Dobrý den,
mám problé s přitelčiníním notebookem, chová se zvlštně je pomalej, a nejdou stahovat věci z netu.
Logfile of random's system information tool 1.10 (written by random/random)
Run by Pavla at 2016-01-16 23:52:37
Microsoft Windows 8.1
System drive C: has 134 GB (29%) free of 466 GB
Total RAM: 3971 MB (40% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:52:56, on 16. 1. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Users\Pavla\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE15\CSISYN~1.EXE
C:\Program Files (x86)\Opera\34.0.2036.47\opera.exe
C:\Program Files (x86)\Opera\34.0.2036.47\opera_crashreporter.exe
C:\Program Files (x86)\Opera\34.0.2036.47\opera.exe
C:\Program Files (x86)\Opera\34.0.2036.47\opera.exe
C:\Program Files (x86)\Opera\34.0.2036.47\opera.exe
C:\Program Files (x86)\Opera\34.0.2036.47\opera.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\Opera\34.0.2036.47\opera.exe
C:\Program Files (x86)\Opera\34.0.2036.47\opera.exe
C:\Program Files (x86)\Opera\34.0.2036.47\opera.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Pavla.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8118
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O3 - Toolbar: (no name) - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - (no file)
O4 - HKLM\..\Run: [AmIcoSinglun64] "C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
O4 - HKLM\..\Run: [1.TPUReg] "C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe"
O4 - HKLM\..\Run: [TSVU] "c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe"
O4 - HKLM\..\Run: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s
O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [PSUAMain] "C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe" /LaunchSysTray
O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\RunOnce: [20150107] C:\Program Files\AVAST Software\Avast\setup\emupdate\c406f369-c946-439f-9a52-4ba32ecb7f83.exe /check
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Octoshape Streaming Services] "C:\Users\Pavla\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun
O4 - HKCU\..\Run: [SpybotPostWindows10UpgradeReInstall] "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_19_0_0_245_pepper.exe -update pepperplugin
O4 - Startup: Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: DTS APO Service (dts_apo_service) - Unknown owner - C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: GFNEX Service (GFNEXSrv) - Unknown owner - C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Panda Protection Service (NanoServiceMain) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Panda Devices Agent (PandaAgent) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
O23 - Service: panda_url_filtering Service (panda_url_filtering) - Visicom Media Inc. - C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filteringb.exe
O23 - Service: PDF Architect Helper Service - pdfforge GmbH - C:\Program Files (x86)\PDF Architect\HelperService.exe
O23 - Service: PDF Architect Service - pdfforge GmbH - C:\Program Files (x86)\PDF Architect\ConversionService.exe
O23 - Service: Panda Product Service (PSUAService) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: TEMPRO Service (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA eco Utility Service - Toshiba Corporation - C:\Program Files\TOSHIBA\Teco\TecoService.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 15053 bytes
======Listing Processes======
wininit.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
C:\Windows\System32\svchost.exe -k utcsvc
dashost.exe {8fce4b00-7b42-4602-9818e526c36a83a8}
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
taskhostex.exe
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
"C:\Windows\system32\mfevtps.exe"
"C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe"
"C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe"
"C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe"
"C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe"
"C:\Program Files (x86)\PDF Architect\HelperService.exe"
"C:\Program Files (x86)\PDF Architect\ConversionService.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe"
"C:\Program Files\TOSHIBA\Teco\TecoService.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe" /hide
C:\Windows\System32\skydrive.exe -Embedding
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\system32\igfxsrvc.exe" -Embedding
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe"
"C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe"
"C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
"C:\Users\Pavla\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe" /LaunchSysTray
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE15\CSISYN~1.EXE" -Embedding
"C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe"
"C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe"
"C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe"
taskeng.exe {39F673C5-8B47-4D02-AFE8-44803F417149}
"C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe" RUNMODE RERUNMODE modetorun updatedetection modeargs reschedulemode tasktrigger scheduledtask updateuitype background
"C:\Program Files (x86)\Opera\34.0.2036.47\opera.exe" --ran-launcher
"C:\Program Files (x86)\Opera\34.0.2036.47\opera_crashreporter.exe" --ran-launcher --crash-reporter-parent-id=4868
"C:\Program Files (x86)\Opera\34.0.2036.47\opera.exe" --type=gpu-process --channel="4868.0.1539039271\1214568555" --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=on --with-feature:installer-hide-from-program-and-features=off --crash-reporter-pid=7588 --enable-proprietary-codecs-support-for-web-audio-api --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,29,57 --gpu-vendor-id=0x8086 --gpu-device-id=0x0156 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.3282 --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=on --with-feature:installer-hide-from-program-and-features=off --crash-reporter-pid=7588 --enable-proprietary-codecs-support-for-web-audio-api --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Opera\34.0.2036.47\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=on --with-feature:installer-hide-from-program-and-features=off --crash-reporter-pid=7588 --enable-proprietary-codecs-support-for-web-audio-api --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="4868.3.174607800\1031502712" /prefetch:673131151
"C:\Program Files (x86)\Opera\34.0.2036.47\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --lang=cs --disable-client-side-phishing-detection --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=on --with-feature:installer-hide-from-program-and-features=off --crash-reporter-pid=7588 --enable-proprietary-codecs-support-for-web-audio-api --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="4868.12.1987029049\1073263832" /prefetch:673131151
"C:\Program Files (x86)\Opera\34.0.2036.47\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --lang=cs --disable-client-side-phishing-detection --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=on --with-feature:installer-hide-from-program-and-features=off --crash-reporter-pid=7588 --enable-proprietary-codecs-support-for-web-audio-api --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="4868.16.2100839054\1497050460" /prefetch:673131151
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto -scheduled
"C:\Program Files (x86)\Opera\34.0.2036.47\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --lang=cs --disable-client-side-phishing-detection --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=on --with-feature:installer-hide-from-program-and-features=off --crash-reporter-pid=7588 --enable-proprietary-codecs-support-for-web-audio-api --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="4868.18.1167357243\650876615" /prefetch:673131151
notepad "C:\Users\Pavla\Downloads\FRST.txt"
notepad "C:\Users\Pavla\Downloads\Addition.txt"
notepad "C:\Users\Pavla\Downloads\FRST.txt"
"C:\Program Files (x86)\Opera\34.0.2036.47\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --lang=cs --disable-client-side-phishing-detection --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=on --with-feature:installer-hide-from-program-and-features=off --crash-reporter-pid=7588 --enable-proprietary-codecs-support-for-web-audio-api --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="4868.20.76984413\1841978458" /prefetch:673131151
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files (x86)\Opera\34.0.2036.47\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --lang=cs --disable-client-side-phishing-detection --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=on --with-feature:installer-hide-from-program-and-features=off --crash-reporter-pid=7588 --enable-proprietary-codecs-support-for-web-audio-api --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="4868.24.1529201380\937633047" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2804.0.483986465\1052922693" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,23,51 --gpu-vendor-id=0x8086 --gpu-device-id=0x0156 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.3282 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/EnabledFull/*AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/1DaySingleProfile/*DomRel-Enable/enable/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Postperiod_AnswersInSuggest_A3/PasswordBranding/Disabled/*PasswordGeneration/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterSbTypes/SafeBrowsingUpdateFrequency/Default/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="2804.2.166001696\1519946801" --font-cache-shared-handle=2332 /prefetch:673131151
"C:\Windows\System32\Taskmgr.exe" /2
DsmUserTask.Exe {57533B42-BC97-11E5-8320-A4DB30EDD225}
"C:\Windows\system32\SearchFilterHost.exe" 0 568 576 584 65536 580
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/EnabledThroughFieldTrial/AppBannerTriggering/Aggressive/AsyncSetAsDefault/EnabledFull/*AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/1DaySingleProfile/*DomRel-Enable/enable/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Postperiod_AnswersInSuggest_A3/PasswordBranding/Disabled/*PasswordGeneration/Disabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterSbTypes/*SafeBrowsingUpdateFrequency/Default/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="2804.5.1951742494\697418489" --font-cache-shared-handle=5236 /prefetch:673131151
"C:\Users\Pavla\Downloads\RSITx64.exe"
C:\Windows\System32\svchost.exe -k WerSvcGroup
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player PPAPI Notifier.job - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_267_pepper.exe -check pepperplugin
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\Chrome Cleanup Tool logs upload retry.job - C:\Users\Pavla\AppData\Local\Temp\E8A7.exe --upload-log-file --chrome-prompt
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineCore1d1508d9a4a428c.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\Pavla\AppData\Roaming\Mozilla\Firefox\Profiles\t2fegv1i.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "keyword.URL" - "http://search.seznam.cz/?sourceid=quick ... earchTerms}&"
prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/?clid=22668"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 20.0.0.267 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.51.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.17\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.17\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App V2 Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 20.0.0.267 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.55.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll
C:\Users\Pavla\AppData\Roaming\Mozilla\Firefox\Profiles\t2fegv1i.default\extensions\
{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}
C:\Users\Pavla\AppData\Roaming\Mozilla\Firefox\Profiles\t2fegv1i.default\searchplugins\
google-avast.xml
seznam-avast.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-10-20 219304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-01-16 885152]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~2\Office15\GROOVEEX.DLL [2015-10-13 2339032]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-10-20 153768]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-01-16 664184]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2015-10-13 1731800]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2013-08-30 391152]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2013-08-30 771056]
"Persistence"=C:\Windows\system32\igfxpers.exe [2013-08-30 769520]
"TSSSrv"=C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [2013-09-12 296520]
"TecoResident"=C:\Program Files\TOSHIBA\Teco\TecoResident.exe [2013-08-21 178016]
"TosWaitSrv"=C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [2013-08-14 354144]
"TCrdMain"=C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2013-08-18 2556768]
"FAHConsole"=C:\Program Files\File Association Helper\FAHConsole.exe [2013-09-26 216248]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"=C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2014-03-31 4272840]
"Octoshape Streaming Services"=C:\Users\Pavla\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe [2014-08-01 500016]
"SpybotPostWindows10UpgradeReInstall"=C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [2015-07-28 1011200]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"=C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_19_0_0_245_pepper.exe -update pepperplugin []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2002-04-12 383768]
"1.TPUReg"=C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe [2013-03-27 2216800]
"TSVU"=c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [2013-07-23 516512]
"Nikon Message Center 2"=C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [2011-10-30 571392]
"Wondershare Helper Compact.exe"=C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2013-08-26 1989920]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
"PSUAMain"=C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [2015-07-28 54520]
"SDTray"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [2014-06-24 4101576]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-01-16 7021880]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"20150107"=C:\Program Files\AVAST Software\Avast\setup\emupdate\c406f369-c946-439f-9a52-4ba32ecb7f83.exe [2016-01-16 168336]
C:\Users\Pavla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Gamma.lnk - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2013-08-26 622080]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37Crusader]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37CrusaderBoot]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefire]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfevtp]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NanoServiceMain]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PSUAService]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-01-16 23:52:37 ----D---- C:\rsit
2016-01-16 23:52:37 ----D---- C:\Program Files\trend micro
2016-01-16 23:23:50 ----D---- C:\FRST
2016-01-16 22:33:20 ----A---- C:\Windows\system32\drivers\asw57A2.tmp
2016-01-16 22:33:20 ----A---- C:\Windows\system32\drivers\asw5782.tmp
2016-01-16 22:33:20 ----A---- C:\Windows\system32\drivers\asw5752.tmp
2016-01-16 22:33:20 ----A---- C:\Windows\system32\drivers\asw5732.tmp
2016-01-16 22:33:20 ----A---- C:\Windows\system32\drivers\asw5721.tmp
2016-01-16 22:33:20 ----A---- C:\Windows\system32\drivers\asw5711.tmp
2016-01-16 22:33:20 ----A---- C:\Windows\system32\drivers\asw56F1.tmp
2016-01-16 22:33:20 ----A---- C:\Windows\system32\drivers\asw56A1.tmp
2016-01-16 22:33:10 ----A---- C:\Windows\system32\aswBoot.exe
2016-01-16 22:28:52 ----D---- C:\Users\Pavla\AppData\Roaming\AVAST Software
2016-01-16 22:20:46 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2016-01-16 22:20:46 ----A---- C:\Windows\system32\drivers\aswStm.sys
2016-01-16 22:20:46 ----A---- C:\Windows\system32\drivers\aswSP.sys
2016-01-16 22:20:46 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2016-01-16 22:20:46 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2016-01-16 22:20:46 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2016-01-16 22:20:46 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2016-01-16 22:20:46 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2016-01-16 22:20:26 ----A---- C:\Windows\avastSS.scr
2016-01-16 22:18:54 ----D---- C:\Program Files\AVAST Software
2016-01-16 18:46:53 ----D---- C:\Windows\pss
2016-01-16 18:35:31 ----SHD---- C:\Config.Msi
2016-01-16 18:32:18 ----SD---- C:\Windows\SYSWOW64\Microsoft
2016-01-16 18:24:27 ----D---- C:\ProgramData\Kaspersky Lab Setup Files
======List of files/folders modified in the last 1 month======
2016-01-16 23:52:37 ----D---- C:\Program Files
2016-01-16 23:52:02 ----D---- C:\Windows\Temp
2016-01-16 23:48:55 ----HD---- C:\Program Files\WindowsApps
2016-01-16 23:48:33 ----D---- C:\Windows\AppReadiness
2016-01-16 23:47:55 ----D---- C:\Windows\Prefetch
2016-01-16 23:47:14 ----D---- C:\Windows\system32\config
2016-01-16 23:41:33 ----D---- C:\Windows\CbsTemp
2016-01-16 23:41:28 ----D---- C:\Windows\WinSxS
2016-01-16 23:40:37 ----D---- C:\Windows\system32\catroot2
2016-01-16 23:37:13 ----AD---- C:\Windows
2016-01-16 23:33:40 ----D---- C:\Windows\SysWOW64
2016-01-16 23:12:01 ----D---- C:\Windows\system32\sru
2016-01-16 22:46:11 ----D---- C:\Program Files (x86)\Opera
2016-01-16 22:33:38 ----D---- C:\Windows\Tasks
2016-01-16 22:33:38 ----D---- C:\Windows\system32\Tasks
2016-01-16 22:33:20 ----D---- C:\Windows\system32\drivers
2016-01-16 22:33:10 ----AD---- C:\Windows\System32
2016-01-16 22:27:47 ----SHD---- C:\Windows\Installer
2016-01-16 22:23:20 ----RD---- C:\Program Files (x86)
2016-01-16 22:21:16 ----D---- C:\Windows\Inf
2016-01-16 22:18:33 ----D---- C:\ProgramData\AVAST Software
2016-01-16 19:33:17 ----D---- C:\AdwCleaner
2016-01-16 18:33:47 ----D---- C:\Windows\system32\DriverStore
2016-01-16 18:31:16 ----SHD---- C:\System Volume Information
2016-01-16 18:24:27 ----HD---- C:\ProgramData
2016-01-16 18:22:57 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-01-16 18:18:08 ----D---- C:\ProgramData\panda_url_filtering
2016-01-16 17:58:18 ----D---- C:\Program Files\Common Files\AV
2016-01-16 17:58:18 ----D---- C:\Program Files (x86)\Common Files
2016-01-12 21:18:12 ----D---- C:\Windows\debug
2016-01-12 20:51:17 ----D---- C:\Users\Pavla\AppData\Roaming\vlc
2016-01-12 18:52:36 ----D---- C:\Windows\Microsoft.NET
2016-01-12 18:52:34 ----RD---- C:\Windows\assembly
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2016-01-16 65224]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2016-01-16 273784]
R0 iaStorA;iaStorA; C:\Windows\System32\drivers\iaStorA.sys [2013-08-07 644968]
R0 mfehidk;McAfee Inc. mfehidk; C:\Windows\system32\drivers\mfehidk.sys [2013-09-25 781312]
R0 mfewfpk;McAfee Inc. mfewfpk; C:\Windows\system32\drivers\mfewfpk.sys [2013-08-07 343568]
R0 tos_sps64;@oem20.inf,%SERVICE_DESC_amd64%;TOSHIBA tos_sps64 Service; C:\Windows\System32\drivers\tos_sps64.sys [2012-06-18 499096]
R0 TVALZ;@oem19.inf,%TVALZ.SvcDesc%;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\System32\drivers\TVALZ_O.SYS [2013-08-15 32832]
R0 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver; C:\Windows\System32\Drivers\TVALZFL.sys [2012-07-22 16768]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2016-01-16 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-01-16 1055560]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-01-16 451040]
R1 NNSALPC;NNSAlpc; C:\Windows\system32\DRIVERS\NNSAlpc.sys [2015-07-09 94456]
R1 NNSHTTP;NNSHttp; C:\Windows\system32\DRIVERS\NNSHttp.sys [2015-07-09 201976]
R1 NNSHTTPS;NNSHttps; C:\Windows\system32\DRIVERS\NNSHttps.sys [2015-07-09 110840]
R1 NNSIDS;NNSids; C:\Windows\system32\DRIVERS\NNSIds.sys [2015-07-09 110840]
R1 NNSNAHSL;@oem45.inf,%NNSNAHSL_Desc%;Network Activity Hook Server LightWeight Filter Driver; C:\Windows\system32\DRIVERS\NNSNAHSL.sys [2015-06-19 58616]
R1 NNSPICC;NNSPicc; C:\Windows\system32\DRIVERS\NNSPicc.sys [2015-07-09 103160]
R1 NNSPIHSW;NNSPihsw; C:\Windows\system32\DRIVERS\NNSPihsw.sys [2015-07-09 78072]
R1 NNSPOP3;NNSPop3; C:\Windows\system32\DRIVERS\NNSPop3.sys [2015-07-09 124152]
R1 NNSPROT;NNSProt; C:\Windows\system32\DRIVERS\NNSProt.sys [2015-07-09 300280]
R1 NNSPRV;NNSPrv; C:\Windows\system32\DRIVERS\NNSPrv.sys [2015-07-09 170232]
R1 NNSSMTP;NNSSmtp; C:\Windows\system32\DRIVERS\NNSSmtp.sys [2015-07-09 113400]
R1 NNSSTRM;NNSStrm; C:\Windows\system32\DRIVERS\NNSStrm.sys [2015-07-09 257784]
R1 NNSTLSC;NNSTlsc; C:\Windows\system32\DRIVERS\NNSTlsc.sys [2015-07-09 106232]
R1 PSINKNC;PSINKnc; C:\Windows\system32\DRIVERS\psinknc.sys [2015-07-19 197880]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2016-01-16 28656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2016-01-16 97648]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2016-01-16 155304]
R2 PEGAGFN;PEGAGFN; \??\C:\Program Files (x86)\TOSHIBA\PasswordUtility\PEGAGFN.sys [2009-09-11 14344]
R2 PSINAflt;PSINAflt; C:\Windows\system32\DRIVERS\PSINAflt.sys [2015-07-19 164088]
R2 PSINFile;PSINFile; C:\Windows\system32\DRIVERS\PSINFile.sys [2015-07-19 121592]
R2 PSINProc;PSINProc; C:\Windows\system32\DRIVERS\PSINProc.sys [2015-07-19 124152]
R2 PSINProt;PSINProt; C:\Windows\system32\DRIVERS\PSINProt.sys [2015-07-19 134392]
R2 PSINReg;PSINReg; C:\Windows\system32\DRIVERS\PSINReg.sys [2015-07-19 107768]
R3 AmUStor;@oem15.inf,%AmUStor.SvcDesc%;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2013-06-25 109336]
