Synátorovi se podařilo natáhnout do notebooku vir, Eset ho odsstranil, nicméně se notebook stále chová zpomaleně.
Prosím o kontrolu. Děkuji
Logfile of random's system information tool 1.10 (written by random/random)
Run by Ondřej at 2015-06-17 14:42:43
Microsoft Windows 8.1
System drive C: has 473 GB (68%) free of 692 GB
Total RAM: 8005 MB (77% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:42:49, on 17. 6. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Ondřej\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Users\Ondřej\AppData\Local\MEGAsync\MEGAsync.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
C:\Users\Ondřej\AppData\Roaming\AVAST Software\Browser Cleanup\BCUSched.exe
C:\Program Files\trend micro\Ondřej.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [BakupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -k -h
O4 - HKLM\..\Run: [Dolby Home Theater v4] "C:\Dolby PCEE4\pcee4.exe" -autostart
O4 - HKLM\..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKCU\..\Run: [iCloudDrive] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Ondřej\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Ondřej\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\Ondřej\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
O4 - Startup: Dropbox.lnk = ?
O4 - Startup: MEGAsync.lnk = ?
O4 - Global Startup: Acer Backup Manager Tray.lnk = C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - (no file)
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Device Fast-lane Service (DeviceFastLaneService) - Acer Incorporated - C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Freemake Improver - Freemake - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Dritek RF Button Command Service (RfButtonDriverService) - Dritek System INC. - C:\Windows\RfBtnSvc64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Wlan Agent - Atheros - C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe
--
End of file - 11723 bytes
======Listing Processes======
wininit.exe
winlogon.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
"C:\WINDOWS\system32\nvvsvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session -first
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
dashost.exe {8a2d3810-e047-4b6e-896382cd2a9c6695}
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
taskhostex.exe
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
"C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe"
C:\WINDOWS\Explorer.EXE
"C:\Program Files (x86)\Launch Manager\LMutilps32.exe" --system-level --system-level-mutex="Local\{B904A927-FE6B-48fd-8C83-6B807BED1F9C}" --enable-wmi-window --enable-setforeground-window --enable-kbhook-window
"C:\Program Files (x86)\Launch Manager\LManager.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe" SERVICE
"C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe"
C:\Windows\RfBtnSvc64.exe
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe"
"C:\Program Files\Acer\Acer Power Management\ePowerTray.exe"
"C:\WINDOWS\system32\GWX\GWX.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
"C:\WINDOWS\system32\igfxext.exe" -Embedding
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files\Elantech\ETDCtrl.exe"
"c:\Program Files (x86)\Bluetooth Suite\BtTray.exe"
"c:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files\iTunes\iTunesHelper.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
C:\WINDOWS\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe"
"C:\Users\Ondřej\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Users\Ondřej\AppData\Local\MEGAsync\MEGAsync.exe"
"C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -k -h
"C:\Dolby PCEE4\pcee4.exe" -autostart
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe"
"C:\WINDOWS\system32\igfxsrvc.exe" -Embedding
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe"
C:\WINDOWS\sysWOW64\wbem\wmiprvse.exe -Embedding
"C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe"
"C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe"
"C:\Users\Ondřej\AppData\Roaming\AVAST Software\Browser Cleanup\BCUSched.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-5d6ff489-d0dd-4713-8a2a-6d63bd99c63c -SystemEventPortName:HostProcess-b02df888-4513-4f86-8016-108e1bfc3d4b -IoCancelEventPortName:HostProcess-55ce6f61-7916-449c-9384-87937f69d7d5 -NonStateChangingEventPortName:HostProcess-173a94ec-da43-42f2-b94b-b1ef437dcacf -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:d722da6b-87d0-436e-ae83-f7591cd468e2 -DeviceGroupId:WudfDefaultDevicePool
"C:\Program Files\EgisTec IPS\PMMUpdate.exe"
"C:\Program Files\EgisTec IPS\EgisUpdate.exe"
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 568 572 580 65536 576
"C:\Users\Ondřej\Downloads\RSITx64.exe"
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player PPAPI Notifier.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_160_pepper.exe -check pepperplugin
C:\WINDOWS\tasks\DropboxUpdateTaskUserS-1-5-21-959826868-2704866173-1510423850-1002Core.job - C:\Users\Ondřej\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c
C:\WINDOWS\tasks\DropboxUpdateTaskUserS-1-5-21-959826868-2704866173-1510423850-1002UA.job - C:\Users\Ondřej\AppData\Local\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\z4zx0szz.default-1432210523777
prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/?clid=22668"
prefs.js - "keyword.URL" - "http://search.seznam.cz/?sourceid=quick ... earchTerms}&"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.169 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.45.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.169 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL
C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\z4zx0szz.default-1432210523777\searchplugins\
seznam-avast.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2014-01-29 171992]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2014-01-29 399832]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2014-01-29 442328]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-06-11 12503184]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2012-06-07 1212048]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2012-08-10 2864016]
"BtPreLoad"=C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe [2012-08-01 64640]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2015-04-07 169768]
"gpuminer"=C:\Users\Ondřej\AppData\Roaming\cpuminer\sgminer\sgminer.cmd [2015-05-02 96]
"cpuminer"=C:\WINDOWS\system32\cpuminer-gw64.exe [2015-06-04 1353504]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2015-01-28 5595848]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"iCloudServices"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [2014-11-21 43816]
"ApplePhotoStreams"=C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [2014-11-21 43816]
"iCloudDrive"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [2014-11-21 43816]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-02-19 7416088]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"cz.seznam.software.autoupdate"=C:\Users\Ondřej\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Ondřej\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
"Dropbox Update"=C:\Users\Ondřej\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-16 134512]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BakupManagerTray"=C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [2012-08-23 533568]
"Dolby Home Theater v4"=C:\Dolby PCEE4\pcee4.exe [2012-04-23 508256]
"Norton Online Backup"=C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2012-07-11 2995904]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-04-30 334896]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19 1022152]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Acer Backup Manager Tray.lnk - C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Users\Ondřej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Ondřej\AppData\Roaming\Dropbox\bin\Dropbox.exe
MEGAsync.lnk - C:\Users\Ondřej\AppData\Local\MEGAsync\MEGAsync.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2014-01-29 442880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableCAD"=1
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-06-17 14:42:44 ----D---- C:\Program Files\trend micro
2015-06-17 14:42:43 ----D---- C:\rsit
2015-06-16 20:46:30 ----D---- C:\Users\Ondřej\AppData\Roaming\OpenOffice
2015-06-16 20:44:03 ----D---- C:\Program Files (x86)\OpenOffice 4
2015-06-16 11:58:23 ----D---- C:\ProgramData\Dropbox
2015-06-14 23:06:39 ----D---- C:\Users\Ondřej\AppData\Roaming\ESET
2015-06-14 23:02:50 ----D---- C:\ProgramData\ESET
2015-06-14 23:02:50 ----D---- C:\Program Files\ESET
2015-06-14 22:58:38 ----D---- C:\Users\Ondřej\AppData\Roaming\AVAST Software
2015-06-14 21:13:19 ----D---- C:\Program Files (x86)\ESET
2015-06-14 20:43:40 ----D---- C:\ProgramData\caee331200003334
2015-06-13 10:43:08 ----D---- C:\Users\Ondřej\AppData\Roaming\LightningDownloader
2015-06-11 17:00:45 ----D---- C:\Program Files (x86)\Seznam.cz
2015-06-11 17:00:16 ----D---- C:\Users\Ondřej\AppData\Roaming\Seznam.cz
2015-06-11 17:00:01 ----D---- C:\Users\Ondřej\AppData\Roaming\cpuminer
2015-06-11 16:57:27 ----D---- C:\ProgramData\17321103469212414188
2015-06-11 16:56:15 ----D---- C:\ProgramData\{8b351d9c-443d-358b-8b35-51d9c4437671}
2015-06-09 20:45:35 ----A---- C:\WINDOWS\SYSWOW64\msftedit.dll
2015-06-09 20:45:34 ----A---- C:\WINDOWS\system32\msftedit.dll
2015-06-09 20:45:32 ----A---- C:\WINDOWS\system32\puiobj.dll
2015-06-09 20:45:31 ----A---- C:\WINDOWS\SYSWOW64\puiobj.dll
2015-06-09 20:45:31 ----A---- C:\WINDOWS\system32\localspl.dll
2015-06-09 20:45:31 ----A---- C:\WINDOWS\system32\compstui.dll
2015-06-09 20:45:28 ----A---- C:\WINDOWS\system32\rastapi.dll
2015-06-09 20:45:27 ----A---- C:\WINDOWS\SYSWOW64\rastapi.dll
2015-06-09 20:45:26 ----A---- C:\WINDOWS\system32\UtcResources.dll
2015-06-09 20:45:26 ----A---- C:\WINDOWS\system32\diagtrack.dll
2015-06-09 20:45:25 ----A---- C:\WINDOWS\SYSWOW64\authz.dll
2015-06-09 20:45:24 ----A---- C:\WINDOWS\system32\authz.dll
2015-06-09 20:45:04 ----A---- C:\WINDOWS\SYSWOW64\rgb9rast.dll
2015-06-09 20:45:02 ----A---- C:\WINDOWS\system32\win32k.sys
2015-06-09 20:45:01 ----A---- C:\WINDOWS\system32\mssrch.dll
2015-06-09 20:45:00 ----A---- C:\WINDOWS\SYSWOW64\mssrch.dll
2015-06-09 20:45:00 ----A---- C:\WINDOWS\system32\tquery.dll
2015-06-09 20:44:59 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2015-06-09 20:44:59 ----A---- C:\WINDOWS\system32\SearchIndexer.exe
2015-06-09 20:44:59 ----A---- C:\WINDOWS\system32\mssph.dll
2015-06-09 20:44:58 ----A---- C:\WINDOWS\SYSWOW64\SearchProtocolHost.exe
2015-06-09 20:44:58 ----A---- C:\WINDOWS\SYSWOW64\SearchIndexer.exe
2015-06-09 20:44:58 ----A---- C:\WINDOWS\SYSWOW64\mssph.dll
2015-06-09 20:44:58 ----A---- C:\WINDOWS\system32\SearchProtocolHost.exe
2015-06-09 20:44:58 ----A---- C:\WINDOWS\system32\mssvp.dll
2015-06-09 20:44:57 ----A---- C:\WINDOWS\SYSWOW64\mssvp.dll
2015-06-09 20:44:57 ----A---- C:\WINDOWS\system32\mssphtb.dll
2015-06-09 20:44:56 ----A---- C:\WINDOWS\SYSWOW64\UIAutomationCore.dll
2015-06-09 20:44:56 ----A---- C:\WINDOWS\system32\UIAutomationCore.dll
2015-06-09 20:44:54 ----AC---- C:\WINDOWS\system32\drivers\USBXHCI.SYS
2015-06-09 20:44:53 ----A---- C:\WINDOWS\system32\comctl32.dll
2015-06-09 20:44:51 ----A---- C:\WINDOWS\SYSWOW64\comctl32.dll
2015-06-09 20:44:48 ----A---- C:\WINDOWS\system32\mshtml.dll
2015-06-09 20:44:45 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2015-06-09 20:44:39 ----A---- C:\WINDOWS\system32\jscript9.dll
2015-06-09 20:44:38 ----A---- C:\WINDOWS\system32\wininet.dll
2015-06-09 20:44:37 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2015-06-09 20:44:36 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2015-06-09 20:44:35 ----A---- C:\WINDOWS\system32\ieframe.dll
2015-06-09 20:44:34 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2015-06-09 20:44:33 ----A---- C:\WINDOWS\system32\urlmon.dll
2015-06-09 20:44:33 ----A---- C:\WINDOWS\system32\iertutil.dll
2015-06-09 20:44:32 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2015-06-09 20:44:32 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2015-06-09 20:44:32 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2015-06-09 20:44:31 ----A---- C:\WINDOWS\system32\actxprxy.dll
2015-06-09 20:44:30 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2015-06-09 20:44:30 ----A---- C:\WINDOWS\system32\vbscript.dll
2015-06-09 20:44:29 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2015-06-09 20:44:29 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2015-06-09 20:44:29 ----A---- C:\WINDOWS\system32\msfeeds.dll
2015-06-09 20:44:28 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2015-06-09 20:44:28 ----A---- C:\WINDOWS\system32\jscript.dll
2015-06-09 20:44:28 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2015-06-09 20:44:27 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2015-06-09 20:44:27 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2015-06-09 20:44:26 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2015-06-09 20:44:26 ----A---- C:\WINDOWS\SYSWOW64\actxprxy.dll
2015-06-09 20:44:26 ----A---- C:\WINDOWS\system32\webcheck.dll
2015-06-09 20:44:26 ----A---- C:\WINDOWS\system32\mshtmled.dll
2015-06-09 20:44:26 ----A---- C:\WINDOWS\system32\dxtrans.dll
2015-06-09 20:44:25 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2015-06-09 20:44:25 ----A---- C:\WINDOWS\system32\ieui.dll
2015-06-09 20:44:25 ----A---- C:\WINDOWS\system32\iepeers.dll
2015-06-09 20:44:25 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2015-06-09 20:44:24 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2015-06-09 20:44:24 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll
2015-06-09 20:44:24 ----A---- C:\WINDOWS\system32\inetcomm.dll
2015-06-05 18:38:45 ----A---- C:\WINDOWS\system32\invagent.dll
2015-06-05 18:38:45 ----A---- C:\WINDOWS\system32\generaltel.dll
2015-06-05 18:38:45 ----A---- C:\WINDOWS\system32\appraiser.dll
2015-06-05 18:38:45 ----A---- C:\WINDOWS\system32\aepic.dll
2015-06-05 18:38:45 ----A---- C:\WINDOWS\system32\aeinv.dll
2015-06-05 18:38:44 ----A---- C:\WINDOWS\system32\devinv.dll
2015-06-05 18:38:44 ----A---- C:\WINDOWS\system32\aepdu.dll
2015-06-05 18:38:44 ----A---- C:\WINDOWS\system32\acmigration.dll
2015-06-04 14:00:46 ----A---- C:\WINDOWS\system32\cpuminer-gw64.exe
2015-06-03 07:32:51 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-05-20 13:21:33 ----D---- C:\WINDOWS\Migration
======List of files/folders modified in the last 1 month======
2015-06-17 14:42:44 ----RD---- C:\Program Files
2015-06-17 14:42:32 ----D---- C:\WINDOWS\Temp
2015-06-17 14:39:22 ----SD---- C:\Users\Ondřej\AppData\Roaming\Microsoft
2015-06-17 14:33:24 ----D---- C:\WINDOWS\Prefetch
2015-06-17 14:32:49 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2015-06-17 14:32:12 ----D---- C:\Users\Ondřej\AppData\Roaming\Dropbox
2015-06-17 14:15:59 ----D---- C:\WINDOWS\Inf
2015-06-17 14:00:29 ----D---- C:\WINDOWS\system32\sru
2015-06-16 20:45:49 ----SHD---- C:\WINDOWS\Installer
2015-06-16 20:45:49 ----D---- C:\Config.Msi
2015-06-16 20:45:48 ----RD---- C:\WINDOWS\assembly
2015-06-16 20:44:46 ----RSD---- C:\WINDOWS\Fonts
2015-06-16 20:44:03 ----RD---- C:\Program Files (x86)
2015-06-16 20:43:46 ----SHD---- C:\System Volume Information
2015-06-16 19:17:23 ----D---- C:\WINDOWS\system32\config
2015-06-16 11:58:24 ----D---- C:\WINDOWS\Tasks
2015-06-16 11:58:24 ----D---- C:\WINDOWS\system32\Tasks
2015-06-16 11:58:23 ----HD---- C:\ProgramData
2015-06-16 09:27:11 ----D---- C:\WINDOWS\Microsoft.NET
2015-06-15 16:42:08 ----D---- C:\WINDOWS\system32\wdi
2015-06-14 23:07:43 ----D---- C:\WINDOWS\AppReadiness
2015-06-14 23:04:04 ----D---- C:\WINDOWS\system32\drivers
2015-06-14 23:04:03 ----D---- C:\WINDOWS\system32\DriverStore
2015-06-14 20:50:42 ----D---- C:\Windows
2015-06-14 20:38:00 ----D---- C:\WINDOWS\SysWOW64
2015-06-13 17:45:54 ----D---- C:\WINDOWS\rescache
2015-06-13 13:29:07 ----D---- C:\Users\Ondřej\AppData\Roaming\uTorrent
2015-06-12 20:41:36 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-06-12 09:46:45 ----D---- C:\WINDOWS\system32\NDF
2015-06-11 21:19:44 ----D---- C:\WINDOWS\debug
2015-06-11 17:30:00 ----D---- C:\Users\Ondřej\AppData\Roaming\DAEMON Tools Lite
2015-06-11 17:27:09 ----DC---- C:\WINDOWS\Panther
2015-06-11 17:27:04 ----D---- C:\WINDOWS\Minidump
2015-06-11 17:11:20 ----D---- C:\WINDOWS\WinSxS
2015-06-11 17:08:18 ----RD---- C:\WINDOWS\System32
2015-06-11 17:03:42 ----RD---- C:\WINDOWS\ToastData
2015-06-11 17:03:37 ----D---- C:\WINDOWS\SYSWOW64\en-US
2015-06-11 17:03:37 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2015-06-11 17:03:37 ----D---- C:\Program Files\Internet Explorer
2015-06-11 17:03:37 ----D---- C:\Program Files (x86)\Internet Explorer
2015-06-11 17:03:36 ----D---- C:\WINDOWS\system32\en-US
2015-06-11 17:03:36 ----D---- C:\WINDOWS\system32\cs-CZ
2015-06-11 17:03:36 ----D---- C:\WINDOWS\PolicyDefinitions
2015-06-11 14:11:52 ----HD---- C:\Program Files\WindowsApps
2015-06-11 14:06:01 ----D---- C:\Program Files (x86)\Opera
2015-06-10 19:53:31 ----D---- C:\Users\Ondřej\AppData\Roaming\.minecraft
