S3 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-08-23] (Ulead Systems, Inc.) [File not signed]
R2 WDDMService; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [110592 2009-11-13] (WDC) [File not signed]
R2 WDSmartWareBackgroundService; C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [20480 2009-06-16] (Memeo) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-19] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BVRPMPR5; C:\Windows\system32\drivers\BVRPMPR5.SYS [44224 2006-09-06] (BVRP Software) [File not signed]
R0 CplIR; C:\Windows\System32\DRIVERS\CplIR.SYS [14848 2007-03-06] (COMPAL ELECTRONIC INC.)
S3 DrvAgent32; C:\Windows\system32\Drivers\DrvAgent32.sys [23456 2015-05-20] (Phoenix Technologies) [File not signed]
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-11] (Společnost Microsoft)
S3 FreshIO; C:\Program Files\FreshDevices\FreshDiagnose\FreshIO.sys [2410 2004-10-26] () [File not signed]
R0 FSProFilter; C:\Windows\System32\Drivers\FSPFltd.sys [41912 2010-07-22] (FSPro Labs)
S3 GemCCID; C:\Windows\System32\DRIVERS\GemCCID.sys [98816 2013-04-24] (Gemalto)
R0 LPCFilter; C:\Windows\System32\DRIVERS\LPCFilter.sys [19456 2006-07-28] (COMPAL ELECTRONIC INC.)
S3 LVPr2Mon; C:\Windows\System32\Drivers\LVPr2Mon.sys [25752 2009-10-07] ()
R3 LVUSBSta; C:\Windows\System32\drivers\LVUSBSta.sys [41752 2008-12-17] (Logitech Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [245096 2015-03-04] (Microsoft Corporation)
S3 MREMP50; C:\Program Files\Common Files\Motive\MREMP50.sys [21248 2008-03-29] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 MRESP50; C:\Program Files\Common Files\Motive\MRESP50.sys [20096 2008-03-29] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
R2 npf; C:\Windows\System32\drivers\npf.sys [34064 2008-06-01] (CACE Technologies)
R3 Ntfs; C:\Windows\system32\Drivers\Ntfs.sys [1082232 2013-03-03] (Společnost Microsoft)
S3 pepifilter; C:\Windows\System32\DRIVERS\lv302af.sys [13976 2009-05-01] (Logitech Inc.)
S3 PID_PEPI; C:\Windows\System32\DRIVERS\LV302V32.SYS [2687512 2009-05-01] (Logitech Inc.)
S3 sonypvs1; C:\Windows\System32\DRIVERS\sonypvs1.sys [102220 2002-10-15] (Sony Corporation) [File not signed]
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [477240 2012-06-16] (Duplex Secure Ltd.)
S3 tosporte; C:\Windows\System32\DRIVERS\tosporte.sys [41600 2006-10-10] (TOSHIBA Corporation) [File not signed]
S3 tosrfbd; C:\Windows\System32\DRIVERS\tosrfbd.sys [113920 2007-02-22] (TOSHIBA CORPORATION) [File not signed]
S3 tosrfbnp; C:\Windows\System32\Drivers\tosrfbnp.sys [36480 2006-11-20] (TOSHIBA Corporation) [File not signed]
S1 Tosrfcom; C:\Windows\System32\Drivers\tosrfcom.sys [64896 2005-08-01] (TOSHIBA Corporation) [File not signed]
S3 Tosrfhid; C:\Windows\System32\DRIVERS\Tosrfhid.sys [73728 2007-03-01] (TOSHIBA Corporation.) [File not signed]
S3 tosrfnds; C:\Windows\System32\DRIVERS\tosrfnds.sys [18612 2005-01-06] (TOSHIBA Corporation.) [File not signed]
S3 TosRfSnd; C:\Windows\System32\drivers\tosrfsnd.sys [53376 2007-01-22] (TOSHIBA Corporation) [File not signed]
S3 Tosrfusb; C:\Windows\System32\DRIVERS\tosrfusb.sys [41344 2007-02-28] (TOSHIBA CORPORATION) [File not signed]
S3 usbbus; C:\Windows\System32\DRIVERS\lgusbbus.sys [21344 2005-05-26] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgusbdiag.sys [38144 2005-05-26] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgusbmodem.sys [39036 2005-06-24] (LG Electronics Inc.)
R3 UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [11776 2007-04-16] (Chicony Electronics Co., Ltd.)
R2 v2imount; C:\Windows\System32\DRIVERS\v2imount.sys [38112 2008-01-19] (Symantec Corporation)
S3 WinRing0_1_2_0; C:\Program Files\BatteryCare\WinRing0.sys [14416 2014-03-22] (OpenLibSys.org)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-19] (Microsoft Corporation)
U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [43904 2009-02-18] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-22 09:52 - 2015-05-22 09:52 - 00000000 ____D () C:\Users\Společnost\AppData\Local\VirtualStore
2015-05-21 23:27 - 2015-05-21 23:27 - 00000021 _____ () C:\folders.log
2015-05-21 23:27 - 2015-05-21 23:27 - 00000000 ____D () C:\zoek
2015-05-21 22:59 - 2015-05-21 23:38 - 00070930 _____ () C:\zoek-results.log
2015-05-21 22:56 - 2015-05-21 23:38 - 00003672 _____ () C:\runcheck.txt
2015-05-21 22:56 - 2015-05-21 23:37 - 00000000 ____D () C:\zoek_backup
2015-05-21 22:56 - 2015-05-21 22:56 - 01308672 _____ () C:\Users\sangoko\Desktop\zoek.exe
2015-05-21 21:42 - 2015-05-21 21:42 - 00029722 _____ () C:\Users\Společnost\Downloads\DATOVKA - Bohemia Domus.ods
2015-05-21 21:39 - 2015-05-22 09:52 - 00000000 ____D () C:\Program Files\Mozilla Thunderbird
2015-05-21 21:24 - 2015-05-21 21:24 - 00029722 _____ () C:\Users\Společnost\Desktop\DATOVKA - Bohemia Domus.ods
2015-05-21 20:21 - 2015-05-21 20:27 - 00000000 ____D () C:\AdwCleaner