R3 athr;@oem33.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athwbx.sys [2013-10-24 3858944]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2013-08-22 590024]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\Windows\System32\drivers\BthEnum.sys [2014-10-29 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\Windows\System32\drivers\BthLEEnum.sys [2013-12-04 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\System32\drivers\bthpan.sys [2015-07-10 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2013-08-26 4166656]
R3 IntcDAud;@oem6.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2013-08-26 449528]
R3 iwdbus;@oem5.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\Windows\System32\drivers\iwdbus.sys [2013-08-22 26008]
R3 L1C;@oem12.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C63x64.sys [2013-07-18 130248]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-03-17 25816]
R3 MEIx64;@oem2.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2013-09-04 99288]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\Windows\system32\drivers\mfeavfk.sys [2013-08-07 310224]
R3 mfefirek;McAfee Inc. mfefirek; C:\Windows\system32\drivers\mfefirek.sys [2013-08-07 519064]
R3 PSKMAD;PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [2015-05-22 61712]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2014-08-06 34544]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10301; C:\Windows\system32\DRIVERS\stwrt64.sys [2013-08-16 551936]
R3 SynTP;@oem36.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2014-08-06 528112]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2012-07-25 31184]
R3 Thotkey;@oem16.inf,%Thotkey%;Toshiba Hotkey Driver; C:\Windows\System32\drivers\Thotkey.sys [2013-08-19 32624]
R3 tosrfec;@oem21.inf,%busenum.SVCDESC%;Bluetooth ACPI; C:\Windows\System32\drivers\tosrfec.sys [2013-11-01 27032]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2014-06-21 212736]
S0 mfeelamk;McAfee Inc. mfeelamk; C:\Windows\system32\drivers\mfeelamk.sys [2013-08-07 69264]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2015-05-11 1201664]
S3 cfwids;McAfee Inc. cfwids; C:\Windows\system32\drivers\cfwids.sys [2013-08-07 70112]
S3 hitmanpro37;HitmanPro 3.7 Support Driver; \??\C:\Windows\system32\drivers\hitmanpro37.sys [2015-09-08 43664]
S3 intaud_WaveExtensible;@oem4.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2013-08-22 39320]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2015-09-09 136408]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-03-17 64216]
S3 mfeapfk;McAfee Inc. mfeapfk; C:\Windows\system32\drivers\mfeapfk.sys [2013-09-25 179664]
S3 RTWlanE;@netrtwlane.inf,%RTWlanE.DeviceDesc.DispName%;Realtek Wireless LAN 802.11n PCI-E Network Adapter; C:\Windows\system32\DRIVERS\rtwlane.sys [2013-07-31 1936088]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2013-08-22 312448]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-01-16 226440]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2014-10-29 38792]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-05-12 733696]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-09-04 131544]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-09-04 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-09-04 390616]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-03-17 1080120]
R2 mfefire;McAfee Firewall Core Service; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [2013-08-07 219272]
R2 mfevtp;McAfee Validation Trust Protection Service; C:\Windows\system32\mfevtps.exe [2013-09-25 182752]
R2 NanoServiceMain;Panda Protection Service; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [2015-07-29 142072]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-07-20 935208]
R2 OfficeSvc;Služba Microsoft Office; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-10-31 1907896]
R2 PandaAgent;Panda Devices Agent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [2015-07-23 73464]
R2 PDF Architect Helper Service;PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [2013-04-08 1320496]
R2 PDF Architect Service;PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [2013-04-08 799280]
R2 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2014-06-24 1738168]
R2 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2014-06-27 2088408]
R2 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2014-04-25 171928]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10101; C:\Program Files\IDT\WDM\STacSV64.exe [2013-08-16 339456]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\Teco\TecoService.exe [2013-08-10 328544]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
R3 TMachInfo;TMachInfo; C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2013-07-31 53864]
R3 TPCHSrv;TPCH Service; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2013-09-04 466504]
S2 dts_apo_service;DTS APO Service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [2013-09-10 19792]
S2 GFNEXSrv;GFNEX Service; C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe [2013-03-27 163168]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-07 144200]
S2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-03-17 1871160]
S2 panda_url_filtering;panda_url_filtering Service; C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filteringb.exe [2015-05-19 291336]
S2 PSUAService;Panda Product Service; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [2015-07-28 38136]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2014-09-30 72704]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-16 269504]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2013-08-30 279024]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-22 43696]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2014-12-16 265808]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-07 144200]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-05-12 822232]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-05-26 148080]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 150600]
S3 TemproMonitoringService;TEMPRO Service; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2013-07-19 116088]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
zpomalené pc, nejde nic aktualizovat
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: zpomalené pc, nejde nic aktualizovat
tady jetě logy s FRST
děkuji
děkuji
- Přílohy
-
- Logs.zip
- (22.2 KiB) Staženo 47 x
Re: zpomalené pc, nejde nic aktualizovat
Zdravim 
Nejprve si rozmyslete, jake zabezpeceni budete (nebo tedy pritelkyne) pouzivat. Bezi tam Panda, McAfee a Avast. Pere se to mezi sebou a dela to problemy. Nechte jen jedno, zbytek odinstalujte.
Dale odinstalujte Spybota, program je zastaraly a v podstate k nicemu.
Zkuste neco stahnout v nouzovem rezimu s praci v siti a dejte vedet, zda to slo.
Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner[C?].txt ). Ten mi sem zkopirujte.
Nejprve si rozmyslete, jake zabezpeceni budete (nebo tedy pritelkyne) pouzivat. Bezi tam Panda, McAfee a Avast. Pere se to mezi sebou a dela to problemy. Nechte jen jedno, zbytek odinstalujte. Dale odinstalujte Spybota, program je zastaraly a v podstate k nicemu. Zkuste neco stahnout v nouzovem rezimu s praci v siti a dejte vedet, zda to slo. Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner[C?].txt ). Ten mi sem zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: zpomalené pc, nejde nic aktualizovat
tak vše kromě pandy odinstalováno, ta nejde odinstalovat ani nějak nejede, pokud mi dáte tip na nějký tool na nějakou vynucenou odinstalaci budu rád. V nouzovém režimu jede vše v pohodě, po projetí Adwcleaneem sse mi aktualizoali windows a še teď jede ještě pomaleji tady je log:
# AdwCleaner v5.029 - Logfile created 16/01/2016 at 18:09:17
# Updated 11/01/2016 by Xplode
# Database : 2016-01-15.2 [Server]
# Operating system : Windows 8.1 (x64)
# Username : Pavla - WIWI
# Running from : C:\Users\Pavla\Downloads\AdwCleaner.exe
# Option : Scan
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
***** [ Files ] *****
File Found : C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ogminpmldncgcmokldnmmapddoccmhfl_0.localstorage
***** [ DLL ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Key Found : HKLM\SOFTWARE\Classes\AppID\{BAB04997-93AD-4C13-805A-0409199700BB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
Key Found : HKCU\Software\WEBAPP
Key Found : HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Key Found : HKLM\SOFTWARE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D01A33E2-0A34-4659-82AA-8A90C51C0D21}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D01A33E2-0A34-4659-82AA-8A90C51C0D21}
Key Found : HKU\.DEFAULT\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
***** [ Web browsers ] *****
[C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Found : bopakagnckmlgajfccecajhnimjiiedh
[C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Found : ogminpmldncgcmokldnmmapddoccmhfl
########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt - [1706 bytes] ##########
# AdwCleaner v5.029 - Logfile created 16/01/2016 at 18:09:17
# Updated 11/01/2016 by Xplode
# Database : 2016-01-15.2 [Server]
# Operating system : Windows 8.1 (x64)
# Username : Pavla - WIWI
# Running from : C:\Users\Pavla\Downloads\AdwCleaner.exe
# Option : Scan
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
***** [ Files ] *****
File Found : C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ogminpmldncgcmokldnmmapddoccmhfl_0.localstorage
***** [ DLL ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Key Found : HKLM\SOFTWARE\Classes\AppID\{BAB04997-93AD-4C13-805A-0409199700BB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
Key Found : HKCU\Software\WEBAPP
Key Found : HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Key Found : HKLM\SOFTWARE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D01A33E2-0A34-4659-82AA-8A90C51C0D21}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D01A33E2-0A34-4659-82AA-8A90C51C0D21}
Key Found : HKU\.DEFAULT\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
***** [ Web browsers ] *****
[C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Found : bopakagnckmlgajfccecajhnimjiiedh
[C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Found : ogminpmldncgcmokldnmmapddoccmhfl
########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt - [1706 bytes] ##########
Re: zpomalené pc, nejde nic aktualizovat
Pise pri pokusu o odinstalovani nejakou hlasku? Zkuste ji odinstalovat treba pomoci CCleaneru, pripadne https://servis.eset.cz/knowledgebase/ar ... ch-programFrido píše:tak vše kromě pandy odinstalováno, ta nejde odinstalovat ani nějak nejede
Log z ADWCleaneru je jen po Scanu. Nechal jste nalezy i odstranit? Pokud ne, udelejte to. Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekcePokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: zpomalené pc, nejde nic aktualizovat
ano vymazal
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 17. 1. 2016
Čas skenování: 14:38
Protokol: dddd.txt
Správce: Ano
Verze: 2.2.0.1024
Databáze malwaru: v2016.01.17.02
Databáze rootkitů: v2016.01.09.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto
OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: Pavla
Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 344591
Uplynulý čas: 1 hod, 3 min, 44 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 5
PUP.Optional.Privoxy.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Upload Defender Job, , [259106341c7d64d2ce7faa2508fa9f61],
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE, , [2d89b68479209e98d71f839bb054fa06],
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE, , [af0792a81089cd691dd93be3ff05ac54],
PUP.Optional.MultiPlug, HKU\S-1-5-21-2757677241-3423558724-1332677612-1001_Classes\TYPELIB\{157B1AA6-3E5C-404A-9118-C1D91F537040}, , [8d29f2485148330371c154a08281966a],
PUP.Optional.MultiPlug, HKU\S-1-5-21-2757677241-3423558724-1332677612-1001_Classes\INTERFACE\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}, , [8d29f2485148330371c154a08281966a],
Hodnoty registru: 3
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, , [2d89b68479209e98d71f839bb054fa06]
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, , [af0792a81089cd691dd93be3ff05ac54]
PUM.Optional.ProxyHijacker, HKU\S-1-5-21-2757677241-3423558724-1332677612-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|ProxyServer, 127.0.0.1:8118, , [585eb7830099ff371eba79933dc7c13f]
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 49
PUP.Optional.Gomita, C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\9535d67718b95a9fe5763c8f4bfbd40f, , [4c6a87b37f1acf67a0948f4e07fd966a],
PUP.Optional.Gomita, C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\9535d67718b95a9fe5763c8f4bfbd40f\content, , [4c6a87b37f1acf67a0948f4e07fd966a],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\css, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\html, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\images, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\bg, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\ca, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\cs, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\da, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\de, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\el, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\en, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\en_GB, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\es, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\es_419, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\et, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\fi, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\fil, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\fr, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\hi, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\hr, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\hu, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\id, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\it, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\ja, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\ko, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\lt, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\lv, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\nb, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\nl, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\pl, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\pt_BR, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\pt_PT, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\ro, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\ru, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\sk, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\sl, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\sr, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\sv, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\th, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\tr, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\uk, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\vi, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\zh_CN, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\zh_TW, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_metadata, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda, , [6f47f6445d3c67cf1e8201dea361f50b],
Soubory: 56
PUP.Optional.Gomita, C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\9535d67718b95a9fe5763c8f4bfbd40f\install.rdf, , [4c6a87b37f1acf67a0948f4e07fd966a],
PUP.Optional.Gomita, C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\9535d67718b95a9fe5763c8f4bfbd40f\content\overlay.xul, , [4c6a87b37f1acf67a0948f4e07fd966a],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\manifest.json, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\craw_background.js, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\craw_window.js, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\css\craw_window.css, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\html\craw_window.html, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\images\flapper.gif, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\images\icon_128.png, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\images\icon_16.png, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\images\topbar_floating_button.png, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\images\topbar_floating_button_close.png, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\images\topbar_floating_button_hover.png, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\images\topbar_floating_button_maximize.png, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\images\topbar_floating_button_pressed.png, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\bg\messages.json, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\ca\messages.json, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\cs\messages.json, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\da\messages.json, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\de\messages.json, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\el\messages.json, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\en\messages.json, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\en_GB\messages.json, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\es\messages.json, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\es_419\messages.json, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\et\messages.json, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\fi\messages.json, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\fil\messages.json, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\fr\messages.json, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\hi\messages.json, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\hr\messages.json, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\hu\messages.json, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\id\messages.json, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\it\messages.json, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\ja\messages.json, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\ko\messages.json, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\lt\messages.json, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\lv\messages.json, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\nb\messages.json, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\nl\messages.json, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\pl\messages.json, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\pt_BR\messages.json, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\pt_PT\messages.json, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\ro\messages.json, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\ru\messages.json, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\sk\messages.json, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\sl\messages.json, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\sr\messages.json, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\sv\messages.json, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\th\messages.json, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\tr\messages.json, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\uk\messages.json, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\vi\messages.json, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\zh_CN\messages.json, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\zh_TW\messages.json, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_metadata\verified_contents.json, , [6f47f6445d3c67cf1e8201dea361f50b],
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 17. 1. 2016
Čas skenování: 14:38
Protokol: dddd.txt
Správce: Ano
Verze: 2.2.0.1024
Databáze malwaru: v2016.01.17.02
Databáze rootkitů: v2016.01.09.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto
OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: Pavla
Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 344591
Uplynulý čas: 1 hod, 3 min, 44 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 5
PUP.Optional.Privoxy.PrxySvrRST, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Upload Defender Job, , [259106341c7d64d2ce7faa2508fa9f61],
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE, , [2d89b68479209e98d71f839bb054fa06],
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE, , [af0792a81089cd691dd93be3ff05ac54],
PUP.Optional.MultiPlug, HKU\S-1-5-21-2757677241-3423558724-1332677612-1001_Classes\TYPELIB\{157B1AA6-3E5C-404A-9118-C1D91F537040}, , [8d29f2485148330371c154a08281966a],
PUP.Optional.MultiPlug, HKU\S-1-5-21-2757677241-3423558724-1332677612-1001_Classes\INTERFACE\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}, , [8d29f2485148330371c154a08281966a],
Hodnoty registru: 3
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, , [2d89b68479209e98d71f839bb054fa06]
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, , [af0792a81089cd691dd93be3ff05ac54]
PUM.Optional.ProxyHijacker, HKU\S-1-5-21-2757677241-3423558724-1332677612-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|ProxyServer, 127.0.0.1:8118, , [585eb7830099ff371eba79933dc7c13f]
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 49
PUP.Optional.Gomita, C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\9535d67718b95a9fe5763c8f4bfbd40f, , [4c6a87b37f1acf67a0948f4e07fd966a],
