Vyskakovací okna, prosím o kontrolo logu

Zpráva

Vanisek · #1 Příspěvek od **Vanisek** » 18 čer 2015 10:52

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-06-2015
Ran by Jiri (administrator) on LENOVO-PC on 18-06-2015 11:46:39
Running from C:\Users\Jiri\Desktop
Loaded Profiles: Jiri (Available Profiles: Jiri)
Platform: Windows 8.1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Avid Technology, Inc.) C:\Program Files\Avid\Editor Transcode\TranscodeService\AvidEditorDbEngine.exe
(Avid Technology, Inc.) C:\Program Files\Avid\Editor Transcode\TranscodeService\AvidEditorDbEngine.exe
(Avid Technology, Inc.) C:\Program Files\Avid\Editor Transcode\TranscodeService\rnc-central\AvidEditorTranscodeStatus.exe
(Avid Technology, Inc.) C:\Program Files\Avid\Editor Transcode\TranscodeService\rnc-central\AvidEditorTranscodeStatus.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel Corporation) C:\Windows\SysWOW64\ibtsiva.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo Settings\LenovoSetSvr.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\WebcamSplitterServer.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(SafeNet, Inc.) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
(SafeNet, Inc) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
(SafeNet, Inc.) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Avid Technology, Inc.) C:\Program Files\Avid\Editor Transcode\TranscodeService\AvidEditorMSE.exe
(Avid Technology, Inc.) C:\Program Files\Avid\Editor Transcode\TranscodeService\AvidEditorMSE.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Lenovo) C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avid Technology, Inc.) C:\Program Files\Avid\Avid Media Composer\AvidBackgroundServicesManager.exe
() C:\ProgramData\{50f8100b-3a85-beab-50f8-8100b3a8402c}\Epic motivational music mix.mp3.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo Updates\LU.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\livecomm.exe
(Red Giant Software LLC) C:\Program Files (x86)\LooksBuilder\Magic Bullet Looks.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Media Encoder CC 2014\Adobe Media Encoder.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Media Encoder CC 2014\32\dynamiclinkmanager.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Media Encoder CC 2014\32\Adobe QT32 Server.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Jiri\Desktop\FRSTLauncher (1).exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2464072 2014-11-06] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\windows\system32\rundll32.exe C:\windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RtsFT] => C:\windows\RTFTrack.exe [6340312 2014-06-10] (Realtek semiconductor)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-02-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1379544 2014-03-05] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1379544 2014-03-05] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1379544 2014-03-05] (Realtek Semiconductor)
HKLM\...\Run: [OnekeyStudio] => C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [4196432 2012-09-15] (Lenovo)
HKLM\...\Run: [PhoneCompanion] => C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [836592 2014-09-15] (Lenovo)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [16094704 2014-09-15] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [10841584 2014-09-15] (Lenovo(beijing) Limited)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-10-14] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-02-13] (Apple Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-02-13] (Apple Inc.)
HKLM-x32\...\Run: [Adobe] => C:\ProgramData\Adobe\16C4CB.vbe [7642 2012-12-13] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-1547277944-862055614-3959490313-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-23] (Piriform Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avid Background Services Manager.lnk [2014-11-15]
ShortcutTarget: Avid Background Services Manager.lnk -> C:\Windows\Installer\{3B7C77DC-8756-4864-A088-948F350106FB}\NewShortcut1_4CE83F107C544E87A6F35E0E551E78CA.exe (Flexera Software LLC)
Startup: C:\Users\Jiri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Epic motivational music mix.mp3.lnk [2015-02-23]
ShortcutTarget: Epic motivational music mix.mp3.lnk -> C:\ProgramData\{50f8100b-3a85-beab-50f8-8100b3a8402c}\Epic motivational music mix.mp3.exe ()
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-1547277944-862055614-3959490313-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1547277944-862055614-3959490313-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-1547277944-862055614-3959490313-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com
HKU\S-1-5-21-1547277944-862055614-3959490313-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1547277944-862055614-3959490313-1001 -> DefaultScope {B8D78E9B-A25B-46C6-A7CC-A66C356A5E21} URL =
SearchScopes: HKU\S-1-5-21-1547277944-862055614-3959490313-1001 -> {B8D78E9B-A25B-46C6-A7CC-A66C356A5E21} URL =
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-05-07] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL [2015-05-07] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-05-07] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-11-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-11-18] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-05-07] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL [2015-05-07] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-11-03] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-11-03] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-1547277944-862055614-3959490313-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File