2015-06-10 09:23:22 ----D---- C:\WINDOWS\CbsTemp
2015-06-10 09:22:41 ----D---- C:\ProgramData\Microsoft Help
2015-06-10 09:19:48 ----D---- C:\WINDOWS\system32\MRT
2015-06-10 09:13:48 ----A---- C:\WINDOWS\system32\MRT.exe
2015-06-10 09:01:22 ----A---- C:\WINDOWS\win.ini
2015-06-09 20:43:07 ----D---- C:\WINDOWS\system32\catroot2
2015-06-07 22:53:36 ----SD---- C:\WINDOWS\system32\CompatTel
2015-06-07 22:53:36 ----D---- C:\WINDOWS\system32\appraiser
2015-06-07 22:53:36 ----D---- C:\WINDOWS\apppatch
2015-06-03 18:18:09 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2015-05-30 11:36:57 ----D---- C:\Users\Ondřej\AppData\Roaming\Apple Computer
2015-05-24 11:27:48 ----D---- C:\Program Files (x86)\SpeedFan
2015-05-20 13:21:33 ----SD---- C:\WINDOWS\SYSWOW64\GWX
2015-05-20 13:21:33 ----SD---- C:\WINDOWS\system32\GWX
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 edevmon;edevmon; C:\WINDOWS\system32\DRIVERS\edevmon.sys [2015-03-10 241880]
R0 epfwwfp;epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [2015-03-10 64208]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-07-09 645952]
R0 nvpciflt;nvpciflt; C:\WINDOWS\system32\DRIVERS\nvpciflt.sys [2013-09-05 30496]
R1 ccSet_NARA;NARA Settings Manager; C:\WINDOWS\system32\drivers\NARAx64\0401000.00A\ccSetx64.sys [2012-05-26 168608]
R1 dtsoftbus01;@oem16.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [2015-02-20 283064]
R1 eamonm;eamonm; C:\WINDOWS\system32\DRIVERS\eamonm.sys [2015-03-10 246000]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2015-03-10 169792]
R1 EpfwLWF;@oem33.inf,%EpfwLWF_Desc%;Epfw NDIS LightWeight Filter; C:\WINDOWS\system32\DRIVERS\EpfwLWF.sys [2015-03-10 44632]
R1 mwlPSDFilter;mwlPSDFilter; C:\WINDOWS\system32\DRIVERS\mwlPSDFilter.sys [2012-08-03 22648]
R1 mwlPSDNServ;mwlPSDNServ; C:\WINDOWS\system32\DRIVERS\mwlPSDNServ.sys [2012-08-03 20520]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\WINDOWS\system32\DRIVERS\mwlPSDVDisk.sys [2012-08-03 62776]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2013-08-22 71680]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2015-03-10 222280]
R2 speedfan;speedfan; \??\C:\WINDOWS\SysWOW64\speedfan.sys [2012-12-29 28664]
R3 AthBTPort;@oem9.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\WINDOWS\system32\DRIVERS\btath_flt.sys [2012-08-01 88728]
R3 athr;@athw8x.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\system32\DRIVERS\athw8x.sys [2013-06-18 3680256]
R3 b57xdbd;@oem24.inf,%bcmxd_16bf_svcd%;Broadcom xD Picture Bus Driver Service; C:\WINDOWS\System32\drivers\b57xdbd.sys [2012-06-16 72280]
R3 b57xdmp;@oem24.inf,%BXD_SVCDESC%;Broadcom xD Picture vstorp client drv; C:\WINDOWS\System32\drivers\b57xdmp.sys [2012-06-16 21080]
R3 bScsiMSa;bScsiMSa; C:\WINDOWS\System32\drivers\bScsiMSa.sys [2012-06-19 55384]
R3 bScsiSDa;bScsiSDa; C:\WINDOWS\System32\drivers\bScsiSDa.sys [2012-06-19 70744]
R3 BTATH_A2DP;@oem8.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\WINDOWS\system32\drivers\btath_a2dp.sys [2012-08-01 344216]
R3 btath_avdt;@oem8.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\WINDOWS\system32\drivers\btath_avdt.sys [2012-08-01 114840]
R3 BTATH_BUS;@oem5.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\WINDOWS\System32\drivers\btath_bus.sys [2012-08-01 33944]
R3 BTATH_HCRP;@oem11.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\WINDOWS\System32\drivers\btath_hcrp.sys [2012-08-01 178840]
R3 BTATH_LWFLT;@oem19.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [2012-08-01 76952]
R3 BTATH_RCP;@oem15.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\WINDOWS\System32\drivers\btath_rcp.sys [2012-08-01 135832]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2012-08-01 574616]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2014-11-21 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2014-11-21 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Zařízení Bluetooth (síť PAN); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2014-11-21 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-11-21 81920]
R3 ETD;@oem4.inf,%PS2.DeviceDesc%;ELAN PS/2 Port Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2012-08-10 315280]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2012-10-03 33240]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2014-01-29 5363200]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2012-06-12 4060560]
R3 IntcDAud;@oem20.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2012-08-08 342528]
R3 k57nd60a;@netk57a.inf,%SvcDispName%;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\WINDOWS\system32\DRIVERS\k57nd60a.sys [2013-06-18 425984]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys [2015-03-17 25816]
R3 MEIx64;@oem3.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-07-03 62784]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2010-04-20 18432]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2013-09-05 11273504]
R3 Ps2Kb2Hid;@oem10.inf,%Ps2Kb2Hid.SVCDESC%;PS/2 Keyboard to HID Driver; C:\WINDOWS\System32\drivers\aPs2Kb2Hid.sys [2012-09-13 26736]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2015-04-24 167424]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2010-07-09 17408]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;Zobrazovací zařízení USB (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2014-11-21 212736]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2013-08-22 36864]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2014-11-21 1198080]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\WINDOWS\system32\drivers\mwac.sys [2015-03-17 64216]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-05-01 81088]
R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-01-20 77128]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2012-08-01 207488]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 CCDMonitorService;CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2012-08-24 2435728]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-11-21 38792]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2012-08-21 348784]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2015-01-28 1349576]
R2 Freemake Improver;Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [2014-12-03 108032]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-07-18 165760]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-18 276864]
R2 NOBU;Norton Online Backup; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2012-07-11 3939008]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2012-08-23 259136]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2013-08-30 920864]
R2 RfButtonDriverService;Dritek RF Button Command Service; C:\Windows\RfBtnSvc64.exe [2012-09-13 93296]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-18 364416]
R3 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2012-08-23 658576]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2015-04-07 643880]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc []
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-03-17 1080120]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-09-05 1364256]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-11-21 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2014-01-29 279000]
S3 DeviceFastLaneService;Device Fast-lane Service; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [2012-08-23 468624]
S3 EgisTec Ticket Service;EgisTec Ticket Service; C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2012-07-12 174160]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-09-13 655624]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc []
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-06-03 148080]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o kontrolu
Zdravim 
Pokud nepouzivate, odinstalujte Seznam Software.
Pokud BitCoiny netezite schvalne, tezbu zastavime.
Tohle znate? C:\Users\Ondřej\AppData\Roaming\LightningDownloader
V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).
Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )
Pokud nepouzivate, odinstalujte Seznam Software. Pokud BitCoiny netezite schvalne, tezbu zastavime. Tohle znate? C:\Users\Ondřej\AppData\Roaming\LightningDownloader V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose). Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )
- ukoncete vsechny programy
- kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
- kliknete na Scan, pote na Cleaning
- po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner [Sx].txt), jehoz obsah mi zkopirujte do pristi odpovedi
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Prosím o kontrolu
Taktéž zdravím a děkuji za pomoc.
Vyjádřím se k jednotlivým doporučením:
1. Seznam Software milerád odinstaluji, nicméně při pokusu přes Ccleaner mi to dává hlášku, že mi byl odepřen přístup.
2. Myslím, že BitCoiny nepotřebuji, pryč s nimi.
3. Lightning Downloader jsem úmysleně neinstaloval, předpokládám, že ho tedy nepotřebujeme.
4. Se smazáním dočasných adresářů počítám.
5. V příští odpovědi pošlu log.
Vyjádřím se k jednotlivým doporučením:
1. Seznam Software milerád odinstaluji, nicméně při pokusu přes Ccleaner mi to dává hlášku, že mi byl odepřen přístup.
2. Myslím, že BitCoiny nepotřebuji, pryč s nimi.
3. Lightning Downloader jsem úmysleně neinstaloval, předpokládám, že ho tedy nepotřebujeme.
4. Se smazáním dočasných adresářů počítám.
5. V příští odpovědi pošlu log.
Re: Prosím o kontrolu
# AdwCleaner v4.206 - Log vytvořen 19/06/2015 v 21:28:54
# Aktualizováno 01/06/2015 by Xplode
# Databáze : 2015-06-17.1 [Server]
# Operační system : Windows 8.1 (x64)
# Uživatelské jméno : Ondřej - NTB
# Spuštěno z : C:\Users\Ondřej\Downloads\adwcleaner_4.206.exe
# Nastavení : Čištění
***** [ Služby ] *****
***** [ Soubory / Složky ] *****
Složka Smazáno : C:\ProgramData\caee331200003334
Složka Smazáno : C:\ProgramData\{8b351d9c-443d-358b-8b35-51d9c4437671}
Složka Smazáno : C:\Users\Ondřej\AppData\Roaming\cpuminer
Složka Smazáno : C:\Users\Ondřej\AppData\Roaming\LightningDownloader
Soubor Smazáno : C:\WINDOWS\System32\cpuminer-conf.json
Soubor Smazáno : C:\WINDOWS\System32\cpuminer-gw64.exe
Soubor Smazáno : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\mystartsearch.xml
***** [ Naplánované úlohy ] *****
Úloha Smazáno : amiupdaterExd
Úloha Smazáno : amiupdaterExi
***** [ Zástupci ] *****
***** [ Registry ] *****
Klíč Smazáno : HKLM\SOFTWARE\7cf20e9d-3898-b9e9-9750-f26d30851d46
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{1F831F60-05FB-474D-93A3-42DA68E7EB8F}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Klíč Smazáno : HKCU\Software\Crossbrowse
Klíč Smazáno : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Klíč Smazáno : HKLM\SOFTWARE\mystartsearchSoftware
Klíč Smazáno : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
Klíč Smazáno : HKLM\SOFTWARE\Crossbrowse
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{06B99631-BFA2-3B7A-F58B-D067C2BA59B7}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\cpuminer
***** [ Prohlížeče ] *****
-\\ Internet Explorer v11.0.9600.17840
Nastavení Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Nastavení Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Nastavení Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Nastavení Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
-\\ Mozilla Firefox v38.0.5 (x86 cs)
-\\ Google Chrome v43.0.2357.124
[C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Homepage] : hxxp://www.mystartsearch.com/?type=hp&ts=14341 ... X82NYT0EJT
-\\ Opera v30.0.1835.59
[C:\Users\Ondřej\AppData\Roaming\Opera Software\Opera Stable\Preferences] - Smazáno [Startup_URLs] : hxxp://www.mystartsearch.com/?type=hp&ts=14341 ... X82NYT0EJT
*************************
AdwCleaner[R0].txt - [11104 bytů] - [21/01/2014 17:06:46]
AdwCleaner[R1].txt - [4349 bytů] - [19/06/2015 21:25:11]
AdwCleaner[S0].txt - [10384 bytů] - [21/01/2014 17:08:08]
AdwCleaner[S1].txt - [3411 bytů] - [19/06/2015 21:28:54]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [3469 bytů] ##########
# Aktualizováno 01/06/2015 by Xplode
# Databáze : 2015-06-17.1 [Server]
# Operační system : Windows 8.1 (x64)
# Uživatelské jméno : Ondřej - NTB
# Spuštěno z : C:\Users\Ondřej\Downloads\adwcleaner_4.206.exe
# Nastavení : Čištění
***** [ Služby ] *****
***** [ Soubory / Složky ] *****
Složka Smazáno : C:\ProgramData\caee331200003334
Složka Smazáno : C:\ProgramData\{8b351d9c-443d-358b-8b35-51d9c4437671}
Složka Smazáno : C:\Users\Ondřej\AppData\Roaming\cpuminer
Složka Smazáno : C:\Users\Ondřej\AppData\Roaming\LightningDownloader
Soubor Smazáno : C:\WINDOWS\System32\cpuminer-conf.json
Soubor Smazáno : C:\WINDOWS\System32\cpuminer-gw64.exe
Soubor Smazáno : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\mystartsearch.xml
***** [ Naplánované úlohy ] *****
Úloha Smazáno : amiupdaterExd
Úloha Smazáno : amiupdaterExi
***** [ Zástupci ] *****
***** [ Registry ] *****
Klíč Smazáno : HKLM\SOFTWARE\7cf20e9d-3898-b9e9-9750-f26d30851d46
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{1F831F60-05FB-474D-93A3-42DA68E7EB8F}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Klíč Smazáno : HKCU\Software\Crossbrowse
Klíč Smazáno : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Klíč Smazáno : HKLM\SOFTWARE\mystartsearchSoftware
Klíč Smazáno : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
Klíč Smazáno : HKLM\SOFTWARE\Crossbrowse
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{06B99631-BFA2-3B7A-F58B-D067C2BA59B7}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\cpuminer
***** [ Prohlížeče ] *****
-\\ Internet Explorer v11.0.9600.17840
Nastavení Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Nastavení Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Nastavení Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Nastavení Obnoveno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
-\\ Mozilla Firefox v38.0.5 (x86 cs)
-\\ Google Chrome v43.0.2357.124
[C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Homepage] : hxxp://www.mystartsearch.com/?type=hp&ts=14341 ... X82NYT0EJT
-\\ Opera v30.0.1835.59
[C:\Users\Ondřej\AppData\Roaming\Opera Software\Opera Stable\Preferences] - Smazáno [Startup_URLs] : hxxp://www.mystartsearch.com/?type=hp&ts=14341 ... X82NYT0EJT
*************************
AdwCleaner[R0].txt - [11104 bytů] - [21/01/2014 17:06:46]
AdwCleaner[R1].txt - [4349 bytů] - [19/06/2015 21:25:11]
AdwCleaner[S0].txt - [10384 bytů] - [21/01/2014 17:08:08]
AdwCleaner[S1].txt - [3411 bytů] - [19/06/2015 21:28:54]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [3469 bytů] ##########
Re: Prosím o kontrolu
Ad 1. Přes ovládací panely se mi Seznam software odinstalovat podařilo.
Re: Prosím o kontrolu
ok, jeste zkontrolujeme zbytky po haveti. Dejte log FRST.txt, prilozte i Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Prosím o kontrolu
Tady je log:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-06-2015
Ran by Ondřej (administrator) on NTB on 20-06-2015 07:47:26
Running from C:\Users\Ondřej\Desktop
Loaded Profiles: Ondřej (Available Profiles: Ondřej & UpdatusUser & Administrator)
Platform: Windows 8.1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Atheros) C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Dropbox, Inc.) C:\Users\Ondřej\AppData\Roaming\Dropbox\bin\Dropbox.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Mega Limited) C:\Users\Ondřej\AppData\Local\MEGAsync\MEGAsync.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
(AVAST Software) C:\Users\Ondřej\AppData\Roaming\AVAST Software\Browser Cleanup\bcusched.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1212048 2012-06-07] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2864016 2012-08-10] (ELAN Microelectronics Corp.)
HKLM\...\Run: [BtPreLoad] => C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe [64640 2012-08-01] ()
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKLM\...\Run: [gpuminer] => C:\Users\Ondřej\AppData\Roaming\cpuminer\sgminer\sgminer.cmd
HKLM\...\Run: [cpuminer] => C:\WINDOWS\system32\cpuminer-gw64.exe
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5595848 2015-01-28] (ESET)
HKLM-x32\...\Run: [BakupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [533568 2012-08-23] (NTI Corporation)
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Dolby PCEE4\pcee4.exe [508256 2012-04-23] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2995904 2012-07-11] (Symantec Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-959826868-2704866173-1510423850-1002\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-959826868-2704866173-1510423850-1002\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-959826868-2704866173-1510423850-1002\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-959826868-2704866173-1510423850-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7416088 2015-02-19] (Piriform Ltd)
HKU\S-1-5-21-959826868-2704866173-1510423850-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-959826868-2704866173-1510423850-1002\...\Run: [Dropbox Update] => C:\Users\Ondřej\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-16] (Dropbox, Inc.)
