Rsit preventivka

Zpráva

paolov · #1 Příspěvek od **paolov** » 07 črc 2015 21:18

Logfile of random's system information tool 1.10 (written by random/random)
Run by Marcelka a Pavlíček at 2015-07-07 22:11:27
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 524 GB (78%) free of 670 GB
Total RAM: 4040 MB (50% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:11:40, on 7.7.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files\trend micro\Marcelka a Pavlíček.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tiscali.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-3620069392-4155492544-4229756758-1242\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '_ocster_backup_')
O4 - HKUS\S-1-5-21-3620069392-4155492544-4229756758-1242\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '_ocster_backup_')
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {26E1BEAF-C1A1-482B-8714-08844F1BCF7F} (GTileContainerCtl Class) - http://90.182.35.27/webviewer.cab
O16 - DPF: {816BE035-1450-40D0-8A3B-BA7825A83A77} (IASRunner Class) - http://support.lenovo.com/Resources/Len ... etect2.cab
O16 - DPF: {BF776FD3-69B4-4151-AC97-3A2A64753E18} (GVersionManager Class) - http://90.182.35.27/GVersionMan.cab
O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} (SysInfo Class) - http://content.systemrequirementslab.co ... .5.1.0.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Ocster Backup (ocster_backup) - Unknown owner - c:\Program Files\Ocster Backup\bin\backupService-ox.exe
O23 - Service: PnkBstrA - Unknown owner - C:\windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9244 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\system32\atiesrxx.exe
winlogon.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\svchost.exe -k NetworkService
atieclxx
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\windows\system32\WLANExt.exe 29790160
\??\C:\windows\system32\conhost.exe "-21644923-724400639-95918347-2047346236-1517188833-152672313379828541-38614646
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe"
C:\windows\System32\svchost.exe -k utcsvc
"c:\Program Files\Ocster Backup\bin\backupService-ox.exe" "--controlFolder=c:\ProgramData\Ocster Backup\control" "--id=ocster_backup" daemon
C:\windows\SysWOW64\PnkBstrA.exe
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
C:\windows\system32\wbem\wmiprvse.exe
"c:\Program Files\Ocster Backup\bin\oxHelper.exe" watchDog backupDaemon 2072 "c:\Users\_OCSTE~1\AppData\Local\Temp\oxHelperParam-2072-4d176da01b5025a7"
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"taskhost.exe"
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\utility.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
C:\windows\system32\SearchIndexer.exe /Embedding
C:\windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\windows\system32\GWX\GWX.exe"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 3268
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe"
"taskhost.exe"
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe6_ Global\UsGthrCtrlFltPipeMssGthrPipe6 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
"C:\Users\Marcelka a Pavlíček\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\windows\tasks\Adobe Flash Player Updater.job - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Marcelka a Pavlíček\AppData\Roaming\Mozilla\Firefox\Profiles\lbu3mxc0.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3, {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11, {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17, jqs@sun.com:1.0, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {0FED7D55-65D4-47b6-A6DE-9A4ADB55355F}:1.0.1, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0, {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:5.5, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.13"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.194 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_194.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\windows\SysWOW64\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.45.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.194 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_18_0_0_194.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.4.0]
"Description"=
"Path"=C:\windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll

C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Users\Marcelka a Pavlíček\AppData\Roaming\Mozilla\Firefox\Profiles\lbu3mxc0.default\extensions\
paulsaintuzb@gmail.com