2015-05-21 20:20 - 2015-05-21 20:20 - 02223104 _____ () C:\Users\sangoko\Desktop\adwcleaner_4.205.exe
2015-05-21 17:34 - 2015-05-21 17:34 - 00016390 _____ () C:\Users\sangoko\Desktop\Addition.zip
2015-05-21 17:24 - 2015-05-21 17:25 - 00056800 _____ () C:\Users\sangoko\Desktop\Addition.txt
2015-05-21 17:23 - 2015-05-22 14:55 - 00024785 _____ () C:\Users\sangoko\Desktop\FRST.txt
2015-05-21 17:21 - 2015-05-22 14:55 - 00000000 ____D () C:\FRST
2015-05-21 17:09 - 2015-05-21 17:10 - 00000000 ____D () C:\Program Files\trend micro
2015-05-21 17:09 - 2015-05-21 17:09 - 01147392 _____ (Farbar) C:\Users\sangoko\Desktop\FRST.exe
2015-05-21 17:09 - 2015-05-21 17:09 - 00000000 ____D () C:\rsit
2015-05-21 17:07 - 2015-05-21 17:07 - 01107968 _____ () C:\Users\sangoko\Desktop\RSIT.exe
2015-05-21 16:47 - 2015-05-22 09:47 - 00008016 _____ () C:\Windows\PFRO.log
2015-05-21 07:21 - 2015-05-21 07:21 - 00019984 _____ () C:\Windows\system32\Drivers\EsgScanner.sys
2015-05-21 07:21 - 2015-05-21 07:21 - 00000000 ____D () C:\Program Files\Enigma Software Group
2015-05-21 06:58 - 2015-05-21 06:58 - 00075888 _____ () C:\Users\sangoko\AppData\Local\GDIPFONTCACHEV1.DAT
2015-05-21 06:54 - 2015-05-21 06:55 - 03659600 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-21 00:18 - 2015-05-21 00:18 - 00000000 ____D () C:\Users\sangoko\AppData\Roaming\BatteryCare
2015-05-21 00:18 - 2015-05-21 00:18 - 00000000 ____D () C:\Program Files\BatteryCare
2015-05-20 19:23 - 2015-05-20 19:23 - 00019456 _____ () C:\Users\sangoko\Desktop\launcher32.dll
2015-05-20 16:13 - 2015-05-20 16:13 - 00000000 ____D () C:\Users\sangoko\AppData\Local\Intel
2015-05-20 16:12 - 2015-05-20 16:12 - 00001004 _____ () C:\Users\Public\Desktop\Intel(R) Driver Update Utility 2.0.lnk
2015-05-20 16:12 - 2015-05-20 16:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility
2015-05-20 16:12 - 2015-05-20 16:12 - 00000000 ____D () C:\Program Files\Intel Driver Update Utility
2015-05-20 16:05 - 2015-05-20 16:05 - 00023456 _____ (Phoenix Technologies) C:\Windows\system32\Drivers\DrvAgent32.sys
2015-05-20 15:09 - 2015-05-20 15:09 - 00674944 _____ (Copyright © 2010 eSupport.com. All Rights Reserved.) C:\Users\sangoko\Desktop\biosagentplus_40.exe
2015-05-20 14:33 - 2015-05-20 14:33 - 00000000 ____D () C:\Users\sangoko\AppData\Local\Tamir_Khason
2015-05-20 13:04 - 2015-05-20 13:04 - 00000000 ____D () C:\Users\sangoko\AppData\Roaming\AVG
2015-05-20 13:03 - 2015-05-20 13:03 - 00000000 ____D () C:\Users\sangoko\AppData\Local\Avg
2015-05-20 13:03 - 2015-05-20 13:03 - 00000000 ____D () C:\Program Files\AVG
2015-05-18 12:07 - 2015-05-21 02:13 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-05-16 08:28 - 2015-05-16 08:42 - 00007039 _____ () C:\Users\Společnost\Downloads\Vyhledane pohyby (8).csv
2015-05-16 08:23 - 2015-05-16 08:23 - 00003671 _____ () C:\Users\Společnost\Downloads\Vyhledane pohyby (7).csv
2015-05-16 08:20 - 2015-05-16 08:20 - 00003671 _____ () C:\Users\Společnost\Downloads\Vyhledane pohyby (6).csv
2015-05-15 09:15 - 2015-05-15 09:17 - 00002383 _____ () C:\Users\Společnost\Downloads\Vyhledane pohyby (5).csv
2015-05-15 09:08 - 2015-05-15 09:08 - 00014313 _____ () C:\Users\Společnost\Desktop\Výpis Bohemia domus příjem.csv
2015-05-15 09:00 - 2015-05-15 09:00 - 00019241 _____ () C:\Users\Společnost\Downloads\Vyhledane pohyby (4).csv
2015-05-15 08:47 - 2015-05-15 08:57 - 00003431 _____ () C:\Users\Společnost\Downloads\Vyhledane pohyby (3).csv
2015-05-15 08:47 - 2015-05-15 08:47 - 00005197 _____ () C:\Users\Společnost\Downloads\Vyhledane pohyby (2).csv
2015-05-15 08:28 - 2015-05-15 08:47 - 00003622 _____ () C:\Users\Společnost\Downloads\Vyhledane pohyby (1).csv
2015-05-15 08:19 - 2015-05-15 08:27 - 00001218 _____ () C:\Users\Společnost\Downloads\Vyhledane pohyby.csv
2015-05-13 18:35 - 2015-04-30 18:03 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-13 18:30 - 2015-04-19 23:24 - 01029120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2015-05-13 18:30 - 2015-04-19 23:24 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2015-05-13 18:30 - 2015-04-19 23:24 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2015-05-13 18:30 - 2015-04-19 23:24 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2015-05-13 18:30 - 2015-04-19 22:19 - 01172480 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-05-13 18:30 - 2015-04-19 22:18 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2015-05-13 18:30 - 2015-04-19 22:13 - 00682496 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-05-13 18:30 - 2015-04-19 22:12 - 01072640 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-13 18:30 - 2015-04-19 22:12 - 00801792 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-13 18:30 - 2015-04-19 06:59 - 02065408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-13 18:29 - 2015-04-30 15:14 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 18:09 - 2015-04-11 01:22 - 00279552 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-13 16:04 - 2015-04-10 16:06 - 01214976 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-13 16:04 - 2015-04-10 16:06 - 00916992 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-13 16:04 - 2015-04-10 16:06 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-13 16:04 - 2015-04-10 16:06 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-05-13 16:04 - 2015-04-10 16:05 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-05-13 16:04 - 2015-04-10 16:04 - 06007808 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-13 16:04 - 2015-04-10 16:04 - 00630784 _____ (Microsoft Corporation) C:\Windows\system32\mstime.dll