HKU\S-1-5-21-959826868-2704866173-1510423850-1002\...\RunOnce: [SeznamInstall-uninstall:699abbf461f264a5faebfafa90854427] => C:\Users\ONDEJ~1\AppData\Local\Temp\\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe [534528 2015-06-19] () <===== ATTENTION
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer Backup Manager Tray.lnk [2012-09-13]
ShortcutTarget: Acer Backup Manager Tray.lnk -> C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
Startup: C:\Users\Ondřej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-04-23]
ShortcutTarget: Dropbox.lnk -> C:\Users\Ondřej\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Ondřej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2015-02-21]
ShortcutTarget: MEGAsync.lnk -> C:\Users\Ondřej\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ondřej\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ondřej\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ondřej\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ondřej\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ondřej\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ondřej\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ondřej\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ondřej\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Ondřej\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Ondřej\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Ondřej\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Ondřej\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Ondřej\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Ondřej\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-959826868-2704866173-1510423850-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-959826868-2704866173-1510423850-1002\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
HKU\S-1-5-21-959826868-2704866173-1510423850-1002\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
HKU\S-1-5-21-959826868-2704866173-1510423850-1002\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?sourceid=quick ... earchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-959826868-2704866173-1510423850-1002 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?sourceid=quick ... earchTerms}
SearchScopes: HKU\S-1-5-21-959826868-2704866173-1510423850-1002 -> {34D6C85E-4E0A-4609-9D27-16BD0A936CE2} URL =
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\z4zx0szz.default-1432210523777
FF DefaultSearchEngine: Seznam
FF DefaultSearchUrl: hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&
FF SearchEngineOrder.1: Seznam
FF SelectedSearchEngine: Seznam
FF Homepage: https://www.seznam.cz/?clid=22668
FF Keyword.URL: hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-14] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-12] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-12] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-959826868-2704866173-1510423850-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Ondřej\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-13] (Unity Technologies ApS)
FF SearchPlugin: C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\z4zx0szz.default-1432210523777\searchplugins\seznam-avast.xml [2015-06-14]
Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-08]
CHR Extension: (Google Docs) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-08]
CHR Extension: (Google Drive) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-08]
CHR Extension: (Seznam Lištička - Email) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2015-06-11]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2015-06-11]
CHR Extension: (YouTube) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-08]
CHR Extension: (Google Search) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-08]
CHR Extension: (Google Sheets) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-08]
CHR Extension: (Google Wallet) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-08]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2015-06-11]
CHR Extension: (Gmail) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-08]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [207488 2012-08-01] (Qualcomm Atheros Commnucations) [File not signed]
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-11-21] (Microsoft Corporation)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2435728 2012-08-24] (Acer Incorporated)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [468624 2012-08-23] (Acer Incorporated)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1349576 2015-01-28] (ESET)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658576 2012-08-23] (Acer Incorporated)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2014-12-03] (Freemake) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3939008 2012-07-11] (Symantec Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-08-23] (NTI Corporation)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-09-13] (Dritek System INC.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-04-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-04-24] (Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe [81536 2012-08-01] (Atheros) [File not signed]
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-08-01] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-11-21] (Microsoft Corporation)
R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00A\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2015-02-20] (Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [246000 2015-03-10] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [241880 2015-03-10] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [169792 2015-03-10] (ESET)
R2 epfw; C:\Windows\system32\DRIVERS\epfw.sys [222280 2015-03-10] (ESET)
R1 EpfwLWF; C:\Windows\system32\DRIVERS\EpfwLWF.sys [44632 2015-03-10] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [64208 2015-03-10] (ESET)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-03-17] (Malwarebytes Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-09-13] (Dritek System Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-04-24] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-20 07:47 - 2015-06-20 07:48 - 00022762 _____ C:\Users\Ondřej\Desktop\FRST.txt
2015-06-20 07:46 - 2015-06-20 07:46 - 02109952 _____ (Farbar) C:\Users\Ondřej\Desktop\FRST64.exe
2015-06-19 21:24 - 2015-06-19 21:24 - 02231296 _____ C:\Users\Ondřej\Downloads\adwcleaner_4.206.exe
2015-06-18 18:31 - 2015-06-18 18:31 - 00000000 ____D C:\Users\Ondřej\AppData\Local\YoYo_Games_Ltd
2015-06-18 18:31 - 2015-06-18 18:31 - 00000000 ____D C:\Users\Ondřej\AppData\Local\GameMaker8.1
2015-06-18 18:30 - 2015-06-19 21:38 - 00000000 ____D C:\Users\Ondřej\GameMaker 8.1
2015-06-17 17:01 - 2015-06-17 17:01 - 09832680 _____ C:\Users\Ondřej\Downloads\TDM_The_Lab_4.0.zip
2015-06-17 14:42 - 2015-06-17 14:42 - 01222144 _____ C:\Users\Ondřej\Downloads\RSITx64.exe
2015-06-17 14:42 - 2015-06-17 14:42 - 00000000 ____D C:\rsit
2015-06-17 14:42 - 2015-06-17 14:42 - 00000000 ____D C:\Program Files\trend micro
2015-06-16 20:46 - 2015-06-16 20:46 - 00000000 ____D C:\Users\Ondřej\AppData\Roaming\OpenOffice
2015-06-16 20:45 - 2015-06-16 20:45 - 00001116 _____ C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk
2015-06-16 20:45 - 2015-06-16 20:45 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2015-06-16 20:44 - 2015-06-16 20:44 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2015-06-16 20:40 - 2015-06-16 20:41 - 128741109 _____ C:\Users\Ondřej\Downloads\Apache_OpenOffice_4.1.1_Win_x86_install_cs.exe
2015-06-16 11:59 - 2015-06-16 11:59 - 00000000 ____D C:\Users\Ondřej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-06-16 11:58 - 2015-06-20 07:03 - 00000930 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-959826868-2704866173-1510423850-1002UA.job
2015-06-16 11:58 - 2015-06-18 12:03 - 00000878 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-959826868-2704866173-1510423850-1002Core.job
2015-06-16 11:58 - 2015-06-16 11:58 - 00003878 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-959826868-2704866173-1510423850-1002UA
2015-06-16 11:58 - 2015-06-16 11:58 - 00003498 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-959826868-2704866173-1510423850-1002Core
2015-06-16 11:58 - 2015-06-16 11:58 - 00000000 ____D C:\Users\Ondřej\AppData\Local\Dropbox
2015-06-16 11:58 - 2015-06-16 11:58 - 00000000 ____D C:\ProgramData\Dropbox
2015-06-14 23:06 - 2015-06-14 23:06 - 00000000 ____D C:\Users\Ondřej\AppData\Roaming\ESET
2015-06-14 23:06 - 2015-06-14 23:06 - 00000000 ____D C:\Users\Ondřej\AppData\Local\ESET
2015-06-14 23:03 - 2015-06-14 23:04 - 00003184 _____ C:\WINDOWS\System32\Tasks\avastBCLRestart_firefox.exe
2015-06-14 23:02 - 2015-06-14 23:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2015-06-14 23:02 - 2015-06-14 23:02 - 00000000 ____D C:\ProgramData\ESET
2015-06-14 23:02 - 2015-06-14 23:02 - 00000000 ____D C:\Program Files\ESET
2015-06-14 22:58 - 2015-06-14 23:01 - 00004216 _____ C:\WINDOWS\System32\Tasks\avast! BCU UpdateS-1-5-21-959826868-2704866173-1510423850-1002
2015-06-14 22:58 - 2015-06-14 23:01 - 00003366 _____ C:\WINDOWS\System32\Tasks\avastBCLS-1-5-21-959826868-2704866173-1510423850-1002
2015-06-14 22:58 - 2015-06-14 22:58 - 00000000 ____D C:\Users\Ondřej\AppData\Roaming\Microsoft\Windows\Start Menu\avast! Browser Cleanup
2015-06-14 22:58 - 2015-06-14 22:58 - 00000000 ____D C:\Users\Ondřej\AppData\Roaming\AVAST Software
2015-06-14 21:13 - 2015-06-14 21:13 - 00000000 ____D C:\Program Files (x86)\ESET
2015-06-14 20:50 - 2015-06-14 20:50 - 00000808 _____ C:\WINDOWS\PFRO.log
2015-06-14 20:41 - 2015-06-14 20:41 - 00000000 _____ C:\Users\Ondřej\AppData\Local\Temp.dat
2015-06-11 20:07 - 2015-06-19 21:30 - 00002195 _____ C:\WINDOWS\setupact.log
2015-06-11 20:07 - 2015-06-11 20:07 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-06-11 17:20 - 2015-06-14 20:37 - 00000999 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-06-11 17:01 - 2015-06-11 17:01 - 00002279 _____ C:\Users\Default\Desktop\Google Chrome.lnk
2015-06-11 17:01 - 2015-06-11 17:01 - 00002279 _____ C:\Users\Default User\Desktop\Google Chrome.lnk
2015-06-11 17:00 - 2015-06-19 21:35 - 00000000 ____D C:\Users\Ondřej\AppData\Roaming\Seznam.cz
2015-06-11 17:00 - 2015-06-11 17:00 - 00000000 ____D C:\Program Files (x86)\Seznam.cz
2015-06-11 16:57 - 2015-06-13 10:39 - 00000000 ____D C:\ProgramData\17321103469212414188
2015-06-11 14:11 - 2015-06-11 20:51 - 00000000 ____D C:\Users\Ondřej\Desktop\přezkoušení 2. pololetí 2015
2015-06-10 20:25 - 2015-06-10 20:25 - 00000000 ____D C:\Users\Ondřej\Downloads\Fotky_8.6.2015
2015-06-09 20:45 - 2015-05-25 15:23 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-06-09 20:45 - 2015-05-25 15:07 - 01430528 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-06-09 20:45 - 2015-05-21 18:47 - 04177920 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-06-09 20:45 - 2015-04-14 00:37 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2015-06-09 20:45 - 2015-04-14 00:34 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2015-06-09 20:45 - 2015-04-09 00:41 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rgb9rast.dll
2015-06-09 20:45 - 2015-04-09 00:07 - 00410336 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-06-09 20:45 - 2015-04-02 00:42 - 03097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-06-09 20:45 - 2015-04-02 00:30 - 02483712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-06-09 20:45 - 2015-04-01 05:46 - 03633664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2015-06-09 20:45 - 2015-04-01 05:17 - 02551808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2015-06-09 20:45 - 2015-04-01 04:14 - 01920000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2015-06-09 20:45 - 2015-03-20 05:49 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2015-06-09 20:45 - 2015-03-20 05:08 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2015-06-09 20:45 - 2015-03-20 04:37 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2015-06-09 20:45 - 2015-03-20 04:07 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-06-09 20:45 - 2015-03-02 03:43 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastapi.dll
2015-06-09 20:45 - 2015-03-02 03:21 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastapi.dll
2015-06-09 20:44 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-06-09 20:44 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-06-09 20:44 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-06-09 20:44 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-06-09 20:44 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-06-09 20:44 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-06-09 20:44 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2015-06-09 20:44 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-06-09 20:44 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-06-09 20:44 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-06-09 20:44 - 2015-05-23 04:47 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-06-09 20:44 - 2015-05-23 04:43 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-06-09 20:44 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-06-09 20:44 - 2015-05-23 04:38 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-06-09 20:44 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-06-09 20:44 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-06-09 20:44 - 2015-05-23 04:28 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-06-09 20:44 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-06-09 20:44 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-06-09 20:44 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-06-09 20:44 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-06-09 20:44 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-06-09 20:44 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-06-09 20:44 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-06-09 20:44 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-06-09 20:44 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-06-09 20:44 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2015-06-09 20:44 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-06-09 20:44 - 2015-05-22 20:23 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-06-09 20:44 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-06-09 20:44 - 2015-05-22 20:15 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-06-09 20:44 - 2015-05-22 20:09 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-06-09 20:44 - 2015-05-22 20:08 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-06-09 20:44 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-06-09 20:44 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-06-09 20:44 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-06-09 20:44 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-06-09 20:44 - 2015-05-22 19:49 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-06-09 20:44 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-06-09 20:44 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-06-09 20:44 - 2015-04-25 04:34 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2015-06-09 20:44 - 2015-04-25 04:33 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2015-06-09 20:44 - 2015-04-16 08:17 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2015-06-09 20:44 - 2015-04-10 02:40 - 01249280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-06-09 20:44 - 2015-04-10 02:17 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-06-09 20:44 - 2015-04-01 06:21 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2015-06-09 20:44 - 2015-04-01 06:18 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2015-06-09 20:44 - 2015-04-01 06:17 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2015-06-09 20:44 - 2015-04-01 06:08 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2015-06-09 20:44 - 2015-04-01 05:17 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2015-06-09 20:44 - 2015-04-01 04:53 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2015-06-09 20:44 - 2015-04-01 04:53 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2015-06-09 20:44 - 2015-04-01 04:45 - 02749952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2015-06-09 20:44 - 2015-04-01 04:45 - 00699392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2015-06-09 20:44 - 2015-04-01 04:12 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2015-06-07 19:34 - 2015-06-07 19:36 - 147904836 _____ C:\Users\Ondřej\Downloads\mcdata.zip
2015-06-05 18:38 - 2015-05-22 15:08 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-06-05 18:38 - 2015-05-21 15:08 - 01119232 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-06-05 18:38 - 2015-05-21 15:08 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-06-05 18:38 - 2015-05-21 15:08 - 00756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-06-05 18:38 - 2015-05-21 15:08 - 00422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-06-05 18:38 - 2015-05-21 15:08 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2015-06-05 18:38 - 2015-05-21 15:08 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-06-05 18:38 - 2015-04-17 00:07 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-06-04 08:32 - 2015-06-04 08:32 - 00000000 ____D C:\Users\Ondřej\AppData\Local\GWX
2015-06-03 07:32 - 2015-06-11 17:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-06-01 15:57 - 2015-06-01 16:00 - 00000000 ____D C:\Users\Ondřej\Downloads\Sociologie-mládeže-a-rodiny
2015-06-01 15:01 - 2015-06-01 15:01 - 00000000 ____D C:\Users\Ondřej\Downloads\Ivo-Možný---Sociologie-rodiny
2015-05-21 16:29 - 2015-05-21 16:29 - 00003176 _____ C:\WINDOWS\System32\Tasks\{5ABBB7EA-5CBA-4BA6-AF38-77EA56C64BA4}
2015-05-21 14:39 - 2015-05-21 14:39 - 01674929 _____ (TeamExtreme) C:\Users\Ondřej\Downloads\Minecraft(2).exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-20 07:47 - 2015-04-19 16:49 - 00000000 ____D C:\FRST
2015-06-20 07:44 - 2015-04-24 00:09 - 01891616 _____ C:\WINDOWS\WindowsUpdate.log
2015-06-20 07:28 - 2015-05-12 08:14 - 00000000 ____D C:\Users\Ondřej\AppData\Roaming\.minecraft
2015-06-20 07:18 - 2015-05-01 20:54 - 00000892 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2015-06-20 07:02 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-06-20 06:37 - 2015-05-12 17:18 - 00003954 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{910A5F54-3AB1-42A3-923E-F62D4DF77F70}
2015-06-19 21:43 - 2015-02-11 11:51 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-959826868-2704866173-1510423850-1002
2015-06-19 21:31 - 2015-02-21 07:56 - 00000000 ____D C:\Users\Ondřej\AppData\Roaming\Dropbox
2015-06-19 21:31 - 2013-09-19 22:27 - 00000000 ___RD C:\Users\Ondřej\Dropbox
2015-06-19 21:30 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-06-19 21:29 - 2014-01-21 17:05 - 00000000 ____D C:\AdwCleaner
2015-06-19 21:20 - 2015-02-16 15:41 - 00002574 _____ C:\Users\Ondřej\AppData\Roaming\Microsoft\Windows\Start Menu\Seznam.cz.website
2015-06-18 18:30 - 2015-04-24 00:23 - 00000000 ____D C:\Users\Ondřej
2015-06-17 09:38 - 2013-08-22 16:44 - 00509016 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-06-14 23:07 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-06-14 22:42 - 2015-01-03 13:02 - 00000000 ___RD C:\Users\Ondřej\Documents\MEGA
2015-06-14 20:26 - 2015-05-01 20:54 - 00003848 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2015-06-14 20:24 - 2015-02-11 11:07 - 00000000 ____D C:\Users\Ondřej\AppData\Local\Adobe
2015-06-14 20:23 - 2015-03-03 21:45 - 00000000 ___RD C:\Users\Ondřej\iCloudDrive
2015-06-13 17:45 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-06-13 13:29 - 2015-04-13 21:19 - 00000000 ____D C:\Users\Ondřej\AppData\Roaming\uTorrent
2015-06-12 23:22 - 2012-12-23 10:07 - 00000000 ____D C:\Users\Ondřej\Desktop\programy
2015-06-12 20:41 - 2015-02-11 11:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-06-12 09:46 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-06-11 22:36 - 2012-12-22 21:28 - 00000000 ____D C:\Users\Ondřej\Documents\Bluetooth Folder
2015-06-11 17:30 - 2015-02-20 22:49 - 00000000 ____D C:\Users\Ondřej\AppData\Roaming\DAEMON Tools Lite
2015-06-11 17:27 - 2015-04-30 20:50 - 00000000 ____D C:\WINDOWS\Minidump
2015-06-11 17:27 - 2015-04-24 01:02 - 00000000 ___DC C:\WINDOWS\Panther
2015-06-11 17:06 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-06-11 17:03 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2015-06-11 17:03 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-06-11 14:06 - 2015-05-01 20:50 - 00003810 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1430506230
2015-06-11 14:06 - 2015-05-01 20:50 - 00000000 ____D C:\Program Files (x86)\Opera
2015-06-11 14:05 - 2015-05-01 20:50 - 00001067 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-06-10 09:23 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-06-10 09:22 - 2015-02-11 11:06 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-10 09:19 - 2015-04-20 20:41 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-06-10 09:13 - 2015-04-20 20:41 - 140135120 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-06-10 09:01 - 2012-07-26 07:26 - 00000199 _____ C:\WINDOWS\win.ini
2015-06-08 20:22 - 2015-02-22 16:46 - 00000000 ___RD C:\Users\Ondřej\Desktop\sgo
2015-06-08 20:13 - 2012-12-25 13:00 - 00929792 ___SH C:\Users\Ondřej\Desktop\Thumbs.db
2015-06-07 22:53 - 2015-04-21 05:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-06-07 22:53 - 2014-11-21 14:14 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-06-04 14:56 - 2014-01-23 16:26 - 00000000 ___RD C:\Users\Ondřej\Desktop\Elenka
2015-06-03 18:18 - 2014-11-21 14:21 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-06-03 18:18 - 2014-11-21 14:21 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-30 11:37 - 2015-03-03 20:27 - 00000000 ____D C:\Users\Ondřej\AppData\Local\Apple Computer
2015-05-30 11:36 - 2015-03-03 20:27 - 00000000 ____D C:\Users\Ondřej\AppData\Roaming\Apple Computer
2015-05-24 11:27 - 2015-02-12 12:03 - 00000000 ____D C:\Program Files (x86)\SpeedFan
2015-05-23 22:50 - 2015-02-11 11:52 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-05-21 19:54 - 2013-01-04 21:41 - 00438784 ___SH C:\Users\Ondřej\Downloads\Thumbs.db
==================== Files in the root of some directories =======
2015-06-14 20:41 - 2015-06-14 20:41 - 0000000 _____ () C:\Users\Ondřej\AppData\Local\Temp.dat
2015-04-21 21:15 - 2015-04-21 21:15 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Files to move or delete:
====================
C:\Users\ONDEJ~1\AppData\Local\Temp\\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
Some files in TEMP:
====================
C:\Users\Ondřej\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpql7fix.dll
C:\Users\Ondřej\AppData\Local\Temp\InstHelper.exe
C:\Users\Ondřej\AppData\Local\Temp\Quarantine.exe
C:\Users\Ondřej\AppData\Local\Temp\sqlite3.dll
C:\Users\Ondřej\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-06-17 14:50
==================== End of log ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-06-2015
Ran by Ondřej (administrator) on NTB on 20-06-2015 07:47:26
Running from C:\Users\Ondřej\Desktop
Loaded Profiles: Ondřej (Available Profiles: Ondřej & UpdatusUser & Administrator)
Platform: Windows 8.1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Atheros) C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Dropbox, Inc.) C:\Users\Ondřej\AppData\Roaming\Dropbox\bin\Dropbox.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Mega Limited) C:\Users\Ondřej\AppData\Local\MEGAsync\MEGAsync.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
(AVAST Software) C:\Users\Ondřej\AppData\Roaming\AVAST Software\Browser Cleanup\bcusched.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1212048 2012-06-07] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2864016 2012-08-10] (ELAN Microelectronics Corp.)
HKLM\...\Run: [BtPreLoad] => C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe [64640 2012-08-01] ()
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKLM\...\Run: [gpuminer] => C:\Users\Ondřej\AppData\Roaming\cpuminer\sgminer\sgminer.cmd
HKLM\...\Run: [cpuminer] => C:\WINDOWS\system32\cpuminer-gw64.exe
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5595848 2015-01-28] (ESET)
HKLM-x32\...\Run: [BakupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [533568 2012-08-23] (NTI Corporation)
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Dolby PCEE4\pcee4.exe [508256 2012-04-23] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2995904 2012-07-11] (Symantec Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-959826868-2704866173-1510423850-1002\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-959826868-2704866173-1510423850-1002\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-959826868-2704866173-1510423850-1002\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-959826868-2704866173-1510423850-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7416088 2015-02-19] (Piriform Ltd)
HKU\S-1-5-21-959826868-2704866173-1510423850-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-959826868-2704866173-1510423850-1002\...\Run: [Dropbox Update] => C:\Users\Ondřej\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-16] (Dropbox, Inc.)