C:\Users\Marcelka a Pavlíček\AppData\Roaming\Mozilla\Firefox\Profiles\lbu3mxc0.default\searchplugins\
firmycz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-02 662672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-05-16 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-02 565304]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-16 172968]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2011-03-26 167960]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2011-03-26 391704]
"Persistence"=C:\windows\system32\igfxpers.exe [2011-03-26 418840]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-04-08 2741544]
"Energy Management"=C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [2011-10-08 9753024]
"EnergyUtility"=C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [2011-10-08 5908928]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SAIICpl.exe [2000-01-01 307768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ocster Backup]
C:\Program Files\Ocster Backup\bin\backupClient-ox.exe [2015-03-05 314680]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VeriFaceManager]
C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [2011-10-08 329056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
C:\PROGRA~1\Lenovo\BLUETO~1\BTTray.exe [2010-12-14 1133856]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-02-18 283160]
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-11-17 113288]
"YouCam Mirage"=C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2011-01-29 136488]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-05-12 5515496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2011-03-25 385024]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-07-07 22:11:27 ----D---- C:\rsit
2015-07-03 20:57:36 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-06-10 12:10:34 ----A---- C:\windows\SYSWOW64\vbscript.dll
2015-06-10 12:10:34 ----A---- C:\windows\SYSWOW64\urlmon.dll
2015-06-10 12:10:34 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2015-06-10 12:10:34 ----A---- C:\windows\SYSWOW64\MshtmlDac.dll
2015-06-10 12:10:34 ----A---- C:\windows\SYSWOW64\mshtml.dll
2015-06-10 12:10:34 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2015-06-10 12:10:34 ----A---- C:\windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-06-10 12:10:34 ----A---- C:\windows\SYSWOW64\iernonce.dll
2015-06-10 12:10:34 ----A---- C:\windows\SYSWOW64\ieetwproxystub.dll
2015-06-10 12:10:34 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2015-06-10 12:10:34 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2015-06-10 12:10:34 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2015-06-10 12:10:34 ----A---- C:\windows\system32\iernonce.dll
2015-06-10 12:10:34 ----A---- C:\windows\system32\ieetwproxystub.dll
2015-06-10 12:10:34 ----A---- C:\windows\system32\ieetwcollector.exe
2015-06-10 12:10:34 ----A---- C:\windows\system32\ie4uinit.exe
2015-06-10 12:10:33 ----A---- C:\windows\SYSWOW64\jscript.dll
2015-06-10 12:10:33 ----A---- C:\windows\SYSWOW64\iesetup.dll
2015-06-10 12:10:33 ----A---- C:\windows\SYSWOW64\iertutil.dll
2015-06-10 12:10:33 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2015-06-10 12:10:33 ----A---- C:\windows\system32\urlmon.dll
2015-06-10 12:10:33 ----A---- C:\windows\system32\ieetwcollectorres.dll
2015-06-10 12:10:33 ----A---- C:\windows\system32\iedkcs32.dll
2015-06-10 12:10:32 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2015-06-10 12:10:32 ----A---- C:\windows\SYSWOW64\jscript9diag.dll
2015-06-10 12:10:32 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2015-06-10 12:10:32 ----A---- C:\windows\SYSWOW64\ieui.dll
2015-06-10 12:10:32 ----A---- C:\windows\SYSWOW64\ieframe.dll
2015-06-10 12:10:32 ----A---- C:\windows\SYSWOW64\dxtmsft.dll
2015-06-10 12:10:32 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2015-06-10 12:10:32 ----A---- C:\windows\system32\msfeeds.dll
2015-06-10 12:10:32 ----A---- C:\windows\system32\dxtrans.dll
2015-06-10 12:10:31 ----A---- C:\windows\system32\iesetup.dll
2015-06-10 12:10:31 ----A---- C:\windows\system32\ieapfltr.dll
2015-06-10 12:10:30 ----A---- C:\windows\SYSWOW64\mshtmlmedia.dll
2015-06-10 12:10:30 ----A---- C:\windows\SYSWOW64\jscript9.dll
2015-06-10 12:10:30 ----A---- C:\windows\system32\vbscript.dll
2015-06-10 12:10:30 ----A---- C:\windows\system32\iertutil.dll
2015-06-10 12:10:29 ----A---- C:\windows\SYSWOW64\wininet.dll
2015-06-10 12:10:29 ----A---- C:\windows\SYSWOW64\msrating.dll
2015-06-10 12:10:29 ----A---- C:\windows\system32\jsproxy.dll
2015-06-10 12:10:29 ----A---- C:\windows\system32\ieUnatt.exe
2015-06-10 12:10:29 ----A---- C:\windows\system32\ieui.dll
2015-06-10 12:10:29 ----A---- C:\windows\system32\ieframe.dll
2015-06-10 12:10:29 ----A---- C:\windows\system32\dxtmsft.dll
2015-06-10 12:10:28 ----A---- C:\windows\system32\mshtmlmedia.dll
2015-06-10 12:10:28 ----A---- C:\windows\system32\mshtmled.dll
2015-06-10 12:10:28 ----A---- C:\windows\system32\jscript9diag.dll
2015-06-10 12:10:28 ----A---- C:\windows\system32\jscript9.dll
2015-06-10 12:10:28 ----A---- C:\windows\system32\jscript.dll
2015-06-10 12:10:27 ----A---- C:\windows\system32\wininet.dll
2015-06-10 12:10:27 ----A---- C:\windows\system32\msrating.dll
2015-06-10 12:10:27 ----A---- C:\windows\system32\MshtmlDac.dll
2015-06-10 12:10:26 ----A---- C:\windows\system32\mshtml.dll
2015-06-10 08:21:06 ----A---- C:\windows\system32\diagtrack.dll
2015-06-10 08:21:05 ----A---- C:\windows\system32\KernelBase.dll
2015-06-10 08:21:05 ----A---- C:\windows\system32\kerberos.dll
2015-06-10 08:21:04 ----A---- C:\windows\SYSWOW64\ntkrnlpa.exe
2015-06-10 08:21:04 ----A---- C:\windows\SYSWOW64\kerberos.dll
2015-06-10 08:21:04 ----A---- C:\windows\SYSWOW64\advapi32.dll
2015-06-10 08:21:04 ----A---- C:\windows\system32\ntoskrnl.exe
2015-06-10 08:21:04 ----A---- C:\windows\system32\lsasrv.dll
2015-06-10 08:21:04 ----A---- C:\windows\system32\kernel32.dll
2015-06-10 08:21:04 ----A---- C:\windows\system32\advapi32.dll
2015-06-10 08:21:03 ----A---- C:\windows\SYSWOW64\wdigest.dll
2015-06-10 08:21:03 ----A---- C:\windows\SYSWOW64\typeperf.exe
2015-06-10 08:21:03 ----A---- C:\windows\SYSWOW64\TSpkg.dll
2015-06-10 08:21:03 ----A---- C:\windows\SYSWOW64\tracerpt.exe
2015-06-10 08:21:03 ----A---- C:\windows\SYSWOW64\tdh.dll
2015-06-10 08:21:03 ----A---- C:\windows\SYSWOW64\srclient.dll
2015-06-10 08:21:03 ----A---- C:\windows\SYSWOW64\schannel.dll
2015-06-10 08:21:03 ----A---- C:\windows\SYSWOW64\setup16.exe
2015-06-10 08:21:03 ----A---- C:\windows\SYSWOW64\sechost.dll
2015-06-10 08:21:03 ----A---- C:\windows\SYSWOW64\secur32.dll
2015-06-10 08:21:03 ----A---- C:\windows\SYSWOW64\relog.exe
2015-06-10 08:21:03 ----A---- C:\windows\SYSWOW64\ntvdm64.dll
2015-06-10 08:21:03 ----A---- C:\windows\SYSWOW64\ntoskrnl.exe
2015-06-10 08:21:03 ----A---- C:\windows\SYSWOW64\ntdll.dll
2015-06-10 08:21:03 ----A---- C:\windows\SYSWOW64\ncrypt.dll
2015-06-10 08:21:03 ----A---- C:\windows\SYSWOW64\msv1_0.dll
2015-06-10 08:21:03 ----A---- C:\windows\SYSWOW64\logman.exe
2015-06-10 08:21:03 ----A---- C:\windows\SYSWOW64\diskperf.exe
2015-06-10 08:21:03 ----A---- C:\windows\SYSWOW64\credssp.dll
2015-06-10 08:21:03 ----A---- C:\windows\SYSWOW64\auditpol.exe
2015-06-10 08:21:03 ----A---- C:\windows\system32\wow64win.dll
2015-06-10 08:21:03 ----A---- C:\windows\system32\wow64.dll
2015-06-10 08:21:03 ----A---- C:\windows\system32\winsrv.dll
2015-06-10 08:21:03 ----A---- C:\windows\system32\wdigest.dll
2015-06-10 08:21:03 ----A---- C:\windows\system32\typeperf.exe
2015-06-10 08:21:03 ----A---- C:\windows\system32\TSpkg.dll
2015-06-10 08:21:03 ----A---- C:\windows\system32\tracerpt.exe
2015-06-10 08:21:03 ----A---- C:\windows\system32\tdh.dll
2015-06-10 08:21:03 ----A---- C:\windows\system32\sspisrv.dll
2015-06-10 08:21:03 ----A---- C:\windows\system32\sspicli.dll
2015-06-10 08:21:03 ----A---- C:\windows\system32\srcore.dll
2015-06-10 08:21:03 ----A---- C:\windows\system32\srclient.dll
2015-06-10 08:21:03 ----A---- C:\windows\system32\smss.exe
2015-06-10 08:21:03 ----A---- C:\windows\system32\schannel.dll
2015-06-10 08:21:03 ----A---- C:\windows\system32\sechost.dll
2015-06-10 08:21:03 ----A---- C:\windows\system32\secur32.dll
2015-06-10 08:21:03 ----A---- C:\windows\system32\rstrui.exe
2015-06-10 08:21:03 ----A---- C:\windows\system32\relog.exe
2015-06-10 08:21:03 ----A---- C:\windows\system32\ntvdm64.dll
2015-06-10 08:21:03 ----A---- C:\windows\system32\ntdll.dll
2015-06-10 08:21:03 ----A---- C:\windows\system32\ncrypt.dll
2015-06-10 08:21:03 ----A---- C:\windows\system32\msv1_0.dll
2015-06-10 08:21:03 ----A---- C:\windows\system32\lsass.exe
2015-06-10 08:21:03 ----A---- C:\windows\system32\logman.exe
2015-06-10 08:21:03 ----A---- C:\windows\system32\drivers\ksecpkg.sys
2015-06-10 08:21:03 ----A---- C:\windows\system32\drivers\ksecdd.sys
2015-06-10 08:21:03 ----A---- C:\windows\system32\diskperf.exe
2015-06-10 08:21:03 ----A---- C:\windows\system32\csrsrv.dll
2015-06-10 08:21:03 ----A---- C:\windows\system32\credssp.dll
2015-06-10 08:21:03 ----A---- C:\windows\system32\conhost.exe
2015-06-10 08:21:03 ----A---- C:\windows\system32\auditpol.exe
2015-06-10 08:21:02 ----AH---- C:\windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-10 08:21:02 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 08:21:02 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-10 08:21:02 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 08:21:02 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 08:21:02 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 08:21:02 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-10 08:21:02 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 08:21:02 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 08:21:02 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 08:21:02 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 08:21:02 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 08:21:02 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 08:21:02 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 08:21:02 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 08:21:02 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 08:21:02 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-10 08:21:02 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 08:21:02 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 08:21:02 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 08:21:02 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-10 08:21:02 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 08:21:02 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 08:21:02 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 08:21:02 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 08:21:02 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 08:21:02 ----AH---- C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-10 08:21:02 ----AH---- C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 08:21:02 ----AH---- C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-10 08:21:02 ----AH---- C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 08:21:02 ----AH---- C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 08:21:02 ----AH---- C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 08:21:02 ----AH---- C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-10 08:21:02 ----AH---- C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 08:21:02 ----AH---- C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 08:21:02 ----AH---- C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 08:21:02 ----AH---- C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 08:21:02 ----AH---- C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 08:21:02 ----AH---- C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 08:21:02 ----AH---- C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 08:21:02 ----AH---- C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 08:21:02 ----AH---- C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 08:21:02 ----AH---- C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-10 08:21:02 ----AH---- C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 08:21:02 ----AH---- C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 08:21:02 ----AH---- C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 08:21:02 ----AH---- C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-10 08:21:02 ----AH---- C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 08:21:02 ----AH---- C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 08:21:02 ----AH---- C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 08:21:02 ----AH---- C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 08:21:02 ----AH---- C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 08:21:02 ----A---- C:\windows\SYSWOW64\wow32.dll
2015-06-10 08:21:02 ----A---- C:\windows\SYSWOW64\sspicli.dll
2015-06-10 08:21:02 ----A---- C:\windows\SYSWOW64\KernelBase.dll
2015-06-10 08:21:02 ----A---- C:\windows\SYSWOW64\kernel32.dll
2015-06-10 08:21:02 ----A---- C:\windows\SYSWOW64\apisetschema.dll
2015-06-10 08:21:02 ----A---- C:\windows\system32\wow64cpu.dll
2015-06-10 08:21:01 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 08:21:01 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-10 08:21:01 ----AH---- C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 08:21:01 ----AH---- C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-10 08:21:01 ----A---- C:\windows\SYSWOW64\user.exe
2015-06-10 08:21:01 ----A---- C:\windows\SYSWOW64\msobjs.dll
2015-06-10 08:21:01 ----A---- C:\windows\SYSWOW64\msaudite.dll
2015-06-10 08:21:01 ----A---- C:\windows\SYSWOW64\instnm.exe
2015-06-10 08:21:01 ----A---- C:\windows\SYSWOW64\adtschema.dll
2015-06-10 08:21:01 ----A---- C:\windows\system32\UtcResources.dll
2015-06-10 08:21:01 ----A---- C:\windows\system32\msobjs.dll
2015-06-10 08:21:01 ----A---- C:\windows\system32\msaudite.dll
2015-06-10 08:21:01 ----A---- C:\windows\system32\apisetschema.dll
2015-06-10 08:21:01 ----A---- C:\windows\system32\adtschema.dll
2015-06-10 08:19:32 ----A---- C:\windows\system32\wmp.dll
2015-06-10 08:19:31 ----A---- C:\windows\SYSWOW64\wmploc.DLL
2015-06-10 08:19:31 ----A---- C:\windows\SYSWOW64\wmp.dll
2015-06-10 08:19:31 ----A---- C:\windows\SYSWOW64\spwmp.dll
2015-06-10 08:19:31 ----A---- C:\windows\SYSWOW64\dxmasf.dll
2015-06-10 08:19:31 ----A---- C:\windows\system32\spwmp.dll
2015-06-10 08:19:31 ----A---- C:\windows\system32\dxmasf.dll
2015-06-10 08:19:30 ----A---- C:\windows\system32\wmploc.DLL
2015-06-10 08:19:29 ----A---- C:\windows\system32\invagent.dll
2015-06-10 08:19:29 ----A---- C:\windows\system32\generaltel.dll
2015-06-10 08:19:29 ----A---- C:\windows\system32\devinv.dll
2015-06-10 08:19:29 ----A---- C:\windows\system32\appraiser.dll
2015-06-10 08:19:29 ----A---- C:\windows\system32\aepic.dll
2015-06-10 08:19:29 ----A---- C:\windows\system32\aepdu.dll
2015-06-10 08:19:29 ----A---- C:\windows\system32\aeinv.dll
2015-06-10 08:19:29 ----A---- C:\windows\system32\acmigration.dll
2015-06-10 08:13:45 ----A---- C:\windows\SYSWOW64\comctl32.dll
2015-06-10 08:13:45 ----A---- C:\windows\system32\comctl32.dll
2015-06-10 08:13:44 ----A---- C:\windows\system32\win32k.sys
2015-06-10 08:11:13 ----A---- C:\windows\system32\drivers\stream.sys

