Blíže neurčená havěť

Zpráva

jakub.oslejsek

Zdravím. Rád bych Vás požádal o pomoc s vyčištěním PC s Win 7. Stáhly se do něj zřejmě nějaké adwary. Něco jsem vyčistil přes Security Essentials a něco přes AdwCleaner, ale obávám se, že to ještě není všechno. Před chvílí jsem musel celý proces zopakovat a nová "várka" mi vymazala Firefox. Níže uvádím log z posledního scanu AdwCleaneru. Předem velice děkuji za pomoc.

# AdwCleaner v5.000 - Logfile created 25/10/2015 at 23:11:32
# Updated 14/08/2015 by Xplode
# Database : 2015-10-18.5 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Jakub - JAKUB-PC
# Running from : C:\Users\Jakub\Desktop\adwcleaner_5.000.exe
# Option : Cleaning

***** [ Services ] *****

[-] Service Deleted : globalUpdate
[-] Service Deleted : globalUpdatem
[-] Service Deleted : SSFK
[-] Service Deleted : WdsManPro

***** [ Folders ] *****

[-] Folder Deleted : C:\Program Files (x86)\globalUpdate
[-] Folder Deleted : C:\Program Files (x86)\RCP
[-] Folder Deleted : C:\Program Files (x86)\GoHD
[-] Folder Deleted : C:\Program Files (x86)\Shop and Save Up
[-] Folder Deleted : C:\Program Files (x86)\SFK
[!] Folder Not Deleted : C:\Program Files (x86)\GoHD
[-] Folder Deleted : C:\Program Files (x86)\MyBrowser
[!] Folder Not Deleted : C:\Program Files (x86)\Shop and Save Up
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyBrowser
[-] Folder Deleted : C:\Users\Jakub\AppData\Local\globalUpdate
[-] Folder Deleted : C:\Users\Jakub\AppData\Local\Systweak
[-] Folder Deleted : C:\Users\Jakub\AppData\Local\MyBrowser
[-] Folder Deleted : C:\Users\Jakub\AppData\Roaming\Systweak
[-] Folder Deleted : C:\Users\Jakub\AppData\Roaming\mystartsearch
[-] Folder Deleted : C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\Extensions\deskCutv2@gmail.com
[-] Folder Deleted : C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\Extensions\defsearchp@gmail.com
[-] Folder Deleted : C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\Extensions\f8783004-c434-4bd0-9f81-9a39dd64baaa@08ad07c4-3f21-451d-9045-9e0d5dc8aa9e.com
[-] Folder Deleted : C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\Extensions\ffddf830-f24b-489e-9e90-a42d11893b1c@gmail.com

***** [ Files ] *****

[-] File Deleted : C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ogminpmldncgcmokldnmmapddoccmhfl
[-] File Deleted : C:\Users\Jakub\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\MyBrowser.lnk
[-] File Deleted : C:\Users\Jakub\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\MyBrowser.lnk
[-] File Deleted : C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\searchplugins\mystartsearch.xml
[-] File Deleted : C:\Users\Jakub\Desktop\Live PC Help.lnk
[-] File Deleted : C:\Users\Public\Desktop\RegClean Pro.lnk
[-] File Deleted : C:\Users\Public\Desktop\MyBrowser.lnk
[-] File Deleted : C:\Windows\Sysnative\roboot64.exe

***** [ Shortcuts ] *****

[-] Shortcut Disinfected : C:\Users\Public\Desktop\Google Chrome.lnk
[-] Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
[-] Shortcut Disinfected : C:\Users\Jakub\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[-] Shortcut Disinfected : C:\Users\Jakub\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk

***** [ Scheduled tasks ] *****

[-] Task Deleted : ASP
[-] Task Deleted : globalUpdateUpdateTaskMachineCore
[-] Task Deleted : globalUpdateUpdateTaskMachineUA
[-] Task Deleted : RegClean Pro
[-] Task Deleted : RegClean Pro_DEFAULT
[-] Task Deleted : RegClean Pro_UPDATES
[-] Task Deleted : MyBrowser
[-] Task Deleted : 74b8e08a-7f23-496f-b9ab-48cf1e8937ab-1-6
[-] Task Deleted : 74b8e08a-7f23-496f-b9ab-48cf1e8937ab-1-7
[-] Task Deleted : 74b8e08a-7f23-496f-b9ab-48cf1e8937ab-10_user
[-] Task Deleted : 74b8e08a-7f23-496f-b9ab-48cf1e8937ab-3
[-] Task Deleted : 74b8e08a-7f23-496f-b9ab-48cf1e8937ab-4
[-] Task Deleted : 74b8e08a-7f23-496f-b9ab-48cf1e8937ab-5
[-] Task Deleted : 74b8e08a-7f23-496f-b9ab-48cf1e8937ab-5_user
[-] Task Deleted : 74b8e08a-7f23-496f-b9ab-48cf1e8937ab-6
[-] Task Deleted : 74b8e08a-7f23-496f-b9ab-48cf1e8937ab-7
[-] Task Deleted : 83feb89d-02fa-4d74-b419-d3ec6e910956-1-6
[-] Task Deleted : 83feb89d-02fa-4d74-b419-d3ec6e910956-1-7
[-] Task Deleted : 83feb89d-02fa-4d74-b419-d3ec6e910956-10_user
[-] Task Deleted : 83feb89d-02fa-4d74-b419-d3ec6e910956-3
[-] Task Deleted : 83feb89d-02fa-4d74-b419-d3ec6e910956-4
[-] Task Deleted : 83feb89d-02fa-4d74-b419-d3ec6e910956-5
[-] Task Deleted : 83feb89d-02fa-4d74-b419-d3ec6e910956-5_user
[-] Task Deleted : 83feb89d-02fa-4d74-b419-d3ec6e910956-6
[-] Task Deleted : 83feb89d-02fa-4d74-b419-d3ec6e910956-7
[-] Task Deleted : 74b8e08a-7f23-496f-b9ab-48cf1e8937ab-1-6
[-] Task Deleted : 74b8e08a-7f23-496f-b9ab-48cf1e8937ab-1-7
[-] Task Deleted : 74b8e08a-7f23-496f-b9ab-48cf1e8937ab-10_user
[-] Task Deleted : 74b8e08a-7f23-496f-b9ab-48cf1e8937ab-3
[-] Task Deleted : 74b8e08a-7f23-496f-b9ab-48cf1e8937ab-4
[-] Task Deleted : 74b8e08a-7f23-496f-b9ab-48cf1e8937ab-5
[-] Task Deleted : 74b8e08a-7f23-496f-b9ab-48cf1e8937ab-5_user
[-] Task Deleted : 74b8e08a-7f23-496f-b9ab-48cf1e8937ab-6
[-] Task Deleted : 74b8e08a-7f23-496f-b9ab-48cf1e8937ab-7
[-] Task Deleted : 83feb89d-02fa-4d74-b419-d3ec6e910956-1-6
[-] Task Deleted : 83feb89d-02fa-4d74-b419-d3ec6e910956-1-7
[-] Task Deleted : 83feb89d-02fa-4d74-b419-d3ec6e910956-10_user
[-] Task Deleted : 83feb89d-02fa-4d74-b419-d3ec6e910956-3
[-] Task Deleted : 83feb89d-02fa-4d74-b419-d3ec6e910956-4
[-] Task Deleted : 83feb89d-02fa-4d74-b419-d3ec6e910956-5
[-] Task Deleted : 83feb89d-02fa-4d74-b419-d3ec6e910956-5_user
[-] Task Deleted : 83feb89d-02fa-4d74-b419-d3ec6e910956-6
[-] Task Deleted : 83feb89d-02fa-4d74-b419-d3ec6e910956-7
[-] Task Deleted : globalUpdateUpdateTaskMachineCore
[-] Task Deleted : globalUpdateUpdateTaskMachineUA

***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
[-] Key Deleted : HKCU\Software\Mozilla\Extends
[-] Key Deleted : HKLM\SOFTWARE\Classes\CRSBRWSHTML
[-] Value Deleted : HKLM\SOFTWARE\Classes\.htm\OpenWithProgids [CRSBRWSHTML]
[-] Value Deleted : HKLM\SOFTWARE\Classes\.html\OpenWithProgids [CRSBRWSHTML]
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\globalupdate.exe
[-] Value Deleted : HKLM\SOFTWARE\Classes\.xht\OpenWithProgIDs [CRSBRWSHTML]
[-] Value Deleted : HKLM\SOFTWARE\Classes\.webp\OpenWithProgIDs [CRSBRWSHTML]
[-] Value Deleted : HKLM\SOFTWARE\Classes\.shtml\OpenWithProgIDs [CRSBRWSHTML]
[-] Value Deleted : HKLM\SOFTWARE\RegisteredApplications [MyBrowser]
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mybrowser.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\MediaPlayer\ShimInclusionList\mybrowser.exe
[-] Key Deleted : HKLM\SOFTWARE\Clients\StartMenuInternet\MyBrowser
[-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WdsManPro
[-] Key Deleted : HKLM\SOFTWARE\47b411f3-9264-4f0a-9e40-de66f18af7a0
[-] Key Deleted : HKLM\SOFTWARE\5cfbd798-9e97-4ffc-87fe-b5f4779ec768
[-] Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [deskCutv2@gmail.com]
[-] Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [defsearchp@gmail.com]
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6EDBF8C0-C94C-4A13-956F-E393BCA5BA4B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2A563926-CF4B-4363-A760-F71E46205B7E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A8F7D0A5-7074-40B8-9BDC-1174BDD0A132}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D14D64BC-A0E4-42E3-BB72-FB41EA43C198}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DD1F043F-ABC8-4643-8B95-D2C5B22BB019}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F3E8F9-F747-4DD6-BA6B-82A6CE1E0860}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED0B64D4-BF27-4521-AD27-190F49BF5EA7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{023E9EC8-B147-40EB-B0B3-DF90618FB371}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0522D9A4-4D57-437D-978D-E5B3B6C9005D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{07F41522-AF7D-4F26-B394-094F059FDB8A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0C40F472-7407-4467-8914-1DEA7C326972}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{212E6D43-6062-492A-B8CC-144669FF11ED}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{224FE662-1E6D-4BC0-AEBB-9E2FB4057BE9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A807417-B46D-4D37-8C9A-19AC6DE204F9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3CC60715-D6C5-429D-830E-43FA3F86C61D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4517D94C-19BA-46FA-BE66-2A30CEAC4A85}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{555D7146-94A8-4C94-AE76-C39CDC7F7705}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{59D188FA-757A-424E-8C93-F58FFD896BD7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8120D9D6-785C-4413-9C0C-DF2028C56FAD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{823AE2EB-E62C-4847-B192-C99B91B92416}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9B4F7CFE-987D-410E-A8E4-20182E0B3C24}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9B9A45F4-18FC-484A-BACA-076D78273D8E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A6D54287-7939-466A-8579-92546D946C8C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A78EDAFB-926F-4D93-AB13-8232D7378EB1}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
[-] Key Deleted : HKCU\Software\GlobalUpdate
[-] Key Deleted : HKCU\Software\InstalledBrowserExtensions
[-] Key Deleted : HKCU\Software\systweak
[-] Key Deleted : HKCU\Software\GoHD
[-] Key Deleted : HKCU\Software\CrossBrowser
[-] Key Deleted : HKCU\Software\Crossbrowse
[-] Key Deleted : HKCU\Software\YorkNewCin
[-] Key Deleted : HKCU\Software\HighDefAction
[-] Key Deleted : HKCU\Software\ArenaHD
[-] Key Deleted : HKCU\Software\Shop and Save Up
[-] Key Deleted : HKCU\Software\Reg\Clean
[!] Key Not Deleted : HKCU\Software\GoHD
[-] Key Deleted : HKCU\Software\MyBrowser
[!] Key Not Deleted : HKCU\Software\Shop and Save Up
[-] Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
[-] Key Deleted : HKLM\SOFTWARE\AppDataLow\SOFTWARE\Crossrider
[-] Key Deleted : HKLM\SOFTWARE\AppDataLow\SOFTWARE\_CrossriderRegNamePlaceHolder_
[-] Key Deleted : HKLM\SOFTWARE\GlobalUpdate
[-] Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
[-] Key Deleted : HKLM\SOFTWARE\systweak
[-] Key Deleted : HKLM\SOFTWARE\GoHD
[-] Key Deleted : HKLM\SOFTWARE\mystartsearchSoftware
[-] Key Deleted : HKLM\SOFTWARE\Crossbrowse
[-] Key Deleted : HKLM\SOFTWARE\YorkNewCin
[-] Key Deleted : HKLM\SOFTWARE\HighDefAction
[-] Key Deleted : HKLM\SOFTWARE\ArenaHD
[-] Key Deleted : HKLM\SOFTWARE\FFPluginHp
[-] Key Deleted : HKLM\SOFTWARE\Shop and Save Up
[-] Key Deleted : HKLM\SOFTWARE\WdsManPro
[-] Key Deleted : HKLM\SOFTWARE\Reg\Clean
[!] Key Not Deleted : HKLM\SOFTWARE\GoHD
[-] Key Deleted : HKLM\SOFTWARE\MyBrowser
[!] Key Not Deleted : HKLM\SOFTWARE\Shop and Save Up
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RegClean Pro_is1
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RegClean-Pro_is1
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\GoHD
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Shop and Save Up
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SU
[!] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\GoHD
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyBrowser
[!] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Shop and Save Up
[!] Key Not Deleted : [x64] HKCU\Software\GlobalUpdate
[!] Key Not Deleted : [x64] HKCU\Software\InstalledBrowserExtensions
[!] Key Not Deleted : [x64] HKCU\Software\systweak
[!] Key Not Deleted : [x64] HKCU\Software\GoHD
[!] Key Not Deleted : [x64] HKCU\Software\CrossBrowser
[!] Key Not Deleted : [x64] HKCU\Software\Crossbrowse
[!] Key Not Deleted : [x64] HKCU\Software\YorkNewCin
[!] Key Not Deleted : [x64] HKCU\Software\HighDefAction
[!] Key Not Deleted : [x64] HKCU\Software\ArenaHD
[!] Key Not Deleted : [x64] HKCU\Software\Shop and Save Up
[!] Key Not Deleted : [x64] HKCU\Software\Reg\Clean
[!] Key Not Deleted : [x64] HKCU\Software\GoHD
[!] Key Not Deleted : [x64] HKCU\Software\MyBrowser
[!] Key Not Deleted : [x64] HKCU\Software\Shop and Save Up
[-] Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
[-] Key Deleted : [x64] HKLM\SOFTWARE\YorkNewCin
[-] Key Deleted : [x64] HKLM\SOFTWARE\HighDefAction
[-] Key Deleted : [x64] HKLM\SOFTWARE\ArenaHD
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GLOBALUPDATE.EXE
[-] Data Restored : HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command []
[-] Data Restored : HKLM\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command []
[-] Data Restored : HKLM\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command []

***** [ Web browsers ] *****

[-] [C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\prefs.js] [Preference] Deleted : user_pref("browser.newtab.url", "hxxp://www.mystartsearch.com/newtab/?type=nt&t ... 5275252752");
[-] [C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\prefs.js] [Preference] Deleted : user_pref("browser.startup.homepage", "hxxp://www.mystartsearch.com/?type=hp&ts=14458 ... 5275252752");

*************************

:: Proxy settings cleared
:: Winsock settings cleared

*************************

C:\AdwCleaner[C4].txt - [15187 octets] - [25/10/2015 22:05:22]
C:\AdwCleaner[C5].txt - [1170 octets] - [25/10/2015 22:12:22]
C:\AdwCleaner[C6].txt - [1360 octets] - [25/10/2015 22:27:16]
C:\AdwCleaner[C7].txt - [18875 octets] - [25/10/2015 23:11:32]
C:\AdwCleaner[S10].txt - [1201 octets] - [25/10/2015 22:26:17]
C:\AdwCleaner[S11].txt - [19013 octets] - [25/10/2015 23:10:28]
C:\AdwCleaner[S6].txt - [1928 octets] - [17/08/2015 10:05:20]
C:\AdwCleaner[S7].txt - [14652 octets] - [25/10/2015 22:03:55]
C:\AdwCleaner[S8].txt - [1009 octets] - [25/10/2015 22:10:21]
C:\AdwCleaner[S9].txt - [1137 octets] - [25/10/2015 22:15:12]

########## EOF - C:\AdwCleaner[C7].txt - [19321 octets] ##########

#2 Příspěvek od **altrok** » 26 říj 2015 06:32

Zdravim

Zacneme diagnostickym (skenovacim) nastrojem - poprosim Vas o logy FRST.txt a Addition.txt z FRST viz oranzovy ramecek nahore.

jakub.oslejsek

Ahoj, tady jsou ty logy:
FRST

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:25-10-2015 02
Ran by Jakub (administrator) on JAKUB-PC (26-10-2015 06:46:33)
Running from C:\Users\Jakub\Desktop
Loaded Profiles: Jakub (Available Profiles: Jakub)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() C:\Program Files (x86)\00000000-1445806083-0000-0000-D43D7E9CC0B9\knsx8E72.tmpfs
() C:\Program Files (x86)\00000000-1445806083-0000-0000-D43D7E9CC0B9\hnssC8DB.tmp
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\spool\drivers\x64\3\NetFaxTray64.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
() C:\Program Files (x86)\00000000-1445806083-0000-0000-D43D7E9CC0B9\jnsxACA2.tmp
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\spool\drivers\x64\3\NetFaxServer64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Monet+, a.s.) C:\Windows\SysWOW64\xmesrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(forum.viry.cz) C:\Users\Jakub\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\reader_sl.exe
(Microsoft Corporation) C:\Windows\SysWOW64\PING.EXE

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6846096 2012-11-19] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [462712 2012-03-09] ()
HKLM-x32\...\Run: [Super-Charger] => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [502328 2012-10-23] (MSI)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-3706855550-2973812730-1501122498-1000\...\Run: [GoogleChromeAutoLaunch_15F254A23A37E7265466A6824C7C8462] => "C:\Program Files (x86)\MyBrowser\MyBrowser\Application\mybrowser.exe" --no-startup-window
HKU\S-1-5-21-3706855550-2973812730-1501122498-1000\...\MountPoints2: {55e500e1-b99e-11e4-bec2-d43d7e9cc0b9} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-3706855550-2973812730-1501122498-1000\...\MountPoints2: {b7fae774-3f77-11e5-92f3-d43d7e9cc0b9} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-3706855550-2973812730-1501122498-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [899584 2010-11-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Network PC Fax.lnk [2015-01-12]
ShortcutTarget: Samsung Network PC Fax.lnk -> C:\Windows\System32\spool\drivers\x64\3\NetFaxTray64.exe (Samsung Electronics Co., Ltd.)
Startup: C:\Users\Jakub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Toolkit 2.5.3 is Here! [Latest].lnk [2015-04-27]
ShortcutTarget: Microsoft Toolkit 2.5.3 is Here! [Latest].lnk -> C:\ProgramData\{0a656b11-46cc-0bf0-0a65-56b1146cac45}\Microsoft Toolkit 2.5.3 is Here! [Latest].exe (No File)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

AutoConfigURL: [S-1-5-21-3706855550-2973812730-1501122498-1000] => hxxp://get-access.me/wpad.dat?e6305c18c7983154d1ade6c8118ba5b61197878
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{BDDC18FD-7325-4E89-BB77-766A33AF3E9D}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-3706855550-2973812730-1501122498-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=12454
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3706855550-2973812730-1501122498-1000 -> {1BFC78F2-60CC-460F-BD41-770662F0466B} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12454
SearchScopes: HKU\S-1-5-21-3706855550-2973812730-1501122498-1000 -> {212C533D-C2F4-40CB-ACDB-EC281B07824A} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
SearchScopes: HKU\S-1-5-21-3706855550-2973812730-1501122498-1000 -> {5EC57AE7-2C91-4252-990B-218A8BCDAA6E} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3706855550-2973812730-1501122498-1000 -> {60500081-E4A1-44A4-BEF1-C205A07DADA2} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
SearchScopes: HKU\S-1-5-21-3706855550-2973812730-1501122498-1000 -> {64543327-3C79-4805-9CFF-E68837A1FE26} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3706855550-2973812730-1501122498-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={searchTerms}&r ... IM_csCZ547
SearchScopes: HKU\S-1-5-21-3706855550-2973812730-1501122498-1000 -> {CE0C5EEB-2387-459C-90B7-ECBD56239A98} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12454
SearchScopes: HKU\S-1-5-21-3706855550-2973812730-1501122498-1000 -> {E9B40B2D-87C0-460F-892F-DFC09FEB74EB} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3706855550-2973812730-1501122498-1000 -> {FFE98A27-9FCB-4070-AF5B-5453F69E6196} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-25] (Google Inc.)
BHO: YoutubeAdBlocke -> {ab3a39fa-d1b5-4c57-b3ab-24ef0f7f2658} -> C:\Program Files (x86)\YoutubeAdBlocke\klx9jY2Vo0vcFu.x64.dll => No File
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: GoSave -> {bc3bbe33-5417-45ae-86c0-132841bfd574} -> C:\Program Files (x86)\GoSave\MNqZu61bvG7Pun.x64.dll => No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-25] (Google Inc.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Discover Treasure -> {bfa55139-82af-4663-a19b-e135dac8d043} -> C:\Program Files (x86)\Discover Treasure\Extensions\bfa55139-82af-4663-a19b-e135dac8d043.dll => No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-25] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-25] (Google Inc.)
Toolbar: HKU\S-1-5-21-3706855550-2973812730-1501122498-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-25] (Google Inc.)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default
FF DefaultSearchUrl: hxxp://www.google.com/search?btnG=Google+Search&q=
FF SearchEngineOrder.1: Google
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-17] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-17] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> E:\instalovaný přehrávač\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> E:\instalovaný přehrávač\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> E:\instalovaný přehrávač\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3706855550-2973812730-1501122498-1000: @servis24.cz/PKIComponent -> C:\Users\Jakub\AppData\Roaming\CSAS\lib\x86\npPKIComponentNPAPI.dll [2014-11-21] (Česká spořitelna, a.s.)
FF Plugin HKU\S-1-5-21-3706855550-2973812730-1501122498-1000: @servis24.cz/PKIComponent-x64 -> C:\Users\Jakub\AppData\Roaming\CSAS\lib\x64\npPKIComponentNPAPI.dll [2014-11-21] (Česká spořitelna, a.s.)
FF Plugin HKU\S-1-5-21-3706855550-2973812730-1501122498-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Jakub\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2009-11-30] (Unity Technologies ApS)
FF SearchPlugin: C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\searchplugins\firmycz.xml [2013-07-31]
FF SearchPlugin: C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\searchplugins\mapycz.xml [2013-07-31]
FF SearchPlugin: C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\searchplugins\zbocz.xml [2013-07-31]
FF Extension: Discover Treasure - C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\Extensions\{d6d72590-5810-49d4-a1a1-84bcb320d2c4}.xpi [2015-10-25] [not signed]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-08] [not signed]
FF Extension: No Name - C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\defsearchp@gmail.com [not found]
FF Extension: No Name - C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com [not found]

