pomaly notebook

[asasina]

Zdravim,

byl jsem pozadan rodinkou, abych se podival na pc bratrance a sestrenice.

Tohle je pc sestrenice. Odinstaloval jsem vsechny nepotrebne programy.

Provedl jsem cisteni s ccleaner a adwcleaner, ale stale to neni to optimalni. Nacitani pc (win 8,1) cca 5min. Resp. 5 min bootuje win.

Prikladam pro zacatek hijackthis

Dekuji

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 16:20:30, on 16. 7. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Jobran\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [HP Deskjet 6520 series (NET)] "C:\Program Files\HP\HP Deskjet 6520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN31Q252GC05VO:NW" -scfn "HP Deskjet 6520 series (NET)" -AutoStart 1
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe"
O4 - Startup: Alan_Walker_-_Spectre_[NCS_Release].lnk = C:\ProgramData\{e2536e98-7ec6-a7ac-e253-36e987ecba61}\Alan_Walker_-_Spectre_[NCS_Release].exe
O4 - Startup: Galantis_-_Runaway_(U_.lnk = C:\ProgramData\{c5a19301-8454-afe3-c5a1-193018454c06}\Galantis_-_Runaway_(U_.exe
O4 - Startup: Imagine_Dragons_-_Warriors_(Lyric_Video).lnk = C:\ProgramData\{b749fee3-12c1-f23b-b749-9fee312cfb8c}\Imagine_Dragons_-_Warriors_(Lyric_Video).exe
O4 - Startup: Sledovat výstrahy inkoustu - HP Deskjet 6520 series (Síť).lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.dell.com
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 10 (TeamViewer) - Unknown owner - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: Whopping Ring - Unknown owner - C:\Program Files (x86)\Whopping Ring\Whopping Ring.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10113 bytes

[asasina]

Logfile of random's system information tool 1.10 (written by random/random)
Run by Jobran at 2015-07-16 17:00:10
Microsoft Windows 8.1
System drive C: has 808 GB (85%) free of 953 GB
Total RAM: 3977 MB (45% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:00:18, on 16. 7. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Chrome\Application\new_chrome.exe
C:\Program Files (x86)\Chrome\Application\new_chrome.exe
C:\Program Files (x86)\Chrome\Application\new_chrome.exe
C:\Program Files (x86)\Chrome\Application\new_chrome.exe
C:\Program Files (x86)\Chrome\Application\new_chrome.exe
C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Reader_sl.exe
C:\Program Files\trend micro\Jobran.exe
C:\Program Files (x86)\Chrome\Application\new_chrome.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [HP Deskjet 6520 series (NET)] "C:\Program Files\HP\HP Deskjet 6520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN31Q252GC05VO:NW" -scfn "HP Deskjet 6520 series (NET)" -AutoStart 1
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe"
O4 - Startup: Sledovat výstrahy inkoustu - HP Deskjet 6520 series (Síť).lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.dell.com
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: Whopping Ring - Unknown owner - C:\Program Files (x86)\Whopping Ring\Whopping Ring.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8991 bytes

======Listing Processes======






wininit.exe
winlogon.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\WINDOWS\system32\atiesrxx.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
atieclxx
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SENDINPUT
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe"
"C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe"
dashost.exe {e005afff-3409-424a-80205116c904f957}
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Whopping Ring\Whopping Ring.exe"

C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet

C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
taskhostex.exe
C:\WINDOWS\Explorer.EXE
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\skydrive.exe -Embedding
"C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe"
"C:\Program Files\Dell\QuickSet\quickset.exe"
"C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ActivateDesktop.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\WINDOWS\system32\igfxsrvc.exe" -Embedding
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX4P1
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /IM
"C:\Program Files\HP\HP Deskjet 6520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN31Q252GC05VO:NW" -scfn "HP Deskjet 6520 series (NET)" -AutoStart 1
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
"C:\WINDOWS\system32\GWX\GWX.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Chrome\Application\new_chrome.exe"
"C:\Program Files\Windows Defender\MpCmdRun.exe" SpyNetServiceDss -RestrictPrivileges -AccessKey 49B47A1E-CBC8-1064-3DA9-D821DC6B7A35 -Reinvoke
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\Chrome\Application\new_chrome.exe" --type=gpu-process --channel="764.0.1561614497\1663793912" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,6,18,40 --gpu-vendor-id=0x1002 --gpu-device-id=0x0000 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=13.151.0.0 --ignored=" --type=renderer " /prefetch:822062411
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Chrome\Application\new_chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="EmbeddedSearch/Group12 dev:pp4/NewProfileManagement/Control/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Uniformity-Trial-100-Percent/group_01/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=764 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="764.24.581069708\1965232425" /prefetch:673131151
"C:\Program Files (x86)\Chrome\Application\new_chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="EmbeddedSearch/Group12 dev:pp4/NewProfileManagement/Control/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Uniformity-Trial-100-Percent/group_01/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=764 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="764.41.1270583712\663049047" /prefetch:673131151
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 584 588 596 65536 592

"C:\Program Files (x86)\Chrome\Application\new_chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="EmbeddedSearch/Group12 dev:pp4/NewProfileManagement/Control/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Uniformity-Trial-100-Percent/group_01/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=764 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="764.44.151801309\2007254184" /prefetch:673131151
"C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Reader_sl.exe"
"C:\Users\Jobran\Downloads\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k WerSvcGroup
"C:\WINDOWS\system32\RunDll32.exe" "C:\WINDOWS\system32\WerConCpl.dll", LaunchErcApp -queuereporting
"C:\Program Files (x86)\Chrome\Application\new_chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="EmbeddedSearch/Group12 dev:pp4/NewProfileManagement/Control/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Uniformity-Trial-100-Percent/group_01/" --instant-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=764 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="764.46.1873829885\1768934988" /prefetch:673131151

======Scheduled tasks folder======

C:\WINDOWS\tasks\DragonWire.job - c:\programdata\{792e2b74-ca2a-2e07-792e-e2b74ca2add3}\1668959511713299299b.exe --startup=1 --single

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-07-16 551520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-16 212576]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-07-16 460384]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-16 172640]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"QuickSet"=C:\Program Files\Dell\QuickSet\QuickSet.exe [2013-03-05 5762408]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2013-08-30 36352]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2013-09-23 391152]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2013-09-22 771056]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2013-09-22 769520]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2013-08-19 7202520]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2013-08-07 1321688]
"RtHDVBg_PushButton"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2013-08-07 1321688]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [2013-09-04 132736]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"HP Deskjet 6520 series (NET)"=C:\Program Files\HP\HP Deskjet 6520 series\Bin\ScanToPCActivationApp.exe [2012-10-17 2573416]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-06-29 53282944]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-06-01 8358680]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2011-10-28 49208]
""= []
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2013-08-19 766208]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-06-08 334896]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [2013-09-04 132736]

C:\Users\Jobran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Sledovat výstrahy inkoustu - HP Deskjet 6520 series (Síť).lnk - C:\Windows\system32\RunDll32.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2013-09-16 623104]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableCAD"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave4"=wdmaud.drv
"mixer4"=wdmaud.drv
"midi4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-07-16 17:00:10 ----D---- C:\rsit
2015-07-16 17:00:10 ----D---- C:\Program Files\trend micro
2015-07-16 16:09:50 ----D---- C:\Program Files\CCleaner
2015-07-16 15:58:09 ----D---- C:\FRST
2015-07-16 13:47:56 ----D---- C:\ProgramData\a91e4cf800005778
2015-07-16 12:02:19 ----D---- C:\Program Files (x86)\FromDocToPDF
2015-07-16 11:59:49 ----D---- C:\Program Files (x86)\DDigiSaver
2015-07-16 11:38:54 ----D---- C:\ProgramData\7821e09c00001600
2015-07-16 11:25:50 ----D---- C:\AdwCleaner
2015-07-16 11:23:05 ----A---- C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
2015-07-16 11:22:35 ----A---- C:\WINDOWS\system32\drivers\mwac.sys
2015-07-16 11:22:35 ----A---- C:\WINDOWS\system32\drivers\mbamchameleon.sys
2015-07-16 11:22:35 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2015-07-16 11:22:34 ----D---- C:\ProgramData\Malwarebytes
2015-07-16 11:22:34 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-07-16 11:15:37 ----D---- C:\Program Files (x86)\VS Revo Group
2015-07-14 22:15:51 ----A---- C:\WINDOWS\system32\generaltel.dll
2015-07-14 22:15:51 ----A---- C:\WINDOWS\system32\appraiser.dll
2015-07-14 22:15:50 ----A---- C:\WINDOWS\system32\aeinv.dll
2015-07-14 22:15:49 ----A---- C:\WINDOWS\system32\invagent.dll
2015-07-14 22:15:49 ----A---- C:\WINDOWS\system32\devinv.dll
2015-07-14 22:15:49 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2015-07-14 22:15:49 ----A---- C:\WINDOWS\system32\acmigration.dll
2015-07-14 22:15:48 ----A---- C:\WINDOWS\system32\aepdu.dll
2015-07-14 22:15:46 ----A---- C:\WINDOWS\system32\drivers\kbdclass.sys
2015-07-14 22:15:46 ----A---- C:\WINDOWS\system32\drivers\i8042prt.sys
2015-07-14 22:15:45 ----A---- C:\WINDOWS\system32\drivers\sermouse.sys
2015-07-14 22:15:45 ----A---- C:\WINDOWS\system32\drivers\mouhid.sys
2015-07-14 22:15:45 ----A---- C:\WINDOWS\system32\drivers\mouclass.sys
2015-07-14 22:15:45 ----A---- C:\WINDOWS\system32\drivers\kbdhid.sys
2015-07-14 22:15:43 ----A---- C:\WINDOWS\system32\WiFiDisplay.dll
2015-07-14 22:15:41 ----A---- C:\WINDOWS\system32\profsvc.dll
2015-07-14 22:15:40 ----A---- C:\WINDOWS\system32\GeofenceMonitorService.dll
2015-07-14 22:15:39 ----A---- C:\WINDOWS\SYSWOW64\GeofenceMonitorService.dll
2015-07-14 22:15:37 ----A---- C:\WINDOWS\system32\shell32.dll
2015-07-14 22:15:36 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2015-07-14 22:15:35 ----A---- C:\WINDOWS\SYSWOW64\ExplorerFrame.dll
2015-07-14 22:15:35 ----A---- C:\WINDOWS\system32\ExplorerFrame.dll
2015-07-14 22:15:32 ----A---- C:\WINDOWS\system32\win32k.sys
2015-07-14 22:15:30 ----A---- C:\WINDOWS\system32\drivers\bthport.sys
2015-07-14 22:15:29 ----A---- C:\WINDOWS\system32\drivers\usb8023.sys
2015-07-14 22:15:26 ----A---- C:\WINDOWS\system32\WSShared.dll
2015-07-14 22:15:25 ----A---- C:\WINDOWS\SYSWOW64\WSShared.dll
2015-07-14 22:15:25 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-14 22:15:25 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-14 22:15:14 ----A---- C:\WINDOWS\SYSWOW64\authui.dll
2015-07-14 22:15:14 ----A---- C:\WINDOWS\system32\authui.dll
2015-07-14 22:15:13 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2015-07-14 22:15:13 ----A---- C:\WINDOWS\system32\msi.dll
2015-07-14 22:15:12 ----A---- C:\WINDOWS\SYSWOW64\msiexec.exe
2015-07-14 22:15:12 ----A---- C:\WINDOWS\system32\msiexec.exe
2015-07-14 22:15:09 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2015-07-14 22:15:09 ----A---- C:\WINDOWS\system32\kerberos.dll
2015-07-14 22:15:09 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2015-07-14 22:15:08 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2015-07-14 22:15:08 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2015-07-14 22:15:08 ----A---- C:\WINDOWS\system32\msv1_0.dll
2015-07-14 22:15:08 ----A---- C:\WINDOWS\system32\drivers\mrxsmb20.sys
2015-07-14 22:15:08 ----A---- C:\WINDOWS\system32\drivers\mrxsmb10.sys
2015-07-14 22:15:07 ----A---- C:\WINDOWS\SYSWOW64\rpcrt4.dll
2015-07-14 22:15:07 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2015-07-14 22:15:07 ----A---- C:\WINDOWS\system32\lsasrv.dll
2015-07-14 22:15:07 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2015-07-14 22:15:07 ----A---- C:\WINDOWS\system32\certcli.dll
2015-07-14 22:14:32 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-07-14 22:14:31 ----A---- C:\WINDOWS\system32\werdiagcontroller.dll
2015-07-14 22:14:31 ----A---- C:\WINDOWS\system32\audiosrv.dll
2015-07-14 22:14:29 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2015-07-14 22:14:29 ----A---- C:\WINDOWS\system32\atmlib.dll
2015-07-14 22:14:29 ----A---- C:\WINDOWS\system32\atmfd.dll
2015-07-14 22:14:28 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2015-07-14 22:14:27 ----A---- C:\WINDOWS\system32\jscript9.dll
2015-07-14 22:14:25 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2015-07-14 22:14:21 ----A---- C:\WINDOWS\SYSWOW64\wups.dll
2015-07-14 22:14:21 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2015-07-14 22:14:21 ----A---- C:\WINDOWS\system32\wuaueng.dll
2015-07-14 22:14:21 ----A---- C:\WINDOWS\system32\wuapp.exe
2015-07-14 22:14:21 ----A---- C:\WINDOWS\system32\wuapi.dll
2015-07-14 22:14:20 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2015-07-14 22:14:20 ----A---- C:\WINDOWS\SYSWOW64\wuapp.exe
2015-07-14 22:14:20 ----A---- C:\WINDOWS\system32\wucltux.dll
2015-07-14 22:14:20 ----A---- C:\WINDOWS\system32\wuauclt.exe
2015-07-14 22:14:20 ----A---- C:\WINDOWS\system32\WinSetupUI.dll
2015-07-14 22:14:19 ----A---- C:\WINDOWS\SYSWOW64\wuwebv.dll
2015-07-14 22:14:19 ----A---- C:\WINDOWS\system32\wuwebv.dll
2015-07-14 22:14:19 ----A---- C:\WINDOWS\system32\WUSettingsProvider.dll
2015-07-14 22:14:19 ----A---- C:\WINDOWS\system32\wudriver.dll
2015-07-14 22:14:18 ----A---- C:\WINDOWS\system32\wups2.dll
2015-07-14 22:14:18 ----A---- C:\WINDOWS\system32\wups.dll
2015-07-14 22:13:27 ----A---- C:\WINDOWS\system32\mshtml.dll
2015-07-14 22:13:25 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2015-07-14 22:13:06 ----A---- C:\WINDOWS\system32\ieframe.dll
2015-07-14 22:13:02 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2015-07-14 22:13:00 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2015-07-14 22:13:00 ----A---- C:\WINDOWS\system32\urlmon.dll
2015-07-14 22:13:00 ----A---- C:\WINDOWS\system32\iertutil.dll
2015-07-14 22:12:59 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2015-07-14 22:12:06 ----A---- C:\WINDOWS\system32\actxprxy.dll
2015-07-14 22:12:05 ----A---- C:\WINDOWS\system32\wininet.dll
2015-07-14 22:12:02 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2015-07-14 22:12:00 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2015-07-14 22:12:00 ----A---- C:\WINDOWS\SYSWOW64\actxprxy.dll
2015-07-14 22:12:00 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2015-07-14 22:11:59 ----A---- C:\WINDOWS\system32\vbscript.dll
2015-07-14 22:11:59 ----A---- C:\WINDOWS\system32\MshtmlDac.dll
2015-07-14 22:11:59 ----A---- C:\WINDOWS\system32\ieui.dll
2015-07-14 22:11:58 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2015-07-14 22:11:57 ----A---- C:\WINDOWS\SYSWOW64\MshtmlDac.dll
2015-07-14 22:11:56 ----A---- C:\WINDOWS\SYSWOW64\ieui.dll
2015-07-14 22:11:54 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2015-07-14 22:11:51 ----A---- C:\WINDOWS\SYSWOW64\msrating.dll
2015-07-14 22:11:51 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2015-07-14 22:11:51 ----A---- C:\WINDOWS\system32\msfeeds.dll
2015-07-14 22:11:49 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2015-07-14 22:11:49 ----A---- C:\WINDOWS\system32\msrating.dll
2015-07-14 22:11:49 ----A---- C:\WINDOWS\system32\mshtmled.dll
2015-07-14 22:11:47 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2015-07-14 22:11:46 ----A---- C:\WINDOWS\SYSWOW64\webcheck.dll
2015-07-14 22:11:46 ----A---- C:\WINDOWS\system32\webcheck.dll
2015-07-14 22:11:46 ----A---- C:\WINDOWS\system32\inetcomm.dll
2015-07-14 22:11:46 ----A---- C:\WINDOWS\system32\dxtrans.dll
2015-07-14 22:11:45 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2015-07-14 22:11:45 ----A---- C:\WINDOWS\system32\iepeers.dll
2015-07-14 22:11:43 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll
2015-07-14 22:11:43 ----A---- C:\WINDOWS\system32\jscript.dll
2015-07-14 22:11:42 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2015-07-14 22:11:20 ----A---- C:\WINDOWS\SYSWOW64\gdi32.dll
2015-07-14 22:11:20 ----A---- C:\WINDOWS\system32\gdi32.dll
2015-07-14 22:11:18 ----A---- C:\WINDOWS\system32\ole32.dll
2015-07-14 22:11:18 ----A---- C:\WINDOWS\system32\fhcpl.dll
2015-07-14 22:11:17 ----A---- C:\WINDOWS\SYSWOW64\ole32.dll
2015-07-14 22:11:15 ----A---- C:\WINDOWS\system32\msftedit.dll
2015-07-14 22:11:13 ----A---- C:\WINDOWS\SYSWOW64\msftedit.dll
2015-07-14 22:11:10 ----A---- C:\WINDOWS\system32\apphelp.dll
2015-07-14 22:10:58 ----A---- C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2015-07-14 22:10:44 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2015-07-14 22:10:36 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2015-07-14 21:15:04 ----RD---- C:\Program Files (x86)\Skype
2015-07-11 14:32:14 ----D---- C:\Program Files (x86)\Whopping Ring
2015-06-24 01:31:00 ----A---- C:\WINDOWS\system32\FM20.DLL
2015-06-21 17:09:51 ----D---- C:\Users\Jobran\AppData\Roaming\LEGO Company
2015-06-21 13:19:42 ----D---- C:\Program Files (x86)\LEGO Company
2015-06-21 10:13:32 ----D---- C:\Program Files (x86)\CS 1.6

======List of files/folders modified in the last 1 month======

2015-07-16 17:00:18 ----D---- C:\WINDOWS\Prefetch
2015-07-16 17:00:10 ----RD---- C:\Program Files
2015-07-16 17:00:03 ----D---- C:\WINDOWS\system32\sru
2015-07-16 16:59:51 ----RD---- C:\Program Files (x86)
2015-07-16 16:56:12 ----D---- C:\Users\Jobran\AppData\Roaming\Skype
2015-07-16 16:51:24 ----D---- C:\WINDOWS\Temp
2015-07-16 16:46:18 ----D---- C:\Windows
2015-07-16 16:37:43 ----D---- C:\Program Files (x86)\Google
2015-07-16 16:37:30 ----SHD---- C:\System Volume Information
2015-07-16 16:37:07 ----D---- C:\WINDOWS\SoftwareDistribution
2015-07-16 16:30:42 ----D---- C:\WINDOWS\system32\catroot
2015-07-16 16:30:24 ----D---- C:\WINDOWS\Microsoft.NET
2015-07-16 16:28:58 ----DC---- C:\WINDOWS\Panther
2015-07-16 16:28:58 ----D---- C:\WINDOWS\Minidump
2015-07-16 16:28:58 ----D---- C:\WINDOWS\Logs
2015-07-16 16:28:58 ----D---- C:\WINDOWS\Inf
2015-07-16 16:28:58 ----D---- C:\WINDOWS\debug
2015-07-16 16:10:02 ----D---- C:\WINDOWS\system32\Tasks
2015-07-16 16:02:17 ----D---- C:\WINDOWS\SysWOW64
2015-07-16 16:02:17 ----D---- C:\ProgramData\Oracle
2015-07-16 16:02:01 ----SHD---- C:\WINDOWS\Installer
2015-07-16 16:02:01 ----SHD---- C:\Config.Msi
2015-07-16 16:02:00 ----D---- C:\Program Files (x86)\Java
2015-07-16 16:01:38 ----D---- C:\Program Files\Java
2015-07-16 16:01:28 ----RD---- C:\WINDOWS\System32
2015-07-16 16:01:18 ----D---- C:\Program Files (x86)\Common Files
2015-07-16 16:00:42 ----A---- C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2015-07-16 16:00:35 ----A---- C:\WINDOWS\system32\javaws.exe
2015-07-16 16:00:35 ----A---- C:\WINDOWS\system32\javaw.exe
2015-07-16 16:00:34 ----A---- C:\WINDOWS\system32\java.exe
2015-07-16 15:59:28 ----A---- C:\WINDOWS\SYSWOW64\WindowsAccessBridge-32.dll
2015-07-16 15:54:46 ----D---- C:\Program Files (x86)\MarkAny
2015-07-16 15:44:32 ----D---- C:\Users\Jobran\AppData\Roaming\Seznam.cz
2015-07-16 15:34:47 ----D---- C:\Program Files (x86)\Seznam.cz
2015-07-16 15:33:11 ----D---- C:\Users\Jobran\AppData\Roaming\Samsung
2015-07-16 15:33:10 ----D---- C:\Program Files (x86)\Samsung
2015-07-16 15:33:06 ----D---- C:\WINDOWS\system32\DriverStore
2015-07-16 15:33:06 ----D---- C:\WINDOWS\system32\drivers
2015-07-16 15:32:36 ----D---- C:\ProgramData\Samsung
2015-07-16 15:32:12 ----D---- C:\ProgramData\Battle.net
2015-07-16 15:24:58 ----D---- C:\Riot Games
2015-07-16 15:12:25 ----D---- C:\WINDOWS\system32\config
2015-07-16 15:06:11 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2015-07-16 15:00:45 ----D---- C:\WINDOWS\system32\catroot2
2015-07-16 14:53:48 ----D---- C:\WINDOWS\WinSxS
2015-07-16 14:45:53 ----D---- C:\WINDOWS\vpnplugins
2015-07-16 14:42:38 ----D---- C:\WINDOWS\system32\cs-CZ
2015-07-16 14:42:35 ----D---- C:\WINDOWS\system32\CodeIntegrity
2015-07-16 14:42:24 ----RD---- C:\WINDOWS\ToastData
2015-07-16 14:42:21 ----SD---- C:\WINDOWS\system32\CompatTel
2015-07-16 14:42:21 ----D---- C:\WINDOWS\WinStore
2015-07-16 14:42:21 ----D---- C:\WINDOWS\system32\wbem
2015-07-16 14:42:21 ----D---- C:\WINDOWS\system32\appraiser
2015-07-16 14:42:21 ----D---- C:\WINDOWS\apppatch
2015-07-16 14:42:19 ----D---- C:\Program Files\Internet Explorer
2015-07-16 14:42:19 ----D---- C:\Program Files (x86)\Internet Explorer
2015-07-16 14:39:19 ----HD---- C:\ProgramData
2015-07-16 13:46:47 ----D---- C:\Users\Jobran\AppData\Roaming\TeamViewer
2015-07-16 13:37:33 ----D---- C:\Program Files (x86)\MyFree Codec
2015-07-16 13:15:48 ----D---- C:\WINDOWS\CbsTemp
2015-07-16 12:20:59 ----D---- C:\Program Files\Google
2015-07-16 12:18:27 ----D---- C:\WINDOWS\Tasks
2015-07-16 11:55:08 ----RSD---- C:\WINDOWS\Fonts
2015-07-16 11:46:17 ----D---- C:\Program Files (x86)\Use VLC for YouTube
2015-07-16 11:46:17 ----D---- C:\Program Files (x86)\Show Apps in new tab
2015-07-16 11:46:17 ----D---- C:\Program Files (x86)\New Tab Clock
2015-07-16 11:18:14 ----D---- C:\ProgramData\Google
2015-07-16 11:04:58 ----D---- C:\ProgramData\Microsoft Help
2015-07-16 11:04:09 ----D---- C:\WINDOWS\system32\MRT
2015-07-16 10:27:24 ----D---- C:\WINDOWS\system32\wdi
2015-07-15 16:48:26 ----D---- C:\WINDOWS\AppReadiness
2015-07-15 10:59:14 ----HD---- C:\Program Files\WindowsApps
2015-07-14 21:15:24 ----D---- C:\ProgramData\Skype
2015-07-13 23:10:13 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2015-07-05 12:08:23 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2015-07-03 08:43:04 ----A---- C:\WINDOWS\system32\MRT.exe
2015-06-22 15:33:40 ----D---- C:\Program Files (x86)\Drakensang Online
2015-06-18 20:56:14 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amdkmpfd;@oem23.inf,%AMDKMPFD_svcdesc%;AMD PCI Root Bus Lower Filter; C:\WINDOWS\System32\drivers\amdkmpfd.sys [2013-12-13 36096]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2013-08-30 644968]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2013-08-20 12521472]
R3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2013-08-20 617472]
R3 AthBTPort;@oem34.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\WINDOWS\system32\DRIVERS\btath_flt.sys [2013-09-04 89800]
R3 athr;@oem30.inf,%ATHR.Service.DispName%;Dell Extensible Wireless LAN device driver; C:\WINDOWS\system32\DRIVERS\athwbx.sys [2013-08-15 3859968]
R3 BTATH_A2DP;@oem33.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\WINDOWS\system32\drivers\btath_a2dp.sys [2013-09-04 338120]
R3 btath_avdt;@oem33.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\WINDOWS\system32\drivers\btath_avdt.sys [2013-09-04 116424]
R3 BTATH_BUS;@oem31.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\WINDOWS\System32\drivers\btath_bus.sys [2013-09-04 34384]
R3 BTATH_HCRP;@oem36.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\WINDOWS\System32\drivers\btath_hcrp.sys [2013-09-04 179432]
R3 BTATH_LWFLT;@oem38.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [2013-09-04 77464]
R3 BTATH_RCP;@oem40.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\WINDOWS\System32\drivers\btath_rcp.sys [2013-09-04 137928]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2013-09-04 594120]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2014-10-29 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\BthLEEnum.sys [2013-12-04 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2014-07-24 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 hamachi;LogMeIn Hamachi Virtual Miniport); C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [2015-01-20 44296]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2013-09-16 4177920]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2013-08-21 3591000]
R3 iwdbus;@oem41.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2013-08-23 26008]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys [2015-06-18 25816]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [2015-07-16 113880]
R3 MEIx64;@oem7.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [2013-12-11 100312]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 RSUSBVSTOR;@oem14.inf,%RSUSBVSTOR.SvcDesc%;RtsUVStor.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RtsUVStor.sys [2013-11-01 330456]
R3 RTL8168;@oem29.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-06-21 816344]
R3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [2013-08-23 34544]
R3 StillCam;@sti.inf,%StillCam.SvcDesc%;Ovladač digitálního fotoaparátu pro sériový port; C:\WINDOWS\System32\drivers\serscan.sys [2014-10-29 11776]
R3 SynTP;@oem28.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2013-08-23 529648]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2014-06-21 212736]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2015-05-11 1201664]
S3 DellRbtn;@oem5.inf,%DellRbtn%;Airplane Mode Switch; C:\WINDOWS\System32\drivers\DellRbtn.sys [2013-01-24 10752]
S3 intaud_WaveExtensible;@oem21.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2013-12-27 38296]
S3 IntcDAud;@oem16.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2013-09-18 452088]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\WINDOWS\system32\drivers\mwac.sys [2015-06-18 64216]
S3 usb_rndisx;@netrndis.inf,%usb_rndis.Service.DispName%;Adaptér USB RNDIS; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2013-08-22 20992]
S3 usbrndis6;@netrndis.inf,%usbrndis6.Service.DispName%;Adaptér USB RNDIS6; C:\WINDOWS\system32\DRIVERS\usb80236.sys [2013-08-22 20992]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-08-22 44544]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-17 98208]
R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2013-08-20 239616]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [2013-09-04 312448]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2015-03-12 9216]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-08-30 15720]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-12-10 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-12-10 390616]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2013-06-18 246488]
R2 Whopping Ring;Whopping Ring; C:\Program Files (x86)\Whopping Ring\Whopping Ring.exe [2015-07-11 8016595]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-06-18 1133880]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-06-03 327296]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2013-09-23 279024]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-06-04 837312]

-----------------EOF-----------------

[asasina]

info.txt logfile of random's system information tool 1.10 2015-07-16 17:00:20

======MBR======

0x33C08ED0BC007C8EC08ED8BE007CBF0006B90002FCF3A450681C06CBFBB90400BDBE07807E00007C0B0F850E0183C510E2F1CD1888560055C6461105C6461000B441BBAA55CD135D720F81FB55AA7509F7C101007403FE46106660807E1000742666680000000066FF760868000068007C680100681000B4428A56008BF4CD139F83C4109EEB14B80102BB007C8A56008A76018A4E028A6E03CD136661731CFE4E11750C807E00800F848A00B280EB845532E48A5600CD135DEB9E813EFE7D55AA756EFF7600E88D007517FAB0D1E664E88300B0DFE660E87C00B0FFE664E87500FBB800BBCD1A6623C0753B6681FB54435041753281F90201722C666807BB00006668000200006668080000006653665366556668000000006668007C0000666168000007CD1A5A32F6EA007C0000CD18A0B707EB08A0B607EB03A0B50732E40500078BF0AC3C007409BB0700B40ECD10EBF2F4EBFD2BC9E464EB002402E0F82402C3496E76616C696420706172746974696F6E207461626C65004572726F72206C6F6164696E67206F7065726174696E672073797374656D004D697373696E67206F7065726174696E672073797374656D000000637B9A00000000000000000200EEFFFFFF01000000FFFFFFFF00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000055AA