2015-05-13 16:04 - 2015-04-10 16:04 - 00630272 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-13 16:04 - 2015-04-10 16:04 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-13 16:04 - 2015-04-10 16:04 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-05-13 16:04 - 2015-04-10 16:03 - 11084800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-13 16:04 - 2015-04-10 16:03 - 02006016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-13 16:04 - 2015-04-10 16:03 - 01469440 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-13 16:04 - 2015-04-10 16:03 - 00727552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-13 16:04 - 2015-04-10 16:03 - 00387584 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-13 16:04 - 2015-04-10 16:03 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-05-13 16:04 - 2015-04-10 16:03 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-13 16:04 - 2015-04-10 16:03 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2015-05-13 16:04 - 2015-04-10 16:03 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-05-13 16:04 - 2015-04-10 16:03 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-05-13 16:04 - 2015-04-10 16:03 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2015-05-13 16:04 - 2015-04-10 16:03 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-13 16:04 - 2015-04-10 16:02 - 00348160 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-13 16:04 - 2015-04-10 16:02 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-13 16:04 - 2015-04-10 16:02 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\corpol.dll
2015-05-13 16:04 - 2015-04-10 08:45 - 00385024 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-13 16:04 - 2015-04-10 07:01 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-13 16:04 - 2015-04-10 07:01 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-13 16:04 - 2015-04-10 06:59 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-05-13 16:04 - 2015-04-10 06:58 - 01638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-10 08:43 - 2015-05-10 09:25 - 00098900 _____ () C:\Users\Společnost\Documents\VZOR - Pracovní - předpis.ods
2015-05-08 08:24 - 2015-05-08 08:40 - 00031752 _____ () C:\Users\Společnost\Documents\Souhrn trvalých plateb u firem a objektů - Bohemia Domus.ods
2015-05-08 07:04 - 2015-05-08 07:04 - 00017204 _____ () C:\Users\Společnost\Documents\Souhrn trvalých plateb u firem a objektů.ods
2015-05-05 16:48 - 2015-05-05 16:49 - 00000000 ____D () C:\Users\Společnost\Desktop\vícuc datovek celý
2015-05-05 07:36 - 2015-05-05 07:36 - 00020155 _____ () C:\Users\Společnost\Documents\Souhrn datovek - formulář.ods
2015-05-04 22:21 - 2015-05-05 18:08 - 00000000 ____D () C:\Users\Společnost\Desktop\AAA Datové správy
2015-05-04 17:03 - 2015-05-05 07:19 - 00000000 ____D () C:\Users\Společnost\Desktop\výpisy Věra
2015-05-04 14:20 - 2015-05-12 16:38 - 00026624 _____ () C:\Users\sangoko\Desktop\platby bez dokladu Dianetika 2014.xls
2015-05-03 17:25 - 2015-05-03 17:25 - 00045971 _____ () C:\Users\Společnost\Desktop\učty Vyhledane pohyby (6).ods
2015-05-03 13:40 - 2015-05-03 13:40 - 00005252 _____ () C:\Users\Společnost\Desktop\Karoza, Obrnice 181 nájem 2015 z účtu.csv
2015-05-03 13:08 - 2015-05-03 13:44 - 00003588 _____ () C:\Users\Společnost\Desktop\Nájmy 2015 Obrnice z účtu.csv
2015-05-01 22:27 - 2015-05-01 22:27 - 00048110 _____ () C:\Users\Společnost\Downloads\Game.of.Thrones.S05E01.HDTV.x264-ASAP.srt
2015-04-28 19:36 - 2015-04-28 19:37 - 00045212 _____ () C:\Users\Společnost\Desktop\Datovky firem bez hesel.ods
2015-04-28 18:16 - 2015-04-28 18:16 - 00025088 _____ () C:\Users\sangoko\Desktop\platby bez dokladu Dianetika 1. Q 2015-1.xls
2015-04-28 13:09 - 2015-04-30 10:57 - 00000000 ____D () C:\Users\Společnost\AppData\Roaming\vlc
2015-04-27 17:01 - 2015-04-27 17:01 - 00028411 _____ () C:\Users\sangoko\Desktop\ČEKLIST EXAMINÁTORA.odt
2015-04-26 14:51 - 2015-04-26 14:51 - 00059745 _____ () C:\Users\sangoko\Desktop\Program Rundow Přežití.odt
2015-04-26 14:10 - 2015-04-26 14:14 - 00043937 _____ () C:\Users\sangoko\Desktop\Zkratky projevů.ods
2015-04-25 07:23 - 2015-04-25 07:21 - 00007135 _____ () C:\Users\Společnost\Desktop\214658_Moje účty.xlsx