Chrome:
=======
CHR Profile: C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Ostrov Thassos - pohled na moře - Řecko.) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcljilfhnlofcfncmfgdnjkpglaailab [2015-10-04]
CHR Extension: (Skype Click to Call) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-10-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-28]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-03-28] (Advanced Micro Devices, Inc.) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
R2 dijojyvi; C:\Program Files (x86)\00000000-1445806083-0000-0000-D43D7E9CC0B9\hnssC8DB.tmp [845312 2015-10-25] () [File not signed]
S2 dowoloadadproduurdow; C:\Users\Jakub\AppData\Local\Zottechi.exe [46592 2015-10-25] () [File not signed]
R2 himucyxe; C:\Program Files (x86)\00000000-1445806083-0000-0000-D43D7E9CC0B9\jnsxACA2.tmp [219136 2015-10-25] () [File not signed]
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-06-27] (Nero AG)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [143416 2012-10-25] (MSI)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
R2 Samsung Network Fax Server; C:\Windows\system32\spool\drivers\x64\3\NetFaxServer64.exe [505648 2014-02-25] (Samsung Electronics Co., Ltd.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 xmengine service; C:\Windows\SysWOW64\xmesrv.exe [34696 2015-05-07] (Monet+, a.s.)
R2 cujeruku; C:\Program Files (x86)\00000000-1445806083-0000-0000-D43D7E9CC0B9\knsx8E72.tmpfs [X]
S2 hidekoqe; C:\Users\Jakub\AppData\Local\00000000-1445816691-0000-0000-D43D7E9CC0B9\qnsrCC55.tmp [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [57472 2012-04-09] (Advanced Micro Devices)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-26 06:46 - 2015-10-26 06:47 - 00020245 _____ C:\Users\Jakub\Desktop\FRST.txt
2015-10-26 06:45 - 2015-10-26 06:45 - 00029696 _____ C:\Users\Jakub\AppData\Local\MSGBOX.EXE
2015-10-26 06:45 - 2015-10-26 06:45 - 00015327 _____ C:\Users\Jakub\Desktop\LM.bat
2015-10-26 06:43 - 2015-10-26 06:43 - 00112640 _____ (forum.viry.cz) C:\Users\Jakub\Desktop\FRSTLauncher.exe
2015-10-26 06:39 - 2015-10-26 06:40 - 02197504 _____ (Farbar) C:\Users\Jakub\Desktop\FRST64.exe
2015-10-26 00:21 - 2015-10-26 00:21 - 00006400 _____ C:\AdwCleaner[S13].txt
2015-10-26 00:21 - 2015-10-26 00:21 - 00005042 _____ C:\AdwCleaner[C9].txt
2015-10-26 00:21 - 2015-10-26 00:21 - 00000000 ____D C:\ProgramData\2WdsManPro2
2015-10-25 23:47 - 2015-10-25 23:47 - 00006917 _____ C:\AdwCleaner[C8].txt
2015-10-25 23:46 - 2015-10-25 23:47 - 00008209 _____ C:\AdwCleaner[S12].txt
2015-10-25 23:44 - 2015-10-25 23:45 - 00000000 ____D C:\ProgramData\yWdsManProy
2015-10-25 23:28 - 2015-10-26 00:21 - 00001065 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-10-25 23:28 - 2015-10-26 00:21 - 00001053 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-10-25 23:27 - 2015-10-25 23:27 - 42524680 _____ C:\Users\Jakub\Downloads\Firefox Setup 41.0.2.exe
2015-10-25 23:12 - 2015-10-26 00:23 - 00006146 _____ C:\Windows\PFRO.log
2015-10-25 23:11 - 2015-10-25 23:11 - 00019463 _____ C:\AdwCleaner[C7].txt
2015-10-25 23:10 - 2015-10-25 23:11 - 00019013 _____ C:\AdwCleaner[S11].txt
2015-10-25 23:03 - 2015-10-26 06:34 - 00001006 _____ C:\Windows\Tasks\wP024GxDKQhBS9iEw.job
2015-10-25 23:03 - 2015-10-26 06:34 - 00001004 _____ C:\Windows\Tasks\wP024GxDKQhBS9iE.job
2015-10-25 23:03 - 2015-10-25 23:03 - 00004032 _____ C:\Windows\System32\Tasks\wP024GxDKQhBS9iEw
2015-10-25 23:03 - 2015-10-25 23:03 - 00004030 _____ C:\Windows\System32\Tasks\wP024GxDKQhBS9iE
2015-10-25 23:02 - 2015-10-25 23:03 - 00000000 ____D C:\ProgramData\1WdsManPro1
2015-10-25 22:28 - 2015-10-26 06:34 - 00000280 _____ C:\Windows\setupact.log
2015-10-25 22:28 - 2015-10-25 22:28 - 00000000 _____ C:\Windows\setuperr.log
2015-10-25 22:27 - 2015-10-25 22:27 - 00001360 _____ C:\AdwCleaner[C6].txt
2015-10-25 22:26 - 2015-10-25 22:27 - 00001201 _____ C:\AdwCleaner[S10].txt
2015-10-25 22:15 - 2015-10-25 22:16 - 00001137 _____ C:\AdwCleaner[S9].txt
2015-10-25 22:12 - 2015-10-25 22:12 - 00001170 _____ C:\AdwCleaner[C5].txt
2015-10-25 22:10 - 2015-10-25 22:11 - 00001009 _____ C:\AdwCleaner[S8].txt
2015-10-25 22:05 - 2015-10-25 22:05 - 00015187 _____ C:\AdwCleaner[C4].txt
2015-10-25 22:03 - 2015-10-25 22:05 - 00014652 _____ C:\AdwCleaner[S7].txt
2015-10-25 21:52 - 2015-10-25 21:52 - 00046592 _____ C:\Users\Jakub\AppData\Local\Zottechi.exe
2015-10-25 21:50 - 2015-10-25 21:50 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\Opera Software
2015-10-25 21:50 - 2015-10-25 21:50 - 00000000 ____D C:\Users\Jakub\AppData\Local\Opera Software
2015-10-25 21:48 - 2015-10-25 22:30 - 00000000 ____D C:\Program Files (x86)\00000000-1445806083-0000-0000-D43D7E9CC0B9
2015-10-25 21:48 - 2015-10-25 21:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-10-25 21:48 - 2015-10-25 21:48 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-10-25 21:48 - 2014-06-20 19:26 - 00000035 _____ C:\Windows\system32\Drivers\etc\hp.bak
2015-10-25 21:47 - 2015-10-26 06:34 - 00000996 _____ C:\Windows\Tasks\rZBrxPsWWk1A.job
2015-10-25 21:47 - 2015-10-26 06:34 - 00000986 _____ C:\Windows\Tasks\YQwDnPB.job
2015-10-25 21:47 - 2015-10-25 21:47 - 00004022 _____ C:\Windows\System32\Tasks\rZBrxPsWWk1A
2015-10-25 21:47 - 2015-10-25 21:47 - 00004012 _____ C:\Windows\System32\Tasks\YQwDnPB
2015-10-25 21:46 - 2015-10-25 23:06 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-10-25 21:36 - 2015-10-26 00:21 - 00000102 _____ C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
2015-10-25 21:36 - 2015-10-25 21:37 - 00000000 ____D C:\ProgramData\WWdsManProW
2015-10-15 15:21 - 2015-09-18 20:22 - 00025432 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-10-15 15:21 - 2015-09-18 20:19 - 01291264 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-10-15 15:21 - 2015-09-18 20:19 - 00766464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-10-15 15:21 - 2015-09-18 20:19 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-10-15 15:21 - 2015-09-18 20:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-10-15 15:21 - 2015-09-18 20:19 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-10-15 15:21 - 2015-09-18 20:09 - 01163776 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-10-14 14:37 - 2015-09-29 04:16 - 05569472 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-10-14 14:37 - 2015-09-29 04:13 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-10-14 14:37 - 2015-09-29 04:11 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-10-14 14:37 - 2015-09-29 04:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-10-14 14:37 - 2015-09-29 04:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-10-14 14:37 - 2015-09-29 04:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-10-14 14:37 - 2015-09-29 04:10 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-10-14 14:37 - 2015-09-29 04:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-10-14 14:37 - 2015-09-29 04:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-10-14 14:37 - 2015-09-29 04:05 - 03990976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-10-14 14:37 - 2015-09-29 04:05 - 03936192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-10-14 14:37 - 2015-09-29 03:59 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-10-14 14:37 - 2015-09-29 03:57 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-10-14 14:37 - 2015-09-29 02:50 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-10-14 14:37 - 2015-09-15 19:17 - 00157016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-10-14 14:37 - 2015-09-15 19:17 - 00097112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-10-14 14:37 - 2015-09-15 19:11 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-10-14 14:36 - 2015-10-01 19:06 - 00692672 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-10-14 14:36 - 2015-10-01 19:04 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-10-14 14:36 - 2015-10-01 19:00 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-10-14 14:36 - 2015-10-01 19:00 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-10-14 14:36 - 2015-10-01 19:00 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-10-14 14:36 - 2015-10-01 19:00 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-10-14 14:36 - 2015-10-01 19:00 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-10-14 14:36 - 2015-10-01 18:50 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-10-14 14:36 - 2015-10-01 18:00 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-10-14 14:36 - 2015-09-29 04:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-10-14 14:36 - 2015-09-29 04:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-10-14 14:36 - 2015-09-29 04:11 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-10-14 14:36 - 2015-09-29 04:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-10-14 14:36 - 2015-09-29 04:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-10-14 14:36 - 2015-09-29 04:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-10-14 14:36 - 2015-09-29 04:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-10-14 14:36 - 2015-09-29 04:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-10-14 14:36 - 2015-09-29 04:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-10-14 14:36 - 2015-09-29 04:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-10-14 14:36 - 2015-09-29 04:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-10-14 14:36 - 2015-09-29 04:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-10-14 14:36 - 2015-09-29 04:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-10-14 14:36 - 2015-09-29 04:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-10-14 14:36 - 2015-09-29 04:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-10-14 14:36 - 2015-09-29 04:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-10-14 14:36 - 2015-09-29 04:02 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-10-14 14:36 - 2015-09-29 04:01 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-10-14 14:36 - 2015-09-29 04:01 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-10-14 14:36 - 2015-09-29 04:01 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 04:01 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 04:01 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 04:01 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 03:59 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-10-14 14:36 - 2015-09-29 03:59 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-10-14 14:36 - 2015-09-29 03:59 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-10-14 14:36 - 2015-09-29 03:59 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-10-14 14:36 - 2015-09-29 03:59 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-10-14 14:36 - 2015-09-29 03:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-10-14 14:36 - 2015-09-29 03:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-10-14 14:36 - 2015-09-29 03:58 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-10-14 14:36 - 2015-09-29 03:58 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-10-14 14:36 - 2015-09-29 03:57 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-10-14 14:36 - 2015-09-29 03:57 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-10-14 14:36 - 2015-09-29 03:57 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-10-14 14:36 - 2015-09-29 03:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-10-14 14:36 - 2015-09-29 03:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-10-14 14:36 - 2015-09-29 03:49 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-10-14 14:36 - 2015-09-29 03:49 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-10-14 14:36 - 2015-09-29 03:49 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 03:49 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 02:49 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-10-14 14:36 - 2015-09-29 02:49 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-10-14 14:36 - 2015-09-29 02:43 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-10-14 14:36 - 2015-09-29 02:43 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-10-14 14:36 - 2015-09-29 02:40 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 02:40 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 02:40 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 02:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-10-14 14:36 - 2015-09-15 19:11 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-10-14 14:36 - 2015-09-15 19:11 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-10-14 14:36 - 2015-09-15 19:11 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-10-14 14:36 - 2015-09-15 19:11 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-10-14 14:36 - 2015-09-15 19:11 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-10-14 14:36 - 2015-09-15 19:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-10-14 14:36 - 2015-09-15 18:36 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-10-14 14:36 - 2015-09-15 18:36 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-10-14 14:36 - 2015-09-15 18:36 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-10-14 14:36 - 2015-09-15 18:35 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-10-14 14:32 - 2015-09-18 20:31 - 00391784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-10-14 14:32 - 2015-09-18 19:58 - 00345688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-10-14 14:32 - 2015-09-16 05:48 - 25851904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-10-14 14:32 - 2015-09-16 05:36 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-10-14 14:32 - 2015-09-16 05:36 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-10-14 14:32 - 2015-09-16 05:22 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-10-14 14:32 - 2015-09-16 05:21 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-10-14 14:32 - 2015-09-16 05:21 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-10-14 14:32 - 2015-09-16 05:21 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-10-14 14:32 - 2015-09-16 05:21 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-10-14 14:32 - 2015-09-16 05:21 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-10-14 14:32 - 2015-09-16 05:14 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-10-14 14:32 - 2015-09-16 05:13 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-10-14 14:32 - 2015-09-16 05:10 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-10-14 14:32 - 2015-09-16 05:09 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-10-14 14:32 - 2015-09-16 05:08 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-10-14 14:32 - 2015-09-16 05:08 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-10-14 14:32 - 2015-09-16 05:08 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-10-14 14:32 - 2015-09-16 05:08 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-10-14 14:32 - 2015-09-16 05:01 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-10-14 14:32 - 2015-09-16 04:58 - 20357632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-10-14 14:32 - 2015-09-16 04:58 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-10-14 14:32 - 2015-09-16 04:50 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-10-14 14:32 - 2015-09-16 04:46 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-10-14 14:32 - 2015-09-16 04:45 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-10-14 14:32 - 2015-09-16 04:45 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-10-14 14:32 - 2015-09-16 04:43 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-10-14 14:32 - 2015-09-16 04:41 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-10-14 14:32 - 2015-09-16 04:33 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-10-14 14:32 - 2015-09-16 04:33 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-10-14 14:32 - 2015-09-16 04:32 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-10-14 14:32 - 2015-09-16 04:32 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-10-14 14:32 - 2015-09-16 04:31 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-10-14 14:32 - 2015-09-16 04:31 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-10-14 14:32 - 2015-09-16 04:29 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-10-14 14:32 - 2015-09-16 04:29 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-10-14 14:32 - 2015-09-16 04:28 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-10-14 14:32 - 2015-09-16 04:28 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-10-14 14:32 - 2015-09-16 04:26 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-10-14 14:32 - 2015-09-16 04:26 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-10-14 14:32 - 2015-09-16 04:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-10-14 14:32 - 2015-09-16 04:24 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-10-14 14:32 - 2015-09-16 04:23 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-10-14 14:32 - 2015-09-16 04:22 - 14458368 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-10-14 14:32 - 2015-09-16 04:22 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-10-14 14:32 - 2015-09-16 04:22 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-10-14 14:32 - 2015-09-16 04:15 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-10-14 14:32 - 2015-09-16 04:11 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-10-14 14:32 - 2015-09-16 04:10 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-10-14 14:32 - 2015-09-16 04:07 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-10-14 14:32 - 2015-09-16 04:06 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-10-14 14:32 - 2015-09-16 04:05 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-10-14 14:32 - 2015-09-16 04:05 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-10-14 14:32 - 2015-09-16 04:04 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-10-14 14:32 - 2015-09-16 03:59 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-10-14 14:32 - 2015-09-16 03:58 - 12853760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-10-14 14:32 - 2015-09-16 03:58 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-10-14 14:32 - 2015-09-16 03:56 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-10-14 14:32 - 2015-09-16 03:55 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-10-14 14:32 - 2015-09-16 03:55 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-10-14 14:32 - 2015-09-16 03:48 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-10-14 14:32 - 2015-09-16 03:37 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-10-14 14:32 - 2015-09-16 03:34 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-10-14 14:32 - 2015-09-16 03:32 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-10-14 14:32 - 2015-08-06 19:04 - 14176768 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-10-14 14:32 - 2015-08-06 19:03 - 01866752 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-10-14 14:32 - 2015-08-06 18:44 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-10-14 14:32 - 2015-08-06 18:44 - 01498624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2015-10-14 14:31 - 2015-09-25 19:07 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-10-14 14:31 - 2015-09-25 19:07 - 02607104 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-10-14 14:31 - 2015-09-25 19:07 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-10-14 14:31 - 2015-09-25 19:07 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-10-14 14:31 - 2015-09-25 19:07 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-10-14 14:31 - 2015-09-25 19:07 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-10-14 14:31 - 2015-09-25 19:07 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-10-14 14:31 - 2015-09-25 19:06 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-10-14 14:31 - 2015-09-25 19:06 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-10-14 14:31 - 2015-09-25 19:06 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-10-14 14:31 - 2015-09-25 19:06 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-10-14 14:31 - 2015-09-25 18:59 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-10-14 14:31 - 2015-09-25 18:59 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-10-14 14:31 - 2015-09-25 18:59 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-10-14 14:31 - 2015-09-25 18:59 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-10-14 14:31 - 2015-09-25 18:58 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-10-13 21:55 - 2014-12-03 11:01 - 00000000 ____D C:\Users\Jakub\Desktop\The colour and the shape (1997)
2015-10-13 16:25 - 2015-10-13 16:25 - 00178688 _____ C:\Users\Jakub\Downloads\03vzorce.ppt
2015-10-11 09:20 - 2015-10-11 09:48 - 501556851 _____ C:\Users\Jakub\Downloads\Sluha-dvou-pánů.mp4
2015-10-11 09:01 - 2015-10-11 09:06 - 80339628 _____ C:\Users\Jakub\Downloads\Svatební-košile_Kábrt.avi
2015-09-26 12:36 - 2015-09-26 12:36 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\face2faceSecondeditionElementary
2015-09-26 12:36 - 2015-09-26 12:36 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\Cambridge
2015-09-26 12:35 - 2015-09-26 12:35 - 00001259 _____ C:\Users\Public\Desktop\face2face Second edition Elementary.lnk
2015-09-26 12:35 - 2015-09-26 12:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cambridge
2015-09-26 12:35 - 2015-09-26 12:35 - 00000000 ____D C:\Program Files (x86)\Cambridge
2015-09-26 12:11 - 2015-09-26 12:11 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2015-09-26 12:11 - 2015-09-26 12:11 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2015-09-26 12:08 - 2015-09-26 12:36 - 00000000 ___HD C:\Program Files (x86)\Zero G Registry
2015-09-26 12:07 - 2015-09-26 12:07 - 00000000 ___HD C:\Users\Jakub\InstallAnywhere

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-26 06:46 - 2014-06-20 16:12 - 00000000 ____D C:\FRST
2015-10-26 06:42 - 2009-07-14 05:45 - 00028944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-26 06:42 - 2009-07-14 05:45 - 00028944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-26 06:39 - 2011-04-12 09:34 - 00668640 _____ C:\Windows\system32\perfh005.dat
2015-10-26 06:39 - 2011-04-12 09:34 - 00141300 _____ C:\Windows\system32\perfc005.dat
2015-10-26 06:39 - 2009-07-14 06:13 - 01583642 _____ C:\Windows\system32\PerfStringBackup.INI
2015-10-26 06:38 - 2013-07-29 16:01 - 01467620 _____ C:\Windows\WindowsUpdate.log
2015-10-26 06:35 - 2015-02-21 19:44 - 00000000 ____D C:\Users\Jakub\AppData\Local\HTC MediaHub
2015-10-26 06:34 - 2015-06-05 13:06 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-26 06:34 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-26 00:29 - 2015-06-05 13:06 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-26 00:24 - 2014-07-09 10:24 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-10-26 00:21 - 2015-06-05 13:07 - 00001290 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-10-26 00:21 - 2015-06-05 13:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-10-25 23:48 - 2013-07-30 08:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-10-25 23:28 - 2015-06-02 20:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-10-25 23:06 - 2014-06-25 08:44 - 00000000 ____D C:\Program Files (x86)\7-Zip
2015-10-25 22:25 - 2015-06-05 08:11 - 00054724 _____ C:\Users\Jakub\Desktop\FRST2.txt
2015-10-25 22:05 - 2014-10-15 07:51 - 00000000 ____D C:\AdwCleaner
2015-10-25 21:55 - 2014-11-17 19:58 - 00000000 __SHD C:\Users\Jakub\AppData\Local\EmieBrowserModeList
2015-10-25 21:55 - 2014-05-15 18:22 - 00000000 __SHD C:\Users\Jakub\AppData\Local\EmieUserList
2015-10-25 21:55 - 2014-05-15 18:22 - 00000000 __SHD C:\Users\Jakub\AppData\Local\EmieSiteList
2015-10-25 21:55 - 2013-07-29 16:24 - 00001397 _____ C:\Users\Jakub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-10-25 21:54 - 2013-07-31 12:44 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-10-25 21:51 - 2015-06-04 14:51 - 00000352 _____ C:\Windows\Tasks\VentureImpress.job
2015-10-24 10:13 - 2015-01-12 19:55 - 00000000 ____D C:\Users\Jakub\Documents\Scan
2015-10-23 23:41 - 2015-07-03 17:04 - 00000000 ____D C:\Users\Jakub\Desktop\Tapety
2015-10-20 13:06 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2015-10-17 17:24 - 2013-07-30 09:28 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-10-17 17:24 - 2013-07-30 09:28 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-17 17:24 - 2013-07-30 09:28 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-10-15 22:56 - 2014-12-11 18:58 - 00000000 ____D C:\Windows\system32\appraiser
2015-10-15 22:56 - 2014-05-06 08:19 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-10-15 22:22 - 2013-07-31 12:44 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-10-15 22:21 - 2014-12-23 16:56 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-10-15 20:08 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2015-10-15 17:12 - 2014-10-26 18:42 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-10-14 17:39 - 2014-02-22 18:08 - 00000000 ___RD C:\Users\Jakub\Podcasts
2015-10-14 17:15 - 2013-07-30 23:46 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-10-14 17:06 - 2013-08-14 18:48 - 00000000 ____D C:\Windows\system32\MRT
2015-10-14 17:06 - 2013-07-30 07:56 - 143481208 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-10-14 17:02 - 2009-07-14 03:34 - 00000580 _____ C:\Windows\win.ini
2015-10-13 21:35 - 2014-01-26 09:29 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\vlc
2015-10-09 07:37 - 2009-07-14 06:08 - 00032638 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-10-08 19:18 - 2015-04-04 08:29 - 00000000 ___SD C:\Windows\system32\GWX
2015-10-08 16:06 - 2015-04-04 08:29 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-09-26 12:11 - 2013-07-31 12:47 - 00000000 ____D C:\Users\Jakub\AppData\Local\Adobe
2015-09-26 12:11 - 2013-07-31 12:43 - 00000000 ____D C:\ProgramData\Adobe
2015-09-26 12:11 - 2013-07-29 18:21 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\Adobe
2015-09-26 12:07 - 2013-07-29 16:24 - 00000000 ____D C:\Users\Jakub