======Uninstall list======

Adobe Flash Player 10 Plugin-->C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil10zr_Plugin.exe -maintain plugin
Adobe Reader XI (11.0.12) - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-AB0000000001}
Adobe Refresh Manager-->MsiExec.exe /I{AC76BA86-0804-1033-1959-001824147215}
Adobe Shockwave Player 12.1-->"C:\WINDOWS\SysWOW64\Adobe\Shockwave 12\uninstaller.exe"
AMD Accelerated Video Transcoding-->MsiExec.exe /X{05DCE321-7560-A57C-9CFF-417661CFEC4C}
AMD APP SDK Runtime-->MsiExec.exe /I{503F672D-6C84-448A-8F8F-4BC35AC83441}
AMD Catalyst Install Manager-->msiexec /q/x{34397444-D51C-ADCC-799D-82361E573488} REBOOT=ReallySuppress
Catalyst Control Center - Branding-->MsiExec.exe /I{FD286527-7076-4988-A436-BEE53EA1B900}
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Counter-Strike 1.6-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9}\Setup.exe" -l0x19
Definition Update for Microsoft Office 2010 (KB3054883) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{5A4A3E4F-D85A-4CF7-8210-AEDA92BF5D57}" "1029" "0"
Dell Touchpad-->rundll32.exe "%ProgramFiles%\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Dell WLAN and Bluetooth Client Installation-->"C:\Program Files (x86)\InstallShield Installation Information\{28006915-2739-4EBE-B5E8-49B25D32EB33}\Setup.exe" -runfromtemp -l0x0405 -removeonly
Drakensang Online-->C:\Program Files (x86)\Drakensang Online\Uninstall.exe
Google Update Helper-->MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Hi-Rez Studios Authenticate and Update Service-->"C:\Program Files (x86)\Hi-Rez Studios\HiRezGamesDiagAndSupport.exe" uninstall=all
HP Deskjet 6520 series Nápověda-->MsiExec.exe /I{CB98887B-0D5D-482A-8039-102F60DAA960}
HP FWUpdateEDO2-->MsiExec.exe /I{415FA9AD-DA10-4ABE-97B6-5051D4795C90}
HP Update-->MsiExec.exe /X{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}
Intel(R) Control Center-->C:\Program Files (x86)\Intel\Intel Control Center\uninstaller\SetupICC.exe -uninstall -force -confirm
Intel(R) Management Engine Components-->C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall
Intel(R) Processor Graphics-->C:\Program Files (x86)\Intel\Intel(R) Processor Graphics\Uninstall\setup.exe -uninstall
Intel(R) Rapid Storage Technology-->"C:\ProgramData\Intel\Package Cache\{409CB30E-E457-4008-9B1A-ED1B9EA21140}\Setup.exe" -uninstall
Intel(R) Rapid Storage Technology-->MsiExec.exe /I{96714280-14E6-4DF7-BACD-F797C0F17C3D}
Intel(R) SDK for OpenCL - CPU Only Runtime Package-->C:\Program Files (x86)\Intel\OpenCL SDK\3.0\Uninstall\setup.exe -uninstall
Intel® Trusted Connect Service Client-->MsiExec.exe /I{B5E06417-A4AC-4225-B36E-7E34C91616E7}
Java 8 Update 51 (64-bit)-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F86418051F0}
Java 8 Update 51-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83218051F0}
Malwarebytes Anti-Malware verze 2.1.8.1057-->"C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe"
Microsoft Office 2010 pro podnikatele-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe" /uninstall SINGLEIMAGE /dll OSETUP.DLL
Microsoft Office Access MUI (Czech) 2010-->MsiExec.exe /X{90140000-0015-0405-1000-0000000FF1CE}
Microsoft Office Excel MUI (Czech) 2010-->MsiExec.exe /X{90140000-0016-0405-1000-0000000FF1CE}
Microsoft Office Office 32-bit Components 2010-->MsiExec.exe /X{90140000-0043-0000-1000-0000000FF1CE}
Microsoft Office OneNote MUI (Czech) 2010-->MsiExec.exe /X{90140000-00A1-0405-1000-0000000FF1CE}
Microsoft Office Outlook MUI (Czech) 2010-->MsiExec.exe /X{90140000-001A-0405-1000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2010-->MsiExec.exe /X{90140000-0018-0405-1000-0000000FF1CE}
Microsoft Office Proof (Czech) 2010-->MsiExec.exe /X{90140000-001F-0405-1000-0000000FF1CE}
Microsoft Office Proof (English) 2010-->MsiExec.exe /X{90140000-001F-0409-1000-0000000FF1CE}
Microsoft Office Proof (German) 2010-->MsiExec.exe /X{90140000-001F-0407-1000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2010-->MsiExec.exe /X{90140000-001F-041B-1000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2010-->MsiExec.exe /X{90140000-002C-0405-1000-0000000FF1CE}
Microsoft Office Publisher MUI (Czech) 2010-->MsiExec.exe /X{90140000-0019-0405-1000-0000000FF1CE}
Microsoft Office Shared 32-bit MUI (Czech) 2010-->MsiExec.exe /X{90140000-0043-0405-1000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2010-->MsiExec.exe /X{90140000-006E-0405-1000-0000000FF1CE}
Microsoft Office Single Image 2010-->MsiExec.exe /X{90140000-003D-0000-1000-0000000FF1CE}
Microsoft Office Word MUI (Czech) 2010-->MsiExec.exe /X{90140000-001B-0405-1000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219-->MsiExec.exe /X{1D8E6291-B0D5-35EC-8441-6616F567A0F7}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030-->"C:\ProgramData\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}\vcredist_x64.exe" /uninstall
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030-->"C:\ProgramData\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}\vcredist_x86.exe" /uninstall
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030-->MsiExec.exe /X{37B8F9C7-03FB-3253-8781-2517C99D7C00}
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030-->MsiExec.exe /X{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030-->MsiExec.exe /X{B175520C-86A2-35A7-8619-86DC379688B9}
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030-->MsiExec.exe /X{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}
Microsoft Visual Studio 2010 Tools for Office Runtime (x64)-->c:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)\install.exe
Microsoft Visual Studio 2010 Tools for Office Runtime (x64)-->MsiExec.exe /X{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}
OEM Application Profile-->MsiExec.exe /X{548083DD-D99B-2CE1-8D2B-D78BEB834F7A}
Quickset64-->MsiExec.exe /I{87CF757E-C1F1-4D22-865C-00C6950B5258}
Realtek Card Reader-->"C:\Program Files (x86)\InstallShield Installation Information\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}\Setup.exe" -runfromtemp -removeonly
Realtek Ethernet Controller All-In-One Windows Driver-->C:\Program Files (x86)\InstallShield Installation Information\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}\Setup.exe -runfromtemp -removeonly
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly
Revo Uninstaller 1.95-->C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\uninst.exe
Security Update for Microsoft Excel 2010 (KB3054981) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{2AAB00FC-B095-45C9-8B33-4B3941119D09}" "1029" "0"
Security Update for Microsoft Office 2010 (KB2687423) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{A2F2E3C4-887C-4A3B-B73A-576984420D12}" "1029" "0"
Security Update for Microsoft Office 2010 (KB2760781) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0405-1000-0000000FF1CE}" "{95FC4D5E-0C1A-435A-9759-E8656BCB358B}" "1029" "0"
Security Update for Microsoft Office 2010 (KB2850016) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{DEE523DB-C590-45D3-B658-73F93062D7B3}" "1029" "0"
Security Update for Microsoft Office 2010 (KB2863817) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-006E-0405-1000-0000000FF1CE}" "{C757F75C-E505-41CD-B6BE-20332F5D2536}" "1029" "0"
Security Update for Microsoft Office 2010 (KB2880971) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{C7B639A9-54A9-4B30-87AA-45BD4F06E1A6}" "1029" "0"
Security Update for Microsoft Office 2010 (KB2881071) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{D458143D-EEDA-486F-8985-F16BF87AA315}" "1029" "0"
Security Update for Microsoft Office 2010 (KB2920748) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{58C697C0-E8B1-4AF2-9352-292877352216}" "1029" "0"
Security Update for Microsoft Office 2010 (KB2956076) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-006E-0405-1000-0000000FF1CE}" "{0B1F2192-7506-4F63-A219-EB9A95874F74}" "1029" "0"
Security Update for Microsoft Office 2010 (KB3054834) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{A177BCFD-0BE3-4787-A3B0-D87D46F00301}" "1029" "0"
Security Update for Microsoft Office 2010 (KB3054848) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{A990ADB6-BBCD-492F-A075-19CE527E576C}" "1029" "0"
Security Update for Microsoft PowerPoint 2010 (KB2920812) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0018-0405-1000-0000000FF1CE}" "{6884A410-CA3C-418F-A7A1-4E091D64397D}" "1029" "0"
Security Update for Microsoft PowerPoint 2010 (KB3054963) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{4662A2E4-38C2-4CF2-8ADB-1C4694A2187B}" "1029" "0"
Security Update for Microsoft Word 2010 (KB2553428) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-0405-1000-0000000FF1CE}" "{A2FBE011-B8EC-46BB-9E25-2FB6191A8A97}" "1029" "0"
Security Update for Microsoft Word 2010 (KB2553428) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001B-0405-1000-0000000FF1CE}" "{A2FBE011-B8EC-46BB-9E25-2FB6191A8A97}" "1029" "0"
Security Update for Microsoft Word 2010 (KB3054973) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{26CA9B6D-2E12-484A-9F33-811ED43A6524}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0015-0405-1000-0000000FF1CE}" "{0D84952B-2B1D-459C-9173-D3B033D58C2F}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0016-0405-1000-0000000FF1CE}" "{0D84952B-2B1D-459C-9173-D3B033D58C2F}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0018-0405-1000-0000000FF1CE}" "{0D84952B-2B1D-459C-9173-D3B033D58C2F}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0019-0405-1000-0000000FF1CE}" "{0D84952B-2B1D-459C-9173-D3B033D58C2F}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-0405-1000-0000000FF1CE}" "{0D84952B-2B1D-459C-9173-D3B033D58C2F}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001B-0405-1000-0000000FF1CE}" "{0D84952B-2B1D-459C-9173-D3B033D58C2F}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0405-1000-0000000FF1CE}" "{235F521F-C627-4957-A641-C4C161F78531}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0407-1000-0000000FF1CE}" "{EE3A99C9-FD8F-4923-9F82-27365DA4B873}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0409-1000-0000000FF1CE}" "{C814F7D9-CE9D-45AA-BA7C-88BDD0E1EB7C}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-041B-1000-0000000FF1CE}" "{2E7C03CB-FE0A-4B95-BA37-742CD596760C}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002C-0405-1000-0000000FF1CE}" "{FF4FCFC2-4935-49E4-B35E-5FCF7343412B}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{A3364707-2F53-4C83-8F68-C9877A9080C7}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{F3FAAB68-7697-4B1F-A23A-72312565AEAB}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0405-1000-0000000FF1CE}" "{62E2481E-63BB-4481-A0CE-071D6D663B1B}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-006E-0405-1000-0000000FF1CE}" "{BFFA0FE1-0823-4382-9DD3-49DA02375BBA}" "1029" "0"
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-00A1-0405-1000-0000000FF1CE}" "{0D84952B-2B1D-459C-9173-D3B033D58C2F}" "1029" "0"
Skype™ 7.6-->MsiExec.exe /X{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}
Smite-->"C:\Program Files (x86)\Hi-Rez Studios\HiRezGamesDiagAndSupport.exe" uninstall=17
Studie vylepšování produktu HP Deskjet 6520 series-->MsiExec.exe /I{3D23B6E6-CD60-450D-95F9-10E8368257E8}
swMSM-->MsiExec.exe /I{612C34C7-5E90-47D8-9B5C-0F717DD82726}
The Witcher 2 Enhanced Edition verze 3.0-->"C:\Program Files (x86)\The Witcher 2\unins000.exe"
Update for Microsoft Access 2010 (KB2965300) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{9089C302-977D-42D4-87A5-8C1EC1E267F9}" "1029" "0"
Update for Microsoft Excel 2010 (KB2956084) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0016-0405-1000-0000000FF1CE}" "{41D80B8F-6F10-4FAF-B61B-4B4BF18179AF}" "1029" "0"
Update for Microsoft Excel 2010 (KB2956084) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0018-0405-1000-0000000FF1CE}" "{41D80B8F-6F10-4FAF-B61B-4B4BF18179AF}" "1029" "0"
Update for Microsoft Excel 2010 (KB2956084) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001B-0405-1000-0000000FF1CE}" "{41D80B8F-6F10-4FAF-B61B-4B4BF18179AF}" "1029" "0"
Update for Microsoft Filter Pack 2.0 (KB2881026) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{E51DB3F4-A162-484C-A673-40E18202B10A}" "1029" "0"
Update for Microsoft InfoPath 2010 (KB2817369) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{DB0B0CDF-77EC-47B0-94E2-4738573A1E58}" "1029" "0"
Update for Microsoft Office 2010 (KB2553140) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{8C0FFF5F-4CC1-48F5-9B3F-8DE7DA2E116F}" "1029" "0"
Update for Microsoft Office 2010 (KB2553140) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-006E-0405-1000-0000000FF1CE}" "{8C0FFF5F-4CC1-48F5-9B3F-8DE7DA2E116F}" "1029" "0"
Update for Microsoft Office 2010 (KB2553347) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0015-0405-1000-0000000FF1CE}" "{1B114BCA-F84F-45EB-ACE8-FC3CB5557FB7}" "1029" "0"
Update for Microsoft Office 2010 (KB2553347) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0016-0405-1000-0000000FF1CE}" "{1B114BCA-F84F-45EB-ACE8-FC3CB5557FB7}" "1029" "0"
Update for Microsoft Office 2010 (KB2553347) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0018-0405-1000-0000000FF1CE}" "{1B114BCA-F84F-45EB-ACE8-FC3CB5557FB7}" "1029" "0"
Update for Microsoft Office 2010 (KB2553347) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0019-0405-1000-0000000FF1CE}" "{1B114BCA-F84F-45EB-ACE8-FC3CB5557FB7}" "1029" "0"
Update for Microsoft Office 2010 (KB2553347) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-0405-1000-0000000FF1CE}" "{1B114BCA-F84F-45EB-ACE8-FC3CB5557FB7}" "1029" "0"
Update for Microsoft Office 2010 (KB2553347) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001B-0405-1000-0000000FF1CE}" "{1B114BCA-F84F-45EB-ACE8-FC3CB5557FB7}" "1029" "0"
Update for Microsoft Office 2010 (KB2553347) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0405-1000-0000000FF1CE}" "{1B114BCA-F84F-45EB-ACE8-FC3CB5557FB7}" "1029" "0"
Update for Microsoft Office 2010 (KB2553347) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0407-1000-0000000FF1CE}" "{1B114BCA-F84F-45EB-ACE8-FC3CB5557FB7}" "1029" "0"
Update for Microsoft Office 2010 (KB2553347) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0409-1000-0000000FF1CE}" "{1B114BCA-F84F-45EB-ACE8-FC3CB5557FB7}" "1029" "0"
Update for Microsoft Office 2010 (KB2553347) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-041B-1000-0000000FF1CE}" "{1B114BCA-F84F-45EB-ACE8-FC3CB5557FB7}" "1029" "0"
Update for Microsoft Office 2010 (KB2553347) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002C-0405-1000-0000000FF1CE}" "{1B114BCA-F84F-45EB-ACE8-FC3CB5557FB7}" "1029" "0"
Update for Microsoft Office 2010 (KB2553347) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{1B114BCA-F84F-45EB-ACE8-FC3CB5557FB7}" "1029" "0"
Update for Microsoft Office 2010 (KB2553347) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{1B114BCA-F84F-45EB-ACE8-FC3CB5557FB7}" "1029" "0"
Update for Microsoft Office 2010 (KB2553347) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0405-1000-0000000FF1CE}" "{1B114BCA-F84F-45EB-ACE8-FC3CB5557FB7}" "1029" "0"
Update for Microsoft Office 2010 (KB2553347) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-006E-0405-1000-0000000FF1CE}" "{1B114BCA-F84F-45EB-ACE8-FC3CB5557FB7}" "1029" "0"
Update for Microsoft Office 2010 (KB2553347) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-00A1-0405-1000-0000000FF1CE}" "{1B114BCA-F84F-45EB-ACE8-FC3CB5557FB7}" "1029" "0"
Update for Microsoft Office 2010 (KB2589282) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{636F3DF9-D002-408F-9D08-0B279ECF47C9}" "1029" "0"
Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{79C725A1-3964-421C-A528-78C1C083C7C7}" "1029" "0"
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}" "1029" "0"
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}" "1029" "0"
Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{EBD18DE5-BC84-4B57-9A30-097044871F9A}" "1029" "0"
Update for Microsoft Office 2010 (KB2589386) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{B340E9EB-DDA6-40E7-8501-5B7BAEC6D25F}" "1029" "0"
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{4AD36582-256B-433D-8593-F31773A15CA4}" "1029" "0"
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{4AD36582-256B-433D-8593-F31773A15CA4}" "1029" "0"
Update for Microsoft Office 2010 (KB2687275) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{9505441B-65A1-4AD5-B727-0CE42D24D2B7}" "1029" "0"
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{B6AD7E27-012A-4B63-82BA-AF62893E5435}" "1029" "0"
Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{07DC9C6C-E916-4F42-8677-716930ED0393}" "1029" "0"
Update for Microsoft Office 2010 (KB2825635) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{6E760BBA-B83F-4C2D-918F-5F91EF6C9861}" "1029" "0"
Update for Microsoft Office 2010 (KB2883019) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{956B3213-0246-42A8-A6FE-3EF7DC6E66A9}" "1029" "0"
Update for Microsoft Office 2010 (KB2889828) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0407-1000-0000000FF1CE}" "{F51F47E8-881F-4BCC-BE51-1F708EE69531}" "1029" "0"
Update for Microsoft Office 2010 (KB2965296) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0409-1000-0000000FF1CE}" "{97682D16-0BCC-47C0-B3A3-268957E6BD11}" "1029" "0"
Update for Microsoft Office 2010 (KB2965301) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{C71E61E9-86E5-45F2-9A19-2162AEFB7C10}" "1029" "0"
Update for Microsoft Office 2010 (KB2965301) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{C71E61E9-86E5-45F2-9A19-2162AEFB7C10}" "1029" "0"
Update for Microsoft Office 2010 (KB3054873) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{75A4ACD6-A407-41B3-8889-8AB7862A9D9D}" "1029" "0"
Update for Microsoft Office 2010 (KB3054964) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{6853CC86-8D88-4CAE-B4A2-F7AD0DFD5CD6}" "1029" "0"
Update for Microsoft Office 2010 (KB3054964) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{6853CC86-8D88-4CAE-B4A2-F7AD0DFD5CD6}" "1029" "0"
Update for Microsoft OneNote 2010 (KB2956075) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-00A1-0405-1000-0000000FF1CE}" "{60510C36-8FB9-4455-8104-89615C7AB795}" "1029" "0"
Update for Microsoft OneNote 2010 (KB2965297) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{366A84D9-CC17-4313-A2E8-2E3AAB332B58}" "1029" "0"
Update for Microsoft OneNote 2010 (KB2965297) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{366A84D9-CC17-4313-A2E8-2E3AAB332B58}" "1029" "0"
Update for Microsoft Outlook 2010 (KB3054881) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-0405-1000-0000000FF1CE}" "{C963A453-E7F2-48EB-B80E-6C64A5C2C255}" "1029" "0"
Update for Microsoft Outlook 2010 (KB3054976) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{C2032679-66A8-43FE-AAFC-BE9D357551D7}" "1029" "0"
Update for Microsoft Outlook Social Connector 2010 (KB2553308) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{9E5104CF-2AE5-4D90-8D5A-9BE468964D8B}" "1029" "0"
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0043-0000-1000-0000000FF1CE}" "{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}" "1029" "0"
Update for Microsoft Visio 2010 (KB2965292) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{5206C5F8-E115-4D17-AF86-F9D241AD75FE}" "1029" "0"
Update for Microsoft Visio Viewer 2010 (KB2881021) 64-Bit Edition-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-1000-0000000FF1CE}" "{899F1A18-D860-4C63-B3C8-095B8E537D3D}" "1029" "0"
VLC media player 2.1.3-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe
WinRAR 5.11 (32-bit)-->C:\Program Files (x86)\WinRAR\uninstall.exe
Základní software zařízení HP Deskjet 6520 series-->MsiExec.exe /I{E0365A88-9BCE-4E15-98C5-21F454C7479F}
Zaklínač - Rozšířená edice-->C:\Program Files (x86)\InstallShield Installation Information\{86ACE727-A4F2-4B28-A37D-254D9CC03156}\setup.exe -runfromtemp -l0x0005 -removeonly

======System event log======

Computer Name: Jobran-Notebook
Event Code: 42
Message: Systém přechází do režimu spánku.

Důvod spánku: Tlačítko nebo kryt
Record Number: 1635
Source Name: Microsoft-Windows-Kernel-Power
Time Written: 20140317125432.845023-000
Event Type: Informace
User:

Computer Name: Jobran-Notebook
Event Code: 4000
Message: Platforma Network Diagnostics Framework dokončila diagnostickou fázi operace. Byla nabídnuta následující možnost opravy:

Název pomocné třídy: RNWF MSM Helper Class

Hlavní příčina: Přidružení k bezdrátové síti Barcelo Praha se nezdařilo.
Nepřišla odpověď od směrovače nebo přístupového bodu.

GUID hlavní příčiny: {0576AC9E-F3D4-4148-AC43-0820B503D3B3}

Možnost opravy: Resetujte adaptér bezdrátové sítě.
Síťový adaptér Wi-Fi v tomto počítači tím bude vypnut a poté znovu zapnut.

GUID opravy: {07D37F7B-FA5E-4443-BDA7-AB107B29AFB9}

Doba požadovaná pro opravu (sekundy): 300

Kontext zabezpečení požadovaný pro opravu: 80

Rozhraní: Wi-Fi ({1F8EBB44-3947-430A-979F-78D028A0AD3B})
Record Number: 1634
Source Name: Microsoft-Windows-Diagnostics-Networking
Time Written: 20140317125147.604951-000
Event Type: Informace
User: NT AUTHORITY\LOCAL SERVICE

Computer Name: Jobran-Notebook
Event Code: 4000
Message: Platforma Network Diagnostics Framework dokončila diagnostickou fázi operace. Byla nabídnuta následující možnost opravy:

Název pomocné třídy: RNWF MSM Helper Class

Hlavní příčina: Přidružení k bezdrátové síti Barcelo Praha se nezdařilo.
Nepřišla odpověď od směrovače nebo přístupového bodu.

GUID hlavní příčiny: {0576AC9E-F3D4-4148-AC43-0820B503D3B3}

Možnost opravy: Zjištění příčin nízké kvality bezdrátového signálu
Signál je slabý z důvodu vzdálenosti nebo rušení.
Další informace o tomto problému najdete v Nápovědě a podpoře k systému Windows.

GUID opravy: {CDF735DA-71DE-471E-85A6-98B05DF7D631}

Doba požadovaná pro opravu (sekundy): 300

Kontext zabezpečení požadovaný pro opravu: 0

Rozhraní: Wi-Fi ({1F8EBB44-3947-430A-979F-78D028A0AD3B})
Record Number: 1633
Source Name: Microsoft-Windows-Diagnostics-Networking
Time Written: 20140317125147.604951-000
Event Type: Informace
User: NT AUTHORITY\LOCAL SERVICE

Computer Name: Jobran-Notebook
Event Code: 6100
Message: Podrobnosti diagnostiky adaptér bezdrátové sítě:

Úplné informace o této relaci naleznete v informační události bezdrátového připojení.

Třída pomocníka: Nativní WiFi MSM
Stav inicializace: Úspěch

Informace o diagnostikovaných připojeních
Identifikátor GUID rozhraní: 1f8ebb44-3947-430a-979f-78d028a0ad3b
Název rozhraní: Dell Wireless 1705 802.11b/g/n (2.4GHZ)
Typ rozhraní: Nativní Wi-Fi
Profil: Barcelo Praha
SSID: Barcelo Praha
Délka identifikátoru SSID: 13
Režim připojení: Infra
Zabezpečení: Ne
Připojit se i v případě, že síť nevysílá: Ne

Výsledek diagnostiky: Byly zjištěny potíže.

Hlavní příčina:
Přidružení k bezdrátové síti Barcelo Praha se nezdařilo.
Nepřišla odpověď od směrovače nebo přístupového bodu.

Podrobnosti hlavní příčiny:
U této sítě se nepodařilo přidružení k bezdrátové síti. Systém Windows nedostal žádnou odpověď od bezdrátového směrovače nebo přístupového bodu.

Možnost opravy:
Zjištění příčin nízké kvality bezdrátového signálu
Signál je slabý z důvodu vzdálenosti nebo rušení.
Další informace o tomto problému najdete v Nápovědě a podpoře k systému Windows.


Record Number: 1632
Source Name: Microsoft-Windows-Diagnostics-Networking
Time Written: 20140317125147.589351-000
Event Type: Informace
User: NT AUTHORITY\LOCAL SERVICE

Computer Name: Jobran-Notebook
Event Code: 6100
Message: Podrobnosti diagnostiky bezdrátové připojení:

Úplné informace o této relaci naleznete v informační události bezdrátového připojení.

Třída pomocníka: Automatická konfigurace
Stav inicializace: Úspěch

Informace o diagnostikovaných připojeních
Identifikátor GUID rozhraní: 1f8ebb44-3947-430a-979f-78d028a0ad3b
Název rozhraní: Dell Wireless 1705 802.11b/g/n (2.4GHZ)
Typ rozhraní: Nativní Wi-Fi
Profil: Barcelo Praha
SSID: Barcelo Praha
Délka identifikátoru SSID: 13
Režim připojení: Infra
Zabezpečení: Ne
Připojit se i v případě, že síť nevysílá: Ne

Výsledek diagnostiky: Byly zjištěny potíže.
Odkazovaný problém: RNWF MSM Helper Class

Hlavní příčina:
Systém Windows se nemůže připojit k síti Barcelo Praha.
Můžete se pokusit o připojení znovu.

Možnost opravy:
Resetujte adaptér bezdrátové sítě.
Síťový adaptér Wi-Fi v tomto počítači tím bude vypnut a poté znovu zapnut.


Record Number: 1631
Source Name: Microsoft-Windows-Diagnostics-Networking
Time Written: 20140317125147.589351-000
Event Type: Informace
User: NT AUTHORITY\LOCAL SERVICE

=====Application event log=====

Computer Name: Jobran-Notebook
Event Code: 900
Message: Služba Ochrana softwaru se spouští.
Parametry:caller=svchost.exe
Record Number: 22833
Source Name: Microsoft-Windows-Security-SPP
Time Written: 20140823162100.000000-000
Event Type: Informace
User:

Computer Name: Jobran-Notebook
Event Code: 9009
Message: Správce oken plochy byl ukončen s kódem (0xd00002fe).
Record Number: 22832
Source Name: Desktop Window Manager
Time Written: 20140818180918.000000-000
Event Type: Informace
User:

Computer Name: Jobran-Notebook
Event Code: 1530
Message: Systém Windows zjistil, že soubor registru je stále používán jinými aplikacemi nebo službami. Soubor bude nyní uvolněn. Aplikace nebo služby, které soubor registru používají, nemusejí potom fungovat správně. Není nutná žádná akce uživatele.

PODROBNOSTI –
1 user registry handles leaked from \Registry\User\S-1-5-21-1793778196-2422288631-436692435-1001_Classes:
Process 1020 (\Device\HarddiskVolume4\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-1793778196-2422288631-436692435-1001_CLASSES

Record Number: 22831
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20140818180912.148634-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: Jobran-Notebook
Event Code: 6000
Message: Odběratel oznámení přihlašování do systému Windows <SessionEnv> nemohl zpracovat událost upozornění.
Record Number: 22830
Source Name: Microsoft-Windows-Winlogon
Time Written: 20140818180912.000000-000
Event Type: Informace
User:

Computer Name: Jobran-Notebook
Event Code: 1530
Message: Systém Windows zjistil, že soubor registru je stále používán jinými aplikacemi nebo službami. Soubor bude nyní uvolněn. Aplikace nebo služby, které soubor registru používají, nemusejí potom fungovat správně. Není nutná žádná akce uživatele.

PODROBNOSTI –
7 user registry handles leaked from \Registry\User\S-1-5-21-1793778196-2422288631-436692435-1001:
Process 1020 (\Device\HarddiskVolume4\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-1793778196-2422288631-436692435-1001
Process 1020 (\Device\HarddiskVolume4\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-1793778196-2422288631-436692435-1001
Process 892 (\Device\HarddiskVolume4\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-1793778196-2422288631-436692435-1001\Software\Microsoft\SystemCertificates\Root
Process 1020 (\Device\HarddiskVolume4\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-1793778196-2422288631-436692435-1001\Software\Microsoft\SystemCertificates\Root
Process 1020 (\Device\HarddiskVolume4\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-1793778196-2422288631-436692435-1001\Software\Microsoft\SystemCertificates\SmartCardRoot
Process 892 (\Device\HarddiskVolume4\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-1793778196-2422288631-436692435-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall
Process 1020 (\Device\HarddiskVolume4\Windows\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-1793778196-2422288631-436692435-1001\Software\Microsoft\SystemCertificates\trust

Record Number: 22829
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20140818180911.383000-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

=====Security event log=====

Computer Name: SaraPC
Event Code: 4797
Message: Došlo k pokusu o zadání dotazu na existenci prázdného hesla pro účet.

Subjekt:
ID zabezpečení: S-1-5-21-1793778196-2422288631-436692435-1001
Název účtu: Jobran
Doména účtu: SARAPC
ID přihlášení: 0x8927AA5B

Další informace:
Pracovní stanice volajícího: SARAPC
Název cílového účtu: Guest
Doména cílového účtu: SARAPC
Record Number: 173838
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20150329114218.591659-000
Event Type: Úspěšný audit
User:

Computer Name: SaraPC
Event Code: 4797
Message: Došlo k pokusu o zadání dotazu na existenci prázdného hesla pro účet.

Subjekt:
ID zabezpečení: S-1-5-21-1793778196-2422288631-436692435-1001
Název účtu: Jobran
Doména účtu: SARAPC
ID přihlášení: 0x8927AA5B

Další informace:
Pracovní stanice volajícího: SARAPC
Název cílového účtu: Administrator
Doména cílového účtu: SARAPC
Record Number: 173837
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20150329114218.590658-000
Event Type: Úspěšný audit
User:

Computer Name: SaraPC
Event Code: 4797
Message: Došlo k pokusu o zadání dotazu na existenci prázdného hesla pro účet.