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-22 14:52 - 2015-04-12 19:10 - 00000446 ____H () C:\Windows\Tasks\User_Feed_Synchronization-{7FA545D4-2B59-4223-87BD-BC37232271A9}.job
2015-05-22 14:39 - 2014-10-24 08:02 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-22 14:26 - 2014-10-24 08:02 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-22 14:26 - 2012-06-17 00:46 - 01665467 _____ () C:\Windows\WindowsUpdate.log
2015-05-22 14:26 - 2006-11-02 14:47 - 00003296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-22 14:26 - 2006-11-02 14:47 - 00003296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-22 14:25 - 2014-10-22 15:56 - 00000918 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-750613624-948088251-3038114490-1000Core.job
2015-05-22 09:53 - 2012-05-13 18:36 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-05-22 09:52 - 2015-03-09 13:57 - 00000008 __RSH () C:\Users\Společnost\ntuser.pol
2015-05-22 09:52 - 2015-03-09 13:57 - 00000000 ____D () C:\Users\Společnost
2015-05-22 09:50 - 2008-02-16 21:02 - 00000000 ____D () C:\Users\sangoko\AppData\Local\Google
2015-05-22 09:49 - 2009-12-07 16:32 - 00000430 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2015-05-22 09:48 - 2014-05-30 09:39 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2015-05-22 09:48 - 2012-10-01 17:46 - 00000008 __RSH () C:\Users\sangoko\ntuser.pol
2015-05-22 09:48 - 2011-01-12 23:23 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2015-05-22 09:48 - 2008-01-17 15:01 - 00000000 ____D () C:\Users\sangoko
2015-05-22 09:47 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-22 09:46 - 2011-01-17 21:34 - 00000012 _____ () C:\Windows\bthservsdp.dat
2015-05-22 09:46 - 2006-11-02 15:01 - 00032510 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-05-21 23:37 - 2006-11-02 13:18 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2015-05-21 22:48 - 2015-04-04 14:03 - 00070301 _____ () C:\Users\Společnost\Desktop\Přehled dat o společnostech.ods
2015-05-21 20:27 - 2015-02-23 16:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-05-21 20:27 - 2012-06-17 01:35 - 00000823 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-05-21 16:45 - 2013-11-01 16:04 - 00000000 ____D () C:\Users\sangoko\AppData\Roaming\Wandoujia2
2015-05-21 14:58 - 2014-10-23 16:51 - 00000440 ____H () C:\Windows\Tasks\User_Feed_Synchronization-{1FD776CB-3058-4844-897A-E17B4997AABB}.job
2015-05-21 06:53 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\LogFiles
2015-05-20 17:26 - 2008-01-17 15:01 - 00000000 ___RD () C:\Users\sangoko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-20 16:02 - 2015-04-01 19:18 - 00061047 _____ () C:\Users\sangoko\Desktop\Rozvrh Ko-auditingu zz.ods
2015-05-20 15:48 - 2006-11-02 12:33 - 01558484 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-20 13:07 - 2013-02-20 20:24 - 00000000 ____D () C:\ProgramData\AVG
2015-05-18 12:36 - 2015-03-18 11:40 - 00000000 ____D () C:\Users\sangoko\AppData\Roaming\PrimoPDF
2015-05-18 12:35 - 2015-04-01 13:38 - 00000000 ____D () C:\Users\sangoko\Desktop\faktury 1čtvrdletí
2015-05-18 09:11 - 2015-04-19 16:06 - 00050875 _____ () C:\Users\Společnost\Desktop\Domluva hodnocení Placení Vaško.ods
2015-05-17 12:10 - 2014-10-22 15:56 - 00000970 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-750613624-948088251-3038114490-1000UA.job
2015-05-13 19:08 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-05-13 18:46 - 2006-11-02 14:37 - 00000000 ____D () C:\Windows\system32\XPSViewer
2015-05-13 18:46 - 2006-11-02 14:37 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-13 18:45 - 2008-02-22 08:20 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-05-13 18:35 - 2015-02-12 13:47 - 00001912 _____ () C:\Windows\epplauncher.mif
2015-05-13 18:35 - 2014-12-03 18:01 - 00001791 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2015-05-13 18:34 - 2012-12-15 18:44 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2015-05-13 18:28 - 2013-07-11 18:15 - 00000000 ____D () C:\Windows\system32\MRT
2015-05-13 18:12 - 2006-11-02 12:24 - 137310008 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-05-13 18:09 - 2010-06-04 21:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-11 17:21 - 2014-02-25 18:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-05-11 12:44 - 2012-08-31 17:55 - 00001356 _____ () C:\Users\sangoko\AppData\Local\d3d9caps.dat
2015-05-11 12:32 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\spool
2015-05-11 12:32 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\Msdtc
2015-05-11 12:32 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\registration
2015-05-11 12:32 - 2006-11-02 12:22 - 55836672 _____ () C:\Windows\system32\config\software_previous
2015-05-11 12:32 - 2006-11-02 12:22 - 52166656 _____ () C:\Windows\system32\config\system_previous
2015-05-11 12:28 - 2006-11-02 12:22 - 46923776 _____ () C:\Windows\system32\config\components_previous
2015-05-11 12:28 - 2006-11-02 12:22 - 00094208 _____ () C:\Windows\system32\config\sam_previous
2015-05-11 11:27 - 2006-11-02 12:22 - 00786432 _____ () C:\Windows\system32\config\default_previous
2015-05-11 11:27 - 2006-11-02 12:22 - 00028672 _____ () C:\Windows\system32\config\security_previous
2015-04-30 11:28 - 2015-04-08 12:41 - 00030597 _____ () C:\Users\Společnost\Desktop\Pravidla spolupráce.odt
2015-04-29 12:49 - 2008-02-16 21:03 - 00000000 ____D () C:\Users\sangoko\AppData\Roaming\Skype
2015-04-29 12:49 - 2008-02-16 21:02 - 00000000 ____D () C:\ProgramData\Skype
2015-04-27 17:50 - 2015-01-04 19:10 - 00000000 ____D () C:\Users\sangoko\Documents\Sharan
2015-04-27 11:51 - 2015-04-08 22:02 - 00000000 ____D () C:\Users\Společnost\Desktop\Plocha