==================== Files in the root of some directories =======

2015-06-04 15:12 - 2015-06-04 15:12 - 0000024 _____ () C:\Users\Jakub\AppData\Roaming\appdataFr25.bin
2015-04-14 17:28 - 2015-04-14 17:28 - 0004387 _____ () C:\Users\Jakub\AppData\Roaming\rZBrxPsWWk1A
2015-04-20 15:05 - 2015-04-20 15:05 - 1246720 _____ () C:\Users\Jakub\AppData\Roaming\rZBrxPsWWk1A.exe
2015-04-14 17:28 - 2015-04-14 17:28 - 0004387 _____ () C:\Users\Jakub\AppData\Roaming\wP024GxDKQhBS9iE
2015-04-20 15:05 - 2015-04-20 15:05 - 1246720 _____ () C:\Users\Jakub\AppData\Roaming\wP024GxDKQhBS9iE.exe
2015-04-19 13:20 - 2015-04-19 13:20 - 0005872 _____ () C:\Users\Jakub\AppData\Roaming\wP024GxDKQhBS9iEw
2015-04-20 15:05 - 2015-04-20 15:05 - 1579520 _____ () C:\Users\Jakub\AppData\Roaming\wP024GxDKQhBS9iEw.exe
2015-04-19 13:20 - 2015-04-19 13:20 - 0005872 _____ () C:\Users\Jakub\AppData\Roaming\YQwDnPB
2015-04-20 15:05 - 2015-04-20 15:05 - 1579520 _____ () C:\Users\Jakub\AppData\Roaming\YQwDnPB.exe
2013-07-29 16:39 - 2013-07-29 16:39 - 0000036 _____ () C:\Users\Jakub\AppData\Local\housecall.guid.cache
2015-10-26 06:45 - 2015-10-26 06:45 - 0029696 _____ () C:\Users\Jakub\AppData\Local\MSGBOX.EXE
2015-10-25 21:52 - 2015-10-25 21:52 - 0046592 _____ () C:\Users\Jakub\AppData\Local\Zottechi.exe
2015-10-25 21:52 - 2015-10-25 21:52 - 0000187 _____ () C:\Users\Jakub\AppData\Local\Zottechi.exe.config
2015-10-25 21:36 - 2015-10-26 00:21 - 0000102 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat

Files to move or delete:
====================
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat

Some files in TEMP:
====================
C:\Users\Jakub\AppData\Local\Temp\1201.exe
C:\Users\Jakub\AppData\Local\Temp\1266.exe
C:\Users\Jakub\AppData\Local\Temp\8660.exe
C:\Users\Jakub\AppData\Local\Temp\8720.exe
C:\Users\Jakub\AppData\Local\Temp\atcMedia5721442670314.exe
C:\Users\Jakub\AppData\Local\Temp\atcMedia6591419117782.exe
C:\Users\Jakub\AppData\Local\Temp\atcMedia8461415538601.exe
C:\Users\Jakub\AppData\Local\Temp\beefhjgaij.exe
C:\Users\Jakub\AppData\Local\Temp\beefiagiij.exe
C:\Users\Jakub\AppData\Local\Temp\Dya4ozDJEJ.exe
C:\Users\Jakub\AppData\Local\Temp\fsdF68E.exe
C:\Users\Jakub\AppData\Local\Temp\fsdF6BD.exe
C:\Users\Jakub\AppData\Local\Temp\fsdF90E.exe
C:\Users\Jakub\AppData\Local\Temp\mytmpinstaller.exe
C:\Users\Jakub\AppData\Local\Temp\nseD421.exe
C:\Users\Jakub\AppData\Local\Temp\rhUJpx3VXT.exe
C:\Users\Jakub\AppData\Local\Temp\sGrdDbeEko.exe
C:\Users\Jakub\AppData\Local\Temp\sqlite3.dll
C:\Users\Jakub\AppData\Local\Temp\{CA8A9FC4-7F1A-4A4A-957F-D583ADD3C21B}.dll

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-10-21 17:34

==================== End of FRST.txt ============================

jakub.oslejsek

A tady Addition:

Additional scan result of Farbar Recovery Scan Tool (x64) Version:25-10-2015 02
Ran by Jakub (2015-10-26 06:47:38)
Running from C:\Users\Jakub\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2013-07-29 15:24:21)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-3706855550-2973812730-1501122498-500 - Administrator - Disabled)
Guest (S-1-5-21-3706855550-2973812730-1501122498-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3706855550-2973812730-1501122498-1004 - Limited - Enabled)
Jakub (S-1-5-21-3706855550-2973812730-1501122498-1000 - Administrator - Enabled) => C:\Users\Jakub

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19140 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Advertising Center (x32 Version: 0.0.0.1 - Nero AG) Hidden
AMD Catalyst Install Manager (HKLM\...\{9AB0D5B6-4779-8C4F-CA91-A1FEDB56D7EC}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
AMR to MP3 Converter 1.4 (HKLM-x32\...\{C615B4A6-DDE8-4325-BCF8-E53E913D95E9}_is1) (Version: - amrtomp3converter.com)
Ashampoo Burning Studio 6 FREE v.6.84 (HKLM-x32\...\{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1) (Version: 6.8.4 - Ashampoo GmbH & Co. KG)
aTube Catcher (HKLM-x32\...\aTube Catcher) (Version: 3.8.7955 - DsNET Corp)
aTube Catcher verze 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
CCleaner (HKLM\...\CCleaner) (Version: 3.24 - Piriform)
Common Desktop Agent (Version: 1.62.0 - OEM) Hidden
CryptoPlus CS v1.0e (HKLM-x32\...\CryptoPlus CS v1.0e) (Version: 2.0.9 - Monet+,a.s.)
CryptoPlus CS v1.0e x64 (HKLM\...\CryptoPlus CS v1.0e) (Version: 2.0.9 - Monet+,a.s.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DigiTech RP155 Drivers (HKLM-x32\...\DigiTech RP155 Drivers) (Version: 1.0.0 - DigiTech)
DigiTech RP155 Drivers (Version: 1.0.0 - DigiTech) Hidden
DolbyFiles (x32 Version: 0.1 - Nero AG) Hidden
face2face Second edition Elementary application (HKLM-x32\...\face2faceSecondeditionElementary) (Version: 1.0.1 - Cambridge University Press Holdings Limited)
face2face Second edition Elementary application (x32 Version: 1.0.1 - Cambridge University Press Holdings Limited) Hidden
face2face Second edition Elementary content (HKLM-x32\...\face2face Second edition Elementary content) (Version: 1.0.0.0 - Cambridge University Press)
Facebook Platinum (HKLM-x32\...\{E9AD2F38-EF9C-B9DA-048A-A92FBC17701E}) (Version: - )
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Earth Plug-in (HKLM-x32\...\{57BB4801-61C8-4E74-9672-2160728A461E}) (Version: 7.1.5.1557 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.80 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6904.2028 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.16.0.001 - HTC Corporation)
HTC Sync Manager (HKLM-x32\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.54.2 - HTC)
IL-2 Sturmovik 1946 (HKLM-x32\...\InstallShield_{758AF648-0B6C-4593-BDF1-9BF4CB50A359}) (Version: 1.00.0000 - Ubisoft)
IL-2 Sturmovik 1946 (x32 Version: 1.00.0000 - Ubisoft) Hidden
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: - )
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3706855550-2973812730-1501122498-1000\...\OneDriveSetup.exe) (Version: 17.0.4024.1220 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 41.0.2 (x86 cs) (HKLM-x32\...\Mozilla Firefox 41.0.2 (x86 cs)) (Version: 41.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.2 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 9 Essentials (HKLM-x32\...\{3e071c2a-66d2-4b39-a563-86901688be4c}) (Version: - Nero AG)
Nokia Connectivity Cable Driver (HKLM\...\{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}) (Version: 7.1.32.69 - )
Rajče průvodce verze 1.59.52.267 (HKLM-x32\...\rajce.net_is1) (Version: - rajce.net)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.53.216.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6782 - Realtek Semiconductor Corp.)
Royal Envoy Campaign for the Crown Collector's Edition (HKLM-x32\...\Royal Envoy Campaign for the Crown Collector's Edition_is1) (Version: 1.0 - Playrix Entertainment)
Samsung Easy Document Creator (HKLM-x32\...\Samsung Easy Document Creator) (Version: 1.05.92 (14.3.2014) - Samsung Electronics Co., Ltd.)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.05.29.00(26.3.2014) - Samsung Electronics Co., Ltd.)
Samsung M2070 Series (HKLM-x32\...\Samsung M2070 Series) (Version: 1.12 (15.4.2014) - Samsung Electronics Co., Ltd.)
Samsung Network PC Fax (HKLM-x32\...\Samsung Network PC Fax) (Version: 1.10.18 (25.2.2014) - Samsung Electronics Co., Ltd.)
Samsung Printer Diagnostics (HKLM-x32\...\Samsung Printer Diagnostics) (Version: 1.0.0.15 - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung Scan Process Machine (x32 Version: 1.02.07.02 - Samsung Electronics Co., Ltd.) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Seznam Software (HKU\S-1-5-21-3706855550-2973812730-1501122498-1000\...\SeznamInstall) (Version: - Seznam.cz)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation)
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
SNS Upload for Easy Document Creator (HKLM-x32\...\{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC}) (Version: 1.0.0 - Samsung Electronics Co.,Ltd)
Super-Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.014 - MSI)
Unity Web Player (HKU\S-1-5-21-3706855550-2973812730-1501122498-1000\...\UnityWebPlayer) (Version: 2.6.1f3_31223 - Unity Technologies ApS)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Winki (HKLM-x32\...\{81CF5153-38CF-41e2-AC3C-3D477C987D96}_is1) (Version: 3.2.126 - MSI)
WinRAR 4.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
X-Edit (HKLM-x32\...\X-Edit) (Version: 2.7.1.1 - DigiTech)
X-Edit (x32 Version: 2.7.1.1 - DigiTech) Hidden
XnView 2.04 (HKLM-x32\...\XnView_is1) (Version: 2.04 - Gougelet Pierre-e)
Zobrazit uživatelskou příručku (HKLM-x32\...\View User Guide) (Version: 3.60.43.0 - )
Zoo Empire 1.21 (HKLM-x32\...\Zoo Empire_is1) (Version: - HYPERMAX)
Zune (HKLM\...\Zune) (Version: 04.08.2345.00 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== Restore Points =========================

14-10-2015 16:55:29 Windows Update
15-10-2015 22:56:09 Windows Update
19-10-2015 18:05:24 Windows Update
23-10-2015 11:46:44 Windows Update

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2014-06-20 19:26 - 00000035 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0B9B5A78-B54F-47AB-969D-4DCAB0FEA6BF} - System32\Tasks\YQwDnPB => C:\Users\Jakub\AppData\Roaming\YQwDnPB.exe [2015-04-20] () <==== ATTENTION
Task: {0BC53A95-1821-4933-B07F-055631E29DCD} - System32\Tasks\{0DF8112E-6A37-4BE2-AA4B-ADEF3566BA48} => pcalua.exe -a "C:\Instalační data\Sturmovik\UP3\UP_3.0RC_Client.part01.exe" -d "C:\Instalační data\Sturmovik\UP3"
Task: {45FC44BD-70B0-41B6-8F38-137C769DE419} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-05] (Google Inc.)
Task: {53BAD2E8-71E0-41CF-9D16-0ED2FADCC7B8} - System32\Tasks\{902CA38C-ACF1-49DD-A297-29CDA65D3131} => pcalua.exe -a C:\Users\Jakub\Downloads\ashampoo-burning-studio-free-lista-centrumcz.exe -d C:\Users\Jakub\Downloads
Task: {629CAEB8-8EBF-40E4-BA90-99BEE5DB6631} - System32\Tasks\wP024GxDKQhBS9iE => C:\Users\Jakub\AppData\Roaming\wP024GxDKQhBS9iE.exe [2015-04-20] () <==== ATTENTION
Task: {77F732B0-2180-4AB2-9EC5-284491965096} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-05] (Google Inc.)
Task: {8504ED3E-E727-49AC-9171-DEE521B6F541} - System32\Tasks\{C86E26EF-162E-4385-B4AA-F574792E58AF} => pcalua.exe -a "C:\Instalační data\cestina_pro_irfanview.exe" -d "C:\Instalační data"
Task: {8C3B6369-AB65-4006-A622-70131E413897} - System32\Tasks\wP024GxDKQhBS9iEw => C:\Users\Jakub\AppData\Roaming\wP024GxDKQhBS9iEw.exe [2015-04-20] () <==== ATTENTION
Task: {975C22BF-FB37-470A-9176-34418CD80875} - System32\Tasks\{47928BC5-F726-42F5-A1CE-8E4D1AC8D7A8} => pcalua.exe -a "E:\1111\Záloha DGen\DGen_MOD_2.0.2.0\DGenInstaller.exe" -d "E:\1111\Záloha DGen\DGen_MOD_2.0.2.0"
Task: {98AB4A52-80C2-4E60-BA6D-BFD8495ADFAA} - System32\Tasks\VentureImpress => c:\programdata\{56247939-6e1a-8f82-5624-479396e1e4e5}\629876842877639379b.exe <==== ATTENTION
Task: {99576A65-D5DE-4F04-B403-B50F28B72C89} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-17] (Adobe Systems Incorporated)
Task: {9A2D396E-484E-4328-AD5B-30465278AF73} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-09-14] (Adobe Systems Incorporated)
Task: {C0072DFF-0EDF-47BA-86A2-AC18EF763858} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-10-24] (Piriform Ltd)
Task: {EC0A12F2-B9EA-4284-87EC-189182769256} - System32\Tasks\rZBrxPsWWk1A => C:\Users\Jakub\AppData\Roaming\rZBrxPsWWk1A.exe [2015-04-20] () <==== ATTENTION
Task: {F54E2FC5-04CE-4188-8B6F-5DED62C557BF} - System32\Tasks\{7B0C9268-99A8-4080-9C89-841CDB89411C} => C:\Programy\Ubisoft\IL-2 Sturmovik 1946\UP3\JSGME.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\rZBrxPsWWk1A.job => C:\Users\Jakub\AppData\Roaming\rZBrxPsWWk1A.exe <==== ATTENTION
Task: C:\Windows\Tasks\VentureImpress.job => c:\programdata\{56247939-6e1a-8f82-5624-479396e1e4e5}\629876842877639379b.exe <==== ATTENTION
Task: C:\Windows\Tasks\wP024GxDKQhBS9iE.job => C:\Users\Jakub\AppData\Roaming\wP024GxDKQhBS9iE.exe <==== ATTENTION
Task: C:\Windows\Tasks\wP024GxDKQhBS9iEw.job => C:\Users\Jakub\AppData\Roaming\wP024GxDKQhBS9iEw.exe <==== ATTENTION
Task: C:\Windows\Tasks\YQwDnPB.job => C:\Users\Jakub\AppData\Roaming\YQwDnPB.exe <==== ATTENTION

==================== Loaded Modules (Whitelisted) ==============

2014-12-02 13:52 - 2014-12-02 13:52 - 00029184 _____ () C:\Windows\System32\ssm4mlm.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2013-07-30 09:23 - 2012-02-17 19:55 - 00193536 _____ () C:\Program Files\WinRAR\rarext.dll
2013-03-28 21:31 - 2013-03-28 21:31 - 00210944 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2012-09-23 12:53 - 2012-09-23 12:53 - 00748544 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2012-09-23 12:53 - 2012-09-23 12:53 - 03645952 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2015-10-25 21:18 - 2015-10-25 21:18 - 00381952 _____ () C:\Program Files (x86)\00000000-1445806083-0000-0000-D43D7E9CC0B9\knsx8E72.tmpfs
2015-10-25 21:48 - 2015-10-25 21:48 - 00845312 _____ () C:\Program Files (x86)\00000000-1445806083-0000-0000-D43D7E9CC0B9\hnssC8DB.tmp
2012-03-09 09:58 - 2012-03-09 09:58 - 00462712 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
2012-03-09 09:58 - 2012-03-09 09:58 - 00057208 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
2013-03-28 21:30 - 2013-03-28 21:30 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2015-10-25 21:48 - 2015-10-25 21:48 - 00219136 _____ () C:\Program Files (x86)\00000000-1445806083-0000-0000-D43D7E9CC0B9\jnsxACA2.tmp
2013-10-17 15:27 - 2013-10-17 15:27 - 00166912 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2015-07-14 14:37 - 2015-07-14 14:37 - 00821240 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
2014-12-18 15:06 - 2014-12-18 15:06 - 00031080 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll
2015-07-14 14:35 - 2015-07-14 14:35 - 00607016 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll
2014-12-18 15:09 - 2014-12-18 15:09 - 00059752 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll
2014-12-18 15:08 - 2014-12-18 15:08 - 00036216 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
2014-12-18 15:09 - 2014-12-18 15:09 - 00080248 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll
2014-12-18 15:11 - 2014-12-18 15:11 - 00129376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\zlib1.dll
2014-12-18 15:14 - 2014-12-18 15:14 - 00223592 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3706855550-2973812730-1501122498-1000\...\business24.cz -> hxxps://www.business24.cz
IE trusted site: HKU\S-1-5-21-3706855550-2973812730-1501122498-1000\...\servis24.cz -> hxxps://www.servis24.cz

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3706855550-2973812730-1501122498-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Jakub\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{93FE5283-757D-47DA-A130-2D58825E068A}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe
FirewallRules: [UDP Query User{F82A6562-3E29-4165-BB1E-B30514B38D91}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe
FirewallRules: [TCP Query User{3620035B-77EC-4E0A-8845-783B95CFEC91}C:\users\jakub\appdata\local\catalinagroup\citrio\application\chrome.exe] => (Block) C:\users\jakub\appdata\local\catalinagroup\citrio\application\chrome.exe
FirewallRules: [UDP Query User{DAFA12FA-4B6A-4A02-9A5E-8230DC0EB11F}C:\users\jakub\appdata\local\catalinagroup\citrio\application\chrome.exe] => (Block) C:\users\jakub\appdata\local\catalinagroup\citrio\application\chrome.exe
FirewallRules: [{C2D6A46B-3DEF-4EEB-B343-7E9A06E2BF80}] => (Allow) C:\Users\Jakub\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{5CE8695E-3C98-4DE6-AE28-B6C906B1B901}] => (Allow) %ProgramFiles%\Zune\Zune.exe
FirewallRules: [{3B68B793-D14A-4430-A19C-C4AEF88B6F86}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{1F28FBC1-9763-4F54-A2F9-78FE36E2B242}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{1BC57C2F-3A27-4FC5-81E2-CA55283BC5E6}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{A32E3E9D-4919-4FB2-833B-835461440AEF}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{A3F1EC9B-5B7F-44D5-B408-3D2F706BF011}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{56520C73-F9AA-4E28-BDC4-928C4A94547F}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{E4D6E01C-CB86-4E8A-808F-2C9725B8DFDB}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{311F3409-5EA4-4837-830B-CB55B5858A4A}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [TCP Query User{61866A5D-C828-4CBD-A801-E6F50472B26D}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Block) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [UDP Query User{E1C358A4-FDAA-4340-8EE0-6CD8AC0510CA}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Block) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [{701DA247-2A0C-4622-8CBC-024BCC781F43}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{B0C033A4-6F73-4F7F-95A8-5CF014984B74}] => (Allow) C:\Windows\twain_32\Samsung\SLM2070\ScanCDLM\ScanCDLM.exe
FirewallRules: [{5DC8B5B5-E9D3-43E5-A87B-4B253297BB16}] => (Allow) C:\Windows\twain_32\Samsung\SLM2070\ScanCDLM\ScanCDLM.exe
FirewallRules: [{472B6D5D-3AA5-461C-9667-D4A2A63E6BA7}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{B9A60B1B-F709-4658-9BC8-85B40DF6303A}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{F3EACA27-E384-4921-8B2C-A5C5E5965909}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe
FirewallRules: [{C63323C2-CAD0-458E-8CE3-486FCAF57161}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe
FirewallRules: [{75A782DA-66DC-44ED-A776-7B0FDFA98DE0}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{5D34A1EF-C321-402E-9019-DD8E96ABBBBF}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{1E7C6405-69A2-48E4-83C0-E357E707BCB2}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe
FirewallRules: [{99043E1E-A6AE-4F6E-91C5-E4B46F137809}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe
FirewallRules: [{A5FCB337-C804-4A52-A43B-9AFB2E284A00}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe
FirewallRules: [{1F2CEBEC-A0D4-4BDA-B719-F5F0AD362BB4}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe
FirewallRules: [{3831F12B-3B22-41E6-AE78-C97806169132}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
FirewallRules: [{C9D19B70-A1CA-415C-B20F-C3843929F4C1}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
FirewallRules: [{547EF02A-AA43-44B3-B287-5E541DCAFAF6}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\ScanProcess.exe
FirewallRules: [{63CDB8BD-DBB3-4E4E-91B9-EF2A0498680C}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\ScanProcess.exe
FirewallRules: [{8224B70E-564F-461A-9CAB-3C94335EC157}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\Scan2PCNotify.exe
FirewallRules: [{5FDF8194-793A-42C7-96B0-70418D30E91D}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\Scan2PCNotify.exe
FirewallRules: [{C5132329-4241-4318-B960-72CA7FFC4649}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{09465574-29FB-4784-8807-02AA471DDE66}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{321F09A6-F795-494B-98A7-D5789AD813EC}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe
FirewallRules: [{530FB986-37E6-4A7C-9AC0-7A9AE54EB02B}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe
FirewallRules: [TCP Query User{6D988726-6532-4CCF-A737-024E8B69639B}C:\program files\common files\common desktop agent\cdasrv.exe] => (Block) C:\program files\common files\common desktop agent\cdasrv.exe
FirewallRules: [UDP Query User{741D9A12-B29B-45A9-B2C9-E533ED97F3D8}C:\program files\common files\common desktop agent\cdasrv.exe] => (Block) C:\program files\common files\common desktop agent\cdasrv.exe
FirewallRules: [{64E8FC51-0A3A-4DB5-A4A7-B9C12266E3FE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A7B3330B-1004-4BC2-903B-C4539E85D575}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{14EFA6B7-22A5-4D2D-84F2-F907A66B1B1B}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
FirewallRules: [{7FB38CB6-F1FE-41A3-BA1A-31169A7A064C}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{D9042D0A-C67B-44EA-B139-DB6DA0032C7B}] => (Allow) LPort=2869
FirewallRules: [{43B18A19-85EA-41B5-8121-94CACF11434A}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{428DEE3C-F5AC-460E-A043-E16433233423}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{B30F40D5-F871-48B9-B70D-DCC286481F84}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{327EFF5F-FAA9-4356-9FBB-16BE92A90189}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
FirewallRules: [{FFC658E8-1AF8-4F76-93EB-7CA2231EB744}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{1F389A26-46DB-4F1E-AFA6-DB4C8074BD77}] => (Allow) C:\Program Files (x86)\LuckyBrowse\app\LuckyBrowse.exe
FirewallRules: [{061F6977-D4C2-41B9-82FC-D21065830765}] => (Allow) C:\Program Files (x86)\LuckyBrowse\app\LuckyBrowse.exe
FirewallRules: [{4866D36B-6A27-48F9-93F3-E58EC4BE18CE}] => (Allow) C:\Program Files (x86)\MyBrowser\MyBrowser\Application\mybrowser.exe