Subjekt:
ID zabezpečení: S-1-5-21-1793778196-2422288631-436692435-1001
Název účtu: Jobran
Doména účtu: SARAPC
ID přihlášení: 0x8927AA5B

Další informace:
Pracovní stanice volajícího: SARAPC
Název cílového účtu: HomeGroupUser$
Doména cílového účtu: SARAPC
Record Number: 173836
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20150329114218.584654-000
Event Type: Úspěšný audit
User:

Computer Name: SaraPC
Event Code: 4797
Message: Došlo k pokusu o zadání dotazu na existenci prázdného hesla pro účet.

Subjekt:
ID zabezpečení: S-1-5-21-1793778196-2422288631-436692435-1001
Název účtu: Jobran
Doména účtu: SARAPC
ID přihlášení: 0x8927AA5B

Další informace:
Pracovní stanice volajícího: SARAPC
Název cílového účtu: Guest
Doména cílového účtu: SARAPC
Record Number: 173835
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20150329114218.584654-000
Event Type: Úspěšný audit
User:

Computer Name: SaraPC
Event Code: 4797
Message: Došlo k pokusu o zadání dotazu na existenci prázdného hesla pro účet.

Subjekt:
ID zabezpečení: S-1-5-21-1793778196-2422288631-436692435-1001
Název účtu: Jobran
Doména účtu: SARAPC
ID přihlášení: 0x8927AA5B

Další informace:
Pracovní stanice volajícího: SARAPC
Název cílového účtu: Administrator
Doména cílového účtu: SARAPC
Record Number: 173834
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20150329114218.583652-000
Event Type: Úspěšný audit
User:

======Environment variables======

"FP_NO_HOST_CHECK"=NO
"USERNAME"=SYSTEM
"ComSpec"=%SystemRoot%\system32\cmd.exe
"TMP"=%SystemRoot%\TEMP
"OS"=Windows_NT
"windir"=%SystemRoot%
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=4
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 69 Stepping 1, GenuineIntel
"PROCESSOR_REVISION"=4501
"Path"=C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Program Files (x86)\AMD APP\bin\x86_64;C:\Program Files (x86)\AMD APP\bin\x86;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Skype\Phone\
"AMDAPPSDKROOT"=C:\Program Files (x86)\AMD APP\

-----------------EOF-----------------

[Márty84]

Zdravim

Priste dejte jen jeden log, konkretne ten prostredni. Kdyz si hned sam odpovite, zapadnete nam a bude dele trvat, nez se nekdo ozve, protoze to pak vypada, ze uz tema nekdo resi. A jelikoz casu je obvykle malo, hledame prednostne temata bez odpovedi.


Stahnete crystal disk info http://sourceforge.jp/projects/crystald ... 5_0_0.zip/
Spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)

Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

[asasina]

Opet jako v predeslem tematu, proc jsem nemohl reagovat drive.

MBAM jsem prave spustil....

----------------------------------------------------------------------------
CrystalDiskInfo 6.5.2 (C) 2008-2015 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 8.1 [6.3 Build 9600] (x64)
Date : 2015/08/23 21:38:58

-- Controller Map ----------------------------------------------------------
+ Intel(R) 8 Series Chipset Family SATA AHCI Controller [ATA]
- ST1000LM024 HN-M101MBB
- HL-DT-ST DVD+-RW GU90N
- Řadič prostorů úložišť [SCSI]

-- Disk List ---------------------------------------------------------------
(1) ST1000LM024 HN-M101MBB : 1000,2 GB [0/0/0, pd1] - st

----------------------------------------------------------------------------
(1) ST1000LM024 HN-M101MBB
----------------------------------------------------------------------------
Model : ST1000LM024 HN-M101MBB
Firmware : 2BA30001
Serial Number : S314J90F289077
Disk Size : 1000,2 GB (8,4/137,4/1000,2/1000,2)
Buffer Size : 16384 KB
Queue Depth : 32
# of Sectors : 1953525168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 6
Transfer Mode : SATA/600 | SATA/600
Power On Hours : 2243 hod.
Power On Count : 1777 krát
Temperature : 40 C (104 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 0080h [OFF]
AAM Level : FE00h [OFF]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _51 000000000058 Počet chyb čtení
02 252 252 __0 000000000000 Průchodnost disku
03 _91 _91 _25 000000000AB3 Čas na roztočení ploten
04 _99 _99 __0 0000000006F9 Počet spuštění/zastavení
05 252 252 _10 000000000000 Počet přemapovaných sektorů
07 252 252 _51 000000000000 Počet chybných hledání
08 252 252 _15 000000000000 Čas potřebný na vyhledání
09 100 100 __0 0000000008C3 Hodin v činnosti
0A 252 252 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 00000000019B Počet pokusů o překalibrování
0C _99 _99 __0 0000000006F1 Počet cyklů zapnutí zařízení
0D 100 100 __0 000000000000 Počet pokusů o softvérové opravení chyb při čtení programů z disku
B5 100 100 __0 00000046E1F4 Specifický pro výrobce
BF 100 100 __0 0000000001ED Počet udalostí zaznamenaných otřesovým senzorem
C0 252 252 __0 000000000000 Počet vypnutí disku
C1 _99 _99 __0 000000002B73 Počet cyklů načítání/vymazání
C2 _60 _56 __0 002D000E0028 Teplota
C3 100 100 __0 000000000000 Počet oprav chybného čtení
C4 252 252 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 252 252 __0 000000000000 Počet podezřelých sektorů
C6 252 252 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 100 __0 000000002C53 Počet chyb při zápisu sektorů
F0 100 100 __0 0000000008C1 Čas nastavování hlaviček - v hodinách
F1 _97 _94 __0 0000004D7DC4 Total Host Writes
F2 _95 _93 __0 00000076AF87 Total Host Reads
FE 252 252 __0 000000000000 Ochrana proti pádu

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2020 5333 3134 4A39 3046 3238 3930 3737
020: 0000 8000 0004 3242 4133 3030 3031 5354 3130 3030
030: 4C4D 3032 3420 484E 2D4D 3130 314D 4242 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0000
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 1F0E 0006 004C 004C
080: 01FF 0028 746B 7F69 6123 7469 BC41 6123 407F 0066
090: 0066 0080 FFFE 0000 FE00 0000 0000 0000 0000 0000
100: 6DB0 7470 0000 0000 0000 0000 4000 0000 5000 4CF2
110: 0C90 E059 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0021 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 1028 0000 4000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 003F 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 103F 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0400 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 C6A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 64 64 58 00 00 00 00 00 00 02 26
010: 00 FC FC 00 00 00 00 00 00 00 03 23 00 5B 5B B3
020: 0A 00 00 00 00 00 04 32 00 63 63 F9 06 00 00 00
030: 00 00 05 33 00 FC FC 00 00 00 00 00 00 00 07 2E
040: 00 FC FC 00 00 00 00 00 00 00 08 24 00 FC FC 00
050: 00 00 00 00 00 00 09 32 00 64 64 C3 08 00 00 00
060: 00 00 0A 32 00 FC FC 00 00 00 00 00 00 00 0B 32
070: 00 64 64 9B 01 00 00 00 00 00 0C 32 00 63 63 F1
080: 06 00 00 00 00 00 0D 3A 00 64 64 00 00 00 00 00
090: 00 00 B5 22 00 64 64 F4 E1 46 00 00 00 00 BF 22
0A0: 00 64 64 ED 01 00 00 00 00 00 C0 22 00 FC FC 00
0B0: 00 00 00 00 00 00 C1 32 00 63 63 73 2B 00 00 00
0C0: 00 00 C2 02 00 3C 38 28 00 0E 00 2D 00 00 C3 3A
0D0: 00 64 64 00 00 00 00 00 00 00 C4 32 00 FC FC 00
0E0: 00 00 00 00 00 00 C5 32 00 FC FC 00 00 00 00 00
0F0: 00 00 C6 30 00 FC FC 00 00 00 00 00 00 00 C7 36
100: 00 C8 C8 00 00 00 00 00 00 00 C8 2A 00 64 64 53
110: 2C 00 00 00 00 00 F0 32 00 64 64 C1 08 00 00 00
120: 00 00 F1 32 00 61 5E C4 7D 4D 00 00 00 00 F2 32
130: 00 5F 5D 87 AF 76 00 00 00 00 FE 32 00 FC FC 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 EC 31 00 5B
170: 03 00 01 00 02 D5 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 21

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 00 00 00 00 00 00 00 00 00 00 02 00
010: 00 00 00 00 00 00 00 00 00 00 03 19 00 00 00 00
020: 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 00
030: 00 00 05 0A 00 00 00 00 00 00 00 00 00 00 07 33
040: 00 00 00 00 00 00 00 00 00 00 08 0F 00 00 00 00
050: 00 00 00 00 00 00 09 00 00 00 00 00 00 00 00 00
060: 00 00 0A 33 00 00 00 00 00 00 00 00 00 00 0B 00
070: 00 00 00 00 00 00 00 00 00 00 0C 00 00 00 00 00
080: 00 00 00 00 00 00 0D 00 00 00 00 00 00 00 00 00
090: 00 00 B5 00 00 00 00 00 00 00 00 00 00 00 BF 00
0A0: 00 00 00 00 00 00 00 00 00 00 C0 00 00 00 00 00
0B0: 00 00 00 00 00 00 C1 00 00 00 00 00 00 00 00 00
0C0: 00 00 C2 00 00 00 00 00 00 00 00 00 00 00 C3 00
0D0: 00 00 00 00 00 00 00 00 00 00 C4 00 00 00 00 00
0E0: 00 00 00 00 00 00 C5 00 00 00 00 00 00 00 00 00
0F0: 00 00 C6 00 00 00 00 00 00 00 00 00 00 00 C7 00
100: 00 00 00 00 00 00 00 00 00 00 C8 00 00 00 00 00
110: 00 00 00 00 00 00 F0 00 00 00 00 00 00 00 00 00
120: 00 00 F1 00 00 00 00 00 00 00 00 00 00 00 F2 00
130: 00 00 00 00 00 00 00 00 00 00 FE 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 A7

[asasina]

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 23. 8. 2015
Čas skenování: 21:22
Protokol:
Správce: Ano

Verze: 2.1.8.1057
Databáze malwaru: v2015.08.23.05
Databáze rootkitů: v2015.08.16.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: Jobran

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 664663
Uplynulý čas: 2 hod, 2 min, 45 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 19
PUP.Optional.WProtectManager.A, C:\ProgramData\yWinManProy\ProtectWindowsManager.exe, 1368, , [f74a31db385337ffa8a6325bb0557a86]
Adware.PennyBee, C:\ProgramData\FazmeSovaf\iwubwsi.exe, 1752, , [f150eb219cefb48210c8d3f35da460a0]
PUP.Optional.Amonetize, C:\Program Files\igfx32\igfx32.exe, 1552, , [79c86ba17a1167cf8afed6f7f70a669a]
Adware.PennyBee, C:\ProgramData\FazmeSovaf\iwubasi.exe, 1868, , [ee5369a3d6b53ef8a830ab1bba477b85]
PUP.Optional.Amonetize, C:\Program Files\igfx32\packages\ea2766fe-20c3-4161-a557-a94778708c8a\NixHost.exe, 3792, , [e45dd834197239fd4b3febe2f011916f]
PUP.Optional.SavePass.A, C:\Program Files (x86)\SavePass 1.1\cc992a36-27ab-4fba-be14-ff16135f8e4a-10.exe, 4368, , [a49dc448305b86b09db7bba9f9080000]
PUP.Optional.CrossRider.A, C:\Program Files (x86)\Cinem Plus 2.4cV18.08\52174193-9835-4b09-a211-861cbfe3291c-1-6.exe, 4444, , [81c066a6cebd989ee7ea85ffe223e41c]
PUP.Optional.SavePass.A, C:\Program Files (x86)\SavePass 1.1\cc992a36-27ab-4fba-be14-ff16135f8e4a-1-6.exe, 4432, , [202135d762299f97530184e05da408f8]
PUP.Optional.CrossRider.A, C:\Program Files (x86)\Cinem Plus 2.4cV18.08\52174193-9835-4b09-a211-861cbfe3291c-10.exe, 4496, , [8ab7fa124447c76f5f722b59ec1937c9]
Adware.PennyBee, C:\ProgramData\FazmeSovaf\iwubdsi.exe, 4972, , [b9883cd03f4cb38333a2b412e21fcf31]
PUP.Optional.Sanbreel.A, C:\Program Files (x86)\Any Angle\bin\AnyAngle.BrowserAdapter.exe, 4520, , [ee538a827516fa3cc3ec7c2ed430916f]
PUP.Optional.Sanbreel.A, C:\Program Files (x86)\Any Angle\bin\AnyAngle.BrowserAdapter64.exe, 4756, , [ee538a827516fa3cc3ec7c2ed430916f]
PUP.Optional.Sanbreel.A, C:\Program Files (x86)\Any Angle\bin\AnyAngle.expext.exe, 5056, , [ee538a827516fa3cc3ec7c2ed430916f]
PUP.Optional.Sanbreel.A, C:\Program Files (x86)\Any Angle\bin\AnyAngle.PurBrowse64.exe, 4212, , [ee538a827516fa3cc3ec7c2ed430916f]
PUP.Optional.Sanbreel.A, C:\Program Files (x86)\Any Angle\bin\utilAnyAngle.exe, 2676, , [ee538a827516fa3cc3ec7c2ed430916f]
PUP.Optional.Sanbreel.A, C:\Program Files (x86)\Any Angle\updateAnyAngle.exe, 2628, , [ee538a827516fa3cc3ec7c2ed430916f]
PUP.Optional.ExtTag.A, C:\ProgramData\ExtTag\ExtTag.exe, 1804, , [5ee360ac7b10f244126fcf4d22e1d42c]
PUP.Optional.Linkury.A, C:\ProgramData\Saophase\Saophase.exe, 2204, , [0a3742ca6a219d99f1426ab1c340fa06]
PUP.Optional.ExtTag.F, C:\ProgramData\ExtTag\KanTop.exe, 3036, , [be83719bb4d71323c7bdd64302010000]

Moduly: 15
Adware.PennyBee, C:\ProgramData\FazmeSovaf\iwub3si.dll, , [e55c3ad23457d75f21b6a224fb06f30d],
Adware.PennyBee, C:\ProgramData\FazmeSovaf\iwub3si.dll, , [e55c3ad23457d75f21b6a224fb06f30d],
Adware.PennyBee, C:\ProgramData\FazmeSovaf\iwub3si.dll, , [e55c3ad23457d75f21b6a224fb06f30d],
Adware.PennyBee, C:\ProgramData\FazmeSovaf\iwub3si.dll, , [e55c3ad23457d75f21b6a224fb06f30d],
Adware.PennyBee, C:\ProgramData\FazmeSovaf\iwub3si.dll, , [e55c3ad23457d75f21b6a224fb06f30d],
Adware.PennyBee, C:\ProgramData\FazmeSovaf\iwub3si.dll, , [e55c3ad23457d75f21b6a224fb06f30d],
Adware.PennyBee, C:\ProgramData\FazmeSovaf\iwub3si.dll, , [e55c3ad23457d75f21b6a224fb06f30d],
Adware.PennyBee, C:\ProgramData\FazmeSovaf\iwub3si.dll, , [e55c3ad23457d75f21b6a224fb06f30d],
Adware.PennyBee, C:\ProgramData\FazmeSovaf\iwub3si.dll, , [e55c3ad23457d75f21b6a224fb06f30d],
Adware.PennyBee, C:\ProgramData\FazmeSovaf\iwub3si.dll, , [e55c3ad23457d75f21b6a224fb06f30d],
Adware.PennyBee, C:\ProgramData\FazmeSovaf\iwub3si.dll, , [e55c3ad23457d75f21b6a224fb06f30d],
Adware.PennyBee, C:\ProgramData\FazmeSovaf\iwub3si.dll, , [e55c3ad23457d75f21b6a224fb06f30d],
Adware.PennyBee, C:\ProgramData\FazmeSovaf\iwub3si.dll, , [e55c3ad23457d75f21b6a224fb06f30d],
Adware.PennyBee, C:\ProgramData\FazmeSovaf\iwub3si.dll, , [e55c3ad23457d75f21b6a224fb06f30d],
PUP.Optional.Sanbreel.A, C:\Program Files (x86)\Any Angle\bin\2880.dll, , [ee538a827516fa3cc3ec7c2ed430916f],