PUP.Optional.Gomita, C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\9535d67718b95a9fe5763c8f4bfbd40f\content, , [4c6a87b37f1acf67a0948f4e07fd966a],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\css, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\html, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\images, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\bg, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\ca, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\cs, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\da, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\de, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\el, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\en, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\en_GB, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\es, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\es_419, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\et, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\fi, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\fil, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\fr, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\hi, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\hr, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\hu, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\id, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\it, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\ja, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\ko, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\lt, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\lv, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\nb, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\nl, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\pl, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\pt_BR, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\pt_PT, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\ro, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\ru, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\sk, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\sl, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\sr, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\sv, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\th, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\tr, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\uk, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\vi, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\zh_CN, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\zh_TW, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_metadata, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda, , [6f47f6445d3c67cf1e8201dea361f50b],
Soubory: 56
PUP.Optional.Gomita, C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\9535d67718b95a9fe5763c8f4bfbd40f\install.rdf, , [4c6a87b37f1acf67a0948f4e07fd966a],
PUP.Optional.Gomita, C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\9535d67718b95a9fe5763c8f4bfbd40f\content\overlay.xul, , [4c6a87b37f1acf67a0948f4e07fd966a],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\manifest.json, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\craw_background.js, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\craw_window.js, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\css\craw_window.css, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\html\craw_window.html, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\images\flapper.gif, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\images\icon_128.png, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\images\icon_16.png, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\images\topbar_floating_button.png, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\images\topbar_floating_button_close.png, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\images\topbar_floating_button_hover.png, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\images\topbar_floating_button_maximize.png, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\images\topbar_floating_button_pressed.png, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\bg\messages.json, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\ca\messages.json, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\cs\messages.json, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\da\messages.json, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\de\messages.json, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\el\messages.json, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\en\messages.json, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\en_GB\messages.json, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\es\messages.json, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\es_419\messages.json, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\et\messages.json, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\fi\messages.json, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\fil\messages.json, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\fr\messages.json, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\hi\messages.json, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\hr\messages.json, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\hu\messages.json, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\id\messages.json, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\it\messages.json, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\ja\messages.json, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\ko\messages.json, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\lt\messages.json, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\lv\messages.json, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\nb\messages.json, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\nl\messages.json, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\pl\messages.json, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\pt_BR\messages.json, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\pt_PT\messages.json, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\ro\messages.json, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\ru\messages.json, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\sk\messages.json, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\sl\messages.json, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\sr\messages.json, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\sv\messages.json, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\th\messages.json, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\tr\messages.json, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\uk\messages.json, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\vi\messages.json, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\zh_CN\messages.json, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_locales\zh_TW\messages.json, , [6f47f6445d3c67cf1e8201dea361f50b],
PUP.Optional.HijackModifiedExtension, C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\_metadata\verified_contents.json, , [6f47f6445d3c67cf1e8201dea361f50b],
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
Re: zpomalené pc, nejde nic aktualizovat
Vsechny nalezy MBAM nechte odstranit. Po odstraneni a restartu pc test s MBAM zopakujte (ale tentokrat opravdu se spravnym nastavenim - tohle byl jen Sken hrozeb, ten nekontroluje cely pocitac, ja chtel Vlastni sken), at vime, jestli se to nevraci. Napiste vysledek testu a podle nej zvolim dalsi postup.Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: zpomalené pc, nejde nic aktualizovat
¨Malwerbytes nic nenašel, stahovat už ůžu, každopádně je počítač celkem dost spomalenej procesor jede v klidu tak na 35 procent a zápis na disk na 100. Nejvíc si bere proces Hotitel služby: místní systém (omezená síť) a microsoft compability telemetry
zde je log:
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 17. 1. 2016
Čas skenování: 17:20
Protokol: ssss.txt
Správce: Ano
Verze: 2.2.0.1024
Databáze malwaru: v2016.01.17.02
Databáze rootkitů: v2016.01.09.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto
OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: Pavla
Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 661151
Uplynulý čas: 5 hod, 46 min, 8 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 0
(Nenalezeny žádné škodlivé položky)
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 0
(Nenalezeny žádné škodlivé položky)
Soubory: 0
(Nenalezeny žádné škodlivé položky)
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
zde je log:
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 17. 1. 2016
Čas skenování: 17:20
Protokol: ssss.txt
Správce: Ano
Verze: 2.2.0.1024
Databáze malwaru: v2016.01.17.02
Databáze rootkitů: v2016.01.09.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto
OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: Pavla
Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 661151
Uplynulý čas: 5 hod, 46 min, 8 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 0
(Nenalezeny žádné škodlivé položky)
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 0
(Nenalezeny žádné škodlivé položky)
Soubory: 0
(Nenalezeny žádné škodlivé položky)
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
Re: zpomalené pc, nejde nic aktualizovat
Fajn, MBAM muzete odinstalovat a jdeme dale... Stahnete crystal disk info http://sourceforge.jp/projects/crystald ... 5_0_0.zip/Spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)
Dejte novy log z RSITa k tomu
Dejte nove logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: zpomalené pc, nejde nic aktualizovat
no vypadá to že se je to teď všechno postupně ještě horší a zas nejde nic stahovat a ta panda se mi neodintalovla sem i ted vsiml :/, nic logy dám do přípony, snad to pomůže každopádně děkuji velice za trpělivou pomoc
- Přílohy
-
- Desktop.zip
- (38.06 KiB) Staženo 39 x
Re: zpomalené pc, nejde nic aktualizovat
Napiste mi velikost adresare plochy (C:\Users\Pavla\Plocha) Otevrete si poznamkovy blok a zkopirujte do nej tento skript
Kód: Vybrat vše
Start
CloseProcesses:
CreateRestorePoint:
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [571392 2011-10-30] (Nikon Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\S-1-5-21-2757677241-3423558724-1332677612-1001\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4272840 2014-03-31] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
Startup: C:\Users\Pavla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2014-09-30]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2757677241-3423558724-1332677612-1001 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2757677241-3423558724-1332677612-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
Toolbar: HKLM-x32 - No Name - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - No File
FF Extension: Panda Security Toolbar - C:\Users\Pavla\AppData\Roaming\Mozilla\Firefox\Profiles\t2fegv1i.default\Extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} [2015-08-20] [not signed]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-07 144200]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-07 144200]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-07-20 935208]
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2014-09-30] (Adobe Systems) [File not signed]
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-08-07] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-09-25] (McAfee, Inc.)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [142072 2015-07-29] (Panda Security, S.L.)
R2 panda_url_filtering; C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filteringb.exe [291336 2015-05-19] (Visicom Media Inc.)
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [38136 2015-07-28] (Panda Security, S.L.)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-08-07] (McAfee, Inc.)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179664 2013-09-25] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [310224 2013-08-07] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69264 2013-08-07] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [519064 2013-08-07] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [781312 2013-09-25] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [343568 2013-08-07] (McAfee, Inc.)
R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [94456 2015-07-09] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [201976 2015-07-09] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [110840 2015-07-09] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [110840 2015-07-09] (Panda Security, S.L.)
R1 NNSNAHSL; C:\Windows\system32\DRIVERS\NNSNAHSL.sys [58616 2015-06-19] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [103160 2015-07-09] (Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [78072 2015-07-09] ()
R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [124152 2015-07-09] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [300280 2015-07-09] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [170232 2015-07-09] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [113400 2015-07-09] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [257784 2015-07-09] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [106232 2015-07-09] (Panda Security, S.L.)
R3 panda_url_filteringd; C:\ProgramData\Panda Security URL Filtering\panda_url_filteringd.sys [51288 2014-03-19] (Visicom Media Inc.)
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [164088 2015-07-19] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [121592 2015-07-19] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [197880 2015-07-19] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [124152 2015-07-19] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [134392 2015-07-19] (Panda Security, S.L.)
R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [107768 2015-07-19] (Panda Security, S.L.)
R3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [61712 2015-05-22] (Panda Security, S.L.)
2016-01-17 10:09 - 2015-09-08 19:33 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-01-17 09:33 - 2015-08-20 18:55 - 00000000 ____D C:\Program Files (x86)\Panda Security
2016-01-17 09:33 - 2015-08-20 18:50 - 00000000 ____D C:\ProgramData\Panda Security
2016-01-17 09:31 - 2015-09-08 19:33 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
C:\ProgramData\Panda Security URL Filtering
C:\Program Files\Common Files\mcafee
C:\Windows\System32\drivers\cfwids.sys
C:\Windows\System32\drivers\mfeapfk.sys
C:\Windows\System32\drivers\mfeavfk.sys
C:\Windows\System32\drivers\mfeelamk.sys
C:\Windows\System32\drivers\mfefirek.sys
C:\Windows\System32\drivers\mfehidk.sys
C:\Windows\System32\drivers\mfewfpk.sys
C:\Windows\System32\DRIVERS\NNSAlpc.sys
C:\Windows\System32\DRIVERS\NNSHttp.sys
C:\Windows\System32\DRIVERS\NNSHttps.sys
C:\Windows\System32\DRIVERS\NNSIds.sys
C:\Windows\system32\DRIVERS\NNSNAHSL.sys
C:\Windows\System32\DRIVERS\NNSPicc.sys
C:\Windows\System32\DRIVERS\NNSPihsw.sys
C:\Windows\System32\DRIVERS\NNSPop3.sys
C:\Windows\System32\DRIVERS\NNSProt.sys
C:\Windows\System32\DRIVERS\NNSPrv.sys
C:\Windows\System32\DRIVERS\NNSSmtp.sys
C:\Windows\System32\DRIVERS\NNSStrm.sys
C:\Windows\System32\DRIVERS\NNSTlsc.sys
C:\Windows\System32\DRIVERS\PSINAflt.sys
C:\Windows\System32\DRIVERS\PSINFile.sys
C:\Windows\System32\DRIVERS\psinknc.sys
C:\Windows\System32\DRIVERS\PSINProc.sys
C:\Windows\System32\DRIVERS\PSINProt.sys
C:\Windows\System32\DRIVERS\PSINReg.sys
C:\Windows\System32\DRIVERS\PSKMAD.sys
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_267_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Chrome Cleanup Tool logs upload retry.job => C:\Users\Pavla\AppData\Local\Temp\E8A7.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d1508d9a4a428c.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {06F71154-2FBC-4556-95EA-81756BF89CAD} - \{C44A2BD7-F33A-4493-8EDB-CB81E10C805A} -> No File <==== ATTENTION
Task: {0F7D36A7-7803-4998-AFC6-0E727D655B0C} - \User_Feed_Synchronization-{E67238D3-111A-45B7-A392-F0CB32C13224} -> No File <==== ATTENTION
Task: {2029CB31-70A6-4F01-A362-A9ADE62E7218} - \Trigger KMS Activation -> No File <==== ATTENTION
Task: {3AC0DA81-3416-4F15-9B0C-2F137074FCC5} - \{9633469B-4741-477B-AAFF-C21F3C3C5CFA} -> No File <==== ATTENTION
Task: {40D77A27-B61E-4668-A92F-5B5CE8B46399} - \Microsoft OneDrive Auto Update Task-S-1-5-21-2757677241-3423558724-1332677612-1001 -> No File <==== ATTENTION
Task: {4E1CFE6A-7A3D-4108-A29C-0F0439F5B1B8} - \Optimize Start Menu Cache Files-S-1-5-21-2757677241-3423558724-1332677612-500 -> No File <==== ATTENTION
Task: {4F1F0CFA-B68E-40E0-90F7-6FF025588C4B} - \AutoKMS -> No File <==== ATTENTION
Task: {55BF380D-50E6-46F5-A2C2-3E57192AEB6E} - \Resolution+ Setting Task -> No File <==== ATTENTION
Task: {66322F08-C9AA-4ED7-B335-254A83BED29B} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {7BA3158B-C99B-4C1A-97A3-978B9313C1F3} - \Synaptics TouchPad Enhancements -> No File <==== ATTENTION
Task: {90CAA75C-F4B8-4691-9001-5AE645EC8264} - \Windows Defrag -> No File <==== ATTENTION
Task: {C7168BAD-3E83-4406-A43A-13F8E3CA061B} - \Upload Defender Job -> No File <==== ATTENTION
Hosts:
EmptyTemp:
Reboot:
EndKliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.
(kdyby to neslo, zkuste to i v nouzovem rezimu)
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: zpomalené pc, nejde nic aktualizovat
velikost plochy je asi 48 GB
zde je log:
Fix result of Farbar Recovery Scan Tool (x64) Version:10-01-2015 01
Ran by Pavla (2016-01-19 19:21:21) Run:1
Running from C:\Users\Pavla\Desktop
Loaded Profiles: Pavla (Available Profiles: Pavla)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [571392 2011-10-30] (Nikon Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\S-1-5-21-2757677241-3423558724-1332677612-1001\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4272840 2014-03-31] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
Startup: C:\Users\Pavla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2014-09-30]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2757677241-3423558724-1332677612-1001 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2757677241-3423558724-1332677612-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
Toolbar: HKLM-x32 - No Name - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - No File
FF Extension: Panda Security Toolbar - C:\Users\Pavla\AppData\Roaming\Mozilla\Firefox\Profiles\t2fegv1i.default\Extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} [2015-08-20] [not signed]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-07 144200]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-07 144200]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-07-20 935208]
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2014-09-30] (Adobe Systems) [File not signed]
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-08-07] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-09-25] (McAfee, Inc.)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [142072 2015-07-29] (Panda Security, S.L.)
R2 panda_url_filtering; C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filteringb.exe [291336 2015-05-19] (Visicom Media Inc.)
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [38136 2015-07-28] (Panda Security, S.L.)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-08-07] (McAfee, Inc.)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179664 2013-09-25] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [310224 2013-08-07] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69264 2013-08-07] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [519064 2013-08-07] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [781312 2013-09-25] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [343568 2013-08-07] (McAfee, Inc.)
R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [94456 2015-07-09] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [201976 2015-07-09] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [110840 2015-07-09] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [110840 2015-07-09] (Panda Security, S.L.)
R1 NNSNAHSL; C:\Windows\system32\DRIVERS\NNSNAHSL.sys [58616 2015-06-19] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [103160 2015-07-09] (Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [78072 2015-07-09] ()
R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [124152 2015-07-09] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [300280 2015-07-09] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [170232 2015-07-09] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [113400 2015-07-09] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [257784 2015-07-09] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [106232 2015-07-09] (Panda Security, S.L.)
R3 panda_url_filteringd; C:\ProgramData\Panda Security URL Filtering\panda_url_filteringd.sys [51288 2014-03-19] (Visicom Media Inc.)
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [164088 2015-07-19] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [121592 2015-07-19] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [197880 2015-07-19] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [124152 2015-07-19] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [134392 2015-07-19] (Panda Security, S.L.)
R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [107768 2015-07-19] (Panda Security, S.L.)
R3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [61712 2015-05-22] (Panda Security, S.L.)