HKU\S-1-5-21-959826868-2704866173-1510423850-1002\...\RunOnce: [SeznamInstall-uninstall:699abbf461f264a5faebfafa90854427] => C:\Users\ONDEJ~1\AppData\Local\Temp\\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe [534528 2015-06-19] () <===== ATTENTION
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer Backup Manager Tray.lnk [2012-09-13]
ShortcutTarget: Acer Backup Manager Tray.lnk -> C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
Startup: C:\Users\Ondřej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-04-23]
ShortcutTarget: Dropbox.lnk -> C:\Users\Ondřej\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Ondřej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2015-02-21]
ShortcutTarget: MEGAsync.lnk -> C:\Users\Ondřej\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ondřej\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ondřej\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ondřej\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ondřej\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ondřej\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ondřej\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ondřej\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ondřej\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Ondřej\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Ondřej\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Ondřej\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Ondřej\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Ondřej\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Ondřej\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-959826868-2704866173-1510423850-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-959826868-2704866173-1510423850-1002\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
HKU\S-1-5-21-959826868-2704866173-1510423850-1002\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
HKU\S-1-5-21-959826868-2704866173-1510423850-1002\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?sourceid=quick ... earchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-959826868-2704866173-1510423850-1002 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?sourceid=quick ... earchTerms}
SearchScopes: HKU\S-1-5-21-959826868-2704866173-1510423850-1002 -> {34D6C85E-4E0A-4609-9D27-16BD0A936CE2} URL =
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\z4zx0szz.default-1432210523777
FF DefaultSearchEngine: Seznam
FF DefaultSearchUrl: hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&
FF SearchEngineOrder.1: Seznam
FF SelectedSearchEngine: Seznam
FF Homepage: https://www.seznam.cz/?clid=22668
FF Keyword.URL: hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-14] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-12] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-12] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-959826868-2704866173-1510423850-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Ondřej\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-13] (Unity Technologies ApS)
FF SearchPlugin: C:\Users\Ondřej\AppData\Roaming\Mozilla\Firefox\Profiles\z4zx0szz.default-1432210523777\searchplugins\seznam-avast.xml [2015-06-14]
Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-08]
CHR Extension: (Google Docs) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-08]
CHR Extension: (Google Drive) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-08]
CHR Extension: (Seznam Lištička - Email) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2015-06-11]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2015-06-11]
CHR Extension: (YouTube) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-08]
CHR Extension: (Google Search) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-08]
CHR Extension: (Google Sheets) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-08]
CHR Extension: (Google Wallet) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-08]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2015-06-11]
CHR Extension: (Gmail) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-08]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [207488 2012-08-01] (Qualcomm Atheros Commnucations) [File not signed]
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-11-21] (Microsoft Corporation)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2435728 2012-08-24] (Acer Incorporated)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [468624 2012-08-23] (Acer Incorporated)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1349576 2015-01-28] (ESET)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658576 2012-08-23] (Acer Incorporated)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2014-12-03] (Freemake) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3939008 2012-07-11] (Symantec Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-08-23] (NTI Corporation)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-09-13] (Dritek System INC.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-04-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-04-24] (Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe [81536 2012-08-01] (Atheros) [File not signed]
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-08-01] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-11-21] (Microsoft Corporation)
R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00A\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2015-02-20] (Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [246000 2015-03-10] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [241880 2015-03-10] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [169792 2015-03-10] (ESET)
R2 epfw; C:\Windows\system32\DRIVERS\epfw.sys [222280 2015-03-10] (ESET)
R1 EpfwLWF; C:\Windows\system32\DRIVERS\EpfwLWF.sys [44632 2015-03-10] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [64208 2015-03-10] (ESET)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-03-17] (Malwarebytes Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-09-13] (Dritek System Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-04-24] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-20 07:47 - 2015-06-20 07:48 - 00022762 _____ C:\Users\Ondřej\Desktop\FRST.txt
2015-06-20 07:46 - 2015-06-20 07:46 - 02109952 _____ (Farbar) C:\Users\Ondřej\Desktop\FRST64.exe
2015-06-19 21:24 - 2015-06-19 21:24 - 02231296 _____ C:\Users\Ondřej\Downloads\adwcleaner_4.206.exe
2015-06-18 18:31 - 2015-06-18 18:31 - 00000000 ____D C:\Users\Ondřej\AppData\Local\YoYo_Games_Ltd
2015-06-18 18:31 - 2015-06-18 18:31 - 00000000 ____D C:\Users\Ondřej\AppData\Local\GameMaker8.1
2015-06-18 18:30 - 2015-06-19 21:38 - 00000000 ____D C:\Users\Ondřej\GameMaker 8.1
2015-06-17 17:01 - 2015-06-17 17:01 - 09832680 _____ C:\Users\Ondřej\Downloads\TDM_The_Lab_4.0.zip
2015-06-17 14:42 - 2015-06-17 14:42 - 01222144 _____ C:\Users\Ondřej\Downloads\RSITx64.exe
2015-06-17 14:42 - 2015-06-17 14:42 - 00000000 ____D C:\rsit
2015-06-17 14:42 - 2015-06-17 14:42 - 00000000 ____D C:\Program Files\trend micro
2015-06-16 20:46 - 2015-06-16 20:46 - 00000000 ____D C:\Users\Ondřej\AppData\Roaming\OpenOffice
2015-06-16 20:45 - 2015-06-16 20:45 - 00001116 _____ C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk
2015-06-16 20:45 - 2015-06-16 20:45 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2015-06-16 20:44 - 2015-06-16 20:44 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2015-06-16 20:40 - 2015-06-16 20:41 - 128741109 _____ C:\Users\Ondřej\Downloads\Apache_OpenOffice_4.1.1_Win_x86_install_cs.exe
2015-06-16 11:59 - 2015-06-16 11:59 - 00000000 ____D C:\Users\Ondřej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-06-16 11:58 - 2015-06-20 07:03 - 00000930 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-959826868-2704866173-1510423850-1002UA.job
2015-06-16 11:58 - 2015-06-18 12:03 - 00000878 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-959826868-2704866173-1510423850-1002Core.job
2015-06-16 11:58 - 2015-06-16 11:58 - 00003878 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-959826868-2704866173-1510423850-1002UA
2015-06-16 11:58 - 2015-06-16 11:58 - 00003498 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-959826868-2704866173-1510423850-1002Core
2015-06-16 11:58 - 2015-06-16 11:58 - 00000000 ____D C:\Users\Ondřej\AppData\Local\Dropbox
2015-06-16 11:58 - 2015-06-16 11:58 - 00000000 ____D C:\ProgramData\Dropbox
2015-06-14 23:06 - 2015-06-14 23:06 - 00000000 ____D C:\Users\Ondřej\AppData\Roaming\ESET
2015-06-14 23:06 - 2015-06-14 23:06 - 00000000 ____D C:\Users\Ondřej\AppData\Local\ESET
2015-06-14 23:03 - 2015-06-14 23:04 - 00003184 _____ C:\WINDOWS\System32\Tasks\avastBCLRestart_firefox.exe
2015-06-14 23:02 - 2015-06-14 23:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2015-06-14 23:02 - 2015-06-14 23:02 - 00000000 ____D C:\ProgramData\ESET
2015-06-14 23:02 - 2015-06-14 23:02 - 00000000 ____D C:\Program Files\ESET
2015-06-14 22:58 - 2015-06-14 23:01 - 00004216 _____ C:\WINDOWS\System32\Tasks\avast! BCU UpdateS-1-5-21-959826868-2704866173-1510423850-1002
2015-06-14 22:58 - 2015-06-14 23:01 - 00003366 _____ C:\WINDOWS\System32\Tasks\avastBCLS-1-5-21-959826868-2704866173-1510423850-1002
2015-06-14 22:58 - 2015-06-14 22:58 - 00000000 ____D C:\Users\Ondřej\AppData\Roaming\Microsoft\Windows\Start Menu\avast! Browser Cleanup
2015-06-14 22:58 - 2015-06-14 22:58 - 00000000 ____D C:\Users\Ondřej\AppData\Roaming\AVAST Software
2015-06-14 21:13 - 2015-06-14 21:13 - 00000000 ____D C:\Program Files (x86)\ESET
2015-06-14 20:50 - 2015-06-14 20:50 - 00000808 _____ C:\WINDOWS\PFRO.log
2015-06-14 20:41 - 2015-06-14 20:41 - 00000000 _____ C:\Users\Ondřej\AppData\Local\Temp.dat
2015-06-11 20:07 - 2015-06-19 21:30 - 00002195 _____ C:\WINDOWS\setupact.log
2015-06-11 20:07 - 2015-06-11 20:07 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-06-11 17:20 - 2015-06-14 20:37 - 00000999 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-06-11 17:01 - 2015-06-11 17:01 - 00002279 _____ C:\Users\Default\Desktop\Google Chrome.lnk
2015-06-11 17:01 - 2015-06-11 17:01 - 00002279 _____ C:\Users\Default User\Desktop\Google Chrome.lnk
2015-06-11 17:00 - 2015-06-19 21:35 - 00000000 ____D C:\Users\Ondřej\AppData\Roaming\Seznam.cz
2015-06-11 17:00 - 2015-06-11 17:00 - 00000000 ____D C:\Program Files (x86)\Seznam.cz
2015-06-11 16:57 - 2015-06-13 10:39 - 00000000 ____D C:\ProgramData\17321103469212414188
2015-06-11 14:11 - 2015-06-11 20:51 - 00000000 ____D C:\Users\Ondřej\Desktop\přezkoušení 2. pololetí 2015
2015-06-10 20:25 - 2015-06-10 20:25 - 00000000 ____D C:\Users\Ondřej\Downloads\Fotky_8.6.2015
2015-06-09 20:45 - 2015-05-25 15:23 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-06-09 20:45 - 2015-05-25 15:07 - 01430528 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-06-09 20:45 - 2015-05-21 18:47 - 04177920 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-06-09 20:45 - 2015-04-14 00:37 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2015-06-09 20:45 - 2015-04-14 00:34 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2015-06-09 20:45 - 2015-04-09 00:41 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rgb9rast.dll
2015-06-09 20:45 - 2015-04-09 00:07 - 00410336 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-06-09 20:45 - 2015-04-02 00:42 - 03097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-06-09 20:45 - 2015-04-02 00:30 - 02483712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-06-09 20:45 - 2015-04-01 05:46 - 03633664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2015-06-09 20:45 - 2015-04-01 05:17 - 02551808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2015-06-09 20:45 - 2015-04-01 04:14 - 01920000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2015-06-09 20:45 - 2015-03-20 05:49 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2015-06-09 20:45 - 2015-03-20 05:08 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2015-06-09 20:45 - 2015-03-20 04:37 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2015-06-09 20:45 - 2015-03-20 04:07 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-06-09 20:45 - 2015-03-02 03:43 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastapi.dll
2015-06-09 20:45 - 2015-03-02 03:21 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastapi.dll
2015-06-09 20:44 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-06-09 20:44 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-06-09 20:44 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-06-09 20:44 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-06-09 20:44 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-06-09 20:44 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-06-09 20:44 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2015-06-09 20:44 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-06-09 20:44 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-06-09 20:44 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-06-09 20:44 - 2015-05-23 04:47 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-06-09 20:44 - 2015-05-23 04:43 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-06-09 20:44 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-06-09 20:44 - 2015-05-23 04:38 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-06-09 20:44 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-06-09 20:44 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-06-09 20:44 - 2015-05-23 04:28 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-06-09 20:44 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-06-09 20:44 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-06-09 20:44 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-06-09 20:44 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-06-09 20:44 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-06-09 20:44 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-06-09 20:44 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-06-09 20:44 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-06-09 20:44 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-06-09 20:44 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2015-06-09 20:44 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-06-09 20:44 - 2015-05-22 20:23 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-06-09 20:44 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-06-09 20:44 - 2015-05-22 20:15 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-06-09 20:44 - 2015-05-22 20:09 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-06-09 20:44 - 2015-05-22 20:08 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-06-09 20:44 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-06-09 20:44 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-06-09 20:44 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-06-09 20:44 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-06-09 20:44 - 2015-05-22 19:49 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-06-09 20:44 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-06-09 20:44 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-06-09 20:44 - 2015-04-25 04:34 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2015-06-09 20:44 - 2015-04-25 04:33 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2015-06-09 20:44 - 2015-04-16 08:17 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2015-06-09 20:44 - 2015-04-10 02:40 - 01249280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-06-09 20:44 - 2015-04-10 02:17 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-06-09 20:44 - 2015-04-01 06:21 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2015-06-09 20:44 - 2015-04-01 06:18 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2015-06-09 20:44 - 2015-04-01 06:17 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2015-06-09 20:44 - 2015-04-01 06:08 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2015-06-09 20:44 - 2015-04-01 05:17 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2015-06-09 20:44 - 2015-04-01 04:53 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2015-06-09 20:44 - 2015-04-01 04:53 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2015-06-09 20:44 - 2015-04-01 04:45 - 02749952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2015-06-09 20:44 - 2015-04-01 04:45 - 00699392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2015-06-09 20:44 - 2015-04-01 04:12 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2015-06-07 19:34 - 2015-06-07 19:36 - 147904836 _____ C:\Users\Ondřej\Downloads\mcdata.zip
2015-06-05 18:38 - 2015-05-22 15:08 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-06-05 18:38 - 2015-05-21 15:08 - 01119232 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-06-05 18:38 - 2015-05-21 15:08 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-06-05 18:38 - 2015-05-21 15:08 - 00756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-06-05 18:38 - 2015-05-21 15:08 - 00422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-06-05 18:38 - 2015-05-21 15:08 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2015-06-05 18:38 - 2015-05-21 15:08 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-06-05 18:38 - 2015-04-17 00:07 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-06-04 08:32 - 2015-06-04 08:32 - 00000000 ____D C:\Users\Ondřej\AppData\Local\GWX
2015-06-03 07:32 - 2015-06-11 17:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-06-01 15:57 - 2015-06-01 16:00 - 00000000 ____D C:\Users\Ondřej\Downloads\Sociologie-mládeže-a-rodiny
2015-06-01 15:01 - 2015-06-01 15:01 - 00000000 ____D C:\Users\Ondřej\Downloads\Ivo-Možný---Sociologie-rodiny
2015-05-21 16:29 - 2015-05-21 16:29 - 00003176 _____ C:\WINDOWS\System32\Tasks\{5ABBB7EA-5CBA-4BA6-AF38-77EA56C64BA4}
2015-05-21 14:39 - 2015-05-21 14:39 - 01674929 _____ (TeamExtreme) C:\Users\Ondřej\Downloads\Minecraft(2).exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-20 07:47 - 2015-04-19 16:49 - 00000000 ____D C:\FRST
2015-06-20 07:44 - 2015-04-24 00:09 - 01891616 _____ C:\WINDOWS\WindowsUpdate.log
2015-06-20 07:28 - 2015-05-12 08:14 - 00000000 ____D C:\Users\Ondřej\AppData\Roaming\.minecraft
2015-06-20 07:18 - 2015-05-01 20:54 - 00000892 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2015-06-20 07:02 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-06-20 06:37 - 2015-05-12 17:18 - 00003954 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{910A5F54-3AB1-42A3-923E-F62D4DF77F70}
2015-06-19 21:43 - 2015-02-11 11:51 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-959826868-2704866173-1510423850-1002
2015-06-19 21:31 - 2015-02-21 07:56 - 00000000 ____D C:\Users\Ondřej\AppData\Roaming\Dropbox
2015-06-19 21:31 - 2013-09-19 22:27 - 00000000 ___RD C:\Users\Ondřej\Dropbox
2015-06-19 21:30 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-06-19 21:29 - 2014-01-21 17:05 - 00000000 ____D C:\AdwCleaner
2015-06-19 21:20 - 2015-02-16 15:41 - 00002574 _____ C:\Users\Ondřej\AppData\Roaming\Microsoft\Windows\Start Menu\Seznam.cz.website
2015-06-18 18:30 - 2015-04-24 00:23 - 00000000 ____D C:\Users\Ondřej
2015-06-17 09:38 - 2013-08-22 16:44 - 00509016 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-06-14 23:07 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-06-14 22:42 - 2015-01-03 13:02 - 00000000 ___RD C:\Users\Ondřej\Documents\MEGA
2015-06-14 20:26 - 2015-05-01 20:54 - 00003848 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2015-06-14 20:24 - 2015-02-11 11:07 - 00000000 ____D C:\Users\Ondřej\AppData\Local\Adobe
2015-06-14 20:23 - 2015-03-03 21:45 - 00000000 ___RD C:\Users\Ondřej\iCloudDrive
2015-06-13 17:45 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-06-13 13:29 - 2015-04-13 21:19 - 00000000 ____D C:\Users\Ondřej\AppData\Roaming\uTorrent
2015-06-12 23:22 - 2012-12-23 10:07 - 00000000 ____D C:\Users\Ondřej\Desktop\programy
2015-06-12 20:41 - 2015-02-11 11:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-06-12 09:46 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-06-11 22:36 - 2012-12-22 21:28 - 00000000 ____D C:\Users\Ondřej\Documents\Bluetooth Folder
2015-06-11 17:30 - 2015-02-20 22:49 - 00000000 ____D C:\Users\Ondřej\AppData\Roaming\DAEMON Tools Lite
2015-06-11 17:27 - 2015-04-30 20:50 - 00000000 ____D C:\WINDOWS\Minidump
2015-06-11 17:27 - 2015-04-24 01:02 - 00000000 ___DC C:\WINDOWS\Panther
2015-06-11 17:06 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-06-11 17:03 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2015-06-11 17:03 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-06-11 14:06 - 2015-05-01 20:50 - 00003810 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1430506230
2015-06-11 14:06 - 2015-05-01 20:50 - 00000000 ____D C:\Program Files (x86)\Opera
2015-06-11 14:05 - 2015-05-01 20:50 - 00001067 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-06-10 09:23 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-06-10 09:22 - 2015-02-11 11:06 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-10 09:19 - 2015-04-20 20:41 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-06-10 09:13 - 2015-04-20 20:41 - 140135120 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-06-10 09:01 - 2012-07-26 07:26 - 00000199 _____ C:\WINDOWS\win.ini
2015-06-08 20:22 - 2015-02-22 16:46 - 00000000 ___RD C:\Users\Ondřej\Desktop\sgo
2015-06-08 20:13 - 2012-12-25 13:00 - 00929792 ___SH C:\Users\Ondřej\Desktop\Thumbs.db
2015-06-07 22:53 - 2015-04-21 05:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-06-07 22:53 - 2014-11-21 14:14 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-06-04 14:56 - 2014-01-23 16:26 - 00000000 ___RD C:\Users\Ondřej\Desktop\Elenka
2015-06-03 18:18 - 2014-11-21 14:21 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-06-03 18:18 - 2014-11-21 14:21 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-30 11:37 - 2015-03-03 20:27 - 00000000 ____D C:\Users\Ondřej\AppData\Local\Apple Computer
2015-05-30 11:36 - 2015-03-03 20:27 - 00000000 ____D C:\Users\Ondřej\AppData\Roaming\Apple Computer
2015-05-24 11:27 - 2015-02-12 12:03 - 00000000 ____D C:\Program Files (x86)\SpeedFan
2015-05-23 22:50 - 2015-02-11 11:52 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-05-21 19:54 - 2013-01-04 21:41 - 00438784 ___SH C:\Users\Ondřej\Downloads\Thumbs.db
==================== Files in the root of some directories =======
2015-06-14 20:41 - 2015-06-14 20:41 - 0000000 _____ () C:\Users\Ondřej\AppData\Local\Temp.dat
2015-04-21 21:15 - 2015-04-21 21:15 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Files to move or delete:
====================
C:\Users\ONDEJ~1\AppData\Local\Temp\\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
Some files in TEMP:
====================
C:\Users\Ondřej\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpql7fix.dll
C:\Users\Ondřej\AppData\Local\Temp\InstHelper.exe
C:\Users\Ondřej\AppData\Local\Temp\Quarantine.exe
C:\Users\Ondřej\AppData\Local\Temp\sqlite3.dll
C:\Users\Ondřej\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-06-17 14:50
==================== End of log ============================
Re: Prosím o kontrolu
Additional scan result of Farbar Recovery Scan Tool (x64) Version:13-06-2015
Ran by Ondřej at 2015-06-20 07:49:32
Running from C:\Users\Ondřej\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-959826868-2704866173-1510423850-500 - Administrator - Disabled) => C:\Users\Administrator
Guest (S-1-5-21-959826868-2704866173-1510423850-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-959826868-2704866173-1510423850-1016 - Limited - Enabled)
Ondřej (S-1-5-21-959826868-2704866173-1510423850-1002 - Administrator - Enabled) => C:\Users\Ondřej
UpdatusUser (S-1-5-21-959826868-2704866173-1510423850-1011 - Limited - Enabled) => C:\Users\UpdatusUser.ntb
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ESET Smart Security 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personální firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Acer Backup Manager (HKLM-x32\...\InstallShield_{9DDDF20E-9FD1-4434-A43E-E7889DBC9420}) (Version: 4.0.0.0059 - NTI Corporation)
Acer Device Fast-lane (HKLM\...\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}) (Version: 1.00.3007 - Acer Incorporated)
Acer Instant Update Service (HKLM\...\{8215A318-CC27-435E-B3EA-2E3443C8998C}) (Version: 1.00.3013 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3006 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3011 - Acer Incorporated)
AcerCloud (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.01.3115 - Acer Incorporated)
AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.00.3201 - Acer Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 18 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 18.0.0.160 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Any Video Converter 5.7.7 (HKLM-x32\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
avast! Browser Cleanup (HKU\S-1-5-21-959826868-2704866173-1510423850-1002\...\avast! Browser Cleanup) (Version: 10.2.2218.71 - AVAST Software)
Avidemux 2.6 - 64bits (HKLM-x32\...\Avidemux 2.6 - 64bits (64-bit)) (Version: 2.6.8.9046 - )
Backup Manager v4 (x32 Version: 4.0.0.0059 - NTI Corporation) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom Card Reader Driver Installer (HKLM\...\{F0A7DF2F-0BE0-470F-B137-D7A19F977189}) (Version: 15.4.4.2 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.03 - Piriform)
clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.01.3107 - Acer Incorporated)
clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.01.3107 - Acer Incorporated)
clear.fi SDK - Video 2 (x32 Version: 2.1.1910 - CyberLink Corp.) Hidden
clear.fi SDK- Movie 2 (x32 Version: 2.1.1910 - CyberLink Corp.) Hidden
Convert MOV to AVI 1.0 (HKLM-x32\...\{A39EA3C8-7BF3-4FA7-9A67-3D3611BAE59E}_is1) (Version: - convertmovtoavi.com)
CyberLink MediaEspresso 6.5 (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.3103_44819 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.13 - Dolby Laboratories Inc)
Dropbox (HKU\S-1-5-21-959826868-2704866173-1510423850-1002\...\Dropbox) (Version: 3.6.7 - Dropbox, Inc.)