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Adaptér tunelového režimu Microsoft Teredo
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

==================== Event log errors: =========================

Application errors:
==================
Error: (10/26/2015 06:35:36 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/26/2015 12:24:35 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/26/2015 12:24:34 AM) (Source: RndService) (EventID: 0) (User: )
Description: Službu nelze spustit. Proces služby se nemohl připojit k síťovému řadiči

Error: (10/26/2015 12:19:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: 703.tmp.exe, verze: 0.0.0.0, časové razítko: 0x562d560f
Název chybujícího modulu: kernel32.dll, verze: 6.1.7601.19018, časové razítko: 0x5609fed3
Kód výjimky: 0xc0000005
Posun chyby: 0x00037718
ID chybujícího procesu: 0xd0c
Čas spuštění chybující aplikace: 0x703.tmp.exe0
Cesta k chybující aplikaci: 703.tmp.exe1
Cesta k chybujícímu modulu: 703.tmp.exe2
ID zprávy: 703.tmp.exe3

Error: (10/25/2015 11:50:26 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/25/2015 11:43:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: 1075.tmp.exe, verze: 0.0.0.0, časové razítko: 0x562d4e37
Název chybujícího modulu: kernel32.dll, verze: 6.1.7601.19018, časové razítko: 0x5609fed3
Kód výjimky: 0xc0000005
Posun chyby: 0x00037718
ID chybujícího procesu: 0xbcc
Čas spuštění chybující aplikace: 0x1075.tmp.exe0
Cesta k chybující aplikaci: 1075.tmp.exe1
Cesta k chybujícímu modulu: 1075.tmp.exe2
ID zprávy: 1075.tmp.exe3

Error: (10/25/2015 11:14:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/25/2015 11:06:27 PM) (Source: MsiInstaller) (EventID: 11316) (User: Jakub-PC)
Description: Product: globalupdate Helper -- Error 1316. Zadaný účet již existuje.

Error: (10/25/2015 11:04:53 PM) (Source: MsiInstaller) (EventID: 11316) (User: Jakub-PC)
Description: Product: globalupdate Helper -- Error 1316. Zadaný účet již existuje.

Error: (10/25/2015 11:02:33 PM) (Source: MsiInstaller) (EventID: 11316) (User: Jakub-PC)
Description: Product: globalupdate Helper -- Error 1316. Zadaný účet již existuje.

System errors:
=============
Error: (10/26/2015 06:35:05 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Normal Blind Carbon Copy neuspěla při spuštění v důsledku následující chyby:
%%2

Error: (10/26/2015 06:35:05 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Quad Zozlux neuspěla při spuštění v důsledku následující chyby:
%%1053

Error: (10/26/2015 06:35:05 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Quad Zozlux bylo dosaženo časového limitu (60000 ms).

Error: (10/26/2015 06:34:05 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba AODDriver4.2 neuspěla při spuštění v důsledku následující chyby:
%%2

Error: (10/26/2015 12:24:00 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Normal Blind Carbon Copy neuspěla při spuštění v důsledku následující chyby:
%%2

Error: (10/26/2015 12:23:32 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba AODDriver4.2 neuspěla při spuštění v důsledku následující chyby:
%%2

Error: (10/26/2015 12:22:07 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Live ID Sign-in Assistant neuspěla při spuštění v důsledku následující chyby:
%%109

Error: (10/26/2015 12:21:56 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba SSFK byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (10/26/2015 12:21:56 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba WdsManPro Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (10/26/2015 12:21:56 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Instalační služba modulů systému Windows byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.

==================== Memory info ===========================

Processor: AMD FX(tm)-4130 Quad-Core Processor
Percentage of memory in use: 28%
Total physical RAM: 6142.18 MB
Available physical RAM: 4405.92 MB
Total Virtual: 12282.57 MB
Available Virtual: 10280.7 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:1862.92 GB) (Free:1682.88 GB) NTFS
Drive e: (Data) (Fixed) (Total:1863.01 GB) (Free:1703.11 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 26CA0C85)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1862.9 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: 45D830F4)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

#5 Příspěvek od **altrok** » 26 říj 2015 07:30

V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).

Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
znovu spustte FRST a kliknete na Fix

po restartu bude na plose ulozen fixlog, jehoz obsah vlozte do pristi odpovedi

Kód: Vybrat vše

Start
CreateRestorePoint:
CloseProcesses:
File: C:\Windows\SysWOW64\xmesrv.exe
File: C:\Users\Jakub\AppData\Local\Zottechi.exe
File: C:\Users\Jakub\AppData\Roaming\wP024GxDKQhBS9iE.exe
HKU\S-1-5-21-3706855550-2973812730-1501122498-1000\...\Run: [GoogleChromeAutoLaunch_15F254A23A37E7265466A6824C7C8462] => "C:\Program Files (x86)\MyBrowser\MyBrowser\Application\mybrowser.exe" --no-startup-window
HKU\S-1-5-21-3706855550-2973812730-1501122498-1000\...\MountPoints2: {55e500e1-b99e-11e4-bec2-d43d7e9cc0b9} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-3706855550-2973812730-1501122498-1000\...\MountPoints2: {b7fae774-3f77-11e5-92f3-d43d7e9cc0b9} - F:\HTC_Sync_Manager_PC.exe
Startup: C:\Users\Jakub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Toolkit 2.5.3 is Here! [Latest].lnk [2015-04-27]
ShortcutTarget: Microsoft Toolkit 2.5.3 is Here! [Latest].lnk -> C:\ProgramData\{0a656b11-46cc-0bf0-0a65-56b1146cac45}\Microsoft Toolkit 2.5.3 is Here! [Latest].exe (No File)
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
AutoConfigURL: [S-1-5-21-3706855550-2973812730-1501122498-1000] => hxxp://get-access.me/wpad.dat?e6305c18c ... 5b61197878
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: YoutubeAdBlocke -> {ab3a39fa-d1b5-4c57-b3ab-24ef0f7f2658} -> C:\Program Files (x86)\YoutubeAdBlocke\klx9jY2Vo0vcFu.x64.dll => No File
BHO: GoSave -> {bc3bbe33-5417-45ae-86c0-132841bfd574} -> C:\Program Files (x86)\GoSave\MNqZu61bvG7Pun.x64.dll => No File
C:\Program Files (x86)\YoutubeAdBlocke
C:\Program Files (x86)\GoSave
BHO-x32: Discover Treasure -> {bfa55139-82af-4663-a19b-e135dac8d043} -> C:\Program Files (x86)\Discover Treasure\Extensions\bfa55139-82af-4663-a19b-e135dac8d043.dll => No File
C:\Program Files (x86)\Discover Treasure
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Extension: Discover Treasure - C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\Extensions\{d6d72590-5810-49d4-a1a1-84bcb320d2c4}.xpi [2015-10-25] [not signed]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-08] [not signed]
FF Extension: No Name - C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\defsearchp@gmail.com [not found]
FF Extension: No Name - C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com [not found]
R2 dijojyvi; C:\Program Files (x86)\00000000-1445806083-0000-0000-D43D7E9CC0B9\hnssC8DB.tmp [845312 2015-10-25] () [File not signed]
S2 dowoloadadproduurdow; C:\Users\Jakub\AppData\Local\Zottechi.exe [46592 2015-10-25] () [File not signed]
R2 himucyxe; C:\Program Files (x86)\00000000-1445806083-0000-0000-D43D7E9CC0B9\jnsxACA2.tmp [219136 2015-10-25] () [File not signed]
R2 cujeruku; C:\Program Files (x86)\00000000-1445806083-0000-0000-D43D7E9CC0B9\knsx8E72.tmpfs [X]
S2 hidekoqe; C:\Users\Jakub\AppData\Local\00000000-1445816691-0000-0000-D43D7E9CC0B9\qnsrCC55.tmp [X]
C:\Program Files (x86)\00000000-1445806083-0000-0000-D43D7E9CC0B9
C:\Users\Jakub\AppData\Local\Zottechi.exe
C:\Program Files (x86)\00000000-1445806083-0000-0000-D43D7E9CC0B9
C:\Users\Jakub\AppData\Local\00000000-1445816691-0000-0000-D43D7E9CC0B9
2015-10-26 06:45 - 2015-10-26 06:45 - 00029696 _____ C:\Users\Jakub\AppData\Local\MSGBOX.EXE
2015-10-26 06:45 - 2015-10-26 06:45 - 00015327 _____ C:\Users\Jakub\Desktop\LM.bat
2015-10-26 06:43 - 2015-10-26 06:43 - 00112640 _____ (forum.viry.cz) C:\Users\Jakub\Desktop\FRSTLauncher.exe
2015-10-25 21:36 - 2015-10-26 00:21 - 00000102 _____ C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
2015-10-25 21:46 - 2015-10-25 23:06 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-04-14 17:28 - 2015-04-14 17:28 - 0004387 _____ () C:\Users\Jakub\AppData\Roaming\rZBrxPsWWk1A
2015-04-20 15:05 - 2015-04-20 15:05 - 1246720 _____ () C:\Users\Jakub\AppData\Roaming\rZBrxPsWWk1A.exe
2015-04-14 17:28 - 2015-04-14 17:28 - 0004387 _____ () C:\Users\Jakub\AppData\Roaming\wP024GxDKQhBS9iE
2015-04-20 15:05 - 2015-04-20 15:05 - 1246720 _____ () C:\Users\Jakub\AppData\Roaming\wP024GxDKQhBS9iE.exe
2015-04-19 13:20 - 2015-04-19 13:20 - 0005872 _____ () C:\Users\Jakub\AppData\Roaming\wP024GxDKQhBS9iEw
2015-04-20 15:05 - 2015-04-20 15:05 - 1579520 _____ () C:\Users\Jakub\AppData\Roaming\wP024GxDKQhBS9iEw.exe
2015-04-19 13:20 - 2015-04-19 13:20 - 0005872 _____ () C:\Users\Jakub\AppData\Roaming\YQwDnPB
2015-04-20 15:05 - 2015-04-20 15:05 - 1579520 _____ () C:\Users\Jakub\AppData\Roaming\YQwDnPB.exe
2015-10-25 21:52 - 2015-10-25 21:52 - 0046592 _____ () C:\Users\Jakub\AppData\Local\Zottechi.exe
2015-10-25 21:52 - 2015-10-25 21:52 - 0000187 _____ () C:\Users\Jakub\AppData\Local\Zottechi.exe.config
Task: {0B9B5A78-B54F-47AB-969D-4DCAB0FEA6BF} - System32\Tasks\YQwDnPB => C:\Users\Jakub\AppData\Roaming\YQwDnPB.exe [2015-04-20] () <==== ATTENTION
Task: {53BAD2E8-71E0-41CF-9D16-0ED2FADCC7B8} - System32\Tasks\{902CA38C-ACF1-49DD-A297-29CDA65D3131} => pcalua.exe -a C:\Users\Jakub\Downloads\ashampoo-burning-studio-free-lista-centrumcz.exe -d C:\Users\Jakub\Downloads
Task: {629CAEB8-8EBF-40E4-BA90-99BEE5DB6631} - System32\Tasks\wP024GxDKQhBS9iE => C:\Users\Jakub\AppData\Roaming\wP024GxDKQhBS9iE.exe [2015-04-20] () <==== ATTENTION
Task: {8504ED3E-E727-49AC-9171-DEE521B6F541} - System32\Tasks\{C86E26EF-162E-4385-B4AA-F574792E58AF} => pcalua.exe -a "C:\Instalační data\cestina_pro_irfanview.exe" -d "C:\Instalační data"
Task: {8C3B6369-AB65-4006-A622-70131E413897} - System32\Tasks\wP024GxDKQhBS9iEw => C:\Users\Jakub\AppData\Roaming\wP024GxDKQhBS9iEw.exe [2015-04-20] () <==== ATTENTION
Task: {975C22BF-FB37-470A-9176-34418CD80875} - System32\Tasks\{47928BC5-F726-42F5-A1CE-8E4D1AC8D7A8} => pcalua.exe -a "E:\1111\Záloha DGen\DGen_MOD_2.0.2.0\DGenInstaller.exe" -d "E:\1111\Záloha DGen\DGen_MOD_2.0.2.0"
Task: {98AB4A52-80C2-4E60-BA6D-BFD8495ADFAA} - System32\Tasks\VentureImpress => c:\programdata\{56247939-6e1a-8f82-5624-479396e1e4e5}\629876842877639379b.exe <==== ATTENTION
Task: {EC0A12F2-B9EA-4284-87EC-189182769256} - System32\Tasks\rZBrxPsWWk1A => C:\Users\Jakub\AppData\Roaming\rZBrxPsWWk1A.exe [2015-04-20] () <==== ATTENTION
Task: {F54E2FC5-04CE-4188-8B6F-5DED62C557BF} - System32\Tasks\{7B0C9268-99A8-4080-9C89-841CDB89411C} => C:\Programy\Ubisoft\IL-2 Sturmovik 1946\UP3\JSGME.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\rZBrxPsWWk1A.job => C:\Users\Jakub\AppData\Roaming\rZBrxPsWWk1A.exe <==== ATTENTION
Task: C:\Windows\Tasks\VentureImpress.job => c:\programdata\{56247939-6e1a-8f82-5624-479396e1e4e5}\629876842877639379b.exe <==== ATTENTION
Task: C:\Windows\Tasks\wP024GxDKQhBS9iE.job => C:\Users\Jakub\AppData\Roaming\wP024GxDKQhBS9iE.exe <==== ATTENTION
Task: C:\Windows\Tasks\wP024GxDKQhBS9iEw.job => C:\Users\Jakub\AppData\Roaming\wP024GxDKQhBS9iEw.exe <==== ATTENTION
Task: C:\Windows\Tasks\YQwDnPB.job => C:\Users\Jakub\AppData\Roaming\YQwDnPB.exe <==== ATTENTION
FirewallRules: [TCP Query User{93FE5283-757D-47DA-A130-2D58825E068A}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe
FirewallRules: [UDP Query User{F82A6562-3E29-4165-BB1E-B30514B38D91}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe
C:\windows\kmsemulator.exe
FirewallRules: [{1F389A26-46DB-4F1E-AFA6-DB4C8074BD77}] => (Allow) C:\Program Files (x86)\LuckyBrowse\app\LuckyBrowse.exe
FirewallRules: [{061F6977-D4C2-41B9-82FC-D21065830765}] => (Allow) C:\Program Files (x86)\LuckyBrowse\app\LuckyBrowse.exe
FirewallRules: [{4866D36B-6A27-48F9-93F3-E58EC4BE18CE}] => (Allow) C:\Program Files (x86)\MyBrowser\MyBrowser\Application\mybrowser.exe
C:\ProgramData\{0a656b11-46cc-0bf0-0a65-56b1146cac45}
Hosts:
EmptyTemp:
End

jakub.oslejsek

Všechno proběhlo v pořádku, tady je log:

Fix result of Farbar Recovery Scan Tool (x64) Version:25-10-2015 02
Ran by Jakub (2015-10-26 07:40:29) Run:2
Running from C:\Users\Jakub\Desktop
Loaded Profiles: Jakub (Available Profiles: Jakub)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
File: C:\Windows\SysWOW64\xmesrv.exe
File: C:\Users\Jakub\AppData\Local\Zottechi.exe
File: C:\Users\Jakub\AppData\Roaming\wP024GxDKQhBS9iE.exe
HKU\S-1-5-21-3706855550-2973812730-1501122498-1000\...\Run: [GoogleChromeAutoLaunch_15F254A23A37E7265466A6824C7C8462] => "C:\Program Files (x86)\MyBrowser\MyBrowser\Application\mybrowser.exe" --no-startup-window
HKU\S-1-5-21-3706855550-2973812730-1501122498-1000\...\MountPoints2: {55e500e1-b99e-11e4-bec2-d43d7e9cc0b9} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-3706855550-2973812730-1501122498-1000\...\MountPoints2: {b7fae774-3f77-11e5-92f3-d43d7e9cc0b9} - F:\HTC_Sync_Manager_PC.exe
Startup: C:\Users\Jakub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Toolkit 2.5.3 is Here! [Latest].lnk [2015-04-27]
ShortcutTarget: Microsoft Toolkit 2.5.3 is Here! [Latest].lnk -> C:\ProgramData\{0a656b11-46cc-0bf0-0a65-56b1146cac45}\Microsoft Toolkit 2.5.3 is Here! [Latest].exe (No File)
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
AutoConfigURL: [S-1-5-21-3706855550-2973812730-1501122498-1000] => hxxp://get-access.me/wpad.dat?e6305c18c ... 5b61197878
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: YoutubeAdBlocke -> {ab3a39fa-d1b5-4c57-b3ab-24ef0f7f2658} -> C:\Program Files (x86)\YoutubeAdBlocke\klx9jY2Vo0vcFu.x64.dll => No File
BHO: GoSave -> {bc3bbe33-5417-45ae-86c0-132841bfd574} -> C:\Program Files (x86)\GoSave\MNqZu61bvG7Pun.x64.dll => No File
C:\Program Files (x86)\YoutubeAdBlocke
C:\Program Files (x86)\GoSave
BHO-x32: Discover Treasure -> {bfa55139-82af-4663-a19b-e135dac8d043} -> C:\Program Files (x86)\Discover Treasure\Extensions\bfa55139-82af-4663-a19b-e135dac8d043.dll => No File
C:\Program Files (x86)\Discover Treasure
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Extension: Discover Treasure - C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\Extensions\{d6d72590-5810-49d4-a1a1-84bcb320d2c4}.xpi [2015-10-25] [not signed]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-08] [not signed]
FF Extension: No Name - C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\defsearchp@gmail.com [not found]
FF Extension: No Name - C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com [not found]
R2 dijojyvi; C:\Program Files (x86)\00000000-1445806083-0000-0000-D43D7E9CC0B9\hnssC8DB.tmp [845312 2015-10-25] () [File not signed]
S2 dowoloadadproduurdow; C:\Users\Jakub\AppData\Local\Zottechi.exe [46592 2015-10-25] () [File not signed]
R2 himucyxe; C:\Program Files (x86)\00000000-1445806083-0000-0000-D43D7E9CC0B9\jnsxACA2.tmp [219136 2015-10-25] () [File not signed]
R2 cujeruku; C:\Program Files (x86)\00000000-1445806083-0000-0000-D43D7E9CC0B9\knsx8E72.tmpfs [X]
S2 hidekoqe; C:\Users\Jakub\AppData\Local\00000000-1445816691-0000-0000-D43D7E9CC0B9\qnsrCC55.tmp [X]
C:\Program Files (x86)\00000000-1445806083-0000-0000-D43D7E9CC0B9
C:\Users\Jakub\AppData\Local\Zottechi.exe
C:\Program Files (x86)\00000000-1445806083-0000-0000-D43D7E9CC0B9
C:\Users\Jakub\AppData\Local\00000000-1445816691-0000-0000-D43D7E9CC0B9
2015-10-26 06:45 - 2015-10-26 06:45 - 00029696 _____ C:\Users\Jakub\AppData\Local\MSGBOX.EXE
2015-10-26 06:45 - 2015-10-26 06:45 - 00015327 _____ C:\Users\Jakub\Desktop\LM.bat
2015-10-26 06:43 - 2015-10-26 06:43 - 00112640 _____ (forum.viry.cz) C:\Users\Jakub\Desktop\FRSTLauncher.exe
2015-10-25 21:36 - 2015-10-26 00:21 - 00000102 _____ C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
2015-10-25 21:46 - 2015-10-25 23:06 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-04-14 17:28 - 2015-04-14 17:28 - 0004387 _____ () C:\Users\Jakub\AppData\Roaming\rZBrxPsWWk1A
2015-04-20 15:05 - 2015-04-20 15:05 - 1246720 _____ () C:\Users\Jakub\AppData\Roaming\rZBrxPsWWk1A.exe
2015-04-14 17:28 - 2015-04-14 17:28 - 0004387 _____ () C:\Users\Jakub\AppData\Roaming\wP024GxDKQhBS9iE
2015-04-20 15:05 - 2015-04-20 15:05 - 1246720 _____ () C:\Users\Jakub\AppData\Roaming\wP024GxDKQhBS9iE.exe
2015-04-19 13:20 - 2015-04-19 13:20 - 0005872 _____ () C:\Users\Jakub\AppData\Roaming\wP024GxDKQhBS9iEw
2015-04-20 15:05 - 2015-04-20 15:05 - 1579520 _____ () C:\Users\Jakub\AppData\Roaming\wP024GxDKQhBS9iEw.exe
2015-04-19 13:20 - 2015-04-19 13:20 - 0005872 _____ () C:\Users\Jakub\AppData\Roaming\YQwDnPB
2015-04-20 15:05 - 2015-04-20 15:05 - 1579520 _____ () C:\Users\Jakub\AppData\Roaming\YQwDnPB.exe
2015-10-25 21:52 - 2015-10-25 21:52 - 0046592 _____ () C:\Users\Jakub\AppData\Local\Zottechi.exe
2015-10-25 21:52 - 2015-10-25 21:52 - 0000187 _____ () C:\Users\Jakub\AppData\Local\Zottechi.exe.config
Task: {0B9B5A78-B54F-47AB-969D-4DCAB0FEA6BF} - System32\Tasks\YQwDnPB => C:\Users\Jakub\AppData\Roaming\YQwDnPB.exe [2015-04-20] () <==== ATTENTION
Task: {53BAD2E8-71E0-41CF-9D16-0ED2FADCC7B8} - System32\Tasks\{902CA38C-ACF1-49DD-A297-29CDA65D3131} => pcalua.exe -a C:\Users\Jakub\Downloads\ashampoo-burning-studio-free-lista-centrumcz.exe -d C:\Users\Jakub\Downloads
Task: {629CAEB8-8EBF-40E4-BA90-99BEE5DB6631} - System32\Tasks\wP024GxDKQhBS9iE => C:\Users\Jakub\AppData\Roaming\wP024GxDKQhBS9iE.exe [2015-04-20] () <==== ATTENTION
Task: {8504ED3E-E727-49AC-9171-DEE521B6F541} - System32\Tasks\{C86E26EF-162E-4385-B4AA-F574792E58AF} => pcalua.exe -a "C:\Instalační data\cestina_pro_irfanview.exe" -d "C:\Instalační data"
Task: {8C3B6369-AB65-4006-A622-70131E413897} - System32\Tasks\wP024GxDKQhBS9iEw => C:\Users\Jakub\AppData\Roaming\wP024GxDKQhBS9iEw.exe [2015-04-20] () <==== ATTENTION
Task: {975C22BF-FB37-470A-9176-34418CD80875} - System32\Tasks\{47928BC5-F726-42F5-A1CE-8E4D1AC8D7A8} => pcalua.exe -a "E:\1111\Záloha DGen\DGen_MOD_2.0.2.0\DGenInstaller.exe" -d "E:\1111\Záloha DGen\DGen_MOD_2.0.2.0"
Task: {98AB4A52-80C2-4E60-BA6D-BFD8495ADFAA} - System32\Tasks\VentureImpress => c:\programdata\{56247939-6e1a-8f82-5624-479396e1e4e5}\629876842877639379b.exe <==== ATTENTION
Task: {EC0A12F2-B9EA-4284-87EC-189182769256} - System32\Tasks\rZBrxPsWWk1A => C:\Users\Jakub\AppData\Roaming\rZBrxPsWWk1A.exe [2015-04-20] () <==== ATTENTION
Task: {F54E2FC5-04CE-4188-8B6F-5DED62C557BF} - System32\Tasks\{7B0C9268-99A8-4080-9C89-841CDB89411C} => C:\Programy\Ubisoft\IL-2 Sturmovik 1946\UP3\JSGME.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\rZBrxPsWWk1A.job => C:\Users\Jakub\AppData\Roaming\rZBrxPsWWk1A.exe <==== ATTENTION
Task: C:\Windows\Tasks\VentureImpress.job => c:\programdata\{56247939-6e1a-8f82-5624-479396e1e4e5}\629876842877639379b.exe <==== ATTENTION
Task: C:\Windows\Tasks\wP024GxDKQhBS9iE.job => C:\Users\Jakub\AppData\Roaming\wP024GxDKQhBS9iE.exe <==== ATTENTION
Task: C:\Windows\Tasks\wP024GxDKQhBS9iEw.job => C:\Users\Jakub\AppData\Roaming\wP024GxDKQhBS9iEw.exe <==== ATTENTION
Task: C:\Windows\Tasks\YQwDnPB.job => C:\Users\Jakub\AppData\Roaming\YQwDnPB.exe <==== ATTENTION
FirewallRules: [TCP Query User{93FE5283-757D-47DA-A130-2D58825E068A}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe
FirewallRules: [UDP Query User{F82A6562-3E29-4165-BB1E-B30514B38D91}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe
C:\windows\kmsemulator.exe
FirewallRules: [{1F389A26-46DB-4F1E-AFA6-DB4C8074BD77}] => (Allow) C:\Program Files (x86)\LuckyBrowse\app\LuckyBrowse.exe
FirewallRules: [{061F6977-D4C2-41B9-82FC-D21065830765}] => (Allow) C:\Program Files (x86)\LuckyBrowse\app\LuckyBrowse.exe
FirewallRules: [{4866D36B-6A27-48F9-93F3-E58EC4BE18CE}] => (Allow) C:\Program Files (x86)\MyBrowser\MyBrowser\Application\mybrowser.exe
C:\ProgramData\{0a656b11-46cc-0bf0-0a65-56b1146cac45}
Hosts:
EmptyTemp:
End
*****************