======List of files/folders modified in the last 1 month======

2015-07-07 22:11:40 ----D---- C:\windows\Prefetch
2015-07-07 22:11:35 ----D---- C:\Program Files\trend micro
2015-07-07 21:59:10 ----D---- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Skype
2015-07-07 20:55:27 ----D---- C:\windows\Temp
2015-07-07 20:51:29 ----D---- C:\windows\system32\config
2015-07-07 20:50:45 ----D---- C:\Program Files (x86)\Opera
2015-07-07 20:47:29 ----D---- C:\windows\System32
2015-07-07 20:47:29 ----D---- C:\windows\inf
2015-07-07 20:47:29 ----A---- C:\windows\system32\PerfStringBackup.INI
2015-07-07 20:43:22 ----A---- C:\windows\SYSWOW64\log.txt
2015-07-07 14:40:06 ----SHD---- C:\System Volume Information
2015-07-05 15:58:32 ----SHD---- C:\windows\Installer
2015-07-05 15:58:27 ----RD---- C:\Program Files (x86)\Skype
2015-07-05 15:58:22 ----D---- C:\ProgramData\Skype
2015-07-05 06:59:13 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-03 23:17:28 ----RD---- C:\Program Files (x86)
2015-07-01 21:11:19 ----D---- C:\Program Files\CCleaner
2015-07-01 21:08:12 ----D---- C:\Users\Marcelka a Pavlíček\AppData\Roaming\Adobe
2015-07-01 21:05:16 ----D---- C:\windows\system32\Tasks
2015-07-01 21:04:33 ----D---- C:\Program Files (x86)\Adobe
2015-07-01 21:04:25 ----D---- C:\ProgramData\Adobe
2015-07-01 21:04:13 ----D---- C:\windows\SysWOW64
2015-07-01 21:02:38 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2015-06-29 09:17:19 ----D---- C:\windows\system32\drivers
2015-06-19 07:20:00 ----D---- C:\Windows
2015-06-16 00:31:46 ----D---- C:\Users\Marcelka a Pavlíček\AppData\Roaming\vlc
2015-06-15 22:04:54 ----D---- C:\windows\Minidump
2015-06-15 22:04:54 ----D---- C:\windows\debug
2015-06-12 15:43:49 ----D---- C:\windows\rescache
2015-06-11 08:32:18 ----D---- C:\windows\winsxs
2015-06-11 08:29:22 ----SD---- C:\windows\system32\CompatTel
2015-06-11 08:29:22 ----D---- C:\Program Files\Windows Media Player
2015-06-11 08:29:22 ----D---- C:\Program Files (x86)\Windows Media Player
2015-06-11 08:29:21 ----D---- C:\windows\system32\appraiser
2015-06-11 08:29:21 ----D---- C:\windows\AppPatch
2015-06-11 08:29:17 ----D---- C:\windows\SYSWOW64\cs-CZ
2015-06-11 08:29:16 ----D---- C:\windows\system32\cs-CZ
2015-06-11 08:29:10 ----D---- C:\Program Files\Internet Explorer
2015-06-11 08:29:09 ----D---- C:\windows\SYSWOW64\en-US
2015-06-11 08:29:07 ----D---- C:\windows\PolicyDefinitions
2015-06-11 08:29:06 ----D---- C:\windows\system32\en-US
2015-06-11 08:29:03 ----D---- C:\Program Files (x86)\Internet Explorer
2015-06-10 17:19:00 ----D---- C:\windows\system32\MRT
2015-06-10 17:05:42 ----A---- C:\windows\system32\MRT.exe
2015-06-10 08:18:26 ----D---- C:\windows\system32\catroot2

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\windows\system32\drivers\aswRvrt.sys [2015-04-28 65736]
R0 aswVmm;avast! VM Monitor; C:\windows\system32\drivers\aswVmm.sys [2015-04-28 272248]
R0 fbfmon;fbfmon; C:\windows\system32\drivers\fbfmon.sys [2011-10-08 57952]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2011-02-18 439320]
R0 LHDmgr;LHDmgr; C:\windows\System32\DRIVERS\LhdX64.sys [2011-10-08 39008]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr2.sys [2015-04-28 93528]
R1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys [2015-04-28 1047320]
R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2015-06-28 442264]
R1 BPntDrv;BPntDrv; C:\windows\system32\drivers\BPntDrv.sys [2011-10-08 13408]
R1 ElbyCDIO;ElbyCDIO Driver; C:\windows\System32\Drivers\ElbyCDIO.sys [2010-12-17 40816]
R1 vpcnfltr;Virtual PC Network Filter Driver; C:\windows\system32\DRIVERS\vpcnfltr.sys [2010-11-20 59392]
R1 vpcvmm;@%SystemRoot%\system32\drivers\vpcvmm.sys,-100; C:\windows\system32\drivers\vpcvmm.sys [2010-11-20 360832]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\windows\system32\drivers\aswHwid.sys [2015-04-28 29168]
R2 aswMonFlt;aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [2015-04-28 89944]
R2 aswStm;aswStm; C:\windows\system32\drivers\aswStm.sys [2015-04-28 137288]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\windows\system32\DRIVERS\AcpiVpc.sys [2011-10-08 29792]
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2011-03-25 8284672]
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2011-03-25 296960]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\windows\system32\DRIVERS\bcmwl664.sys [2011-08-19 4746304]
R3 clwvd;CyberLink WebCam Virtual Driver; C:\windows\system32\DRIVERS\clwvd.sys [2011-01-29 31088]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\CHDRT64.sys [2000-01-01 1581184]
R3 IntcDAud;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
R3 intelkmd;intelkmd; C:\windows\system32\DRIVERS\igdpmd64.sys [2011-03-26 12262336]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\windows\system32\DRIVERS\L1C62x64.sys [2010-10-21 76912]
R3 MEIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\windows\system32\DRIVERS\nusb3hub.sys [2010-12-10 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\windows\system32\DRIVERS\nusb3xhc.sys [2010-12-10 181248]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\windows\system32\DRIVERS\seehcri.sys [2012-07-11 34032]
R3 SPUVCbv;SPUVCb Driver Service; C:\windows\System32\Drivers\usbvideo.sys [2013-07-12 185344]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2011-04-08 1430576]
R3 VClone;VClone; C:\windows\system32\DRIVERS\VClone.sys [2011-01-15 36352]
R3 vpcbus;Služba hostitelské sběrnice programu Virtual PC; C:\windows\system32\DRIVERS\vpchbus.sys [2010-11-20 194944]
R3 vpcusb;Služba konektoru virtualizace rozhraní USB; C:\windows\system32\DRIVERS\vpcusb.sys [2010-11-20 95232]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 aswTap;avast! SecureLine TAP Adapter v3; C:\windows\system32\DRIVERS\aswTap.sys [2014-07-05 44640]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 BTWAMPFL;btwampfl; C:\windows\system32\DRIVERS\btwampfl.sys [2010-12-15 349224]
S3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2010-12-15 106536]
S3 btwavdt;Bluetooth AVDT Service; C:\windows\system32\DRIVERS\btwavdt.sys [2010-12-15 138280]
S3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2010-12-15 39464]
S3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2010-12-15 21416]
S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2011-03-25 12262336]
S3 PcaSp60;Rawether NDIS 6.X SPR Protocol Driver; C:\windows\system32\DRIVERS\PcaSp60.sys [2010-05-19 38912]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\windows\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUVStor.sys [2010-09-30 299520]
S3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
S3 s115bus;Sony Ericsson Device 115 driver (WDM); C:\windows\system32\DRIVERS\s115bus.sys [2011-01-18 108296]
S3 s115mdfl;Sony Ericsson Device 115 USB WMC Modem Filter; C:\windows\system32\DRIVERS\s115mdfl.sys [2011-01-18 19720]
S3 s115mdm;Sony Ericsson Device 115 USB WMC Modem Driver; C:\windows\system32\DRIVERS\s115mdm.sys [2011-01-18 144648]
S3 s115mgmt;Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM); C:\windows\system32\DRIVERS\s115mgmt.sys [2011-01-18 126216]
S3 s115obex;Sony Ericsson Device 115 USB WMC OBEX Interface; C:\windows\system32\DRIVERS\s115obex.sys [2011-01-18 123656]
S3 s125bus;Sony Ericsson Device 125 driver (WDM); C:\windows\system32\DRIVERS\s125bus.sys [2011-01-18 108296]
S3 s125mdfl;Sony Ericsson Device 125 USB WMC Modem Filter; C:\windows\system32\DRIVERS\s125mdfl.sys [2011-01-18 19720]
S3 s125mdm;Sony Ericsson Device 125 USB WMC Modem Driver; C:\windows\system32\DRIVERS\s125mdm.sys [2011-01-18 144648]
S3 s125mgmt;Sony Ericsson Device 125 USB WMC Device Management Drivers (WDM); C:\windows\system32\DRIVERS\s125mgmt.sys [2011-01-18 126216]
S3 s125obex;Sony Ericsson Device 125 USB WMC OBEX Interface; C:\windows\system32\DRIVERS\s125obex.sys [2011-01-18 123656]
S3 Ser2pl;Prolific Serial port driver; C:\windows\system32\DRIVERS\ser2pl64.sys [2010-03-12 97280]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usbser;USB Modem Driver; C:\windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\windows\system32\DRIVERS\VBoxNetAdp.sys [2013-11-01 140560]
S3 vncmirror;vncmirror; C:\windows\system32\DRIVERS\vncmirror.sys [2014-11-28 4608]
S3 vpcuxd;Služba zástupné procedury virtualizace rozhraní USB; C:\windows\system32\DRIVERS\vpcuxd.sys [2010-11-20 16384]
S3 WinUsb;Android USB Driver; C:\windows\system32\drivers\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-06-12 82112]
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2011-03-25 203776]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-04-28 343336]
R2 btwdins;Bluetooth Service; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [2010-12-14 953632]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\windows\System32\svchost.exe [2009-07-14 27136]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-02-18 13336]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-21 325656]
R2 ocster_backup;Ocster Backup; c:\Program Files\Ocster Backup\bin\backupService-ox.exe [2015-03-05 23864]
R2 PnkBstrA;PnkBstrA; C:\windows\syswow64\PnkBstrA.exe [2015-03-31 76888]
R2 TeamViewer;TeamViewer 10; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2015-02-17 5436176]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-21 2656280]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-24 107912]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-06-03 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-01 268976]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-24 107912]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2015-05-22 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-07-03 148136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2011-11-24 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------

#2 Příspěvek od **Márty84** » 07 črc 2015 22:59

Zdravim

Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.

paolov · #3 Příspěvek od **paolov** » 08 črc 2015 09:47

# AdwCleaner v4.207 - Log vytvořen 08/07/2015 v 10:38:53
# Aktualizováno 21/06/2015 by Xplode
# Databáze : 2015-07-05.2 [Server]
# Operační system : Windows 7 Home Premium Service Pack 1 (x64)
# Uživatelské jméno : Marcelka a Pavlíček - MAPA
# Spuštěno z : C:\Users\Marcelka a Pavlíček\Desktop\adwcleaner_4.207.exe
# Nastavení : Čištění