==================== Files in the root of some directories =======

2010-03-05 02:43 - 2010-06-13 09:22 - 0022328 _____ () C:\Users\sangoko\AppData\Roaming\PnkBstrK.sys
2009-04-29 21:50 - 2014-08-17 12:19 - 0027660 _____ () C:\Users\sangoko\AppData\Roaming\UserTile.png
2012-08-31 17:55 - 2015-05-11 12:44 - 0001356 _____ () C:\Users\sangoko\AppData\Local\d3d9caps.dat
2012-08-10 08:32 - 2012-08-10 08:32 - 0000095 _____ () C:\Users\sangoko\AppData\Local\fusioncache.dat
2008-07-06 20:47 - 2008-07-06 20:47 - 0000048 ____H () C:\ProgramData\ezsidmv.dat
2008-04-24 23:46 - 2009-04-22 17:23 - 0788412 _____ () C:\ProgramData\LUUnInstall.LiveUpdate
2010-09-11 20:13 - 2010-09-11 20:13 - 0000089 _____ () C:\ProgramData\lxdu.log
2011-03-04 01:41 - 2011-12-06 23:36 - 0000846 _____ () C:\ProgramData\lxduDiagnostics.log
2012-06-19 00:32 - 2012-07-27 12:41 - 0000193 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