Restore point was successfully created.
Processes closed successfully.

========================= File: C:\Windows\SysWOW64\xmesrv.exe ========================

File is digitally signed
MD5: 168C75B5B42D80E8946ABEF7BC28C584
Creation and modification date: 2015-06-06 12:01 - 2015-05-07 07:03
Size: 0034696
Attributes: ----A
Company Name: Monet+, a.s.
Internal Name: xmengine
Original Name: xmengine.exe
Product: Monet+, a.s. xmengine
Description: CryptoPlus XME Engine
File Version: 1, 3, 1, 7034
Product Version: 1, 3, 1, 7034
Copyright: Copyright © 2003, Monet+, a.s., Czech Republic

====== End of File: ======

========================= File: C:\Users\Jakub\AppData\Local\Zottechi.exe ========================

File not signed
MD5: 16F662369C757A4A2D7B714A64B8FC4B
Creation and modification date: 2015-10-25 21:52 - 2015-10-25 21:52
Size: 0046592
Attributes: ----A
Company Name:
Internal Name: xrc.exe
Original Name: xrc.exe
Product:
Description: xrc
File Version: 1.0.0.0
Product Version: 1.0.0.0
Copyright:

====== End of File: ======

========================= File: C:\Users\Jakub\AppData\Roaming\wP024GxDKQhBS9iE.exe ========================

File not signed
MD5: AB6818A7FF17230A6E5119F6CDD1F85B
Creation and modification date: 2015-04-20 15:05 - 2015-04-20 15:05
Size: 1246720
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version: 1.0.0.0
Product Version: 1.0.0.0
Copyright: Copyright 2001

====== End of File: ======

HKU\S-1-5-21-3706855550-2973812730-1501122498-1000\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_15F254A23A37E7265466A6824C7C8462 => value removed successfully
"HKU\S-1-5-21-3706855550-2973812730-1501122498-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{55e500e1-b99e-11e4-bec2-d43d7e9cc0b9}" => key removed successfully
HKCR\CLSID\{55e500e1-b99e-11e4-bec2-d43d7e9cc0b9} => key not found.
"HKU\S-1-5-21-3706855550-2973812730-1501122498-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b7fae774-3f77-11e5-92f3-d43d7e9cc0b9}" => key removed successfully
HKCR\CLSID\{b7fae774-3f77-11e5-92f3-d43d7e9cc0b9} => key not found.
C:\Users\Jakub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Toolkit 2.5.3 is Here! => not found.
C:\ProgramData\{0a656b11-46cc-0bf0-0a65-56b1146cac45}\Microsoft Toolkit 2.5.3 is Here! [Latest].exe => not found.
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
HKU\S-1-5-21-3706855550-2973812730-1501122498-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\AutoConfigURL => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ab3a39fa-d1b5-4c57-b3ab-24ef0f7f2658}" => key removed successfully
"HKCR\CLSID\{ab3a39fa-d1b5-4c57-b3ab-24ef0f7f2658}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bc3bbe33-5417-45ae-86c0-132841bfd574}" => key removed successfully
"HKCR\CLSID\{bc3bbe33-5417-45ae-86c0-132841bfd574}" => key removed successfully
"C:\Program Files (x86)\YoutubeAdBlocke" => not found.
"C:\Program Files (x86)\GoSave" => not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bfa55139-82af-4663-a19b-e135dac8d043}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{bfa55139-82af-4663-a19b-e135dac8d043}" => key removed successfully
"C:\Program Files (x86)\Discover Treasure" => not found.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\Extensions\{d6d72590-5810-49d4-a1a1-84bcb320d2c4}.xpi [2015-10-25] => not found.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-08] => not found.
C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\defsearchp@gmail.com => path removed successfully
C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com => path removed successfully
dijojyvi => service removed successfully
dowoloadadproduurdow => service removed successfully
himucyxe => service removed successfully
cujeruku => service removed successfully
hidekoqe => service removed successfully
C:\Program Files (x86)\00000000-1445806083-0000-0000-D43D7E9CC0B9 => moved successfully
C:\Users\Jakub\AppData\Local\Zottechi.exe => moved successfully
"C:\Program Files (x86)\00000000-1445806083-0000-0000-D43D7E9CC0B9" => not found.
"C:\Users\Jakub\AppData\Local\00000000-1445816691-0000-0000-D43D7E9CC0B9" => not found.
"C:\Users\Jakub\AppData\Local\MSGBOX.EXE" => not found.
C:\Users\Jakub\Desktop\LM.bat => moved successfully
C:\Users\Jakub\Desktop\FRSTLauncher.exe => moved successfully
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat => moved successfully
C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7 => moved successfully
C:\Users\Jakub\AppData\Roaming\rZBrxPsWWk1A => moved successfully
C:\Users\Jakub\AppData\Roaming\rZBrxPsWWk1A.exe => moved successfully
C:\Users\Jakub\AppData\Roaming\wP024GxDKQhBS9iE => moved successfully
C:\Users\Jakub\AppData\Roaming\wP024GxDKQhBS9iE.exe => moved successfully
C:\Users\Jakub\AppData\Roaming\wP024GxDKQhBS9iEw => moved successfully
C:\Users\Jakub\AppData\Roaming\wP024GxDKQhBS9iEw.exe => moved successfully
C:\Users\Jakub\AppData\Roaming\YQwDnPB => moved successfully
C:\Users\Jakub\AppData\Roaming\YQwDnPB.exe => moved successfully
"C:\Users\Jakub\AppData\Local\Zottechi.exe" => not found.
C:\Users\Jakub\AppData\Local\Zottechi.exe.config => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0B9B5A78-B54F-47AB-969D-4DCAB0FEA6BF}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0B9B5A78-B54F-47AB-969D-4DCAB0FEA6BF}" => key removed successfully
C:\Windows\System32\Tasks\YQwDnPB => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\YQwDnPB" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{53BAD2E8-71E0-41CF-9D16-0ED2FADCC7B8}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{53BAD2E8-71E0-41CF-9D16-0ED2FADCC7B8}" => key removed successfully
C:\Windows\System32\Tasks\{902CA38C-ACF1-49DD-A297-29CDA65D3131} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{902CA38C-ACF1-49DD-A297-29CDA65D3131}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{629CAEB8-8EBF-40E4-BA90-99BEE5DB6631}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{629CAEB8-8EBF-40E4-BA90-99BEE5DB6631}" => key removed successfully
C:\Windows\System32\Tasks\wP024GxDKQhBS9iE => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\wP024GxDKQhBS9iE" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8504ED3E-E727-49AC-9171-DEE521B6F541}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8504ED3E-E727-49AC-9171-DEE521B6F541}" => key removed successfully
C:\Windows\System32\Tasks\{C86E26EF-162E-4385-B4AA-F574792E58AF} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C86E26EF-162E-4385-B4AA-F574792E58AF}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8C3B6369-AB65-4006-A622-70131E413897}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8C3B6369-AB65-4006-A622-70131E413897}" => key removed successfully
C:\Windows\System32\Tasks\wP024GxDKQhBS9iEw => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\wP024GxDKQhBS9iEw" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{975C22BF-FB37-470A-9176-34418CD80875}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{975C22BF-FB37-470A-9176-34418CD80875}" => key removed successfully
C:\Windows\System32\Tasks\{47928BC5-F726-42F5-A1CE-8E4D1AC8D7A8} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{47928BC5-F726-42F5-A1CE-8E4D1AC8D7A8}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{98AB4A52-80C2-4E60-BA6D-BFD8495ADFAA}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{98AB4A52-80C2-4E60-BA6D-BFD8495ADFAA}" => key removed successfully
C:\Windows\System32\Tasks\VentureImpress => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\VentureImpress" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{EC0A12F2-B9EA-4284-87EC-189182769256}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EC0A12F2-B9EA-4284-87EC-189182769256}" => key removed successfully
C:\Windows\System32\Tasks\rZBrxPsWWk1A => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\rZBrxPsWWk1A" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F54E2FC5-04CE-4188-8B6F-5DED62C557BF}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F54E2FC5-04CE-4188-8B6F-5DED62C557BF}" => key removed successfully
C:\Windows\System32\Tasks\{7B0C9268-99A8-4080-9C89-841CDB89411C} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7B0C9268-99A8-4080-9C89-841CDB89411C}" => key removed successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\Windows\Tasks\rZBrxPsWWk1A.job => moved successfully
C:\Windows\Tasks\VentureImpress.job => moved successfully
C:\Windows\Tasks\wP024GxDKQhBS9iE.job => moved successfully
C:\Windows\Tasks\wP024GxDKQhBS9iEw.job => moved successfully
C:\Windows\Tasks\YQwDnPB.job => moved successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{93FE5283-757D-47DA-A130-2D58825E068A}C:\windows\kmsemulator.exe => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{F82A6562-3E29-4165-BB1E-B30514B38D91}C:\windows\kmsemulator.exe => value removed successfully
"C:\windows\kmsemulator.exe" => not found.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1F389A26-46DB-4F1E-AFA6-DB4C8074BD77} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{061F6977-D4C2-41B9-82FC-D21065830765} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4866D36B-6A27-48F9-93F3-E58EC4BE18CE} => value removed successfully
"C:\ProgramData\{0a656b11-46cc-0bf0-0a65-56b1146cac45}" => not found.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 456.7 MB temporary data Removed.

The system needed a reboot.

==== End of Fixlog 07:42:01 ====

#7 Příspěvek od **altrok** » 26 říj 2015 07:53

OK, z nejhorsiho jsme venku.

Nainstalujte MBAM a udelejte vlastni sken vsech disku - http://forum.viry.cz/viewtopic.php?f=29&t=144868

Upozorneni: tento sken zabere od 30 minut po nekolik hodin

jakub.oslejsek

Dobře, díky

Předpokládám, že s ohledem na to, že musím za 40 minut jet do práce, bude rozumnější pustit MBAB až odpoledne, až se vrátím, ne? Chtěl bych se také zeptat, jestli bude možné pokračovat v čištění i takhle později?

#9 Příspěvek od **altrok** » 26 říj 2015 08:05

Vetsinu aktivni haveti jsme jiz zastavili, ale je jeste nekolik casti operacniho systemu, ktere v logu nevidim a proto bych tam rad pustil sken celeho systemu, ktery potrva az nekolik hodin, takze ho muzete pustit az dojedete. Budeme pokracovat jakmile me zastihnete u PC

jakub.oslejsek

OK, ještě jednou, díky moc

#11 Příspěvek od **altrok** » 26 říj 2015 08:09

Nemate zac, odpoledne se ozvete.

jakub.oslejsek

Zdravím, tak mám konečně hotovo s tím logem z MBAB. Omlouvám se, že to tak trvalo, ale rychleji to opravdu nešlo...

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 26.10.2015
Čas skenování: 17:13
Protokol: MBAB - výsledky.txt
Správce: Ano

Verze: 2.2.0.1024
Databáze malwaru: v2015.10.26.04
Databáze rootkitů: v2015.10.23.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Jakub

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 686883
Uplynulý čas: 3 hod, 31 min, 47 sek

Paměť: Vypnuto
Po spuštění: Vypnuto
Souborový systém: Zapnuto
Archivy: Vypnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 13
PUP.Optional.GoHD, HKLM\SOFTWARE\WOW6432NODE\GoHD-nv, , [b8d45b008ffcc6702a07d88a857e1ae6],
PUP.Optional.GoHD, HKLM\SOFTWARE\WOW6432NODE\GoHD-nv-ie, , [f79588d3e5a6e6507cb5f56d23e027d9],
PUP.Optional.ShopAndSave, HKLM\SOFTWARE\WOW6432NODE\Shop and Save Up-nv, , [058737244b401620111ec9b5b251b947],
PUP.Optional.ShopAndSave, HKLM\SOFTWARE\WOW6432NODE\Shop and Save Up-nv-ie, , [c4c84b10d7b4c67097983747659ec13f],
PUP.Optional.PCSpeedUp, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\PCSUSpeedTest_RASAPI32, , [f696b6a5b8d3ec4af040ebaa0ef549b7],
PUP.Optional.PCSpeedUp, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\PCSUSpeedTest_RASMANCS, , [cdbf68f385065adc151b494c21e26898],
PUP.Optional.CinemaPlus, HKU\S-1-5-21-3706855550-2973812730-1501122498-1000\SOFTWARE\CinemaPlus-3.2cV23.10-nv-ie, , [5c30c398731800363010d0829c67659b],
PUP.Optional.CinemaPlus, HKU\S-1-5-21-3706855550-2973812730-1501122498-1000\SOFTWARE\CinemaPlus-3.2cV25.10-nv-ie, , [b7d5a3b877148babb38d460c8d76b848],
PUP.Optional.GoHD, HKU\S-1-5-21-3706855550-2973812730-1501122498-1000\SOFTWARE\GoHD-nv, , [43491c3f503b86b09c903d2581826e92],
PUP.Optional.GoHD, HKU\S-1-5-21-3706855550-2973812730-1501122498-1000\SOFTWARE\GoHD-nv-ie, , [791392c9b6d5dc5a03292a3816ed8977],
PUP.Optional.SavePass, HKU\S-1-5-21-3706855550-2973812730-1501122498-1000\SOFTWARE\SavePass 1.1-nv-ie, , [79134f0ca1ea77bfeccd304a06fd7b85],
PUP.Optional.ShopAndSave, HKU\S-1-5-21-3706855550-2973812730-1501122498-1000\SOFTWARE\Shop and Save Up-nv, , [ef9dd18a8cff6fc7c06d2d51e2217888],
PUP.Optional.ShopAndSave, HKU\S-1-5-21-3706855550-2973812730-1501122498-1000\SOFTWARE\Shop and Save Up-nv-ie, , [b6d6fc5f375485b1240908764cb7e818],

Hodnoty registru: 3
PUP.Optional.MyBrowser, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\ACTIVE SETUP\INSTALLED COMPONENTS, MyBrowser, , [14789cbf6b207fb725979001778c44bc]
PUP.Optional.MyBrowser, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\ACTIVE SETUP\INSTALLED COMPONENTS|StubPath, "C:\Program Files (x86)\MyBrowser\MyBrowser\Application\39.5.2171.95\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level, , [0c80d6851c6f2e08b00c375adb28d42c]
PUP.Optional.MyBrowser, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\ACTIVE SETUP\INSTALLED COMPONENTS|Localized Name, MyBrowser, , [e8a41f3ca0eb50e62993d9b855aed828]

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 42
PUP.Optional.OffersWizard, C:\Program Files (x86)\Common Files\Config, , [0f7dff5c97f4f54112958ee48a799e62],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\chrome, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\chrome\content, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\chrome\content\include, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\chrome\content\include\tools, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\chrome\content\js, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\chrome\content\js\lib, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\chrome\content\js\module, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\chrome\content\js\pack, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\chrome\locale, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\chrome\locale\en, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\chrome\locale\en-US, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\chrome\locale\es, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\chrome\locale\es-419, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\chrome\locale\fr, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\chrome\locale\fr-BE, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\chrome\locale\fr-CA, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\chrome\locale\fr-CH, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\chrome\locale\fr-LU, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\chrome\locale\it, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\chrome\locale\it-CH, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\chrome\locale\pl, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\chrome\locale\pt-BR, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\chrome\locale\ru, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\chrome\locale\ru-MO, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\chrome\locale\tr, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\chrome\locale\vi, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\chrome\locale\zh-CN, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\chrome\locale\zh-TW, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\chrome\skin, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\defaults, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\defaults\preferences, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\modules, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.ProtectWindowsManager, C:\ProgramData\1WdsManPro1, , [286479e28dfe092d2156f27937cb52ae],
PUP.Optional.ProtectWindowsManager, C:\ProgramData\1WdsManPro1\mitest, , [286479e28dfe092d2156f27937cb52ae],
PUP.Optional.ProtectWindowsManager, C:\ProgramData\2WdsManPro2, , [2a628ecd3358072fb0c7f774847e44bc],
PUP.Optional.ProtectWindowsManager, C:\ProgramData\2WdsManPro2\mitest, , [2a628ecd3358072fb0c7f774847e44bc],
PUP.Optional.ProtectWindowsManager, C:\ProgramData\WWdsManProW, , [612b0a519dee1d19d1a65f0cb54dfa06],
PUP.Optional.ProtectWindowsManager, C:\ProgramData\WWdsManProW\mitest, , [612b0a519dee1d19d1a65f0cb54dfa06],
PUP.Optional.ProtectWindowsManager, C:\ProgramData\yWdsManProy, , [c1cb4714a2e9ff373740f972d131b749],
PUP.Optional.ProtectWindowsManager, C:\ProgramData\yWdsManProy\mitest, , [c1cb4714a2e9ff373740f972d131b749],