Chrome:
=======
CHR Profile: C:\Users\Jiri\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Angry Birds) - C:\Users\Jiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2014-11-11]
CHR Extension: (Google Drive) - C:\Users\Jiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-10]
CHR Extension: (YouTube) - C:\Users\Jiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-10]
CHR Extension: (Google Search) - C:\Users\Jiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-10]
CHR Extension: (Facebook™ Chat Privacy) - C:\Users\Jiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfpgaanechfneiboempkfjghninbibjn [2014-11-11]
CHR Extension: (AdBlock) - C:\Users\Jiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-05-13]
CHR Extension: (Google Mail Checker) - C:\Users\Jiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2014-11-11]
CHR Extension: (Google Wallet) - C:\Users\Jiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-10]
CHR Extension: (imo free video calls and text) - C:\Users\Jiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocaebkdojpikfmhmnekiflipcicedobi [2014-11-11]
CHR Extension: (Gmail) - C:\Users\Jiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-10]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 25efdc5a; c:\Program Files (x86)\IncludeFoobar\IncludeFoobar.dll [1959424 2015-06-04] () [File not signed]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
S3 Avid DMF Service; C:\Program Files\Avid\Editor Transcode\Dynamic Media Files\DMFService.exe [661832 2014-05-09] (Avid Technology, Inc.)
R2 Avid Editor Broker; C:\Program Files\Avid\Editor Transcode\TranscodeService\AvidEditorMSE.exe [662344 2014-05-09] (Avid Technology, Inc.)
R2 Avid Editor Db Engine; C:\Program Files\Avid\Editor Transcode\TranscodeService\AvidEditorDbEngine.exe [661832 2014-05-09] (Avid Technology, Inc.)
S3 Avid Editor Transcode Service; C:\Program Files\Avid\Editor Transcode\TranscodeService\AvidEditorTranscode.exe [662344 2014-05-09] (Avid Technology, Inc.)
R2 Avid Editor Transcode Status; C:\Program Files\Avid\Editor Transcode\TranscodeService\rnc-central\AvidEditorTranscodeStatus.exe [297800 2014-05-09] (Avid Technology, Inc.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2736824 2015-04-07] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-11-06] (NVIDIA Corporation)
R2 iBtSiva; c:\windows\syswow64\ibtsiva.exe [120016 2014-04-04] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [296432 2014-04-16] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-16] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [533760 2014-06-03] (Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584632 2015-03-06] (LENOVO INCORPORATED.)
R2 LenovoSetSvr; C:\Program Files (x86)\Lenovo\Lenovo Settings\LenovoSetSvr.exe [389680 2014-09-15] (Lenovo(beijing) Limited)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-09-15] (Lenovo(beijing) Limited)
R2 LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [38896 2014-02-18] (Lenovo(beijing) Limited)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-05-30] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-11-06] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19819848 2014-11-06] (NVIDIA Corporation)
R2 PGService; C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [167176 2014-02-26] (PointGrab LTD)
R2 PG_Service_Launcher; C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe [512776 2014-02-26] (PointGrab LTD)
R2 PhoneCompanionPusher; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [288240 2014-09-15] (Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [308720 2014-09-15] (Lenovo)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2013-09-13] (arvato digital services llc)
R2 SentinelKeysServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [376832 2013-01-09] (SafeNet, Inc.) [File not signed]
R2 SentinelProtectionServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [1259872 2013-01-09] (SafeNet, Inc)
R2 SentinelSecurityRuntime; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe [293216 2013-01-09] (SafeNet, Inc.)
S3 TESHelper; c:\Program Files\Common Files\Lenovo\Magic Transfer\x64\MagicTransferTESHelper.exe [104696 2014-09-15] (Lenovo)
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe [68880 2014-09-15] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816176 2014-05-30] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [142280 2013-10-18] (Intel Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R1 MpKsl4f2e3217; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9FAFD803-1237-42A5-BB20-63E89BC6D0BC}\MpKsl4f2e3217.sys [45352 2015-06-18] (Microsoft Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\Netwbw02.sys [3446240 2014-06-18] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2014-11-06] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38216 2014-10-03] (NVIDIA Corporation)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [444632 2013-10-24] (Realsil Semiconductor Corporation)
S3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [9121496 2014-06-10] (Realtek Semiconductor Corp.)
R2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2014-03-07] (Synaptics Incorporated)
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(http://www.devguru.co.kr))
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-18 11:46 - 2015-06-18 11:46 - 00028335 _____ C:\Users\Jiri\Desktop\FRST.txt
2015-06-18 11:44 - 2015-06-18 11:44 - 00112640 _____ (forum.viry.cz) C:\Users\Jiri\Desktop\FRSTLauncher (1).exe
2015-06-18 11:43 - 2015-06-18 11:43 - 00112640 _____ (forum.viry.cz) C:\Users\Jiri\Desktop\Nepotvrzeno 267189.crdownload
2015-06-18 11:42 - 2015-06-18 11:46 - 00000000 ____D C:\FRST
2015-06-18 11:42 - 2015-06-18 11:42 - 02109952 _____ (Farbar) C:\Users\Jiri\Desktop\FRST64.exe
2015-06-18 04:38 - 2015-06-18 04:38 - 52822240 _____ (Microsoft Corporation) C:\Users\Jiri\Downloads\Windows-KB890830-x64-V5.25.exe
2015-06-18 04:26 - 2015-06-18 04:26 - 1314980436 _____ C:\Users\Jiri\Desktop\FT12.mp4
2015-06-18 04:16 - 2015-06-18 04:16 - 05628161 _____ (Swearware) C:\Users\Jiri\Downloads\ComboFix.exe
2015-06-18 03:49 - 2015-06-18 04:09 - 668064620 _____ C:\Users\Jiri\Desktop\Untitled Sequence.01.mxf
2015-06-18 03:34 - 2015-06-18 03:35 - 190080860 _____ C:\Users\Jiri\Desktop\EDIT12.Copy.01,Audio Mixdown,2-23.0LUFS.wav
2015-06-18 03:33 - 2015-06-18 03:33 - 190080854 _____ C:\Users\Jiri\Desktop\EDIT12.Copy.01,Audio Mixdown,2.wav
2015-06-17 03:24 - 2015-06-17 03:24 - 00000000 _____ C:\Users\Jiri\Desktop\Nový textový dokument (2).txt
2015-06-16 14:41 - 2015-06-16 14:41 - 00865050 _____ C:\Users\Jiri\Downloads\9698-2.m4a
2015-06-16 14:41 - 2015-06-16 14:41 - 00181138 _____ C:\Users\Jiri\Downloads\Hlas 016.m4a
2015-06-16 14:41 - 2015-06-16 14:41 - 00170679 _____ C:\Users\Jiri\Downloads\3686.m4a
2015-06-16 14:41 - 2015-06-16 14:41 - 00170194 _____ C:\Users\Jiri\Downloads\Hlas 012.m4a
2015-06-16 14:41 - 2015-06-16 14:41 - 00154705 _____ C:\Users\Jiri\Downloads\9649.m4a