Klíče registru: 239
PUP.Optional.WProtectManager.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WindowsMangerProtect, , [f74a31db385337ffa8a6325bb0557a86],
Adware.PennyBee, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\delsaknohc, , [f150eb219cefb48210c8d3f35da460a0],
PUP.Optional.Amonetize, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\igfx32, , [79c86ba17a1167cf8afed6f7f70a669a],
Adware.PennyBee, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\joduojox, , [ee5369a3d6b53ef8a830ab1bba477b85],
PUP.Optional.ModGoog, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\globalUpdate, , [0c356ba1a4e7280ee0cccbc326dbff01],
PUP.Optional.ModGoog, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\globalUpdatem, , [0c356ba1a4e7280ee0cccbc326dbff01],
PUP.Optional.ModGoog, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GLOBALUPDATE.EXE, , [0c356ba1a4e7280ee0cccbc326dbff01],
PUP.Optional.ModGoog, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GLOBALUPDATE.EXE, , [0c356ba1a4e7280ee0cccbc326dbff01],
PUP.Optional.BrowseFox.A, HKLM\SOFTWARE\CLASSES\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}, , [350c0b010f7c999d3cc801d232d0ee12],
PUP.Optional.BrowseFox.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}, , [350c0b010f7c999d3cc801d232d0ee12],
PUP.Optional.BrowseFox.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}, , [350c0b010f7c999d3cc801d232d0ee12],
PUP.Optional.AnyAngle.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{366b9177-c297-461a-b3c5-f6cbe298bb39}, , [74cdd4384a414ee8663718bf689ab44c],
PUP.Optional.AnyAngle.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{366b9177-c297-461a-b3c5-f6cbe298bb39}, , [74cdd4384a414ee8663718bf689ab44c],
PUP.Optional.AnyAngle.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{a161dec4-c932-4a0c-97a8-caa7af0a5aa1}, , [74cdd4384a414ee8663718bf689ab44c],
PUP.Optional.AnyAngle.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{B24E0BDA-6F36-4536-9550-143641B5FD78}, , [74cdd4384a414ee8663718bf689ab44c],
PUP.Optional.AnyAngle.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{B24E0BDA-6F36-4536-9550-143641B5FD78}, , [74cdd4384a414ee8663718bf689ab44c],
PUP.Optional.AnyAngle.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{B24E0BDA-6F36-4536-9550-143641B5FD78}, , [74cdd4384a414ee8663718bf689ab44c],
PUP.Optional.AnyAngle.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{a161dec4-c932-4a0c-97a8-caa7af0a5aa1}, , [74cdd4384a414ee8663718bf689ab44c],
PUP.Optional.AnyAngle.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{a161dec4-c932-4a0c-97a8-caa7af0a5aa1}, , [74cdd4384a414ee8663718bf689ab44c],
PUP.Optional.AnyAngle.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{366B9177-C297-461A-B3C5-F6CBE298BB39}, , [74cdd4384a414ee8663718bf689ab44c],
PUP.Optional.AnyAngle.A, HKU\S-1-5-21-1793778196-2422288631-436692435-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{366B9177-C297-461A-B3C5-F6CBE298BB39}, , [74cdd4384a414ee8663718bf689ab44c],
PUP.Optional.AnyAngle.A, HKU\S-1-5-21-1793778196-2422288631-436692435-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{366B9177-C297-461A-B3C5-F6CBE298BB39}, , [74cdd4384a414ee8663718bf689ab44c],
PUP.Optional.BrowseFox, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Any Angle, , [a49df7154447c076226a9410748db34d],
PUP.Optional.Downloader.C, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Cinem Plus 2.4cV18.08, , [5fe25bb1b1dac175c7661c9c8978fe02],
PUP.Optional.LiveIStream.A, HKU\S-1-5-21-1793778196-2422288631-436692435-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Liveistream, , [c77ab25a22691a1c9a61b996d8280ff1],
PUP.Optional.Multiplug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{53B21E29-3967-C332-57EB-C02631658584}, , [a49d7e8e94f7cb6b59c0ef8b80815ba5],
PUP.Optional.ModGoog, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, , [093835d77417af877834a0eebb46de22],
PUP.Optional.ModGoog, HKLM\SOFTWARE\CLASSES\globalUpdate.OneClickCtrl.10, , [093835d77417af877834a0eebb46de22],
PUP.Optional.ModGoog, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdate.OneClickCtrl.10, , [093835d77417af877834a0eebb46de22],
PUP.Optional.ModGoog, HKLM\SOFTWARE\CLASSES\WOW6432NODE\globalUpdate.OneClickCtrl.10, , [093835d77417af877834a0eebb46de22],
PUP.Optional.ModGoog, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, , [093835d77417af877834a0eebb46de22],
PUP.Optional.ModGoog, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, , [093835d77417af877834a0eebb46de22],
PUP.Optional.ModGoog, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, , [093835d77417af877834a0eebb46de22],
PUP.Optional.ModGoog, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, , [093835d77417af877834a0eebb46de22],
PUP.Optional.ModGoog, HKLM\SOFTWARE\CLASSES\globalUpdate.Update3WebControl.4, , [093835d77417af877834a0eebb46de22],
PUP.Optional.ModGoog, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdate.Update3WebControl.4, , [093835d77417af877834a0eebb46de22],
PUP.Optional.ModGoog, HKLM\SOFTWARE\CLASSES\WOW6432NODE\globalUpdate.Update3WebControl.4, , [093835d77417af877834a0eebb46de22],
PUP.Optional.ModGoog, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, , [093835d77417af877834a0eebb46de22],
PUP.Optional.ModGoog, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, , [093835d77417af877834a0eebb46de22],
PUP.Optional.ModGoog, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, , [093835d77417af877834a0eebb46de22],
PUP.Optional.ModGoog, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}, , [99a8729a7e0ddb5ba7055c32a85902fe],
PUP.Optional.ModGoog, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}, , [99a8729a7e0ddb5ba7055c32a85902fe],
PUP.Optional.ModGoog, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}, , [99a8729a7e0ddb5ba7055c32a85902fe],
PUP.Optional.ModGoog, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}, , [99a8729a7e0ddb5ba7055c32a85902fe],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\SavePass 1.1, , [57eaef1dec9f9e98b317919155aea45c],
PUP.Optional.Sanbreel.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\{28803afb-6271-4e62-a0ec-a2153e9476d3}Gw64, , [da672ae2e2a958de3ad17dce976c9d63],
PUP.Optional.Sanbreel.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\{e1d565c0-fd02-442e-a0f3-6ab17899a188}Gw64, , [8eb3fe0ec0cb12248487d9727291a25e],
PUP.Optional.TakeTheCoupon.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{A6918429-4197-42E6-A4AC-742073A9BCBB}, , [8db425e7ed9e0531a8d3792ca460ba46],
PUP.Optional.TakeTheCoupon.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{016CD3A8-EE64-46DC-92BF-77D714E5BF12}, , [8db425e7ed9e0531a8d3792ca460ba46],
PUP.Optional.TakeTheCoupon.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{1F445155-F9BC-4F5C-A65F-551D3A2BC38D}, , [8db425e7ed9e0531a8d3792ca460ba46],
PUP.Optional.TakeTheCoupon.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{B6A5E3C8-1C9F-4F57-A3DC-2F64D7B1E2E3}, , [8db425e7ed9e0531a8d3792ca460ba46],
PUP.Optional.TakeTheCoupon.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{DF2FB4FF-115F-4A88-9757-9CFBA45C4BC4}, , [8db425e7ed9e0531a8d3792ca460ba46],
PUP.Optional.TakeTheCoupon.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{016CD3A8-EE64-46DC-92BF-77D714E5BF12}, , [8db425e7ed9e0531a8d3792ca460ba46],
PUP.Optional.TakeTheCoupon.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{1F445155-F9BC-4F5C-A65F-551D3A2BC38D}, , [8db425e7ed9e0531a8d3792ca460ba46],
PUP.Optional.TakeTheCoupon.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{B6A5E3C8-1C9F-4F57-A3DC-2F64D7B1E2E3}, , [8db425e7ed9e0531a8d3792ca460ba46],
PUP.Optional.TakeTheCoupon.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{DF2FB4FF-115F-4A88-9757-9CFBA45C4BC4}, , [8db425e7ed9e0531a8d3792ca460ba46],
PUP.Optional.TakeTheCoupon.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{016CD3A8-EE64-46DC-92BF-77D714E5BF12}, , [8db425e7ed9e0531a8d3792ca460ba46],
PUP.Optional.TakeTheCoupon.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{1F445155-F9BC-4F5C-A65F-551D3A2BC38D}, , [8db425e7ed9e0531a8d3792ca460ba46],
PUP.Optional.TakeTheCoupon.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{B6A5E3C8-1C9F-4F57-A3DC-2F64D7B1E2E3}, , [8db425e7ed9e0531a8d3792ca460ba46],
PUP.Optional.TakeTheCoupon.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{DF2FB4FF-115F-4A88-9757-9CFBA45C4BC4}, , [8db425e7ed9e0531a8d3792ca460ba46],
PUP.Optional.TakeTheCoupon.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{A6918429-4197-42E6-A4AC-742073A9BCBB}, , [8db425e7ed9e0531a8d3792ca460ba46],
PUP.Optional.TakeTheCoupon.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{A6918429-4197-42E6-A4AC-742073A9BCBB}, , [8db425e7ed9e0531a8d3792ca460ba46],
PUP.Optional.TakeTheCoupon.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{ED02167F-65C6-40D3-84E6-FDAF7599E33D}, , [8db425e7ed9e0531a8d3792ca460ba46],
PUP.Optional.TakeTheCoupon.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{ED02167F-65C6-40D3-84E6-FDAF7599E33D}, , [8db425e7ed9e0531a8d3792ca460ba46],
PUP.Optional.TakeTheCoupon.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{ED02167F-65C6-40D3-84E6-FDAF7599E33D}, , [8db425e7ed9e0531a8d3792ca460ba46],
PUP.Optional.TakeTheCoupon.A, HKLM\SOFTWARE\CLASSES\PED02167F_65C6_40D3_84E6_FDAF7599E33D_.PED02167F_65C6_40D3_84E6_FDAF7599E33D_, , [8db425e7ed9e0531a8d3792ca460ba46],
PUP.Optional.TakeTheCoupon.A, HKLM\SOFTWARE\CLASSES\PED02167F_65C6_40D3_84E6_FDAF7599E33D_.PED02167F_65C6_40D3_84E6_FDAF7599E33D_.9, , [8db425e7ed9e0531a8d3792ca460ba46],
PUP.Optional.TakeTheCoupon.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\PED02167F_65C6_40D3_84E6_FDAF7599E33D_.PED02167F_65C6_40D3_84E6_FDAF7599E33D_, , [8db425e7ed9e0531a8d3792ca460ba46],
PUP.Optional.TakeTheCoupon.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\PED02167F_65C6_40D3_84E6_FDAF7599E33D_.PED02167F_65C6_40D3_84E6_FDAF7599E33D_.9, , [8db425e7ed9e0531a8d3792ca460ba46],
PUP.Optional.TakeTheCoupon.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\PED02167F_65C6_40D3_84E6_FDAF7599E33D_.PED02167F_65C6_40D3_84E6_FDAF7599E33D_, , [8db425e7ed9e0531a8d3792ca460ba46],
PUP.Optional.TakeTheCoupon.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\PED02167F_65C6_40D3_84E6_FDAF7599E33D_.PED02167F_65C6_40D3_84E6_FDAF7599E33D_.9, , [8db425e7ed9e0531a8d3792ca460ba46],
PUP.Optional.TakeTheCoupon.A, HKLM\SOFTWARE\CLASSES\CLSID\{ED02167F-65C6-40D3-84E6-FDAF7599E33D}, , [8db425e7ed9e0531a8d3792ca460ba46],
PUP.Optional.TakeTheCoupon.A, HKLM\SOFTWARE\CLASSES\CLSID\{ED02167F-65C6-40D3-84E6-FDAF7599E33D}\INPROCSERVER32, , [8db425e7ed9e0531a8d3792ca460ba46],
PUP.Optional.TakeTheCoupon.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{ED02167F-65C6-40D3-84E6-FDAF7599E33D}, , [8db425e7ed9e0531a8d3792ca460ba46],
PUP.Optional.TakeTheCoupon.A, HKU\S-1-5-21-1793778196-2422288631-436692435-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{ED02167F-65C6-40D3-84E6-FDAF7599E33D}, , [8db425e7ed9e0531a8d3792ca460ba46],
PUP.Optional.TakeTheCoupon.A, HKU\S-1-5-21-1793778196-2422288631-436692435-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{ED02167F-65C6-40D3-84E6-FDAF7599E33D}, , [8db425e7ed9e0531a8d3792ca460ba46],
PUP.Optional.TakeTheCoupon.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{ED02167F-65C6-40D3-84E6-FDAF7599E33D}, , [8db425e7ed9e0531a8d3792ca460ba46],
PUP.Optional.TakeTheCoupon.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{ED02167F-65C6-40D3-84E6-FDAF7599E33D}, , [8db425e7ed9e0531a8d3792ca460ba46],
PUP.Optional.Sanbreel.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}, , [ee538a827516fa3cc3ec7c2ed430916f],
PUP.Optional.Sanbreel.A, HKLM\SOFTWARE\CLASSES\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}, , [ee538a827516fa3cc3ec7c2ed430916f],
PUP.Optional.Sanbreel.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}, , [ee538a827516fa3cc3ec7c2ed430916f],
PUP.Optional.Sanbreel.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}, , [ee538a827516fa3cc3ec7c2ed430916f],
PUP.Optional.Sanbreel.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}, , [ee538a827516fa3cc3ec7c2ed430916f],
PUP.Optional.Sanbreel.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}, , [ee538a827516fa3cc3ec7c2ed430916f],
PUP.Optional.Sanbreel.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}, , [ee538a827516fa3cc3ec7c2ed430916f],
PUP.Optional.Sanbreel.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}, , [ee538a827516fa3cc3ec7c2ed430916f],
PUP.Optional.Sanbreel.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}, , [ee538a827516fa3cc3ec7c2ed430916f],
PUP.Optional.Sanbreel.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}, , [ee538a827516fa3cc3ec7c2ed430916f],
PUP.Optional.Sanbreel.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}, , [ee538a827516fa3cc3ec7c2ed430916f],
PUP.Optional.Sanbreel.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}, , [ee538a827516fa3cc3ec7c2ed430916f],
PUP.Optional.Sanbreel.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Util Any Angle, , [ee538a827516fa3cc3ec7c2ed430916f],
PUP.Optional.Sanbreel.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update Any Angle, , [ee538a827516fa3cc3ec7c2ed430916f],
PUP.Optional.HighDefAction.A, HKLM\SOFTWARE\HighDefAction, , [d56c828af19a0a2c21360d9dfe06e61a],
PUP.Optional.SpeedChecker.PrxySvrRST, HKLM\SOFTWARE\Speedchecker Limited, , [da678785c4c74fe7ffcdd36320e36799],
PUP.Optional.YorkNewCin.A, HKLM\SOFTWARE\YorkNewCin, , [1d24de2e672446f06200416919ebc739],
PUP.Optional.CinemaPlus.C, HKLM\SOFTWARE\ARENAHD, , [2c1550bceaa1fc3a9db93274f50f42be],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdate.OneClickProcessLauncherMachine, , [e958fb1182093df9e1daa8fb6e96ad53],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdate.OneClickProcessLauncherMachine.1.0, , [c37eb656b3d89c9adedd1f843cc8c838],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CoCreateAsync, , [68d94fbda8e37fb7c4f8d5cee71d8a76],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CoCreateAsync.1.0, , [7ac704084a4142f4e9d3aef53fc5a957],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CoreClass, , [d66b34d81972bc7afdbf495a36ce17e9],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CoreClass.1, , [be83e42892f9b581bb01a9fa7292a25e],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CoreMachineClass, , [97aa50bcd5b68aacc6f6356e897bff01],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CoreMachineClass.1, , [033e61abf09b58dee1dbe2c13acad22e],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CredentialDialogMachine, , [b1909478e8a34cea2a92881b3dc751af],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CredentialDialogMachine.1.0, , [330ee5272467191d5a62f4af0ef6c33d],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.OnDemandCOMClassMachine, , [7fc218f40b808fa703b9c2e149bb03fd],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.OnDemandCOMClassMachine.1.0, , [e9580705f695b87e318b267df0144eb2],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.OnDemandCOMClassMachineFallback, , [fb46e02cafdcb87e9d1ff8ab6e960ef2],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0, , [90b1b05c711a79bd992352513dc7e719],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.OnDemandCOMClassSvc, , [e25f947894f754e226964d5608fc31cf],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.OnDemandCOMClassSvc.1.0, , [80c1a26a75169f971ca0a3004abaf10f],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.ProcessLauncher, , [7cc5c448f794bb7be0dc1093bc48b749],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.ProcessLauncher.1.0, , [49f878947a119b9bd4e8ffa414f053ad],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3COMClassService, , [b190d13b791274c29d1f6a3957adf709],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3COMClassService.1.0, , [8cb53ad20d7e74c2f8c4a3001de7956b],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3WebMachine, , [6dd45daf95f6bf77803c445f4db7fa06],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3WebMachine.1.0, , [ea57bc50860548ee5864158e2dd72ed2],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3WebMachineFallback, , [5ae77c90246755e1c1fbbee5ff05ce32],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3WebMachineFallback.1.0, , [1c25927a2467ef472d8f8023e51fa858],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3WebSvc, , [ae93c448bbd06fc7ab118d165ca8d52b],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3WebSvc.1.0, , [bb86d33926651422b20a4063a75d867a],
PUP.Optional.PCSpeedUp.C, HKLM\SOFTWARE\CLASSES\PCSU.Registry, , [e160e12b8dfe989e86ecab0516ee12ee],
PUP.Optional.PCSpeedUp.C, HKLM\SOFTWARE\CLASSES\PCSU.Registry.1, , [033ebb51ddaea09676fc763ada2a857b],
PUP.Optional.GlobalUpdate.C, HKLM\SOFTWARE\CLASSES\APPID\GLOBALUPDATE.EXE, , [1928db31682388ae3e8e0c9bad5726da],
PUP.Optional.GlobalUpdate.C, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\GLOBALUPDATE.EXE, , [cd7425e7aedd95a19339ffa8030114ec],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\29777, , [340d51bbe2a939fdb20e9fc0996af010],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\30935, , [340d9a724a412214724e5a0540c3ba46],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\52174193-9835-4b09-a211-861cbfe3291c-1-6, , [eb5645c7b0dbbd79f7edef2fac57cb35],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\52174193-9835-4b09-a211-861cbfe3291c-1-7, , [61e07399682353e38d5786982cd7817f],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\52174193-9835-4b09-a211-861cbfe3291c-10_user, , [5fe235d706855fd7865ec559ac577e82],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\52174193-9835-4b09-a211-861cbfe3291c-5, , [84bd59b32e5d0c2aebf9f42a0ef551af],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\52174193-9835-4b09-a211-861cbfe3291c-5_user, , [9ca518f46f1cd75f667e56c813f0d62a],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\cc992a36-27ab-4fba-be14-ff16135f8e4a-1-6, , [82bfaf5df596a5914e96d14dfd06ed13],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\cc992a36-27ab-4fba-be14-ff16135f8e4a-1-7, , [95ace32962293ef88b5933ebb94a649c],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\cc992a36-27ab-4fba-be14-ff16135f8e4a-10_user, , [251ce527206bf34340a4f8262dd67c84],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\cc992a36-27ab-4fba-be14-ff16135f8e4a-5, , [fa478587a5e6b4829f4560be9c676997],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\cc992a36-27ab-4fba-be14-ff16135f8e4a-5_user, , [b09106062b6085b184600816976c758b],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\globalUpdateUpdateTaskMachineCore, , [d1706ba1b6d542f466e26eb18f744bb5],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\globalUpdateUpdateTaskMachineUA, , [93ae3fcd1774f83efb4e4cd3c04351af],
PUP.Optional.PCSpeedUp.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\PC SpeedUp Service Deactivator, , [3908828a6427ed496fde98854bb8c937],
PUP.Optional.Linkury.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\snp, , [b78a14f8563569cd3aae8696867da25e],
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE, , [58e936d63e4d58de380576354cb8bc44],
PUP.Optional.AnyAngle.A, HKLM\SOFTWARE\WOW6432NODE\Any Angle, , [91b0e9236a214aec13e61f8957ade41c],
PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\WOW6432NODE\AskPartnerNetwork, , [c180ef1dff8c52e42ce850d25fa46a96],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\Cinem Plus 2.4cV18.08, , [eb565daf741748ee081878b6659e47b9],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\Cinem Plus 2.4cV18.08-nv-ie, , [6fd2cc40becd37ff0d139a9460a3d828],
PUP.Optional.HighDefAction.A, HKLM\SOFTWARE\WOW6432NODE\HighDefAction, , [221f0705f497be78b99ea20810f4ed13],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\Iminent, , [8eb38f7d167587af206f79f0897a26da],
PUP.Optional.IStartSurf.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\istartsurfSoftware, , [ee53ee1e5c2f2412f8ae49fed033b14f],
PUP.Optional.SavePass.A, HKLM\SOFTWARE\WOW6432NODE\SavePass 1.1, , [d76a35d7dbb054e2b4715fe9bd463dc3],
PUP.Optional.SavePass.A, HKLM\SOFTWARE\WOW6432NODE\SavePass 1.1-nv-ie, , [8fb2d8348308f244d451d672e81b7c84],
PUP.Optional.SpeedChecker.PrxySvrRST, HKLM\SOFTWARE\WOW6432NODE\Speedchecker Limited, , [2a1756b6ec9fd4622ca057df3ec5d62a],
PUP.Optional.WPM.A, HKLM\SOFTWARE\WOW6432NODE\supWindowsMangerProtect, , [f8490507bad15bdb3ccf8d08b153f10f],
PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\WajIntEnhance, , [a39e55b7810a58de1a331719d82b26da],
PUP.Optional.YorkNewCin.A, HKLM\SOFTWARE\WOW6432NODE\YorkNewCin, , [51f056b695f6be7875ed7a302bd95aa6],
PUP.Optional.CrossRider.C, HKLM\SOFTWARE\WOW6432NODE\APPDATALOW\SOFTWARE\Crossrider, , [5ee3b5577f0cc1756e58cc579f640df3],
PUP.Optional.CinemaPlus.C, HKLM\SOFTWARE\WOW6432NODE\ARENAHD, , [57ea54b8315ac4721640277f7c882cd4],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdate.OneClickProcessLauncherMachine, , [9ca59a72f596e35327942a79f60e9e62],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdate.OneClickProcessLauncherMachine.1.0, , [86bbce3ee7a4e4521c9f4d56c1432ad6],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.CoCreateAsync, , [4ef3fe0e4b40e353bb01c7dcfa0a6799],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.CoCreateAsync.1.0, , [e35e13f97d0e9e9807b57e25e61e916f],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.CoreClass, , [1b262fdda3e820161aa2356e21e35ea2],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.CoreClass.1, , [004104082863c96d6a52a00320e415eb],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.CoreMachineClass, , [89b8cf3dafdca59123993e65df250cf4],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.CoreMachineClass.1, , [0b36e824dcaf112507b58023ac588a76],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.CredentialDialogMachine, , [014097751c6fa0963d7fcfd4689c14ec],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.CredentialDialogMachine.1.0, , [a59c8389e8a39d9901bb891adb297b85],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.OnDemandCOMClassMachine, , [48f927e58ffcd066f9c3079c5fa5b14f],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.OnDemandCOMClassMachine.1.0, , [bf82e6268803eb4b7e3e1f8492725ea2],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.OnDemandCOMClassMachineFallback, , [023f0804820959ddae0e8c17bb49837d],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0, , [073a7a926f1c57dfa715c3e0778d7888],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.OnDemandCOMClassSvc, , [142d0efe9dee0c2ac0fcb9eacc38d52b],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.OnDemandCOMClassSvc.1.0, , [2819927a9cef84b25d5f723154b07888],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.ProcessLauncher, , [330ea16be8a349edb20abee5cc381be5],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.ProcessLauncher.1.0, , [043d1af23457d75f58641192bc4807f9],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.Update3COMClassService, , [5ee3ce3ef299c96d5666ffa420e46d93],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.Update3COMClassService.1.0, , [340dbb51612a40f6bc00693a6c980ef2],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.Update3WebMachine, , [cf72dc3017744cea4a727a298a7af808],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.Update3WebMachine.1.0, , [e061a369a4e7ab8b625accd7c83cdd23],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.Update3WebMachineFallback, , [2918ba52137839fd87358d16f410e61a],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.Update3WebMachineFallback.1.0, , [43fe7498d0bbe0565765c1e282828977],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.Update3WebSvc, , [3e03d13b8ffc2e0834882e754db7b44c],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.Update3WebSvc.1.0, , [76cb8d7f345793a38c30d7cc778dd030],
PUP.Optional.PCSpeedUp.C, HKLM\SOFTWARE\WOW6432NODE\CLASSES\PCSU.Registry, , [e75a8b817d0e50e6145e565ac73d4db3],
PUP.Optional.PCSpeedUp.C, HKLM\SOFTWARE\WOW6432NODE\CLASSES\PCSU.Registry.1, , [65dc5bb1c6c50036dc967f31ba4a8f71],
PUP.Optional.GlobalUpdate.C, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\GLOBALUPDATE.EXE, , [3e0393795c2f8caa26a6327517edd030],
PUP.Optional.GlobalUpdate.C, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATE\Clients, , [97aa46c6f89382b42083d9d0897b8c74],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\INSTALLEDBROWSEREXTENSIONS\29777, , [9fa268a47318fb3b5769fd62ba4937c9],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\INSTALLEDBROWSEREXTENSIONS\30935, , [98a995779af19e980fb1114ee023cf31],
PUP.Optional.Linkury.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\IELNKSRCH, , [df62aa62038824128986b003c83c847c],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IMBoosterARP, , [271a56b6e5a60e2887f737f649bad927],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IminentToolbar, , [76cbb458e1aa63d3730a76b723e0f10f],
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\istartsurf uninstall, , [58e947c5b1da6fc7c8718a92b053da26],
PUP.Optional.Vosteran, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Vosteran.com, , [c67b907c4e3de551528e9aa05ba88e72],
PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WajIntEnhance, , [063b878577144de963196fbe18eb18e8],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{c5ff9f61}, , [7dc4f814b8d3f83e4d8a4f5a11f307f9],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=10, , [2f1231dba6e54ee892b93d5ae81c837d],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=4, , [340da86434578bab67e50b8cb450fe02],
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE, , [57ea7d8f9bf076c043fa288356aeff01],
PUP.Optional.Somoto.A, HKLM\SOFTWARE\WOW6432NODE\SEARCHULT, , [10316d9f404b62d4181313a3ff0519e7],
PUP.Optional.PCSpeedUp.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\PCSUUCDRV, , [bb865ab2d3b87eb8f66bfcb01ee605fb],
PUP.Optional.WindowsMangerProtect.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\WindowsMangerProtect, , [4cf5b25a0388ec4a29f41a232bd813ed],
PUP.Optional.ExtTag.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EXTTAG, , [5ee360ac7b10f244126fcf4d22e1d42c],
PUP.Optional.Linkury.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SAOPHASE, , [0a3742ca6a219d99f1426ab1c340fa06],
PUP.Optional.CrossRider.A, HKU\S-1-5-18\SOFTWARE\Cinem Plus 2.4cV18.08-nv-ie, , [58e9a5676d1e3303e140ea44847fae52],
PUP.Optional.SavePass.A, HKU\S-1-5-18\SOFTWARE\SavePass 1.1-nv-ie, , [a59c28e498f30d29b47270d849baac54],
PUP.Optional.Crossrider.C, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\_CrossriderRegNamePlaceHolder_, , [82bf40cc1576ce68e9704a5cf50f4db3],
PUP.Optional.AnyAngle.A, HKU\S-1-5-21-1793778196-2422288631-436692435-1001\SOFTWARE\Any Angle, , [f54cd5370a81ff3767913e6a11f32bd5],
PUP.Optional.APNToolBar.Gen, HKU\S-1-5-21-1793778196-2422288631-436692435-1001\SOFTWARE\AskPartnerNetwork, , [5be686865a31ce6855bedb4756ad5da3],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1793778196-2422288631-436692435-1001\SOFTWARE\Cinem Plus 2.4cV18.08, , [301146c6810a73c3968bce60bd46e719],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1793778196-2422288631-436692435-1001\SOFTWARE\Cinem Plus 2.4cV18.08-nv-ie, , [98a9e62645460c2a839eb27c63a0d22e],
PUP.Optional.HighDefAction.A, HKU\S-1-5-21-1793778196-2422288631-436692435-1001\SOFTWARE\HighDefAction, , [9ba656b6c1cacc6a36200f9b04006c94],
PUP.Optional.HomeTab.A, HKU\S-1-5-21-1793778196-2422288631-436692435-1001\SOFTWARE\HomeTab, , [2b16a963e5a6e254a860a1b45ea5946c],
PUP.Optional.SavePass.A, HKU\S-1-5-21-1793778196-2422288631-436692435-1001\SOFTWARE\SavePass 1.1, , [97aa0efe2a6178be42e426229e65847c],
PUP.Optional.SavePass.A, HKU\S-1-5-21-1793778196-2422288631-436692435-1001\SOFTWARE\SavePass 1.1-nv-ie, , [291845c754372b0be4420246d52e8c74],
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-1793778196-2422288631-436692435-1001\SOFTWARE\SearchProtectWS, , [251c6d9fdead3600a6da082534cf946c],
PUP.Optional.TNT.A, HKU\S-1-5-21-1793778196-2422288631-436692435-1001\SOFTWARE\TNT2, , [b78a838989021e18150d7fb0cb380af6],
PUP.Optional.Wajam.A, HKU\S-1-5-21-1793778196-2422288631-436692435-1001\SOFTWARE\WajIEnhance, , [18295bb1b6d51620769fd85dfa09f30d],
PUP.Optional.Wajam.A, HKU\S-1-5-21-1793778196-2422288631-436692435-1001\SOFTWARE\WajIntEnhance, , [e25fc84498f3d95df757929e49ba17e9],
PUP.Optional.YorkNewCin.A, HKU\S-1-5-21-1793778196-2422288631-436692435-1001\SOFTWARE\YorkNewCin, , [cc756e9e49425fd7adb401a913f1f907],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1793778196-2422288631-436692435-1001\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, , [9ba661ab6823ec4abf331a737e863ac6],
PUP.Optional.CinemaPlus.C, HKU\S-1-5-21-1793778196-2422288631-436692435-1001\SOFTWARE\ARENAHD, , [47fadf2d2b605cda82d36c3ac53fc13f],
PUP.Optional.GlobalUpdate.C, HKU\S-1-5-21-1793778196-2422288631-436692435-1001\SOFTWARE\GLOBALUPDATE\UPDATE\PROXY, , [ce73917b008b00360bd872b3a0631ee2],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1793778196-2422288631-436692435-1001\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\29777, , [86bb31dbbbd03303fe2b8fb4f80b2ed2],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1793778196-2422288631-436692435-1001\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\30935, , [77ca65a71f6c6dc99297a1a2c142fc04],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1793778196-2422288631-436692435-1001\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\Cinema Plus ProV18.08, , [8fb29478652654e221ffa89157acff01],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1793778196-2422288631-436692435-1001\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\OB, , [43fe58b4d4b778be058973be48bb19e7],
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-1793778196-2422288631-436692435-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{IELNKSRCH}, , [53ee0507cebdcb6b9f34b16ec83b936d],
PUP.Optional.IStartSurf.ShrtCln, HKU\S-1-5-21-1793778196-2422288631-436692435-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, , [d1700309d0bbac8a347feab7cd37b34d],
PUP.Optional.Iminent.A, HKU\S-1-5-21-1793778196-2422288631-436692435-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IMBoosterARP, , [132e60acd2b961d5bb718d9dda29b050],
PUP.Optional.Iminent.A, HKU\S-1-5-21-1793778196-2422288631-436692435-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IminentToolbar, , [0e33bd4f16751521a98431f945be619f],
PUP.Optional.Linkey.A, HKU\S-1-5-21-1793778196-2422288631-436692435-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Linkey, , [0c352ddf4744aa8c88a6fe2cf50eeb15],
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-1793778196-2422288631-436692435-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\SearchProtect, , [64dd808ca1ea1125509c05a03cc89b65],
PUP.Optional.Vosteran.A, HKU\S-1-5-21-1793778196-2422288631-436692435-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Vosteran.com, , [52ef65a77d0ee74fa48b2109a65d17e9],
PUP.Optional.Wajam.A, HKU\S-1-5-21-1793778196-2422288631-436692435-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WajIntEnhance, , [2819bf4dabe01521c56bb2780ff417e9],
PUP.Optional.OutBrowse.A, HKU\S-1-5-21-1793778196-2422288631-436692435-1001\SOFTWARE\OB, , [61e059b3c9c244f2c3148531e12304fc],
PUP.Optional.HomeTab.A, HKU\S-1-5-21-1793778196-2422288631-436692435-1001\SOFTWARE\SIMPLYTECH\HomeTab, , [7fc262aa8dfe92a4db12e18437cca25e],
PUP.Optional.PCSpeedUp.A, HKU\S-1-5-21-1793778196-2422288631-436692435-1001\SOFTWARE\SPEEDCHECKER LIMITED\PC Speed Up, , [ab96b7552863d264d887d8d46c98bb45],

Hodnoty registru: 32
PUP.Optional.CinemaPlus.C, HKLM\SOFTWARE\ARENAHD|value, 1, , [2c1550bceaa1fc3a9db93274f50f42be]
PUP.Optional.GlobalUpdate.C, HKLM\SOFTWARE\CLASSES\APPID\GLOBALUPDATE.EXE|AppID, {3278F5CF-48F3-4253-A6BB-004CE84AF492}, , [1928db31682388ae3e8e0c9bad5726da]
PUP.Optional.GlobalUpdate.C, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\GLOBALUPDATE.EXE|AppID, {3278F5CF-48F3-4253-A6BB-004CE84AF492}, , [cd7425e7aedd95a19339ffa8030114ec]
PUP.Optional.PCTuner.C, HKLM\SOFTWARE\HIGHDEFACTION|value, 1, , [bb8648c4fb90b284f26fe5c151b329d7]
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, , [58e936d63e4d58de380576354cb8bc44]
PUP.Optional.CinemaPlus.C, HKLM\SOFTWARE\WOW6432NODE\ARENAHD|value, 1, , [57ea54b8315ac4721640277f7c882cd4]
PUP.Optional.GlobalUpdate.C, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\GLOBALUPDATE.EXE|AppID, {3278F5CF-48F3-4253-A6BB-004CE84AF492}, , [3e0393795c2f8caa26a6327517edd030]
PUP.Optional.PCTuner.C, HKLM\SOFTWARE\WOW6432NODE\HIGHDEFACTION|value, 1, , [ec55977533585ed809583b6bfd077b85]
PUP.Optional.Linkury.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\ielnksrch|DisplayName, Search the web, , [df62aa62038824128986b003c83c847c]
PUP.Optional.Linkury.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\ielnksrch|URL, http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_BzVqASLW90uzABlXI-OqSsm-dE6bMHWhpYzDmQo74mY-N0Pm7-d0Gq3KeccYW3MBLpzUOzspqp1Pwy8L7Nlog6g7YWZ7or0KQ3jDoLlWcvjLRQO42rbl50c60JxxNZ1WuwGoNv-3hQfDUbB8Dc8NphsvWFJtl8Qc,&q={searchTerms}, , [2a17d834e4a72b0bc848f6bdcd37936d]
PUP.Optional.Linkury.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_BzVqASLW90uzABlXI-OqSsm-dE6bMHWhpYzDmQo74mY-N0Pm7-d0Gq3KeccYW3MBLpzUOzspqp1Pwy8L7Nlog6g7YWZ7or0KQ3jDoLlWcvjLRQO42rbl50c60JxxNZ1WuwGoNv-3hQfDUbB8Dc8NphsvWFJtl8Qc,&q={searchTerms}, , [73ce68a4dfacde586ca59a196d9753ad]
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, , [57ea7d8f9bf076c043fa288356aeff01]
PUP.Optional.Somoto.A, HKLM\SOFTWARE\WOW6432NODE\SEARCHULT|Somo, , , [10316d9f404b62d4181313a3ff0519e7]
PUP.Optional.ExtTag.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EXTTAG|ImagePath, C:\ProgramData\ExtTag\ExtTag.exe, , [5ee360ac7b10f244126fcf4d22e1d42c]
PUP.Optional.Linkury.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SAOPHASE|ImagePath, C:\ProgramData\Saophase\Saophase.exe, , [0a3742ca6a219d99f1426ab1c340fa06]
PUP.Optional.Linkury.A, HKU\S-1-5-21-1793778196-2422288631-436692435-1001\ENVIRONMENT|SNF, C:\ProgramData\ExtTags\snp.sc, , [b38ede2e810a51e585d7456ea06449b7]
PUP.Optional.Linkury.A, HKU\S-1-5-21-1793778196-2422288631-436692435-1001\ENVIRONMENT|SNP, http://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D?publisher=APSFRec&co=CZ&userid=6fccd5a0-bde6-5f4c-081d-f1e8e07831a0&searchtype=sc&installDate=23., , [3110df2d8dfe0b2b63fac5ee8480926e]
PUP.Optional.CinemaPlus.C, HKU\S-1-5-21-1793778196-2422288631-436692435-1001\SOFTWARE\ARENAHD|value, 1, , [47fadf2d2b605cda82d36c3ac53fc13f]
PUP.Optional.GlobalUpdate.C, HKU\S-1-5-21-1793778196-2422288631-436692435-1001\SOFTWARE\GLOBALUPDATE\UPDATE\PROXY|source, IE, , [ce73917b008b00360bd872b3a0631ee2]
PUP.Optional.PCTuner.C, HKU\S-1-5-21-1793778196-2422288631-436692435-1001\SOFTWARE\HIGHDEFACTION|value, 1, , [3e03a864f89366d04d12a105e61e24dc]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-1793778196-2422288631-436692435-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{ielnksrch}|DisplayName, Search the web, , [53ee0507cebdcb6b9f34b16ec83b936d]
PUP.Optional.IStartSurf.ShrtCln, HKU\S-1-5-21-1793778196-2422288631-436692435-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|DisplayName, istartsurf, , [d1700309d0bbac8a347feab7cd37b34d]
PUP.Optional.IStartSurf.ShrtCln, HKU\S-1-5-21-1793778196-2422288631-436692435-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|URL, http://www.istartsurf.com/web/?type=ds& ... earchTerms}, , [99a89973e7a484b28033336e8480916f]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-1793778196-2422288631-436692435-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{ielnksrch}|URL, http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_BzVqASLW90uzABlXI-OqSsm-dE6bMHWhpYzDmQo74mY-N0Pm7-d0Gq3KeccYW3MBLpzUOzspqp1Pwy8L7Nlog6g7YWZ7or0KQ3jDoLlWcvjLRQO42rbl50c60JxxNZ1WuwGoNv-3hQfDUbB8Dc8NphsvWFJtl8Qc,&q={searchTerms}, , [152c68a402890f27898406ad778da060]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-1793778196-2422288631-436692435-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_BzVqASLW90uzABlXI-OqSsm-dE6bMHWhpYzDmQo74mY-N0Pm7-d0Gq3KeccYW3MBLpzUOzspqp1Pwy8L7Nlog6g7YWZ7or0KQ3jDoLlWcvjLRQO42rbl50c60JxxNZ1WuwGoNv-3hQfDUbB8Dc8NphsvWFJtl8Qc,&q={searchTerms}, , [320fd5370e7dea4c8a84f0c337cdcd33]
PUP.Optional.Liveistream.A, HKU\S-1-5-21-1793778196-2422288631-436692435-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APP PATHS\SMPLAYER.EXE, C:\Program Files (x86)\Liveistream\smplayer.exe, , [fb462ddfa4e7b284fca41f8c80849a66]
PUP.Optional.OutBrowse.A, HKU\S-1-5-21-1793778196-2422288631-436692435-1001\SOFTWARE\OB|monitype6, 8/18/15 22:18:22, , [61e059b3c9c244f2c3148531e12304fc]
PUP.Optional.OutBrowse.A, HKU\S-1-5-21-1793778196-2422288631-436692435-1001\SOFTWARE\OB|monitype21, 8/18/15 22:18:37, , [3809bc504e3da49217c02294c83c32ce]
PUP.Optional.OutBrowse.A, HKU\S-1-5-21-1793778196-2422288631-436692435-1001\SOFTWARE\OB|monitype25, 8/18/15 22:18:46, , [0839c3497a11290d7c5be1d51fe557a9]
PUP.Optional.OutBrowse.A, HKU\S-1-5-21-1793778196-2422288631-436692435-1001\SOFTWARE\OB|monitype14, 8/18/15 22:19:24, , [c27fac60b6d5a294855283335ea643bd]
PUP.Optional.OutBrowse.A, HKU\S-1-5-21-1793778196-2422288631-436692435-1001\SOFTWARE\OB|monitype20, 8/18/15 22:20:43, , [e958b656e8a3f44233a4c9ed06fea15f]
PUP.Optional.OutBrowse.A, HKU\S-1-5-21-1793778196-2422288631-436692435-1001\SOFTWARE\OB|monitype15, 8/18/15 22:26:3, , [fc45a7658308c2745e79a610ca3af709]