Soubory: 149
Trojan.BitCoinMiner, C:\Windows\inf\mslmmgti\mslmmgti.exe, , [2567afacdcaf4ee807bce3ad6c94f50b],
Trojan.BitCoinMiner, C:\Windows\inf\msnjeg\msnjeg.exe, , [49431645b9d2191d9f2407892ad601ff],
Trojan.Agent.MSIL, C:\FRST\Quarantine\C\Users\Jakub\AppData\Local\Zottechi.exe.xBAD, , [97f51d3e414afb3b5c775adaaf522dd3],
PUP.Optional.CrossRider, C:\FRST\Quarantine\C\Users\Jakub\AppData\Roaming\rZBrxPsWWk1A.exe.xBAD, , [6f1dc3987c0f1224fd66c36cdd2302fe],
PUP.Optional.CrossRider, C:\FRST\Quarantine\C\Users\Jakub\AppData\Roaming\wP024GxDKQhBS9iE.exe.xBAD, , [414bc6958cff62d4481bb97677897987],
PUP.Optional.CrossRider, C:\FRST\Quarantine\C\Users\Jakub\AppData\Roaming\wP024GxDKQhBS9iEw.exe.xBAD, , [117bf665315ad75feabc79c031d049b7],
PUP.Optional.CrossRider, C:\FRST\Quarantine\C\Users\Jakub\AppData\Roaming\YQwDnPB.exe.xBAD, , [0d7f82d90883e056ced8aa8fdc2505fb],
PUP.Optional.NetFilter, C:\FRST\Quarantine\C\Windows\system32\Drivers\nethfdrv.sys.xBAD, , [e7a558035734d165f24451ddcc3439c7],
PUP.Optional.NetFilter, C:\FRST\Quarantine\C\Windows\SysWOW64\hfpapi.dll.xBAD, , [e1ab7be0622914221b1a929c758b1be5],
PUP.Optional.Amonetize, C:\FRST\Quarantine\C\Windows\SysWOW64\installd.exe.xBAD, , [3557f665454660d610d491c7bd44649c],
PUP.Optional.Amonetize, C:\FRST\Quarantine\C\Windows\SysWOW64\nethtsrv.exe.xBAD, , [bad2d7840c7f96a014e731cf808146ba],
PUP.Optional.Amonetize, C:\FRST\Quarantine\C\Windows\SysWOW64\netupdsrv.exe.xBAD, , [0f7d2536c9c2b58152a8d32dcb36b44c],
PUP.Optional.WProtectManager, C:\ProgramData\1WdsManPro1\WdsManPro.exe, , [fa92abb00b80979f3b3570e7966ef20e],
PUP.Optional.WProtectManager, C:\ProgramData\2WdsManPro2\WdsManPro.exe, , [840863f8dcafe353b5bbc7908084af51],
PUP.Optional.WProtectManager, C:\ProgramData\WWdsManProW\WdsManPro.exe, , [04883c1f4b4042f4541c74e355af39c7],
PUP.Optional.WProtectManager, C:\ProgramData\yWdsManProy\WdsManPro.exe, , [523a4a11c2c97db9115fee699d679070],
PUP.Optional.Amonetize, C:\AdwCleaner\Quarantine\C\Program Files\Concom\Concom.exe.vir, , [2468cb90bccf11258580d987649dc838],
PUP.Optional.MultiPlug, C:\AdwCleaner\Quarantine\C\Program Files (x86)\afterguard\afterguard.dll.vir, , [7418ea71058660d6d9f80e2e917048b8],
PUP.Optional.OffersWizard, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\config\uninstinethnfd.exe.vir, , [d4b8e4775e2d2214d7d1420f867eff01],
PUP.Optional.MultiPlug, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Facebook Platinum\Facebook Platinum.exe.vir, , [9cf0a2b98ffc7fb7725846f64eb38f71],
PUP.Optional.ModGoog, C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\globalupdate.exe.vir, , [5a3274e7a7e4af878c0f44b90cf414ec],
PUP.Optional.ModGoog, C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\globalupdate.exe.vir, , [791317442566e0560c8f8f6ed9279070],
PUP.Optional.ModGoog, C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\globalupdateBroker.exe.vir, , [65275dfe63283cfaf3a857a61be523dd],
PUP.Optional.ModGoog, C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\globalupdateCrashHandler.exe.vir, , [6d1f461534571a1c8a114cb1c53b2bd5],
PUP.Optional.ModGoog, C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\globalupdateOnDemand.exe.vir, , [48441e3d4e3df2445942a855f50bec14],
PUP.Optional.ModGoog, C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdate.dll.vir, , [3b515209c6c5fd39fba042bba65aa957],
PUP.Optional.ModGoog, C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdateres_en.dll.vir, , [afdd76e590fbbe780e8db64705fbbd43],
PUP.Optional.ModGoog, C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll.vir, , [cac2c794d7b415213863ee0f79878d73],
PUP.Optional.ModGoog, C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\psmachine.dll.vir, , [0b81134895f6ef47bae14ab340c008f8],
PUP.Optional.ModGoog, C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\psuser.dll.vir, , [f99382d92d5eb086a6f59b6217e9ed13],
PUP.Optional.GoHD, C:\AdwCleaner\Quarantine\C\Program Files (x86)\GoHD\74b8e08a-7f23-496f-b9ab-48cf1e8937ab-6.exe.vir, , [2567cb906427cf676151b9811ae75fa1],
PUP.Optional.Nova, C:\AdwCleaner\Quarantine\C\Program Files (x86)\GoHD\5cfbd798-9e97-4ffc-87fe-b5f4779ec768.dll.vir, , [fe8e4813711a53e3a0731a23ac5521df],
PUP.Optional.GoHD, C:\AdwCleaner\Quarantine\C\Program Files (x86)\GoHD\74b8e08a-7f23-496f-b9ab-48cf1e8937ab-1-6.exe.vir, , [870554078704ca6c5260fd3dd0319f61],
PUP.Optional.GoHD, C:\AdwCleaner\Quarantine\C\Program Files (x86)\GoHD\74b8e08a-7f23-496f-b9ab-48cf1e8937ab-1-7.exe.vir, , [622a302b117a77bf5161de5cc33ee61a],
PUP.Optional.GoHD, C:\AdwCleaner\Quarantine\C\Program Files (x86)\GoHD\74b8e08a-7f23-496f-b9ab-48cf1e8937ab-10.exe.vir, , [6428bc9fc3c8ac8acde52b0ff8095da3],
PUP.Optional.GoHD, C:\AdwCleaner\Quarantine\C\Program Files (x86)\GoHD\74b8e08a-7f23-496f-b9ab-48cf1e8937ab-3.exe.vir, , [fc904318296220162b871525ce339868],
PUP.Optional.GoHD, C:\AdwCleaner\Quarantine\C\Program Files (x86)\GoHD\74b8e08a-7f23-496f-b9ab-48cf1e8937ab-4.exe.vir, , [fb9174e70289b185387afd3d3dc4e917],
PUP.Optional.GoHD, C:\AdwCleaner\Quarantine\C\Program Files (x86)\GoHD\74b8e08a-7f23-496f-b9ab-48cf1e8937ab-5.exe.vir, , [4a428fcc365549ed268c96a4bb46f20e],
PUP.Optional.GoHD, C:\AdwCleaner\Quarantine\C\Program Files (x86)\GoHD\74b8e08a-7f23-496f-b9ab-48cf1e8937ab-64.exe.vir, , [6f1da0bb523990a6a80a50ea15ecee12],
PUP.Optional.GoHD, C:\AdwCleaner\Quarantine\C\Program Files (x86)\GoHD\74b8e08a-7f23-496f-b9ab-48cf1e8937ab-7.exe.vir, , [3755db805932e84e427052e8e31ebf41],
PUP.Optional.CrossRider, C:\AdwCleaner\Quarantine\C\Program Files (x86)\GoHD\be3ceab4-a7d4-45f4-bff9-6172f3b8a4c9.dll.vir, , [2e5e500b97f48bab132a61d58b76d62a],
PUP.Optional.Downloader, C:\AdwCleaner\Quarantine\C\Program Files (x86)\GoHD\Uninstall.exe.vir, , [305c3823c8c358de7da0af8bb24f7987],
PUP.Optional.GoHD, C:\AdwCleaner\Quarantine\C\Program Files (x86)\GoHD\UninstallBrw.exe.vir, , [14781249672434025d55ff3ba0616e92],
PUP.Optional.GoHD, C:\AdwCleaner\Quarantine\C\Program Files (x86)\GoHD\utils.exe.vir, , [fa92213a206b2a0c3082de5cf30e04fc],
PUP.Optional.MultiPlug, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mozilla Firefox\dbghelp.dll.vir, , [c5c76eedef9c61d5d3ec46f6fa074db3],
PUP.Optional.CrossRider, C:\AdwCleaner\Quarantine\C\Program Files (x86)\MyBrowser\MyBrowser\Application\utility.exe.vir, , [800cef6c1378171ff8600f47d62ebe42],
PUP.Optional.MyBrowser, C:\AdwCleaner\Quarantine\C\Program Files (x86)\MyBrowser\MyBrowser\Application\39.5.2171.95\Installer\chrmstp.exe.vir, , [7517d487c5c6a195395c9fb6a75ace32],
PUP.Optional.MyBrowser, C:\AdwCleaner\Quarantine\C\Program Files (x86)\MyBrowser\MyBrowser\Application\39.5.2171.95\Installer\setup.exe.vir, , [6428d68594f786b0bbdae570be4330d0],
PUP.Optional.ShopAndSave, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Shop and Save Up\83feb89d-02fa-4d74-b419-d3ec6e910956-5.exe.vir, , [8a0216459cef41f50f4a0f2f867bc040],
PUP.Optional.Nova, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Shop and Save Up\47b411f3-9264-4f0a-9e40-de66f18af7a0.dll.vir, , [abe14e0d92f9f73f947fd469f30e55ab],
PUP.Optional.ShopAndSave, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Shop and Save Up\83feb89d-02fa-4d74-b419-d3ec6e910956-1-6.exe.vir, , [f696cb90672494a2114851ed20e1ca36],
PUP.Optional.ShopAndSave, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Shop and Save Up\83feb89d-02fa-4d74-b419-d3ec6e910956-10.exe.vir, , [424a33285e2d37ff6fea003ef60b57a9],
PUP.Optional.ShopAndSave, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Shop and Save Up\83feb89d-02fa-4d74-b419-d3ec6e910956-3.exe.vir, , [4547d388bfcc2f0768f146f8f011e61a],
PUP.Optional.ShopAndSave, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Shop and Save Up\83feb89d-02fa-4d74-b419-d3ec6e910956-4.exe.vir, , [a3e984d7f893c274f46547f75fa20cf4],
PUP.Optional.ShopAndSave, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Shop and Save Up\83feb89d-02fa-4d74-b419-d3ec6e910956-6.exe.vir, , [b6d6abb00883be78afaa68d6a45d8f71],
PUP.Optional.ShopAndSave, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Shop and Save Up\83feb89d-02fa-4d74-b419-d3ec6e910956-64.exe.vir, , [a3e96cef800b2a0c66f36cd2639eaa56],
PUP.Optional.ShopAndSave, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Shop and Save Up\83feb89d-02fa-4d74-b419-d3ec6e910956-7.exe.vir, , [92faeb70f497290d7cdd132b9b66f808],
PUP.Optional.CrossRider, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Shop and Save Up\9e9d819f-4ed9-49b3-8d2a-f8716d23ff3b.dll.vir, , [5d2faead1774ba7cd964d4623cc555ab],
PUP.Optional.InstallCore, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Shop and Save Up\Uninstall.exe.vir, , [a1eb4615d5b6290d94fac49235cf7090],
PUP.Optional.ShopAndSave, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Shop and Save Up\UninstallBrw.exe.vir, , [622a9ac142496dc988d12d1102ff24dc],
PUP.Optional.ShopAndSave, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Shop and Save Up\utils.exe.vir, , [d8b42833513a5bdbabae4df137cada26],
Trojan.SProtector, C:\AdwCleaner\Quarantine\C\Program Files (x86)\sw-booster\Assistant.dll.vir, , [3854f962b1dab680b23f0d9d42be57a9],
Trojan.SProtector, C:\AdwCleaner\Quarantine\C\Program Files (x86)\sw-booster\AssistantSvc.dll.vir, , [57355902d1ba0036df13614958a86997],
Trojan.SProtector, C:\AdwCleaner\Quarantine\C\Program Files (x86)\sw-booster\Assistant_x64.dll.vir, , [771588d3a3e8092db0c46160f808857b],
PUP.Optional.MultiPlug, C:\AdwCleaner\Quarantine\C\ProgramData\GoSave\lK1vxfA3cdforSN.exe.vir, , [bbd1dd7e692225119cbf6112a958c937],
Trojan.Downloader, C:\AdwCleaner\Quarantine\C\ProgramData\Trusted Publisher\SW-Booster\SW-Booster.exe.vir, , [becef16aaeddf640c3444c8305fc1de3],
PUP.Optional.MultiPlug, C:\AdwCleaner\Quarantine\C\ProgramData\YoutubeAdBlocke\g3hnWwXVie5zKr1.exe.vir, , [3557cd8ea4e786b0f368294a43bee31d],
PUP.Optional.MultiPlug, C:\AdwCleaner\Quarantine\C\ProgramData\{0a656b11-46cc-0bf0-0a65-56b1146cac45}\Microsoft Toolkit 2.5.3 is Here! [Latest].exe.vir, , [2468de7d13783df984c955aeaf5221df],
PUP.Optional.MultiPlug, C:\AdwCleaner\Quarantine\C\ProgramData\{56247939-6e1a-8f82-5624-479396e1e4e5}\629876842877639379b.exe.vir, , [a5e732295c2f86b07b491bf8649de917],
PUP.Optional.Systweak, C:\AdwCleaner\Quarantine\C\Windows\Sysnative\roboot64.exe.vir, , [0686d388385354e2935392acfd04ee12],
PUP.Optional.SurfTastic, C:\AdwCleaner\Quarantine\C\Windows\System32\drivers\wStLibG64.sys.vir, , [b1db92c9008b65d193ac0a4de222f808],
PUP.Optional.NetFilter, C:\AdwCleaner\Quarantine\C\Windows\SysWOW64\hfnapi.dll.vir, , [69236bf0becdfa3c42f345839f61837d],
PUP.Optional.IBryte, C:\Users\Jakub\Downloads\update.exe, , [ee9ea7b4f39870c64293def530d05ba5],
PUP.Optional.MultiPlug, E:\Filmy\seriály\Selfie\selfie-s01e05-english-subtitle.exe, , [5e2e4318385339fd3a024f833bc53fc1],
PUP.Optional.MyStartSearch.ShrtCln, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\searchplugins\mystartsearch.xml, , [a5e7dd7e4843f046457f4f2a9e64eb15],
Rogue.Link, C:\Users\Public\Desktop\MP3 Downloader.lnk, , [0d7f203b088370c63e535555a85a1ae6],
PUP.Optional.DefaultSearchProtected, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\defsearchp@gmail.com.xpi, , [33594417fb9076c065cb6feb4ab922de],
PUP.Optional.OffersWizard, C:\Program Files (x86)\Common Files\Config\ver.xml, , [0f7dff5c97f4f54112958ee48a799e62],
PUP.Optional.OffersWizard, C:\Program Files (x86)\Common Files\Config\data.xml, , [0f7dff5c97f4f54112958ee48a799e62],
Trojan.Agent.Trace, C:\Windows\inf\ntvdm.inf, , [711b6eed02896fc7f5a3f8ab56ad04fc],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\chrome.manifest, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\install.rdf, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\chrome\content\index.html, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\chrome\content\quick_start.js, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\chrome\content\quick_start.xul, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\chrome\content\include\speed_dial.js, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\chrome\content\include\tools\about_blank_hook.js, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\chrome\content\include\tools\misc.js, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\chrome\content\include\tools\popup_image_helper.js, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\chrome\content\include\tools\urlrequestor.js, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\chrome\content\js\lib\doT.min.js, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\chrome\content\js\lib\jquery-2.1.0.min.js, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\chrome\content\js\lib\jquery.autocomplete.js, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\chrome\content\js\module\hotSearch.js, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\chrome\content\js\module\mostgrid.js, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\chrome\content\js\module\search.js, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\chrome\content\js\module\stat.js, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\chrome\content\js\pack\common.js, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\chrome\content\js\pack\ga.js, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\chrome\content\js\pack\xagainit.js, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\chrome\locale\en\locale.properties, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\chrome\locale\en-US\locale.properties, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\chrome\locale\es\locale.properties, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\chrome\locale\es-419\locale.properties, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\chrome\locale\fr\locale.properties, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\chrome\locale\fr-BE\locale.properties, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\chrome\locale\fr-CA\locale.properties, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\chrome\locale\fr-CH\locale.properties, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\chrome\locale\fr-LU\locale.properties, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\chrome\locale\it\locale.properties, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\chrome\locale\it-CH\locale.properties, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\chrome\locale\pl\locale.properties, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\chrome\locale\pt-BR\locale.properties, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\chrome\locale\ru\locale.properties, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\chrome\locale\ru-MO\locale.properties, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\chrome\locale\tr\locale.properties, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\chrome\locale\vi\locale.properties, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\chrome\locale\zh-CN\locale.properties, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\chrome\locale\zh-TW\locale.properties, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\chrome\skin\default_logo.png, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\chrome\skin\googlelogo.png, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\chrome\skin\google_trends.png, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\chrome\skin\icon.png, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\chrome\skin\loading.gif, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\chrome\skin\logo.png, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\chrome\skin\luck.png, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\chrome\skin\newtab.ico, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\chrome\skin\simple.css, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\chrome\skin\style.css, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\defaults\preferences\fvd.js, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\defaults\preferences\preferences.js, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\modules\addonmanager.js, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\modules\aes.js, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\modules\config.js, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\modules\dialogs.js, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\modules\last_tab.js, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\modules\misc.js, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\modules\properties.js, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\modules\remoterequest.js, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\modules\restoreprefs.js, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\extensions\deskCutv2@gmail.com\modules\settings.js, , [5636be9de6a5a6905acdff520ff38d73],
PUP.Optional.ProtectWindowsManager, C:\ProgramData\1WdsManPro1\mitestconf, , [286479e28dfe092d2156f27937cb52ae],
PUP.Optional.ProtectWindowsManager, C:\ProgramData\WWdsManProW\mitestconf, , [612b0a519dee1d19d1a65f0cb54dfa06],
PUP.Optional.ProtectWindowsManager, C:\ProgramData\yWdsManProy\mitestconf, , [c1cb4714a2e9ff373740f972d131b749],
PUP.Optional.MyStartSearch, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\prefs.js, Dobré: (), Špatné: (user_pref("browser.search.defaultenginename", "mystartsearch");), ,[355705566b20c4722c59233559ab867a]
PUP.Optional.MyStartSearch, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\prefs.js, Dobré: (), Špatné: (user_pref("browser.search.selectedEngine", "mystartsearch");), ,[e3a9302bbdce6bcb3a4c6cec3fc5619f]
PUP.Optional.QuickStart, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\prefs.js, Dobré: (), Špatné: (user_pref("browser.newtab.url", "chrome://quick_start/content/index.html");), ,[4943b5a6becda096760503564cb88a76]
PUP.Optional.DefaultProtectedSearch, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\prefs.js, Dobré: (), Špatné: (defsearchp@gmail.com), ,[7c109cbff69591a56dd2134ddf2550b0]
PUP.Optional.DeskCut, C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\prefs.js, Dobré: (), Špatné: (deskCutv2@gmail.com), ,[8dff590276154bebdf61dc847b89ee12]

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)

(end)

#13 Příspěvek od **altrok** » 26 říj 2015 21:16

Mne se kvuli Vasim povinnostem omlouvat nemusite

Pozor na E:\Filmy\seriály\Selfie\selfie-s01e05-english-subtitle.exe !
Doporucuji upravit nastaveni zobrazeni, abyste mel moznost tyto "nachytavky" vcas odhalit.

Start -> Spustit (nebo Win + R)
do okna zadejte: control folders
prekliknete se nahore na kartu Zobrazeni
odskrtnete (vypnete zatrzitko) u Skryt priponu souboru znamych typu
kliknete na Pouzit

Vsechny nalezy MBAMu smazte/presunte do karanteny a pak prosim dejte aktualni logy z FRST (pri druhem a dalsim spusteni FRST je nutne volbu Additional explicitne zatrhnout, aby byl log Addition.txt vytvoren).

jakub.oslejsek

Tak přípony jsou zařízeny. Díky za typ

Níže jsou logy.
FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:25-10-2015 02
Ran by Jakub (administrator) on JAKUB-PC (26-10-2015 21:21:08)
Running from C:\Users\Jakub\Desktop
Loaded Profiles: Jakub (Available Profiles: Jakub)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\spool\drivers\x64\3\NetFaxServer64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Monet+, a.s.) C:\Windows\SysWOW64\xmesrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\spool\drivers\x64\3\NetFaxTray64.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6846096 2012-11-19] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [462712 2012-03-09] ()
HKLM-x32\...\Run: [Super-Charger] => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [502328 2012-10-23] (MSI)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-3706855550-2973812730-1501122498-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [899584 2010-11-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Network PC Fax.lnk [2015-10-26]
ShortcutTarget: Samsung Network PC Fax.lnk -> C:\Windows\System32\spool\drivers\x64\3\NetFaxTray64.exe (Samsung Electronics Co., Ltd.)
Startup: C:\Users\Jakub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Toolkit 2.5.3 is Here! [Latest].lnk [2015-10-26]
ShortcutTarget: Microsoft Toolkit 2.5.3 is Here! [Latest].lnk -> C:\ProgramData\{0a656b11-46cc-0bf0-0a65-56b1146cac45}\Microsoft Toolkit 2.5.3 is Here! [Latest].exe (No File)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{BDDC18FD-7325-4E89-BB77-766A33AF3E9D}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-3706855550-2973812730-1501122498-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=12454
SearchScopes: HKU\S-1-5-21-3706855550-2973812730-1501122498-1000 -> {1BFC78F2-60CC-460F-BD41-770662F0466B} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12454
SearchScopes: HKU\S-1-5-21-3706855550-2973812730-1501122498-1000 -> {212C533D-C2F4-40CB-ACDB-EC281B07824A} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
SearchScopes: HKU\S-1-5-21-3706855550-2973812730-1501122498-1000 -> {5EC57AE7-2C91-4252-990B-218A8BCDAA6E} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3706855550-2973812730-1501122498-1000 -> {60500081-E4A1-44A4-BEF1-C205A07DADA2} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
SearchScopes: HKU\S-1-5-21-3706855550-2973812730-1501122498-1000 -> {64543327-3C79-4805-9CFF-E68837A1FE26} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3706855550-2973812730-1501122498-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={searchTerms}&r ... IM_csCZ547
SearchScopes: HKU\S-1-5-21-3706855550-2973812730-1501122498-1000 -> {CE0C5EEB-2387-459C-90B7-ECBD56239A98} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12454
SearchScopes: HKU\S-1-5-21-3706855550-2973812730-1501122498-1000 -> {E9B40B2D-87C0-460F-892F-DFC09FEB74EB} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-3706855550-2973812730-1501122498-1000 -> {FFE98A27-9FCB-4070-AF5B-5453F69E6196} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-25] (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-25] (Google Inc.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-25] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-25] (Google Inc.)
Toolbar: HKU\S-1-5-21-3706855550-2973812730-1501122498-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-25] (Google Inc.)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default
FF NewTab: chrome://quick_start/content/index.html
FF DefaultSearchUrl: hxxp://www.google.com/search?btnG=Google+Search&q=
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: mystartsearch
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-17] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-17] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> E:\instalovaný přehrávač\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> E:\instalovaný přehrávač\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> E:\instalovaný přehrávač\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3706855550-2973812730-1501122498-1000: @servis24.cz/PKIComponent -> C:\Users\Jakub\AppData\Roaming\CSAS\lib\x86\npPKIComponentNPAPI.dll [2014-11-21] (Česká spořitelna, a.s.)
FF Plugin HKU\S-1-5-21-3706855550-2973812730-1501122498-1000: @servis24.cz/PKIComponent-x64 -> C:\Users\Jakub\AppData\Roaming\CSAS\lib\x64\npPKIComponentNPAPI.dll [2014-11-21] (Česká spořitelna, a.s.)
FF Plugin HKU\S-1-5-21-3706855550-2973812730-1501122498-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Jakub\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2009-11-30] (Unity Technologies ApS)
FF SearchPlugin: C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\searchplugins\firmycz.xml [2013-07-31]
FF SearchPlugin: C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\searchplugins\mapycz.xml [2013-07-31]
FF SearchPlugin: C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\searchplugins\zbocz.xml [2013-07-31]
FF Extension: Discover Treasure - C:\Users\Jakub\AppData\Roaming\Mozilla\Firefox\Profiles\wz27bz39.default\Extensions\{d6d72590-5810-49d4-a1a1-84bcb320d2c4}.xpi [2015-10-25] [not signed]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-08] [not signed]