***** [ Služby ] *****

***** [ Soubory / Složky ] *****

***** [ Naplánované úlohy ] *****

***** [ Zástupci ] *****

***** [ Registry ] *****

Klíč Smazáno : HKLM\SOFTWARE\Classes\Installer\Features\93BAD29AC2E44034A96BCB446EB8552E
Klíč Smazáno : HKLM\SOFTWARE\Classes\Installer\Products\93BAD29AC2E44034A96BCB446EB8552E
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\93BAD29AC2E44034A96BCB446EB8552E

***** [ Prohlížeče ] *****

-\\ Internet Explorer v11.0.9600.17840

-\\ Mozilla Firefox v39.0 (x86 cs)

-\\ Google Chrome v43.0.2357.132

-\\ Opera v28.0.1750.51

*************************

AdwCleaner[R0].txt - [1177 bytů] - [08/07/2015 10:37:08]
AdwCleaner[S0].txt - [1095 bytů] - [08/07/2015 10:38:53]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1153 bytů] ##########

#4 Příspěvek od **Márty84** » 08 črc 2015 09:59

Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

paolov · #5 Příspěvek od **paolov** » 08 črc 2015 13:26

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 8.7.2015
Čas skenování: 11:01
Protokol: rrr.txt
Správce: Ano

Verze: 2.1.8.1057
Databáze malwaru: v2015.07.08.02
Databáze rootkitů: v2015.07.07.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Marcelka a Pavlíček

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 711735
Uplynulý čas: 3 hod, 9 min, 9 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 0
(Nenalezeny žádné škodlivé položky)

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)

(end)

#6 Příspěvek od **Márty84** » 08 črc 2015 21:31

Havet nikde nevidno

MBAM odinstalujte.

Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach

a vycistime to od par zbytecnosti, pokud tedy chcete.

paolov · #7 Příspěvek od **paolov** » 12 črc 2015 20:20

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:12-07-2015
Ran by Marcelka a Pavlíček (administrator) on MAPA on 12-07-2015 21:13:28
Running from C:\Users\Marcelka a Pavlíček\Desktop
Loaded Profiles: Marcelka a Pavlíček & _ocster_backup_ (Available Profiles: Marcelka a Pavlíček & Marca a Pavka & _ocster_backup_)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
() C:\Program Files\Ocster Backup\bin\backupService-ox.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
() C:\Program Files\Ocster Backup\bin\oxHelper.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2741544 2011-04-08] (Synaptics Incorporated)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [9753024 2011-10-08] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [5908928 2011-10-08] (Lenovo(beijing) Limited)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2000-01-01] ()
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-02-18] (Intel Corporation)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2011-01-29] (CyberLink)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-12] (Avast Software s.r.o.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3620069392-4155492544-4229756758-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-04-28] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [VeriFace Enc] -> {771C7324-DA80-49D3-8017-753B0AF60951} => C:\windows\system32\IcnOvrly.dll [2011-10-08] ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3620069392-4155492544-4229756758-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\S-1-5-21-3620069392-4155492544-4229756758-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tiscali.cz/
HKU\S-1-5-21-3620069392-4155492544-4229756758-1242\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/
HKU\S-1-5-21-3620069392-4155492544-4229756758-1242\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain ... &bmod=LENN
HKU\S-1-5-21-3620069392-4155492544-4229756758-1242\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.msn.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3620069392-4155492544-4229756758-1000 -> {64B2F7E8-7D67-42D5-B1DF-59DA9E1FB056} URL = http://www.google.cz/search?q={searchTe ... Page}&rlz=
SearchScopes: HKU\S-1-5-21-3620069392-4155492544-4229756758-1000 -> {BD93D509-1DEC-4E52-A26D-59A89958BDCF} URL = http://search.seznam.cz/searchScreen?w= ... rms}&mod=f
SearchScopes: HKU\S-1-5-21-3620069392-4155492544-4229756758-1242 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKU\S-1-5-21-3620069392-4155492544-4229756758-1242 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-02] (Avast Software s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-05-16] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-02] (Avast Software s.r.o.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-16] (Oracle Corporation)
DPF: HKLM-x32 {26E1BEAF-C1A1-482B-8714-08844F1BCF7F} http://90.182.35.27/webviewer.cab
DPF: HKLM-x32 {816BE035-1450-40D0-8A3B-BA7825A83A77} http://support.lenovo.com/Resources/Len ... etect2.cab
DPF: HKLM-x32 {BF776FD3-69B4-4151-AC97-3A2A64753E18} http://90.182.35.27/GVersionMan.cab
DPF: HKLM-x32 {E6F480FC-BD44-4CBA-B74A-89AF7842937D} http://content.systemrequirementslab.co ... .5.1.0.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 84.16.120.1 84.16.96.2
Tcpip\..\Interfaces\{9A32792C-6450-48AC-BAB2-A09642FEC58A}: [DhcpNameServer] 77.234.40.79
Tcpip\..\Interfaces\{F9379095-AC24-4005-89BC-8AD12AACB099}: [DhcpNameServer] 192.168.2.1 84.16.120.1 84.16.96.2

FireFox:
========
FF ProfilePath: C:\Users\Marcelka a Pavlíček\AppData\Roaming\Mozilla\Firefox\Profiles\lbu3mxc0.default
FF Homepage: hxxp://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_18_0_0_203.dll [2015-07-09] ()
FF Plugin: @java.com/DTPlugin,version=10.4.0 -> C:\windows\system32\npDeployJava1.dll [2012-06-12] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_203.dll [2015-07-09] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw.dll [2012-10-04] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-16] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-16] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2014-11-19] ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3620069392-4155492544-4229756758-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2012-10-26] (Ubisoft)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Marcelka a Pavlíček\AppData\Roaming\Mozilla\Firefox\Profiles\lbu3mxc0.default\searchplugins\firmycz.xml [2015-04-14]
FF Extension: Youtube Downloader - 4K Download - C:\Users\Marcelka a Pavlíček\AppData\Roaming\Mozilla\Firefox\Profiles\lbu3mxc0.default\Extensions\paulsaintuzb@gmail.com [2015-04-06]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-03-28]

Chrome:
=======
CHR Profile: C:\Users\Marcelka a Pavlíček\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Marcelka a Pavlíček\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-24]
CHR Extension: (YouTube) - C:\Users\Marcelka a Pavlíček\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-24]
CHR Extension: (Adblock Plus) - C:\Users\Marcelka a Pavlíček\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-03-24]
CHR Extension: (Google Search) - C:\Users\Marcelka a Pavlíček\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-24]
CHR Extension: (Avast Online Security) - C:\Users\Marcelka a Pavlíček\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-10-24]
CHR Extension: (Google Wallet) - C:\Users\Marcelka a Pavlíček\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-24]
CHR Extension: (Gmail) - C:\Users\Marcelka a Pavlíček\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-24]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-17]

Opera:
=======
StartMenuInternet: (HKU\S-1-5-21-3620069392-4155492544-4229756758-1000) OperaStable - "C:\Program Files (x86)\Opera\Launcher.exe"

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-28] (Avast Software s.r.o.)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [953632 2010-12-14] (Broadcom Corporation.)
R2 ocster_backup; c:\Program Files\Ocster Backup\bin\backupService-ox.exe [23864 2015-03-05] ()
R2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [76888 2015-03-31] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5436176 2015-02-17] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-04-28] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-04-28] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-04-28] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-04-28] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-04-28] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-06-28] (Avast Software s.r.o.)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-04-28] (Avast Software s.r.o.)
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [44640 2014-07-05] (The OpenVPN Project)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-04-28] ()
S3 PcaSp60; C:\Windows\SysWOW64\DRIVERS\PcaSp60.sys [38912 2010-05-19] (Printing Communications Assoc., Inc. (PCAUSA))
S3 s115bus; C:\Windows\System32\DRIVERS\s115bus.sys [108296 2011-01-18] (MCCI Corporation)
S3 s115mdfl; C:\Windows\System32\DRIVERS\s115mdfl.sys [19720 2011-01-18] (MCCI Corporation)
S3 s115mdm; C:\Windows\System32\DRIVERS\s115mdm.sys [144648 2011-01-18] (MCCI Corporation)
S3 s115mgmt; C:\Windows\System32\DRIVERS\s115mgmt.sys [126216 2011-01-18] (MCCI Corporation)
S3 s115obex; C:\Windows\System32\DRIVERS\s115obex.sys [123656 2011-01-18] (MCCI Corporation)
S3 s125bus; C:\Windows\System32\DRIVERS\s125bus.sys [108296 2011-01-18] (MCCI Corporation)
S3 s125mdfl; C:\Windows\System32\DRIVERS\s125mdfl.sys [19720 2011-01-18] (MCCI Corporation)
S3 s125mdm; C:\Windows\System32\DRIVERS\s125mdm.sys [144648 2011-01-18] (MCCI Corporation)
S3 s125mgmt; C:\Windows\System32\DRIVERS\s125mgmt.sys [126216 2011-01-18] (MCCI Corporation)
S3 s125obex; C:\Windows\System32\DRIVERS\s125obex.sys [123656 2011-01-18] (MCCI Corporation)
R3 seehcri; C:\Windows\System32\DRIVERS\seehcri.sys [34032 2012-07-11] (Sony Ericsson Mobile Communications)
R3 SPUVCbv; C:\Windows\System32\Drivers\usbvideo.sys [185344 2013-07-12] (Microsoft Corporation)
R3 MBAMSwissArmy; \??\C:\windows\system32\drivers\MBAMSwissArmy.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-12 21:13 - 2015-07-12 21:14 - 00017451 _____ C:\Users\Marcelka a Pavlíček\Desktop\FRST.txt
2015-07-12 21:11 - 2015-07-12 21:13 - 00000000 ____D C:\FRST
2015-07-12 21:10 - 2015-07-12 21:10 - 02133504 _____ (Farbar) C:\Users\Marcelka a Pavlíček\Desktop\FRST64.exe
2015-07-08 14:26 - 2015-07-08 14:26 - 00001166 _____ C:\Users\Marcelka a Pavlíček\Desktop\rrr.txt
2015-07-08 10:37 - 2015-07-08 10:38 - 00000000 ____D C:\AdwCleaner
2015-07-08 10:36 - 2015-07-08 10:36 - 02244096 _____ C:\Users\Marcelka a Pavlíček\Desktop\adwcleaner_4.207.exe
2015-07-07 22:11 - 2015-07-07 22:11 - 01222144 _____ C:\Users\Marcelka a Pavlíček\Desktop\RSITx64.exe
2015-07-07 22:11 - 2015-07-07 22:11 - 00000000 ____D C:\rsit
2015-07-03 20:57 - 2015-07-05 06:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-02 21:31 - 2015-07-02 21:45 - 00000000 ____D C:\Users\Marcelka a Pavlíček\Desktop\prilohy_12386
2015-07-02 20:00 - 2015-07-02 20:00 - 00001445 _____ C:\Users\Marcelka a Pavlíček\.recently-used.xbel
2015-07-01 21:11 - 2015-07-01 21:11 - 00016636 _____ C:\Users\Marcelka a Pavlíček\Documents\cc_20150701_211149.reg
2015-07-01 21:04 - 2015-07-01 21:04 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-06-19 07:20 - 2015-07-08 09:09 - 00001874 _____ C:\windows\PFRO.log
2015-06-15 22:13 - 2015-07-12 19:43 - 00003136 _____ C:\windows\setupact.log
2015-06-15 22:13 - 2015-06-15 22:13 - 00000000 _____ C:\windows\setuperr.log
2015-06-15 22:06 - 2015-06-15 22:06 - 00000244 _____ C:\Users\Marcelka a Pavlíček\Documents\cc_20150615_220630.reg