ESET Smart Security (HKLM\...\{E4BA35A7-9715-4405-951E-E60B4ED0C7B0}) (Version: 8.0.312.3 - ESET, spol s r. o.)
ETDWare PS/2-X64 11.6.4.001_WHQL (HKLM\...\Elantech) (Version: 11.6.4.001 - ELAN Microelectronic Corp.)
Fire Captain version 1.0 (HKLM-x32\...\{EFE597CD-937C-4388-AA52-E6B698112282}_is1) (Version: 1.0 - Brigades)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Freemake Video Converter verze 4.1.5 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.5 - Ellora Assets Corporation)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.2.69.5227 - Gretech Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.124 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3004 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Launch Manager (HKLM-x32\...\LManager) (Version: 7.0.4 - Acer Inc.)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3003 - Acer Incorporated)
Malwarebytes Anti-Malware verze 2.1.4.1018 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft Office Standard 2010 (HKLM-x32\...\Office14.STANDARD) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 38.0.5 (x86 cs) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 cs)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0.5 - Mozilla)
MuseScore 1.3 (HKLM-x32\...\MuseScore) (Version: 1.3.0 - Werner Schweer and Others)
MyWinLocker (Version: 4.0.14.35 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.35 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.24 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.24 - Egis Technology Inc.) Hidden
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.2.3.45 - Symantec Corporation)
Norton Online Backup ARA (x32 Version: 4.1.0.10 - Symantec Corporation) Hidden
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.9008 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.9008 - NTI Corporation) Hidden
NVIDIA Ovladače grafiky 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.12.0613 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0613 - NVIDIA Corporation)
NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.01.3200 - Acer)
OpenOffice 4.1.1 (HKLM-x32\...\{C560D6E7-E40A-435D-8B71-62CBCF1701B2}) (Version: 4.11.9775 - Apache Software Foundation)
Opera Stable 30.0.1835.59 (HKLM-x32\...\Opera 30.0.1835.59) (Version: 30.0.1835.59 - Opera Software)
Ovládací panel NVIDIA 327.02 (Version: 327.02 - NVIDIA Corporation) Hidden
Podpora aplikací Apple (64bitová) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.204 - Qualcomm Atheros Communications)
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 11.05 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6657 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARD_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Unity Web Player (HKU\S-1-5-21-959826868-2704866173-1510423850-1002\...\UnityWebPlayer) (Version: 4.6.2f1 - Unity Technologies ApS)
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-959826868-2704866173-1510423850-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Ondřej\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-959826868-2704866173-1510423850-1002_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Ondřej\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-959826868-2704866173-1510423850-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ondřej\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-959826868-2704866173-1510423850-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ondřej\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-959826868-2704866173-1510423850-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ondřej\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-959826868-2704866173-1510423850-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ondřej\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-959826868-2704866173-1510423850-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ondřej\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-959826868-2704866173-1510423850-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ondřej\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-959826868-2704866173-1510423850-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ondřej\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-959826868-2704866173-1510423850-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ondřej\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
==================== Restore Points =========================
28-05-2015 20:36:06 Naplánovaný kontrolní bod
05-06-2015 20:34:51 Windows Update
10-06-2015 08:53:04 Windows Update
14-06-2015 20:45:56 Removed Podpora aplikací Apple (32bitová)
16-06-2015 20:42:55 Nainstalováno: OpenOffice 4.1.1
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {16312601-0516-42A4-A134-DC480E5A64C4} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattel\DiagTrackRunner.exe [2015-03-16] (Microsoft Corporation)
Task: {1778FA18-F9D9-4706-8D10-0D03C78FEBC3} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-959826868-2704866173-1510423850-1002Core => C:\Users\Ondřej\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-16] (Dropbox, Inc.)
Task: {1A3EF5D0-A88F-4113-903B-3D0ECE285CF1} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2012-08-23] (Acer Incorporated)
Task: {1EEC3745-D35F-43ED-B312-22D0C7C21266} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-06] (Microsoft Corporation)
Task: {30CB288C-6BF9-42BE-AE51-0CFA6103CBE5} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2012-07-04] (CyberLink)
Task: {36A21B1E-3CFE-471C-A80B-B420610967D1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {41D7949E-B659-4F93-833A-5E01E5F838B9} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: {52FDA480-7A39-4551-9BC0-70A32D2AD09C} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_160_pepper.exe [2015-06-14] (Adobe Systems Incorporated)
Task: {58F0BEF2-D76C-4760-BA4B-AC472B252869} - System32\Tasks\iuEmailOutlookAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe [2012-08-23] ()
Task: {61B1BC15-E338-4A5D-822D-9909DCDA98D9} - System32\Tasks\Opera scheduled Autoupdate 1430506230 => C:\Program Files (x86)\Opera\launcher.exe [2015-06-10] (Opera Software)
Task: {626B3A8C-37F6-4ED3-A637-CEEF3044109E} - System32\Tasks\avastBCLS-1-5-21-959826868-2704866173-1510423850-1002 => C:\Users\Ondřej\AppData\Roaming\AVAST Software\Browser Cleanup\BCUSched.exe [2015-06-16] (AVAST Software)
Task: {672ECD12-730D-47BD-A56D-1B9D16D3F2FE} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2012-06-22] ()
Task: {7CF33B46-B823-48C5-B00C-C56C1CA3E565} - System32\Tasks\{5ABBB7EA-5CBA-4BA6-AF38-77EA56C64BA4} => pcalua.exe -a C:\Users\Ondřej\Downloads\forge-1.8-11.14.1.1334-installer-win.exe -d C:\Users\Ondřej\Downloads
Task: {87BCC9DD-AB04-4E35-902F-631342D5C975} - System32\Tasks\avast! BCU UpdateS-1-5-21-959826868-2704866173-1510423850-1002 => C:\Users\Ondřej\AppData\Roaming\AVAST Software\Browser Cleanup\BCUUpdate.exe [2015-03-18] (AVAST Software)
Task: {8BAB3741-36BD-4876-B4D9-19687EDCFDF1} - System32\Tasks\avastBCLRestart_firefox.exe => Firefox.exe
Task: {8D8E3A42-28F6-4A42-B3EB-044ACC5F54B7} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {9CDDFF3B-783A-4B78-A2E3-C9986050F509} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {B5B9C766-C25D-454C-BDAA-EE1283C8AAB0} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-959826868-2704866173-1510423850-1002UA => C:\Users\Ondřej\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-16] (Dropbox, Inc.)
Task: {C0938463-5D53-4F28-8E6E-D5711EA29118} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-02-19] (Piriform Ltd)
Task: {D445C20E-2FF2-42ED-9C6B-0CE7C270AD4A} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {E81148B5-7EE7-404A-989D-FFC3CFCBE901} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2012-08-24] ()
Task: {F155A46C-021D-424A-94F6-1749FAF98DDF} - System32\Tasks\iuBrowserIEAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe [2012-08-23] ()
Task: {F1BB79CB-FF1A-45F7-B9C3-C7EDBB4E1C98} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {FD5869C3-622D-447F-966D-D1203F1AB49C} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_160_pepper.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-959826868-2704866173-1510423850-1002Core.job => C:\Users\OndYej\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-959826868-2704866173-1510423850-1002UA.job => C:\Users\OndYej\AppData\Local\Dropbox\Update\DropboxUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2013-09-05 02:36 - 2013-09-05 02:36 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2015-02-13 05:20 - 2015-02-13 05:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-02-13 05:20 - 2015-02-13 05:20 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-05-01 16:13 - 2014-05-01 16:13 - 00470016 _____ () C:\Users\Ondřej\AppData\Local\MEGAsync\ShellExtX64.dll
2012-06-22 03:12 - 2012-06-22 03:12 - 01407568 _____ () C:\Program Files (x86)\EgisTec MyWinLocker\x64\LIBEAY32.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-08-01 02:45 - 2012-08-01 02:45 - 00384128 _____ () c:\Program Files (x86)\Bluetooth Suite\ContactsApi.dll
2012-08-01 02:40 - 2012-08-01 02:40 - 00021504 _____ () c:\Program Files (x86)\Bluetooth Suite\L10n\cs-CZ\BtTray.cs-CZ.dll
2012-08-23 00:04 - 2012-08-23 00:04 - 00025232 _____ () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
2012-08-23 00:04 - 2012-08-23 00:04 - 00044176 _____ () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
2015-02-19 23:40 - 2015-02-19 23:40 - 00053248 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2012-08-23 08:26 - 2012-08-23 08:26 - 00465384 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2012-08-23 08:25 - 2012-08-23 08:25 - 00125504 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2012-08-23 08:26 - 2012-08-23 08:26 - 00155712 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\VolumeSnapshot.dll
2012-08-23 08:25 - 2012-08-23 08:25 - 00118336 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\Online.dll
2012-08-23 08:25 - 2012-08-23 08:25 - 01081408 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2012-08-23 08:25 - 2012-08-23 08:25 - 00052288 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OsSettingPort.dll
2012-08-23 08:26 - 2012-08-23 08:26 - 00727616 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OutlookShadow.dll
2015-06-19 21:31 - 2015-06-19 21:31 - 00043008 _____ () c:\users\ondej~1\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpql7fix.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00750080 _____ () C:\Users\Ondřej\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00047616 _____ () C:\Users\Ondřej\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00865280 _____ () C:\Users\Ondřej\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00200704 _____ () C:\Users\Ondřej\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00010240 _____ () C:\Users\Ondřej\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00726016 _____ () C:\Users\Ondřej\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00010240 _____ () C:\Users\Ondřej\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2012-09-13 23:21 - 2012-06-25 19:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Ondřej\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Ondřej\AppData\Roaming\Microsoft\Windows\Start Menu\Seznam.cz.website:DESTICON_email1229235768
AlternateDataStreams: C:\Users\Ondřej\AppData\Roaming\Microsoft\Windows\Start Menu\Seznam.cz.website:DESTICON_firmy-216282473
AlternateDataStreams: C:\Users\Ondřej\AppData\Roaming\Microsoft\Windows\Start Menu\Seznam.cz.website:DESTICON_novinky-1609642764
AlternateDataStreams: C:\Users\Ondřej\AppData\Roaming\Microsoft\Windows\Start Menu\Seznam.cz.website:DESTICON_prozeny771666966
AlternateDataStreams: C:\Users\Ondřej\AppData\Roaming\Microsoft\Windows\Start Menu\Seznam.cz.website:DESTICON_sport6476750
AlternateDataStreams: C:\Users\Ondřej\AppData\Roaming\Microsoft\Windows\Start Menu\Seznam.cz.website:DESTICON_stream1444311432
AlternateDataStreams: C:\Users\Ondřej\AppData\Roaming\Microsoft\Windows\Start Menu\Seznam.cz.website:DESTICON_super-41222104
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-959826868-2704866173-1510423850-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Ondřej\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\pozadí plochy.bmp
DNS Servers: 192.168.0.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\StartupFolder: => "Acer Backup Manager Tray.lnk"
HKLM\...\StartupApproved\Run: => "mcpltui_exe"
HKLM\...\StartupApproved\Run: => "mcui_exe"
HKLM\...\StartupApproved\Run: => "Norton Online Backup"
HKLM\...\StartupApproved\Run: => "cpuminer"
HKLM\...\StartupApproved\Run: => "gpuminer"
HKLM\...\StartupApproved\Run32: => "Norton Online Backup"
HKLM\...\StartupApproved\Run32: => "seznam-listicka-distribuce"
HKU\S-1-5-21-959826868-2704866173-1510423850-1002\...\StartupApproved\StartupFolder: => "crossbrowse.lnk"
HKU\S-1-5-21-959826868-2704866173-1510423850-1002\...\StartupApproved\Run: => "cz.seznam.software.autoupdate"
HKU\S-1-5-21-959826868-2704866173-1510423850-1002\...\StartupApproved\Run: => "cz.seznam.software.szndesktop"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{5436F146-2BBD-46FF-9D81-0D1AABD1297B}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{D9C7AC6E-4066-4EDC-9D4E-347C6A049C10}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D96230D5-1483-491C-9047-584A7B2B86EC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B30E868D-EF66-49FB-89BF-58C99D4BC848}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{F4259456-5D4D-4598-B818-AEFF5B0D2E45}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{8C4A6370-050A-4B57-B101-F7DB310AE9AE}] => (Allow) C:\Users\Ondřej\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{1F838C3C-4431-4ADD-9752-453997893522}] => (Allow) C:\Users\Ondřej\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{0D90A1E5-8E6B-4731-98F0-DD44D16D8E45}] => (Allow) LPort=1900
FirewallRules: [{BC4087E1-18B9-4F0C-BF0E-14054B5D2C8F}] => (Allow) LPort=2869
FirewallRules: [{1237E698-EF2A-4F55-A337-3491696155D0}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{A56D0918-F1C6-41C0-959F-514CDD86228C}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{7BBCA50A-BB56-4C24-94B5-B3BA7206B27B}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{B60A0474-8C75-49A2-8D1B-B17284A1BF4E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{51758211-DB0D-4A3C-9DBD-2249E38A58A3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{5ED05561-550F-4EA8-8841-D513DD524E62}C:\program files (x86)\bluetooth suite\bttray.exe] => (Allow) C:\program files (x86)\bluetooth suite\bttray.exe
FirewallRules: [TCP Query User{F3F5E4C7-AA18-4291-9BDF-135542F810FD}C:\program files (x86)\bluetooth suite\bttray.exe] => (Allow) C:\program files (x86)\bluetooth suite\bttray.exe
FirewallRules: [UDP Query User{3DEB8875-C17C-4B61-A98A-6633F0A2B299}C:\program files (x86)\bluetooth suite\btvstack.exe] => (Allow) C:\program files (x86)\bluetooth suite\btvstack.exe
FirewallRules: [TCP Query User{631CE525-076F-459E-AAA5-DF8E0385BE9E}C:\program files (x86)\bluetooth suite\btvstack.exe] => (Allow) C:\program files (x86)\bluetooth suite\btvstack.exe
FirewallRules: [{BEB62DD4-F0F3-4A91-AE1F-A287393C3A97}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{9BE3C5EA-3008-4BB7-9749-195BF5E6C103}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{64982B25-DA1C-4EC5-8638-72179B005451}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{E4ABDD0A-863E-45C0-81CD-9AD5A212D4DB}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{E8729967-AAEB-4610-82CD-1EE4757C99E0}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{ACB984C1-1E2E-4180-9A1D-1192C799213D}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{CD39EE26-21B4-4421-8A5D-DC2426376E17}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Video\VideoPlayer.exe
FirewallRules: [{E0AF2BB6-1D41-4489-BB32-F19488577C42}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{1CC83BFC-273C-4F8B-ADC0-45E923FCF279}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{61EF0C51-18C2-4CEF-BA0D-3251DE25698B}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{0890C160-D5C8-445C-BA0D-761FE9FE231E}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{F720BDE6-F9E1-44EA-8FED-FBC6FF8409B6}] => (Allow) C:\Program Files (x86)\Bluetooth Suite\Win7Ui.exe
FirewallRules: [{96C72227-6B19-46DF-80BA-A7F7AA20C122}] => (Allow) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
FirewallRules: [{C5145CF5-1EDE-482C-8278-9720A1126C25}] => (Allow) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
FirewallRules: [{33018B78-D49A-42F7-8AF8-AF3247147363}] => (Allow) C:\Program Files (x86)\Bluetooth Suite\Btvstack.exe
FirewallRules: [{E30D0C0B-14CE-4B05-A987-1966C5725160}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{031A9002-9F87-40A7-8F9E-5EDFCD95338E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{5E1CE66E-8003-4DB8-9A94-B650DBF19F10}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{774B5997-E19D-4D17-8929-0C411063A67E}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{D072D69F-BB06-41C6-8939-C75C07F915E7}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\FileExplorer.exe
FirewallRules: [{92D4EB48-EF5E-4121-81FD-8F4290040FF0}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
FirewallRules: [{C493EAE8-ACF7-4D44-AF9D-38E92861C275}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManager.exe
FirewallRules: [TCP Query User{1E5A8691-087E-4492-89BE-B670EA203633}C:\users\ondřej\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\ondřej\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{1DDBE09C-9B03-4F8C-84ED-633B88FB5010}C:\users\ondřej\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\ondřej\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{E25302ED-2A0D-474D-B323-2F86212F2F2E}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{30841818-30FB-4BBE-BF8B-B2F649C69D13}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [{79703089-2D1C-44FB-B47D-05DE208CD2B1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{72E93C52-5A5F-434E-912B-406F223DE96D}C:\users\ondřej\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\ondřej\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{67A7ACB2-DFBC-4339-9086-05951F415566}C:\users\ondřej\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\ondřej\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{2A0E6EAD-29B7-4A8F-8A6E-757F7D224E28}C:\program files (x86)\fire captain\fire.exe] => (Block) C:\program files (x86)\fire captain\fire.exe
FirewallRules: [UDP Query User{1C9AC323-3F9A-4230-A0F0-E79247C466FC}C:\program files (x86)\fire captain\fire.exe] => (Block) C:\program files (x86)\fire captain\fire.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (06/18/2015 07:35:04 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program st32.exe verze 1.0.0.7 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID procesu: 1760
Čas spuštění: 01d0a9ec3a2d9abb
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Výukové programy\ts dejepis\st.32\st32.exe
ID hlášení: 59d2a12c-15e0-11e5-bee3-68942315ce82
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (06/18/2015 02:52:42 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
Description: There was an error with the Windows Location Provider database
Error: (06/18/2015 08:11:01 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Explorer.EXE verze 6.3.9600.17667 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID procesu: 418
Čas spuštění: 01d0a8f956bf8fbd
Čas ukončení: 0
Cesta k aplikaci: C:\WINDOWS\Explorer.EXE
ID hlášení: a3eb7f41-1580-11e5-bee3-68942315ce82
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (06/17/2015 02:04:59 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest1 se nezdařilo. Chyba v souboru manifestu nebo zásad C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest2 na řádku C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest3.