2015-06-11 21:43 - 2015-06-11 21:44 - 573644800 _____ C:\Users\Jiri\Downloads\smutecnirecfilmem_na web bezloga (1).mpg
2015-06-11 16:06 - 2015-06-11 16:25 - 573644800 _____ C:\Users\Jiri\Downloads\smutecnirecfilmem_na web bezloga.mpg
2015-06-11 11:50 - 2015-06-11 11:50 - 168999260 _____ C:\Users\Jiri\Desktop\EDIT11,Audio Mixdown,1-23.0LUFS(1).wav
2015-06-11 10:06 - 2015-06-11 10:10 - 52058345 _____ C:\Users\Jiri\Desktop\PREREKY.mov
2015-06-11 09:59 - 2015-06-11 09:59 - 00000000 ____H C:\ProgramData\cm-lock
2015-06-10 21:42 - 2015-06-10 21:42 - 127501485 _____ C:\Users\Jiri\Desktop\EDIT3.FINAL.mp4
2015-06-10 21:35 - 2015-06-10 21:37 - 1464398124 _____ C:\Users\Jiri\Desktop\EDIT3.FINAL.mxf
2015-06-10 21:32 - 2015-06-10 21:32 - 56022620 _____ C:\Users\Jiri\Desktop\EDIT3,Audio Mixdown,1-23.0LUFS.wav
2015-06-10 21:31 - 2015-06-10 21:31 - 56022614 _____ C:\Users\Jiri\Desktop\EDIT3,Audio Mixdown,1.wav
2015-06-10 20:05 - 2015-06-10 20:05 - 00000000 _____ C:\Users\Jiri\Desktop\Nový textový dokument.txt
2015-06-10 12:30 - 2015-06-10 20:52 - 00000000 ____D C:\Users\Jiri\Downloads\zasilka-FEU7E4WC5CSESYED
2015-06-10 12:30 - 2015-06-10 12:30 - 00000000 ____D C:\Users\Jiri\Downloads\zasilka-FFEXB49UF5HYRCS4
2015-06-10 08:07 - 2015-06-10 08:13 - 111140240 _____ C:\Users\Jiri\Downloads\MOV_0179.mp4
2015-06-10 08:07 - 2015-06-10 08:12 - 81219203 _____ C:\Users\Jiri\Downloads\MOV_0178.mp4
2015-06-10 08:06 - 2015-06-10 08:12 - 94417065 _____ C:\Users\Jiri\Downloads\MOV_0180.mp4
2015-06-10 07:54 - 2015-06-10 07:57 - 94573844 _____ C:\Users\Jiri\Desktop\MP.mov
2015-06-10 07:45 - 2015-06-10 07:45 - 384279521 _____ C:\Users\Jiri\Desktop\Untitled Sequence.01_1.mp4
2015-06-10 07:16 - 2015-06-11 11:49 - 168999254 _____ C:\Users\Jiri\Desktop\EDIT11,Audio Mixdown,1.wav
2015-06-10 07:16 - 2015-06-10 07:17 - 168123740 _____ C:\Users\Jiri\Desktop\EDIT11,Audio Mixdown,1-23.0LUFS.wav
2015-06-10 01:12 - 2015-06-10 01:12 - 00157094 _____ C:\Users\Jiri\Downloads\Ema.m4a
2015-06-10 01:11 - 2015-06-10 01:11 - 00169841 _____ C:\Users\Jiri\Downloads\Andrea.m4a
2015-06-10 01:01 - 2015-06-10 01:01 - 37057880 _____ C:\Users\Jiri\Downloads\zasilka-FG33SY8MSI2RI9CB.zip
2015-06-10 01:01 - 2015-06-10 01:01 - 00000000 ____D C:\Users\Jiri\Downloads\zasilka-FG33SY8MSI2RI9CB
2015-06-09 23:57 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-06-09 23:57 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-06-09 23:57 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-06-09 23:57 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2015-06-09 23:57 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-06-09 23:57 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2015-06-09 23:57 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2015-06-09 23:57 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-06-09 23:57 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-06-09 23:57 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-06-09 23:57 - 2015-05-23 04:47 - 00128000 _____ (Microsoft Corporation) C:\windows\SysWOW64\iepeers.dll
2015-06-09 23:57 - 2015-05-23 04:43 - 00880128 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2015-06-09 23:57 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-06-09 23:57 - 2015-05-23 04:38 - 00327168 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-06-09 23:57 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-06-09 23:57 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-06-09 23:57 - 2015-05-23 04:28 - 01042944 _____ (Microsoft Corporation) C:\windows\SysWOW64\actxprxy.dll
2015-06-09 23:57 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-06-09 23:57 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-06-09 23:57 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-06-09 23:57 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-06-09 23:57 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-06-09 23:57 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2015-06-09 23:57 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-06-09 23:57 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-06-09 23:57 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-06-09 23:57 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-06-09 23:57 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-06-09 23:57 - 2015-05-22 20:23 - 00145408 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2015-06-09 23:57 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-06-09 23:57 - 2015-05-22 20:15 - 01032704 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2015-06-09 23:57 - 2015-05-22 20:09 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2015-06-09 23:57 - 2015-05-22 20:08 - 00374272 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-06-09 23:57 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-06-09 23:57 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-06-09 23:57 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-06-09 23:57 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-06-09 23:57 - 2015-05-22 19:49 - 02865152 _____ (Microsoft Corporation) C:\windows\system32\actxprxy.dll
2015-06-09 23:57 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-06-09 23:57 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-06-09 23:57 - 2015-05-21 18:47 - 04177920 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-06-09 23:57 - 2015-04-25 04:34 - 00653824 _____ (Microsoft Corporation) C:\windows\system32\comctl32.dll
2015-06-09 23:57 - 2015-04-25 04:33 - 00549888 _____ (Microsoft Corporation) C:\windows\SysWOW64\comctl32.dll
2015-06-09 23:54 - 2015-06-09 23:54 - 00000000 ____D C:\Users\Jiri\Downloads\MP
2015-06-09 23:51 - 2015-06-09 23:51 - 00200896 _____ C:\Users\Jiri\Downloads\Misska.m4a
2015-06-09 23:51 - 2015-06-09 23:51 - 00166607 _____ C:\Users\Jiri\Downloads\Kornova.m4a
2015-06-09 23:51 - 2015-06-09 23:51 - 00123323 _____ C:\Users\Jiri\Downloads\bloncka v bile.m4a
2015-06-09 23:36 - 2015-06-09 23:36 - 00109411 _____ C:\Users\Jiri\Downloads\Hdl 70.m4a
2015-06-09 23:36 - 2015-06-09 23:36 - 00065305 _____ C:\Users\Jiri\Downloads\Fb.m4a
2015-06-09 14:05 - 2015-06-09 14:05 - 00003008 _____ C:\Users\Jiri\Desktop\Girl blown away by jet blast)_1.mxf.xmp
2015-06-09 14:04 - 2015-06-09 14:05 - 392978040 _____ C:\Users\Jiri\Desktop\Girl blown away by jet blast)_1.mxf
2015-06-09 14:03 - 2015-06-09 14:03 - 05063873 _____ C:\Users\Jiri\Desktop\Girl blown away by jet blast).mp4
2015-06-08 23:08 - 2015-06-08 23:11 - 00000000 ____D C:\Users\Jiri\Downloads\myairbridge-U3YDANL5N9X36O82
2015-06-08 18:58 - 2015-06-08 21:41 - 620244660 _____ C:\Users\Jiri\Downloads\myairbridge-U3YDANL5N9X36O82.zip
2015-06-08 11:03 - 2015-06-08 11:03 - 676864576 _____ C:\Users\Jiri\Downloads\Nepotvrzeno 736793.crdownload
2015-06-08 11:01 - 2015-06-16 11:04 - 00005680 _____ C:\windows\setupact.log
2015-06-08 11:01 - 2015-06-11 09:58 - 00001084 _____ C:\windows\PFRO.log
2015-06-08 11:01 - 2015-06-08 11:01 - 00000000 _____ C:\windows\setuperr.log