Data registru: 18
PUP.Optional.Linkury.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, C:\ProgramData\Saophase\NamHold.dll, Dobré: (), Špatné: (C:\ProgramData\Saophase\NamHold.dll),,[c180d13b3457e056e72d59c228db6898]
PUP.Optional.Linkury.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, C:\ProgramData\Saophase\Sonbam.dll, Dobré: (), Špatné: (C:\ProgramData\Saophase\Sonbam.dll),,[c180d13b3457e056e72d59c228db6898]
PUP.Optional.IStartSurf.ShrtCln, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com/?type=sc&ts=1 ... 9077289077, Dobré: (iexplore.exe), Špatné: (C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com/?type=sc&ts=1 ... 9077289077),,[a9980408fa91d660721080ce0df88b75]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\OPERASTABLE\SHELL\OPEN\COMMAND, "C:\Program Files (x86)\Opera\Launcher.exe" http://www.istartsurf.com/?type=sc&ts=1 ... 9077289077, Dobré: (Opera.exe), Špatné: ("C:\Program Files (x86)\Opera\Launcher.exe" http://www.istartsurf.com/?type=sc&ts=1 ... 9077289077),,[f948d735652663d38c3162ea61a4dc24]
PUP.Optional.IStartSurf.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, http://www.istartsurf.com/web/?type=ds& ... earchTerms}, Dobré: (www.google.com), Špatné: (http://www.istartsurf.com/web/?type=ds& ... earchTerms}),,[9fa23bd193f8280ec7771934d431d828]
PUP.Optional.IStartSurf.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://www.istartsurf.com/?type=hp&ts=1 ... 9077289077, Dobré: (www.google.com), Špatné: (http://www.istartsurf.com/?type=hp&ts=1 ... 9077289077),,[053cb05c1b703cfa330bef5e13f233cd]
PUP.Optional.IStartSurf.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, http://www.istartsurf.com/web/?type=ds& ... earchTerms}, Dobré: (www.google.com), Špatné: (http://www.istartsurf.com/web/?type=ds& ... earchTerms}),,[8bb6e329088396a01f1f88c59273d729]
PUP.Optional.IStartSurf.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com/?type=sc&ts=1 ... 9077289077, Dobré: (iexplore.exe), Špatné: (C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com/?type=sc&ts=1 ... 9077289077),,[66db8389ee9d05319fe32f1fdd28dd23]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\CLIENTS\STARTMENUINTERNET\OPERASTABLE\SHELL\OPEN\COMMAND, "C:\Program Files (x86)\Opera\Launcher.exe" http://www.istartsurf.com/?type=sc&ts=1 ... 9077289077, Dobré: (Opera.exe), Špatné: ("C:\Program Files (x86)\Opera\Launcher.exe" http://www.istartsurf.com/?type=sc&ts=1 ... 9077289077),,[7fc2ff0db4d7fe38328bde6e8a7bf60a]
PUP.Optional.IStartSurf.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, http://www.istartsurf.com/web/?type=ds& ... earchTerms}, Dobré: (www.google.com), Špatné: (http://www.istartsurf.com/web/?type=ds& ... earchTerms}),,[7dc4a9632467f54197a705481de821df]
PUP.Optional.IStartSurf.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://www.istartsurf.com/?type=hp&ts=1 ... 9077289077, Dobré: (www.google.com), Špatné: (http://www.istartsurf.com/?type=hp&ts=1 ... 9077289077),,[3f0296765833cf67e15d8cc1d92c2bd5]
PUP.Optional.IStartSurf.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, http://www.istartsurf.com/web/?type=ds& ... earchTerms}, Dobré: (www.google.com), Špatné: (http://www.istartsurf.com/web/?type=ds& ... earchTerms}),,[bf822ae2d7b4e5511925f6570ff6a55b]
PUP.Optional.Linkury.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {ielnksrch}, Dobré: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Špatné: ({ielnksrch}),,[cf7268a47d0ec0768c05e575cd3849b7]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-1793778196-2422288631-436692435-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_BzVqASLW90uzABlXI-OqSsm-dE6bMHWhpYzDmQo74mY-N0Pm7-d0Gq3KeccYW3MBLpzUOzspqp1Pwy8L7Nlog6g7YWZ7or0KQ3jDoLlWcvjLRQO42rbl50c60JxxNZ1WuwGoNv-3hQfDUbB8Dc8NphsvWFJtl8Qc,&q={searchTerms}, Dobré: (www.google.com), Špatné: (http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_BzVqASLW90uzABlXI-OqSsm-dE6bMHWhpYzDmQo74mY-N0Pm7-d0Gq3KeccYW3MBLpzUOzspqp1Pwy8L7Nlog6g7YWZ7or0KQ3jDoLlWcvjLRQO42rbl50c60JxxNZ1WuwGoNv-3hQfDUbB8Dc8NphsvWFJtl8Qc,&q={searchTerms}),,[af923fcd65269f97f2992e2c4eb70bf5]
PUP.Optional.IStartSurf.ShrtCln, HKU\S-1-5-21-1793778196-2422288631-436692435-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://www.istartsurf.com/?type=hp&ts=1 ... 9077289077, Dobré: (www.google.com), Špatné: (http://www.istartsurf.com/?type=hp&ts=1 ... 9077289077),,[5de43dcf58332313340852fb36cf9967]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-1793778196-2422288631-436692435-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Bar, http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_BzVqASLW90uzABlXI-OqSsm-dE6bMHWhpYzDmQo74mY-N0Pm7-d0Gq3KeccYW3MBLpzUOzspqp1Pwy8L7Nlog6g7YWZ7or0KQ3jDoLlWcvjLRQO42rbl50c60JxxNZ1WuwGoNv-3hQfDUbB8Dc8NphsvWFJtl8Qc,&q={searchTerms}, Dobré: (www.google.com), Špatné: (http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_BzVqASLW90uzABlXI-OqSsm-dE6bMHWhpYzDmQo74mY-N0Pm7-d0Gq3KeccYW3MBLpzUOzspqp1Pwy8L7Nlog6g7YWZ7or0KQ3jDoLlWcvjLRQO42rbl50c60JxxNZ1WuwGoNv-3hQfDUbB8Dc8NphsvWFJtl8Qc,&q={searchTerms}),,[330e26e6602bce680388afab31d4ac54]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-1793778196-2422288631-436692435-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|SearchAssistant, http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_BzVqASLW90uzABlXI-OqSsm-dE6bMHWhpYzDmQo74mY-N0Pm7-d0Gq3KeccYW3MBLpzUOzspqp1Pwy8L7Nlog6g7YWZ7or0KQ3jDoLlWcvjLRQO42rbl50c60JxxNZ1WuwGoNv-3hQfDUbB8Dc8NphsvWFJtl8Qc,&q={searchTerms}, Dobré: (www.google.com), Špatné: (http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_BzVqASLW90uzABlXI-OqSsm-dE6bMHWhpYzDmQo74mY-N0Pm7-d0Gq3KeccYW3MBLpzUOzspqp1Pwy8L7Nlog6g7YWZ7or0KQ3jDoLlWcvjLRQO42rbl50c60JxxNZ1WuwGoNv-3hQfDUbB8Dc8NphsvWFJtl8Qc,&q={searchTerms}),,[98a90903137872c472190357c3422dd3]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-1793778196-2422288631-436692435-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Default_Search_URL, http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_BzVqASLW90uzABlXI-OqSsm-dE6bMHWhpYzDmQo74mY-N0Pm7-d0Gq3KeccYW3MBLpzUOzspqp1Pwy8L7Nlog6g7YWZ7or0KQ3jDoLlWcvjLRQO42rbl50c60JxxNZ1WuwGoNv-3hQfDUbB8Dc8NphsvWFJtl8Qc,&q={searchTerms}, Dobré: (www.google.com), Špatné: (http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_BzVqASLW90uzABlXI-OqSsm-dE6bMHWhpYzDmQo74mY-N0Pm7-d0Gq3KeccYW3MBLpzUOzspqp1Pwy8L7Nlog6g7YWZ7or0KQ3jDoLlWcvjLRQO42rbl50c60JxxNZ1WuwGoNv-3hQfDUbB8Dc8NphsvWFJtl8Qc,&q={searchTerms}),,[9aa77e8e315a2412622b66f482837888]

Složky: 43
PUP.Optional.CrossRider.A, C:\Program Files (x86)\Cinem Plus 2.4cV18.08, , [7ac72ae2682365d13694150d38cb42be],
PUP.Optional.CrossRider.A, C:\Program Files (x86)\SavePass 1.1, , [57eaef1dec9f9e98b317919155aea45c],
PUP.Optional.TakeTheCoupon.A, C:\Program Files (x86)\TakeTheCoouppoon, , [8db425e7ed9e0531a8d3792ca460ba46],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\imageformats, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\mplayer, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\mplayer\fonts, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\mplayer\fonts\conf.d, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\mplayer\mplayer, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\shortcuts, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\translations, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Liveistream, , [65dc18f49bf0d264fd18d1d540c4da26],
PUP.Optional.Sanbreel.A, C:\Program Files (x86)\Any Angle\bin, , [ee538a827516fa3cc3ec7c2ed430916f],
PUP.Optional.Sanbreel.A, C:\Program Files (x86)\Any Angle\bin\plugins, , [ee538a827516fa3cc3ec7c2ed430916f],
PUP.Optional.Sanbreel.A, C:\Program Files (x86)\Any Angle\bin\TEMP, , [ee538a827516fa3cc3ec7c2ed430916f],
PUP.Optional.Sanbreel.A, C:\Program Files (x86)\Any Angle, , [ee538a827516fa3cc3ec7c2ed430916f],
PUP.Optional.MultiPlug.Gen, C:\ProgramData\6159984984648514449, , [70d19577533842f4a1d9ac06c143db25],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update, , [221fa6665f2cb87e6d92897103ffab55],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0, , [221fa6665f2cb87e6d92897103ffab55],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Download, , [221fa6665f2cb87e6d92897103ffab55],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Install, , [221fa6665f2cb87e6d92897103ffab55],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Offline, , [221fa6665f2cb87e6d92897103ffab55],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Offline\{8568D89D-C7A4-4B5C-B9F9-3BAAB4252CB3}, , [221fa6665f2cb87e6d92897103ffab55],
PUP.Optional.GlobalUpdate.A, C:\Users\Jobran\AppData\Local\Temp\comh.213017, , [be835cb03e4dcb6b4aca50abef132cd4],
PUP.Optional.GlobalUpdate.A, C:\Users\Jobran\AppData\Local\Temp\comh.227584, , [2c1505075c2fe452c15376853bc707f9],
PUP.Optional.IStartSurf.ShrtCln, C:\Users\Jobran\AppData\Roaming\istartsurf, , [053cb656e4a767cf6aba5f9feb1708f8],
PUP.Optional.IStartSurf.ShrtCln, C:\Users\Jobran\AppData\Roaming\istartsurf\images, , [053cb656e4a767cf6aba5f9feb1708f8],
PUP.Optional.IStartSurf.ShrtCln, C:\Users\Jobran\AppData\Roaming\istartsurf\images\code, , [053cb656e4a767cf6aba5f9feb1708f8],
PUP.Optional.AnyAngle.A, C:\Users\Jobran\AppData\Local\Temp\Any Angle, , [f1503fcd68236ec82a9369adcf3458a8],
PUP.Optional.PCSpeedUp.A, C:\Users\Jobran\Documents\PCSpeedUp, , [f05113f93d4e191da20876a1ea19768a],
PUP.Optional.PCSpeedUp.A, C:\Users\Jobran\Documents\PCSpeedUp\RestorePoints, , [f05113f93d4e191da20876a1ea19768a],
PUP.Optional.PCSpeedUp.A, C:\Users\Jobran\Documents\PCSpeedUp\ScanResults, , [f05113f93d4e191da20876a1ea19768a],
PUP.Optional.PCSpeedUp.C, C:\Users\Jobran\AppData\Local\Microsoft\Silverlight\OutOfBrowser\Speedchecker.PCSpeedUp, , [e55c7e8e8dfebc7ac3f0ea2e63a0ea16],
PUP.Optional.ExtTag.F, C:\ProgramData\ExtTag, , [be83719bb4d71323c7bdd64302010000],
PUP.Optional.ExtTag.F, C:\ProgramData\ExtTag\ondemand, , [be83719bb4d71323c7bdd64302010000],
PUP.Optional.ExtTag.F, C:\ProgramData\ExtTags, , [c57c5eae0388290ddbaa4acfbb48fe02],
PUP.Optional.ProtectWindowsManager.F, C:\ProgramData\yWinManProy, , [50f1d13ba4e7bb7b6bc488927b8807f9],
PUP.Optional.ProtectWindowsManager.F, C:\ProgramData\yWinManProy\update, , [50f1d13ba4e7bb7b6bc488927b8807f9],
PUP.Optional.Linkury.A, C:\ProgramData\Saophase, , [c180d13b3457e056e72d59c228db6898],
PUP.Optional.Linkury.A, C:\ProgramData\Saophase\ondemand, , [c180d13b3457e056e72d59c228db6898],
PUP.Optional.Linkury.A, C:\ProgramData\Saophases, , [ee537e8edead47ef6aab25f643c05ca4],
PUP.Optional.AnyAngle.A, C:\Users\Jobran\AppData\Roaming\Opera Software\Opera Stable\Extensions\amdpddmbnmmfmhehpndlngmdmjohijml\1.0.1_0, , [5de4719bd6b51521a8772967858037c9],
PUP.Optional.AnyAngle.A, C:\Users\Jobran\AppData\Roaming\Opera Software\Opera Stable\Extensions\amdpddmbnmmfmhehpndlngmdmjohijml, , [5de4719bd6b51521a8772967858037c9],