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-12 21:14 - 2009-07-14 06:45 - 00028928 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-12 21:14 - 2009-07-14 06:45 - 00028928 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-12 21:08 - 2012-11-11 10:59 - 00000000 ____D C:\Program Files (x86)\Opera
2015-07-12 21:08 - 2011-11-22 21:54 - 00000000 ____D C:\Users\Marcelka a Pavlíček
2015-07-12 21:00 - 2011-10-08 00:17 - 00670924 _____ C:\windows\system32\perfh005.dat
2015-07-12 21:00 - 2011-10-08 00:17 - 00142504 _____ C:\windows\system32\perfc005.dat
2015-07-12 21:00 - 2009-07-14 07:13 - 01584626 _____ C:\windows\system32\PerfStringBackup.INI
2015-07-12 20:59 - 2013-10-14 23:06 - 00004010 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{8B6D55F9-8366-4304-9880-09092B8E1AF2}
2015-07-12 20:58 - 2015-05-18 21:29 - 00000914 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2015-07-12 20:58 - 2012-11-23 19:14 - 09478306 _____ C:\FaceProv.log
2015-07-12 20:16 - 2015-05-17 00:11 - 00000952 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-12 19:51 - 2014-05-25 19:54 - 01110722 _____ C:\windows\WindowsUpdate.log
2015-07-12 19:43 - 2015-05-17 00:11 - 00000948 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-12 19:43 - 2013-11-23 00:51 - 00065536 _____ C:\windows\system32\Ikeext.etl
2015-07-12 19:43 - 2011-10-08 09:28 - 00200271 _____ C:\windows\system32\fastboot.set
2015-07-12 19:43 - 2009-07-14 07:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-07-09 20:55 - 2013-03-28 22:46 - 00004182 _____ C:\windows\System32\Tasks\avast! Emergency Update
2015-07-09 13:52 - 2012-10-21 13:35 - 00003852 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2015-07-09 13:52 - 2012-09-23 09:59 - 00778416 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-07-09 13:52 - 2012-07-20 13:15 - 00142512 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-08 09:09 - 2009-07-14 07:08 - 00032596 _____ C:\windows\Tasks\SCHEDLGU.TXT
2015-07-08 00:45 - 2011-11-24 22:52 - 00000000 ____D C:\Users\Marcelka a Pavlíček\AppData\Roaming\Skype
2015-07-07 22:11 - 2015-05-06 21:48 - 00000000 ____D C:\Program Files\trend micro
2015-07-07 20:40 - 2015-01-25 15:17 - 00000000 ____D C:\Users\_ocster_backup_
2015-07-07 13:06 - 2011-11-24 22:18 - 117559809 _____ C:\windows\system32\PsBoot.log
2015-07-07 13:06 - 2011-11-24 22:18 - 00116774 _____ C:\windows\system32\defragLog.log
2015-07-05 15:58 - 2012-03-11 13:38 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-07-05 15:58 - 2011-11-24 22:50 - 00000000 ____D C:\ProgramData\Skype
2015-07-05 06:59 - 2015-02-25 21:07 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-02 20:00 - 2013-08-03 00:03 - 00000000 ____D C:\Users\Marcelka a Pavlíček\Documents\Včely
2015-07-01 21:11 - 2012-09-12 14:29 - 00000000 ____D C:\Program Files\CCleaner
2015-07-01 21:08 - 2011-11-22 22:12 - 00000000 ____D C:\Users\Marcelka a Pavlíček\AppData\Roaming\Adobe
2015-07-01 21:07 - 2011-11-22 22:21 - 00000000 ____D C:\Users\Marcelka a Pavlíček\AppData\Local\Adobe
2015-07-01 21:05 - 2014-12-23 20:58 - 00003886 _____ C:\windows\System32\Tasks\Adobe Acrobat Update Task
2015-07-01 21:04 - 2012-11-07 12:04 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-07-01 21:04 - 2011-11-22 22:19 - 00000000 ____D C:\ProgramData\Adobe
2015-06-28 10:45 - 2013-03-28 22:46 - 00442264 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswsp.sys
2015-06-27 19:44 - 2014-10-25 10:07 - 00002259 _____ C:\Users\Marca a Pavka\Desktop\Google Chrome.lnk
2015-06-16 00:31 - 2013-10-06 00:46 - 00000000 ____D C:\Users\Marcelka a Pavlíček\AppData\Roaming\vlc
2015-06-15 22:04 - 2012-09-12 14:29 - 00000782 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-06-15 22:04 - 2012-03-08 18:45 - 00000000 ____D C:\windows\Minidump
2015-06-14 22:15 - 2015-01-08 21:45 - 00000000 ____D C:\Users\Marcelka a Pavlí\JDownloader 2.0
2015-06-14 21:15 - 2014-02-28 23:47 - 00001168 _____ C:\Users\Marcelka a Pavlíček\AppData\Local\MRDownloader.nast
2015-06-14 21:11 - 2014-02-28 23:47 - 00011380 _____ C:\Users\Marcelka a Pavlíček\AppData\Local\MRDownloader.err
2015-06-14 21:00 - 2015-04-22 12:03 - 00000000 ____D C:\Users\Marcelka a Pavlíček\Downloads\filmy
2015-06-14 08:57 - 2009-07-14 07:09 - 00000000 ____D C:\windows\System32\Tasks\WPD
2015-06-12 15:43 - 2009-07-14 05:20 - 00000000 ____D C:\windows\rescache

==================== Files in the root of some directories =======

2012-07-11 15:25 - 2013-12-24 11:33 - 0015872 _____ () C:\Users\Marcelka a Pavlíček\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-02-28 23:47 - 2015-06-14 21:11 - 0011380 _____ () C:\Users\Marcelka a Pavlíček\AppData\Local\MRDownloader.err
2014-02-28 23:47 - 2015-06-14 21:15 - 0001168 _____ () C:\Users\Marcelka a Pavlíček\AppData\Local\MRDownloader.nast
2011-12-13 00:15 - 2012-02-27 16:48 - 0007603 _____ () C:\Users\Marcelka a Pavlíček\AppData\Local\Resmon.ResmonCfg
2011-11-27 00:41 - 2014-02-28 23:36 - 0024143 _____ () C:\Users\Marcelka a Pavlíček\AppData\Local\SRDownloader.err
2011-11-26 23:47 - 2014-02-28 23:36 - 0001160 _____ () C:\Users\Marcelka a Pavlíček\AppData\Local\SRDownloader.nast
2012-10-09 11:46 - 2012-10-09 11:46 - 0000095 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2012-10-09 11:46 - 2012-10-09 11:46 - 0000089 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.64.bc

Some files in TEMP:
====================
C:\Users\Marcelka a Pavlíček\AppData\Local\Temp\Quarantine.exe
C:\Users\Marcelka a Pavlíček\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Marcelka a Pavlíček\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-07-05 13:25

==================== End of log ============================

paolov · #8 Příspěvek od **paolov** » 12 črc 2015 20:23

Additional scan result of Farbar Recovery Scan Tool (x64) Version:12-07-2015
Ran by Marcelka a Pavlíček at 2015-07-12 21:14:17
Running from C:\Users\Marcelka a Pavlíček\Desktop
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-3620069392-4155492544-4229756758-500 - Administrator - Disabled)
Guest (S-1-5-21-3620069392-4155492544-4229756758-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3620069392-4155492544-4229756758-1002 - Limited - Enabled)
Marca a Pavka (S-1-5-21-3620069392-4155492544-4229756758-1240 - Limited - Enabled) => C:\Users\Marca a Pavka
Marcelka a Pavlíček (S-1-5-21-3620069392-4155492544-4229756758-1000 - Administrator - Enabled) => C:\Users\Marcelka a Pavlíček
_ocster_backup_ (S-1-5-21-3620069392-4155492544-4229756758-1242 - Administrator - Enabled) => C:\Users\_ocster_backup_