2015-06-08 10:33 - 2015-06-08 10:33 - 1074225152 _____ C:\Users\Jiri\Downloads\Nepotvrzeno 165863.crdownload
2015-06-08 09:41 - 2015-06-08 09:41 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2015-06-08 05:23 - 2015-06-08 05:23 - 00002226 _____ C:\Users\Jiri\Desktop\Grand Theft Auto V.lnk
2015-06-08 05:23 - 2015-06-08 05:23 - 00000000 ____D C:\Users\Jiri\AppData\Roaming\Grand Theft Auto V
2015-06-08 05:23 - 2015-06-08 05:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
2015-06-07 12:53 - 2015-06-07 12:53 - 15837361 _____ C:\Users\Jiri\Desktop\SPONOZORI_NESPRESSO_CCM_STORM.mp4
2015-06-07 12:52 - 2015-06-07 12:52 - 92283464 _____ C:\Users\Jiri\Desktop\Untitled Sequence.04.mxf
2015-06-07 12:51 - 2015-06-07 12:51 - 03537500 _____ C:\Users\Jiri\Desktop\Untitled Sequence.04,Audio Mixdown,1-23.0LUFS(1).wav
2015-06-07 12:42 - 2015-06-07 12:42 - 00123327 _____ C:\Users\Jiri\Downloads\Sponzor Upo.m4a
2015-06-07 12:05 - 2015-06-18 04:32 - 01837692 _____ C:\windows\WindowsUpdate.log
2015-06-07 11:41 - 2015-06-07 12:19 - 477855744 _____ C:\Users\Jiri\Downloads\00042.MTS
2015-06-07 11:30 - 2015-06-07 12:58 - 2125529088 _____ C:\Users\Jiri\Downloads\00035.MTS
2015-06-04 21:55 - 2015-06-04 21:55 - 08880667 _____ C:\Users\Jiri\Desktop\sponzoraky_self.mp4
2015-06-04 21:52 - 2015-06-07 12:50 - 03537494 _____ C:\Users\Jiri\Desktop\Untitled Sequence.04,Audio Mixdown,1.wav
2015-06-04 21:52 - 2015-06-04 21:52 - 02915420 _____ C:\Users\Jiri\Desktop\Untitled Sequence.04,Audio Mixdown,1-23.0LUFS.wav
2015-06-04 18:29 - 2015-06-04 18:29 - 00098452 _____ C:\Users\Jiri\Downloads\Sponzoraky Upo.m4a
2015-06-04 18:11 - 2015-06-04 18:12 - 04892918 _____ C:\Users\Jiri\Desktop\STORM_BLUE.mov
2015-06-04 18:08 - 2015-06-04 18:08 - 04206390 _____ C:\Users\Jiri\Desktop\STORM_PINK.mov
2015-06-04 18:04 - 2015-06-04 18:04 - 00002187 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk
2015-06-04 17:37 - 2015-06-04 17:37 - 00000000 ____D C:\Program Files (x86)\IncludeFoobar
2015-06-04 02:16 - 2015-06-04 17:38 - 00000000 ____D C:\ProgramData\80edcee400000a04
2015-06-03 13:50 - 2015-06-03 13:50 - 00040960 _____ C:\Users\Jiri\Downloads\dispozice_fashiontime_5cerven.xls
2015-06-02 19:54 - 2015-06-02 19:54 - 00214313 _____ C:\Users\Jiri\Downloads\Hlas 005.m4a
2015-06-02 19:54 - 2015-06-02 19:54 - 00185303 _____ C:\Users\Jiri\Downloads\Hlas 027.m4a
2015-06-02 19:14 - 2015-06-02 19:14 - 00289620 _____ C:\Users\Jiri\Downloads\6517.m4a
2015-06-02 19:14 - 2015-06-02 19:14 - 00288556 _____ C:\Users\Jiri\Downloads\6517 (1).m4a
2015-06-02 19:14 - 2015-06-02 19:14 - 00220433 _____ C:\Users\Jiri\Downloads\6650.m4a
2015-06-02 19:14 - 2015-06-02 19:14 - 00149629 _____ C:\Users\Jiri\Downloads\nz.m4a
2015-06-02 19:03 - 2015-06-02 19:03 - 00014437 _____ C:\Users\Jiri\Downloads\Dovolená_REAL.ods
2015-06-02 13:04 - 2015-06-02 13:04 - 00000000 ____D C:\Program Files (x86)\Red Giant Link
2015-06-01 19:43 - 2015-06-01 19:43 - 00000000 ____D C:\Users\Jiri\Downloads\FOLDER07
2015-05-31 22:07 - 2015-05-31 22:07 - 00076288 _____ C:\Users\Jiri\Downloads\P5.ppt
2015-05-31 21:51 - 2015-05-31 21:51 - 00463872 _____ C:\Users\Jiri\Downloads\LOGISTIKA_5.ppt
2015-05-31 21:46 - 2015-05-31 21:46 - 00301665 _____ C:\Users\Jiri\Downloads\pred3 (1).pptx
2015-05-31 21:38 - 2015-05-31 21:38 - 00301665 _____ C:\Users\Jiri\Downloads\pred3.pptx
2015-05-31 21:26 - 2015-05-31 21:26 - 00029583 _____ C:\Users\Jiri\Desktop\vseTester.jar
2015-05-31 21:23 - 2015-05-31 21:23 - 00244736 _____ C:\Users\Jiri\Downloads\OKE-_Metodická (1)
2015-05-31 01:10 - 2015-05-31 01:10 - 00084517 _____ C:\Users\Jiri\Downloads\2OP524_5_KoDo_Manazera.pptx
2015-05-30 14:21 - 2015-05-30 14:21 - 02067968 _____ C:\Users\Jiri\Downloads\1400lRizeni_zasob.ppt
2015-05-29 22:35 - 2015-05-29 22:36 - 00244736 _____ C:\Users\Jiri\Downloads\OKE-_Metodická
2015-05-29 15:24 - 2015-05-29 15:24 - 00040568 _____ C:\Users\Jiri\Downloads\isis(vseborec.cz-dj6di).xlsx
2015-05-28 23:39 - 2015-05-28 23:39 - 11909828 _____ C:\Users\Jiri\Desktop\SELF.mp4
2015-05-28 23:28 - 2015-05-28 23:28 - 03744860 _____ C:\Users\Jiri\Desktop\Untitled Sequence.01-23.0LUFS.wav
2015-05-28 23:27 - 2015-05-28 23:28 - 03744854 _____ C:\Users\Jiri\Desktop\Untitled Sequence.01.wav
2015-05-28 22:18 - 2015-06-07 12:16 - 00000000 ____D C:\Users\Jiri\Downloads\FT 10 12
2015-05-28 22:13 - 2015-05-28 22:13 - 00123127 _____ C:\Users\Jiri\Downloads\SPONZORI.m4a
2015-05-28 14:53 - 2015-05-28 15:02 - 00039424 _____ C:\Users\Jiri\Desktop\smeny jirka cerven.xls
2015-05-26 16:16 - 2015-05-26 16:16 - 01365780 _____ C:\Users\Jiri\Downloads\Trollbeads_LOGO_1_Black.tif
2015-05-26 12:08 - 2015-05-26 12:08 - 00201694 _____ C:\Users\Jiri\Downloads\Hrach3.m4a
2015-05-26 06:11 - 2015-05-26 06:11 - 00233247 _____ C:\Users\Jiri\Downloads\Poutaky Prvni Rande.m4a
2015-05-26 05:52 - 2015-05-11 09:41 - 00337823 _____ C:\Users\Jiri\Desktop\7531-2.m4a
2015-05-25 11:25 - 2015-05-25 11:25 - 00012472 _____ C:\Users\Jiri\Desktop\Faktura kveten.xlsx
2015-05-25 11:25 - 2015-05-25 11:25 - 00000165 ____H C:\Users\Jiri\Desktop\~$Faktura kveten.xlsx
2015-05-25 11:19 - 2015-05-25 11:19 - 00012478 _____ C:\Users\Jiri\Downloads\Faktura 7 kveten.xlsx
2015-05-25 02:05 - 2015-05-25 02:05 - 00179200 _____ C:\Users\Jiri\Downloads\strategie.ppt
2015-05-24 22:52 - 2015-05-24 22:52 - 00408360 _____ C:\Users\Jiri\Downloads\Prednaska_3 (1).pptx
2015-05-24 21:51 - 2015-05-24 21:51 - 00069092 _____ C:\Users\Jiri\Downloads\Prednaska_5.pptx
2015-05-24 21:50 - 2015-05-24 21:50 - 00771613 _____ C:\Users\Jiri\Downloads\Prednaska_2 (2).pptx
2015-05-24 21:50 - 2015-05-24 21:50 - 00722685 _____ C:\Users\Jiri\Downloads\Prednaska_4_new.pptx
2015-05-24 21:50 - 2015-05-24 21:50 - 00408360 _____ C:\Users\Jiri\Downloads\Prednaska_3.pptx
2015-05-24 21:50 - 2015-05-24 21:50 - 00225805 _____ C:\Users\Jiri\Downloads\Prednaska_1 (1).pptx
2015-05-24 16:50 - 2015-05-24 16:52 - 00000000 ____D C:\Users\Jiri\Downloads\av1DMed1acomposer831
2015-05-23 03:39 - 2015-05-23 03:39 - 00000000 ____D C:\Avid MediaFiles
2015-05-23 03:28 - 2015-05-23 03:31 - 1407604512 _____ C:\Users\Jiri\Desktop\EDIT2.mxf
2015-05-23 02:06 - 2015-05-23 02:06 - 00762624 _____ C:\Users\Jiri\Downloads\adamec(vseborec.cz-gyb49).zip
2015-05-21 21:44 - 2015-06-08 09:40 - 00000000 ____D C:\Program Files\Rockstar Games
2015-05-21 11:55 - 2015-05-21 11:55 - 00000000 ____D C:\Users\Jiri\Documents\NUGEN Audio
2015-05-20 13:06 - 2015-06-08 09:40 - 00000080 _____ C:\Users\Jiri\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦
2015-05-20 13:06 - 2015-05-20 13:16 - 00000000 ____D C:\Users\Jiri\Documents\Rockstar Games
2015-05-20 13:06 - 2015-05-20 13:06 - 00000000 ____D C:\Users\Jiri\AppData\Local\Rockstar Games
2015-05-19 18:48 - 2015-06-07 11:58 - 00000000 ____D C:\Program Files (x86)\R.G. Mechanics
2015-05-19 16:34 - 2015-05-19 16:37 - 00000000 ____D C:\ProgramData\e8d9a6ec000009b1
2015-05-19 16:14 - 2015-05-19 16:14 - 00000000 _____ C:\Users\Jiri\AppData\Local\Temp.dat
2015-05-19 16:13 - 2015-05-19 16:13 - 00000000 ____D C:\Program Files (x86)\Open Tweet Filter