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest.
Error: (06/17/2015 02:03:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: sgminer.exe, verze: 5.1.0.0, časové razítko: 0x556f317c
Název chybujícího modulu: sgminer.exe, verze: 5.1.0.0, časové razítko: 0x556f317c
Kód výjimky: 0xc0000005
Posun chyby: 0x00022887
ID chybujícího procesu: 0x11b0
Čas spuštění chybující aplikace: 0xsgminer.exe0
Cesta k chybující aplikaci: sgminer.exe1
Cesta k chybujícímu modulu: sgminer.exe2
ID zprávy: sgminer.exe3
Úplný název chybujícího balíčku: sgminer.exe4
ID aplikace související s chybujícím balíčkem: sgminer.exe5
Error: (06/17/2015 09:41:44 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: sgminer.exe, verze: 5.1.0.0, časové razítko: 0x556f317c
Název chybujícího modulu: sgminer.exe, verze: 5.1.0.0, časové razítko: 0x556f317c
Kód výjimky: 0xc0000005
Posun chyby: 0x00022887
ID chybujícího procesu: 0x11e8
Čas spuštění chybující aplikace: 0xsgminer.exe0
Cesta k chybující aplikaci: sgminer.exe1
Cesta k chybujícímu modulu: sgminer.exe2
ID zprávy: sgminer.exe3
Úplný název chybujícího balíčku: sgminer.exe4
ID aplikace související s chybujícím balíčkem: sgminer.exe5
Error: (06/16/2015 08:40:25 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest1 se nezdařilo. Chyba v souboru manifestu nebo zásad C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest2 na řádku C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest3.
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest.
Error: (06/16/2015 07:11:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: sgminer.exe, verze: 5.1.0.0, časové razítko: 0x556f317c
Název chybujícího modulu: sgminer.exe, verze: 5.1.0.0, časové razítko: 0x556f317c
Kód výjimky: 0xc0000005
Posun chyby: 0x00022887
ID chybujícího procesu: 0x12bc
Čas spuštění chybující aplikace: 0xsgminer.exe0
Cesta k chybující aplikaci: sgminer.exe1
Cesta k chybujícímu modulu: sgminer.exe2
ID zprávy: sgminer.exe3
Úplný název chybujícího balíčku: sgminer.exe4
ID aplikace související s chybujícím balíčkem: sgminer.exe5
Error: (06/16/2015 06:40:51 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2562
Error: (06/16/2015 06:40:51 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2562
System errors:
=============
Error: (06/19/2015 09:33:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba NVIDIA Update Service Daemon neuspěla při spuštění v důsledku následující chyby:
%%1069
Error: (06/19/2015 09:33:00 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba nvUpdatusService se nemohla přihlásit jako .\UpdatusUser s aktuálně konfigurovaným heslem z důvodu následující chyby:
%%1326
Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).
Error: (06/19/2015 09:32:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Google Update (gupdate) neuspěla při spuštění v důsledku následující chyby:
%%2
Error: (06/19/2015 09:30:57 PM) (Source: DCOM) (EventID: 10016) (User: ntb)
Description: specifické pro aplikaciMístníSpuštění{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}ntbOndřejS-1-5-21-959826868-2704866173-1510423850-1002LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici
Error: (06/19/2015 09:29:27 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Správce služeb se pokusil o opravnou akci (Restartovat službu) po nečekaném ukončení služby Windows Search, ale tato akce selhala kvůli následující chybě:
%%1056
Error: (06/19/2015 09:28:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba zařazování tisku byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.
Error: (06/19/2015 09:28:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Dritek RF Button Command Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 3000 milisekund: Restartovat službu.
Error: (06/19/2015 09:28:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error: (06/19/2015 09:28:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Dritek WMI Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 3000 milisekund: Restartovat službu.
Error: (06/19/2015 09:28:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Intel(R) Capability Licensing Service Interface byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.
Microsoft Office:
=========================
Error: (06/18/2015 07:35:04 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: st32.exe1.0.0.7176001d0a9ec3a2d9abb4294967295C:\Výukové programy\ts dejepis\st.32\st32.exe59d2a12c-15e0-11e5-bee3-68942315ce82
Error: (06/18/2015 02:52:42 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
Description: -2147024883
Error: (06/18/2015 08:11:01 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Explorer.EXE6.3.9600.1766741801d0a8f956bf8fbd0C:\WINDOWS\Explorer.EXEa3eb7f41-1580-11e5-bee3-68942315ce82
Error: (06/17/2015 02:04:59 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifestC:\$Recycle.Bin\S-1-5-21-959826868-2704866173-1510423850-1002\$RHCHAXA.exe
Error: (06/17/2015 02:03:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: sgminer.exe5.1.0.0556f317csgminer.exe5.1.0.0556f317cc00000050002288711b001d0a8f58e8e3effC:\Users\Ondřej\AppData\Roaming\cpuminer\sgminer\sgminer.exeC:\Users\Ondřej\AppData\Roaming\cpuminer\sgminer\sgminer.exed8f5d265-14e8-11e5-bee2-68942315ce82
Error: (06/17/2015 09:41:44 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: sgminer.exe5.1.0.0556f317csgminer.exe5.1.0.0556f317cc00000050002288711e801d0a8d0dfcf9e04C:\Users\Ondřej\AppData\Roaming\cpuminer\sgminer\sgminer.exeC:\Users\Ondřej\AppData\Roaming\cpuminer\sgminer\sgminer.exe4cb6a5fd-14c4-11e5-bee1-68942315ce82
Error: (06/16/2015 08:40:25 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifestC:\Users\Ondřej\Downloads\esetsmartinstaller_csy.exe
Error: (06/16/2015 07:11:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: sgminer.exe5.1.0.0556f317csgminer.exe5.1.0.0556f317cc00000050002288712bc01d0a857635f484aC:\Users\Ondřej\AppData\Roaming\cpuminer\sgminer\sgminer.exeC:\Users\Ondřej\AppData\Roaming\cpuminer\sgminer\sgminer.exec6c20911-144a-11e5-bee0-68942315ce82
Error: (06/16/2015 06:40:51 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2562
Error: (06/16/2015 06:40:51 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2562
CodeIntegrity Errors:
===================================
Date: 2015-06-14 21:06:08.467
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-06-13 08:31:18.695
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-06-12 23:01:59.559
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-06-11 21:19:53.537
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-06-09 19:03:03.752
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-06-05 18:25:02.767
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-06-04 10:05:19.601
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-06-02 14:22:54.141
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-05-31 08:43:13.952
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-05-29 08:37:15.197
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) CPU B960 @ 2.20GHz
Percentage of memory in use: 26%
Total physical RAM: 8005.28 MB
Available physical RAM: 5885.7 MB
Total Pagefile: 9285.28 MB
Available Pagefile: 7254 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:675.91 GB) (Free:460.62 GB) NTFS
Drive e: (Minecraft) (CDROM) (Total:0.01 GB) (Free:0 GB) UDF
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: D578584D)
Partition: GPT Partition Type.
==================== End of log ============================
Ran by Ondřej at 2015-06-20 07:49:32
Running from C:\Users\Ondřej\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-959826868-2704866173-1510423850-500 - Administrator - Disabled) => C:\Users\Administrator
Guest (S-1-5-21-959826868-2704866173-1510423850-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-959826868-2704866173-1510423850-1016 - Limited - Enabled)
Ondřej (S-1-5-21-959826868-2704866173-1510423850-1002 - Administrator - Enabled) => C:\Users\Ondřej
UpdatusUser (S-1-5-21-959826868-2704866173-1510423850-1011 - Limited - Enabled) => C:\Users\UpdatusUser.ntb
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ESET Smart Security 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personální firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Acer Backup Manager (HKLM-x32\...\InstallShield_{9DDDF20E-9FD1-4434-A43E-E7889DBC9420}) (Version: 4.0.0.0059 - NTI Corporation)
Acer Device Fast-lane (HKLM\...\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}) (Version: 1.00.3007 - Acer Incorporated)
Acer Instant Update Service (HKLM\...\{8215A318-CC27-435E-B3EA-2E3443C8998C}) (Version: 1.00.3013 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3006 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3011 - Acer Incorporated)
AcerCloud (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.01.3115 - Acer Incorporated)
AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.00.3201 - Acer Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 18 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 18.0.0.160 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Any Video Converter 5.7.7 (HKLM-x32\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
avast! Browser Cleanup (HKU\S-1-5-21-959826868-2704866173-1510423850-1002\...\avast! Browser Cleanup) (Version: 10.2.2218.71 - AVAST Software)
Avidemux 2.6 - 64bits (HKLM-x32\...\Avidemux 2.6 - 64bits (64-bit)) (Version: 2.6.8.9046 - )
Backup Manager v4 (x32 Version: 4.0.0.0059 - NTI Corporation) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom Card Reader Driver Installer (HKLM\...\{F0A7DF2F-0BE0-470F-B137-D7A19F977189}) (Version: 15.4.4.2 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.03 - Piriform)
clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.01.3107 - Acer Incorporated)
clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.01.3107 - Acer Incorporated)
clear.fi SDK - Video 2 (x32 Version: 2.1.1910 - CyberLink Corp.) Hidden
clear.fi SDK- Movie 2 (x32 Version: 2.1.1910 - CyberLink Corp.) Hidden
Convert MOV to AVI 1.0 (HKLM-x32\...\{A39EA3C8-7BF3-4FA7-9A67-3D3611BAE59E}_is1) (Version: - convertmovtoavi.com)
CyberLink MediaEspresso 6.5 (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.3103_44819 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.13 - Dolby Laboratories Inc)
Dropbox (HKU\S-1-5-21-959826868-2704866173-1510423850-1002\...\Dropbox) (Version: 3.6.7 - Dropbox, Inc.)
ESET Smart Security (HKLM\...\{E4BA35A7-9715-4405-951E-E60B4ED0C7B0}) (Version: 8.0.312.3 - ESET, spol s r. o.)
ETDWare PS/2-X64 11.6.4.001_WHQL (HKLM\...\Elantech) (Version: 11.6.4.001 - ELAN Microelectronic Corp.)
Fire Captain version 1.0 (HKLM-x32\...\{EFE597CD-937C-4388-AA52-E6B698112282}_is1) (Version: 1.0 - Brigades)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Freemake Video Converter verze 4.1.5 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.5 - Ellora Assets Corporation)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.2.69.5227 - Gretech Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.124 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3004 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Launch Manager (HKLM-x32\...\LManager) (Version: 7.0.4 - Acer Inc.)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3003 - Acer Incorporated)
Malwarebytes Anti-Malware verze 2.1.4.1018 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft Office Standard 2010 (HKLM-x32\...\Office14.STANDARD) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 38.0.5 (x86 cs) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 cs)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0.5 - Mozilla)
MuseScore 1.3 (HKLM-x32\...\MuseScore) (Version: 1.3.0 - Werner Schweer and Others)
MyWinLocker (Version: 4.0.14.35 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.35 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.24 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.24 - Egis Technology Inc.) Hidden
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.2.3.45 - Symantec Corporation)
Norton Online Backup ARA (x32 Version: 4.1.0.10 - Symantec Corporation) Hidden
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.9008 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.9008 - NTI Corporation) Hidden
NVIDIA Ovladače grafiky 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.12.0613 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0613 - NVIDIA Corporation)
NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.01.3200 - Acer)
OpenOffice 4.1.1 (HKLM-x32\...\{C560D6E7-E40A-435D-8B71-62CBCF1701B2}) (Version: 4.11.9775 - Apache Software Foundation)
Opera Stable 30.0.1835.59 (HKLM-x32\...\Opera 30.0.1835.59) (Version: 30.0.1835.59 - Opera Software)
Ovládací panel NVIDIA 327.02 (Version: 327.02 - NVIDIA Corporation) Hidden
Podpora aplikací Apple (64bitová) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.204 - Qualcomm Atheros Communications)
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 11.05 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6657 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARD_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Unity Web Player (HKU\S-1-5-21-959826868-2704866173-1510423850-1002\...\UnityWebPlayer) (Version: 4.6.2f1 - Unity Technologies ApS)
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-959826868-2704866173-1510423850-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Ondřej\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-959826868-2704866173-1510423850-1002_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Ondřej\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-959826868-2704866173-1510423850-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ondřej\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-959826868-2704866173-1510423850-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ondřej\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-959826868-2704866173-1510423850-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ondřej\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-959826868-2704866173-1510423850-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ondřej\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-959826868-2704866173-1510423850-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ondřej\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-959826868-2704866173-1510423850-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ondřej\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-959826868-2704866173-1510423850-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ondřej\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-959826868-2704866173-1510423850-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ondřej\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
==================== Restore Points =========================
28-05-2015 20:36:06 Naplánovaný kontrolní bod
05-06-2015 20:34:51 Windows Update
10-06-2015 08:53:04 Windows Update
14-06-2015 20:45:56 Removed Podpora aplikací Apple (32bitová)
16-06-2015 20:42:55 Nainstalováno: OpenOffice 4.1.1
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {16312601-0516-42A4-A134-DC480E5A64C4} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattel\DiagTrackRunner.exe [2015-03-16] (Microsoft Corporation)
Task: {1778FA18-F9D9-4706-8D10-0D03C78FEBC3} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-959826868-2704866173-1510423850-1002Core => C:\Users\Ondřej\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-16] (Dropbox, Inc.)
Task: {1A3EF5D0-A88F-4113-903B-3D0ECE285CF1} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2012-08-23] (Acer Incorporated)
Task: {1EEC3745-D35F-43ED-B312-22D0C7C21266} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-06] (Microsoft Corporation)
Task: {30CB288C-6BF9-42BE-AE51-0CFA6103CBE5} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2012-07-04] (CyberLink)
Task: {36A21B1E-3CFE-471C-A80B-B420610967D1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {41D7949E-B659-4F93-833A-5E01E5F838B9} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: {52FDA480-7A39-4551-9BC0-70A32D2AD09C} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_160_pepper.exe [2015-06-14] (Adobe Systems Incorporated)
Task: {58F0BEF2-D76C-4760-BA4B-AC472B252869} - System32\Tasks\iuEmailOutlookAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe [2012-08-23] ()
Task: {61B1BC15-E338-4A5D-822D-9909DCDA98D9} - System32\Tasks\Opera scheduled Autoupdate 1430506230 => C:\Program Files (x86)\Opera\launcher.exe [2015-06-10] (Opera Software)
Task: {626B3A8C-37F6-4ED3-A637-CEEF3044109E} - System32\Tasks\avastBCLS-1-5-21-959826868-2704866173-1510423850-1002 => C:\Users\Ondřej\AppData\Roaming\AVAST Software\Browser Cleanup\BCUSched.exe [2015-06-16] (AVAST Software)
Task: {672ECD12-730D-47BD-A56D-1B9D16D3F2FE} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2012-06-22] ()
Task: {7CF33B46-B823-48C5-B00C-C56C1CA3E565} - System32\Tasks\{5ABBB7EA-5CBA-4BA6-AF38-77EA56C64BA4} => pcalua.exe -a C:\Users\Ondřej\Downloads\forge-1.8-11.14.1.1334-installer-win.exe -d C:\Users\Ondřej\Downloads
Task: {87BCC9DD-AB04-4E35-902F-631342D5C975} - System32\Tasks\avast! BCU UpdateS-1-5-21-959826868-2704866173-1510423850-1002 => C:\Users\Ondřej\AppData\Roaming\AVAST Software\Browser Cleanup\BCUUpdate.exe [2015-03-18] (AVAST Software)
Task: {8BAB3741-36BD-4876-B4D9-19687EDCFDF1} - System32\Tasks\avastBCLRestart_firefox.exe => Firefox.exe
Task: {8D8E3A42-28F6-4A42-B3EB-044ACC5F54B7} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {9CDDFF3B-783A-4B78-A2E3-C9986050F509} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {B5B9C766-C25D-454C-BDAA-EE1283C8AAB0} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-959826868-2704866173-1510423850-1002UA => C:\Users\Ondřej\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-16] (Dropbox, Inc.)