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Active@ Partition Recovery Enterprise 10 (HKLM\...\{E39DC614-0CB1-41E3-8457-87D58DF29029}_is1) (Version: 10 - LSoft Technologies Inc)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 17.0.0.172 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.191 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.203 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\{9B92B20A-6A19-428F-8BD0-52DF859B1C61}) (Version: 11.6.8.638 - Adobe Systems, Inc)
ASUS RT-N10 Wireless Router Utilities (HKLM-x32\...\{11178BF5-D5F0-4749-ACE4-EF46ADB38D65}) (Version: 4.1.3.0 - ASUS)
ASUS Wireless Router RT-G32 Utilities v1.0.12.0(EU) (HKLM-x32\...\{8F84662D-9C1E-4B01-83CE-1097B8D34471}) (Version: 1.0.12.0(EU) - ASUSTeK COMPUTER INC.)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.36 - Atheros Communications Inc.)
ATI Catalyst Install Manager (HKLM\...\{C3E6E2B5-DEB5-235A-4999-4D424C11788B}) (Version: 3.0.808.0 - ATI Technologies, Inc.)
ATI Uninstaller (HKLM\...\ATI Uninstaller) (Version: 8.813.3.2-110324a-116588C-Lenovo - ATI Technologies, Inc.)
Avast Free Antivirus (HKLM-x32\...\avast) (Version: 10.2.2218 - AVAST Software)
Balíček ovladače systému Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.100.82.124 - Broadcom Corporation)
ccc-core-static (x32 Version: 2011.0324.2228.38483 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4478 - CDBurnerXP)
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) Hidden
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.4.51 - Conexant)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.19 - Piriform)
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 6.0.2.0 - Lenovo)
Energy Management (x32 Version: 6.0.2.0 - Lenovo) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Far Cry 3 (HKLM-x32\...\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}) (Version: 1.05 - Ubisoft)
FormatFactory 3.3.5.0 (HKLM-x32\...\FormatFactory) (Version: 3.3.5.0 - Format Factory)
Fotosvet TETA (HKLM-x32\...\Fotosvet TETA) (Version: 5.0.6 - CEWE COLOR AG u Co. OHG)
Fotosvet TETA 3 (HKLM-x32\...\Fotosvet TETA 3) (Version: - )
Gnumeric Spreadsheet 1.10.16-20110616 (HKU\S-1-5-21-3620069392-4155492544-4229756758-1000\...\Gnumeric) (Version: 1.10.16-20110616 - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.132 - Google Inc.)
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Intel(R) Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3074 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.5.1001 - Intel Corporation)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kingo ROOT version 1.2.3.2059 (HKLM-x32\...\{AE7675D6-0B31-494F-ABFA-822E1A0FDF17}_is1) (Version: 1.2.3.2059 - Kingosoft Technology Ltd.)
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.7400 - Broadcom Corporation)
Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ECC-B6BD-9C31E51D0333}) (Version: 1.10.1209.1 - Lenovo EasyCamera)
Lenovo EE Boot Optimizer (HKLM\...\Lenovo EE Boot Optimizer) (Version: 0.0.1.6 - Lenovo)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.1628 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 7.0.1628 - CyberLink Corp.) Hidden
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.3728 - CyberLink Corp.)
Lenovo YouCam (x32 Version: 3.1.3728 - CyberLink Corp.) Hidden
Lenovo_Wireless_Driver (HKLM-x32\...\{28ABE740-47F3-441B-9437-852F6A64EFF8}) (Version: 1.02.01 - Lenovo)
LibreOffice 4.4.3.2 (HKLM-x32\...\{A651A592-2F6C-4D66-AEA8-9BFE4B61BCB3}) (Version: 4.4.3.2 - The Document Foundation)
MediaInfo 0.7.72 (HKLM\...\MediaInfo) (Version: 0.7.72 - MediaArea.net)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Excel Viewer (HKLM-x32\...\{95120000-003F-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (Czech) (HKLM-x32\...\{95120000-00AF-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{4FFA2088-8317-3B14-93CD-4C699DB37843}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 39.0 (x86 cs) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 cs)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 36.0 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NirSoft WirelessNetView (HKLM-x32\...\NirSoft WirelessNetView) (Version: - )
Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.8.54.0 - Nokia)
Nokia Suite (x32 Version: 3.8.54.0 - Nokia) Hidden
NSS (remove only) (HKLM-x32\...\NSS) (Version: 1.0.38.15 - B-Phreaks Ltd)
Ocster Backup Pro (HKLM\...\Ocster Backup) (Version: 7.25 - Ocster GmbH & Co. KG)
Opera Stable 25.0.1614.50 (HKU\S-1-5-21-3620069392-4155492544-4229756758-1000\...\Opera 25.0.1614.50) (Version: 25.0.1614.50 - Opera Software ASA)
Opera Stable 27.0.1689.69 (HKU\S-1-5-21-3620069392-4155492544-4229756758-1000\...\Opera 27.0.1689.69) (Version: 27.0.1689.69 - Opera Software ASA)
Opera Stable 28.0.1750.51 (HKU\S-1-5-21-3620069392-4155492544-4229756758-1000\...\Opera 28.0.1750.51) (Version: 28.0.1750.51 - Opera Software ASA)
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
Pdf995 (HKLM-x32\...\Pdf995) (Version: - )
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.9.5 - pdfforge)
PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.2.10 - Prolific Technology INC)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.7303 - CyberLink Corp.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10003 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.32.0 - Renesas Electronics Corporation) Hidden
SDÍLEJ.CZ Manager (HKU\S-1-5-21-3620069392-4155492544-4229756758-1000\...\69f070f18ade444c) (Version: 0.0.1.34 - SDÍLEJ.CZ)
Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.0.0 - Synaptics Incorporated)
System Requirements Lab CYRI (HKLM-x32\...\{943A8D28-80D6-41DC-AE94-81FEB42041BF}) (Version: 4.5.1.0 - Husdawg, LLC)
TapinRadio 1.58.2 (HKLM-x32\...\TapinRadio_is1) (Version: - Raimersoft)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.39052 - TeamViewer)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 8.01 - Ghisler Software GmbH)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.6 - Lenovo)
UserGuide (x32 Version: 1.0.0.6 - Lenovo) Hidden
VeriFace (HKLM-x32\...\VeriFace) (Version: 4.0.0.1224 - Lenovo)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: - Elaborate Bytes)
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows Driver Package - Lenovo (ACPIVPC) System (12/02/2010 6.1.0.1) (HKLM\...\EA12B1FB53CE4E387C31A85236C41EF559B5E392) (Version: 12/02/2010 6.1.0.1 - Lenovo)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WMV9/VC-1 Video Playback (Version: 1.00.0000 - ATI Technologies Inc.) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== Restore Points =========================

07-07-2015 14:39:52 Naplánovaný kontrolní bod

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2015-05-09 20:00 - 00000035 ____A C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1E0282A1-E2DB-4915-88C4-AB1BE27F75C3} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {3DF9AB56-DB2D-4142-8197-223CC38472F6} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated)
Task: {3FE1EE7B-4493-48BF-ADA9-D77DAB8C0577} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2011-01-29] (CyberLink)
Task: {541FB418-89CE-4F9A-9FED-6F94AAB855DE} - System32\Tasks\Program k provádění aktualizací online Adobe => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated)
Task: {BC4AC22B-44AD-4D5B-9469-90E1DC52247F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-24] (Google Inc.)
Task: {BC55E184-0C07-4CB3-B7C9-EF6B53DDFFC2} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-06-18] (Avast Software s.r.o.)
Task: {CE455CE2-3011-4E53-8F4B-B773219CB4AC} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-09] (Adobe Systems Incorporated)
Task: {E4EC0B91-9F0C-4290-93F6-01E0F5415925} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-06-01] (Piriform Ltd)
Task: {F547B9D0-CE6C-402C-8167-3F6D75C7FA67} - System32\Tasks\Opera scheduled Autoupdate 1391369103 => C:\Program Files (x86)\Opera\launcher.exe [2015-04-07] (Opera Software)
Task: {FDD3759A-F6D4-4944-AF2E-9A165BD1F0ED} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-04-10] (Oracle Corporation)
Task: {FE86A190-428B-4451-A1B2-C9FB8D863009} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-24] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2013-05-21 15:30 - 2012-04-26 15:51 - 00040448 _____ () C:\windows\System32\pdf995mon64.dll
2011-10-08 09:20 - 2011-10-08 09:20 - 01508192 _____ () C:\windows\system32\IcnOvrly.dll
2015-03-05 15:19 - 2015-03-05 15:19 - 00023864 _____ () c:\Program Files\Ocster Backup\bin\backupService-ox.exe
2015-03-05 15:19 - 2015-03-05 15:19 - 00109368 _____ () c:\Program Files\Ocster Backup\bin\backupServiceLib.dll
2015-03-05 15:18 - 2015-03-05 15:18 - 11391800 _____ () c:\Program Files\Ocster Backup\bin\backupCore.dll
2015-03-05 12:49 - 2015-03-05 12:49 - 00324096 _____ () c:\Program Files\Ocster Backup\bin\party.dll
2015-03-05 15:18 - 2015-03-05 15:18 - 05945656 _____ () c:\Program Files\Ocster Backup\bin\ox.dll
2015-03-05 11:46 - 2015-03-05 11:46 - 00081920 _____ () c:\Program Files\Ocster Backup\bin\zdll.dll
2015-03-05 15:18 - 2015-03-05 15:18 - 00249656 _____ () c:\Program Files\Ocster Backup\bin\crumb.dll
2015-03-05 15:18 - 2015-03-05 15:18 - 00053560 _____ () c:\Program Files\Ocster Backup\bin\lzmaUtil.dll
2015-03-05 12:43 - 2015-03-05 12:43 - 00049664 _____ () c:\Program Files\Ocster Backup\bin\lzma.dll
2015-03-05 15:18 - 2015-03-05 15:18 - 00368952 _____ () c:\Program Files\Ocster Backup\bin\tomb.dll
2015-03-05 12:38 - 2015-03-05 12:38 - 00022528 _____ () c:\Program Files\Ocster Backup\bin\zlibutil.dll
2015-03-05 15:18 - 2015-03-05 15:18 - 00024248 _____ () c:\Program Files\Ocster Backup\bin\lz4util.dll
2015-03-05 15:18 - 2015-03-05 15:18 - 00041272 _____ () c:\Program Files\Ocster Backup\bin\lz4.dll
2015-03-05 15:18 - 2015-03-05 15:18 - 00561336 _____ () c:\Program Files\Ocster Backup\bin\twirl.dll
2015-03-05 15:18 - 2015-03-05 15:18 - 00223032 _____ () c:\Program Files\Ocster Backup\bin\netutil.dll
2015-03-05 15:18 - 2015-03-05 15:18 - 00154936 _____ () c:\Program Files\Ocster Backup\bin\scoolite.dll
2015-03-05 12:38 - 2015-03-05 12:38 - 00626688 _____ () c:\Program Files\Ocster Backup\bin\sqlite.dll
2015-03-05 15:18 - 2015-03-05 15:18 - 00166584 _____ () c:\Program Files\Ocster Backup\bin\deemon.dll
2015-03-05 15:18 - 2015-03-05 15:18 - 00528696 _____ () c:\Program Files\Ocster Backup\bin\veem.dll
2015-03-05 15:18 - 2015-03-05 15:18 - 00060728 _____ () c:\Program Files\Ocster Backup\bin\minizutil.dll
2015-03-31 12:01 - 2015-03-31 12:01 - 00076888 _____ () C:\windows\SysWOW64\PnkBstrA.exe
2011-10-08 08:49 - 2011-03-25 11:28 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2008-12-20 05:20 - 2011-10-08 09:30 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\HookLib.dll
2008-12-20 05:20 - 2011-10-08 09:30 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll
2015-03-05 14:22 - 2015-03-05 14:22 - 00053760 _____ () c:\Program Files\Ocster Backup\bin\oxHelper.exe
2015-04-28 18:57 - 2015-04-28 18:57 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-04-28 18:57 - 2015-04-28 18:57 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-07-09 20:56 - 2015-07-09 20:56 - 02955776 _____ () C:\Program Files\AVAST Software\Avast\defs\15070902\algo.dll
2015-07-12 19:46 - 2015-07-12 19:46 - 02956288 _____ () C:\Program Files\AVAST Software\Avast\defs\15071201\algo.dll
2015-03-17 13:27 - 2015-03-17 13:27 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-10-18 21:20 - 2014-10-18 21:20 - 00169472 _____ () C:\windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\17c296575fad30d021e6370dc70cf800\IsdiInterop.ni.dll
2011-10-08 08:49 - 2011-02-18 10:16 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-3620069392-4155492544-4229756758-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3620069392-4155492544-4229756758-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3620069392-4155492544-4229756758-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-3620069392-4155492544-4229756758-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-3620069392-4155492544-4229756758-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-3620069392-4155492544-4229756758-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3620069392-4155492544-4229756758-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-3620069392-4155492544-4229756758-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-3620069392-4155492544-4229756758-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3620069392-4155492544-4229756758-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-3620069392-4155492544-4229756758-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-3620069392-4155492544-4229756758-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-3620069392-4155492544-4229756758-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-3620069392-4155492544-4229756758-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-3620069392-4155492544-4229756758-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-3620069392-4155492544-4229756758-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-3620069392-4155492544-4229756758-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-3620069392-4155492544-4229756758-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-3620069392-4155492544-4229756758-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-3620069392-4155492544-4229756758-1000\...\123simsen.com -> www.123simsen.com