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-18 11:38 - 2013-08-22 17:36 - 00000000 ____D C:\windows\system32\sru
2015-06-18 10:08 - 2014-11-10 23:58 - 00000980 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA1cffd31713cdbb4.job
2015-06-18 09:14 - 2014-11-10 23:56 - 00003970 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{C554F663-AFDA-497A-866C-BA4317861154}
2015-06-18 06:08 - 2014-11-13 03:03 - 00000976 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore1cffedd9a40108f.job
2015-06-18 05:40 - 2014-09-15 18:28 - 00035328 _____ C:\windows\system32\VfService.trf
2015-06-18 04:38 - 2014-11-16 01:04 - 00000000 ____D C:\Users\Jiri\AppData\Roaming\vlc
2015-06-18 04:10 - 2014-11-11 04:33 - 00000000 ____D C:\Users\Public\Documents\Avid Media Composer
2015-06-18 03:48 - 2014-11-23 13:30 - 00000000 ____D C:\Users\Jiri\AppData\Roaming\NUGEN LMCorrect
2015-06-18 03:31 - 2014-11-23 13:29 - 00000000 ____D C:\Users\Jiri\AppData\Roaming\NUGEN Audio
2015-06-18 03:14 - 2014-11-11 04:33 - 00000000 ____D C:\Users\Public\Documents\Shared Avid Projects
2015-06-17 02:56 - 2015-05-15 10:47 - 00000024 _____ C:\Users\Jiri\AppData\Roaming\appdataFr25.bin
2015-06-17 02:08 - 2014-11-10 23:58 - 00000976 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore1cffd3171381665.job
2015-06-16 11:17 - 2014-11-10 23:53 - 00003598 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1547277944-862055614-3959490313-1001
2015-06-16 11:08 - 2014-09-15 18:54 - 00739924 _____ C:\windows\system32\perfh005.dat
2015-06-16 11:08 - 2014-09-15 18:54 - 00151610 _____ C:\windows\system32\perfc005.dat
2015-06-16 11:08 - 2014-03-18 11:53 - 01745984 _____ C:\windows\system32\PerfStringBackup.INI
2015-06-15 18:11 - 2013-08-22 17:36 - 00000000 ____D C:\windows\AppReadiness
2015-06-12 10:27 - 2015-05-18 22:27 - 00000372 _____ C:\windows\Tasks\Bidaily Synchronize Task[pr].job
2015-06-12 08:24 - 2015-02-23 01:05 - 00000000 ____D C:\ProgramData\{50f8100b-3a85-beab-50f8-8100b3a8402c}
2015-06-12 03:01 - 2013-08-22 17:36 - 00000000 ____D C:\windows\rescache
2015-06-12 02:00 - 2014-11-11 04:29 - 00000000 ____D C:\Users\Jiri\AppData\Local\Adobe
2015-06-11 10:32 - 2013-08-22 17:20 - 00000000 ____D C:\windows\CbsTemp
2015-06-11 10:07 - 2014-09-15 18:27 - 00000000 ____D C:\windows\System32\Tasks\Lenovo
2015-06-11 09:59 - 2014-12-02 22:39 - 00000027 _____ C:\ProgramData\lcsuc_prof.cfg
2015-06-11 09:59 - 2014-11-10 23:51 - 00000000 ___DO C:\Users\Jiri\OneDrive
2015-06-11 09:59 - 2014-09-15 18:10 - 00000000 ____D C:\ProgramData\NVIDIA
2015-06-11 09:59 - 2013-08-22 16:45 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-06-11 09:59 - 2013-08-22 16:44 - 05280360 _____ C:\windows\system32\FNTCACHE.DAT
2015-06-11 09:58 - 2013-08-22 17:36 - 00000000 ____D C:\windows\PolicyDefinitions
2015-06-11 09:58 - 2013-08-22 15:25 - 00262144 ___SH C:\windows\system32\config\BBI
2015-06-10 08:43 - 2014-11-13 12:57 - 00000000 ____D C:\windows\system32\MRT
2015-06-08 11:01 - 2014-11-10 23:47 - 00000000 ____D C:\Users\Jiri
2015-06-07 11:57 - 2015-01-31 17:05 - 00000000 ____D C:\Users\Jiri\Documents\GRAFIKA
2015-06-07 11:43 - 2014-11-10 23:47 - 00000000 ____D C:\Users\Jiri\AppData\Local\Packages
2015-06-07 10:58 - 2014-11-14 01:59 - 00000000 ____D C:\Program Files (x86)\uTorrent
2015-06-04 18:04 - 2014-11-10 23:58 - 00000000 ____D C:\Program Files (x86)\Google
2015-06-03 18:18 - 2013-08-22 17:38 - 00792568 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-06-03 18:18 - 2013-08-22 17:38 - 00178168 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-31 21:17 - 2015-05-14 13:11 - 00000000 ____D C:\Users\Jiri\Desktop\PLOCHA2
2015-05-27 21:10 - 2015-02-20 18:16 - 00000000 ____D C:\Users\Jiri\Documents\Soubory aplikace Outlook
2015-05-27 00:04 - 2014-11-13 12:57 - 140135120 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-05-25 11:23 - 2015-01-06 09:10 - 00000000 ____D C:\Users\Jiri\Documents\FRANTA AND FRED
2015-05-23 03:24 - 2015-01-31 15:08 - 00000000 ____D C:\Users\Jiri\Documents\AE Projects
2015-05-22 02:58 - 2014-09-15 18:33 - 00000000 ____D C:\ProgramData\Energy Manager
2015-05-19 18:04 - 2015-01-31 14:19 - 00000000 ____D C:\Users\Jiri\Documents\Avid Projects
2015-05-19 16:58 - 2015-04-29 15:14 - 00000000 ____D C:\ProgramData\13721019663450278299
2015-05-19 10:27 - 2015-05-18 22:26 - 00000000 ____D C:\ProgramData\{765201f9-c187-7199-7652-201f9c1807e7}
2015-05-19 05:24 - 2015-05-07 01:16 - 00000000 ____D C:\Program Files\Microsoft Office 15