Chrome:
=======
CHR Profile: C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Ostrov Thassos - pohled na moře - Řecko.) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcljilfhnlofcfncmfgdnjkpglaailab [2015-10-04]
CHR Extension: (Skype Click to Call) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-10-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jakub\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-28]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-03-28] (Advanced Micro Devices, Inc.) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-06-27] (Nero AG)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [143416 2012-10-25] (MSI)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
R2 Samsung Network Fax Server; C:\Windows\system32\spool\drivers\x64\3\NetFaxServer64.exe [505648 2014-02-25] (Samsung Electronics Co., Ltd.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 xmengine service; C:\Windows\SysWOW64\xmesrv.exe [34696 2015-05-07] (Monet+, a.s.)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [57472 2012-04-09] (Advanced Micro Devices)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-26 21:10 - 2015-10-26 21:10 - 00321848 _____ (Malwarebytes Corporation) C:\Users\Jakub\Downloads\mbam-clean-2.1.1.1001.exe
2015-10-26 20:52 - 2015-10-26 20:52 - 00035674 _____ C:\Users\Jakub\Desktop\MBAB - výsledky.txt
2015-10-26 08:02 - 2015-10-26 08:02 - 22908888 _____ (Malwarebytes ) C:\Users\Jakub\Desktop\mbam-setup-2.2.0.1024.exe
2015-10-26 06:47 - 2015-10-26 06:48 - 00034066 _____ C:\Users\Jakub\Desktop\Addition.txt
2015-10-26 06:46 - 2015-10-26 21:21 - 00017337 _____ C:\Users\Jakub\Desktop\FRST.txt
2015-10-26 06:39 - 2015-10-26 06:40 - 02197504 _____ (Farbar) C:\Users\Jakub\Desktop\FRST64.exe
2015-10-26 00:21 - 2015-10-26 00:21 - 00006400 _____ C:\AdwCleaner[S13].txt
2015-10-26 00:21 - 2015-10-26 00:21 - 00005042 _____ C:\AdwCleaner[C9].txt
2015-10-25 23:47 - 2015-10-25 23:47 - 00006917 _____ C:\AdwCleaner[C8].txt
2015-10-25 23:46 - 2015-10-25 23:47 - 00008209 _____ C:\AdwCleaner[S12].txt
2015-10-25 23:28 - 2015-10-26 20:55 - 00001053 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-10-25 23:28 - 2015-10-26 20:54 - 00001047 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-10-25 23:27 - 2015-10-25 23:27 - 42524680 _____ C:\Users\Jakub\Downloads\Firefox Setup 41.0.2.exe
2015-10-25 23:12 - 2015-10-26 21:12 - 00086454 _____ C:\Windows\PFRO.log
2015-10-25 23:11 - 2015-10-25 23:11 - 00019463 _____ C:\AdwCleaner[C7].txt
2015-10-25 23:10 - 2015-10-25 23:11 - 00019013 _____ C:\AdwCleaner[S11].txt
2015-10-25 22:28 - 2015-10-26 21:12 - 00000504 _____ C:\Windows\setupact.log
2015-10-25 22:28 - 2015-10-25 22:28 - 00000000 _____ C:\Windows\setuperr.log
2015-10-25 22:27 - 2015-10-25 22:27 - 00001360 _____ C:\AdwCleaner[C6].txt
2015-10-25 22:26 - 2015-10-25 22:27 - 00001201 _____ C:\AdwCleaner[S10].txt
2015-10-25 22:15 - 2015-10-25 22:16 - 00001137 _____ C:\AdwCleaner[S9].txt
2015-10-25 22:12 - 2015-10-25 22:12 - 00001170 _____ C:\AdwCleaner[C5].txt
2015-10-25 22:10 - 2015-10-25 22:11 - 00001009 _____ C:\AdwCleaner[S8].txt
2015-10-25 22:05 - 2015-10-25 22:05 - 00015187 _____ C:\AdwCleaner[C4].txt
2015-10-25 22:03 - 2015-10-25 22:05 - 00014652 _____ C:\AdwCleaner[S7].txt
2015-10-25 21:50 - 2015-10-25 21:50 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\Opera Software
2015-10-25 21:50 - 2015-10-25 21:50 - 00000000 ____D C:\Users\Jakub\AppData\Local\Opera Software
2015-10-25 21:48 - 2015-10-25 21:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-10-25 21:48 - 2015-10-25 21:48 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-10-25 21:48 - 2014-06-20 19:26 - 00000035 _____ C:\Windows\system32\Drivers\etc\hp.bak
2015-10-15 15:21 - 2015-09-18 20:22 - 00025432 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-10-15 15:21 - 2015-09-18 20:19 - 01291264 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-10-15 15:21 - 2015-09-18 20:19 - 00766464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-10-15 15:21 - 2015-09-18 20:19 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-10-15 15:21 - 2015-09-18 20:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-10-15 15:21 - 2015-09-18 20:19 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-10-15 15:21 - 2015-09-18 20:09 - 01163776 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-10-14 14:37 - 2015-09-29 04:16 - 05569472 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-10-14 14:37 - 2015-09-29 04:13 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-10-14 14:37 - 2015-09-29 04:11 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-10-14 14:37 - 2015-09-29 04:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-10-14 14:37 - 2015-09-29 04:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-10-14 14:37 - 2015-09-29 04:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-10-14 14:37 - 2015-09-29 04:10 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-10-14 14:37 - 2015-09-29 04:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-10-14 14:37 - 2015-09-29 04:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-10-14 14:37 - 2015-09-29 04:05 - 03990976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-10-14 14:37 - 2015-09-29 04:05 - 03936192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-10-14 14:37 - 2015-09-29 03:59 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-10-14 14:37 - 2015-09-29 03:57 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-10-14 14:37 - 2015-09-29 02:50 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-10-14 14:37 - 2015-09-15 19:17 - 00157016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-10-14 14:37 - 2015-09-15 19:17 - 00097112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-10-14 14:37 - 2015-09-15 19:11 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-10-14 14:36 - 2015-10-01 19:06 - 00692672 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-10-14 14:36 - 2015-10-01 19:04 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-10-14 14:36 - 2015-10-01 19:00 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-10-14 14:36 - 2015-10-01 19:00 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-10-14 14:36 - 2015-10-01 19:00 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-10-14 14:36 - 2015-10-01 19:00 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-10-14 14:36 - 2015-10-01 19:00 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-10-14 14:36 - 2015-10-01 18:50 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-10-14 14:36 - 2015-10-01 18:00 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-10-14 14:36 - 2015-09-29 04:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-10-14 14:36 - 2015-09-29 04:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-10-14 14:36 - 2015-09-29 04:11 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-10-14 14:36 - 2015-09-29 04:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-10-14 14:36 - 2015-09-29 04:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-10-14 14:36 - 2015-09-29 04:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-10-14 14:36 - 2015-09-29 04:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-10-14 14:36 - 2015-09-29 04:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-10-14 14:36 - 2015-09-29 04:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-10-14 14:36 - 2015-09-29 04:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-10-14 14:36 - 2015-09-29 04:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-10-14 14:36 - 2015-09-29 04:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-10-14 14:36 - 2015-09-29 04:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-10-14 14:36 - 2015-09-29 04:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-10-14 14:36 - 2015-09-29 04:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-10-14 14:36 - 2015-09-29 04:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-10-14 14:36 - 2015-09-29 04:02 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-10-14 14:36 - 2015-09-29 04:01 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-10-14 14:36 - 2015-09-29 04:01 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-10-14 14:36 - 2015-09-29 04:01 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 04:01 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 04:01 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 04:01 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 03:59 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-10-14 14:36 - 2015-09-29 03:59 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-10-14 14:36 - 2015-09-29 03:59 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-10-14 14:36 - 2015-09-29 03:59 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-10-14 14:36 - 2015-09-29 03:59 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-10-14 14:36 - 2015-09-29 03:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-10-14 14:36 - 2015-09-29 03:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-10-14 14:36 - 2015-09-29 03:58 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-10-14 14:36 - 2015-09-29 03:58 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-10-14 14:36 - 2015-09-29 03:57 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-10-14 14:36 - 2015-09-29 03:57 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-10-14 14:36 - 2015-09-29 03:57 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-10-14 14:36 - 2015-09-29 03:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-10-14 14:36 - 2015-09-29 03:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-10-14 14:36 - 2015-09-29 03:49 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-10-14 14:36 - 2015-09-29 03:49 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-10-14 14:36 - 2015-09-29 03:49 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 03:49 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 02:49 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-10-14 14:36 - 2015-09-29 02:49 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-10-14 14:36 - 2015-09-29 02:43 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-10-14 14:36 - 2015-09-29 02:43 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-10-14 14:36 - 2015-09-29 02:40 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 02:40 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 02:40 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-10-14 14:36 - 2015-09-29 02:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-10-14 14:36 - 2015-09-15 19:11 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-10-14 14:36 - 2015-09-15 19:11 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-10-14 14:36 - 2015-09-15 19:11 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-10-14 14:36 - 2015-09-15 19:11 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-10-14 14:36 - 2015-09-15 19:11 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-10-14 14:36 - 2015-09-15 19:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-10-14 14:36 - 2015-09-15 18:36 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-10-14 14:36 - 2015-09-15 18:36 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-10-14 14:36 - 2015-09-15 18:36 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-10-14 14:36 - 2015-09-15 18:35 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-10-14 14:32 - 2015-09-18 20:31 - 00391784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-10-14 14:32 - 2015-09-18 19:58 - 00345688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-10-14 14:32 - 2015-09-16 05:48 - 25851904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-10-14 14:32 - 2015-09-16 05:36 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-10-14 14:32 - 2015-09-16 05:36 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-10-14 14:32 - 2015-09-16 05:22 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-10-14 14:32 - 2015-09-16 05:21 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-10-14 14:32 - 2015-09-16 05:21 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-10-14 14:32 - 2015-09-16 05:21 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-10-14 14:32 - 2015-09-16 05:21 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-10-14 14:32 - 2015-09-16 05:21 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-10-14 14:32 - 2015-09-16 05:14 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-10-14 14:32 - 2015-09-16 05:13 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-10-14 14:32 - 2015-09-16 05:10 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-10-14 14:32 - 2015-09-16 05:09 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-10-14 14:32 - 2015-09-16 05:08 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-10-14 14:32 - 2015-09-16 05:08 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-10-14 14:32 - 2015-09-16 05:08 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-10-14 14:32 - 2015-09-16 05:08 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-10-14 14:32 - 2015-09-16 05:01 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-10-14 14:32 - 2015-09-16 04:58 - 20357632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-10-14 14:32 - 2015-09-16 04:58 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-10-14 14:32 - 2015-09-16 04:50 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-10-14 14:32 - 2015-09-16 04:46 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-10-14 14:32 - 2015-09-16 04:45 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-10-14 14:32 - 2015-09-16 04:45 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-10-14 14:32 - 2015-09-16 04:43 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-10-14 14:32 - 2015-09-16 04:41 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-10-14 14:32 - 2015-09-16 04:33 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-10-14 14:32 - 2015-09-16 04:33 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-10-14 14:32 - 2015-09-16 04:32 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-10-14 14:32 - 2015-09-16 04:32 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-10-14 14:32 - 2015-09-16 04:31 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-10-14 14:32 - 2015-09-16 04:31 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-10-14 14:32 - 2015-09-16 04:29 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-10-14 14:32 - 2015-09-16 04:29 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-10-14 14:32 - 2015-09-16 04:28 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-10-14 14:32 - 2015-09-16 04:28 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-10-14 14:32 - 2015-09-16 04:26 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-10-14 14:32 - 2015-09-16 04:26 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-10-14 14:32 - 2015-09-16 04:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-10-14 14:32 - 2015-09-16 04:24 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-10-14 14:32 - 2015-09-16 04:23 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-10-14 14:32 - 2015-09-16 04:22 - 14458368 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-10-14 14:32 - 2015-09-16 04:22 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-10-14 14:32 - 2015-09-16 04:22 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-10-14 14:32 - 2015-09-16 04:15 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-10-14 14:32 - 2015-09-16 04:11 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-10-14 14:32 - 2015-09-16 04:10 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-10-14 14:32 - 2015-09-16 04:07 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-10-14 14:32 - 2015-09-16 04:06 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-10-14 14:32 - 2015-09-16 04:05 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-10-14 14:32 - 2015-09-16 04:05 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-10-14 14:32 - 2015-09-16 04:04 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-10-14 14:32 - 2015-09-16 03:59 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-10-14 14:32 - 2015-09-16 03:58 - 12853760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-10-14 14:32 - 2015-09-16 03:58 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-10-14 14:32 - 2015-09-16 03:56 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-10-14 14:32 - 2015-09-16 03:55 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-10-14 14:32 - 2015-09-16 03:55 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-10-14 14:32 - 2015-09-16 03:48 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-10-14 14:32 - 2015-09-16 03:37 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-10-14 14:32 - 2015-09-16 03:34 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-10-14 14:32 - 2015-09-16 03:32 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-10-14 14:32 - 2015-08-06 19:04 - 14176768 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-10-14 14:32 - 2015-08-06 19:03 - 01866752 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-10-14 14:32 - 2015-08-06 18:44 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-10-14 14:32 - 2015-08-06 18:44 - 01498624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2015-10-14 14:32 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2015-10-14 14:31 - 2015-09-25 19:07 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-10-14 14:31 - 2015-09-25 19:07 - 02607104 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-10-14 14:31 - 2015-09-25 19:07 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-10-14 14:31 - 2015-09-25 19:07 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-10-14 14:31 - 2015-09-25 19:07 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-10-14 14:31 - 2015-09-25 19:07 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-10-14 14:31 - 2015-09-25 19:07 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-10-14 14:31 - 2015-09-25 19:06 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-10-14 14:31 - 2015-09-25 19:06 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-10-14 14:31 - 2015-09-25 19:06 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-10-14 14:31 - 2015-09-25 19:06 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-10-14 14:31 - 2015-09-25 18:59 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-10-14 14:31 - 2015-09-25 18:59 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-10-14 14:31 - 2015-09-25 18:59 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-10-14 14:31 - 2015-09-25 18:59 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-10-14 14:31 - 2015-09-25 18:58 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-10-13 21:55 - 2014-12-03 11:01 - 00000000 ____D C:\Users\Jakub\Desktop\The colour and the shape (1997)
2015-10-13 16:25 - 2015-10-13 16:25 - 00178688 _____ C:\Users\Jakub\Downloads\03vzorce.ppt
2015-10-11 09:20 - 2015-10-11 09:48 - 501556851 _____ C:\Users\Jakub\Downloads\Sluha-dvou-pánů.mp4
2015-10-11 09:01 - 2015-10-11 09:06 - 80339628 _____ C:\Users\Jakub\Downloads\Svatební-košile_Kábrt.avi
2015-09-26 12:36 - 2015-09-26 12:36 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\face2faceSecondeditionElementary
2015-09-26 12:36 - 2015-09-26 12:36 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\Cambridge
2015-09-26 12:35 - 2015-10-26 20:54 - 00001253 _____ C:\Users\Public\Desktop\face2face Second edition Elementary.lnk
2015-09-26 12:35 - 2015-09-26 12:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cambridge
2015-09-26 12:35 - 2015-09-26 12:35 - 00000000 ____D C:\Program Files (x86)\Cambridge
2015-09-26 12:11 - 2015-09-26 12:11 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2015-09-26 12:11 - 2015-09-26 12:11 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2015-09-26 12:08 - 2015-09-26 12:36 - 00000000 ___HD C:\Program Files (x86)\Zero G Registry
2015-09-26 12:07 - 2015-09-26 12:07 - 00000000 ___HD C:\Users\Jakub\InstallAnywhere

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-26 21:21 - 2014-06-20 16:12 - 00000000 ____D C:\FRST
2015-10-26 21:20 - 2009-07-14 05:45 - 00028944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-26 21:20 - 2009-07-14 05:45 - 00028944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-26 21:17 - 2013-07-29 16:01 - 01526156 _____ C:\Windows\WindowsUpdate.log
2015-10-26 21:17 - 2011-04-12 09:34 - 00668640 _____ C:\Windows\system32\perfh005.dat
2015-10-26 21:17 - 2011-04-12 09:34 - 00141300 _____ C:\Windows\system32\perfc005.dat
2015-10-26 21:17 - 2009-07-14 06:13 - 01583642 _____ C:\Windows\system32\PerfStringBackup.INI
2015-10-26 21:13 - 2015-02-21 19:44 - 00000000 ____D C:\Users\Jakub\AppData\Local\HTC MediaHub
2015-10-26 21:12 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-26 20:55 - 2015-02-28 00:26 - 00001293 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2015-10-26 20:55 - 2014-04-20 22:26 - 00000967 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lamer.lnk
2015-10-26 20:55 - 2014-02-08 13:35 - 00001362 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2015-10-26 20:55 - 2013-07-31 12:44 - 00002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-10-26 20:55 - 2013-07-30 06:35 - 00002105 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2015-10-26 20:55 - 2013-07-29 16:02 - 00001333 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2015-10-26 20:55 - 2013-07-29 16:02 - 00001314 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2015-10-26 20:55 - 2009-07-14 05:57 - 00001511 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-10-26 20:55 - 2009-07-14 05:57 - 00001340 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk
2015-10-26 20:55 - 2009-07-14 05:57 - 00001292 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
2015-10-26 20:55 - 2009-07-14 05:57 - 00001234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
2015-10-26 20:55 - 2009-07-14 05:54 - 00001198 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
2015-10-26 20:54 - 2015-06-05 13:07 - 00001284 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-10-26 20:54 - 2015-03-08 00:19 - 00000913 _____ C:\Users\Public\Desktop\IL-2 Sturmovik 1946.lnk
2015-10-26 20:54 - 2015-02-21 19:44 - 00002025 _____ C:\Users\Public\Desktop\HTC Sync Manager.lnk
2015-10-26 20:54 - 2015-01-12 18:26 - 00002263 _____ C:\Users\Public\Desktop\Samsung Printer Diagnostics.lnk
2015-10-26 20:54 - 2014-12-14 20:33 - 00001315 _____ C:\Users\Public\Desktop\Ashampoo Burning Studio 6 FREE.lnk
2015-10-26 20:54 - 2014-10-26 18:42 - 00002527 _____ C:\Users\Public\Desktop\Skype.lnk
2015-10-26 20:54 - 2014-04-02 16:32 - 00001184 _____ C:\Users\Public\Desktop\aTube Catcher.lnk
2015-10-26 20:54 - 2014-03-09 18:22 - 00000961 _____ C:\Users\Public\Desktop\Rajče průvodce.lnk
2015-10-26 20:54 - 2014-03-09 08:15 - 00000661 _____ C:\Users\Jakub\Desktop\OneDrive.lnk
2015-10-26 20:54 - 2014-02-22 18:06 - 00000921 _____ C:\Users\Public\Desktop\Zune.lnk
2015-10-26 20:54 - 2014-02-08 13:35 - 00001293 _____ C:\Users\Jakub\Desktop\Movie Maker.lnk
2015-10-26 20:54 - 2014-02-02 10:08 - 00000954 _____ C:\Users\Public\Desktop\X-Edit.lnk
2015-10-26 20:54 - 2014-01-26 09:27 - 00000674 _____ C:\Users\Public\Desktop\VLC media player.lnk
2015-10-26 20:54 - 2013-10-20 15:22 - 00001046 _____ C:\Users\Public\Desktop\AMR to MP3 Converter.lnk
2015-10-26 20:54 - 2013-09-17 17:31 - 00000862 _____ C:\Users\Public\Desktop\Video Search.lnk
2015-10-26 20:54 - 2013-09-15 19:16 - 00000450 _____ C:\Users\Jakub\Desktop\Data.lnk
2015-10-26 20:54 - 2013-09-15 12:58 - 00003093 _____ C:\Users\Jakub\Desktop\Microsoft Word 2010.lnk
2015-10-26 20:54 - 2013-08-01 09:04 - 00001878 _____ C:\Users\Jakub\Desktop\IrfanView Thumbnails.lnk
2015-10-26 20:54 - 2013-08-01 09:04 - 00001002 _____ C:\Users\Jakub\Desktop\IrfanView.lnk
2015-10-26 20:54 - 2013-08-01 08:51 - 00000923 _____ C:\Users\Jakub\Desktop\XnView.lnk
2015-10-26 20:54 - 2013-07-31 12:44 - 00002013 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2015-10-26 20:54 - 2013-07-30 09:10 - 00002714 _____ C:\Users\Public\Desktop\Nero StartSmart Essentials.lnk
2015-10-26 20:54 - 2013-07-29 18:21 - 00000860 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-10-26 20:54 - 2013-07-29 16:38 - 00002061 _____ C:\Users\Public\Desktop\Super-Charger.lnk
2015-10-26 20:54 - 2013-07-29 16:24 - 00001397 _____ C:\Users\Jakub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-10-26 20:54 - 2009-07-14 06:01 - 00001218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
2015-10-26 20:54 - 2009-07-14 05:49 - 00001246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
2015-10-26 20:24 - 2014-07-09 10:24 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-10-26 07:44 - 2013-07-29 16:41 - 00000008 __RSH C:\ProgramData\ntuser.pol
2015-10-26 07:40 - 2009-07-14 04:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2015-10-26 07:40 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2015-10-26 00:21 - 2015-06-05 13:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-10-25 23:48 - 2013-07-30 08:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-10-25 23:28 - 2015-06-02 20:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-10-25 23:06 - 2014-06-25 08:44 - 00000000 ____D C:\Program Files (x86)\7-Zip
2015-10-25 22:05 - 2014-10-15 07:51 - 00000000 ____D C:\AdwCleaner
2015-10-25 21:55 - 2014-11-17 19:58 - 00000000 __SHD C:\Users\Jakub\AppData\Local\EmieBrowserModeList
2015-10-25 21:55 - 2014-05-15 18:22 - 00000000 __SHD C:\Users\Jakub\AppData\Local\EmieUserList
2015-10-25 21:55 - 2014-05-15 18:22 - 00000000 __SHD C:\Users\Jakub\AppData\Local\EmieSiteList
2015-10-25 21:54 - 2013-07-31 12:44 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-10-24 10:13 - 2015-01-12 19:55 - 00000000 ____D C:\Users\Jakub\Documents\Scan
2015-10-23 23:41 - 2015-07-03 17:04 - 00000000 ____D C:\Users\Jakub\Desktop\Tapety
2015-10-20 13:06 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2015-10-17 17:24 - 2013-07-30 09:28 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-10-17 17:24 - 2013-07-30 09:28 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-17 17:24 - 2013-07-30 09:28 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-10-15 22:56 - 2014-12-11 18:58 - 00000000 ____D C:\Windows\system32\appraiser
2015-10-15 22:56 - 2014-05-06 08:19 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-10-15 22:21 - 2014-12-23 16:56 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-10-15 20:08 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2015-10-15 17:12 - 2014-10-26 18:42 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-10-14 17:39 - 2014-02-22 18:08 - 00000000 ___RD C:\Users\Jakub\Podcasts
2015-10-14 17:15 - 2013-07-30 23:46 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-10-14 17:06 - 2013-08-14 18:48 - 00000000 ____D C:\Windows\system32\MRT
2015-10-14 17:06 - 2013-07-30 07:56 - 143481208 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-10-14 17:02 - 2009-07-14 03:34 - 00000580 _____ C:\Windows\win.ini
2015-10-13 21:35 - 2014-01-26 09:29 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\vlc
2015-10-09 07:37 - 2009-07-14 06:08 - 00032638 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-10-08 19:18 - 2015-04-04 08:29 - 00000000 ___SD C:\Windows\system32\GWX
2015-10-08 16:06 - 2015-04-04 08:29 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-09-26 12:11 - 2013-07-31 12:47 - 00000000 ____D C:\Users\Jakub\AppData\Local\Adobe
2015-09-26 12:11 - 2013-07-31 12:43 - 00000000 ____D C:\ProgramData\Adobe
2015-09-26 12:11 - 2013-07-29 18:21 - 00000000 ____D C:\Users\Jakub\AppData\Roaming\Adobe
2015-09-26 12:07 - 2013-07-29 16:24 - 00000000 ____D C:\Users\Jakub