Some files in TEMP:
====================
C:\Users\sangoko\AppData\Local\Temp\7za.exe
C:\Users\sangoko\AppData\Local\Temp\DaS_21.exe
C:\Users\sangoko\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\sangoko\AppData\Local\Temp\hijackthis.exe
C:\Users\sangoko\AppData\Local\Temp\IHUDA28.tmp.exe
C:\Users\sangoko\AppData\Local\Temp\IHUFF73.tmp.exe
C:\Users\sangoko\AppData\Local\Temp\NirCmd.exe
C:\Users\sangoko\AppData\Local\Temp\PEVZ.EXE
C:\Users\sangoko\AppData\Local\Temp\Quarantine.exe
C:\Users\sangoko\AppData\Local\Temp\remove.exe
C:\Users\sangoko\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\sangoko\AppData\Local\Temp\sed.exe
C:\Users\sangoko\AppData\Local\Temp\shortcut.exe
C:\Users\sangoko\AppData\Local\Temp\sqlite3.dll
C:\Users\sangoko\AppData\Local\Temp\swreg.exe
C:\Users\sangoko\AppData\Local\Temp\swxcacls.exe
C:\Users\sangoko\AppData\Local\Temp\wget.exe
C:\Users\sangoko\AppData\Local\Temp\zoek-delete.exe
C:\Users\Společnost\AppData\Local\Temp\SkypeSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-22 10:04

==================== End of log ============================

[vyosek]

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  CloseProcesses:
  CreateRestorePoint:
  
  HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
  HKU\S-1-5-21-750613624-948088251-3038114490-1000\...\Run: [Google Update] => C:\Users\sangoko\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-07-24] (Google Inc.)
  HKU\S-1-5-21-750613624-948088251-3038114490-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [4811032 2014-09-26] (Piriform Ltd)
  Startup: C:\Users\sangoko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\wandoujia_helper.lnk [2014-12-17]
  ShortcutTarget: wandoujia_helper.lnk -> C:\Users\sangoko\AppData\Roaming\Wandoujia2\Applications\2.76.0.7151\wandoujia_helper.exe ()
  ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
  
  HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
  HKU\S-1-5-21-750613624-948088251-3038114490-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
  HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = ?type=hppp&ts=1432140622&from=xtab&uid=EE37F7F59F8C4eb7ACB70257A39DCFE8
  HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = web/?type=dspp&ts=1432140622&from=xtab&uid=EE37F7F59F8C4eb7ACB70257A39DCFE8&q={searchTerms}
  HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = ?type=hppp&ts=1432140622&from=xtab&uid=EE37F7F59F8C4eb7ACB70257A39DCFE8
  HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = web/?type=dspp&ts=1432140622&from=xtab&uid=EE37F7F59F8C4eb7ACB70257A39DCFE8&q={searchTerms}
  HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
  HKU\S-1-5-21-750613624-948088251-3038114490-1000\Software\Microsoft\Internet Explorer\Main,Start Page = ?type=hppp&ts=1432140622&from=xtab&uid=EE37F7F59F8C4eb7ACB70257A39DCFE8
  HKU\S-1-5-21-750613624-948088251-3038114490-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = www.bing.com
  SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = web/?type=dspp&ts=1432140622&from=xtab&uid=EE37F7F59F8C4eb7ACB70257A39DCFE8&q={searchTerms}
  SearchScopes: HKU\.DEFAULT -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
  SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
  SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
  Toolbar: HKU\.DEFAULT -> No Name - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No File
  Toolbar: HKU\.DEFAULT -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
  
  2015-05-21 23:27 - 2015-05-21 23:27 - 00000021 _____ () C:\folders.log
  2015-05-21 23:27 - 2015-05-21 23:27 - 00000000 ____D () C:\zoek
  2015-05-21 22:59 - 2015-05-21 23:38 - 00070930 _____ () C:\zoek-results.log
  2015-05-21 22:56 - 2015-05-21 23:38 - 00003672 _____ () C:\runcheck.txt
  2015-05-21 22:56 - 2015-05-21 23:37 - 00000000 ____D () C:\zoek_backup
  2015-05-21 22:56 - 2015-05-21 22:56 - 01308672 _____ () C:\Users\sangoko\Desktop\zoek.exe
  2015-05-21 20:21 - 2015-05-21 20:27 - 00000000 ____D () C:\AdwCleaner
  2015-05-21 20:20 - 2015-05-21 20:20 - 02223104 _____ () C:\Users\sangoko\Desktop\adwcleaner_4.205.exe
  2015-05-21 17:34 - 2015-05-21 17:34 - 00016390 _____ () C:\Users\sangoko\Desktop\Addition.zip
  2015-05-21 17:24 - 2015-05-21 17:25 - 00056800 _____ () C:\Users\sangoko\Desktop\Addition.txt
  2015-05-21 17:23 - 2015-05-22 14:55 - 00024785 _____ () C:\Users\sangoko\Desktop\FRST.txt
  C:\Users\sangoko\AppData\Roaming\Wandoujia2
  2015-05-21 17:09 - 2015-05-21 17:10 - 00000000 ____D () C:\Program Files\trend micro
  2015-05-21 17:09 - 2015-05-21 17:09 - 00000000 ____D () C:\rsit
  2015-05-21 07:21 - 2015-05-21 07:21 - 00019984 _____ () C:\Windows\system32\Drivers\EsgScanner.sys
  2015-05-21 07:21 - 2015-05-21 07:21 - 00000000 ____D () C:\Program Files\Enigma Software Group
  2015-05-20 13:04 - 2015-05-20 13:04 - 00000000 ____D () C:\Users\sangoko\AppData\Roaming\AVG
  2015-05-20 13:03 - 2015-05-20 13:03 - 00000000 ____D () C:\Users\sangoko\AppData\Local\Avg
  2015-05-20 13:03 - 2015-05-20 13:03 - 00000000 ____D () C:\Program Files\AVG
  