==================== Files in the root of some directories =======

2015-05-15 10:47 - 2015-06-17 02:56 - 0000024 _____ () C:\Users\Jiri\AppData\Roaming\appdataFr25.bin
2015-03-08 22:28 - 2015-05-13 13:39 - 0000020 _____ () C:\Users\Jiri\AppData\Roaming\appdataFr3.bin
2014-11-11 04:31 - 2014-11-15 13:00 - 1168688 _____ () C:\Users\Jiri\AppData\Roaming\AvidApplicationManager_Install.log
2014-11-11 04:56 - 2014-11-11 04:56 - 0329918 _____ () C:\Users\Jiri\AppData\Roaming\CodecsLE_Install.log
2014-11-11 01:07 - 2014-11-11 01:07 - 1249792 _____ (http://www.ruby-lang.org/) C:\Users\Jiri\AppData\Roaming\msvcr90-ruby191.dll
2015-02-07 04:21 - 2015-03-07 14:13 - 0000600 _____ () C:\Users\Jiri\AppData\Roaming\winscp.rnd
2015-05-13 13:36 - 2015-05-13 13:37 - 0000806 _____ () C:\Users\Jiri\AppData\Local\Temp-log.txt
2015-05-19 16:14 - 2015-05-19 16:14 - 0000000 _____ () C:\Users\Jiri\AppData\Local\Temp.dat
2015-06-11 09:59 - 2015-06-11 09:59 - 0000000 ____H () C:\ProgramData\cm-lock
2014-09-15 18:16 - 2014-09-15 18:16 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-12-02 22:39 - 2015-06-11 09:59 - 0000027 _____ () C:\ProgramData\lcsuc_prof.cfg

Some files in TEMP:
====================
C:\Users\Jiri\AppData\Local\Temp\Quarantine.exe
C:\Users\Jiri\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\windows\Tasks\Bidaily Synchronize Task[pr].job => c:\programdata\{765201f9-c187-7199-7652-201f9c1807e7}\5619110643820751498s.exe <==== ATTENTION
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore1cffd3171381665.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore1cffedd9a40108f.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA1cffd31713cdbb4.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Jiri\Desktop" je 7353 MB.