==================== Files in the root of some directories =======

2015-06-04 15:12 - 2015-06-04 15:12 - 0000024 _____ () C:\Users\Jakub\AppData\Roaming\appdataFr25.bin
2013-07-29 16:39 - 2013-07-29 16:39 - 0000036 _____ () C:\Users\Jakub\AppData\Local\housecall.guid.cache

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-10-21 17:34

==================== End of FRST.txt ============================

jakub.oslejsek

A ještě Addition.txt

Additional scan result of Farbar Recovery Scan Tool (x64) Version:25-10-2015 02
Ran by Jakub (2015-10-26 21:22:03)
Running from C:\Users\Jakub\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2013-07-29 15:24:21)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-3706855550-2973812730-1501122498-500 - Administrator - Disabled)
Guest (S-1-5-21-3706855550-2973812730-1501122498-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3706855550-2973812730-1501122498-1004 - Limited - Enabled)
Jakub (S-1-5-21-3706855550-2973812730-1501122498-1000 - Administrator - Enabled) => C:\Users\Jakub

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19140 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Advertising Center (x32 Version: 0.0.0.1 - Nero AG) Hidden
AMD Catalyst Install Manager (HKLM\...\{9AB0D5B6-4779-8C4F-CA91-A1FEDB56D7EC}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
AMR to MP3 Converter 1.4 (HKLM-x32\...\{C615B4A6-DDE8-4325-BCF8-E53E913D95E9}_is1) (Version: - amrtomp3converter.com)
Ashampoo Burning Studio 6 FREE v.6.84 (HKLM-x32\...\{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1) (Version: 6.8.4 - Ashampoo GmbH & Co. KG)
aTube Catcher (HKLM-x32\...\aTube Catcher) (Version: 3.8.7955 - DsNET Corp)
aTube Catcher verze 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
CCleaner (HKLM\...\CCleaner) (Version: 3.24 - Piriform)
Common Desktop Agent (Version: 1.62.0 - OEM) Hidden
CryptoPlus CS v1.0e (HKLM-x32\...\CryptoPlus CS v1.0e) (Version: 2.0.9 - Monet+,a.s.)
CryptoPlus CS v1.0e x64 (HKLM\...\CryptoPlus CS v1.0e) (Version: 2.0.9 - Monet+,a.s.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DigiTech RP155 Drivers (HKLM-x32\...\DigiTech RP155 Drivers) (Version: 1.0.0 - DigiTech)
DigiTech RP155 Drivers (Version: 1.0.0 - DigiTech) Hidden
DolbyFiles (x32 Version: 0.1 - Nero AG) Hidden
face2face Second edition Elementary application (HKLM-x32\...\face2faceSecondeditionElementary) (Version: 1.0.1 - Cambridge University Press Holdings Limited)
face2face Second edition Elementary application (x32 Version: 1.0.1 - Cambridge University Press Holdings Limited) Hidden
face2face Second edition Elementary content (HKLM-x32\...\face2face Second edition Elementary content) (Version: 1.0.0.0 - Cambridge University Press)
Facebook Platinum (HKLM-x32\...\{E9AD2F38-EF9C-B9DA-048A-A92FBC17701E}) (Version: - )
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Earth Plug-in (HKLM-x32\...\{57BB4801-61C8-4E74-9672-2160728A461E}) (Version: 7.1.5.1557 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.80 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6904.2028 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.16.0.001 - HTC Corporation)
HTC Sync Manager (HKLM-x32\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.54.2 - HTC)
IL-2 Sturmovik 1946 (HKLM-x32\...\InstallShield_{758AF648-0B6C-4593-BDF1-9BF4CB50A359}) (Version: 1.00.0000 - Ubisoft)
IL-2 Sturmovik 1946 (x32 Version: 1.00.0000 - Ubisoft) Hidden
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: - )
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3706855550-2973812730-1501122498-1000\...\OneDriveSetup.exe) (Version: 17.0.4024.1220 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 41.0.2 (x86 cs) (HKLM-x32\...\Mozilla Firefox 41.0.2 (x86 cs)) (Version: 41.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.2 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 9 Essentials (HKLM-x32\...\{3e071c2a-66d2-4b39-a563-86901688be4c}) (Version: - Nero AG)
Nokia Connectivity Cable Driver (HKLM\...\{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}) (Version: 7.1.32.69 - )
Rajče průvodce verze 1.59.52.267 (HKLM-x32\...\rajce.net_is1) (Version: - rajce.net)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.53.216.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6782 - Realtek Semiconductor Corp.)
Royal Envoy Campaign for the Crown Collector's Edition (HKLM-x32\...\Royal Envoy Campaign for the Crown Collector's Edition_is1) (Version: 1.0 - Playrix Entertainment)
Samsung Easy Document Creator (HKLM-x32\...\Samsung Easy Document Creator) (Version: 1.05.92 (14.3.2014) - Samsung Electronics Co., Ltd.)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.05.29.00(26.3.2014) - Samsung Electronics Co., Ltd.)
Samsung M2070 Series (HKLM-x32\...\Samsung M2070 Series) (Version: 1.12 (15.4.2014) - Samsung Electronics Co., Ltd.)
Samsung Network PC Fax (HKLM-x32\...\Samsung Network PC Fax) (Version: 1.10.18 (25.2.2014) - Samsung Electronics Co., Ltd.)
Samsung Printer Diagnostics (HKLM-x32\...\Samsung Printer Diagnostics) (Version: 1.0.0.15 - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung Scan Process Machine (x32 Version: 1.02.07.02 - Samsung Electronics Co., Ltd.) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Seznam Software (HKU\S-1-5-21-3706855550-2973812730-1501122498-1000\...\SeznamInstall) (Version: - Seznam.cz)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation)
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
SNS Upload for Easy Document Creator (HKLM-x32\...\{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC}) (Version: 1.0.0 - Samsung Electronics Co.,Ltd)
Super-Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.014 - MSI)
Unity Web Player (HKU\S-1-5-21-3706855550-2973812730-1501122498-1000\...\UnityWebPlayer) (Version: 2.6.1f3_31223 - Unity Technologies ApS)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Winki (HKLM-x32\...\{81CF5153-38CF-41e2-AC3C-3D477C987D96}_is1) (Version: 3.2.126 - MSI)
WinRAR 4.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
X-Edit (HKLM-x32\...\X-Edit) (Version: 2.7.1.1 - DigiTech)
X-Edit (x32 Version: 2.7.1.1 - DigiTech) Hidden
XnView 2.04 (HKLM-x32\...\XnView_is1) (Version: 2.04 - Gougelet Pierre-e)
Zobrazit uživatelskou příručku (HKLM-x32\...\View User Guide) (Version: 3.60.43.0 - )
Zoo Empire 1.21 (HKLM-x32\...\Zoo Empire_is1) (Version: - HYPERMAX)
Zune (HKLM\...\Zune) (Version: 04.08.2345.00 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== Restore Points =========================

14-10-2015 16:55:29 Windows Update
15-10-2015 22:56:09 Windows Update
19-10-2015 18:05:24 Windows Update
23-10-2015 11:46:44 Windows Update
26-10-2015 07:40:34 Restore Point Created by FRST

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2015-10-26 07:41 - 00000035 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0BC53A95-1821-4933-B07F-055631E29DCD} - System32\Tasks\{0DF8112E-6A37-4BE2-AA4B-ADEF3566BA48} => pcalua.exe -a "C:\Instalační data\Sturmovik\UP3\UP_3.0RC_Client.part01.exe" -d "C:\Instalační data\Sturmovik\UP3"
Task: {45FC44BD-70B0-41B6-8F38-137C769DE419} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-05] (Google Inc.)
Task: {77F732B0-2180-4AB2-9EC5-284491965096} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-05] (Google Inc.)
Task: {99576A65-D5DE-4F04-B403-B50F28B72C89} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-17] (Adobe Systems Incorporated)
Task: {9A2D396E-484E-4328-AD5B-30465278AF73} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-09-14] (Adobe Systems Incorporated)
Task: {C0072DFF-0EDF-47BA-86A2-AC18EF763858} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-10-24] (Piriform Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (Whitelisted) ==============

2014-12-02 13:52 - 2014-12-02 13:52 - 00029184 _____ () C:\Windows\System32\ssm4mlm.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2013-10-17 15:27 - 2013-10-17 15:27 - 00166912 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2012-03-09 09:58 - 2012-03-09 09:58 - 00462712 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
2012-03-09 09:58 - 2012-03-09 09:58 - 00057208 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
2015-07-14 14:37 - 2015-07-14 14:37 - 00821240 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
2013-03-28 21:30 - 2013-03-28 21:30 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2014-12-18 15:06 - 2014-12-18 15:06 - 00031080 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll
2015-07-14 14:35 - 2015-07-14 14:35 - 00607016 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll
2014-12-18 15:09 - 2014-12-18 15:09 - 00059752 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll
2014-12-18 15:08 - 2014-12-18 15:08 - 00036216 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
2014-12-18 15:09 - 2014-12-18 15:09 - 00080248 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll
2014-12-18 15:11 - 2014-12-18 15:11 - 00129376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\zlib1.dll
2014-12-18 15:14 - 2014-12-18 15:14 - 00223592 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3706855550-2973812730-1501122498-1000\...\business24.cz -> hxxps://www.business24.cz
IE trusted site: HKU\S-1-5-21-3706855550-2973812730-1501122498-1000\...\servis24.cz -> hxxps://www.servis24.cz

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3706855550-2973812730-1501122498-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Jakub\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{3620035B-77EC-4E0A-8845-783B95CFEC91}C:\users\jakub\appdata\local\catalinagroup\citrio\application\chrome.exe] => (Block) C:\users\jakub\appdata\local\catalinagroup\citrio\application\chrome.exe
FirewallRules: [UDP Query User{DAFA12FA-4B6A-4A02-9A5E-8230DC0EB11F}C:\users\jakub\appdata\local\catalinagroup\citrio\application\chrome.exe] => (Block) C:\users\jakub\appdata\local\catalinagroup\citrio\application\chrome.exe
FirewallRules: [{C2D6A46B-3DEF-4EEB-B343-7E9A06E2BF80}] => (Allow) C:\Users\Jakub\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{5CE8695E-3C98-4DE6-AE28-B6C906B1B901}] => (Allow) %ProgramFiles%\Zune\Zune.exe
FirewallRules: [{3B68B793-D14A-4430-A19C-C4AEF88B6F86}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{1F28FBC1-9763-4F54-A2F9-78FE36E2B242}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{1BC57C2F-3A27-4FC5-81E2-CA55283BC5E6}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{A32E3E9D-4919-4FB2-833B-835461440AEF}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{A3F1EC9B-5B7F-44D5-B408-3D2F706BF011}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{56520C73-F9AA-4E28-BDC4-928C4A94547F}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{E4D6E01C-CB86-4E8A-808F-2C9725B8DFDB}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{311F3409-5EA4-4837-830B-CB55B5858A4A}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [TCP Query User{61866A5D-C828-4CBD-A801-E6F50472B26D}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Block) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [UDP Query User{E1C358A4-FDAA-4340-8EE0-6CD8AC0510CA}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Block) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [{701DA247-2A0C-4622-8CBC-024BCC781F43}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{B0C033A4-6F73-4F7F-95A8-5CF014984B74}] => (Allow) C:\Windows\twain_32\Samsung\SLM2070\ScanCDLM\ScanCDLM.exe
FirewallRules: [{5DC8B5B5-E9D3-43E5-A87B-4B253297BB16}] => (Allow) C:\Windows\twain_32\Samsung\SLM2070\ScanCDLM\ScanCDLM.exe
FirewallRules: [{472B6D5D-3AA5-461C-9667-D4A2A63E6BA7}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{B9A60B1B-F709-4658-9BC8-85B40DF6303A}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{F3EACA27-E384-4921-8B2C-A5C5E5965909}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe
FirewallRules: [{C63323C2-CAD0-458E-8CE3-486FCAF57161}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe
FirewallRules: [{75A782DA-66DC-44ED-A776-7B0FDFA98DE0}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{5D34A1EF-C321-402E-9019-DD8E96ABBBBF}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{1E7C6405-69A2-48E4-83C0-E357E707BCB2}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe
FirewallRules: [{99043E1E-A6AE-4F6E-91C5-E4B46F137809}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe
FirewallRules: [{A5FCB337-C804-4A52-A43B-9AFB2E284A00}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe
FirewallRules: [{1F2CEBEC-A0D4-4BDA-B719-F5F0AD362BB4}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe
FirewallRules: [{3831F12B-3B22-41E6-AE78-C97806169132}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
FirewallRules: [{C9D19B70-A1CA-415C-B20F-C3843929F4C1}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
FirewallRules: [{547EF02A-AA43-44B3-B287-5E541DCAFAF6}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\ScanProcess.exe
FirewallRules: [{63CDB8BD-DBB3-4E4E-91B9-EF2A0498680C}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\ScanProcess.exe
FirewallRules: [{8224B70E-564F-461A-9CAB-3C94335EC157}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\Scan2PCNotify.exe
FirewallRules: [{5FDF8194-793A-42C7-96B0-70418D30E91D}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\Scan2PCNotify.exe
FirewallRules: [{C5132329-4241-4318-B960-72CA7FFC4649}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{09465574-29FB-4784-8807-02AA471DDE66}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{321F09A6-F795-494B-98A7-D5789AD813EC}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe
FirewallRules: [{530FB986-37E6-4A7C-9AC0-7A9AE54EB02B}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe
FirewallRules: [TCP Query User{6D988726-6532-4CCF-A737-024E8B69639B}C:\program files\common files\common desktop agent\cdasrv.exe] => (Block) C:\program files\common files\common desktop agent\cdasrv.exe
FirewallRules: [UDP Query User{741D9A12-B29B-45A9-B2C9-E533ED97F3D8}C:\program files\common files\common desktop agent\cdasrv.exe] => (Block) C:\program files\common files\common desktop agent\cdasrv.exe
FirewallRules: [{64E8FC51-0A3A-4DB5-A4A7-B9C12266E3FE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A7B3330B-1004-4BC2-903B-C4539E85D575}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{14EFA6B7-22A5-4D2D-84F2-F907A66B1B1B}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
FirewallRules: [{7FB38CB6-F1FE-41A3-BA1A-31169A7A064C}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{D9042D0A-C67B-44EA-B139-DB6DA0032C7B}] => (Allow) LPort=2869
FirewallRules: [{43B18A19-85EA-41B5-8121-94CACF11434A}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{428DEE3C-F5AC-460E-A043-E16433233423}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{B30F40D5-F871-48B9-B70D-DCC286481F84}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{327EFF5F-FAA9-4356-9FBB-16BE92A90189}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
FirewallRules: [{FFC658E8-1AF8-4F76-93EB-7CA2231EB744}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Adaptér tunelového režimu Microsoft Teredo
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

==================== Event log errors: =========================

Application errors:
==================
Error: (10/26/2015 09:14:16 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/26/2015 08:58:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/26/2015 05:03:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/26/2015 07:45:31 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/26/2015 07:40:32 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.

Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {a152b351-c261-4240-aad1-3a990ae7a738}

Error: (10/26/2015 06:35:36 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/26/2015 12:24:35 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/26/2015 12:24:34 AM) (Source: RndService) (EventID: 0) (User: )
Description: Službu nelze spustit. Proces služby se nemohl připojit k síťovému řadiči

Error: (10/26/2015 12:19:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: 703.tmp.exe, verze: 0.0.0.0, časové razítko: 0x562d560f
Název chybujícího modulu: kernel32.dll, verze: 6.1.7601.19018, časové razítko: 0x5609fed3
Kód výjimky: 0xc0000005
Posun chyby: 0x00037718
ID chybujícího procesu: 0xd0c
Čas spuštění chybující aplikace: 0x703.tmp.exe0
Cesta k chybující aplikaci: 703.tmp.exe1
Cesta k chybujícímu modulu: 703.tmp.exe2
ID zprávy: 703.tmp.exe3

Error: (10/25/2015 11:50:26 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

System errors:
=============
Error: (10/26/2015 09:12:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba AODDriver4.2 neuspěla při spuštění v důsledku následující chyby:
%%2

Error: (10/26/2015 09:12:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba AODDriver4.2 neuspěla při spuštění v důsledku následující chyby:
%%2

Error: (10/26/2015 08:57:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba AODDriver4.2 neuspěla při spuštění v důsledku následující chyby:
%%2

Error: (10/26/2015 05:02:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba AODDriver4.2 neuspěla při spuštění v důsledku následující chyby:
%%2

Error: (10/26/2015 07:43:55 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba AODDriver4.2 neuspěla při spuštění v důsledku následující chyby:
%%2

Error: (10/26/2015 07:41:23 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Správce služeb se pokusil o opravnou akci (Restartovat službu) po nečekaném ukončení služby Windows Search, ale tato akce selhala kvůli následující chybě:
%%1056

Error: (10/26/2015 07:40:54 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Ochrana softwaru byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.

Error: (10/26/2015 07:40:53 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (10/26/2015 07:40:53 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (10/26/2015 07:40:53 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Live ID Sign-in Assistant byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

CodeIntegrity:
===================================
Date: 2015-10-26 17:18:59.970
Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_f3153036f55ab3f5\werfault.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.

Date: 2015-10-26 17:18:59.960
Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_f3153036f55ab3f5\werfault.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.

Date: 2015-10-26 17:18:59.950
Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_f3153036f55ab3f5\werfault.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.

Date: 2015-10-26 17:18:59.940
Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_f3153036f55ab3f5\werfault.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.

Date: 2015-10-26 17:18:59.930
Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_f3153036f55ab3f5\werfault.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.

Date: 2015-10-26 17:18:59.920
Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_f3153036f55ab3f5\werfault.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.

Date: 2015-10-26 17:18:59.670
Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.

Date: 2015-10-26 17:18:59.660
Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.

Date: 2015-10-26 17:18:59.650
Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.

Date: 2015-10-26 17:18:59.610
Description: Windows is unable to verify the integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.

==================== Memory info ===========================

Processor: AMD FX(tm)-4130 Quad-Core Processor
Percentage of memory in use: 28%
Total physical RAM: 6142.18 MB
Available physical RAM: 4369.45 MB
Total Virtual: 12282.57 MB
Available Virtual: 10235.21 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:1862.92 GB) (Free:1682.86 GB) NTFS
Drive e: (Data) (Fixed) (Total:1863.01 GB) (Free:1703.11 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 26CA0C85)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1862.9 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: 45D830F4)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

VIRY.CZ

Blíže neurčená havěť

Blíže neurčená havěť

Re: Blíže neurčená havěť

Re: Blíže neurčená havěť

Re: Blíže neurčená havěť

Re: Blíže neurčená havěť

Re: Blíže neurčená havěť

Re: Blíže neurčená havěť

Re: Blíže neurčená havěť

Re: Blíže neurčená havěť

Re: Blíže neurčená havěť

Re: Blíže neurčená havěť

Re: Blíže neurčená havěť

Re: Blíže neurčená havěť

Re: Blíže neurčená havěť

Re: Blíže neurčená havěť