Soubory: 350
Adware.PennyBee, C:\ProgramData\FazmeSovaf\iwub3si.dll, , [e55c3ad23457d75f21b6a224fb06f30d],
PUP.Optional.WProtectManager.A, C:\ProgramData\yWinManProy\ProtectWindowsManager.exe, , [f74a31db385337ffa8a6325bb0557a86],
Adware.PennyBee, C:\ProgramData\FazmeSovaf\iwubwsi.exe, , [f150eb219cefb48210c8d3f35da460a0],
PUP.Optional.Amonetize, C:\Program Files\igfx32\igfx32.exe, , [79c86ba17a1167cf8afed6f7f70a669a],
Adware.PennyBee, C:\ProgramData\FazmeSovaf\iwubasi.exe, , [ee5369a3d6b53ef8a830ab1bba477b85],
PUP.Optional.Amonetize, C:\Program Files\igfx32\packages\ea2766fe-20c3-4161-a557-a94778708c8a\NixHost.exe, , [e45dd834197239fd4b3febe2f011916f],
PUP.Optional.SavePass.A, C:\Program Files (x86)\SavePass 1.1\cc992a36-27ab-4fba-be14-ff16135f8e4a-10.exe, , [a49dc448305b86b09db7bba9f9080000],
PUP.Optional.CrossRider.A, C:\Program Files (x86)\Cinem Plus 2.4cV18.08\52174193-9835-4b09-a211-861cbfe3291c-1-6.exe, , [81c066a6cebd989ee7ea85ffe223e41c],
PUP.Optional.SavePass.A, C:\Program Files (x86)\SavePass 1.1\cc992a36-27ab-4fba-be14-ff16135f8e4a-1-6.exe, , [202135d762299f97530184e05da408f8],
PUP.Optional.CrossRider.A, C:\Program Files (x86)\Cinem Plus 2.4cV18.08\52174193-9835-4b09-a211-861cbfe3291c-10.exe, , [8ab7fa124447c76f5f722b59ec1937c9],
Adware.PennyBee, C:\ProgramData\FazmeSovaf\iwubdsi.exe, , [b9883cd03f4cb38333a2b412e21fcf31],
PUP.Optional.ModGoog, C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe, , [0c356ba1a4e7280ee0cccbc326dbff01],
PUP.Optional.AnyAngle.A, C:\Program Files (x86)\Any Angle\AnyAnglebho.dll, , [74cdd4384a414ee8663718bf689ab44c],
Trojan.Dropper.NS, C:\$Recycle.Bin\S-1-5-21-1793778196-2422288631-436692435-1001\$RE4BZ6E.exe, , [66db69a3cac18caae7d88c527b86758b],
PUP.Optional.MultiPlug.F, C:\AdwCleaner\Quarantine\C\ProgramData\{792e2b74-ca2a-2e07-792e-e2b74ca2add3}\1668959511713299299b.exe.vir, , [f9488587aae1fe38ff201fb4f30e30d0],
PUP.Optional.Systweak, C:\AdwCleaner\Quarantine\C\WINDOWS\System32\roboot64.exe.vir, , [b78a3fcded9ec373503621732ed49c64],
PUP.Optional.Linkury, C:\Program Files\Common Files\0dmrfbna\cd90b3hasxary.exe, , [320fc7452a61e056ce7ea82b0ff23ec2],
Trojan.Agent, C:\Program Files\igfx32\packages\ef486af0-b45b-40b4-9839-34c6b7e2d98a\file.exe, , [8cb54dbf9deecb6b69daa9a15ea723dd],
Trojan.Downloader, C:\Program Files\igfx32\packages\ef486af0-b45b-40b4-9839-34c6b7e2d98a\start.exe, , [cd74e4281d6e6ccaa41c9b32b64bdd23],
PUP.Optional.BrowseFox, C:\Program Files (x86)\Any Angle\AnyAngleUninstall.exe, , [a49df7154447c076226a9410748db34d],
PUP.Optional.CrossRider.A, C:\Program Files (x86)\Cinem Plus 2.4cV18.08\52174193-9835-4b09-a211-861cbfe3291c-1-7.exe, , [59e8ed1f55363204ebe671136e9737c9],
PUP.Optional.CrossRider.A, C:\Program Files (x86)\Cinem Plus 2.4cV18.08\52174193-9835-4b09-a211-861cbfe3291c-5.exe, , [47facb41b3d84cea4c856321ea1bc43c],
PUP.Optional.Downloader.C, C:\Program Files (x86)\Cinem Plus 2.4cV18.08\Uninstall.exe, , [5fe25bb1b1dac175c7661c9c8978fe02],
PUP.Optional.CrossRider.A, C:\Program Files (x86)\Cinem Plus 2.4cV18.08\UninstallBrw.exe, , [db665daf1b70e155567b0381d72e7d83],
PUP.Optional.CrossRider.A, C:\Program Files (x86)\Cinem Plus 2.4cV18.08\utils.exe, , [82bfb25ab3d858de755c3b49ba4b42be],
PUP.Optional.PCSpeedUp.A, C:\Program Files (x86)\Zrychleni Pocitace\PCSpeedUp.sys, , [4ef37894f99283b349008b20e819b749],
PUP.Optional.PCSpeedUp.A, C:\Program Files (x86)\Zrychleni Pocitace\PCSUUCC.exe, , [43fe3cd07f0ccd6982c71794d8296997],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\uninstall.exe, , [c77ab25a22691a1c9a61b996d8280ff1],
PUP.Optional.SavePass.A, C:\Program Files (x86)\SavePass 1.1\cc992a36-27ab-4fba-be14-ff16135f8e4a-1-7.exe, , [7ac7b6569af1e0568cc896ce8d7428d8],
PUP.Optional.SavePass.A, C:\Program Files (x86)\SavePass 1.1\cc992a36-27ab-4fba-be14-ff16135f8e4a-5.exe, , [ff42af5d078485b1df75e381a65bc63a],
PUP.Optional.SavePass.A, C:\Program Files (x86)\SavePass 1.1\UninstallBrw.exe, , [0a3714f8dab19a9c9fb584e0798837c9],
PUP.Optional.SavePass.A, C:\Program Files (x86)\SavePass 1.1\utils.exe, , [f34ed438b8d3a78fa1b3e18323de52ae],
PUP.Optional.Multiplug.A, C:\Program Files (x86)\TakeTheCoouppoon\Hzhgk0vcQVLHAT.exe, , [a49d7e8e94f7cb6b59c0ef8b80815ba5],
PUP.Optional.ModGoog, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\globalupdate.exe, , [f1505cb06a21979fd8d48d013fc24ab6],
PUP.Optional.ModGoog, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\globalupdateBroker.exe, , [77ca62aaef9cc76fd2da385657aa5ba5],
PUP.Optional.ModGoog, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\globalupdateCrashHandler.exe, , [88b9a56718731b1b02aa7618e021916f],
PUP.Optional.ModGoog, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\globalupdateOnDemand.exe, , [f9488f7d404be94d87250e8035cccc34],
PUP.Optional.ModGoog, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdate.dll, , [8eb36d9fcbc00b2b7f2d9bf324dd2bd5],
PUP.Optional.ModGoog, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdateres_en.dll, , [9da41cf095f61d19dad25836d42dcc34],
PUP.Optional.ModGoog, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll, , [093835d77417af877834a0eebb46de22],
PUP.Optional.ModGoog, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\psmachine.dll, , [99a8729a7e0ddb5ba7055c32a85902fe],
PUP.Optional.ModGoog, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\psuser.dll, , [cd7418f4a9e2340273392d619f62db25],
Adware.PennyBee, C:\ProgramData\FazmeSovaf\iwub3sid.dll, , [a79aa666bad1989eedea7b4b09f8669a],
Adware.PennyBee, C:\ProgramData\FazmeSovaf\iwub6si.dll, , [64dd0efe9dee0c2a01d50abcd8298977],
Adware.PennyBee, C:\ProgramData\FazmeSovaf\iwub6sid.dll, , [1829b35913781521e6f02b9bd72a40c0],
PUP.Optional.IStartSurf.ShrtCln, C:\Users\Jobran\AppData\Local\Microsoft\Windows\INetCache\IE\FFYA5W35\obw_istartsurf[1].exe, , [073a7894890277bfc2f72861bf467987],
HackTool.Wpakill, C:\Users\Jobran\AppData\Local\Microsoft\Windows\INetCache\IE\IP74QTK9\1.exe, , [182928e4a6e506307ab2471d43bdb24e],
Adware.PennyBee, C:\Users\Jobran\AppData\Local\Microsoft\Windows\INetCache\IE\TP4VZEUG\10100016[1].exe, , [e859d438b9d23303597d72542ad7b24e],
PUP.Optional.CrossRider.A, C:\Users\Jobran\AppData\Local\Microsoft\Windows\INetCache\IE\TP4VZEUG\setup[2].exe, , [65dc8a827c0fb0867859c8bc1fe603fd],
PUP.Optional.SavePass.A, C:\Users\Jobran\AppData\Local\Microsoft\Windows\INetCache\IE\TP4VZEUG\setup[1].exe, , [43fe36d6dbb038fe10441351f30edc24],
PUP.Optional.PCSpeedUp.A, C:\Users\Jobran\AppData\Local\Microsoft\Windows\INetCache\IE\TP4VZEUG\pcspeedup[1].exe, , [ad947b9114772a0c20293477f60b2ed2],
PUP.Optional.BrowseFox, C:\Users\Jobran\AppData\Local\Microsoft\Windows\INetCache\IE\TP4VZEUG\AnyAngleSetup[1].exe, , [42ffd537eba07db96923495b629fc53b],
PUP.Optional.Amonetize, C:\Users\Jobran\AppData\Local\Temp\nsxBA12.exe, , [67daf51798f3fc3ad1b8537a43be926e],
PUP.Optional.LiveIStream.A, C:\Users\Jobran\AppData\Local\Temp\playerfile.exe, , [a69b44c8c6c56ec8e318b19e8977619f],
PUP.Optional.ModGoog, C:\Users\Jobran\AppData\Local\Temp\comh.213017\globalupdate.exe, , [261b8c80d7b4bc7a13994b435aa756aa],
PUP.Optional.ModGoog, C:\Users\Jobran\AppData\Local\Temp\comh.213017\globalupdateBroker.exe, , [e45d0a020982be787c30e1ad3bc604fc],
PUP.Optional.ModGoog, C:\Users\Jobran\AppData\Local\Temp\comh.213017\globalupdateCrashHandler.exe, , [0b36cb41612a82b4e1cb345a956caf51],
PUP.Optional.ModGoog, C:\Users\Jobran\AppData\Local\Temp\comh.213017\globalupdateOnDemand.exe, , [142dc943662556e06b417816ab5602fe],
PUP.Optional.ModGoog, C:\Users\Jobran\AppData\Local\Temp\comh.213017\goopdate.dll, , [b1900a02b5d682b40f9d58366d94b947],
PUP.Optional.ModGoog, C:\Users\Jobran\AppData\Local\Temp\comh.213017\goopdateres_en.dll, , [0b3624e8c2c98ea86c40f6987091af51],
PUP.Optional.ModGoog, C:\Users\Jobran\AppData\Local\Temp\comh.213017\npglobalupdateUpdate4.dll, , [77ca68a45c2f5cdaa903f19dba47c838],
PUP.Optional.ModGoog, C:\Users\Jobran\AppData\Local\Temp\comh.213017\psmachine.dll, , [fc45c14b9dee7abcfcb06727629f1be5],
PUP.Optional.ModGoog, C:\Users\Jobran\AppData\Local\Temp\comh.213017\psuser.dll, , [65dcdc301477e155fcb0ade1778a1ce4],
PUP.Optional.ModGoog, C:\Users\Jobran\AppData\Local\Temp\comh.227584\globalupdate.exe, , [1c250507a6e584b25854b7d7ef12a35d],
PUP.Optional.ModGoog, C:\Users\Jobran\AppData\Local\Temp\comh.227584\globalupdateBroker.exe, , [55eccc40ff8c9a9ceebe6f1f58a957a9],
PUP.Optional.ModGoog, C:\Users\Jobran\AppData\Local\Temp\comh.227584\globalupdateCrashHandler.exe, , [ff42d9337a118da997154d41ee13a45c],
PUP.Optional.ModGoog, C:\Users\Jobran\AppData\Local\Temp\comh.227584\globalupdateOnDemand.exe, , [3c059f6d5f2c5adc8f1d236bd22f6d93],
PUP.Optional.ModGoog, C:\Users\Jobran\AppData\Local\Temp\comh.227584\goopdate.dll, , [8bb60dff0c7fb581bdefc8c68a77db25],
PUP.Optional.ModGoog, C:\Users\Jobran\AppData\Local\Temp\comh.227584\goopdateres_en.dll, , [82bfdb31e9a23ff7ac004549df22dc24],
PUP.Optional.ModGoog, C:\Users\Jobran\AppData\Local\Temp\comh.227584\npglobalupdateUpdate4.dll, , [79c82ae23358b086822a404ee12022de],
PUP.Optional.ModGoog, C:\Users\Jobran\AppData\Local\Temp\comh.227584\psmachine.dll, , [7fc215f7751610267b31dcb22fd201ff],
PUP.Optional.ModGoog, C:\Users\Jobran\AppData\Local\Temp\comh.227584\psuser.dll, , [88b960ac0a8104322686dfaf9a676799],
PUP.Optional.OpenCandy, C:\Users\Jobran\AppData\Local\Temp\is-H6PF4.tmp\OCSetupHlp.dll, , [2021fb1136553402462fc2bc3fc6a55b],
PUP.Optional.ELEX, C:\Users\Jobran\AppData\Roaming\istartsurf\key.dll, , [b9882ddfcdbeed4956ea3996c63bcf31],
PUP.Optional.OpenCandy, C:\Users\Jobran\Documents\Dok. 16.3.14 kompl\Downloads\adobe-reader-11.0.04.exe, , [a1a00ffdb4d7da5c0a6bef8fbf466a96],
PUP.Optional.Outbrowse, C:\Users\Jobran\Downloads\setup (1).exe, , [8cb541cb434845f159b9315d83826b95],
PUP.Optional.Outbrowse, C:\Users\Jobran\Downloads\setup.exe, , [a1a039d3fa91bd79de347618cc399c64],
PUP.Optional.Linkury, C:\Windows\Temp\tmp6428.tmp, , [79c84fbd59328fa757f59f341ae704fc],
PUP.Optional.Amonetize, C:\Windows\Temp\tmp9FD0.tmp, , [52eff3199cef3006a5e5efde936e47b9],
Trojan.Downloader, C:\Windows\Temp\tmpA60B.tmp, , [cf72b05c27640d29b10fe2ebdc2501ff],
PUP.Optional.Linkury, C:\Windows\Temp\tmpA998.tmp, , [202114f8e8a3d165f557d300a65b3cc4],
PUP.Optional.Amonetize, C:\Windows\Temp\tmpD603.tmp, , [162bfd0faae1221499f15776907149b7],
Trojan.Downloader, C:\Windows\Temp\tmpE12F.tmp, , [63de838916752313cbf5cc01bf4245bb],
PUP.Optional.Amonetize, C:\Windows\Temp\tmpE2DC.tmp, , [3e03997327640531701a14b940c1748c],
Trojan.Downloader, C:\Windows\Temp\tmpEA30.tmp, , [231ed23a92f96acc4878a5287190cd33],
Trojan.Agent, C:\Windows\Temp\nsqEE55.exe, , [c57c9775bbd0f343f2514bff61a4d22e],
PUP.Optional.Linkury.Gen.A, C:\Windows\SysWOW64\findit.xml, , [67daec20afdcef476e602feda65d41bf],
PUP.Optional.Linkury.A, C:\Windows\System32\Tasks\snp, , [af920c00a7e4e84ee10346d6f50e758b],
PUP.Optional.CrossRider.A, C:\Program Files (x86)\Cinem Plus 2.4cV18.08\bgNova.html, , [7ac72ae2682365d13694150d38cb42be],
PUP.Optional.CrossRider.A, C:\Program Files (x86)\SavePass 1.1\bgNova.html, , [57eaef1dec9f9e98b317919155aea45c],
PUP.Optional.CrossRider.A, C:\Program Files (x86)\SavePass 1.1\Uninstall.exe, , [57eaef1dec9f9e98b317919155aea45c],
PUP.Optional.Shost.A, C:\Windows\shost.bin, , [7cc50dff2e5dee480db947eb11f2e11f],
PUP.Optional.Sanbreel.A, C:\Windows\System32\drivers\{28803afb-6271-4e62-a0ec-a2153e9476d3}Gw64.sys, , [5c0e884f0bd3b834ba085e3b2a62e9fd],
PUP.Optional.Sanbreel.A, C:\Windows\System32\drivers\{e1d565c0-fd02-442e-a0f3-6ab17899a188}Gw64.sys, , [5940cf806d21e8affddeb6df82294cfc],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\52174193-9835-4b09-a211-861cbfe3291c-1-6, , [a79a0606a7e4ba7cfcb891bb8b78fa06],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\52174193-9835-4b09-a211-861cbfe3291c-1-7, , [1130db31cbc0f541aa0a371527dc6d93],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\52174193-9835-4b09-a211-861cbfe3291c-10_user, , [093856b684073204d7dd1d2fbd4647b9],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\52174193-9835-4b09-a211-861cbfe3291c-5, , [b38ed63617743501377de66622e1a15f],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\52174193-9835-4b09-a211-861cbfe3291c-5_user, , [76cb29e38efd81b59420c587a360a65a],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\cc992a36-27ab-4fba-be14-ff16135f8e4a-1-6, , [c67bd13b731879bdd3e18ebe34cf1fe1],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\cc992a36-27ab-4fba-be14-ff16135f8e4a-1-7, , [66dba06c692258deb103a3a9e320718f],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\cc992a36-27ab-4fba-be14-ff16135f8e4a-10_user, , [dd644fbdf09be4528430a6a6c340d52b],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\cc992a36-27ab-4fba-be14-ff16135f8e4a-5, , [0d349d6f95f6162024900d3f956ee61a],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\cc992a36-27ab-4fba-be14-ff16135f8e4a-5_user, , [b58c8a82810a082e981c4705659e6a96],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\52174193-9835-4b09-a211-861cbfe3291c-1-6.job, , [90b13ece22699a9cb6cbdabb1aeabb45],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\52174193-9835-4b09-a211-861cbfe3291c-1-7.job, , [1c252ce0622955e1037e306539cb1ce4],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\52174193-9835-4b09-a211-861cbfe3291c-10_user.job, , [c879e22aa1ea1c1a68198b0a12f2ed13],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\52174193-9835-4b09-a211-861cbfe3291c-5.job, , [7bc69e6ef497c571dda4eca9d82cf907],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\52174193-9835-4b09-a211-861cbfe3291c-5_user.job, , [063b58b455361125bac7187def15f808],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\cc992a36-27ab-4fba-be14-ff16135f8e4a-1-6.job, , [55ec7a92a0eb9e9882ff8c0920e42ad6],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\cc992a36-27ab-4fba-be14-ff16135f8e4a-1-7.job, , [e85993790f7c9f97245d0f8639cba35d],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\cc992a36-27ab-4fba-be14-ff16135f8e4a-10_user.job, , [ce73997304872b0b88f9801562a2f808],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\cc992a36-27ab-4fba-be14-ff16135f8e4a-5.job, , [5ae7b7553358f244562bccc918ec33cd],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\cc992a36-27ab-4fba-be14-ff16135f8e4a-5_user.job, , [f54c16f63c4f171f2061cbca45bf9769],
PUP.Optional.GlobalUpdate.A, C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job, , [ff427c90a8e3b680137cd4c17e869868],
PUP.Optional.GlobalUpdate.A, C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore, , [6ed3907c35566fc7a7e9e3b2e321857b],
PUP.Optional.GlobalUpdate.A, C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job, , [e45daf5d3c4f62d4761bf4a10cf813ed],
PUP.Optional.GlobalUpdate.A, C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA, , [69d88a82d9b274c2e0b2b9dce321fc04],
PUP.Optional.TakeTheCoupon.A, C:\Program Files (x86)\TakeTheCoouppoon\Hzhgk0vcQVLHAT.tlb, , [8db425e7ed9e0531a8d3792ca460ba46],
PUP.Optional.TakeTheCoupon.A, C:\Program Files (x86)\TakeTheCoouppoon\Hzhgk0vcQVLHAT.dat, , [8db425e7ed9e0531a8d3792ca460ba46],
PUP.Optional.TakeTheCoupon.A, C:\Program Files (x86)\TakeTheCoouppoon\Hzhgk0vcQVLHAT.dll, , [8db425e7ed9e0531a8d3792ca460ba46],
PUP.Optional.TakeTheCoupon.A, C:\Program Files (x86)\TakeTheCoouppoon\Hzhgk0vcQVLHAT.x64.dll, , [8db425e7ed9e0531a8d3792ca460ba46],
PUP.Optional.LiveIStream.A, C:\Users\Jobran\Desktop\Liveistream.lnk, , [c37e1cf0018aa88ef320eabc6b9925db],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\Readme.txt, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\QtCore4.dll, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\Copying.txt, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\Copying_BSD.txt, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\Copying_libmaia.txt, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\dvdmenus.txt, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\Finding_subtitles.txt, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\Install.txt, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\libgcc_s_dw2-1.dll, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\Liveistream website.url, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\mingwm10.dll, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\Not_so_obvious_things.txt, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\Portable_Edition.txt, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\QtGui4.dll, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\QtNetwork4.dll, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\QtScript4.dll, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\QtXml4.dll, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\Release_notes.txt, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\sample.avi, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\smplayer.exe, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\Watching_TV.txt, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\zlib1.dll, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\imageformats\qjpeg4.dll, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\mplayer\LICENSE.txt, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\mplayer\mplayer.exe, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\mplayer\MPlayer.html, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\mplayer\mplayer.man.html, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\mplayer\README.txt, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\mplayer\fonts\fonts.conf, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\mplayer\fonts\conf.d\10-scale-bitmap-fonts.conf, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\mplayer\fonts\conf.d\20-unhint-small-vera.conf, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\mplayer\fonts\conf.d\30-metric-aliases.conf, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\mplayer\fonts\conf.d\30-urw-aliases.conf, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\mplayer\fonts\conf.d\40-nonlatin.conf, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\mplayer\fonts\conf.d\45-latin.conf, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\mplayer\fonts\conf.d\49-sansserif.conf, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\mplayer\fonts\conf.d\50-user.conf, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\mplayer\fonts\conf.d\51-local.conf, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\mplayer\fonts\conf.d\60-latin.conf, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\mplayer\fonts\conf.d\65-fonts-persian.conf, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\mplayer\fonts\conf.d\65-nonlatin.conf, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\mplayer\fonts\conf.d\69-unifont.conf, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\mplayer\fonts\conf.d\80-delicious.conf, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\mplayer\fonts\conf.d\90-synthetic.conf, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\mplayer\fonts\conf.d\README, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\mplayer\mplayer\config, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\mplayer\mplayer\config.sample, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\mplayer\mplayer\input.conf, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\mplayer\mplayer\subfont.ttf, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\shortcuts\default.keys, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\translations\smplayer_da.qm, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\translations\smplayer_lt.qm, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\translations\qt_eu.qm, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\translations\smplayer_de.qm, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\translations\smplayer_el_GR.qm, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\translations\smplayer_en_US.qm, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\translations\smplayer_es.qm, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\translations\smplayer_et.qm, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\translations\smplayer_eu.qm, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\translations\smplayer_fi.qm, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\translations\smplayer_fr.qm, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\translations\smplayer_gl.qm, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\translations\smplayer_he_IL.qm, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\translations\smplayer_hr.qm, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\translations\smplayer_hu.qm, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\translations\smplayer_it.qm, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\translations\smplayer_ja.qm, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\translations\smplayer_ka.qm, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\translations\smplayer_ko.qm, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\translations\smplayer_ku.qm, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\translations\smplayer_mk.qm, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\translations\smplayer_ms_MY.qm, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\translations\smplayer_nl.qm, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\translations\smplayer_pl.qm, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\translations\smplayer_pt.qm, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\translations\smplayer_pt_BR.qm, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\translations\smplayer_ro_RO.qm, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\translations\smplayer_ru_RU.qm, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\translations\smplayer_sk.qm, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\translations\smplayer_sl_SI.qm, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\translations\smplayer_sr.qm, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\translations\smplayer_sv.qm, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\translations\smplayer_th.qm, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\translations\smplayer_tr.qm, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\translations\smplayer_uk_UA.qm, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\translations\smplayer_vi_VN.qm, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\translations\smplayer_zh_CN.qm, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\translations\smplayer_zh_TW.qm, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\translations\smplayer_ar_SY.qm, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\translations\smplayer_bg.qm, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\translations\smplayer_ca.qm, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\Program Files (x86)\Liveistream\translations\smplayer_cs.qm, , [92afd13bb8d3fa3c9a7aa4021de75fa1],
PUP.Optional.LiveIStream.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Liveistream\Liveistream Website.lnk, , [65dc18f49bf0d264fd18d1d540c4da26],
PUP.Optional.LiveIStream.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Liveistream\Liveistream.lnk, , [65dc18f49bf0d264fd18d1d540c4da26],
PUP.Optional.LiveIStream.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Liveistream\Uninstall Liveistream.lnk, , [65dc18f49bf0d264fd18d1d540c4da26],
PUP.Optional.Sanbreel.A, C:\Program Files (x86)\Any Angle\bin\BrowserAdapter.7z, , [ee538a827516fa3cc3ec7c2ed430916f],
PUP.Optional.Sanbreel.A, C:\Program Files (x86)\Any Angle\bin\AnyAngle.BrowserAdapter.exe, , [ee538a827516fa3cc3ec7c2ed430916f],
PUP.Optional.Sanbreel.A, C:\Program Files (x86)\Any Angle\bin\2880.dll, , [ee538a827516fa3cc3ec7c2ed430916f],
PUP.Optional.Sanbreel.A, C:\Program Files (x86)\Any Angle\bin\288064.dll, , [ee538a827516fa3cc3ec7c2ed430916f],
PUP.Optional.Sanbreel.A, C:\Program Files (x86)\Any Angle\bin\28803afb62.dll, , [ee538a827516fa3cc3ec7c2ed430916f],
PUP.Optional.Sanbreel.A, C:\Program Files (x86)\Any Angle\bin\28803afb6264.dll, , [ee538a827516fa3cc3ec7c2ed430916f],
PUP.Optional.Sanbreel.A, C:\Program Files (x86)\Any Angle\bin\7za.exe, , [ee538a827516fa3cc3ec7c2ed430916f],
PUP.Optional.Sanbreel.A, C:\Program Files (x86)\Any Angle\bin\AnyAngle.BrowserAdapter64.exe, , [ee538a827516fa3cc3ec7c2ed430916f],
PUP.Optional.Sanbreel.A, C:\Program Files (x86)\Any Angle\bin\AnyAngle.expext.exe, , [ee538a827516fa3cc3ec7c2ed430916f],
PUP.Optional.Sanbreel.A, C:\Program Files (x86)\Any Angle\bin\AnyAngle.expext.zip, , [ee538a827516fa3cc3ec7c2ed430916f],
PUP.Optional.Sanbreel.A, C:\Program Files (x86)\Any Angle\bin\AnyAngle.PurBrowse64.exe, , [ee538a827516fa3cc3ec7c2ed430916f],
PUP.Optional.Sanbreel.A, C:\Program Files (x86)\Any Angle\bin\AnyAngle.PurBrowseG.zip, , [ee538a827516fa3cc3ec7c2ed430916f],
PUP.Optional.Sanbreel.A, C:\Program Files (x86)\Any Angle\bin\e1d5.dll, , [ee538a827516fa3cc3ec7c2ed430916f],
PUP.Optional.Sanbreel.A, C:\Program Files (x86)\Any Angle\bin\e1d564.dll, , [ee538a827516fa3cc3ec7c2ed430916f],
PUP.Optional.Sanbreel.A, C:\Program Files (x86)\Any Angle\bin\e1d565c0fd.dll, , [ee538a827516fa3cc3ec7c2ed430916f],
PUP.Optional.Sanbreel.A, C:\Program Files (x86)\Any Angle\bin\e1d565c0fd64.dll, , [ee538a827516fa3cc3ec7c2ed430916f],
PUP.Optional.Sanbreel.A, C:\Program Files (x86)\Any Angle\bin\eula.txt, , [ee538a827516fa3cc3ec7c2ed430916f],
PUP.Optional.Sanbreel.A, C:\Program Files (x86)\Any Angle\bin\sqlite3.dll, , [ee538a827516fa3cc3ec7c2ed430916f],
PUP.Optional.Sanbreel.A, C:\Program Files (x86)\Any Angle\bin\utilAnyAngle.exe, , [ee538a827516fa3cc3ec7c2ed430916f],
PUP.Optional.Sanbreel.A, C:\Program Files (x86)\Any Angle\bin\utilAnyAngle.InstallState, , [ee538a827516fa3cc3ec7c2ed430916f],
PUP.Optional.Sanbreel.A, C:\Program Files (x86)\Any Angle\bin\plugins\AnyAngle.BrowserAdapter.dll, , [ee538a827516fa3cc3ec7c2ed430916f],
PUP.Optional.Sanbreel.A, C:\Program Files (x86)\Any Angle\bin\plugins\AnyAngle.CompatibilityChecker.dll, , [ee538a827516fa3cc3ec7c2ed430916f],
PUP.Optional.Sanbreel.A, C:\Program Files (x86)\Any Angle\bin\plugins\AnyAngle.ExpExt.dll, , [ee538a827516fa3cc3ec7c2ed430916f],
PUP.Optional.Sanbreel.A, C:\Program Files (x86)\Any Angle\bin\plugins\AnyAngle.FFUpdate.dll, , [ee538a827516fa3cc3ec7c2ed430916f],
PUP.Optional.Sanbreel.A, C:\Program Files (x86)\Any Angle\bin\plugins\AnyAngle.GCUpdate.dll, , [ee538a827516fa3cc3ec7c2ed430916f],
PUP.Optional.Sanbreel.A, C:\Program Files (x86)\Any Angle\bin\plugins\AnyAngle.PurBrowseG.dll, , [ee538a827516fa3cc3ec7c2ed430916f],
PUP.Optional.Sanbreel.A, C:\Program Files (x86)\Any Angle\amdpddmbnmmfmhehpndlngmdmjohijml.crx, , [ee538a827516fa3cc3ec7c2ed430916f],
PUP.Optional.Sanbreel.A, C:\Program Files (x86)\Any Angle\AnyAngle.ico, , [ee538a827516fa3cc3ec7c2ed430916f],
PUP.Optional.Sanbreel.A, C:\Program Files (x86)\Any Angle\updateAnyAngle.exe, , [ee538a827516fa3cc3ec7c2ed430916f],
PUP.Optional.Sanbreel.A, C:\Program Files (x86)\Any Angle\updateAnyAngle.InstallState, , [ee538a827516fa3cc3ec7c2ed430916f],
PUP.Optional.PCSpeedUp.A, C:\Windows\System32\Tasks\PC SpeedUp Service Deactivator, , [b8894ac2fb90b086134aebc1fc08c040],
PUP.Optional.PCSpeedUp.A, C:\Windows\Tasks\PC SpeedUp Service Deactivator.job, , [c27f34d8c1cad85ea4baecc0c143f20e],
PUP.Optional.Winsock.HijackBoot, C:\Users\Jobran\AppData\Local\Temp\adblocker_installer__1439928820.txt, , [f9488f7d7c0f1a1c024f9d11db29ca36],
PUP.Optional.MultiPlug.Gen, C:\ProgramData\6159984984648514449\c007a25cf45c47491fdb0cd33e5f51d1.ini, , [70d19577533842f4a1d9ac06c143db25],
PUP.Optional.ExtTag.A, C:\ProgramData\ExtTag\ExtTag.exe, , [5ee360ac7b10f244126fcf4d22e1d42c],
PUP.Optional.Linkury.A, C:\ProgramData\Saophase\Saophase.exe, , [0a3742ca6a219d99f1426ab1c340fa06],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\globalupdateHelper.msi, , [221fa6665f2cb87e6d92897103ffab55],
PUP.Optional.GlobalUpdate.A, C:\Users\Jobran\AppData\Local\Temp\comh.213017\globalupdateHelper.msi, , [be835cb03e4dcb6b4aca50abef132cd4],
PUP.Optional.GlobalUpdate.A, C:\Users\Jobran\AppData\Local\Temp\comh.227584\globalupdateHelper.msi, , [2c1505075c2fe452c15376853bc707f9],
PUP.Optional.IStartSurf.ShrtCln, C:\Users\Jobran\AppData\Roaming\istartsurf\544.json, , [053cb656e4a767cf6aba5f9feb1708f8],
PUP.Optional.IStartSurf.ShrtCln, C:\Users\Jobran\AppData\Roaming\istartsurf\MessageBox.xml, , [053cb656e4a767cf6aba5f9feb1708f8],
PUP.Optional.IStartSurf.ShrtCln, C:\Users\Jobran\AppData\Roaming\istartsurf\uninstallDlg2.xml, , [053cb656e4a767cf6aba5f9feb1708f8],
PUP.Optional.IStartSurf.ShrtCln, C:\Users\Jobran\AppData\Roaming\istartsurf\images\bg.png, , [053cb656e4a767cf6aba5f9feb1708f8],
PUP.Optional.IStartSurf.ShrtCln, C:\Users\Jobran\AppData\Roaming\istartsurf\images\bg1.png, , [053cb656e4a767cf6aba5f9feb1708f8],
PUP.Optional.IStartSurf.ShrtCln, C:\Users\Jobran\AppData\Roaming\istartsurf\images\bk_shadow.png, , [053cb656e4a767cf6aba5f9feb1708f8],
PUP.Optional.IStartSurf.ShrtCln, C:\Users\Jobran\AppData\Roaming\istartsurf\images\button.png, , [053cb656e4a767cf6aba5f9feb1708f8],
PUP.Optional.IStartSurf.ShrtCln, C:\Users\Jobran\AppData\Roaming\istartsurf\images\button1.png, , [053cb656e4a767cf6aba5f9feb1708f8],
PUP.Optional.IStartSurf.ShrtCln, C:\Users\Jobran\AppData\Roaming\istartsurf\images\checkbox.png, , [053cb656e4a767cf6aba5f9feb1708f8],
PUP.Optional.IStartSurf.ShrtCln, C:\Users\Jobran\AppData\Roaming\istartsurf\images\checkbox_select.png, , [053cb656e4a767cf6aba5f9feb1708f8],
PUP.Optional.IStartSurf.ShrtCln, C:\Users\Jobran\AppData\Roaming\istartsurf\images\checked.png, , [053cb656e4a767cf6aba5f9feb1708f8],
PUP.Optional.IStartSurf.ShrtCln, C:\Users\Jobran\AppData\Roaming\istartsurf\images\close.png, , [053cb656e4a767cf6aba5f9feb1708f8],
PUP.Optional.IStartSurf.ShrtCln, C:\Users\Jobran\AppData\Roaming\istartsurf\images\loading_bg.png, , [053cb656e4a767cf6aba5f9feb1708f8],
PUP.Optional.IStartSurf.ShrtCln, C:\Users\Jobran\AppData\Roaming\istartsurf\images\loading_light.png, , [053cb656e4a767cf6aba5f9feb1708f8],
PUP.Optional.IStartSurf.ShrtCln, C:\Users\Jobran\AppData\Roaming\istartsurf\images\min.png, , [053cb656e4a767cf6aba5f9feb1708f8],
PUP.Optional.IStartSurf.ShrtCln, C:\Users\Jobran\AppData\Roaming\istartsurf\images\scrollbar.bmp, , [053cb656e4a767cf6aba5f9feb1708f8],
PUP.Optional.IStartSurf.ShrtCln, C:\Users\Jobran\AppData\Roaming\istartsurf\images\Thumbs.db, , [053cb656e4a767cf6aba5f9feb1708f8],
PUP.Optional.IStartSurf.ShrtCln, C:\Users\Jobran\AppData\Roaming\istartsurf\images\unchecked.png, , [053cb656e4a767cf6aba5f9feb1708f8],
PUP.Optional.IStartSurf.ShrtCln, C:\Users\Jobran\AppData\Roaming\istartsurf\images\code\code1.jpg, , [053cb656e4a767cf6aba5f9feb1708f8],
PUP.Optional.IStartSurf.ShrtCln, C:\Users\Jobran\AppData\Roaming\istartsurf\images\code\code2.jpg, , [053cb656e4a767cf6aba5f9feb1708f8],
PUP.Optional.IStartSurf.ShrtCln, C:\Users\Jobran\AppData\Roaming\istartsurf\images\code\code3.jpg, , [053cb656e4a767cf6aba5f9feb1708f8],
PUP.Optional.IStartSurf.ShrtCln, C:\Users\Jobran\AppData\Roaming\istartsurf\images\code\code4.jpg, , [053cb656e4a767cf6aba5f9feb1708f8],
PUP.Optional.IStartSurf.ShrtCln, C:\Users\Jobran\AppData\Roaming\istartsurf\images\code\code5.jpg, , [053cb656e4a767cf6aba5f9feb1708f8],
PUP.Optional.IStartSurf.ShrtCln, C:\Users\Jobran\AppData\Roaming\istartsurf\images\code\code6.jpg, , [053cb656e4a767cf6aba5f9feb1708f8],
PUP.Optional.IStartSurf.ShrtCln, C:\Users\Jobran\AppData\Roaming\istartsurf\images\code\Thumbs.db, , [053cb656e4a767cf6aba5f9feb1708f8],
PUP.Optional.PCSpeedUp.A, C:\Users\Jobran\Documents\PCSpeedUp\App.log, , [f05113f93d4e191da20876a1ea19768a],
PUP.Optional.PCSpeedUp.A, C:\Users\Jobran\Documents\PCSpeedUp\ScanResults\FragmentedDisksCollection.log, , [f05113f93d4e191da20876a1ea19768a],
PUP.Optional.PCSpeedUp.A, C:\Users\Jobran\Documents\PCSpeedUp\ScanResults\JunkFilesCollection.log, , [f05113f93d4e191da20876a1ea19768a],
PUP.Optional.PCSpeedUp.C, C:\Users\Jobran\AppData\Local\Microsoft\Silverlight\OutOfBrowser\Speedchecker.PCSpeedUp\appicon_48.png, , [e55c7e8e8dfebc7ac3f0ea2e63a0ea16],
PUP.Optional.PCSpeedUp.C, C:\Users\Jobran\AppData\Local\Microsoft\Silverlight\OutOfBrowser\Speedchecker.PCSpeedUp\application.xap, , [e55c7e8e8dfebc7ac3f0ea2e63a0ea16],
PUP.Optional.PCSpeedUp.C, C:\Users\Jobran\AppData\Local\Microsoft\Silverlight\OutOfBrowser\Speedchecker.PCSpeedUp\Error.jpg, , [e55c7e8e8dfebc7ac3f0ea2e63a0ea16],
PUP.Optional.PCSpeedUp.C, C:\Users\Jobran\AppData\Local\Microsoft\Silverlight\OutOfBrowser\Speedchecker.PCSpeedUp\index.html, , [e55c7e8e8dfebc7ac3f0ea2e63a0ea16],
PUP.Optional.PCSpeedUp.C, C:\Users\Jobran\AppData\Local\Microsoft\Silverlight\OutOfBrowser\Speedchecker.PCSpeedUp\metadata, , [e55c7e8e8dfebc7ac3f0ea2e63a0ea16],
PUP.Optional.PCSpeedUp.C, C:\Users\Jobran\AppData\Local\Microsoft\Silverlight\OutOfBrowser\Speedchecker.PCSpeedUp\Speedchecker.PCSpeedUp.ico, , [e55c7e8e8dfebc7ac3f0ea2e63a0ea16],
PUP.Optional.PCSpeedUp.C, C:\Users\Jobran\AppData\Local\Microsoft\Silverlight\OutOfBrowser\Speedchecker.PCSpeedUp\SplashScreen.jpg, , [e55c7e8e8dfebc7ac3f0ea2e63a0ea16],
PUP.Optional.PCSpeedUp.C, C:\Users\Jobran\AppData\Local\Microsoft\Silverlight\OutOfBrowser\Speedchecker.PCSpeedUp\state, , [e55c7e8e8dfebc7ac3f0ea2e63a0ea16],

[asasina]

PUP.Optional.ExtTag.F, C:\ProgramData\ExtTag\BetaLatity.dll, , [be83719bb4d71323c7bdd64302010000],
PUP.Optional.ExtTag.F, C:\ProgramData\ExtTag\Biotom.dll, , [be83719bb4d71323c7bdd64302010000],
PUP.Optional.ExtTag.F, C:\ProgramData\ExtTag\conf.config, , [be83719bb4d71323c7bdd64302010000],
PUP.Optional.ExtTag.F, C:\ProgramData\ExtTag\Config.xml, , [be83719bb4d71323c7bdd64302010000],
PUP.Optional.ExtTag.F, C:\ProgramData\ExtTag\Dento-Stock.dll, , [be83719bb4d71323c7bdd64302010000],
PUP.Optional.ExtTag.F, C:\ProgramData\ExtTag\Donging.dll, , [be83719bb4d71323c7bdd64302010000],
PUP.Optional.ExtTag.F, C:\ProgramData\ExtTag\ExtTag.dll, , [be83719bb4d71323c7bdd64302010000],
PUP.Optional.ExtTag.F, C:\ProgramData\ExtTag\ExtTag.exe.config, , [be83719bb4d71323c7bdd64302010000],
PUP.Optional.ExtTag.F, C:\ProgramData\ExtTag\KanTop.exe, , [be83719bb4d71323c7bdd64302010000],
PUP.Optional.ExtTag.F, C:\ProgramData\ExtTag\KanTop.exe.config, , [be83719bb4d71323c7bdd64302010000],
PUP.Optional.ExtTag.F, C:\ProgramData\ExtTag\OzerFix.dll, , [be83719bb4d71323c7bdd64302010000],
PUP.Optional.ExtTag.F, C:\ProgramData\ExtTag\PrxCfg.xml, , [be83719bb4d71323c7bdd64302010000],
PUP.Optional.ExtTag.F, C:\ProgramData\ExtTag\S-Zimdax.exe, , [be83719bb4d71323c7bdd64302010000],
PUP.Optional.ExtTag.F, C:\ProgramData\ExtTag\S-Zimdax.exe.config, , [be83719bb4d71323c7bdd64302010000],
PUP.Optional.ExtTag.F, C:\ProgramData\ExtTag\Siltech.dll, , [be83719bb4d71323c7bdd64302010000],
PUP.Optional.ExtTag.F, C:\ProgramData\ExtTag\Stringlight.dll, , [be83719bb4d71323c7bdd64302010000],
PUP.Optional.ExtTag.F, C:\ProgramData\ExtTag\Trio-Bam.dll, , [be83719bb4d71323c7bdd64302010000],
PUP.Optional.ExtTag.F, C:\ProgramData\ExtTag\Truela.exe, , [be83719bb4d71323c7bdd64302010000],
PUP.Optional.ExtTag.F, C:\ProgramData\ExtTag\Truela.exe.config, , [be83719bb4d71323c7bdd64302010000],
PUP.Optional.ExtTag.F, C:\ProgramData\ExtTag\uninstall.exe, , [be83719bb4d71323c7bdd64302010000],
PUP.Optional.ExtTag.F, C:\ProgramData\ExtTag\Vivatouch.dll, , [be83719bb4d71323c7bdd64302010000],
PUP.Optional.ExtTag.F, C:\ProgramData\ExtTag\Warmjob.exe, , [be83719bb4d71323c7bdd64302010000],
PUP.Optional.ExtTag.F, C:\ProgramData\ExtTag\Warmjob.exe.config, , [be83719bb4d71323c7bdd64302010000],
PUP.Optional.ExtTag.F, C:\ProgramData\ExtTags\ff.HP, , [c57c5eae0388290ddbaa4acfbb48fe02],
PUP.Optional.ExtTag.F, C:\ProgramData\ExtTags\ff.NT, , [c57c5eae0388290ddbaa4acfbb48fe02],
PUP.Optional.ExtTag.F, C:\ProgramData\ExtTags\snp.sc, , [c57c5eae0388290ddbaa4acfbb48fe02],
PUP.Optional.ProtectWindowsManager.F, C:\ProgramData\yWinManProy\updateconf, , [50f1d13ba4e7bb7b6bc488927b8807f9],
PUP.Optional.Linkury.A, C:\ProgramData\Saophase\NamHold.dll, , [c180d13b3457e056e72d59c228db6898],
PUP.Optional.Linkury.A, C:\ProgramData\Saophase\AlphaWarm.dll, , [c180d13b3457e056e72d59c228db6898],
PUP.Optional.Linkury.A, C:\ProgramData\Saophase\Coflax.exe, , [c180d13b3457e056e72d59c228db6898],
PUP.Optional.Linkury.A, C:\ProgramData\Saophase\Coflax.exe.config, , [c180d13b3457e056e72d59c228db6898],
PUP.Optional.Linkury.A, C:\ProgramData\Saophase\conf.config, , [c180d13b3457e056e72d59c228db6898],
PUP.Optional.Linkury.A, C:\ProgramData\Saophase\Config.xml, , [c180d13b3457e056e72d59c228db6898],
PUP.Optional.Linkury.A, C:\ProgramData\Saophase\Home-Home.dll, , [c180d13b3457e056e72d59c228db6898],
PUP.Optional.Linkury.A, C:\ProgramData\Saophase\Hotsantone.exe, , [c180d13b3457e056e72d59c228db6898],
PUP.Optional.Linkury.A, C:\ProgramData\Saophase\Hotsantone.exe.config, , [c180d13b3457e056e72d59c228db6898],
PUP.Optional.Linkury.A, C:\ProgramData\Saophase\Lastrong.exe, , [c180d13b3457e056e72d59c228db6898],
PUP.Optional.Linkury.A, C:\ProgramData\Saophase\Lastrong.exe.config, , [c180d13b3457e056e72d59c228db6898],
PUP.Optional.Linkury.A, C:\ProgramData\Saophase\PrxCfg.xml, , [c180d13b3457e056e72d59c228db6898],
PUP.Optional.Linkury.A, C:\ProgramData\Saophase\QuoDamfind.dll, , [c180d13b3457e056e72d59c228db6898],
PUP.Optional.Linkury.A, C:\ProgramData\Saophase\S-dox.dll, , [c180d13b3457e056e72d59c228db6898],
PUP.Optional.Linkury.A, C:\ProgramData\Saophase\Saophase.dll, , [c180d13b3457e056e72d59c228db6898],
PUP.Optional.Linkury.A, C:\ProgramData\Saophase\Saophase.exe.config, , [c180d13b3457e056e72d59c228db6898],
PUP.Optional.Linkury.A, C:\ProgramData\Saophase\Sonbam.dll, , [c180d13b3457e056e72d59c228db6898],
PUP.Optional.Linkury.A, C:\ProgramData\Saophase\TrisStrong.exe, , [c180d13b3457e056e72d59c228db6898],
PUP.Optional.Linkury.A, C:\ProgramData\Saophase\TrisStrong.exe.config, , [c180d13b3457e056e72d59c228db6898],
PUP.Optional.Linkury.A, C:\ProgramData\Saophase\uninstall.exe, , [c180d13b3457e056e72d59c228db6898],
PUP.Optional.Linkury.A, C:\ProgramData\Saophase\Unotech.dll, , [c180d13b3457e056e72d59c228db6898],
PUP.Optional.Linkury.A, C:\ProgramData\Saophase\Voling.dll, , [c180d13b3457e056e72d59c228db6898],
PUP.Optional.Linkury.A, C:\ProgramData\Saophase\Zensanit.dll, , [c180d13b3457e056e72d59c228db6898],
PUP.Optional.Linkury.A, C:\ProgramData\Saophases\ff.HP, , [ee537e8edead47ef6aab25f643c05ca4],
PUP.Optional.Linkury.A, C:\ProgramData\Saophases\ff.NT, , [ee537e8edead47ef6aab25f643c05ca4],
PUP.Optional.Linkury.A, C:\ProgramData\Saophases\snp.sc, , [ee537e8edead47ef6aab25f643c05ca4],
PUP.Optional.AnyAngle.A, C:\Users\Jobran\AppData\Roaming\Opera Software\Opera Stable\Extensions\amdpddmbnmmfmhehpndlngmdmjohijml\1.0.1_0\manifest.json, , [5de4719bd6b51521a8772967858037c9],
PUP.Optional.AnyAngle.A, C:\Users\Jobran\AppData\Roaming\Opera Software\Opera Stable\Extensions\amdpddmbnmmfmhehpndlngmdmjohijml\1.0.1_0\background.js, , [5de4719bd6b51521a8772967858037c9],
PUP.Optional.AnyAngle.A, C:\Users\Jobran\AppData\Roaming\Opera Software\Opera Stable\Extensions\amdpddmbnmmfmhehpndlngmdmjohijml\1.0.1_0\content.js, , [5de4719bd6b51521a8772967858037c9],
PUP.Optional.AnyAngle.A, C:\Users\Jobran\AppData\Roaming\Opera Software\Opera Stable\Extensions\amdpddmbnmmfmhehpndlngmdmjohijml\1.0.1_0\icon.png, , [5de4719bd6b51521a8772967858037c9],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

[Márty84]

Disk hlasi spoustu chyb, i to muze delat potize, uvidime.


Vsechny nalezy MBAM nechte odstranit. Po odstraneni a restartu pc test zopakujte, at vime, jestli se to nevraci. Napiste vysledek testu a podle nej zvolim dalsi postup.