***** Startup Programs *****

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x0
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

#2 Příspěvek od **JaRon** » 18 čer 2015 10:57

Velikost slozky "C:\Users\Jiri\Desktop" je 7353 MB.
uprav velkost adresara, aby nepresahoval 300MB
+
nemas tam antivir

nainstalovat a vycistit PC

Vanisek · #3 Příspěvek od **Vanisek** » 18 čer 2015 11:05

Mam windows defender, jen jsem u nej nemel zapnutou ochranu v realnem case. Staci to jako antivir?

plus problem je, ze mi v chromu skacou reklamni okna (ackoliv mam adblock), takze to vidim na nejakej malware. Projel sem pocitac nastrojem od microsoftu:"Nástroj systému Microsoft® Windows® pro odstranění škodlivého softwaru (KB890830) " , ale nic mi to nenaslo.

#4 Příspěvek od **JaRon** » 18 čer 2015 11:17

nastroje od MS staja za prd

nainstaluj AV - inac sem budes chodit ako na klavir a forum nebude suplovat antivir

Vanisek · #5 Příspěvek od **Vanisek** » 18 čer 2015 12:54

Ok, muzes doporucit nejakej antivir kterej neprilis zatezuje system? vim ze na googlu je o tom spoustu clanku, ale bojim se, ze casto nejsou objektivni a jedna se jen o PR.

#6 Příspěvek od **JaRon** » 18 čer 2015 13:09

zvacsa doporucujeme Avast alebo Aviru
myslim, ze AV zatazuju system menej ako kdejake updatery, toolbary apod. kraviny

Vanisek · #7 Příspěvek od **Vanisek** » 19 čer 2015 14:44

Tak sem celej pocitac projel Avastem, neco mi odstranil, ale porad mi vyskakuje v chromu okno, viz Obrázek

#8 Příspěvek od **JaRon** » 20 čer 2015 17:51

OK, pouzi este zoek podla navodu kolegu
http://forum.viry.cz/viewtopic.php?f=5& ... k#p1402389

Vanisek · #9 Příspěvek od **Vanisek** » 23 čer 2015 09:59

Ok, projel sem to ZOECem a okno uz nevyskakuje, jen mi Avast kazdy 3 minuty blokuje nejakou situ z chromu. Napr.

Obrázek

Zde log ze ZOECu:

Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by Jiri on ne 21. 06. 2015 at 17:55:20,78.
Microsoft Windows 8.1 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Jiri\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

21. 6. 2015 17:56:23 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\Adobe deleted successfully
C:\PROGRA~2\AGEIA Technologies deleted successfully
C:\PROGRA~2\New Folder deleted successfully
C:\PROGRA~2\Ubisoft deleted successfully
C:\PROGRA~3\80edcee400000a04 deleted successfully
C:\PROGRA~3\CorelDRAW Graphics Suite X7 x64 deleted successfully
C:\PROGRA~3\e8d9a6ec000009b1 deleted successfully
C:\PROGRA~3\Office2013 deleted successfully
C:\Users\Jiri\AppData\Roaming\GHISLER deleted successfully
C:\Users\Jiri\AppData\Local\PACE Anti-Piracy deleted successfully

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== Deleting Files \ Folders ======================

C:\PROGRA~2\Adobe not found
C:\PROGRA~2\AGEIA Technologies not found
C:\PROGRA~2\New Folder not found
C:\PROGRA~2\Ubisoft not found
C:\PROGRA~3\CorelDRAW Graphics Suite X7 x64 not found
C:\PROGRA~2\Open Tweet Filter deleted
C:\PROGRA~3\{765201f9-c187-7199-7652-201f9c1807e7} deleted
C:\Users\Jiri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\startup\Epic motivational music mix.mp3.lnk deleted
C:\PROGRA~3\13721019663450278299 deleted
C:\windows\sysWoW64\config\systemprofile\.android deleted
C:\Users\Jiri\AppData\Roaming\appdataFr3.bin deleted
C:\Users\Jiri\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Start Menu.lnk deleted
C:\Users\Jiri\AppData\Roaming\msvcr90-ruby191.dll deleted
C:\Users\Jiri\AppData\Roaming\AvidApplicationManager_Install.log deleted
C:\Users\Jiri\AppData\Roaming\CodecsLE_Install.log deleted
C:\PROGRA~3\Adobe\29B77C3.vbe deleted
C:\PROGRA~3\Mini - Adblocker deleted
C:\Users\Jiri\AppData\Local\CrashRpt deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\windows\SysWow64\AI_RecycleBin deleted
"C:\ProgramData\cm-lock" not deleted
"C:\PROGRA~3\{50f8100b-3a85-beab-50f8-8100b3a8402c}\4da9a579e5cbd03e" not deleted
"C:\PROGRA~3\{50f8100b-3a85-beab-50f8-8100b3a8402c}\8054032cc21f37ea" not deleted
"C:\PROGRA~3\{50f8100b-3a85-beab-50f8-8100b3a8402c}\Epic motivational music mix.mp3.exe" deleted
"C:\PROGRA~3\{50f8100b-3a85-beab-50f8-8100b3a8402c}" not deleted
"C:\PROGRA~3\Package Cache" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [18. 06. 2015 14:27]

==== Chromium Look ======================

Google Chrome Version: 43.0.2357.124

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[18. 06. 2015 14:27]

Angry Birds - Jiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj
AdBlock - Jiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
imo free video calls and text - Jiri\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocaebkdojpikfmhmnekiflipcicedobi