There are 7752 more restricted sites.

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3620069392-4155492544-4229756758-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Marcelka a Pavlíček\AppData\Roaming\Mozilla\Firefox\Pozadí plochy.bmp
DNS Servers: 192.168.2.1 - 84.16.120.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupreg: Ocster Backup => "C:\Program Files\Ocster Backup\bin\backupClient-ox.exe" --hidden
MSCONFIG\startupreg: VeriFaceManager => C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{1708D8B6-4130-473F-93FC-58C78E89CAF4}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{8FEF6CB9-BFC4-4CA8-8FF0-5F5C0BBAE797}] => (Allow) LPort=2869
FirewallRules: [{15D3DF23-964F-4EB7-8CC3-CA58DCAAA5CB}] => (Allow) LPort=1900
FirewallRules: [{E4863F3B-0925-4691-81C4-10F5CDDCC0DF}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{1B2CEA21-5108-4C81-B74D-2909FB80B813}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [TCP Query User{993E5E60-5CF2-4706-B32E-2C4B4A393429}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{1916B735-3E32-451D-8789-A49AA6F35084}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [{9AECD037-7484-4DC4-8723-20D4F3C3A7C0}] => (Allow) C:\Program Files (x86)\ASUS\RT-N10 Wireless Router Utilities\Discovery.exe
FirewallRules: [{2EF08E3B-22D4-4D77-BFB8-41FE89FE7A8A}] => (Allow) C:\Program Files (x86)\ASUS\RT-N10 Wireless Router Utilities\Discovery.exe
FirewallRules: [{8987ADA2-FA6E-4935-AE41-9C9557C6CAAB}] => (Allow) C:\Program Files (x86)\ASUS\RT-N10 Wireless Router Utilities\Rescue.exe
FirewallRules: [{FF158293-FF13-4B81-A00C-CD4E7F3512C8}] => (Allow) C:\Program Files (x86)\ASUS\RT-N10 Wireless Router Utilities\Rescue.exe
FirewallRules: [{BF863429-AC35-429B-9AD6-95833312473A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{BAB3BFB4-E28E-48AB-B56B-29A82C372C6B}] => (Allow) C:\Program Files (x86)\nokia\nokia suite\nokiasuite.exe
FirewallRules: [{E4C9D09A-B1F0-4EA0-A017-F101540D15CA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\paolov5\source sdk base 2007\hl2.exe
FirewallRules: [{87806A3D-9C6A-4406-808B-DB6C93C1D3E2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\paolov5\source sdk base 2007\hl2.exe
FirewallRules: [{FD1FEB4B-B5CB-4F3E-88AA-3F9841597096}] => (Allow) C:\Program Files (x86)\nokia\nokia suite\nokiasuite.exe
FirewallRules: [TCP Query User{45123AB6-D2C9-4435-83AC-FB18B1E84301}C:\program files\asus\rt-g32 wireless router utilities\discovery\discovery.exe] => (Allow) C:\program files\asus\rt-g32 wireless router utilities\discovery\discovery.exe
FirewallRules: [UDP Query User{88B52497-A163-4933-AE96-B1E3DC8D8B8B}C:\program files\asus\rt-g32 wireless router utilities\discovery\discovery.exe] => (Allow) C:\program files\asus\rt-g32 wireless router utilities\discovery\discovery.exe
FirewallRules: [TCP Query User{550AEAD3-4A9F-4F40-831A-04EB42F28F08}C:\program files (x86)\asus\rt-n10 wireless router utilities\discovery.exe] => (Allow) C:\program files (x86)\asus\rt-n10 wireless router utilities\discovery.exe
FirewallRules: [UDP Query User{2AADC7CD-8733-4617-B2C4-D8BABE063953}C:\program files (x86)\asus\rt-n10 wireless router utilities\discovery.exe] => (Allow) C:\program files (x86)\asus\rt-n10 wireless router utilities\discovery.exe
FirewallRules: [TCP Query User{0E03ED57-892D-4437-9E86-2BA88B00E904}C:\program files\asus\rt-g32 wireless router utilities\discovery\discovery.exe] => (Allow) C:\program files\asus\rt-g32 wireless router utilities\discovery\discovery.exe
FirewallRules: [UDP Query User{FDB9066B-ED1F-47E7-BEFE-B66AEAB1C312}C:\program files\asus\rt-g32 wireless router utilities\discovery\discovery.exe] => (Allow) C:\program files\asus\rt-g32 wireless router utilities\discovery\discovery.exe
FirewallRules: [{2B020A36-48B4-42D9-8629-94177DC3D08E}] => (Allow) C:\Program Files (x86)\nokia\nokia suite\nokiasuite.exe
FirewallRules: [VirtualPC-In-UDP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-UDP-2] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-TCP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [TCP Query User{947660C0-3C60-42AC-B6DB-00E0D9CC9BCA}C:\program files (x86)\wb games\f.e.a.r. 3\f.e.a.r. 3.exe] => (Block) C:\program files (x86)\wb games\f.e.a.r. 3\f.e.a.r. 3.exe
FirewallRules: [UDP Query User{0E089E3B-0C4A-457A-A422-0166175E43F3}C:\program files (x86)\wb games\f.e.a.r. 3\f.e.a.r. 3.exe] => (Block) C:\program files (x86)\wb games\f.e.a.r. 3\f.e.a.r. 3.exe
FirewallRules: [TCP Query User{E2F35B0B-501B-4C29-9B9B-8DBE40783FA3}C:\program files (x86)\java\jre8\launch4j-tmp\frd.exe] => (Allow) C:\program files (x86)\java\jre8\launch4j-tmp\frd.exe
FirewallRules: [UDP Query User{4D261ACF-6952-4B09-BBD6-EB7FDBD98FD7}C:\program files (x86)\java\jre8\launch4j-tmp\frd.exe] => (Allow) C:\program files (x86)\java\jre8\launch4j-tmp\frd.exe
FirewallRules: [TCP Query User{961A750B-F82E-4956-8435-927305CEA4DD}C:\program files (x86)\java\jre1.8.0_20\launch4j-tmp\frd.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_20\launch4j-tmp\frd.exe
FirewallRules: [UDP Query User{3F7F52B6-DAC6-4FB2-8AB7-498CA69CBD08}C:\program files (x86)\java\jre1.8.0_20\launch4j-tmp\frd.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_20\launch4j-tmp\frd.exe
FirewallRules: [TCP Query User{58471270-E35F-4895-89B2-59057D87F52F}C:\program files\asus\rt-g32 wireless router utilities\ezsetup\ezsetup.exe] => (Block) C:\program files\asus\rt-g32 wireless router utilities\ezsetup\ezsetup.exe
FirewallRules: [UDP Query User{BB237DB6-C21B-496D-886E-2C3C31CF3008}C:\program files\asus\rt-g32 wireless router utilities\ezsetup\ezsetup.exe] => (Block) C:\program files\asus\rt-g32 wireless router utilities\ezsetup\ezsetup.exe
FirewallRules: [TCP Query User{D106DAB2-FA72-4683-A2C8-93B4B76A7D16}C:\program files (x86)\java\jre1.8.0_25\launch4j-tmp\frd.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_25\launch4j-tmp\frd.exe
FirewallRules: [UDP Query User{4786300D-1DBC-42EC-AEB7-487FE4AD30F9}C:\program files (x86)\java\jre1.8.0_25\launch4j-tmp\frd.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_25\launch4j-tmp\frd.exe
FirewallRules: [{BB1D6A5C-B080-4843-9664-F142C7D786A0}] => (Allow) C:\Program Files (x86)\nokia\nokia suite\nokiasuite.exe
FirewallRules: [{B42A81DE-8E5E-4083-9FE2-4B3D2E7D778B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{CAE32092-8C02-4D87-B51E-2DB432F1DCAE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{7DD6C1AC-41BB-4E30-B830-16ED1FFFA56D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{66196C03-21A3-4E54-8936-28B442B0B9A3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{AC39B1B0-2DA9-467D-972B-120BC818A959}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{19C19AA9-2CB6-4FFE-9C9C-E74C8C3F526E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{0BEC08E7-CE2E-4F06-92BF-88212F999242}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{542C3CE6-2DE2-4C51-9526-B61CF188AFC6}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{F06C49D2-8540-4102-BF69-D9FA34DD2628}C:\program files (x86)\java\jre1.8.0_40\launch4j-tmp\frd.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_40\launch4j-tmp\frd.exe
FirewallRules: [UDP Query User{74FA6F17-2715-4456-8ACB-2AD12BEEA7DF}C:\program files (x86)\java\jre1.8.0_40\launch4j-tmp\frd.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_40\launch4j-tmp\frd.exe
FirewallRules: [{90CDE514-2436-49A6-8B70-C3666EE9DA17}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{3C1FB2BE-6874-41F3-A2FD-233F8BB4A12D}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{BFE886E0-EE96-45EE-B31E-E5CF2543D4D8}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{70B4B1E7-AA40-4D30-A859-11E3DFB44A8C}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{BE72841F-87B0-4740-9420-20BCB5078D1A}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\farcry3.exe
FirewallRules: [{CA0FDE84-3363-4D6E-8E3B-CA9237196A0E}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\farcry3.exe
FirewallRules: [{4814957F-9E70-49DE-9EF9-4374FF86E657}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\farcry3_d3d11.exe
FirewallRules: [{1405F348-393A-4789-8F9D-C66B56CD2704}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\farcry3_d3d11.exe
FirewallRules: [{2780A0BF-1EE2-4BEB-B3D8-7F3C1DB07A22}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\FC3Updater.exe
FirewallRules: [{939C4F7D-B273-4EB9-A29A-3F6DBABF8FDB}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\FC3Updater.exe
FirewallRules: [{965795C2-B8EB-4BF1-966B-3C65E8AD6B56}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\FC3Editor.exe
FirewallRules: [{13F224F3-6413-42AB-B7FE-01755FEAA63B}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\FC3Editor.exe
FirewallRules: [TCP Query User{E8A32E65-A1CD-48E5-ACFA-D12A01A1ED9C}C:\program files (x86)\java\jre1.8.0_45\launch4j-tmp\frd.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\launch4j-tmp\frd.exe
FirewallRules: [UDP Query User{27F08279-0742-477E-ADD8-60FAD1B401BD}C:\program files (x86)\java\jre1.8.0_45\launch4j-tmp\frd.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\launch4j-tmp\frd.exe
FirewallRules: [{0D2E9C70-5310-49D9-887B-35ADF8F607D1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============