[asasina]

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 24. 8. 2015
Čas skenování: 10:14
Protokol:
Správce: Ano

Verze: 2.1.8.1057
Databáze malwaru: v2015.08.24.01
Databáze rootkitů: v2015.08.16.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: Jobran

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 656934
Uplynulý čas: 1 hod, 57 min, 40 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 2
PUP.Optional.Linkury, C:\Windows\Temp\tmp2D65.tmp, 4820, , [d6cbb557e2a9211587c611c2956c4fb1]
PUP.Optional.Linkury, C:\Windows\Temp\RarSFX0\uou.exe, 6008, , [b6eb927a8506989e1a33e7ec12ef41bf]

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 3
PUP.Optional.Linkury, C:\Windows\Temp\tmp2D65.tmp, , [d6cbb557e2a9211587c611c2956c4fb1],
PUP.Optional.Linkury, C:\Windows\Temp\RarSFX0\uou.exe, , [b6eb927a8506989e1a33e7ec12ef41bf],
PUP.Optional.Linkury, C:\Program Files\Common Files\bgeb2xav\62b63dxl3asjc.exe, , [1d84d23a52392c0a08451cb7c33e827e],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

[Márty84]

Hm, tohle tam predtim nebylo


Nalezy nechte odstranit. Po restartu jeste udelejte jeden test, tentokrat staci jen Sken hrozeb - bude rychlejsi. Napiste vysledek testu a podle nej se zaridime dale.

[asasina]

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 24. 8. 2015
Čas skenování: 12:36
Protokol:
Správce: Ano

Verze: 2.1.8.1057
Databáze malwaru: v2015.08.24.02
Databáze rootkitů: v2015.08.16.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: Jobran

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 432484
Uplynulý čas: 17 min, 49 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 2
PUP.Optional.Linkury.A, C:\ProgramData\Saophase\Saophase.exe, 2024, , [cdd549c3c6c514220b3bab708f7449b7]
PUP.Optional.Linkury.A, C:\ProgramData\Saophase\TanLam.exe, 3732, , [e7bb65a70d7e8da984a361ba45be5fa1]

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 4
PUP.Optional.Linkury.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\snp, , [7a28a369098267cf5aa440dca65d33cd],
PUP.Optional.Linkury.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\IELNKSRCH, , [6f33a26a5c2fec4a32ac971b3dc7e917],
PUP.Optional.Linkury.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SAOPHASE, , [cdd549c3c6c514220b3bab708f7449b7],
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-1793778196-2422288631-436692435-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{IELNKSRCH}, , [584a62aa0883a096589175aa56ad6799],

Hodnoty registru: 9
PUP.Optional.Linkury.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\ielnksrch|DisplayName, Search the web, , [6f33a26a5c2fec4a32ac971b3dc7e917]
PUP.Optional.Linkury.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\ielnksrch|URL, http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_BzVqASLW90uzABlXI-OqSsm-dE6bMHWhpYzDmQo74mY-N0Pm7-d0Gq3KeccYW3MBLpzUOzspqp1Pwy8L7Nlog6g7YWZ7or0KQ3jDvJePpFYO62hB4Fy5K57oI-CmDZ04qk1_QNh59gZ8wzREWmettllpXUKR5mhg,&q={searchTerms}, , [fda553b9b5d614225e813f73c4406997]
PUP.Optional.Linkury.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_BzVqASLW90uzABlXI-OqSsm-dE6bMHWhpYzDmQo74mY-N0Pm7-d0Gq3KeccYW3MBLpzUOzspqp1Pwy8L7Nlog6g7YWZ7or0KQ3jDvJePpFYO62hB4Fy5K57oI-CmDZ04qk1_QNh59gZ8wzREWmettllpXUKR5mhg,&q={searchTerms}, , [2e747f8d7d0ea492825e4270f31121df]
PUP.Optional.Linkury.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SAOPHASE|ImagePath, C:\ProgramData\Saophase\Saophase.exe, , [cdd549c3c6c514220b3bab708f7449b7]
PUP.Optional.Linkury.A, HKU\S-1-5-21-1793778196-2422288631-436692435-1001\ENVIRONMENT|SNF, C:\ProgramData\Saophases\snp.sc, , [059d46c68b004fe7df4c446f2cd86898]
PUP.Optional.Linkury.A, HKU\S-1-5-21-1793778196-2422288631-436692435-1001\ENVIRONMENT|SNP, http://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D?publisher=APSFRec&co=CZ&userid=6fccd5a0-bde6-5f4c-081d-f1e8e07831a0&searchtype=sc&installDate=24., , [475b818bf299dc5a9b91f1c2bf4519e7]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-1793778196-2422288631-436692435-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{ielnksrch}|DisplayName, Search the web, , [584a62aa0883a096589175aa56ad6799]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-1793778196-2422288631-436692435-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{ielnksrch}|URL, http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_BzVqASLW90uzABlXI-OqSsm-dE6bMHWhpYzDmQo74mY-N0Pm7-d0Gq3KeccYW3MBLpzUOzspqp1Pwy8L7Nlog6g7YWZ7or0KQ3jDvJePpFYO62hB4Fy5K57oI-CmDZ04qk1_QNh59gZ8wzREWmettllpXUKR5mhg,&q={searchTerms}, , [8b17a8643457c076bd1fb9f963a157a9]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-1793778196-2422288631-436692435-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_BzVqASLW90uzABlXI-OqSsm-dE6bMHWhpYzDmQo74mY-N0Pm7-d0Gq3KeccYW3MBLpzUOzspqp1Pwy8L7Nlog6g7YWZ7or0KQ3jDvJePpFYO62hB4Fy5K57oI-CmDZ04qk1_QNh59gZ8wzREWmettllpXUKR5mhg,&q={searchTerms}, , [fba7b557d5b689add30ae6ccef15bc44]

Data registru: 9
PUP.Optional.Linkury.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, C:\ProgramData\Saophase\Santone.dll, Dobré: (), Špatné: (C:\ProgramData\Saophase\Santone.dll),,[e7bb65a70d7e8da984a361ba45be5fa1]
PUP.Optional.Linkury.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, C:\ProgramData\Saophase\X--Dax.dll, Dobré: (), Špatné: (C:\ProgramData\Saophase\X--Dax.dll),,[e7bb65a70d7e8da984a361ba45be5fa1]
PUP.Optional.Linkury.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {ielnksrch}, Dobré: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Špatné: ({ielnksrch}),,[c3dfb755236872c45affc7939a6bbf41]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-1793778196-2422288631-436692435-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_BzVqASLW90uzABlXI-OqSsm-dE6bMHWhpYzDmQo74mY-N0Pm7-d0Gq3KeccYW3MBLpzUOzspqp1Pwy8L7Nlog6g7YWZ7or0KQ3jDvJePpFYO62hB4Fy5K57oI-CmDZ04qk1_QNh59gZ8wzREWmettllpXUKR5mhg,&q={searchTerms}, Dobré: (www.google.com), Špatné: (http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_BzVqASLW90uzABlXI-OqSsm-dE6bMHWhpYzDmQo74mY-N0Pm7-d0Gq3KeccYW3MBLpzUOzspqp1Pwy8L7Nlog6g7YWZ7or0KQ3jDvJePpFYO62hB4Fy5K57oI-CmDZ04qk1_QNh59gZ8wzREWmettllpXUKR5mhg,&q={searchTerms}),,[831ff21a3b50cc6aa6ade872ff069d63]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-1793778196-2422288631-436692435-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_BzVqASLW90uzABlXI-OqSsm-dE6bMHWhpYzDmQo74mY-N0Pm7-d0Gq3KeccYW3MBLpzUOzspqp1Pwy8453kGvPOQqCF4ZezfFxaIoRLAd-bPN2VYaGnJ8Jg8lfyT39DL_oOqOz-ZHgOzYcxg8Mj4memnjM__nNl8,, Dobré: (www.google.com), Špatné: (http://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_BzVqASLW90uzABlXI-OqSsm-dE6bMHWhpYzDmQo74mY-N0Pm7-d0Gq3KeccYW3MBLpzUOzspqp1Pwy8453kGvPOQqCF4ZezfFxaIoRLAd-bPN2VYaGnJ8Jg8lfyT39DL_oOqOz-ZHgOzYcxg8Mj4memnjM__nNl8,),,[762c06061b702016b3a10555e5207a86]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-1793778196-2422288631-436692435-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Bar, http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_BzVqASLW90uzABlXI-OqSsm-dE6bMHWhpYzDmQo74mY-N0Pm7-d0Gq3KeccYW3MBLpzUOzspqp1Pwy8L7Nlog6g7YWZ7or0KQ3jDvJePpFYO62hB4Fy5K57oI-CmDZ04qk1_QNh59gZ8wzREWmettllpXUKR5mhg,&q={searchTerms}, Dobré: (www.google.com), Špatné: (http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_BzVqASLW90uzABlXI-OqSsm-dE6bMHWhpYzDmQo74mY-N0Pm7-d0Gq3KeccYW3MBLpzUOzspqp1Pwy8L7Nlog6g7YWZ7or0KQ3jDvJePpFYO62hB4Fy5K57oI-CmDZ04qk1_QNh59gZ8wzREWmettllpXUKR5mhg,&q={searchTerms}),,[f1b169a32368979f0f44a2b8867f6898]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-1793778196-2422288631-436692435-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|SearchAssistant, http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_BzVqASLW90uzABlXI-OqSsm-dE6bMHWhpYzDmQo74mY-N0Pm7-d0Gq3KeccYW3MBLpzUOzspqp1Pwy8L7Nlog6g7YWZ7or0KQ3jDvJePpFYO62hB4Fy5K57oI-CmDZ04qk1_QNh59gZ8wzREWmettllpXUKR5mhg,&q={searchTerms}, Dobré: (www.google.com), Špatné: (http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_BzVqASLW90uzABlXI-OqSsm-dE6bMHWhpYzDmQo74mY-N0Pm7-d0Gq3KeccYW3MBLpzUOzspqp1Pwy8L7Nlog6g7YWZ7or0KQ3jDvJePpFYO62hB4Fy5K57oI-CmDZ04qk1_QNh59gZ8wzREWmettllpXUKR5mhg,&q={searchTerms}),,[475be824414ad2648cc7ea7034d1d12f]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-1793778196-2422288631-436692435-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Default_Search_URL, http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_BzVqASLW90uzABlXI-OqSsm-dE6bMHWhpYzDmQo74mY-N0Pm7-d0Gq3KeccYW3MBLpzUOzspqp1Pwy8L7Nlog6g7YWZ7or0KQ3jDvJePpFYO62hB4Fy5K57oI-CmDZ04qk1_QNh59gZ8wzREWmettllpXUKR5mhg,&q={searchTerms}, Dobré: (www.google.com), Špatné: (http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_BzVqASLW90uzABlXI-OqSsm-dE6bMHWhpYzDmQo74mY-N0Pm7-d0Gq3KeccYW3MBLpzUOzspqp1Pwy8L7Nlog6g7YWZ7or0KQ3jDvJePpFYO62hB4Fy5K57oI-CmDZ04qk1_QNh59gZ8wzREWmettllpXUKR5mhg,&q={searchTerms}),,[7929b4586c1fca6c1c39184218ed7090]
PUP.Optional.Linkury.ShrtCln, HKU\S-1-5-21-1793778196-2422288631-436692435-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {ielnksrch}, Dobré: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Špatné: ({ielnksrch}),,[b8ea26e6bad12610de781c3e32d31de3]

Složky: 3
PUP.Optional.Linkury.A, C:\ProgramData\Saophase, , [e7bb65a70d7e8da984a361ba45be5fa1],
PUP.Optional.Linkury.A, C:\ProgramData\Saophase\ondemand, , [e7bb65a70d7e8da984a361ba45be5fa1],
PUP.Optional.Linkury.A, C:\ProgramData\Saophases, , [4c56ce3e3d4eb38376b2ba61d92aa25e],

Soubory: 29
PUP.Optional.Linkury.Gen.A, C:\Windows\SysWOW64\findit.xml, , [bbe77b91ef9c3204e400fa22fe05d22e],
PUP.Optional.Linkury.A, C:\Windows\System32\Tasks\snp, , [f6acc4487318a88ec9319b8161a2e61a],
PUP.Optional.Linkury.A, C:\ProgramData\Saophase\Saophase.exe, , [cdd549c3c6c514220b3bab708f7449b7],
PUP.Optional.Linkury.A, C:\ProgramData\Saophase\conf.config, , [e7bb65a70d7e8da984a361ba45be5fa1],
PUP.Optional.Linkury.A, C:\ProgramData\Saophase\Config.xml, , [e7bb65a70d7e8da984a361ba45be5fa1],
PUP.Optional.Linkury.A, C:\ProgramData\Saophase\GeoRedin.dll, , [e7bb65a70d7e8da984a361ba45be5fa1],
PUP.Optional.Linkury.A, C:\ProgramData\Saophase\Joblam.exe, , [e7bb65a70d7e8da984a361ba45be5fa1],
PUP.Optional.Linkury.A, C:\ProgramData\Saophase\Joblam.exe.config, , [e7bb65a70d7e8da984a361ba45be5fa1],
PUP.Optional.Linkury.A, C:\ProgramData\Saophase\Jobsailphase.exe, , [e7bb65a70d7e8da984a361ba45be5fa1],
PUP.Optional.Linkury.A, C:\ProgramData\Saophase\Jobsailphase.exe.config, , [e7bb65a70d7e8da984a361ba45be5fa1],
PUP.Optional.Linkury.A, C:\ProgramData\Saophase\PrxCfg.xml, , [e7bb65a70d7e8da984a361ba45be5fa1],
PUP.Optional.Linkury.A, C:\ProgramData\Saophase\S-plus.dll, , [e7bb65a70d7e8da984a361ba45be5fa1],
PUP.Optional.Linkury.A, C:\ProgramData\Saophase\Santone.dll, , [e7bb65a70d7e8da984a361ba45be5fa1],
PUP.Optional.Linkury.A, C:\ProgramData\Saophase\Saophase.dll, , [e7bb65a70d7e8da984a361ba45be5fa1],
PUP.Optional.Linkury.A, C:\ProgramData\Saophase\Saophase.exe.config, , [e7bb65a70d7e8da984a361ba45be5fa1],
PUP.Optional.Linkury.A, C:\ProgramData\Saophase\SaoRemtrax.dll, , [e7bb65a70d7e8da984a361ba45be5fa1],
PUP.Optional.Linkury.A, C:\ProgramData\Saophase\SunIty.dll, , [e7bb65a70d7e8da984a361ba45be5fa1],
PUP.Optional.Linkury.A, C:\ProgramData\Saophase\Suntax.exe, , [e7bb65a70d7e8da984a361ba45be5fa1],
PUP.Optional.Linkury.A, C:\ProgramData\Saophase\Suntax.exe.config, , [e7bb65a70d7e8da984a361ba45be5fa1],
PUP.Optional.Linkury.A, C:\ProgramData\Saophase\TanLam.exe, , [e7bb65a70d7e8da984a361ba45be5fa1],
PUP.Optional.Linkury.A, C:\ProgramData\Saophase\TanLam.exe.config, , [e7bb65a70d7e8da984a361ba45be5fa1],
PUP.Optional.Linkury.A, C:\ProgramData\Saophase\uninstall.exe, , [e7bb65a70d7e8da984a361ba45be5fa1],
PUP.Optional.Linkury.A, C:\ProgramData\Saophase\Whitetonis.dll, , [e7bb65a70d7e8da984a361ba45be5fa1],
PUP.Optional.Linkury.A, C:\ProgramData\Saophase\X--Dax.dll, , [e7bb65a70d7e8da984a361ba45be5fa1],
PUP.Optional.Linkury.A, C:\ProgramData\Saophase\ZonKayfax.dll, , [e7bb65a70d7e8da984a361ba45be5fa1],
PUP.Optional.Linkury.A, C:\ProgramData\Saophase\Zoting.dll, , [e7bb65a70d7e8da984a361ba45be5fa1],
PUP.Optional.Linkury.A, C:\ProgramData\Saophases\ff.HP, , [4c56ce3e3d4eb38376b2ba61d92aa25e],
PUP.Optional.Linkury.A, C:\ProgramData\Saophases\ff.NT, , [4c56ce3e3d4eb38376b2ba61d92aa25e],
PUP.Optional.Linkury.A, C:\ProgramData\Saophases\snp.sc, , [4c56ce3e3d4eb38376b2ba61d92aa25e],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

[asasina]

Provedl jsem odstraneni a jeste jednou sken hrozeb a zde je log

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 24. 8. 2015
Čas skenování: 13:04
Protokol:
Správce: Ano

Verze: 2.1.8.1057
Databáze malwaru: v2015.08.24.02
Databáze rootkitů: v2015.08.16.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: Jobran

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 432580
Uplynulý čas: 17 min, 35 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 0
(Nenalezeny žádné škodlivé položky)

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

[Márty84]

Dejte novy log z RSIT

a k tomu

Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach

[asasina]

Logfile of random's system information tool 1.10 (written by random/random)
Run by Jobran at 2015-08-24 14:49:08
Microsoft Windows 8.1
System drive C: has 819 GB (86%) free of 953 GB
Total RAM: 3977 MB (51% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:49:10, on 24. 8. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Users\Jobran\AppData\Local\Temp\TeamViewer\Version8\TeamViewer.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\trend micro\Jobran.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [HP Deskjet 6520 series (NET)] "C:\Program Files\HP\HP Deskjet 6520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN31Q252GC05VO:NW" -scfn "HP Deskjet 6520 series (NET)" -AutoStart 1
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe"
O4 - Startup: Sledovat výstrahy inkoustu - HP Deskjet 6520 series (Síť).lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.dell.com
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Viva Zeneco (wntrauwxatiowneoadup) - Unknown owner - C:\Users\Jobran\AppData\Local\Konkstrip.exe

--
End of file - 9861 bytes

======Listing Processes======





wininit.exe


C:\WINDOWS\system32\lsass.exe
winlogon.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\atiesrxx.exe
"dwm.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
atieclxx
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SENDINPUT
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe"
"C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
dashost.exe {582df92d-a0eb-41b8-8b1b5212c7ba88a5}
"C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Users\Jobran\AppData\Local\Konkstrip.exe comwedatey wntrauwxatiowneoadup
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
taskhostex.exe
C:\WINDOWS\Explorer.EXE
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
C:\Windows\System32\skydrive.exe -Embedding
"C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe"
"C:\Program Files\Dell\QuickSet\quickset.exe"
"C:\WINDOWS\system32\igfxsrvc.exe" -Embedding
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX4P1
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /IM
"C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ActivateDesktop.exe"
"C:\Program Files\HP\HP Deskjet 6520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN31Q252GC05VO:NW" -scfn "HP Deskjet 6520 series (NET)" -AutoStart 1
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\WINDOWS\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}

"C:\WINDOWS\system32\GWX\GWX.exe"
"C:\Users\Jobran\AppData\Local\Temp\TeamViewer\Version8\TeamViewer.exe" --dre
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe" Restart Start EEU 52 -1
"C:\Users\Jobran\AppData\Local\Temp\TeamViewer\Version8\tv_w32.exe" --action hooks --log C:\Users\Jobran\AppData\Roaming\TeamViewer\TeamViewer8_Logfile.log
"C:\Users\Jobran\AppData\Local\Temp\TeamViewer\Version8\tv_x64.exe" --action hooks --log C:\Users\Jobran\AppData\Roaming\TeamViewer\TeamViewer8_Logfile.log
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"c:\users\jobran\appdata\local\temp\teamviewer\version8\TeamViewer_Desktop.exe" --IPCport 6039
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files\Internet Explorer\iexplore.exe" %SNP%
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:5932 CREDAT:267521 /prefetch:2
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Users\Jobran\AppData\Local\Microsoft\Windows\INetCache\IE\7D5E1OK5\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\WINDOWS\tasks\DragonWire.job - c:\programdata\{792e2b74-ca2a-2e07-792e-e2b74ca2add3}\1668959511713299299b.exe --startup=1 --single
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-07-16 551520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-16 212576]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-07-16 460384]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-16 172640]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"QuickSet"=C:\Program Files\Dell\QuickSet\QuickSet.exe [2013-03-05 5762408]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2013-08-30 36352]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2013-09-23 391152]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2013-09-22 771056]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2013-09-22 769520]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2013-08-19 7202520]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2013-08-07 1321688]
"RtHDVBg_PushButton"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2013-08-07 1321688]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [2013-09-04 132736]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"HP Deskjet 6520 series (NET)"=C:\Program Files\HP\HP Deskjet 6520 series\Bin\ScanToPCActivationApp.exe [2012-10-17 2573416]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-06-01 8358680]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-08-07 53735968]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2011-10-28 49208]
""= []
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2013-08-19 766208]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-06-08 334896]
"LogMeIn Hamachi Ui"=C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2015-08-03 5579624]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [2013-09-04 132736]

C:\Users\Jobran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Sledovat výstrahy inkoustu - HP Deskjet 6520 series (Síť).lnk - C:\Windows\system32\RunDll32.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2013-09-16 623104]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableCAD"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave4"=wdmaud.drv
"mixer4"=wdmaud.drv
"midi4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-08-24 13:30:01 ----D---- C:\Program Files\Defraggler
2015-08-24 12:13:56 ----A---- C:\Program Files\Common Files\w3io3424.exe
2015-08-24 10:17:42 ----D---- C:\Program Files\Common Files\bgeb2xav
2015-08-23 21:38:34 ----D---- C:\Program Files (x86)\CrystalDiskInfo
2015-08-23 20:08:20 ----HD---- C:\$WINDOWS.~BT
2015-08-22 20:40:39 ----D---- C:\Users\Jobran\AppData\Roaming\Mozilla
2015-08-22 20:40:14 ----A---- C:\Program Files\Common Files\vbm2dojj.exe
2015-08-22 20:22:53 ----D---- C:\Program Files\Common Files\0dmrfbna
2015-08-19 09:41:22 ----A---- C:\WINDOWS\system32\mshtml.dll
2015-08-19 09:41:21 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2015-08-18 22:30:20 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2015-08-18 22:25:32 ----A---- C:\WINDOWS\prleth.sys
2015-08-18 22:25:32 ----A---- C:\WINDOWS\hgfs.sys
2015-08-18 22:18:21 ----D---- C:\Users\Jobran\AppData\Roaming\Opera Software
2015-08-18 22:17:56 ----D---- C:\Program Files\igfx32
2015-08-18 22:15:46 ----D---- C:\Program Files (x86)\globalUpdate
2015-08-18 22:14:27 ----D---- C:\Program Files (x86)\Opera
2015-08-16 09:21:10 ----A---- C:\WINDOWS\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-16 09:21:10 ----A---- C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-16 09:00:49 ----RD---- C:\Program Files (x86)\Skype
2015-08-16 08:55:44 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2015-08-15 20:51:53 ----A---- C:\WINDOWS\SYSWOW64\WebClnt.dll
2015-08-15 20:51:53 ----A---- C:\WINDOWS\SYSWOW64\davclnt.dll
2015-08-15 20:51:53 ----A---- C:\WINDOWS\system32\WebClnt.dll
2015-08-15 20:51:53 ----A---- C:\WINDOWS\system32\davclnt.dll
2015-08-15 20:51:50 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2015-08-15 20:51:49 ----A---- C:\WINDOWS\system32\ntdll.dll
2015-08-15 20:51:48 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2015-08-15 20:51:48 ----A---- C:\WINDOWS\system32\sysmain.dll
2015-08-15 20:51:48 ----A---- C:\WINDOWS\system32\drivers\mountmgr.sys
2015-08-15 20:51:18 ----A---- C:\WINDOWS\system32\wuaueng.dll
2015-08-15 20:51:17 ----A---- C:\WINDOWS\system32\WUSettingsProvider.dll
2015-08-15 20:51:17 ----A---- C:\WINDOWS\system32\wucltux.dll
2015-08-15 20:51:17 ----A---- C:\WINDOWS\system32\wuauclt.exe
2015-08-15 20:51:17 ----A---- C:\WINDOWS\system32\wuapi.dll
2015-08-15 20:51:16 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2015-08-15 20:51:16 ----A---- C:\WINDOWS\system32\wuwebv.dll
2015-08-15 20:51:16 ----A---- C:\WINDOWS\system32\wudriver.dll
2015-08-15 20:51:15 ----A---- C:\WINDOWS\SYSWOW64\wuwebv.dll
2015-08-15 20:51:15 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2015-08-15 20:51:15 ----A---- C:\WINDOWS\SYSWOW64\wuapp.exe
2015-08-15 20:51:15 ----A---- C:\WINDOWS\system32\wuapp.exe
2015-08-15 20:49:58 ----A---- C:\WINDOWS\system32\ieframe.dll
2015-08-15 20:49:57 ----A---- C:\WINDOWS\system32\jscript9.dll
2015-08-15 20:49:56 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2015-08-15 20:49:55 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2015-08-15 20:49:54 ----A---- C:\WINDOWS\system32\wininet.dll
2015-08-15 20:49:54 ----A---- C:\WINDOWS\system32\ieui.dll
2015-08-15 20:49:53 ----A---- C:\WINDOWS\SYSWOW64\ieui.dll
2015-08-15 20:49:52 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2015-08-15 20:49:51 ----A---- C:\WINDOWS\system32\actxprxy.dll
2015-08-15 20:49:50 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2015-08-15 20:49:50 ----A---- C:\WINDOWS\system32\urlmon.dll
2015-08-15 20:49:49 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2015-08-15 20:49:49 ----A---- C:\WINDOWS\system32\msfeeds.dll
2015-08-15 20:49:49 ----A---- C:\WINDOWS\system32\iertutil.dll
2015-08-15 20:49:47 ----A---- C:\WINDOWS\SYSWOW64\actxprxy.dll
2015-08-15 20:49:47 ----A---- C:\WINDOWS\system32\webcheck.dll
2015-08-15 20:49:46 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2015-08-15 20:49:45 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2015-08-15 20:49:45 ----A---- C:\WINDOWS\system32\vbscript.dll
2015-08-15 20:49:45 ----A---- C:\WINDOWS\system32\jscript.dll
2015-08-15 20:49:45 ----A---- C:\WINDOWS\system32\inetcomm.dll
2015-08-15 20:49:45 ----A---- C:\WINDOWS\system32\iepeers.dll
2015-08-15 20:49:44 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2015-08-15 20:49:44 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2015-08-15 20:49:44 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2015-08-15 20:49:44 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2015-08-15 20:47:39 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-08-15 20:47:37 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2015-08-15 20:47:26 ----A---- C:\WINDOWS\system32\drivers\WdFilter.sys
2015-08-15 20:47:23 ----A---- C:\WINDOWS\system32\drivers\WdBoot.sys
2015-08-15 20:47:22 ----A---- C:\WINDOWS\system32\drivers\WdNisDrv.sys
2015-08-15 20:45:15 ----A---- C:\WINDOWS\system32\appraiser.dll
2015-08-15 20:45:14 ----A---- C:\WINDOWS\system32\invagent.dll
2015-08-15 20:45:14 ----A---- C:\WINDOWS\system32\generaltel.dll
2015-08-15 20:45:14 ----A---- C:\WINDOWS\system32\devinv.dll
2015-08-15 20:45:13 ----A---- C:\WINDOWS\system32\aeinv.dll
2015-08-15 20:45:10 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2015-08-15 20:45:00 ----A---- C:\WINDOWS\system32\acmigration.dll
2015-08-15 20:38:01 ----A---- C:\WINDOWS\system32\csrsrv.dll
2015-08-15 20:38:01 ----A---- C:\WINDOWS\system32\basesrv.dll
2015-08-15 20:37:46 ----A---- C:\WINDOWS\SYSWOW64\notepad.exe
2015-08-15 20:37:46 ----A---- C:\WINDOWS\SYSWOW64\netcfgx.dll
2015-08-15 20:37:46 ----A---- C:\WINDOWS\system32\notepad.exe
2015-08-15 20:37:46 ----A---- C:\WINDOWS\system32\netcfgx.dll
2015-08-15 20:37:46 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2015-08-15 20:37:46 ----A---- C:\WINDOWS\notepad.exe
2015-08-15 20:37:19 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2015-08-15 20:37:19 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2015-08-15 20:37:08 ----A---- C:\WINDOWS\system32\msxml6.dll
2015-08-15 20:37:08 ----A---- C:\WINDOWS\system32\msxml3.dll
2015-08-15 20:37:07 ----A---- C:\WINDOWS\SYSWOW64\msxml6.dll
2015-08-15 20:37:07 ----A---- C:\WINDOWS\SYSWOW64\msxml3.dll
2015-08-15 20:37:07 ----A---- C:\WINDOWS\system32\mstscax.dll
2015-08-15 20:37:06 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2015-08-15 20:37:05 ----A---- C:\WINDOWS\SYSWOW64\rdvidcrl.dll
2015-08-15 20:37:05 ----A---- C:\WINDOWS\system32\rdvidcrl.dll
2015-08-15 20:37:04 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll
2015-08-15 20:37:04 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2015-08-15 20:37:04 ----A---- C:\WINDOWS\system32\win32k.sys
2015-08-15 20:37:04 ----A---- C:\WINDOWS\system32\FntCache.dll
2015-08-15 20:37:04 ----A---- C:\WINDOWS\system32\DWrite.dll
2015-08-15 20:37:04 ----A---- C:\WINDOWS\system32\atmlib.dll
2015-08-15 20:37:04 ----A---- C:\WINDOWS\system32\atmfd.dll
2015-08-15 20:37:03 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2015-07-26 19:25:23 ----D---- C:\Program Files (x86)\CutterInit
2015-07-25 11:59:02 ----D---- C:\Program Files (x86)\Sticky Contest