==== Chromium Startpages ======================

C:\Users\Jiri\AppData\Local\Google\Chrome\User Data\Default\Preferences
dijeoejaedia\\8.1_0","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":true,"was_installed_by_oem":false}}},"google":{"services":{"last_username":"VanekJr@gmail.com","username":"VanekJr@gmail.com"}},"homepage":"http://www.seznam.cz/","homepage_is_new ... artup_urls":[""]},"software_reporter":{"prompt_reason":0,"prompt_version":"3.20.1"},"sync":{"remaining_rollback_tries":0}}

==== Chromium Fix ======================

C:\Users\Jiri\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.lyricsmode.com_0.localstorage deleted successfully
C:\Users\Jiri\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.lyricsmode.com_0.localstorage-journal deleted successfully
C:\Users\Jiri\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_savedeo.com_0.localstorage deleted successfully
C:\Users\Jiri\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_savedeo.com_0.localstorage-journal deleted successfully
C:\Users\Jiri\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_savevideo.me_0.localstorage deleted successfully
C:\Users\Jiri\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_savevideo.me_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{B8D78E9B-A25B-46C6-A7CC-A66C356A5E21}"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{B8D78E9B-A25B-46C6-A7CC-A66C356A5E21} Unknown Url="Not_Found"

==== Reset Google Chrome ======================

C:\Users\Jiri\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Jiri\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Jiri\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Jiri\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1547277944-862055614-3959490313-1001\Software\Microsoft\Internet Explorer\SearchScopes\{B8D78E9B-A25B-46C6-A7CC-A66C356A5E21} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{B8D78E9B-A25B-46C6-A7CC-A66C356A5E21} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B8D78E9B-A25B-46C6-A7CC-A66C356A5E21} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully

==== Empty IE Cache ======================

C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Jiri\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Jiri\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Jiri\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Jiri\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Jiri\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=114 folders=107 111085308 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Jiri\AppData\Local\Temp will be emptied at reboot
C:\windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\windows\Temp successfully emptied
C:\Users\Jiri\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\ProgramData\cm-lock" not deleted
"C:\PROGRA~3\{50f8100b-3a85-beab-50f8-8100b3a8402c}\4da9a579e5cbd03e" not found
"C:\PROGRA~3\{50f8100b-3a85-beab-50f8-8100b3a8402c}\8054032cc21f37ea" not found
"C:\PROGRA~3\{50f8100b-3a85-beab-50f8-8100b3a8402c}" not found

==== EOF on ne 21. 06. 2015 at 18:23:52,48 ======================

#10 Příspěvek od **JaRon** » 23 čer 2015 10:06

vycisti PC s ADWCleanerom

Vanisek · #11 Příspěvek od **Vanisek** » 25 čer 2015 15:18

PC sem vycistil, ale avast stale hlasi blokovani. Zde log z adwcleaneru:

# AdwCleaner v4.207 - Log vytvořen 25/06/2015 v 16:12:08
# Aktualizováno 21/06/2015 by Xplode
# Databáze : 2015-06-23.1 [Server]
# Operační system : Windows 8.1 (x64)
# Uživatelské jméno : Jiri - LENOVO-PC
# Spuštěno z : C:\Users\Jiri\Desktop\adwcleaner_4.207.exe
# Nastavení : Čištění

***** [ Služby ] *****

***** [ Soubory / Složky ] *****

Složka Smazáno : C:\ProgramData\e4295f1000004ae1
Soubor Smazáno : C:\windows\SysWOW64\VisualDiscovery.ini
Soubor Smazáno : C:\windows\SysWOW64\VisualDiscoveryOff.ini
Soubor Smazáno : C:\windows\System32\VisualDiscoveryOff.ini

***** [ Naplánované úlohy ] *****

***** [ Zástupci ] *****

***** [ Registry ] *****

Klíč Smazáno : HKCU\Software\Classes\pokki
Klíč Smazáno : HKLM\SOFTWARE\44747ddf-f79e-52aa-dd45-cf3ca68ed67f
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{237FDFDB-3722-470E-8BA8-90196DABE967}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{F126C9FC-9299-40F2-BD42-C59023AD1E7F}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{532ECD0F-E6C9-4ACE-860A-3730B1F6F1DD}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{7A35867D-D50D-4D31-BAA2-279E5AACCBCC}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{EB559340-3A8F-4456-B24D-160098054EF0}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{237FDFDB-3722-470E-8BA8-90196DABE967}
Klíč Smazáno : HKCU\Software\Appscion
Klíč Smazáno : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Klíč Smazáno : HKLM\SOFTWARE\VisualDiscovery
Klíč Smazáno : HKLM\SOFTWARE\Superfish Inc. VisualDiscovery
Klíč Smazáno : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2DF3E224-05CD-4113-AA7A-86F2F6607B46}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8E8C2E2D-7F21-2CF5-0ADB-64935121ECF0}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E957849A-94AC-6F46-4623-C31474E3C170}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B6D700D3-3D0D-FEEB-D675-2CE78F9EC5D6}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A3FC46A0-9B62-0EF3-B475-743B3A2762B1}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B138259A-351E-33FA-2726-8D71704F1DA9}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CA1838EF-A497-194E-3850-37A62CEE398B}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{53B21E29-3967-C332-57EB-C02631658584}
Data Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local

***** [ Prohlížeče ] *****

-\\ Internet Explorer v0.0.0.0

-\\ Google Chrome v43.0.2357.130

*************************

AdwCleaner[R0].txt - [2948 bytů] - [23/06/2015 13:34:33]
AdwCleaner[R1].txt - [3006 bytů] - [25/06/2015 16:11:24]
AdwCleaner[S0].txt - [2855 bytů] - [25/06/2015 16:12:08]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2913 bytů] ##########

VIRY.CZ

Vyskakovací okna, prosím o kontrolo logu

Vyskakovací okna, prosím o kontrolo logu

Re: Vyskakovací okna, prosím o kontrolo logu

Re: Vyskakovací okna, prosím o kontrolo logu

Re: Vyskakovací okna, prosím o kontrolo logu

Re: Vyskakovací okna, prosím o kontrolo logu

Re: Vyskakovací okna, prosím o kontrolo logu

Re: Vyskakovací okna, prosím o kontrolo logu

Re: Vyskakovací okna, prosím o kontrolo logu

Re: Vyskakovací okna, prosím o kontrolo logu

Re: Vyskakovací okna, prosím o kontrolo logu

Re: Vyskakovací okna, prosím o kontrolo logu