  2015-05-22 14:52 - 2015-04-12 19:10 - 00000446 ____H () C:\Windows\Tasks\User_Feed_Synchronization-{7FA545D4-2B59-4223-87BD-BC37232271A9}.job
  2015-05-22 14:39 - 2014-10-24 08:02 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
  2015-05-22 14:26 - 2014-10-24 08:02 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
  2015-05-22 14:25 - 2014-10-22 15:56 - 00000918 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-750613624-948088251-3038114490-1000Core.job
  2015-05-21 14:58 - 2014-10-23 16:51 - 00000440 ____H () C:\Windows\Tasks\User_Feed_Synchronization-{1FD776CB-3058-4844-897A-E17B4997AABB}.job
  2015-05-17 12:10 - 2014-10-22 15:56 - 00000970 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-750613624-948088251-3038114490-1000UA.job
  
  File: C:\Windows\System32\lxducoms.exe
  
  Hosts:
  EmptyTemp:
  Reboot:
  End
  

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

[takos]

Fix result of Farbar Recovery Scan Tool (x86) Version: 21-05-2015
Ran by sangoko at 2015-05-23 12:05:52 Run:1
Running from C:\Users\sangoko\Desktop
Loaded Profiles: sangoko & Společnost (Available profiles: sangoko & Společnost)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKU\S-1-5-21-750613624-948088251-3038114490-1000\...\Run: [Google Update] => C:\Users\sangoko\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-07-24] (Google Inc.)
HKU\S-1-5-21-750613624-948088251-3038114490-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [4811032 2014-09-26] (Piriform Ltd)
Startup: C:\Users\sangoko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\wandoujia_helper.lnk [2014-12-17]
ShortcutTarget: wandoujia_helper.lnk -> C:\Users\sangoko\AppData\Roaming\Wandoujia2\Applications\2.76.0.7151\wandoujia_helper.exe ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-750613624-948088251-3038114490-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = ?type=hppp&ts=1432140622&from=xtab&uid=EE37F7F59F8C4eb7ACB70257A39DCFE8
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = web/?type=dspp&ts=1432140622&from=xtab&uid=EE37F7F59F8C4eb7ACB70257A39DCFE8&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = ?type=hppp&ts=1432140622&from=xtab&uid=EE37F7F59F8C4eb7ACB70257A39DCFE8
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = web/?type=dspp&ts=1432140622&from=xtab&uid=EE37F7F59F8C4eb7ACB70257A39DCFE8&q={searchTerms}
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\S-1-5-21-750613624-948088251-3038114490-1000\Software\Microsoft\Internet Explorer\Main,Start Page = ?type=hppp&ts=1432140622&from=xtab&uid=EE37F7F59F8C4eb7ACB70257A39DCFE8
HKU\S-1-5-21-750613624-948088251-3038114490-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = www.bing.com
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = web/?type=dspp&ts=1432140622&from=xtab&uid=EE37F7F59F8C4eb7ACB70257A39DCFE8&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Toolbar: HKU\.DEFAULT -> No Name - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - No File
Toolbar: HKU\.DEFAULT -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File

2015-05-21 23:27 - 2015-05-21 23:27 - 00000021 _____ () C:\folders.log
2015-05-21 23:27 - 2015-05-21 23:27 - 00000000 ____D () C:\zoek
2015-05-21 22:59 - 2015-05-21 23:38 - 00070930 _____ () C:\zoek-results.log
2015-05-21 22:56 - 2015-05-21 23:38 - 00003672 _____ () C:\runcheck.txt
2015-05-21 22:56 - 2015-05-21 23:37 - 00000000 ____D () C:\zoek_backup
2015-05-21 22:56 - 2015-05-21 22:56 - 01308672 _____ () C:\Users\sangoko\Desktop\zoek.exe
2015-05-21 20:21 - 2015-05-21 20:27 - 00000000 ____D () C:\AdwCleaner
2015-05-21 20:20 - 2015-05-21 20:20 - 02223104 _____ () C:\Users\sangoko\Desktop\adwcleaner_4.205.exe
2015-05-21 17:34 - 2015-05-21 17:34 - 00016390 _____ () C:\Users\sangoko\Desktop\Addition.zip
2015-05-21 17:24 - 2015-05-21 17:25 - 00056800 _____ () C:\Users\sangoko\Desktop\Addition.txt
2015-05-21 17:23 - 2015-05-22 14:55 - 00024785 _____ () C:\Users\sangoko\Desktop\FRST.txt
C:\Users\sangoko\AppData\Roaming\Wandoujia2
2015-05-21 17:09 - 2015-05-21 17:10 - 00000000 ____D () C:\Program Files\trend micro
2015-05-21 17:09 - 2015-05-21 17:09 - 00000000 ____D () C:\rsit
2015-05-21 07:21 - 2015-05-21 07:21 - 00019984 _____ () C:\Windows\system32\Drivers\EsgScanner.sys
2015-05-21 07:21 - 2015-05-21 07:21 - 00000000 ____D () C:\Program Files\Enigma Software Group
2015-05-20 13:04 - 2015-05-20 13:04 - 00000000 ____D () C:\Users\sangoko\AppData\Roaming\AVG
2015-05-20 13:03 - 2015-05-20 13:03 - 00000000 ____D () C:\Users\sangoko\AppData\Local\Avg
2015-05-20 13:03 - 2015-05-20 13:03 - 00000000 ____D () C:\Program Files\AVG