Task: {C0938463-5D53-4F28-8E6E-D5711EA29118} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-02-19] (Piriform Ltd)
Task: {D445C20E-2FF2-42ED-9C6B-0CE7C270AD4A} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {E81148B5-7EE7-404A-989D-FFC3CFCBE901} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2012-08-24] ()
Task: {F155A46C-021D-424A-94F6-1749FAF98DDF} - System32\Tasks\iuBrowserIEAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe [2012-08-23] ()
Task: {F1BB79CB-FF1A-45F7-B9C3-C7EDBB4E1C98} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {FD5869C3-622D-447F-966D-D1203F1AB49C} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_160_pepper.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-959826868-2704866173-1510423850-1002Core.job => C:\Users\OndYej\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-959826868-2704866173-1510423850-1002UA.job => C:\Users\OndYej\AppData\Local\Dropbox\Update\DropboxUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2013-09-05 02:36 - 2013-09-05 02:36 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2015-02-13 05:20 - 2015-02-13 05:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-02-13 05:20 - 2015-02-13 05:20 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-05-01 16:13 - 2014-05-01 16:13 - 00470016 _____ () C:\Users\Ondřej\AppData\Local\MEGAsync\ShellExtX64.dll
2012-06-22 03:12 - 2012-06-22 03:12 - 01407568 _____ () C:\Program Files (x86)\EgisTec MyWinLocker\x64\LIBEAY32.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-08-01 02:45 - 2012-08-01 02:45 - 00384128 _____ () c:\Program Files (x86)\Bluetooth Suite\ContactsApi.dll
2012-08-01 02:40 - 2012-08-01 02:40 - 00021504 _____ () c:\Program Files (x86)\Bluetooth Suite\L10n\cs-CZ\BtTray.cs-CZ.dll
2012-08-23 00:04 - 2012-08-23 00:04 - 00025232 _____ () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
2012-08-23 00:04 - 2012-08-23 00:04 - 00044176 _____ () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
2015-02-19 23:40 - 2015-02-19 23:40 - 00053248 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2012-08-23 08:26 - 2012-08-23 08:26 - 00465384 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2012-08-23 08:25 - 2012-08-23 08:25 - 00125504 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2012-08-23 08:26 - 2012-08-23 08:26 - 00155712 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\VolumeSnapshot.dll
2012-08-23 08:25 - 2012-08-23 08:25 - 00118336 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\Online.dll
2012-08-23 08:25 - 2012-08-23 08:25 - 01081408 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2012-08-23 08:25 - 2012-08-23 08:25 - 00052288 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OsSettingPort.dll
2012-08-23 08:26 - 2012-08-23 08:26 - 00727616 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OutlookShadow.dll
2015-06-19 21:31 - 2015-06-19 21:31 - 00043008 _____ () c:\users\ondej~1\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpql7fix.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00750080 _____ () C:\Users\Ondřej\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00047616 _____ () C:\Users\Ondřej\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00865280 _____ () C:\Users\Ondřej\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00200704 _____ () C:\Users\Ondřej\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00010240 _____ () C:\Users\Ondřej\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00726016 _____ () C:\Users\Ondřej\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00010240 _____ () C:\Users\Ondřej\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2012-09-13 23:21 - 2012-06-25 19:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Ondřej\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Ondřej\AppData\Roaming\Microsoft\Windows\Start Menu\Seznam.cz.website:DESTICON_email1229235768
AlternateDataStreams: C:\Users\Ondřej\AppData\Roaming\Microsoft\Windows\Start Menu\Seznam.cz.website:DESTICON_firmy-216282473
AlternateDataStreams: C:\Users\Ondřej\AppData\Roaming\Microsoft\Windows\Start Menu\Seznam.cz.website:DESTICON_novinky-1609642764
AlternateDataStreams: C:\Users\Ondřej\AppData\Roaming\Microsoft\Windows\Start Menu\Seznam.cz.website:DESTICON_prozeny771666966
AlternateDataStreams: C:\Users\Ondřej\AppData\Roaming\Microsoft\Windows\Start Menu\Seznam.cz.website:DESTICON_sport6476750
AlternateDataStreams: C:\Users\Ondřej\AppData\Roaming\Microsoft\Windows\Start Menu\Seznam.cz.website:DESTICON_stream1444311432
AlternateDataStreams: C:\Users\Ondřej\AppData\Roaming\Microsoft\Windows\Start Menu\Seznam.cz.website:DESTICON_super-41222104
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-959826868-2704866173-1510423850-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Ondřej\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\pozadí plochy.bmp
DNS Servers: 192.168.0.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\StartupFolder: => "Acer Backup Manager Tray.lnk"
HKLM\...\StartupApproved\Run: => "mcpltui_exe"
HKLM\...\StartupApproved\Run: => "mcui_exe"
HKLM\...\StartupApproved\Run: => "Norton Online Backup"
HKLM\...\StartupApproved\Run: => "cpuminer"
HKLM\...\StartupApproved\Run: => "gpuminer"
HKLM\...\StartupApproved\Run32: => "Norton Online Backup"
HKLM\...\StartupApproved\Run32: => "seznam-listicka-distribuce"
HKU\S-1-5-21-959826868-2704866173-1510423850-1002\...\StartupApproved\StartupFolder: => "crossbrowse.lnk"
HKU\S-1-5-21-959826868-2704866173-1510423850-1002\...\StartupApproved\Run: => "cz.seznam.software.autoupdate"
HKU\S-1-5-21-959826868-2704866173-1510423850-1002\...\StartupApproved\Run: => "cz.seznam.software.szndesktop"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{5436F146-2BBD-46FF-9D81-0D1AABD1297B}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{D9C7AC6E-4066-4EDC-9D4E-347C6A049C10}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D96230D5-1483-491C-9047-584A7B2B86EC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B30E868D-EF66-49FB-89BF-58C99D4BC848}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{F4259456-5D4D-4598-B818-AEFF5B0D2E45}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{8C4A6370-050A-4B57-B101-F7DB310AE9AE}] => (Allow) C:\Users\Ondřej\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{1F838C3C-4431-4ADD-9752-453997893522}] => (Allow) C:\Users\Ondřej\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{0D90A1E5-8E6B-4731-98F0-DD44D16D8E45}] => (Allow) LPort=1900
FirewallRules: [{BC4087E1-18B9-4F0C-BF0E-14054B5D2C8F}] => (Allow) LPort=2869
FirewallRules: [{1237E698-EF2A-4F55-A337-3491696155D0}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{A56D0918-F1C6-41C0-959F-514CDD86228C}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{7BBCA50A-BB56-4C24-94B5-B3BA7206B27B}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{B60A0474-8C75-49A2-8D1B-B17284A1BF4E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{51758211-DB0D-4A3C-9DBD-2249E38A58A3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{5ED05561-550F-4EA8-8841-D513DD524E62}C:\program files (x86)\bluetooth suite\bttray.exe] => (Allow) C:\program files (x86)\bluetooth suite\bttray.exe
FirewallRules: [TCP Query User{F3F5E4C7-AA18-4291-9BDF-135542F810FD}C:\program files (x86)\bluetooth suite\bttray.exe] => (Allow) C:\program files (x86)\bluetooth suite\bttray.exe
FirewallRules: [UDP Query User{3DEB8875-C17C-4B61-A98A-6633F0A2B299}C:\program files (x86)\bluetooth suite\btvstack.exe] => (Allow) C:\program files (x86)\bluetooth suite\btvstack.exe
FirewallRules: [TCP Query User{631CE525-076F-459E-AAA5-DF8E0385BE9E}C:\program files (x86)\bluetooth suite\btvstack.exe] => (Allow) C:\program files (x86)\bluetooth suite\btvstack.exe
FirewallRules: [{BEB62DD4-F0F3-4A91-AE1F-A287393C3A97}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{9BE3C5EA-3008-4BB7-9749-195BF5E6C103}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{64982B25-DA1C-4EC5-8638-72179B005451}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{E4ABDD0A-863E-45C0-81CD-9AD5A212D4DB}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{E8729967-AAEB-4610-82CD-1EE4757C99E0}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{ACB984C1-1E2E-4180-9A1D-1192C799213D}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{CD39EE26-21B4-4421-8A5D-DC2426376E17}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Video\VideoPlayer.exe
FirewallRules: [{E0AF2BB6-1D41-4489-BB32-F19488577C42}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{1CC83BFC-273C-4F8B-ADC0-45E923FCF279}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{61EF0C51-18C2-4CEF-BA0D-3251DE25698B}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{0890C160-D5C8-445C-BA0D-761FE9FE231E}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{F720BDE6-F9E1-44EA-8FED-FBC6FF8409B6}] => (Allow) C:\Program Files (x86)\Bluetooth Suite\Win7Ui.exe
FirewallRules: [{96C72227-6B19-46DF-80BA-A7F7AA20C122}] => (Allow) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
FirewallRules: [{C5145CF5-1EDE-482C-8278-9720A1126C25}] => (Allow) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
FirewallRules: [{33018B78-D49A-42F7-8AF8-AF3247147363}] => (Allow) C:\Program Files (x86)\Bluetooth Suite\Btvstack.exe
FirewallRules: [{E30D0C0B-14CE-4B05-A987-1966C5725160}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{031A9002-9F87-40A7-8F9E-5EDFCD95338E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{5E1CE66E-8003-4DB8-9A94-B650DBF19F10}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{774B5997-E19D-4D17-8929-0C411063A67E}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{D072D69F-BB06-41C6-8939-C75C07F915E7}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\FileExplorer.exe
FirewallRules: [{92D4EB48-EF5E-4121-81FD-8F4290040FF0}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
FirewallRules: [{C493EAE8-ACF7-4D44-AF9D-38E92861C275}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManager.exe
FirewallRules: [TCP Query User{1E5A8691-087E-4492-89BE-B670EA203633}C:\users\ondřej\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\ondřej\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{1DDBE09C-9B03-4F8C-84ED-633B88FB5010}C:\users\ondřej\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\ondřej\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{E25302ED-2A0D-474D-B323-2F86212F2F2E}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{30841818-30FB-4BBE-BF8B-B2F649C69D13}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [{79703089-2D1C-44FB-B47D-05DE208CD2B1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{72E93C52-5A5F-434E-912B-406F223DE96D}C:\users\ondřej\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\ondřej\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{67A7ACB2-DFBC-4339-9086-05951F415566}C:\users\ondřej\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\ondřej\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{2A0E6EAD-29B7-4A8F-8A6E-757F7D224E28}C:\program files (x86)\fire captain\fire.exe] => (Block) C:\program files (x86)\fire captain\fire.exe
FirewallRules: [UDP Query User{1C9AC323-3F9A-4230-A0F0-E79247C466FC}C:\program files (x86)\fire captain\fire.exe] => (Block) C:\program files (x86)\fire captain\fire.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (06/18/2015 07:35:04 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program st32.exe verze 1.0.0.7 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID procesu: 1760
Čas spuštění: 01d0a9ec3a2d9abb
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Výukové programy\ts dejepis\st.32\st32.exe
ID hlášení: 59d2a12c-15e0-11e5-bee3-68942315ce82
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (06/18/2015 02:52:42 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
Description: There was an error with the Windows Location Provider database
Error: (06/18/2015 08:11:01 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Explorer.EXE verze 6.3.9600.17667 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID procesu: 418
Čas spuštění: 01d0a8f956bf8fbd
Čas ukončení: 0
Cesta k aplikaci: C:\WINDOWS\Explorer.EXE
ID hlášení: a3eb7f41-1580-11e5-bee3-68942315ce82
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (06/17/2015 02:04:59 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest1 se nezdařilo. Chyba v souboru manifestu nebo zásad C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest2 na řádku C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest3.
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest.
Error: (06/17/2015 02:03:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: sgminer.exe, verze: 5.1.0.0, časové razítko: 0x556f317c
Název chybujícího modulu: sgminer.exe, verze: 5.1.0.0, časové razítko: 0x556f317c
Kód výjimky: 0xc0000005
Posun chyby: 0x00022887
ID chybujícího procesu: 0x11b0
Čas spuštění chybující aplikace: 0xsgminer.exe0
Cesta k chybující aplikaci: sgminer.exe1
Cesta k chybujícímu modulu: sgminer.exe2
ID zprávy: sgminer.exe3
Úplný název chybujícího balíčku: sgminer.exe4
ID aplikace související s chybujícím balíčkem: sgminer.exe5
Error: (06/17/2015 09:41:44 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: sgminer.exe, verze: 5.1.0.0, časové razítko: 0x556f317c
Název chybujícího modulu: sgminer.exe, verze: 5.1.0.0, časové razítko: 0x556f317c
Kód výjimky: 0xc0000005
Posun chyby: 0x00022887
ID chybujícího procesu: 0x11e8
Čas spuštění chybující aplikace: 0xsgminer.exe0
Cesta k chybující aplikaci: sgminer.exe1
Cesta k chybujícímu modulu: sgminer.exe2
ID zprávy: sgminer.exe3
Úplný název chybujícího balíčku: sgminer.exe4
ID aplikace související s chybujícím balíčkem: sgminer.exe5
Error: (06/16/2015 08:40:25 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest1 se nezdařilo. Chyba v souboru manifestu nebo zásad C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest2 na řádku C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest3.
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest.
Error: (06/16/2015 07:11:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: sgminer.exe, verze: 5.1.0.0, časové razítko: 0x556f317c
Název chybujícího modulu: sgminer.exe, verze: 5.1.0.0, časové razítko: 0x556f317c
Kód výjimky: 0xc0000005
Posun chyby: 0x00022887
ID chybujícího procesu: 0x12bc
Čas spuštění chybující aplikace: 0xsgminer.exe0
Cesta k chybující aplikaci: sgminer.exe1
Cesta k chybujícímu modulu: sgminer.exe2
ID zprávy: sgminer.exe3
Úplný název chybujícího balíčku: sgminer.exe4
ID aplikace související s chybujícím balíčkem: sgminer.exe5
Error: (06/16/2015 06:40:51 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2562
Error: (06/16/2015 06:40:51 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2562
System errors:
=============
Error: (06/19/2015 09:33:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba NVIDIA Update Service Daemon neuspěla při spuštění v důsledku následující chyby:
%%1069
Error: (06/19/2015 09:33:00 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba nvUpdatusService se nemohla přihlásit jako .\UpdatusUser s aktuálně konfigurovaným heslem z důvodu následující chyby:
%%1326
Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).
Error: (06/19/2015 09:32:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Google Update (gupdate) neuspěla při spuštění v důsledku následující chyby:
%%2
Error: (06/19/2015 09:30:57 PM) (Source: DCOM) (EventID: 10016) (User: ntb)
Description: specifické pro aplikaciMístníSpuštění{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}ntbOndřejS-1-5-21-959826868-2704866173-1510423850-1002LocalHost (pomocí LRPC)Není k dispoziciNení k dispozici
Error: (06/19/2015 09:29:27 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Správce služeb se pokusil o opravnou akci (Restartovat službu) po nečekaném ukončení služby Windows Search, ale tato akce selhala kvůli následující chybě:
%%1056
Error: (06/19/2015 09:28:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba zařazování tisku byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.
Error: (06/19/2015 09:28:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Dritek RF Button Command Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 3000 milisekund: Restartovat službu.
Error: (06/19/2015 09:28:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error: (06/19/2015 09:28:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Dritek WMI Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 3000 milisekund: Restartovat službu.
Error: (06/19/2015 09:28:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Intel(R) Capability Licensing Service Interface byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.
Microsoft Office:
=========================
Error: (06/18/2015 07:35:04 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: st32.exe1.0.0.7176001d0a9ec3a2d9abb4294967295C:\Výukové programy\ts dejepis\st.32\st32.exe59d2a12c-15e0-11e5-bee3-68942315ce82
Error: (06/18/2015 02:52:42 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
Description: -2147024883
Error: (06/18/2015 08:11:01 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Explorer.EXE6.3.9600.1766741801d0a8f956bf8fbd0C:\WINDOWS\Explorer.EXEa3eb7f41-1580-11e5-bee3-68942315ce82
Error: (06/17/2015 02:04:59 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifestC:\$Recycle.Bin\S-1-5-21-959826868-2704866173-1510423850-1002\$RHCHAXA.exe
Error: (06/17/2015 02:03:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: sgminer.exe5.1.0.0556f317csgminer.exe5.1.0.0556f317cc00000050002288711b001d0a8f58e8e3effC:\Users\Ondřej\AppData\Roaming\cpuminer\sgminer\sgminer.exeC:\Users\Ondřej\AppData\Roaming\cpuminer\sgminer\sgminer.exed8f5d265-14e8-11e5-bee2-68942315ce82
Error: (06/17/2015 09:41:44 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: sgminer.exe5.1.0.0556f317csgminer.exe5.1.0.0556f317cc00000050002288711e801d0a8d0dfcf9e04C:\Users\Ondřej\AppData\Roaming\cpuminer\sgminer\sgminer.exeC:\Users\Ondřej\AppData\Roaming\cpuminer\sgminer\sgminer.exe4cb6a5fd-14c4-11e5-bee1-68942315ce82
Error: (06/16/2015 08:40:25 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifestC:\Users\Ondřej\Downloads\esetsmartinstaller_csy.exe
Error: (06/16/2015 07:11:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: sgminer.exe5.1.0.0556f317csgminer.exe5.1.0.0556f317cc00000050002288712bc01d0a857635f484aC:\Users\Ondřej\AppData\Roaming\cpuminer\sgminer\sgminer.exeC:\Users\Ondřej\AppData\Roaming\cpuminer\sgminer\sgminer.exec6c20911-144a-11e5-bee0-68942315ce82
Error: (06/16/2015 06:40:51 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2562
Error: (06/16/2015 06:40:51 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2562
CodeIntegrity Errors:
===================================
Date: 2015-06-14 21:06:08.467
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-06-13 08:31:18.695
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-06-12 23:01:59.559
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-06-11 21:19:53.537
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-06-09 19:03:03.752
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-06-05 18:25:02.767
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-06-04 10:05:19.601
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-06-02 14:22:54.141
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-05-31 08:43:13.952
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-05-29 08:37:15.197
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) CPU B960 @ 2.20GHz
Percentage of memory in use: 26%
Total physical RAM: 8005.28 MB
Available physical RAM: 5885.7 MB
Total Pagefile: 9285.28 MB
Available Pagefile: 7254 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:675.91 GB) (Free:460.62 GB) NTFS
Drive e: (Minecraft) (CDROM) (Total:0.01 GB) (Free:0 GB) UDF
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: D578584D)
Partition: GPT Partition Type.