Name: avast! SecureLine TAP Adapter v3
Description: avast! SecureLine TAP Adapter v3
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: aswTap
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

==================== Event log errors: =========================

Application errors:
==================
Error: (07/12/2015 07:44:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/10/2015 07:55:43 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/09/2015 08:54:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/09/2015 12:28:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/08/2015 10:40:58 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/08/2015 09:09:45 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/07/2015 08:41:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/07/2015 01:06:54 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/07/2015 08:58:45 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/06/2015 08:17:30 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

System errors:
=============
Error: (07/08/2015 02:25:46 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby ShellHWDetection bylo dosaženo časového limitu (30000 ms).

Error: (07/08/2015 10:39:52 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Bluetooth Service neuspěla při spuštění v důsledku následující chyby:
%%3

Error: (07/08/2015 10:39:51 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba zařazování tisku neuspěla při spuštění v důsledku následující chyby:
%%1069

Error: (07/08/2015 10:39:51 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba Spooler se nemohla přihlásit jako NT AUTHORITY\SYSTEM s aktuálně konfigurovaným heslem z důvodu následující chyby:
%%50

Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).

Error: (07/08/2015 10:39:44 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\windows\System32\bcmihvsrv64.dll

Error: (07/08/2015 10:39:44 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\windows\System32\bcmihvsrv64.dll

Error: (07/08/2015 10:39:36 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\windows\System32\bcmihvsrv64.dll

Error: (07/08/2015 10:38:53 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Management and Security Application User Notification Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (07/08/2015 10:38:53 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Live ID Sign-in Assistant byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (07/08/2015 10:38:53 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Rapid Storage Technology byla neočekávaně ukončena. Tento stav nastal již 1krát.

Microsoft Office:
=========================
Error: (07/12/2015 07:44:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/10/2015 07:55:43 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/09/2015 08:54:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/09/2015 12:28:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/08/2015 10:40:58 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/08/2015 09:09:45 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/07/2015 08:41:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/07/2015 01:06:54 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/07/2015 08:58:45 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/06/2015 08:17:30 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-2430M CPU @ 2.40GHz
Percentage of memory in use: 34%
Total physical RAM: 4039.86 MB
Available physical RAM: 2660.74 MB
Total Virtual: 8077.93 MB
Available Virtual: 6537.07 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:654.69 GB) (Free:510.23 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:29 GB) (Free:19.3 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 5818102B)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=654.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=29 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=14.8 GB) - (Type=12)

==================== End of log ============================

#9 Příspěvek od **Márty84** » 13 črc 2015 17:05

Zkontrolujte velikost adresare plochy.

Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

HKU\S-1-5-21-3620069392-4155492544-4229756758-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\S-1-5-21-3620069392-4155492544-4229756758-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tiscali.cz/
HKU\S-1-5-21-3620069392-4155492544-4229756758-1242\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/
HKU\S-1-5-21-3620069392-4155492544-4229756758-1242\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.msn.com
SearchScopes: HKU\S-1-5-21-3620069392-4155492544-4229756758-1242 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3620069392-4155492544-4229756758-1242 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox

R3 MBAMSwissArmy; \??\C:\windows\system32\drivers\MBAMSwissArmy.sys [X]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-06-12 82112]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-24 107912]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-06-03 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-01 268976]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-24 107912]

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Hosts:
EmptyTemp:
Reboot:
End

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.

paolov · #10 Příspěvek od **paolov** » 13 črc 2015 19:29

Fix result of Farbar Recovery Scan Tool (x64) Version:12-07-2015
Ran by Marcelka a Pavlíček at 2015-07-13 20:21:34 Run:2
Running from C:\Users\Marcelka a Pavlíček\Desktop
Loaded Profiles: Marcelka a Pavlíček & _ocster_backup_ (Available Profiles: Marcelka a Pavlíček & Marca a Pavka & _ocster_backup_)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKU\S-1-5-21-3620069392-4155492544-4229756758-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\S-1-5-21-3620069392-4155492544-4229756758-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tiscali.cz/
HKU\S-1-5-21-3620069392-4155492544-4229756758-1242\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/
HKU\S-1-5-21-3620069392-4155492544-4229756758-1242\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.msn.com
SearchScopes: HKU\S-1-5-21-3620069392-4155492544-4229756758-1242 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKU\S-1-5-21-3620069392-4155492544-4229756758-1242 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... -SearchBox

R3 MBAMSwissArmy; \??\C:\windows\system32\drivers\MBAMSwissArmy.sys [X]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-06-12 82112]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-24 107912]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-06-03 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-01 268976]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-24 107912]

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKU\S-1-5-21-3620069392-4155492544-4229756758-1000\Software\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKU\S-1-5-21-3620069392-4155492544-4229756758-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-3620069392-4155492544-4229756758-1242\Software\Microsoft\Internet Explorer\Main\\Secondary Start Pages => value not found.
HKU\S-1-5-21-3620069392-4155492544-4229756758-1242\Software\Microsoft\Internet Explorer\Main\\Start Page => Error setting value.
HKU\S-1-5-21-3620069392-4155492544-4229756758-1242\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value not found.
HKU\S-1-5-21-3620069392-4155492544-4229756758-1242\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
MBAMSwissArmy => Service not found.
AdobeARMservice => Service not found.
gupdate => Service not found.
SkypeUpdate => Service not found.
AdobeFlashPlayerUpdateSvc => Service not found.
gupdatem => Service not found.
C:\windows\Tasks\Adobe Flash Player Updater.job not found.
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job not found.
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job not found.
C:\Windows\System32\Drivers\etc\hosts => moved successfully.
Hosts restored successfully.
EmptyTemp: => 6.8 MB temporary data Removed.

The system needed a reboot..

==== End of Fixlog 20:22:02 ====

#11 Příspěvek od **Márty84** » 14 črc 2015 08:48

Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

vyosek píše: DelFix https://toolslib.net/downloads/finish/2/
Stahnete a spustte

Ponechte zatrzitkou pouze u volby Remove disinfection tools

Kliknete na Run

Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)

Defragmentujte disk(y) (SSD Disky ne!)
Stahnete program Defraggler https://www.piriform.com/defraggler/download/standard
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.

Pak napiste, jak to s pc vypada.

paolov · #12 Příspěvek od **paolov** » 14 črc 2015 09:04

Pc v pořádku děkuji.

#13 Příspěvek od **Márty84** » 14 črc 2015 09:15

Nemate zac

Mejte se a treba zase nekdy

VIRY.CZ

Rsit preventivka

Rsit preventivka

Re: Rsit preventivka

Re: Rsit preventivka

Re: Rsit preventivka

Re: Rsit preventivka

Re: Rsit preventivka

Re: Rsit preventivka

Re: Rsit preventivka

Re: Rsit preventivka

Re: Rsit preventivka

Re: Rsit preventivka

Re: Rsit preventivka

Re: Rsit preventivka