2016-01-17 10:09 - 2015-09-08 19:33 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-01-17 09:33 - 2015-08-20 18:55 - 00000000 ____D C:\Program Files (x86)\Panda Security
2016-01-17 09:33 - 2015-08-20 18:50 - 00000000 ____D C:\ProgramData\Panda Security
2016-01-17 09:31 - 2015-09-08 19:33 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
C:\ProgramData\Panda Security URL Filtering
C:\Program Files\Common Files\mcafee
C:\Windows\System32\drivers\cfwids.sys
C:\Windows\System32\drivers\mfeapfk.sys
C:\Windows\System32\drivers\mfeavfk.sys
C:\Windows\System32\drivers\mfeelamk.sys
C:\Windows\System32\drivers\mfefirek.sys
C:\Windows\System32\drivers\mfehidk.sys
C:\Windows\System32\drivers\mfewfpk.sys
C:\Windows\System32\DRIVERS\NNSAlpc.sys
C:\Windows\System32\DRIVERS\NNSHttp.sys
C:\Windows\System32\DRIVERS\NNSHttps.sys
C:\Windows\System32\DRIVERS\NNSIds.sys
C:\Windows\system32\DRIVERS\NNSNAHSL.sys
C:\Windows\System32\DRIVERS\NNSPicc.sys
C:\Windows\System32\DRIVERS\NNSPihsw.sys
C:\Windows\System32\DRIVERS\NNSPop3.sys
C:\Windows\System32\DRIVERS\NNSProt.sys
C:\Windows\System32\DRIVERS\NNSPrv.sys
C:\Windows\System32\DRIVERS\NNSSmtp.sys
C:\Windows\System32\DRIVERS\NNSStrm.sys
C:\Windows\System32\DRIVERS\NNSTlsc.sys
C:\Windows\System32\DRIVERS\PSINAflt.sys
C:\Windows\System32\DRIVERS\PSINFile.sys
C:\Windows\System32\DRIVERS\psinknc.sys
C:\Windows\System32\DRIVERS\PSINProc.sys
C:\Windows\System32\DRIVERS\PSINProt.sys
C:\Windows\System32\DRIVERS\PSINReg.sys
C:\Windows\System32\DRIVERS\PSKMAD.sys
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_267_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Chrome Cleanup Tool logs upload retry.job => C:\Users\Pavla\AppData\Local\Temp\E8A7.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d1508d9a4a428c.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {06F71154-2FBC-4556-95EA-81756BF89CAD} - \{C44A2BD7-F33A-4493-8EDB-CB81E10C805A} -> No File <==== ATTENTION
Task: {0F7D36A7-7803-4998-AFC6-0E727D655B0C} - \User_Feed_Synchronization-{E67238D3-111A-45B7-A392-F0CB32C13224} -> No File <==== ATTENTION
Task: {2029CB31-70A6-4F01-A362-A9ADE62E7218} - \Trigger KMS Activation -> No File <==== ATTENTION
Task: {3AC0DA81-3416-4F15-9B0C-2F137074FCC5} - \{9633469B-4741-477B-AAFF-C21F3C3C5CFA} -> No File <==== ATTENTION
Task: {40D77A27-B61E-4668-A92F-5B5CE8B46399} - \Microsoft OneDrive Auto Update Task-S-1-5-21-2757677241-3423558724-1332677612-1001 -> No File <==== ATTENTION
Task: {4E1CFE6A-7A3D-4108-A29C-0F0439F5B1B8} - \Optimize Start Menu Cache Files-S-1-5-21-2757677241-3423558724-1332677612-500 -> No File <==== ATTENTION
Task: {4F1F0CFA-B68E-40E0-90F7-6FF025588C4B} - \AutoKMS -> No File <==== ATTENTION
Task: {55BF380D-50E6-46F5-A2C2-3E57192AEB6E} - \Resolution+ Setting Task -> No File <==== ATTENTION
Task: {66322F08-C9AA-4ED7-B335-254A83BED29B} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {7BA3158B-C99B-4C1A-97A3-978B9313C1F3} - \Synaptics TouchPad Enhancements -> No File <==== ATTENTION
Task: {90CAA75C-F4B8-4691-9001-5AE645EC8264} - \Windows Defrag -> No File <==== ATTENTION
Task: {C7168BAD-3E83-4406-A43A-13F8E3CA061B} - \Upload Defender Job -> No File <==== ATTENTION
Hosts:
EmptyTemp:
Reboot:
End
*****************
Processes closed successfully.
Restore point was successfully created.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Nikon Message Center 2 => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKU\S-1-5-21-2757677241-3423558724-1332677612-1001\Software\Microsoft\Windows\CurrentVersion\Run\\msnmsgr => value removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive1" => key removed successfully
HKCR\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive2" => key removed successfully
HKCR\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive3" => key removed successfully
HKCR\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive1" => key removed successfully
HKCR\Wow6432Node\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive2" => key removed successfully
HKCR\Wow6432Node\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive3" => key removed successfully
HKCR\Wow6432Node\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => key not found.
C:\Users\Pavla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk => moved successfully
C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe => moved successfully
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}" => key removed successfully
HKCR\Wow6432Node\CLSID\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => key not found.
HKU\S-1-5-21-2757677241-3423558724-1332677612-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-2757677241-3423558724-1332677612-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}" => key removed successfully
HKCR\CLSID\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} => value removed successfully
HKCR\Wow6432Node\CLSID\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} => key not found.
C:\Users\Pavla\AppData\Roaming\Mozilla\Firefox\Profiles\t2fegv1i.default\Extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} => moved successfully
gupdatem => service removed successfully
gupdate => service removed successfully
Nero BackItUp Scheduler 4.0 => Unable to stop service.
Nero BackItUp Scheduler 4.0 => service removed successfully
Adobe LM Service => service removed successfully
mfefire => service removed successfully
mfevtp => Unable to stop service.
mfevtp => service removed successfully
NanoServiceMain => Unable to stop service.
NanoServiceMain => service could not remove
panda_url_filtering => service removed successfully
PSUAService => Unable to stop service.
PSUAService => service could not remove
cfwids => service removed successfully
mfeapfk => service removed successfully
mfeavfk => Unable to stop service.
mfeavfk => service removed successfully
mfeelamk => service removed successfully
mfefirek => service removed successfully
mfehidk => Unable to stop service.
mfehidk => service removed successfully
mfewfpk => Unable to stop service.
mfewfpk => service removed successfully
NNSALPC => Unable to stop service.
NNSALPC => service could not remove
NNSHTTP => Unable to stop service.
NNSHTTP => service could not remove
NNSHTTPS => Unable to stop service.
NNSHTTPS => service could not remove
NNSIDS => Unable to stop service.
NNSIDS => service could not remove
NNSNAHSL => Unable to stop service.
NNSNAHSL => service removed successfully
NNSPICC => Unable to stop service.
NNSPICC => service could not remove
NNSPIHSW => Unable to stop service.
NNSPIHSW => service removed successfully
NNSPOP3 => Unable to stop service.
NNSPOP3 => service could not remove
NNSPROT => Unable to stop service.
NNSPROT => service could not remove
NNSPRV => Unable to stop service.
NNSPRV => service could not remove
NNSSMTP => Unable to stop service.
NNSSMTP => service could not remove
NNSSTRM => Unable to stop service.
NNSSTRM => service could not remove
NNSTLSC => Unable to stop service.
NNSTLSC => service could not remove
panda_url_filteringd => service not found.
PSINAflt => Unable to stop service.
PSINAflt => service could not remove
PSINFile => Unable to stop service.
PSINFile => service could not remove
PSINKNC => Unable to stop service.
PSINKNC => service could not remove
PSINProc => Unable to stop service.
PSINProc => service could not remove
PSINProt => Unable to stop service.
PSINProt => service could not remove
PSINReg => Unable to stop service.
PSINReg => service could not remove
PSKMAD => Unable to stop service.
PSKMAD => service removed successfully
C:\Program Files (x86)\Spybot - Search & Destroy 2 => moved successfully
"C:\Program Files (x86)\Panda Security" folder move:
Could not move "C:\Program Files (x86)\Panda Security" => Scheduled to move on reboot.
"C:\ProgramData\Panda Security" folder move:
Could not move "C:\ProgramData\Panda Security" => Scheduled to move on reboot.
C:\ProgramData\Spybot - Search & Destroy => moved successfully
C:\ProgramData\Panda Security URL Filtering => moved successfully
C:\Program Files\Common Files\mcafee => moved successfully
C:\Windows\System32\drivers\cfwids.sys => moved successfully
C:\Windows\System32\drivers\mfeapfk.sys => moved successfully
C:\Windows\System32\drivers\mfeavfk.sys => moved successfully
C:\Windows\System32\drivers\mfeelamk.sys => moved successfully
C:\Windows\System32\drivers\mfefirek.sys => moved successfully
C:\Windows\System32\drivers\mfehidk.sys => moved successfully
C:\Windows\System32\drivers\mfewfpk.sys => moved successfully
Could not move "C:\Windows\System32\DRIVERS\NNSAlpc.sys" => Scheduled to move on reboot.
Could not move "C:\Windows\System32\DRIVERS\NNSHttp.sys" => Scheduled to move on reboot.
Could not move "C:\Windows\System32\DRIVERS\NNSHttps.sys" => Scheduled to move on reboot.
Could not move "C:\Windows\System32\DRIVERS\NNSIds.sys" => Scheduled to move on reboot.
Could not move "C:\Windows\system32\DRIVERS\NNSNAHSL.sys" => Scheduled to move on reboot.
Could not move "C:\Windows\System32\DRIVERS\NNSPicc.sys" => Scheduled to move on reboot.
Could not move "C:\Windows\System32\DRIVERS\NNSPihsw.sys" => Scheduled to move on reboot.
Could not move "C:\Windows\System32\DRIVERS\NNSPop3.sys" => Scheduled to move on reboot.
Could not move "C:\Windows\System32\DRIVERS\NNSProt.sys" => Scheduled to move on reboot.
Could not move "C:\Windows\System32\DRIVERS\NNSPrv.sys" => Scheduled to move on reboot.
Could not move "C:\Windows\System32\DRIVERS\NNSSmtp.sys" => Scheduled to move on reboot.
Could not move "C:\Windows\System32\DRIVERS\NNSStrm.sys" => Scheduled to move on reboot.
Could not move "C:\Windows\System32\DRIVERS\NNSTlsc.sys" => Scheduled to move on reboot.
Could not move "C:\Windows\System32\DRIVERS\PSINAflt.sys" => Scheduled to move on reboot.
Could not move "C:\Windows\System32\DRIVERS\PSINFile.sys" => Scheduled to move on reboot.
Could not move "C:\Windows\System32\DRIVERS\psinknc.sys" => Scheduled to move on reboot.
Could not move "C:\Windows\System32\DRIVERS\PSINProc.sys" => Scheduled to move on reboot.
Could not move "C:\Windows\System32\DRIVERS\PSINProt.sys" => Scheduled to move on reboot.
Could not move "C:\Windows\System32\DRIVERS\PSINReg.sys" => Scheduled to move on reboot.
C:\Windows\System32\DRIVERS\PSKMAD.sys => moved successfully
C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => moved successfully
C:\Windows\Tasks\Adobe Flash Player Updater.job => moved successfully
C:\Windows\Tasks\Chrome Cleanup Tool logs upload retry.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d1508d9a4a428c.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{06F71154-2FBC-4556-95EA-81756BF89CAD}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{06F71154-2FBC-4556-95EA-81756BF89CAD}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C44A2BD7-F33A-4493-8EDB-CB81E10C805A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0F7D36A7-7803-4998-AFC6-0E727D655B0C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0F7D36A7-7803-4998-AFC6-0E727D655B0C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\User_Feed_Synchronization-{E67238D3-111A-45B7-A392-F0CB32C13224}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2029CB31-70A6-4F01-A362-A9ADE62E7218}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2029CB31-70A6-4F01-A362-A9ADE62E7218}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Trigger KMS Activation" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3AC0DA81-3416-4F15-9B0C-2F137074FCC5}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3AC0DA81-3416-4F15-9B0C-2F137074FCC5}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{9633469B-4741-477B-AAFF-C21F3C3C5CFA}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{40D77A27-B61E-4668-A92F-5B5CE8B46399}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{40D77A27-B61E-4668-A92F-5B5CE8B46399}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft OneDrive Auto Update Task-S-1-5-21-2757677241-3423558724-1332677612-1001" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4E1CFE6A-7A3D-4108-A29C-0F0439F5B1B8}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4E1CFE6A-7A3D-4108-A29C-0F0439F5B1B8}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Optimize Start Menu Cache Files-S-1-5-21-2757677241-3423558724-1332677612-500" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{4F1F0CFA-B68E-40E0-90F7-6FF025588C4B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4F1F0CFA-B68E-40E0-90F7-6FF025588C4B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{55BF380D-50E6-46F5-A2C2-3E57192AEB6E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{55BF380D-50E6-46F5-A2C2-3E57192AEB6E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Resolution+ Setting Task" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{66322F08-C9AA-4ED7-B335-254A83BED29B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{66322F08-C9AA-4ED7-B335-254A83BED29B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7BA3158B-C99B-4C1A-97A3-978B9313C1F3}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7BA3158B-C99B-4C1A-97A3-978B9313C1F3}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Synaptics TouchPad Enhancements" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{90CAA75C-F4B8-4691-9001-5AE645EC8264}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{90CAA75C-F4B8-4691-9001-5AE645EC8264}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Windows Defrag" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C7168BAD-3E83-4406-A43A-13F8E3CA061B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C7168BAD-3E83-4406-A43A-13F8E3CA061B}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Upload Defender Job => key not found.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 240.2 MB temporary data Removed.
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2016-01-19 19:28:17)
C:\Program Files (x86)\Panda Security => Is moved successfully
C:\ProgramData\Panda Security => Is moved successfully
C:\Windows\System32\DRIVERS\NNSAlpc.sys => Is moved successfully
C:\Windows\System32\DRIVERS\NNSHttp.sys => Is moved successfully
C:\Windows\System32\DRIVERS\NNSHttps.sys => Is moved successfully
C:\Windows\System32\DRIVERS\NNSIds.sys => Is moved successfully
C:\Windows\system32\DRIVERS\NNSNAHSL.sys => Is moved successfully
C:\Windows\System32\DRIVERS\NNSPicc.sys => Is moved successfully
C:\Windows\System32\DRIVERS\NNSPihsw.sys => Is moved successfully
C:\Windows\System32\DRIVERS\NNSPop3.sys => Is moved successfully
C:\Windows\System32\DRIVERS\NNSProt.sys => Is moved successfully
C:\Windows\System32\DRIVERS\NNSPrv.sys => Is moved successfully
C:\Windows\System32\DRIVERS\NNSSmtp.sys => Is moved successfully
C:\Windows\System32\DRIVERS\NNSStrm.sys => Is moved successfully
C:\Windows\System32\DRIVERS\NNSTlsc.sys => Is moved successfully
C:\Windows\System32\DRIVERS\PSINAflt.sys => Is moved successfully
C:\Windows\System32\DRIVERS\PSINFile.sys => Is moved successfully
C:\Windows\System32\DRIVERS\psinknc.sys => Is moved successfully
C:\Windows\System32\DRIVERS\PSINProc.sys => Is moved successfully
C:\Windows\System32\DRIVERS\PSINProt.sys => Is moved successfully
C:\Windows\System32\DRIVERS\PSINReg.sys => Is moved successfully
==== End of Fixlog 19:28:17 ====
zde je log:
Fix result of Farbar Recovery Scan Tool (x64) Version:10-01-2015 01
Ran by Pavla (2016-01-19 19:21:21) Run:1
Running from C:\Users\Pavla\Desktop
Loaded Profiles: Pavla (Available Profiles: Pavla)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [571392 2011-10-30] (Nikon Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\S-1-5-21-2757677241-3423558724-1332677612-1001\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4272840 2014-03-31] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
Startup: C:\Users\Pavla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2014-09-30]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2757677241-3423558724-1332677612-1001 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2757677241-3423558724-1332677612-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
Toolbar: HKLM-x32 - No Name - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - No File
FF Extension: Panda Security Toolbar - C:\Users\Pavla\AppData\Roaming\Mozilla\Firefox\Profiles\t2fegv1i.default\Extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} [2015-08-20] [not signed]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-07 144200]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-07 144200]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-07-20 935208]
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2014-09-30] (Adobe Systems) [File not signed]
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-08-07] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-09-25] (McAfee, Inc.)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [142072 2015-07-29] (Panda Security, S.L.)
R2 panda_url_filtering; C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filteringb.exe [291336 2015-05-19] (Visicom Media Inc.)
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [38136 2015-07-28] (Panda Security, S.L.)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-08-07] (McAfee, Inc.)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179664 2013-09-25] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [310224 2013-08-07] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69264 2013-08-07] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [519064 2013-08-07] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [781312 2013-09-25] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [343568 2013-08-07] (McAfee, Inc.)