2015-05-22 14:52 - 2015-04-12 19:10 - 00000446 ____H () C:\Windows\Tasks\User_Feed_Synchronization-{7FA545D4-2B59-4223-87BD-BC37232271A9}.job
2015-05-22 14:39 - 2014-10-24 08:02 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-22 14:26 - 2014-10-24 08:02 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-22 14:25 - 2014-10-22 15:56 - 00000918 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-750613624-948088251-3038114490-1000Core.job
2015-05-21 14:58 - 2014-10-23 16:51 - 00000440 ____H () C:\Windows\Tasks\User_Feed_Synchronization-{1FD776CB-3058-4844-897A-E17B4997AABB}.job
2015-05-17 12:10 - 2014-10-22 15:56 - 00000970 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-750613624-948088251-3038114490-1000UA.job

File: C:\Windows\System32\lxducoms.exe

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated) => Error: No automatic fix found for this entry.
HKU\S-1-5-21-750613624-948088251-3038114490-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update => value Deleted successfully.
HKU\S-1-5-21-750613624-948088251-3038114490-1000\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => value Deleted successfully.
C:\Users\sangoko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\wandoujia_helper.lnk => Moved successfully.
C:\Users\sangoko\AppData\Roaming\Wandoujia2\Applications\2.76.0.7151\wandoujia_helper.exe => Moved successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => Key Deleted successfully.
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => Key not found.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key Deleted successfully.
"HKU\S-1-5-21-750613624-948088251-3038114490-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key Deleted successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Search Page => value Deleted successfully.
HKU\S-1-5-21-750613624-948088251-3038114490-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKU\S-1-5-21-750613624-948088251-3038114490-1000\Software\Microsoft\Internet Explorer\Main\\Search Bar => value Deleted successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => Key Deleted successfully.
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found.
"HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" => Key Deleted successfully.
HKCR\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key not found.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value Deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value Deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{1017A80C-6F09-4548-A84D-EDD6AC9525F0} => value Deleted successfully.
HKCR\CLSID\{1017A80C-6F09-4548-A84D-EDD6AC9525F0} => Key not found.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value Deleted successfully.
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Key not found.
C:\folders.log => Moved successfully.
C:\zoek => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\runcheck.txt => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\sangoko\Desktop\zoek.exe => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\sangoko\Desktop\adwcleaner_4.205.exe => Moved successfully.
C:\Users\sangoko\Desktop\Addition.zip => Moved successfully.
C:\Users\sangoko\Desktop\Addition.txt => Moved successfully.
C:\Users\sangoko\Desktop\FRST.txt => Moved successfully.
C:\Users\sangoko\AppData\Roaming\Wandoujia2 => Moved successfully.
C:\Program Files\trend micro => Moved successfully.
C:\rsit => Moved successfully.
C:\Windows\system32\Drivers\EsgScanner.sys => Moved successfully.
C:\Program Files\Enigma Software Group => Moved successfully.
C:\Users\sangoko\AppData\Roaming\AVG => Moved successfully.
C:\Users\sangoko\AppData\Local\Avg => Moved successfully.
C:\Program Files\AVG => Moved successfully.
C:\Windows\Tasks\User_Feed_Synchronization-{7FA545D4-2B59-4223-87BD-BC37232271A9}.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-750613624-948088251-3038114490-1000Core.job => Moved successfully.
C:\Windows\Tasks\User_Feed_Synchronization-{1FD776CB-3058-4844-897A-E17B4997AABB}.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-750613624-948088251-3038114490-1000UA.job => Moved successfully.

========================= File: C:\Windows\System32\lxducoms.exe ========================

MD5: 7B138CF1F964A697E628192EDCD8BFB0
Creation and modification date: 2010-09-11 00:49 - 2008-05-24 02:58
Size: 0594600
Attributes: ----A
Company Name:
Internal Name: GN__coms.exe
Original Name: GN__coms.exe
Product Name: Printer Communication System
Description: Printer Communication System
File Version: 8.4.13.0
Product Version: 8.4.13.0
Copyright:

====== End Of File: ======

C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 876.6 MB temporary data.


The system needed a reboot.

==== End of Fixlog 12:11:17 ====

[vyosek]

Jak se chova PC??