======List of files/folders modified in the last 1 month======

2015-08-24 14:49:10 ----D---- C:\WINDOWS\Prefetch
2015-08-24 14:49:09 ----D---- C:\Program Files\trend micro
2015-08-24 14:40:49 ----D---- C:\Users\Jobran\AppData\Roaming\Skype
2015-08-24 14:00:00 ----D---- C:\WINDOWS\system32\sru
2015-08-24 13:32:25 ----D---- C:\WINDOWS\Temp
2015-08-24 13:30:01 ----RD---- C:\Program Files
2015-08-24 13:29:06 ----SHD---- C:\WINDOWS\Installer
2015-08-24 13:29:05 ----SHD---- C:\Config.Msi
2015-08-24 13:25:02 ----RD---- C:\Program Files (x86)
2015-08-24 13:24:38 ----D---- C:\Program Files (x86)\Google
2015-08-24 13:24:17 ----D---- C:\WINDOWS\Tasks
2015-08-24 13:24:17 ----D---- C:\WINDOWS\system32\Tasks
2015-08-24 13:00:53 ----HD---- C:\ProgramData
2015-08-24 12:59:40 ----D---- C:\WINDOWS\SysWOW64
2015-08-24 12:31:53 ----D---- C:\WINDOWS\system32\drivers
2015-08-24 12:30:55 ----D---- C:\WINDOWS\AUInstallAgent
2015-08-24 12:13:56 ----D---- C:\Program Files\Common Files
2015-08-24 10:36:31 ----SHD---- C:\System Volume Information
2015-08-24 10:06:58 ----D---- C:\WINDOWS\Globalization
2015-08-24 10:05:35 ----A---- C:\WINDOWS\win.ini
2015-08-24 10:05:21 ----D---- C:\Windows
2015-08-23 21:37:11 ----D---- C:\Users\Jobran\AppData\Roaming\TeamViewer
2015-08-23 20:05:00 ----D---- C:\WINDOWS\Logs
2015-08-23 14:59:20 ----D---- C:\WINDOWS\rescache
2015-08-23 14:57:57 ----D---- C:\WINDOWS\Microsoft.NET
2015-08-23 14:55:45 ----RSD---- C:\WINDOWS\assembly
2015-08-22 19:37:27 ----D---- C:\WINDOWS\AppReadiness
2015-08-22 19:37:12 ----D---- C:\WINDOWS\system32\config
2015-08-22 19:22:23 ----D---- C:\WINDOWS\WinSxS
2015-08-19 10:55:46 ----RD---- C:\WINDOWS\System32
2015-08-19 10:54:35 ----D---- C:\Users\Jobran\AppData\Roaming\.minecraft
2015-08-19 08:48:00 ----D---- C:\WINDOWS\CbsTemp
2015-08-19 08:30:58 ----D---- C:\WINDOWS\system32\GroupPolicy
2015-08-18 22:20:22 ----SD---- C:\Users\Jobran\AppData\Roaming\Microsoft
2015-08-18 19:26:35 ----D---- C:\WINDOWS\Inf
2015-08-17 09:35:44 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-08-16 09:07:38 ----HD---- C:\Program Files\WindowsApps
2015-08-16 09:01:09 ----D---- C:\ProgramData\Skype
2015-08-16 09:00:51 ----D---- C:\Program Files (x86)\Common Files
2015-08-16 08:52:17 ----D---- C:\Program Files\Microsoft Silverlight
2015-08-16 08:52:15 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2015-08-15 23:11:07 ----D---- C:\Program Files (x86)\Internet Explorer
2015-08-15 23:11:06 ----D---- C:\Program Files\Internet Explorer
2015-08-15 23:11:05 ----D---- C:\WINDOWS\system32\drivers\cs-CZ
2015-08-15 23:11:04 ----D---- C:\Program Files\Windows Defender
2015-08-15 23:11:04 ----D---- C:\Program Files (x86)\Windows Defender
2015-08-15 23:11:03 ----SD---- C:\WINDOWS\system32\CompatTel
2015-08-15 23:11:03 ----D---- C:\WINDOWS\system32\appraiser
2015-08-15 23:11:03 ----D---- C:\WINDOWS\apppatch
2015-08-15 23:10:59 ----D---- C:\WINDOWS\system32\DriverStore
2015-08-15 23:10:39 ----D---- C:\ProgramData\Microsoft Help
2015-08-15 23:09:07 ----D---- C:\WINDOWS\system32\MRT
2015-08-15 23:06:50 ----A---- C:\WINDOWS\system32\MRT.exe
2015-08-15 20:40:44 ----D---- C:\WINDOWS\system32\catroot2
2015-08-09 13:40:37 ----SD---- C:\WINDOWS\system32\GWX
2015-07-28 12:45:16 ----D---- C:\Program Files (x86)\Whopping Ring
2015-07-26 19:25:53 ----D---- C:\ProgramData\a91e4cf800005778

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amdkmpfd;@oem23.inf,%AMDKMPFD_svcdesc%;AMD PCI Root Bus Lower Filter; C:\WINDOWS\System32\drivers\amdkmpfd.sys [2013-12-13 36096]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2013-08-30 644968]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2013-08-20 12521472]
R3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2013-08-20 617472]
R3 AthBTPort;@oem34.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\WINDOWS\system32\DRIVERS\btath_flt.sys [2013-09-04 89800]
R3 athr;@oem30.inf,%ATHR.Service.DispName%;Dell Extensible Wireless LAN device driver; C:\WINDOWS\system32\DRIVERS\athwbx.sys [2013-08-15 3859968]
R3 BTATH_A2DP;@oem33.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\WINDOWS\system32\drivers\btath_a2dp.sys [2013-09-04 338120]
R3 btath_avdt;@oem33.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\WINDOWS\system32\drivers\btath_avdt.sys [2013-09-04 116424]
R3 BTATH_BUS;@oem31.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\WINDOWS\System32\drivers\btath_bus.sys [2013-09-04 34384]
R3 BTATH_HCRP;@oem36.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\WINDOWS\System32\drivers\btath_hcrp.sys [2013-09-04 179432]
R3 BTATH_LWFLT;@oem38.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [2013-09-04 77464]
R3 BTATH_RCP;@oem40.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\WINDOWS\System32\drivers\btath_rcp.sys [2013-09-04 137928]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2013-09-04 594120]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2014-10-29 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\BthLEEnum.sys [2013-12-04 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2014-07-24 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 hamachi;LogMeIn Hamachi Virtual Miniport); C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [2015-07-14 45680]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2013-09-16 4177920]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2013-08-21 3591000]
R3 iwdbus;@oem41.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2013-08-23 26008]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys [2015-06-18 25816]
R3 MEIx64;@oem7.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [2013-12-11 100312]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 RSUSBVSTOR;@oem14.inf,%RSUSBVSTOR.SvcDesc%;RtsUVStor.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RtsUVStor.sys [2013-11-01 330456]
R3 RTL8168;@oem29.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-06-21 816344]
R3 SmbDrvI;SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [2013-08-23 34544]
R3 StillCam;@sti.inf,%StillCam.SvcDesc%;Ovladač digitálního fotoaparátu pro sériový port; C:\WINDOWS\System32\drivers\serscan.sys [2014-10-29 11776]
R3 SynTP;@oem28.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2013-08-23 529648]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2014-06-21 212736]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S1 koxprmbx;koxprmbx; \??\C:\WINDOWS\system32\drivers\koxprmbx.sys []
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2015-05-11 1201664]
S3 DellRbtn;@oem5.inf,%DellRbtn%;Airplane Mode Switch; C:\WINDOWS\System32\drivers\DellRbtn.sys [2013-01-24 10752]
S3 dg_ssudbus;@oem1.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 intaud_WaveExtensible;@oem21.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2013-12-27 38296]
S3 IntcDAud;@oem16.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2013-09-18 452088]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\WINDOWS\system32\drivers\mwac.sys [2015-06-18 64216]
S3 ssudmdm;@oem4.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 usb_rndisx;@netrndis.inf,%usb_rndis.Service.DispName%;Adaptér USB RNDIS; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2013-08-22 20992]
S3 usbrndis6;@netrndis.inf,%usbrndis6.Service.DispName%;Adaptér USB RNDIS6; C:\WINDOWS\system32\DRIVERS\usb80236.sys [2013-08-22 20992]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-08-22 44544]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-17 98208]
R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2013-08-20 239616]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [2013-09-04 312448]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2015-08-03 2545512]
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2015-03-12 9216]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-08-30 15720]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-12-10 169432]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [2015-07-14 417552]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-12-10 390616]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2013-06-18 246488]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-24 144200]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-06-18 1133880]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2013-09-23 279024]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-24 144200]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-06-04 837312]

-----------------EOF-----------------

[asasina]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:23-08-2015
Ran by Jobran (administrator) on SARAPC (24-08-2015 14:52:04)
Running from C:\Users\Jobran\Desktop
Loaded Profiles: Jobran (Available Profiles: Jobran)
Platform: Windows 8.1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
() C:\Users\Jobran\AppData\Local\Konkstrip.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ActivateDesktop.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 6520 series\Bin\ScanToPCActivationApp.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(TeamViewer GmbH) C:\Users\Jobran\AppData\Local\Temp\TeamViewer\Version8\TeamViewer.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(TeamViewer GmbH) C:\Users\Jobran\AppData\Local\Temp\TeamViewer\Version8\tv_w32.exe
(TeamViewer GmbH) C:\Users\Jobran\AppData\Local\Temp\TeamViewer\Version8\tv_x64.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(TeamViewer GmbH) C:\Users\Jobran\AppData\Local\Temp\TeamViewer\Version8\TeamViewer_Desktop.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(forum.viry.cz) C:\Users\Jobran\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [5762408 2013-03-05] (Dell Inc.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-30] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7202520 2013-08-19] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-07] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-07] (Realtek Semiconductor)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5579624 2015-08-03] (LogMeIn Inc.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [132736 2013-09-04] (Qualcomm®Atheros®)
HKU\S-1-5-21-1793778196-2422288631-436692435-1001\...\Run: [HP Deskjet 6520 series (NET)] => C:\Program Files\HP\HP Deskjet 6520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-1793778196-2422288631-436692435-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8358680 2015-06-01] (Piriform Ltd)
HKU\S-1-5-21-1793778196-2422288631-436692435-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53735968 2015-08-07] (Skype Technologies S.A.)
Startup: C:\Users\Jobran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sledovat výstrahy inkoustu - HP Deskjet 6520 series (Síť).lnk [2014-03-21]
ShortcutTarget: Sledovat výstrahy inkoustu - HP Deskjet 6520 series (Síť).lnk -> C:\Program Files\HP\HP Deskjet 6520 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1793778196-2422288631-436692435-1001 -> {DC2D76FB-00EA-42D7-B299-861B0D034154} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_14875
SearchScopes: HKU\S-1-5-21-1793778196-2422288631-436692435-1001 -> {E65BE81D-7014-49A3-8CA3-F1A019F31B10} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-07-16] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-16] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-07-16] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-16] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-1793778196-2422288631-436692435-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{1F8EBB44-3947-430A-979F-78D028A0AD3B}: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{5AFAAB81-91A1-4654-B80F-5A14F3460CD8}: [DhcpNameServer] 8.8.8.8 8.8.4.4
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-16] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-16] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32.dll [2015-05-20] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1213153.dll [2014-06-24] (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-16] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-16] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.5\npGoogleUpdate3.dll [2015-08-24] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.5\npGoogleUpdate3.dll [2015-08-24] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\Jobran\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Jobran\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-16]
CHR Extension: (Google Docs) - C:\Users\Jobran\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-16]
CHR Extension: (Google Drive) - C:\Users\Jobran\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-16]
CHR Extension: (YouTube) - C:\Users\Jobran\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-07-16]
CHR Extension: (Google Search) - C:\Users\Jobran\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-16]
CHR Extension: (Google Sheets) - C:\Users\Jobran\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-16]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jobran\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-24]
CHR Extension: (Gmail) - C:\Users\Jobran\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-16]
CHR HKLM-x32\...\Chrome\Extension: [dnligehkhogpcngalffdoomehjcbecna] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gehmndecgbcffhmfjkenpamdgechcgpe] - https://clients2.google.com/service/update2/crx

Opera:
=======
StartMenuInternet: (HKLM) OperaStable - Opera.exe

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [312448 2013-09-04] (Windows (R) Win 7 DDK provider) [File not signed]
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2015-03-12] (Hi-Rez Studios) [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-30] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-07-14] (LogMeIn, Inc.)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-06-18] (Realtek Semiconductor)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 wntrauwxatiowneoadup; C:\Users\Jobran\AppData\Local\Konkstrip.exe [53760 2015-08-18] () [File not signed]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36096 2013-12-13] (Advanced Micro Devices, Inc.)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3859968 2013-08-15] (Qualcomm Atheros Communications, Inc.)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-04] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-24] (OSR Open Systems Resources, Inc.) [File not signed]
R3 hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-07-14] (LogMeIn Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-11] (Intel Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-23] (Synaptics Incorporated)
S3 usbrndis6; C:\Windows\system32\DRIVERS\usb80236.sys [20992 2013-08-22] (Microsoft Corporation)
S1 koxprmbx; \??\C:\WINDOWS\system32\drivers\koxprmbx.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-24 14:52 - 2015-08-24 14:52 - 00017612 _____ C:\Users\Jobran\Desktop\FRST.txt
2015-08-24 14:51 - 2015-08-24 14:51 - 00112640 _____ (forum.viry.cz) C:\Users\Jobran\Desktop\FRSTLauncher.exe
2015-08-24 14:50 - 2015-08-24 14:50 - 02173952 _____ (Farbar) C:\Users\Jobran\Desktop\FRST64.exe
2015-08-24 13:30 - 2015-08-24 13:30 - 00001736 _____ C:\Users\Public\Desktop\Defraggler.lnk
2015-08-24 13:30 - 2015-08-24 13:30 - 00000000 ____D C:\Program Files\Defraggler
2015-08-24 13:29 - 2015-08-24 13:29 - 04532776 _____ (Piriform Ltd) C:\Users\Jobran\Downloads\dfsetup219.exe
2015-08-24 13:24 - 2015-08-24 14:29 - 00000966 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-24 13:24 - 2015-08-24 13:29 - 00000962 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-24 13:24 - 2015-08-24 13:24 - 00003938 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-08-24 13:24 - 2015-08-24 13:24 - 00003702 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-08-24 13:24 - 2015-08-24 13:24 - 00002275 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-08-24 13:24 - 2015-08-24 13:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-08-24 13:02 - 2015-08-24 13:02 - 00000000 ___RD C:\Users\Jobran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2015-08-24 12:36 - 2015-08-24 12:36 - 04436968 _____ (TeamViewer) C:\Users\Jobran\Desktop\a.exe
2015-08-24 12:13 - 2015-08-24 12:13 - 03720539 _____ (Bycatch) C:\Program Files\Common Files\w3io3424.exe
2015-08-24 10:17 - 2015-08-24 12:30 - 00000000 ____D C:\Program Files\Common Files\bgeb2xav
2015-08-24 10:17 - 2015-08-24 10:17 - 00003156 _____ C:\WINDOWS\System32\Tasks\1yhymgkb
2015-08-24 10:05 - 2015-08-24 10:05 - 00104533 _____ C:\Users\Jobran\Desktop\1.txt
2015-08-23 21:38 - 2015-08-23 21:38 - 00001198 _____ C:\Users\Jobran\Desktop\CrystalDiskInfo.lnk
2015-08-23 21:38 - 2015-08-23 21:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2015-08-23 21:38 - 2015-08-23 21:38 - 00000000 ____D C:\Program Files (x86)\CrystalDiskInfo
2015-08-23 20:08 - 2015-08-23 20:08 - 00000000 ___HD C:\$WINDOWS.~BT
2015-08-23 14:57 - 2015-08-23 14:57 - 00003234 _____ C:\WINDOWS\System32\Tasks\comwedatey
2015-08-23 14:02 - 2015-08-23 14:02 - 00002721 _____ C:\Users\Jobran\Desktop\Linkury Updater .lnk
2015-08-22 20:40 - 2015-08-22 20:40 - 03702878 _____ (E-Tech) C:\Program Files\Common Files\vbm2dojj.exe
2015-08-22 20:40 - 2015-08-22 20:40 - 00000000 ____D C:\Users\Jobran\AppData\Roaming\Mozilla
2015-08-22 20:22 - 2015-08-24 10:05 - 00000000 ____D C:\Program Files\Common Files\0dmrfbna
2015-08-22 20:22 - 2015-08-22 20:22 - 00003156 _____ C:\WINDOWS\System32\Tasks\glxzbqcy
2015-08-22 19:22 - 2015-08-22 19:22 - 00000270 __RSH C:\ProgramData\ntuser.pol
2015-08-19 09:41 - 2015-08-11 03:20 - 25191936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-08-19 09:41 - 2015-08-11 02:20 - 19871232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-08-19 08:31 - 2015-08-23 21:18 - 00000004 _____ C:\WINDOWS\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-08-19 08:27 - 2015-08-24 13:00 - 00107370 _____ C:\WINDOWS\PFRO.log
2015-08-18 22:30 - 2015-08-18 22:31 - 00000938 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2015-08-18 22:30 - 2015-08-18 22:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-08-18 22:30 - 2015-08-18 22:31 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2015-08-18 22:26 - 2015-08-18 22:26 - 00000000 ____D C:\Users\Jobran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Liveistream
2015-08-18 22:25 - 2015-08-18 22:25 - 08712192 _____ C:\Users\Jobran\Downloads\hamachi (1).msi
2015-08-18 22:25 - 2015-08-18 22:25 - 00000000 _____ C:\WINDOWS\prleth.sys
2015-08-18 22:25 - 2015-08-18 22:25 - 00000000 _____ C:\WINDOWS\hgfs.sys
2015-08-18 22:19 - 2015-08-18 22:19 - 00000000 ____D C:\Users\Jobran\AppData\Local\Opera Software
2015-08-18 22:18 - 2015-08-18 22:18 - 00000000 ____D C:\Users\Jobran\AppData\Roaming\Opera Software
2015-08-18 22:17 - 2015-08-24 12:59 - 00001135 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-08-18 22:17 - 2015-08-24 10:07 - 00000000 ____D C:\Program Files\igfx32
2015-08-18 22:17 - 2015-08-18 22:17 - 00053760 _____ C:\Users\Jobran\AppData\Local\Konkstrip.exe
2015-08-18 22:17 - 2015-08-18 22:17 - 00003818 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1439928950
2015-08-18 22:15 - 2015-08-24 10:05 - 00000000 ____D C:\Program Files (x86)\globalUpdate
2015-08-18 22:15 - 2015-08-18 22:15 - 00000000 ____D C:\Users\Jobran\AppData\Local\globalUpdate
2015-08-18 22:14 - 2015-08-18 22:20 - 00000000 ____D C:\Program Files (x86)\Opera
2015-08-16 09:21 - 2015-07-30 16:04 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-16 09:21 - 2015-07-30 15:48 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-16 09:00 - 2015-08-16 09:00 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-08-16 09:00 - 2015-08-16 09:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-08-16 08:55 - 2015-08-08 15:55 - 00794088 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-08-16 08:55 - 2015-08-08 15:55 - 00179688 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-15 20:51 - 2015-07-19 03:58 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-08-15 20:51 - 2015-07-18 20:51 - 03704320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-08-15 20:51 - 2015-07-18 20:31 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-08-15 20:51 - 2015-07-18 20:31 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-08-15 20:51 - 2015-07-18 20:31 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-08-15 20:51 - 2015-07-18 20:29 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-08-15 20:51 - 2015-07-18 20:29 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-08-15 20:51 - 2015-07-18 20:29 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-08-15 20:51 - 2015-07-18 20:28 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-08-15 20:51 - 2015-07-18 20:12 - 02228736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-08-15 20:51 - 2015-07-18 20:10 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-08-15 20:51 - 2015-07-18 20:09 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-08-15 20:51 - 2015-07-16 02:29 - 07458648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-08-15 20:51 - 2015-07-16 02:29 - 01735000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-08-15 20:51 - 2015-07-16 02:29 - 00101720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2015-08-15 20:51 - 2015-07-16 02:28 - 01499920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-08-15 20:51 - 2015-07-10 19:54 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2015-08-15 20:51 - 2015-07-02 00:19 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2015-08-15 20:51 - 2015-07-02 00:16 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2015-08-15 20:51 - 2015-07-01 23:37 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2015-08-15 20:51 - 2015-07-01 23:35 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2015-08-15 20:50 - 2015-06-09 20:27 - 00411133 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-08-15 20:49 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-08-15 20:49 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-08-15 20:49 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-08-15 20:49 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-08-15 20:49 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-08-15 20:49 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-08-15 20:49 - 2015-07-16 21:53 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-08-15 20:49 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-08-15 20:49 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-08-15 20:49 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-08-15 20:49 - 2015-07-16 21:45 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-08-15 20:49 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-08-15 20:49 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-08-15 20:49 - 2015-07-16 21:38 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-08-15 20:49 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-08-15 20:49 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-08-15 20:49 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-08-15 20:49 - 2015-07-16 21:14 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-08-15 20:49 - 2015-07-16 21:13 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-08-15 20:49 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-08-15 20:49 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-08-15 20:49 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-08-15 20:49 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-08-15 20:49 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-08-15 20:49 - 2015-07-16 20:52 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-08-15 20:49 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-08-15 20:49 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-08-15 20:49 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-08-15 20:49 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-08-15 20:47 - 2015-07-07 11:40 - 00270168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-08-15 20:47 - 2015-07-07 11:40 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-08-15 20:47 - 2015-07-07 11:40 - 00044560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-08-15 20:47 - 2015-06-12 19:03 - 18823680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-08-15 20:47 - 2015-06-12 18:36 - 15159296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-08-15 20:45 - 2015-07-29 01:24 - 00025776 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2015-08-15 20:45 - 2015-07-28 16:24 - 01148416 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-08-15 20:45 - 2015-07-28 16:24 - 01116160 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-08-15 20:45 - 2015-07-28 16:24 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-08-15 20:45 - 2015-07-28 16:24 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-08-15 20:45 - 2015-07-28 16:24 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-08-15 20:45 - 2015-07-28 16:24 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-08-15 20:38 - 2015-07-13 21:46 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2015-08-15 20:38 - 2015-07-13 21:45 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2015-08-15 20:37 - 2015-07-29 16:37 - 01994752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-08-15 20:37 - 2015-07-29 16:30 - 01381888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-08-15 20:37 - 2015-07-29 16:23 - 01559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-08-15 20:37 - 2015-07-24 20:57 - 04177408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-08-15 20:37 - 2015-07-24 20:57 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-08-15 20:37 - 2015-07-24 20:52 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-08-15 20:37 - 2015-07-24 19:27 - 00301568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-08-15 20:37 - 2015-07-24 19:23 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-08-15 20:37 - 2015-07-14 23:59 - 01113944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-08-15 20:37 - 2015-07-14 23:59 - 00487256 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2015-08-15 20:37 - 2015-07-14 23:59 - 00393560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2015-08-15 20:37 - 2015-07-14 05:22 - 02529880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-08-15 20:37 - 2015-07-14 05:21 - 01901776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-08-15 20:37 - 2015-07-10 20:19 - 01101824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2015-08-15 20:37 - 2015-07-10 19:42 - 02345472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-08-15 20:37 - 2015-07-10 19:14 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2015-08-15 20:37 - 2015-07-10 19:13 - 07032320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2015-08-15 20:37 - 2015-07-10 18:47 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-08-15 20:37 - 2015-07-10 18:31 - 06213120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2015-08-15 20:37 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2015-08-15 20:37 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2015-08-15 20:37 - 2015-07-09 18:30 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2015-08-15 20:37 - 2015-06-11 22:12 - 02476376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-08-15 20:37 - 2015-06-11 22:12 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-07-26 19:25 - 2015-08-16 08:52 - 00000000 ____D C:\Program Files (x86)\CutterInit
2015-07-25 11:59 - 2015-08-09 13:34 - 00000000 ____D C:\Program Files (x86)\Sticky Contest

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-24 14:52 - 2015-07-16 15:58 - 00000000 ____D C:\FRST
2015-08-24 14:51 - 2014-03-16 19:27 - 00000000 ____D C:\Users\Jobran\AppData\Roaming\Skype
2015-08-24 14:49 - 2015-07-16 17:00 - 00000000 ____D C:\Program Files\trend micro
2015-08-24 14:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-08-24 13:40 - 2015-07-16 16:37 - 01422180 _____ C:\WINDOWS\WindowsUpdate.log
2015-08-24 13:24 - 2014-04-03 16:00 - 00000000 ____D C:\Users\Jobran\AppData\Local\Deployment
2015-08-24 13:24 - 2014-03-16 11:53 - 00000000 ____D C:\Program Files (x86)\Google
2015-08-24 13:06 - 2014-03-12 11:49 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1793778196-2422288631-436692435-1001
2015-08-24 13:04 - 2015-07-16 11:23 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-08-24 13:02 - 2015-02-08 20:31 - 00000000 ____D C:\Users\Jobran\AppData\Local\LogMeIn Hamachi
2015-08-24 13:02 - 2014-04-03 09:06 - 00000000 __RDO C:\Users\Jobran\SkyDrive
2015-08-24 13:01 - 2015-07-16 16:46 - 00000739 _____ C:\WINDOWS\setupact.log
2015-08-24 13:01 - 2015-06-04 18:43 - 00000370 _____ C:\WINDOWS\Tasks\DragonWire.job
2015-08-24 13:01 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-08-24 13:00 - 2013-08-22 15:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-08-24 12:59 - 2014-04-01 22:06 - 00001422 _____ C:\Users\Jobran\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-08-24 12:31 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\AUInstallAgent
2015-08-24 11:05 - 2014-05-13 19:55 - 00000000 ____D C:\Users\Jobran\Documents\Scan
2015-08-24 10:06 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\Globalization
2015-08-24 10:05 - 2012-07-26 07:26 - 00000269 _____ C:\WINDOWS\win.ini
2015-08-23 21:37 - 2014-04-16 12:37 - 00000000 ____D C:\Users\Jobran\AppData\Roaming\TeamViewer
2015-08-23 20:14 - 2014-04-03 16:26 - 00000000 ____D C:\Users\Jobran\AppData\Local\CrashDumps
2015-08-23 20:11 - 2014-04-01 21:42 - 00001908 _____ C:\WINDOWS\diagwrn.xml
2015-08-23 20:11 - 2014-04-01 21:42 - 00001908 _____ C:\WINDOWS\diagerr.xml
2015-08-23 20:08 - 2015-07-16 16:46 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-08-23 14:59 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-08-22 19:37 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-08-19 10:54 - 2014-07-04 19:31 - 00000000 ____D C:\Users\Jobran\AppData\Roaming\.minecraft
2015-08-19 09:42 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-08-19 08:30 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\GroupPolicy
2015-08-18 22:30 - 2015-01-29 22:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Witcher 2 Enhanced Edition
2015-08-18 22:24 - 2015-01-29 22:24 - 00001356 _____ C:\Users\Public\Desktop\Spustit hru Zaklínač 2.lnk
2015-08-17 09:35 - 2013-11-14 14:40 - 01749406 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-08-17 09:35 - 2013-11-14 14:24 - 00740962 _____ C:\WINDOWS\system32\perfh005.dat
2015-08-17 09:35 - 2013-11-14 14:24 - 00152146 _____ C:\WINDOWS\system32\perfc005.dat
2015-08-16 09:01 - 2014-03-16 12:13 - 00000000 ____D C:\ProgramData\Skype
2015-08-16 09:00 - 2015-07-14 21:15 - 00002747 _____ C:\Users\Public\Desktop\Skype.lnk
2015-08-16 08:53 - 2013-08-22 16:44 - 00483664 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-08-16 08:52 - 2014-04-03 15:42 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-16 08:52 - 2014-04-03 15:42 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-15 23:11 - 2014-12-12 23:31 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-08-15 23:11 - 2014-07-13 20:46 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-08-15 23:11 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-15 23:11 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-15 23:11 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-15 23:11 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-15 23:11 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-15 23:11 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-15 23:10 - 2014-04-03 15:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-15 23:10 - 2014-03-16 12:00 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-15 23:09 - 2014-03-18 16:52 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-08-15 23:06 - 2014-03-18 16:52 - 132483416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-08-15 23:00 - 2014-04-01 21:42 - 00000000 ____D C:\Users\Jobran
2015-08-09 13:40 - 2015-04-08 15:17 - 00000000 ___SD C:\WINDOWS\system32\GWX
2015-07-28 12:45 - 2015-07-11 14:32 - 00000000 ____D C:\Program Files (x86)\Whopping Ring
2015-07-26 19:25 - 2015-07-16 13:47 - 00000000 ____D C:\ProgramData\a91e4cf800005778

==================== Files in the root of some directories =======

2015-08-22 20:40 - 2015-08-22 20:40 - 3702878 _____ (E-Tech) C:\Program Files\Common Files\vbm2dojj.exe
2015-08-24 12:13 - 2015-08-24 12:13 - 3720539 _____ (Bycatch) C:\Program Files\Common Files\w3io3424.exe
2015-05-12 19:21 - 2015-07-13 20:17 - 0000024 _____ () C:\Users\Jobran\AppData\Roaming\appdataFr25.bin
2015-04-02 13:07 - 2015-04-29 18:45 - 0000020 _____ () C:\Users\Jobran\AppData\Roaming\appdataFr3.bin
2015-08-18 22:17 - 2015-08-18 22:17 - 0053760 _____ () C:\Users\Jobran\AppData\Local\Konkstrip.exe
2015-08-18 22:17 - 2015-08-18 22:17 - 0000187 _____ () C:\Users\Jobran\AppData\Local\Konkstrip.exe.config
2014-03-21 13:22 - 2014-03-21 13:22 - 0000057 _____ () C:\ProgramData\Ament.ini
2014-04-03 16:22 - 2014-04-03 16:22 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\Jobran\AppData\Local\Temp\beeadajhed.exe
C:\Users\Jobran\AppData\Local\Temp\BFC7D711863219B6B8302E8FC90132FC.exe
C:\Users\Jobran\AppData\Local\Temp\ED7D47D63FAF5544C30F39802A90BCEB.exe
C:\Users\Jobran\AppData\Local\Temp\Quarantine.exe
C:\Users\Jobran\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-08-22 20:37




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:930.56 GB) (Free:800.14 GB) NTFS
Drive e: (Win8_x64) (CDROM) (Total:5.23 GB) (Free:0 GB) UDF

Available physical RAM: 1934.63 MB
Total physical RAM: 3976.96 MB
Percentage of memory in use: 51%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00000000)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DragonWire.job => c:\programdata\{792e2b74-ca2a-2e07-792e-e2b74ca2add3}\1668959511713299299b.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\Users\Jobran\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Jobran\SkyDrive.old:ms-properties
AlternateDataStreams: C:\Users\Sara\OneDrive:ms-properties

==================== Security Center ==================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Jobran\Desktop" je 6614 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x0
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================