R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [94456 2015-07-09] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [201976 2015-07-09] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [110840 2015-07-09] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [110840 2015-07-09] (Panda Security, S.L.)
R1 NNSNAHSL; C:\Windows\system32\DRIVERS\NNSNAHSL.sys [58616 2015-06-19] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [103160 2015-07-09] (Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [78072 2015-07-09] ()
R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [124152 2015-07-09] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [300280 2015-07-09] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [170232 2015-07-09] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [113400 2015-07-09] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [257784 2015-07-09] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [106232 2015-07-09] (Panda Security, S.L.)
R3 panda_url_filteringd; C:\ProgramData\Panda Security URL Filtering\panda_url_filteringd.sys [51288 2014-03-19] (Visicom Media Inc.)
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [164088 2015-07-19] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [121592 2015-07-19] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [197880 2015-07-19] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [124152 2015-07-19] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [134392 2015-07-19] (Panda Security, S.L.)
R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [107768 2015-07-19] (Panda Security, S.L.)
R3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [61712 2015-05-22] (Panda Security, S.L.)
2016-01-17 10:09 - 2015-09-08 19:33 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-01-17 09:33 - 2015-08-20 18:55 - 00000000 ____D C:\Program Files (x86)\Panda Security
2016-01-17 09:33 - 2015-08-20 18:50 - 00000000 ____D C:\ProgramData\Panda Security
2016-01-17 09:31 - 2015-09-08 19:33 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
C:\ProgramData\Panda Security URL Filtering
C:\Program Files\Common Files\mcafee
C:\Windows\System32\drivers\cfwids.sys
C:\Windows\System32\drivers\mfeapfk.sys
C:\Windows\System32\drivers\mfeavfk.sys
C:\Windows\System32\drivers\mfeelamk.sys
C:\Windows\System32\drivers\mfefirek.sys
C:\Windows\System32\drivers\mfehidk.sys
C:\Windows\System32\drivers\mfewfpk.sys
C:\Windows\System32\DRIVERS\NNSAlpc.sys
C:\Windows\System32\DRIVERS\NNSHttp.sys
C:\Windows\System32\DRIVERS\NNSHttps.sys
C:\Windows\System32\DRIVERS\NNSIds.sys
C:\Windows\system32\DRIVERS\NNSNAHSL.sys
C:\Windows\System32\DRIVERS\NNSPicc.sys
C:\Windows\System32\DRIVERS\NNSPihsw.sys
C:\Windows\System32\DRIVERS\NNSPop3.sys
C:\Windows\System32\DRIVERS\NNSProt.sys
C:\Windows\System32\DRIVERS\NNSPrv.sys
C:\Windows\System32\DRIVERS\NNSSmtp.sys
C:\Windows\System32\DRIVERS\NNSStrm.sys
C:\Windows\System32\DRIVERS\NNSTlsc.sys
C:\Windows\System32\DRIVERS\PSINAflt.sys
C:\Windows\System32\DRIVERS\PSINFile.sys
C:\Windows\System32\DRIVERS\psinknc.sys
C:\Windows\System32\DRIVERS\PSINProc.sys
C:\Windows\System32\DRIVERS\PSINProt.sys
C:\Windows\System32\DRIVERS\PSINReg.sys
C:\Windows\System32\DRIVERS\PSKMAD.sys
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_267_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Chrome Cleanup Tool logs upload retry.job => C:\Users\Pavla\AppData\Local\Temp\E8A7.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d1508d9a4a428c.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {06F71154-2FBC-4556-95EA-81756BF89CAD} - \{C44A2BD7-F33A-4493-8EDB-CB81E10C805A} -> No File <==== ATTENTION
Task: {0F7D36A7-7803-4998-AFC6-0E727D655B0C} - \User_Feed_Synchronization-{E67238D3-111A-45B7-A392-F0CB32C13224} -> No File <==== ATTENTION
Task: {2029CB31-70A6-4F01-A362-A9ADE62E7218} - \Trigger KMS Activation -> No File <==== ATTENTION
Task: {3AC0DA81-3416-4F15-9B0C-2F137074FCC5} - \{9633469B-4741-477B-AAFF-C21F3C3C5CFA} -> No File <==== ATTENTION
Task: {40D77A27-B61E-4668-A92F-5B5CE8B46399} - \Microsoft OneDrive Auto Update Task-S-1-5-21-2757677241-3423558724-1332677612-1001 -> No File <==== ATTENTION
Task: {4E1CFE6A-7A3D-4108-A29C-0F0439F5B1B8} - \Optimize Start Menu Cache Files-S-1-5-21-2757677241-3423558724-1332677612-500 -> No File <==== ATTENTION
Task: {4F1F0CFA-B68E-40E0-90F7-6FF025588C4B} - \AutoKMS -> No File <==== ATTENTION
Task: {55BF380D-50E6-46F5-A2C2-3E57192AEB6E} - \Resolution+ Setting Task -> No File <==== ATTENTION
Task: {66322F08-C9AA-4ED7-B335-254A83BED29B} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {7BA3158B-C99B-4C1A-97A3-978B9313C1F3} - \Synaptics TouchPad Enhancements -> No File <==== ATTENTION
Task: {90CAA75C-F4B8-4691-9001-5AE645EC8264} - \Windows Defrag -> No File <==== ATTENTION
Task: {C7168BAD-3E83-4406-A43A-13F8E3CA061B} - \Upload Defender Job -> No File <==== ATTENTION
Hosts:
EmptyTemp:
Reboot:
End
*****************
Processes closed successfully.
Restore point was successfully created.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Nikon Message Center 2 => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKU\S-1-5-21-2757677241-3423558724-1332677612-1001\Software\Microsoft\Windows\CurrentVersion\Run\\msnmsgr => value removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive1" => key removed successfully
HKCR\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive2" => key removed successfully
HKCR\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive3" => key removed successfully
HKCR\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive1" => key removed successfully
HKCR\Wow6432Node\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive2" => key removed successfully
HKCR\Wow6432Node\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive3" => key removed successfully
HKCR\Wow6432Node\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => key not found.
C:\Users\Pavla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk => moved successfully
C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe => moved successfully
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}" => key removed successfully
HKCR\Wow6432Node\CLSID\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => key not found.
HKU\S-1-5-21-2757677241-3423558724-1332677612-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-2757677241-3423558724-1332677612-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}" => key removed successfully
HKCR\CLSID\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} => value removed successfully
HKCR\Wow6432Node\CLSID\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} => key not found.
C:\Users\Pavla\AppData\Roaming\Mozilla\Firefox\Profiles\t2fegv1i.default\Extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} => moved successfully
gupdatem => service removed successfully
gupdate => service removed successfully
Nero BackItUp Scheduler 4.0 => Unable to stop service.
Nero BackItUp Scheduler 4.0 => service removed successfully
Adobe LM Service => service removed successfully
mfefire => service removed successfully
mfevtp => Unable to stop service.
mfevtp => service removed successfully
NanoServiceMain => Unable to stop service.
NanoServiceMain => service could not remove
panda_url_filtering => service removed successfully
PSUAService => Unable to stop service.
PSUAService => service could not remove
cfwids => service removed successfully
mfeapfk => service removed successfully
mfeavfk => Unable to stop service.
mfeavfk => service removed successfully
mfeelamk => service removed successfully
mfefirek => service removed successfully
mfehidk => Unable to stop service.
mfehidk => service removed successfully
mfewfpk => Unable to stop service.
mfewfpk => service removed successfully
NNSALPC => Unable to stop service.
NNSALPC => service could not remove
NNSHTTP => Unable to stop service.
NNSHTTP => service could not remove
NNSHTTPS => Unable to stop service.
NNSHTTPS => service could not remove
NNSIDS => Unable to stop service.
NNSIDS => service could not remove
NNSNAHSL => Unable to stop service.
NNSNAHSL => service removed successfully
NNSPICC => Unable to stop service.
NNSPICC => service could not remove
NNSPIHSW => Unable to stop service.
NNSPIHSW => service removed successfully
NNSPOP3 => Unable to stop service.
NNSPOP3 => service could not remove
NNSPROT => Unable to stop service.
NNSPROT => service could not remove
NNSPRV => Unable to stop service.
NNSPRV => service could not remove
NNSSMTP => Unable to stop service.
NNSSMTP => service could not remove
NNSSTRM => Unable to stop service.
NNSSTRM => service could not remove
NNSTLSC => Unable to stop service.
NNSTLSC => service could not remove
panda_url_filteringd => service not found.
PSINAflt => Unable to stop service.
PSINAflt => service could not remove
PSINFile => Unable to stop service.
PSINFile => service could not remove
PSINKNC => Unable to stop service.
PSINKNC => service could not remove
PSINProc => Unable to stop service.
PSINProc => service could not remove
PSINProt => Unable to stop service.
PSINProt => service could not remove
PSINReg => Unable to stop service.
PSINReg => service could not remove
PSKMAD => Unable to stop service.
PSKMAD => service removed successfully
C:\Program Files (x86)\Spybot - Search & Destroy 2 => moved successfully
"C:\Program Files (x86)\Panda Security" folder move:
Could not move "C:\Program Files (x86)\Panda Security" => Scheduled to move on reboot.
"C:\ProgramData\Panda Security" folder move:
Could not move "C:\ProgramData\Panda Security" => Scheduled to move on reboot.
C:\ProgramData\Spybot - Search & Destroy => moved successfully
C:\ProgramData\Panda Security URL Filtering => moved successfully
C:\Program Files\Common Files\mcafee => moved successfully
C:\Windows\System32\drivers\cfwids.sys => moved successfully
C:\Windows\System32\drivers\mfeapfk.sys => moved successfully
C:\Windows\System32\drivers\mfeavfk.sys => moved successfully
C:\Windows\System32\drivers\mfeelamk.sys => moved successfully
C:\Windows\System32\drivers\mfefirek.sys => moved successfully
C:\Windows\System32\drivers\mfehidk.sys => moved successfully
C:\Windows\System32\drivers\mfewfpk.sys => moved successfully
Could not move "C:\Windows\System32\DRIVERS\NNSAlpc.sys" => Scheduled to move on reboot.
Could not move "C:\Windows\System32\DRIVERS\NNSHttp.sys" => Scheduled to move on reboot.
Could not move "C:\Windows\System32\DRIVERS\NNSHttps.sys" => Scheduled to move on reboot.
Could not move "C:\Windows\System32\DRIVERS\NNSIds.sys" => Scheduled to move on reboot.
Could not move "C:\Windows\system32\DRIVERS\NNSNAHSL.sys" => Scheduled to move on reboot.
Could not move "C:\Windows\System32\DRIVERS\NNSPicc.sys" => Scheduled to move on reboot.
Could not move "C:\Windows\System32\DRIVERS\NNSPihsw.sys" => Scheduled to move on reboot.
Could not move "C:\Windows\System32\DRIVERS\NNSPop3.sys" => Scheduled to move on reboot.
Could not move "C:\Windows\System32\DRIVERS\NNSProt.sys" => Scheduled to move on reboot.
Could not move "C:\Windows\System32\DRIVERS\NNSPrv.sys" => Scheduled to move on reboot.
Could not move "C:\Windows\System32\DRIVERS\NNSSmtp.sys" => Scheduled to move on reboot.
Could not move "C:\Windows\System32\DRIVERS\NNSStrm.sys" => Scheduled to move on reboot.
Could not move "C:\Windows\System32\DRIVERS\NNSTlsc.sys" => Scheduled to move on reboot.
Could not move "C:\Windows\System32\DRIVERS\PSINAflt.sys" => Scheduled to move on reboot.
Could not move "C:\Windows\System32\DRIVERS\PSINFile.sys" => Scheduled to move on reboot.
Could not move "C:\Windows\System32\DRIVERS\psinknc.sys" => Scheduled to move on reboot.
Could not move "C:\Windows\System32\DRIVERS\PSINProc.sys" => Scheduled to move on reboot.
Could not move "C:\Windows\System32\DRIVERS\PSINProt.sys" => Scheduled to move on reboot.
Could not move "C:\Windows\System32\DRIVERS\PSINReg.sys" => Scheduled to move on reboot.
C:\Windows\System32\DRIVERS\PSKMAD.sys => moved successfully
C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => moved successfully
C:\Windows\Tasks\Adobe Flash Player Updater.job => moved successfully
C:\Windows\Tasks\Chrome Cleanup Tool logs upload retry.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d1508d9a4a428c.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{06F71154-2FBC-4556-95EA-81756BF89CAD}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{06F71154-2FBC-4556-95EA-81756BF89CAD}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C44A2BD7-F33A-4493-8EDB-CB81E10C805A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0F7D36A7-7803-4998-AFC6-0E727D655B0C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0F7D36A7-7803-4998-AFC6-0E727D655B0C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\User_Feed_Synchronization-{E67238D3-111A-45B7-A392-F0CB32C13224}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2029CB31-70A6-4F01-A362-A9ADE62E7218}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2029CB31-70A6-4F01-A362-A9ADE62E7218}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Trigger KMS Activation" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3AC0DA81-3416-4F15-9B0C-2F137074FCC5}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3AC0DA81-3416-4F15-9B0C-2F137074FCC5}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{9633469B-4741-477B-AAFF-C21F3C3C5CFA}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{40D77A27-B61E-4668-A92F-5B5CE8B46399}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{40D77A27-B61E-4668-A92F-5B5CE8B46399}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft OneDrive Auto Update Task-S-1-5-21-2757677241-3423558724-1332677612-1001" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4E1CFE6A-7A3D-4108-A29C-0F0439F5B1B8}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4E1CFE6A-7A3D-4108-A29C-0F0439F5B1B8}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Optimize Start Menu Cache Files-S-1-5-21-2757677241-3423558724-1332677612-500" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{4F1F0CFA-B68E-40E0-90F7-6FF025588C4B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4F1F0CFA-B68E-40E0-90F7-6FF025588C4B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{55BF380D-50E6-46F5-A2C2-3E57192AEB6E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{55BF380D-50E6-46F5-A2C2-3E57192AEB6E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Resolution+ Setting Task" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{66322F08-C9AA-4ED7-B335-254A83BED29B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{66322F08-C9AA-4ED7-B335-254A83BED29B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7BA3158B-C99B-4C1A-97A3-978B9313C1F3}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7BA3158B-C99B-4C1A-97A3-978B9313C1F3}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Synaptics TouchPad Enhancements" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{90CAA75C-F4B8-4691-9001-5AE645EC8264}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{90CAA75C-F4B8-4691-9001-5AE645EC8264}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Windows Defrag" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C7168BAD-3E83-4406-A43A-13F8E3CA061B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C7168BAD-3E83-4406-A43A-13F8E3CA061B}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Upload Defender Job => key not found.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 240.2 MB temporary data Removed.
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2016-01-19 19:28:17)
C:\Program Files (x86)\Panda Security => Is moved successfully
C:\ProgramData\Panda Security => Is moved successfully
C:\Windows\System32\DRIVERS\NNSAlpc.sys => Is moved successfully
C:\Windows\System32\DRIVERS\NNSHttp.sys => Is moved successfully
C:\Windows\System32\DRIVERS\NNSHttps.sys => Is moved successfully
C:\Windows\System32\DRIVERS\NNSIds.sys => Is moved successfully
C:\Windows\system32\DRIVERS\NNSNAHSL.sys => Is moved successfully
C:\Windows\System32\DRIVERS\NNSPicc.sys => Is moved successfully
C:\Windows\System32\DRIVERS\NNSPihsw.sys => Is moved successfully
C:\Windows\System32\DRIVERS\NNSPop3.sys => Is moved successfully
C:\Windows\System32\DRIVERS\NNSProt.sys => Is moved successfully
C:\Windows\System32\DRIVERS\NNSPrv.sys => Is moved successfully
C:\Windows\System32\DRIVERS\NNSSmtp.sys => Is moved successfully
C:\Windows\System32\DRIVERS\NNSStrm.sys => Is moved successfully
C:\Windows\System32\DRIVERS\NNSTlsc.sys => Is moved successfully
C:\Windows\System32\DRIVERS\PSINAflt.sys => Is moved successfully
C:\Windows\System32\DRIVERS\PSINFile.sys => Is moved successfully
C:\Windows\System32\DRIVERS\psinknc.sys => Is moved successfully
C:\Windows\System32\DRIVERS\PSINProc.sys => Is moved successfully
C:\Windows\System32\DRIVERS\PSINProt.sys => Is moved successfully
C:\Windows\System32\DRIVERS\PSINReg.sys => Is moved successfully
==== End of Fixlog 19:28:17 ====
Re: zpomalené pc, nejde nic aktualizovat
Frido píše:velikost plochy je asi 48 GB
Velikost plochy by nemela presahovat 200 - 300 MB! Brzdi to chod pc. Cili ji trosku uklidte a na plochu dejte jen zastupce. Jen pozor na obcasnou chybu, ze uzivatele maji na plose slozku, v ni dalsi a v ni dalsi a do te to schovaji. To je sice hezke, ale plochu to nezmensi, jen je to v jinem supliku 
Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce) vyosek píše:
- Stahnete a spustte
- Ponechte zatrzitkou pouze u volby Remove disinfection tools
- Kliknete na Run
Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)
Defragmentujte disk(y) (SSD Disky ne!)Stahnete program Defraggler https://www.piriform.com/defraggler/download/standard
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.