==================== End of log ============================
Re: Prosím o kontrolu
- Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
- ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
- znovu spustte FRST a kliknete na Fix
- po restartu bude na plose ulozen fixlog, jehoz obsah mi vlozte do pristi odpovedi
Kód: Vybrat vše
Start CloseProcesses: CreateRestorePoint: HKLM\...\Run: [gpuminer] => C:\Users\Ondřej\AppData\Roaming\cpuminer\sgminer\sgminer.cmd C:\Users\Ondřej\AppData\Roaming\cpuminer HKLM\...\Run: [cpuminer] => C:\WINDOWS\system32\cpuminer-gw64.exe C:\WINDOWS\system32\cpuminer-gw64.exe HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] () C:\Program Files (x86)\Seznam.cz HKU\S-1-5-21-959826868-2704866173-1510423850-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7416088 2015-02-19] (Piriform Ltd) HKU\S-1-5-21-959826868-2704866173-1510423850-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd) HKU\S-1-5-21-959826868-2704866173-1510423850-1002\...\RunOnce: [SeznamInstall-uninstall:699abbf461f264a5faebfafa90854427] => C:\Users\ONDEJ~1\AppData\Local\Temp\\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe [534528 2015-06-19] () <===== ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-959826868-2704866173-1510423850-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms} SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-959826868-2704866173-1510423850-1002 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms} SearchScopes: HKU\S-1-5-21-959826868-2704866173-1510423850-1002 -> {34D6C85E-4E0A-4609-9D27-16BD0A936CE2} URL = FF DefaultSearchEngine: Seznam FF DefaultSearchUrl: hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}& FF SearchEngineOrder.1: Seznam FF SelectedSearchEngine: Seznam FF Homepage: https://www.seznam.cz/?clid=22668 FF Keyword.URL: hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}& CHR Extension: (Seznam Lištička - Email) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2015-06-11] CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2015-06-11] CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2015-06-11] S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X] S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X] 2015-06-20 07:47 - 2015-06-20 07:48 - 00022762 _____ C:\Users\Ondřej\Desktop\FRST.txt 2015-06-19 21:24 - 2015-06-19 21:24 - 02231296 _____ C:\Users\Ondřej\Downloads\adwcleaner_4.206.exe 2015-06-17 14:42 - 2015-06-17 14:42 - 01222144 _____ C:\Users\Ondřej\Downloads\RSITx64.exe 2015-06-17 14:42 - 2015-06-17 14:42 - 00000000 ____D C:\rsit 2015-06-17 14:42 - 2015-06-17 14:42 - 00000000 ____D C:\Program Files\trend micro 2015-06-11 17:00 - 2015-06-19 21:35 - 00000000 ____D C:\Users\Ondřej\AppData\Roaming\Seznam.cz 2015-06-11 17:00 - 2015-06-11 17:00 - 00000000 ____D C:\Program Files (x86)\Seznam.cz 2015-06-11 16:57 - 2015-06-13 10:39 - 00000000 ____D C:\ProgramData\17321103469212414188 2015-06-19 21:29 - 2014-01-21 17:05 - 00000000 ____D C:\AdwCleaner 2015-06-14 20:41 - 2015-06-14 20:41 - 0000000 _____ () C:\Users\Ondřej\AppData\Local\Temp.dat 2015-04-21 21:15 - 2015-04-21 21:15 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Task: {7CF33B46-B823-48C5-B00C-C56C1CA3E565} - System32\Tasks\{5ABBB7EA-5CBA-4BA6-AF38-77EA56C64BA4} => pcalua.exe -a C:\Users\Ondřej\Downloads\forge-1.8-11.14.1.1334-installer-win.exe -d C:\Users\Ondřej\Downloads Hosts: EmptyTemp: End
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Prosím o kontrolu
Fix result of Farbar Recovery Scan Tool (x64) Version:13-06-2015
Ran by Ondřej at 2015-06-21 13:01:10 Run:2
Running from C:\Users\Ondřej\Desktop
Loaded Profiles: Ondřej (Available Profiles: Ondřej & UpdatusUser & Administrator)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKLM\...\Run: [gpuminer] => C:\Users\Ondřej\AppData\Roaming\cpuminer\sgminer\sgminer.cmd
C:\Users\Ondřej\AppData\Roaming\cpuminer
HKLM\...\Run: [cpuminer] => C:\WINDOWS\system32\cpuminer-gw64.exe
C:\WINDOWS\system32\cpuminer-gw64.exe
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
C:\Program Files (x86)\Seznam.cz
HKU\S-1-5-21-959826868-2704866173-1510423850-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7416088 2015-02-19] (Piriform Ltd)
HKU\S-1-5-21-959826868-2704866173-1510423850-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-959826868-2704866173-1510423850-1002\...\RunOnce: [SeznamInstall-uninstall:699abbf461f264a5faebfafa90854427] => C:\Users\ONDEJ~1\AppData\Local\Temp\\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe [534528 2015-06-19] () <===== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-959826868-2704866173-1510423850-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?sourceid=quick ... earchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-959826868-2704866173-1510423850-1002 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?sourceid=quick ... earchTerms}
SearchScopes: HKU\S-1-5-21-959826868-2704866173-1510423850-1002 -> {34D6C85E-4E0A-4609-9D27-16BD0A936CE2} URL =
FF DefaultSearchEngine: Seznam
FF DefaultSearchUrl: hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&
FF SearchEngineOrder.1: Seznam
FF SelectedSearchEngine: Seznam
FF Homepage: https://www.seznam.cz/?clid=22668
FF Keyword.URL: hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&
CHR Extension: (Seznam Lištička - Email) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2015-06-11]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2015-06-11]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2015-06-11]
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
2015-06-20 07:47 - 2015-06-20 07:48 - 00022762 _____ C:\Users\Ondřej\Desktop\FRST.txt
2015-06-19 21:24 - 2015-06-19 21:24 - 02231296 _____ C:\Users\Ondřej\Downloads\adwcleaner_4.206.exe
2015-06-17 14:42 - 2015-06-17 14:42 - 01222144 _____ C:\Users\Ondřej\Downloads\RSITx64.exe
2015-06-17 14:42 - 2015-06-17 14:42 - 00000000 ____D C:\rsit
2015-06-17 14:42 - 2015-06-17 14:42 - 00000000 ____D C:\Program Files\trend micro
2015-06-11 17:00 - 2015-06-19 21:35 - 00000000 ____D C:\Users\Ondřej\AppData\Roaming\Seznam.cz
2015-06-11 17:00 - 2015-06-11 17:00 - 00000000 ____D C:\Program Files (x86)\Seznam.cz
2015-06-11 16:57 - 2015-06-13 10:39 - 00000000 ____D C:\ProgramData\17321103469212414188
2015-06-19 21:29 - 2014-01-21 17:05 - 00000000 ____D C:\AdwCleaner
2015-06-14 20:41 - 2015-06-14 20:41 - 0000000 _____ () C:\Users\Ondřej\AppData\Local\Temp.dat
2015-04-21 21:15 - 2015-04-21 21:15 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Task: {7CF33B46-B823-48C5-B00C-C56C1CA3E565} - System32\Tasks\{5ABBB7EA-5CBA-4BA6-AF38-77EA56C64BA4} => pcalua.exe -a C:\Users\Ondřej\Downloads\forge-1.8-11.14.1.1334-installer-win.exe -d C:\Users\Ondřej\Downloads
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
Restore point was successfully created.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\gpuminer => value removed successfully
"C:\Users\Ondřej\AppData\Roaming\cpuminer" => File/Folder not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\cpuminer => value removed successfully
"C:\WINDOWS\system32\cpuminer-gw64.exe" => File/Folder not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\seznam-listicka-distribuce => value removed successfully
C:\Program Files (x86)\Seznam.cz => moved successfully.
HKU\S-1-5-21-959826868-2704866173-1510423850-1002\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => value removed successfully
HKU\S-1-5-21-959826868-2704866173-1510423850-1002\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value removed successfully
HKU\S-1-5-21-959826868-2704866173-1510423850-1002\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SeznamInstall-uninstall:699abbf461f264a5faebfafa90854427 => value not found.
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
"HKU\S-1-5-21-959826868-2704866173-1510423850-1002\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{15C4DF55-4B67-495A-A3D3-A497C4A49EE0}" => key removed successfully
HKCR\Wow6432Node\CLSID\{15C4DF55-4B67-495A-A3D3-A497C4A49EE0} => key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-959826868-2704866173-1510423850-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{15C4DF55-4B67-495A-A3D3-A497C4A49EE0}" => key removed successfully
HKCR\CLSID\{15C4DF55-4B67-495A-A3D3-A497C4A49EE0} => key not found.
"HKU\S-1-5-21-959826868-2704866173-1510423850-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{34D6C85E-4E0A-4609-9D27-16BD0A936CE2}" => key removed successfully
HKCR\CLSID\{34D6C85E-4E0A-4609-9D27-16BD0A936CE2} => key not found.
Firefox DefaultSearchEngine removed successfully
Firefox DefaultSearchUrl removed successfully
Firefox SearchEngineOrder.1 removed successfully
Firefox SelectedSearchEngine removed successfully
Firefox homepage removed successfully
Firefox Keyword.URL removed successfully
C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig => moved successfully.
C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd => moved successfully.
C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak => moved successfully.
gupdate => Service removed successfully
gupdatem => Service removed successfully
C:\Users\Ondřej\Desktop\FRST.txt => moved successfully.
C:\Users\Ondřej\Downloads\adwcleaner_4.206.exe => moved successfully.
C:\Users\Ondřej\Downloads\RSITx64.exe => moved successfully.
C:\rsit => moved successfully.
C:\Program Files\trend micro => moved successfully.
C:\Users\Ondřej\AppData\Roaming\Seznam.cz => moved successfully.
"C:\Program Files (x86)\Seznam.cz" => File/Folder not found.
C:\ProgramData\17321103469212414188 => moved successfully.
C:\AdwCleaner => moved successfully.
C:\Users\Ondřej\AppData\Local\Temp.dat => moved successfully.
C:\ProgramData\DP45977C.lfl => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7CF33B46-B823-48C5-B00C-C56C1CA3E565}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7CF33B46-B823-48C5-B00C-C56C1CA3E565}" => key removed successfully
C:\Windows\System32\Tasks\{5ABBB7EA-5CBA-4BA6-AF38-77EA56C64BA4} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{5ABBB7EA-5CBA-4BA6-AF38-77EA56C64BA4}" => key removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully.
Hosts restored successfully.
EmptyTemp: => 839.5 MB temporary data Removed.
The system needed a reboot..
==== End of Fixlog 13:02:58 ====
Ran by Ondřej at 2015-06-21 13:01:10 Run:2
Running from C:\Users\Ondřej\Desktop
Loaded Profiles: Ondřej (Available Profiles: Ondřej & UpdatusUser & Administrator)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKLM\...\Run: [gpuminer] => C:\Users\Ondřej\AppData\Roaming\cpuminer\sgminer\sgminer.cmd
C:\Users\Ondřej\AppData\Roaming\cpuminer
HKLM\...\Run: [cpuminer] => C:\WINDOWS\system32\cpuminer-gw64.exe
C:\WINDOWS\system32\cpuminer-gw64.exe
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
C:\Program Files (x86)\Seznam.cz
HKU\S-1-5-21-959826868-2704866173-1510423850-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7416088 2015-02-19] (Piriform Ltd)
HKU\S-1-5-21-959826868-2704866173-1510423850-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-959826868-2704866173-1510423850-1002\...\RunOnce: [SeznamInstall-uninstall:699abbf461f264a5faebfafa90854427] => C:\Users\ONDEJ~1\AppData\Local\Temp\\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe [534528 2015-06-19] () <===== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-959826868-2704866173-1510423850-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?sourceid=quick ... earchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-959826868-2704866173-1510423850-1002 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = http://search.seznam.cz/?sourceid=quick ... earchTerms}
SearchScopes: HKU\S-1-5-21-959826868-2704866173-1510423850-1002 -> {34D6C85E-4E0A-4609-9D27-16BD0A936CE2} URL =
FF DefaultSearchEngine: Seznam
FF DefaultSearchUrl: hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&
FF SearchEngineOrder.1: Seznam
FF SelectedSearchEngine: Seznam
FF Homepage: https://www.seznam.cz/?clid=22668
FF Keyword.URL: hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&
CHR Extension: (Seznam Lištička - Email) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2015-06-11]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2015-06-11]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2015-06-11]
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
2015-06-20 07:47 - 2015-06-20 07:48 - 00022762 _____ C:\Users\Ondřej\Desktop\FRST.txt
2015-06-19 21:24 - 2015-06-19 21:24 - 02231296 _____ C:\Users\Ondřej\Downloads\adwcleaner_4.206.exe
2015-06-17 14:42 - 2015-06-17 14:42 - 01222144 _____ C:\Users\Ondřej\Downloads\RSITx64.exe
2015-06-17 14:42 - 2015-06-17 14:42 - 00000000 ____D C:\rsit
2015-06-17 14:42 - 2015-06-17 14:42 - 00000000 ____D C:\Program Files\trend micro
2015-06-11 17:00 - 2015-06-19 21:35 - 00000000 ____D C:\Users\Ondřej\AppData\Roaming\Seznam.cz
2015-06-11 17:00 - 2015-06-11 17:00 - 00000000 ____D C:\Program Files (x86)\Seznam.cz
2015-06-11 16:57 - 2015-06-13 10:39 - 00000000 ____D C:\ProgramData\17321103469212414188
2015-06-19 21:29 - 2014-01-21 17:05 - 00000000 ____D C:\AdwCleaner
2015-06-14 20:41 - 2015-06-14 20:41 - 0000000 _____ () C:\Users\Ondřej\AppData\Local\Temp.dat
2015-04-21 21:15 - 2015-04-21 21:15 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Task: {7CF33B46-B823-48C5-B00C-C56C1CA3E565} - System32\Tasks\{5ABBB7EA-5CBA-4BA6-AF38-77EA56C64BA4} => pcalua.exe -a C:\Users\Ondřej\Downloads\forge-1.8-11.14.1.1334-installer-win.exe -d C:\Users\Ondřej\Downloads
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
Restore point was successfully created.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\gpuminer => value removed successfully
"C:\Users\Ondřej\AppData\Roaming\cpuminer" => File/Folder not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\cpuminer => value removed successfully
"C:\WINDOWS\system32\cpuminer-gw64.exe" => File/Folder not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\seznam-listicka-distribuce => value removed successfully
C:\Program Files (x86)\Seznam.cz => moved successfully.
HKU\S-1-5-21-959826868-2704866173-1510423850-1002\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => value removed successfully
HKU\S-1-5-21-959826868-2704866173-1510423850-1002\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value removed successfully
HKU\S-1-5-21-959826868-2704866173-1510423850-1002\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SeznamInstall-uninstall:699abbf461f264a5faebfafa90854427 => value not found.
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
"HKU\S-1-5-21-959826868-2704866173-1510423850-1002\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{15C4DF55-4B67-495A-A3D3-A497C4A49EE0}" => key removed successfully
HKCR\Wow6432Node\CLSID\{15C4DF55-4B67-495A-A3D3-A497C4A49EE0} => key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-959826868-2704866173-1510423850-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{15C4DF55-4B67-495A-A3D3-A497C4A49EE0}" => key removed successfully
HKCR\CLSID\{15C4DF55-4B67-495A-A3D3-A497C4A49EE0} => key not found.
"HKU\S-1-5-21-959826868-2704866173-1510423850-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{34D6C85E-4E0A-4609-9D27-16BD0A936CE2}" => key removed successfully
HKCR\CLSID\{34D6C85E-4E0A-4609-9D27-16BD0A936CE2} => key not found.
Firefox DefaultSearchEngine removed successfully
Firefox DefaultSearchUrl removed successfully
Firefox SearchEngineOrder.1 removed successfully
Firefox SelectedSearchEngine removed successfully
Firefox homepage removed successfully
Firefox Keyword.URL removed successfully
C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig => moved successfully.
C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd => moved successfully.
C:\Users\Ondřej\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak => moved successfully.
gupdate => Service removed successfully
gupdatem => Service removed successfully
C:\Users\Ondřej\Desktop\FRST.txt => moved successfully.
C:\Users\Ondřej\Downloads\adwcleaner_4.206.exe => moved successfully.
C:\Users\Ondřej\Downloads\RSITx64.exe => moved successfully.
C:\rsit => moved successfully.
C:\Program Files\trend micro => moved successfully.
C:\Users\Ondřej\AppData\Roaming\Seznam.cz => moved successfully.
"C:\Program Files (x86)\Seznam.cz" => File/Folder not found.
C:\ProgramData\17321103469212414188 => moved successfully.
C:\AdwCleaner => moved successfully.
C:\Users\Ondřej\AppData\Local\Temp.dat => moved successfully.
C:\ProgramData\DP45977C.lfl => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7CF33B46-B823-48C5-B00C-C56C1CA3E565}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7CF33B46-B823-48C5-B00C-C56C1CA3E565}" => key removed successfully
C:\Windows\System32\Tasks\{5ABBB7EA-5CBA-4BA6-AF38-77EA56C64BA4} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{5ABBB7EA-5CBA-4BA6-AF38-77EA56C64BA4}" => key removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully.
Hosts restored successfully.
EmptyTemp: => 839.5 MB temporary data Removed.
The system needed a reboot..
==== End of Fixlog 13:02:58 ====
Re: Prosím o kontrolu
Zbytky po BitCoin mineru a adwarech byly odstraneny. Otestujte chod pocitace a pripadne uz jen uklidime.
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Prosím o kontrolu
Myslím, že můžeme uklízet 
Děkuji.
Děkuji.
Re: Prosím o kontrolu
Takze jeste uklidime.
- Stahnete a spustte DelFix - https://toolslib.net/downloads/viewdownload/2-delfix/
- Oznacte jen moznost "Remove disinfection tools"
- kliknete na Run
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Prosím o kontrolu
Smazáno.
Děkuji moc za pomoc.
Děkuji moc za pomoc.
Re: Prosím o kontrolu
Nemate zac, rad jsem pomohl 
Mejte se krasne a treba zase nekdy
Mejte se krasne a treba zase nekdy
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Přispějete na provoz fóra?