Pak dejte nove logy z FRST (primo sem, ne jako prilohu) a napiste, jak to s pc vypada.Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: zpomalené pc, nejde nic aktualizovat
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:18-01-2016
Ran by Pavla (administrator) on WIWI (23-01-2016 18:14:05)
Running from C:\Users\Pavla\Desktop
Loaded Profiles: Pavla (Available Profiles: Pavla)
Platform: Windows 8.1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
() C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Toshiba Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(WinZip Computing International, LLC) C:\Program Files\File Association Helper\FAHWindow.exe
(TOSHIBA) C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(Společnost TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [TSSSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [296520 2013-09-12] (TOSHIBA Corporation)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [178016 2013-08-21] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [354144 2013-08-14] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-08-18] (TOSHIBA Corporation)
HKLM\...\Run: [FAHConsole] => C:\Program Files\File Association Helper\FAHConsole.exe [216248 2013-09-26] (WinZip Computing International, LLC)
HKLM-x32\...\Run: [1.TPUReg] => C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe [2216800 2013-03-27] (TOSHIBA)
HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [516512 2013-07-23] (TOSHIBA)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1989920 2013-08-26] (Wondershare)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7021880 2016-01-16] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2757677241-3423558724-1332677612-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8590760 2015-12-08] (Piriform Ltd)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-01-16] (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pavla\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pavla\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pavla\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pavla\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pavla\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pavla\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pavla\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 217.170.96.24 217.170.96.2
Tcpip\..\Interfaces\{806CE4A0-2E34-4BF0-83AB-CEFEAD0F57B8}: [DhcpNameServer] 217.170.96.24 217.170.96.2
Tcpip\..\Interfaces\{ED204A58-004C-4C3A-8366-53323B8E3CB6}: [DhcpNameServer] 127.0.0.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2757677241-3423558724-1332677612-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-2757677241-3423558724-1332677612-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
HKU\S-1-5-21-2757677241-3423558724-1332677612-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://toshiba.eu/symbaloo_c
HKU\S-1-5-21-2757677241-3423558724-1332677612-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.google.com/?trackid=sp-006
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-11-18] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-01-16] (AVAST Software)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-11-10] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-11-18] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-01-16] (AVAST Software)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-11-10] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Pavla\AppData\Roaming\Mozilla\Firefox\Profiles\t2fegv1i.default
FF SearchEngineOrder.1: Seznam
FF SelectedSearchEngine: Seznam
FF DefaultSearchEngine: Seznam
FF DefaultSearchUrl: hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&
FF Keyword.URL: hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&
FF Homepage: hxxps://www.seznam.cz/?clid=22668
FF NewTab: about:newtab
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll [2016-01-19] ()
FF Plugin: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-05-14] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-05-14] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-01-19] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-03-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-03-23] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-18] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2016-01-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2016-01-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2014-11-15] ()
FF Plugin HKU\S-1-5-21-2757677241-3423558724-1332677612-1001: @octoshape.com/Octoshape Streaming Services,version=1.0 -> C:\Users\Pavla\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1401100-0-npoctoshape.dll [2014-01-10] (Octoshape ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-11-18] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\Pavla\AppData\Roaming\mozilla\plugins\npoctoshape.dll [2015-05-22] (Octoshape ApS)
FF SearchPlugin: C:\Users\Pavla\AppData\Roaming\Mozilla\Firefox\Profiles\t2fegv1i.default\searchplugins\google-avast.xml [2014-12-10]
FF SearchPlugin: C:\Users\Pavla\AppData\Roaming\Mozilla\Firefox\Profiles\t2fegv1i.default\searchplugins\seznam-avast.xml [2015-09-08]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2014-01-21] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-01-16]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-01-16]
Chrome:
=======
CHR Profile: C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Disk Google) - C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-12]
CHR Extension: (YouTube) - C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Vyhledávání Google) - C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-12]
CHR Extension: (Dokumenty Google offline) - C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-01-12]
CHR Extension: (Avast Online Security) - C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-01-16]
CHR Extension: (Gmail) - C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-01-16]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-08-22] (Windows (R) Win 7 DDK provider) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [226440 2016-01-16] (AVAST Software)
R2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [19792 2013-09-10] ()
R2 GFNEXSrv; C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe [163168 2013-03-27] ()
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-04] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
U2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-10-31] (Microsoft Corporation)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [339456 2013-08-16] (IDT, Inc.) [File not signed]
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [116088 2013-07-19] (Toshiba Europe GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S2 PSGenUn; C:\SMCLpav\SMCLpav.exe [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2016-01-16] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [97648 2016-01-16] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2016-01-16] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2016-01-16] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1065208 2016-01-20] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [464256 2016-01-20] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [155304 2016-01-16] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [273784 2016-01-16] (AVAST Software)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3858944 2013-10-24] (Qualcomm Atheros Communications, Inc.)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [43664 2015-09-08] ()
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation)
R2 PEGAGFN; C:\Program Files (x86)\TOSHIBA\PasswordUtility\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
S3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1936088 2013-07-31] (Realtek Semiconductor Corporation )
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2014-08-06] (Synaptics Incorporated)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [32624 2013-08-19] (Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
R1 NNSALPC; system32\DRIVERS\NNSAlpc.sys [X]
R1 NNSHTTP; system32\DRIVERS\NNSHttp.sys [X]
R1 NNSHTTPS; system32\DRIVERS\NNSHttps.sys [X]
R1 NNSIDS; system32\DRIVERS\NNSIds.sys [X]
R1 NNSPICC; system32\DRIVERS\NNSPicc.sys [X]
R1 NNSPOP3; system32\DRIVERS\NNSPop3.sys [X]
R1 NNSPROT; system32\DRIVERS\NNSProt.sys [X]
R1 NNSPRV; system32\DRIVERS\NNSPrv.sys [X]
R1 NNSSMTP; system32\DRIVERS\NNSSmtp.sys [X]
R1 NNSSTRM; system32\DRIVERS\NNSStrm.sys [X]
R1 NNSTLSC; system32\DRIVERS\NNSTlsc.sys [X]
S2 PSINAflt; system32\DRIVERS\PSINAflt.sys [X]
S2 PSINFile; system32\DRIVERS\PSINFile.sys [X]
R1 PSINKNC; system32\DRIVERS\psinknc.sys [X]
S2 PSINProc; system32\DRIVERS\PSINProc.sys [X]
S2 PSINProt; system32\DRIVERS\PSINProt.sys [X]
S2 PSINReg; system32\DRIVERS\PSINReg.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-01-23 18:14 - 2016-01-23 18:14 - 00020693 _____ C:\Users\Pavla\Desktop\FRST.txt
2016-01-23 18:13 - 2016-01-23 18:14 - 00000000 ____D C:\FRST
2016-01-23 18:13 - 2016-01-23 18:12 - 02370560 _____ (Farbar) C:\Users\Pavla\Desktop\FRST64.exe
2016-01-23 18:12 - 2016-01-23 18:12 - 02370560 _____ (Farbar) C:\Users\Pavla\Downloads\FRST64.exe
2016-01-19 20:34 - 2016-01-19 20:34 - 00001707 _____ C:\Users\Public\Desktop\Defraggler.lnk
2016-01-19 20:34 - 2016-01-19 20:34 - 00000000 ____D C:\Program Files\Defraggler
2016-01-19 20:33 - 2016-01-23 17:40 - 00000958 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-01-19 20:33 - 2016-01-19 20:33 - 04527736 _____ (Piriform Ltd) C:\Users\Pavla\Downloads\dfsetup220.exe
2016-01-19 20:33 - 2016-01-19 20:33 - 04527736 _____ (Piriform Ltd) C:\Users\Pavla\Downloads\dfsetup220 (1).exe
2016-01-19 20:32 - 2016-01-19 20:32 - 00063860 _____ C:\cc_20160119_203204.reg
2016-01-19 20:30 - 2016-01-19 20:30 - 00002782 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2016-01-19 20:29 - 2016-01-19 20:29 - 06805440 _____ (Piriform Ltd) C:\Users\Pavla\Downloads\ccsetup513.exe
2016-01-19 20:28 - 2016-01-19 20:28 - 00001462 _____ C:\DelFix.txt
2016-01-19 19:33 - 2016-01-23 17:33 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-01-18 22:27 - 2016-01-18 22:27 - 00038970 _____ C:\Users\Pavla\Desktop\Desktop.zip
2016-01-18 22:09 - 2016-01-18 22:50 - 00000000 ____D C:\SMCLpav
2016-01-18 22:09 - 2016-01-18 22:09 - 00668144 _____ C:\Users\Pavla\Downloads\UNINSTALLER_08.exe
2016-01-18 22:09 - 2016-01-18 22:09 - 00000000 _____ C:\Autoexec.bat
2016-01-18 21:38 - 2016-01-18 21:38 - 00000000 ____D C:\Users\Pavla\Downloads\CrystalDiskInfo5_0_0
2016-01-18 21:31 - 2016-01-18 21:47 - 00000000 ____D C:\Users\Pavla\Desktop\Nová složka
2016-01-18 21:25 - 2016-01-18 21:25 - 01496172 _____ C:\Users\Pavla\Downloads\CrystalDiskInfo5_0_0.zip
2016-01-18 18:16 - 2016-01-18 18:16 - 00001145 _____ C:\Users\Pavla\Documents\sssss.txt
2016-01-18 05:51 - 2016-01-18 05:51 - 08818688 _____ C:\Users\Pavla\Downloads\hamachi.msi
2016-01-18 02:55 - 2016-01-18 02:55 - 00001663 _____ C:\ssss.txt
2016-01-17 15:43 - 2016-01-17 15:43 - 00024487 _____ C:\dddd.txt
2016-01-17 14:17 - 2016-01-17 14:18 - 22908888 _____ (Malwarebytes ) C:\Users\Pavla\Downloads\mbam-setup-2.2.0.1024.exe
2016-01-17 14:08 - 2015-11-20 23:47 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-01-17 14:08 - 2015-11-20 19:18 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-01-17 14:08 - 2015-11-20 17:58 - 03706880 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-01-17 14:08 - 2015-11-20 17:47 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-01-17 14:08 - 2015-11-20 17:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-01-17 14:08 - 2015-11-20 17:44 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2016-01-17 14:08 - 2015-11-20 17:44 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-01-17 14:08 - 2015-11-20 17:43 - 00897024 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-01-17 14:08 - 2015-11-20 17:42 - 02243584 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-01-17 14:08 - 2015-11-20 17:30 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-01-17 14:08 - 2015-11-20 17:29 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-01-17 14:08 - 2015-11-20 17:28 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-01-17 14:08 - 2015-11-20 17:27 - 00726528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-01-17 13:01 - 2016-01-17 13:02 - 00136689 _____ C:\Users\Pavla\Downloads\26116624-r-dlo-pro-psy.htm
2016-01-17 09:30 - 2016-01-17 09:31 - 00000085 _____ C:\Windows\wininit.ini
2016-01-17 09:27 - 2016-01-18 18:58 - 00000000 ____D C:\Users\Pavla\AppData\Roaming\Seznam.cz
2016-01-17 09:26 - 2016-01-17 09:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EasyCleaner
2016-01-17 09:26 - 2016-01-17 09:26 - 00000000 ____D C:\Program Files (x86)\ToniArts
2016-01-17 09:24 - 2016-01-17 09:25 - 10166368 _____ C:\Users\Pavla\Downloads\EClea2_0.exe
2016-01-17 09:06 - 2016-01-17 09:06 - 00000000 ____D C:\Users\Pavla\Documents\My Games
2016-01-17 08:59 - 2016-01-17 09:06 - 00002160 _____ C:\Users\Public\Desktop\Path of Exile.lnk
2016-01-17 08:59 - 2016-01-17 09:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grinding Gear Games
2016-01-17 08:59 - 2016-01-17 08:59 - 00000000 ____D C:\Program Files (x86)\Grinding Gear Games
2016-01-17 08:59 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2016-01-17 08:59 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2016-01-17 08:55 - 2016-01-17 08:55 - 09629696 _____ C:\Users\Pavla\Downloads\PathOfExileInstaller.msi
2016-01-17 01:26 - 2016-01-17 01:26 - 00003706 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1d1508d9a4a428c
2016-01-16 23:52 - 2016-01-18 22:16 - 00000000 ____D C:\Program Files\trend micro
2016-01-16 23:47 - 2015-12-11 05:38 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-01-16 23:47 - 2015-12-11 05:00 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-01-16 23:47 - 2015-12-11 04:55 - 06051328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-01-16 23:47 - 2015-12-11 04:50 - 20367360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-01-16 23:47 - 2015-12-11 04:21 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-01-16 23:47 - 2015-12-11 04:03 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-01-16 23:47 - 2015-12-11 03:43 - 04610560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-01-16 23:47 - 2015-12-11 03:38 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-01-16 23:47 - 2015-12-11 03:35 - 12856320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-01-16 23:47 - 2015-12-11 03:12 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-01-16 23:47 - 2015-11-10 01:04 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-01-16 23:47 - 2015-11-08 23:02 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-01-16 23:46 - 2015-12-11 04:45 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-01-16 23:46 - 2015-12-11 04:18 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-01-16 23:46 - 2015-12-11 04:09 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-01-16 23:46 - 2015-12-11 04:09 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-01-16 23:46 - 2015-12-11 03:59 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-01-16 23:46 - 2015-12-11 03:43 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-01-16 23:46 - 2015-12-11 03:37 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-01-16 23:46 - 2015-12-11 03:26 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-01-16 23:46 - 2015-12-11 03:14 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-01-16 23:46 - 2015-12-11 03:08 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-01-16 23:46 - 2015-12-11 03:07 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-01-16 23:46 - 2015-11-11 16:44 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-01-16 23:46 - 2015-11-11 16:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2016-01-16 23:46 - 2015-11-10 01:11 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-01-16 23:46 - 2015-11-10 01:08 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-01-16 23:46 - 2015-11-10 00:37 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-01-16 23:46 - 2015-11-10 00:36 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-01-16 23:46 - 2015-11-10 00:36 - 00325632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-01-16 23:46 - 2015-11-10 00:25 - 01048576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2016-01-16 23:46 - 2015-11-08 23:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-01-16 23:46 - 2015-11-08 22:32 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-01-16 23:46 - 2015-11-08 22:32 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2016-01-16 23:46 - 2015-11-08 22:18 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-01-16 23:46 - 2015-11-08 22:16 - 00372224 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-01-16 23:46 - 2015-11-08 22:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-01-16 23:46 - 2015-11-08 22:13 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-01-16 23:46 - 2015-11-08 21:53 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2016-01-16 23:43 - 2015-12-10 01:40 - 00033456 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-01-16 23:43 - 2015-12-05 06:58 - 02745184 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2016-01-16 23:43 - 2015-12-05 06:58 - 02528784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2016-01-16 23:43 - 2015-12-05 06:58 - 02450240 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2016-01-16 23:43 - 2015-12-05 06:58 - 02447136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL
2016-01-16 23:43 - 2015-12-05 06:58 - 02334104 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2016-01-16 23:43 - 2015-12-05 06:58 - 02324744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2016-01-16 23:43 - 2015-12-05 06:58 - 01877504 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
2016-01-16 23:43 - 2015-12-05 06:58 - 01798480 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll
2016-01-16 23:43 - 2015-12-05 06:58 - 01484888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll
2016-01-16 23:43 - 2015-12-05 06:58 - 01288128 _____ (Microsoft Corporation) C:\Windows\system32\mfnetsrc.dll
2016-01-16 23:43 - 2015-12-05 06:58 - 01210200 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2016-01-16 23:43 - 2015-12-05 06:58 - 01150232 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2016-01-16 23:43 - 2015-12-05 06:58 - 01115640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll
2016-01-16 23:43 - 2015-12-05 06:58 - 01037680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2016-01-16 23:43 - 2015-12-05 06:58 - 00914672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL
2016-01-16 23:43 - 2015-12-05 06:58 - 00850680 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll
2016-01-16 23:43 - 2015-12-05 06:58 - 00735496 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-01-16 23:43 - 2015-12-05 06:58 - 00700360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll
2016-01-16 23:43 - 2015-12-05 06:58 - 00629600 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2016-01-16 23:43 - 2015-12-05 06:58 - 00584656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-01-16 23:43 - 2015-12-05 06:58 - 00557856 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2016-01-16 23:43 - 2015-12-05 06:58 - 00498472 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2016-01-16 23:43 - 2015-12-05 06:58 - 00492736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL
2016-01-16 23:43 - 2015-12-05 06:58 - 00463776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
2016-01-16 23:43 - 2015-12-05 06:58 - 00399776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2016-01-16 23:43 - 2015-12-05 06:58 - 00299080 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2016-01-16 23:43 - 2015-12-05 06:58 - 00275312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL
2016-01-16 23:43 - 2015-12-05 06:58 - 00274280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL
2016-01-16 23:43 - 2015-12-05 06:58 - 00250520 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2016-01-16 23:43 - 2015-12-05 06:58 - 00248432 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2016-01-16 23:43 - 2015-12-05 06:58 - 00246856 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2016-01-16 23:43 - 2015-12-05 06:58 - 00244296 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-01-16 23:43 - 2015-12-05 06:58 - 00229272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL
2016-01-16 23:43 - 2015-12-05 06:58 - 00203016 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2016-01-16 23:43 - 2015-12-05 06:58 - 00184912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL
2016-01-16 23:43 - 2015-12-05 06:58 - 00183856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL
2016-01-16 23:43 - 2015-12-05 06:58 - 00116720 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2016-01-16 23:43 - 2015-12-05 06:58 - 00110544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2016-01-16 23:43 - 2015-12-05 06:58 - 00099136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL
2016-01-16 23:43 - 2015-12-05 06:58 - 00090904 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2016-01-16 23:43 - 2015-12-05 06:58 - 00090392 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2016-01-16 23:43 - 2015-12-05 06:58 - 00081032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll
2016-01-16 23:43 - 2015-12-05 06:58 - 00076936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll
2016-01-16 23:43 - 2015-12-03 20:42 - 00561952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-01-16 23:43 - 2015-12-03 20:42 - 00397224 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2016-01-16 23:43 - 2015-12-03 20:42 - 00137968 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-01-16 23:43 - 2015-12-03 20:42 - 00106960 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2016-01-16 23:43 - 2015-12-03 20:41 - 00177488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-01-16 23:43 - 2015-12-03 19:52 - 00340872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2016-01-16 23:43 - 2015-12-03 19:52 - 00120376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-01-16 23:43 - 2015-12-03 19:52 - 00091416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2016-01-16 23:43 - 2015-12-03 19:28 - 00401920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-01-16 23:43 - 2015-12-03 19:28 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-01-16 23:43 - 2015-12-03 19:07 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-01-16 23:43 - 2015-12-03 19:07 - 00289792 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2016-01-16 23:43 - 2015-12-03 19:05 - 00644608 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2016-01-16 23:43 - 2015-12-03 19:02 - 01664000 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2016-01-16 23:43 - 2015-12-03 19:00 - 00451072 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2016-01-16 23:43 - 2015-12-03 18:58 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2016-01-16 23:43 - 2015-12-03 18:51 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-01-16 23:43 - 2015-12-03 18:36 - 01697792 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-01-16 23:43 - 2015-12-03 18:30 - 00468480 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2016-01-16 23:43 - 2015-12-03 18:28 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2016-01-16 23:43 - 2015-12-03 18:28 - 00245760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2016-01-16 23:43 - 2015-12-03 18:27 - 00736256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL
2016-01-16 23:43 - 2015-12-03 18:24 - 01411584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL
2016-01-16 23:43 - 2015-12-03 18:23 - 00402432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL
2016-01-16 23:43 - 2015-12-03 18:16 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-01-16 23:43 - 2015-12-03 18:13 - 01441280 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-01-16 23:43 - 2015-12-03 18:07 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-01-16 23:43 - 2015-12-03 18:06 - 01501184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-01-16 23:43 - 2015-12-03 18:01 - 00743936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL
2016-01-16 23:43 - 2015-12-03 17:45 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-01-16 23:43 - 2015-12-03 17:40 - 01010688 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2016-01-16 23:43 - 2015-12-03 17:29 - 00887296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL
2016-01-16 23:43 - 2015-12-02 16:04 - 00670208 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2016-01-16 23:43 - 2015-12-02 16:01 - 00561664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2016-01-16 23:43 - 2015-11-17 22:07 - 01380864 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-01-16 23:43 - 2015-11-17 22:07 - 00792064 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-01-16 23:43 - 2015-11-17 22:07 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-01-16 23:43 - 2015-11-05 09:59 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2016-01-16 23:42 - 2015-12-30 20:32 - 07453016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-01-16 23:42 - 2015-12-30 20:32 - 01735000 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-01-16 23:42 - 2015-12-30 20:32 - 01499912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-01-16 23:42 - 2015-12-11 01:13 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-01-16 23:42 - 2015-12-11 01:13 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-01-16 23:42 - 2015-12-11 01:13 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-01-16 23:42 - 2015-11-22 07:59 - 01659568 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-01-16 23:42 - 2015-11-22 07:59 - 01519592 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-01-16 23:42 - 2015-11-22 07:59 - 01487008 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-01-16 23:42 - 2015-11-22 07:59 - 01355848 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2016-01-16 23:42 - 2015-11-21 19:32 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-01-16 23:42 - 2015-11-21 18:50 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-01-16 23:42 - 2015-11-21 17:59 - 01706496 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2016-01-16 23:42 - 2015-11-21 17:49 - 01344000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2016-01-16 23:42 - 2015-11-21 17:47 - 00522240 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2016-01-16 23:42 - 2015-11-21 17:40 - 00414208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2016-01-16 23:42 - 2015-11-09 01:41 - 01540728 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-01-16 23:42 - 2015-11-08 23:30 - 04176384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-01-16 23:42 - 2015-11-08 22:23 - 01994752 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-01-16 23:42 - 2015-11-08 22:13 - 01383936 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-01-16 23:42 - 2015-11-08 22:01 - 01753600 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2016-01-16 23:42 - 2015-11-08 21:52 - 01559552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2016-01-16 23:42 - 2015-11-08 21:48 - 01376256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-01-16 23:42 - 2015-11-08 21:42 - 01490944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2016-01-16 23:42 - 2015-10-28 16:49 - 02775552 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-01-16 23:42 - 2015-10-28 16:29 - 02462720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-01-16 23:41 - 2015-10-11 07:34 - 00468824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2016-01-16 23:41 - 2015-10-11 07:34 - 00462168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2016-01-16 23:41 - 2015-10-11 07:34 - 00443224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2016-01-16 23:41 - 2015-10-11 07:34 - 00092504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2016-01-16 23:41 - 2015-10-11 07:34 - 00027992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2016-01-16 23:41 - 2015-10-10 19:41 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2016-01-16 23:41 - 2015-10-10 19:41 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2016-01-16 23:41 - 2015-10-10 18:20 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2016-01-16 23:41 - 2015-10-05 19:28 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\wininit.exe
2016-01-16 23:41 - 2015-10-05 19:25 - 00572928 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2016-01-16 23:41 - 2015-10-03 20:41 - 01385280 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2016-01-16 23:41 - 2015-10-03 20:41 - 01124384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2016-01-16 23:40 - 2015-12-07 11:56 - 01380600 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-01-16 23:40 - 2015-12-04 16:00 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-01-16 23:40 - 2015-10-08 17:11 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\PCPKsp.dll
2016-01-16 23:40 - 2015-10-08 16:50 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PCPKsp.dll
2016-01-16 23:39 - 2015-12-08 20:08 - 00685432 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-01-16 23:39 - 2015-12-08 20:07 - 00507176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-01-16 22:33 - 2016-01-16 22:33 - 00003924 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-01-16 22:33 - 2016-01-16 22:20 - 00386096 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-01-16 22:28 - 2016-01-16 22:28 - 00000991 _____ C:\Users\Pavla\Desktop\Install Kaspersky Anti-Virus version 16.0.0.614.lnk
2016-01-16 22:28 - 2016-01-16 22:28 - 00000000 ____D C:\Users\Pavla\AppData\Roaming\AVAST Software
2016-01-16 22:21 - 2016-01-16 22:21 - 00001909 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-01-16 22:21 - 2016-01-16 22:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-01-16 22:20 - 2016-01-20 22:33 - 01065208 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2016-01-16 22:20 - 2016-01-20 22:33 - 00464256 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2016-01-16 22:20 - 2016-01-16 22:21 - 00451040 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1453325620171
2016-01-16 22:20 - 2016-01-16 22:21 - 00097648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-01-16 22:20 - 2016-01-16 22:20 - 01055560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1453325620171
2016-01-16 22:20 - 2016-01-16 22:20 - 00273784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2016-01-16 22:20 - 2016-01-16 22:20 - 00155304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-01-16 22:20 - 2016-01-16 22:20 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-01-16 22:20 - 2016-01-16 22:20 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-01-16 22:20 - 2016-01-16 22:20 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-01-16 22:20 - 2016-01-16 22:20 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-01-16 22:18 - 2016-01-16 22:18 - 05065856 _____ (AVAST Software) C:\Users\Pavla\Downloads\avast_free_antivirus_setup_online (2).exe
2016-01-16 22:18 - 2016-01-16 22:18 - 00000000 ____D C:\Program Files\AVAST Software
2016-01-16 19:47 - 2016-01-16 19:47 - 00001303 _____ C:\Users\Pavla\Desktop\Nainstalovat produkt Kaspersky Security Scan verze 15.0.0.737.lnk
2016-01-16 19:45 - 2016-01-16 19:45 - 01988928 _____ (Kaspersky Lab) C:\Users\Pavla\Downloads\kss15.0.0.737en_ru_de_fr_es_it_zh-hans_pl_tr_nl_cs_7694.exe
2016-01-16 19:43 - 2016-01-16 19:43 - 01917824 _____ (Kaspersky Lab) C:\Users\Pavla\Downloads\kav16.0.0.614acs_8659.exe
2016-01-16 18:46 - 2016-01-16 18:46 - 00000000 ____D C:\Windows\pss
2016-01-16 18:24 - 2016-01-16 19:47 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2016-01-16 18:22 - 2016-01-16 18:22 - 01897072 _____ (Kaspersky Lab) C:\Users\Pavla\Downloads\kav16-0-0-614en_8200.exe
2016-01-16 17:58 - 2016-01-16 17:58 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2016-01-12 20:10 - 2016-01-12 20:21 - 00000000 ____D C:\Staré PC
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-01-23 18:14 - 2013-08-22 14:36 - 00000000 ____D C:\Windows
2016-01-23 18:09 - 2014-02-23 20:43 - 00000000 ____D C:\Users\Pavla\AppData\Roaming\vlc
2016-01-21 17:51 - 2015-09-04 16:34 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2757677241-3423558724-1332677612-1001
2016-01-21 17:46 - 2015-09-07 19:32 - 00003838 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1441650727
2016-01-21 17:46 - 2015-09-07 19:32 - 00001074 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-01-21 17:46 - 2015-09-07 19:32 - 00000000 ____D C:\Program Files (x86)\Opera
2016-01-19 20:33 - 2015-10-04 20:46 - 00003914 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-01-19 20:33 - 2014-11-27 17:14 - 00003802 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-01-19 20:31 - 2014-11-09 11:24 - 00000000 ____D C:\Users\Pavla\Tracing
2016-01-19 20:30 - 2014-03-20 18:51 - 00000805 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-01-19 20:30 - 2014-03-20 18:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-01-19 19:31 - 2013-12-25 17:12 - 00000000 ___DO C:\Users\Pavla\SkyDrive
2016-01-19 19:26 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-19 19:25 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf
2016-01-19 19:25 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-01-19 19:24 - 2013-12-26 07:28 - 00000000 ____D C:\Users\Pavla\AppData\LocalLow\Temp
2016-01-18 23:18 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\rescache
2016-01-18 22:18 - 2014-02-03 21:39 - 01798656 ___SH C:\Users\Pavla\Downloads\Thumbs.db
2016-01-18 21:51 - 2015-04-24 18:20 - 00009378 _____ C:\Users\Pavla\Desktop\crystdisk.txt
2016-01-18 21:34 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-01-18 21:34 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppReadiness
2016-01-18 21:28 - 2015-04-07 21:19 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-01-18 19:00 - 2014-09-30 20:02 - 00000000 ____D C:\PhSp_CS2_UE_Ret
2016-01-18 18:58 - 2013-12-25 17:17 - 00000000 ____D C:\Users\Pavla\AppData\Local\Deployment
2016-01-18 18:49 - 2015-08-20 18:59 - 00000000 ____D C:\ProgramData\panda_url_filtering
2016-01-18 02:57 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\MediaViewer
2016-01-17 16:11 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp
2016-01-17 10:17 - 2013-09-19 18:02 - 01745984 _____ C:\Windows\system32\PerfStringBackup.INI
2016-01-17 10:17 - 2013-08-28 15:02 - 00739924 _____ C:\Windows\system32\perfh005.dat
2016-01-17 10:17 - 2013-08-28 15:02 - 00151610 _____ C:\Windows\system32\perfc005.dat
2016-01-17 10:11 - 2013-08-22 15:44 - 00620304 _____ C:\Windows\system32\FNTCACHE.DAT
2016-01-17 09:56 - 2015-04-05 16:04 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-01-17 09:56 - 2015-04-05 16:04 - 00000000 ___SD C:\Windows\system32\GWX
2016-01-17 09:56 - 2014-12-17 18:17 - 00000000 ____D C:\Windows\system32\appraiser
2016-01-17 09:56 - 2014-07-24 19:23 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-01-17 09:26 - 2013-09-19 18:04 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-01-17 01:37 - 2014-02-10 19:41 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-01-17 01:37 - 2014-01-28 20:02 - 00000000 ____D C:\ProgramData\Microsoft Help
2016-01-17 01:27 - 2013-08-22 14:25 - 00000199 _____ C:\Windows\win.ini
2016-01-17 01:26 - 2015-09-07 19:07 - 00003942 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-01-17 01:18 - 2015-04-08 16:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-01-17 01:13 - 2013-12-29 10:10 - 00000000 ____D C:\Windows\system32\MRT
2016-01-17 01:05 - 2013-12-29 10:10 - 143671360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-01-16 22:18 - 2014-01-26 11:06 - 00000000 ____D C:\ProgramData\AVAST Software
2016-01-16 19:42 - 2013-12-25 17:18 - 00000000 ____D C:\Users\Pavla\AppData\Local\Google
2016-01-16 17:58 - 2015-09-08 19:43 - 00000000 ____D C:\Program Files\Common Files\AV
2016-01-05 21:04 - 2015-03-14 07:46 - 00826872 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-01-05 21:04 - 2015-03-14 07:46 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
==================== Files in the root of some directories =======
2015-04-21 05:09 - 2015-05-19 16:21 - 0000020 _____ () C:\Users\Pavla\AppData\Roaming\appdataFr3.bin
2015-04-03 20:34 - 2015-04-03 20:34 - 0000000 _____ () C:\Users\Pavla\AppData\Roaming\BAC7.tmp
2015-04-05 20:56 - 2015-04-05 20:56 - 0009662 _____ () C:\Users\Pavla\AppData\Roaming\em_64x64.ico
2014-01-04 12:02 - 2014-01-04 12:02 - 0000268 ___RH () C:\Users\Pavla\AppData\Roaming\Rock Kit
2014-01-04 12:02 - 2014-01-04 12:02 - 0000268 ___RH () C:\Users\Pavla\AppData\Roaming\Rule Actions
2014-01-04 12:02 - 2014-01-04 12:02 - 0000268 ___RH () C:\Users\Pavla\AppData\Roaming\Sample Delay
2014-01-04 12:00 - 2014-01-04 12:00 - 0000268 ___RH () C:\Users\Pavla\AppData\Roaming\Solid Colors
2014-01-26 14:34 - 2014-11-10 06:39 - 0007168 _____ () C:\Users\Pavla\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-10-04 09:42 - 2014-10-04 09:42 - 0003593 _____ () C:\Users\Pavla\AppData\Local\recently-used.xbel
2014-01-04 12:00 - 2014-01-04 12:01 - 0000020 ____H () C:\ProgramData\PKP_DLeo.DAT
2014-01-04 12:02 - 2014-01-04 12:02 - 0000020 ____H () C:\ProgramData\PKP_DLes.DAT
2014-01-04 12:02 - 2015-06-04 17:10 - 0000020 ____H () C:\ProgramData\PKP_DLet.DAT
2014-01-04 12:02 - 2015-10-28 17:25 - 0000020 ____H () C:\ProgramData\PKP_DLev.DAT
2014-01-04 12:02 - 2014-01-04 12:02 - 0000268 ___RH () C:\ProgramData\Sampler Files
2014-01-04 12:02 - 2014-01-04 12:02 - 0000268 ___RH () C:\ProgramData\Sampler Instruments
2014-01-04 12:00 - 2014-01-04 12:00 - 0000268 ___RH () C:\ProgramData\Space Choir
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-01-17 00:56
==================== End of FRST.txt ============================
Ran by Pavla (administrator) on WIWI (23-01-2016 18:14:05)
Running from C:\Users\Pavla\Desktop
Loaded Profiles: Pavla (Available Profiles: Pavla)
Platform: Windows 8.1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
() C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Toshiba Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(WinZip Computing International, LLC) C:\Program Files\File Association Helper\FAHWindow.exe
(TOSHIBA) C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(Společnost TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [TSSSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [296520 2013-09-12] (TOSHIBA Corporation)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [178016 2013-08-21] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [354144 2013-08-14] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-08-18] (TOSHIBA Corporation)
HKLM\...\Run: [FAHConsole] => C:\Program Files\File Association Helper\FAHConsole.exe [216248 2013-09-26] (WinZip Computing International, LLC)
HKLM-x32\...\Run: [1.TPUReg] => C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe [2216800 2013-03-27] (TOSHIBA)
HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [516512 2013-07-23] (TOSHIBA)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1989920 2013-08-26] (Wondershare)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7021880 2016-01-16] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2757677241-3423558724-1332677612-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8590760 2015-12-08] (Piriform Ltd)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-01-16] (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pavla\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pavla\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pavla\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pavla\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pavla\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pavla\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pavla\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 217.170.96.24 217.170.96.2
Tcpip\..\Interfaces\{806CE4A0-2E34-4BF0-83AB-CEFEAD0F57B8}: [DhcpNameServer] 217.170.96.24 217.170.96.2
Tcpip\..\Interfaces\{ED204A58-004C-4C3A-8366-53323B8E3CB6}: [DhcpNameServer] 127.0.0.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2757677241-3423558724-1332677612-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-2757677241-3423558724-1332677612-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
HKU\S-1-5-21-2757677241-3423558724-1332677612-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://toshiba.eu/symbaloo_c
HKU\S-1-5-21-2757677241-3423558724-1332677612-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.google.com/?trackid=sp-006
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-11-18] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-01-16] (AVAST Software)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-11-10] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-11-18] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-01-16] (AVAST Software)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-11-10] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Pavla\AppData\Roaming\Mozilla\Firefox\Profiles\t2fegv1i.default
FF SearchEngineOrder.1: Seznam
FF SelectedSearchEngine: Seznam
FF DefaultSearchEngine: Seznam
FF DefaultSearchUrl: hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&
FF Keyword.URL: hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&
FF Homepage: hxxps://www.seznam.cz/?clid=22668
FF NewTab: about:newtab
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll [2016-01-19] ()
FF Plugin: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-05-14] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-05-14] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-01-19] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-03-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-03-23] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-18] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2016-01-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2016-01-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2014-11-15] ()
FF Plugin HKU\S-1-5-21-2757677241-3423558724-1332677612-1001: @octoshape.com/Octoshape Streaming Services,version=1.0 -> C:\Users\Pavla\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1401100-0-npoctoshape.dll [2014-01-10] (Octoshape ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-11-18] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\Pavla\AppData\Roaming\mozilla\plugins\npoctoshape.dll [2015-05-22] (Octoshape ApS)
FF SearchPlugin: C:\Users\Pavla\AppData\Roaming\Mozilla\Firefox\Profiles\t2fegv1i.default\searchplugins\google-avast.xml [2014-12-10]
FF SearchPlugin: C:\Users\Pavla\AppData\Roaming\Mozilla\Firefox\Profiles\t2fegv1i.default\searchplugins\seznam-avast.xml [2015-09-08]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2014-01-21] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-01-16]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-01-16]
Chrome:
=======
CHR Profile: C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Disk Google) - C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-12]
CHR Extension: (YouTube) - C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Vyhledávání Google) - C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-12]
CHR Extension: (Dokumenty Google offline) - C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-01-12]
CHR Extension: (Avast Online Security) - C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-01-16]
CHR Extension: (Gmail) - C:\Users\Pavla\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-01-16]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-08-22] (Windows (R) Win 7 DDK provider) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [226440 2016-01-16] (AVAST Software)
R2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [19792 2013-09-10] ()
R2 GFNEXSrv; C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe [163168 2013-03-27] ()
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-04] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
U2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-10-31] (Microsoft Corporation)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [339456 2013-08-16] (IDT, Inc.) [File not signed]
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [116088 2013-07-19] (Toshiba Europe GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S2 PSGenUn; C:\SMCLpav\SMCLpav.exe [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2016-01-16] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [97648 2016-01-16] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2016-01-16] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2016-01-16] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1065208 2016-01-20] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [464256 2016-01-20] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [155304 2016-01-16] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [273784 2016-01-16] (AVAST Software)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3858944 2013-10-24] (Qualcomm Atheros Communications, Inc.)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [43664 2015-09-08] ()
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation)
R2 PEGAGFN; C:\Program Files (x86)\TOSHIBA\PasswordUtility\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
S3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1936088 2013-07-31] (Realtek Semiconductor Corporation )
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2014-08-06] (Synaptics Incorporated)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [32624 2013-08-19] (Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
R1 NNSALPC; system32\DRIVERS\NNSAlpc.sys [X]
R1 NNSHTTP; system32\DRIVERS\NNSHttp.sys [X]
R1 NNSHTTPS; system32\DRIVERS\NNSHttps.sys [X]
R1 NNSIDS; system32\DRIVERS\NNSIds.sys [X]
R1 NNSPICC; system32\DRIVERS\NNSPicc.sys [X]
R1 NNSPOP3; system32\DRIVERS\NNSPop3.sys [X]
R1 NNSPROT; system32\DRIVERS\NNSProt.sys [X]
R1 NNSPRV; system32\DRIVERS\NNSPrv.sys [X]
R1 NNSSMTP; system32\DRIVERS\NNSSmtp.sys [X]
R1 NNSSTRM; system32\DRIVERS\NNSStrm.sys [X]
R1 NNSTLSC; system32\DRIVERS\NNSTlsc.sys [X]
S2 PSINAflt; system32\DRIVERS\PSINAflt.sys [X]
S2 PSINFile; system32\DRIVERS\PSINFile.sys [X]
R1 PSINKNC; system32\DRIVERS\psinknc.sys [X]
S2 PSINProc; system32\DRIVERS\PSINProc.sys [X]
S2 PSINProt; system32\DRIVERS\PSINProt.sys [X]
S2 PSINReg; system32\DRIVERS\PSINReg.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-01-23 18:14 - 2016-01-23 18:14 - 00020693 _____ C:\Users\Pavla\Desktop\FRST.txt
2016-01-23 18:13 - 2016-01-23 18:14 - 00000000 ____D C:\FRST
2016-01-23 18:13 - 2016-01-23 18:12 - 02370560 _____ (Farbar) C:\Users\Pavla\Desktop\FRST64.exe
2016-01-23 18:12 - 2016-01-23 18:12 - 02370560 _____ (Farbar) C:\Users\Pavla\Downloads\FRST64.exe
2016-01-19 20:34 - 2016-01-19 20:34 - 00001707 _____ C:\Users\Public\Desktop\Defraggler.lnk
2016-01-19 20:34 - 2016-01-19 20:34 - 00000000 ____D C:\Program Files\Defraggler
2016-01-19 20:33 - 2016-01-23 17:40 - 00000958 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-01-19 20:33 - 2016-01-19 20:33 - 04527736 _____ (Piriform Ltd) C:\Users\Pavla\Downloads\dfsetup220.exe
2016-01-19 20:33 - 2016-01-19 20:33 - 04527736 _____ (Piriform Ltd) C:\Users\Pavla\Downloads\dfsetup220 (1).exe
2016-01-19 20:32 - 2016-01-19 20:32 - 00063860 _____ C:\cc_20160119_203204.reg
2016-01-19 20:30 - 2016-01-19 20:30 - 00002782 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2016-01-19 20:29 - 2016-01-19 20:29 - 06805440 _____ (Piriform Ltd) C:\Users\Pavla\Downloads\ccsetup513.exe
2016-01-19 20:28 - 2016-01-19 20:28 - 00001462 _____ C:\DelFix.txt
2016-01-19 19:33 - 2016-01-23 17:33 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-01-18 22:27 - 2016-01-18 22:27 - 00038970 _____ C:\Users\Pavla\Desktop\Desktop.zip
2016-01-18 22:09 - 2016-01-18 22:50 - 00000000 ____D C:\SMCLpav
2016-01-18 22:09 - 2016-01-18 22:09 - 00668144 _____ C:\Users\Pavla\Downloads\UNINSTALLER_08.exe
2016-01-18 22:09 - 2016-01-18 22:09 - 00000000 _____ C:\Autoexec.bat
2016-01-18 21:38 - 2016-01-18 21:38 - 00000000 ____D C:\Users\Pavla\Downloads\CrystalDiskInfo5_0_0
2016-01-18 21:31 - 2016-01-18 21:47 - 00000000 ____D C:\Users\Pavla\Desktop\Nová složka
2016-01-18 21:25 - 2016-01-18 21:25 - 01496172 _____ C:\Users\Pavla\Downloads\CrystalDiskInfo5_0_0.zip
2016-01-18 18:16 - 2016-01-18 18:16 - 00001145 _____ C:\Users\Pavla\Documents\sssss.txt
2016-01-18 05:51 - 2016-01-18 05:51 - 08818688 _____ C:\Users\Pavla\Downloads\hamachi.msi
2016-01-18 02:55 - 2016-01-18 02:55 - 00001663 _____ C:\ssss.txt
2016-01-17 15:43 - 2016-01-17 15:43 - 00024487 _____ C:\dddd.txt
2016-01-17 14:17 - 2016-01-17 14:18 - 22908888 _____ (Malwarebytes ) C:\Users\Pavla\Downloads\mbam-setup-2.2.0.1024.exe
2016-01-17 14:08 - 2015-11-20 23:47 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-01-17 14:08 - 2015-11-20 19:18 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-01-17 14:08 - 2015-11-20 17:58 - 03706880 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-01-17 14:08 - 2015-11-20 17:47 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-01-17 14:08 - 2015-11-20 17:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-01-17 14:08 - 2015-11-20 17:44 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2016-01-17 14:08 - 2015-11-20 17:44 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-01-17 14:08 - 2015-11-20 17:43 - 00897024 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-01-17 14:08 - 2015-11-20 17:42 - 02243584 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-01-17 14:08 - 2015-11-20 17:30 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-01-17 14:08 - 2015-11-20 17:29 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-01-17 14:08 - 2015-11-20 17:28 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-01-17 14:08 - 2015-11-20 17:27 - 00726528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-01-17 13:01 - 2016-01-17 13:02 - 00136689 _____ C:\Users\Pavla\Downloads\26116624-r-dlo-pro-psy.htm
2016-01-17 09:30 - 2016-01-17 09:31 - 00000085 _____ C:\Windows\wininit.ini
2016-01-17 09:27 - 2016-01-18 18:58 - 00000000 ____D C:\Users\Pavla\AppData\Roaming\Seznam.cz
2016-01-17 09:26 - 2016-01-17 09:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EasyCleaner
2016-01-17 09:26 - 2016-01-17 09:26 - 00000000 ____D C:\Program Files (x86)\ToniArts
2016-01-17 09:24 - 2016-01-17 09:25 - 10166368 _____ C:\Users\Pavla\Downloads\EClea2_0.exe
2016-01-17 09:06 - 2016-01-17 09:06 - 00000000 ____D C:\Users\Pavla\Documents\My Games
2016-01-17 08:59 - 2016-01-17 09:06 - 00002160 _____ C:\Users\Public\Desktop\Path of Exile.lnk
2016-01-17 08:59 - 2016-01-17 09:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grinding Gear Games
2016-01-17 08:59 - 2016-01-17 08:59 - 00000000 ____D C:\Program Files (x86)\Grinding Gear Games
2016-01-17 08:59 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2016-01-17 08:59 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2016-01-17 08:55 - 2016-01-17 08:55 - 09629696 _____ C:\Users\Pavla\Downloads\PathOfExileInstaller.msi
2016-01-17 01:26 - 2016-01-17 01:26 - 00003706 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1d1508d9a4a428c
2016-01-16 23:52 - 2016-01-18 22:16 - 00000000 ____D C:\Program Files\trend micro
2016-01-16 23:47 - 2015-12-11 05:38 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-01-16 23:47 - 2015-12-11 05:00 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-01-16 23:47 - 2015-12-11 04:55 - 06051328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-01-16 23:47 - 2015-12-11 04:50 - 20367360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-01-16 23:47 - 2015-12-11 04:21 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-01-16 23:47 - 2015-12-11 04:03 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-01-16 23:47 - 2015-12-11 03:43 - 04610560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-01-16 23:47 - 2015-12-11 03:38 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-01-16 23:47 - 2015-12-11 03:35 - 12856320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-01-16 23:47 - 2015-12-11 03:12 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-01-16 23:47 - 2015-11-10 01:04 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-01-16 23:47 - 2015-11-08 23:02 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-01-16 23:46 - 2015-12-11 04:45 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-01-16 23:46 - 2015-12-11 04:18 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-01-16 23:46 - 2015-12-11 04:09 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-01-16 23:46 - 2015-12-11 04:09 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-01-16 23:46 - 2015-12-11 03:59 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-01-16 23:46 - 2015-12-11 03:43 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-01-16 23:46 - 2015-12-11 03:37 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-01-16 23:46 - 2015-12-11 03:26 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-01-16 23:46 - 2015-12-11 03:14 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-01-16 23:46 - 2015-12-11 03:08 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-01-16 23:46 - 2015-12-11 03:07 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-01-16 23:46 - 2015-11-11 16:44 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-01-16 23:46 - 2015-11-11 16:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2016-01-16 23:46 - 2015-11-10 01:11 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-01-16 23:46 - 2015-11-10 01:08 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-01-16 23:46 - 2015-11-10 00:37 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-01-16 23:46 - 2015-11-10 00:36 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-01-16 23:46 - 2015-11-10 00:36 - 00325632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-01-16 23:46 - 2015-11-10 00:25 - 01048576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2016-01-16 23:46 - 2015-11-08 23:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-01-16 23:46 - 2015-11-08 22:32 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-01-16 23:46 - 2015-11-08 22:32 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2016-01-16 23:46 - 2015-11-08 22:18 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-01-16 23:46 - 2015-11-08 22:16 - 00372224 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-01-16 23:46 - 2015-11-08 22:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-01-16 23:46 - 2015-11-08 22:13 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-01-16 23:46 - 2015-11-08 21:53 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2016-01-16 23:43 - 2015-12-10 01:40 - 00033456 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-01-16 23:43 - 2015-12-05 06:58 - 02745184 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2016-01-16 23:43 - 2015-12-05 06:58 - 02528784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2016-01-16 23:43 - 2015-12-05 06:58 - 02450240 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2016-01-16 23:43 - 2015-12-05 06:58 - 02447136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL
2016-01-16 23:43 - 2015-12-05 06:58 - 02334104 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2016-01-16 23:43 - 2015-12-05 06:58 - 02324744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2016-01-16 23:43 - 2015-12-05 06:58 - 01877504 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
2016-01-16 23:43 - 2015-12-05 06:58 - 01798480 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll
2016-01-16 23:43 - 2015-12-05 06:58 - 01484888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll
2016-01-16 23:43 - 2015-12-05 06:58 - 01288128 _____ (Microsoft Corporation) C:\Windows\system32\mfnetsrc.dll
2016-01-16 23:43 - 2015-12-05 06:58 - 01210200 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2016-01-16 23:43 - 2015-12-05 06:58 - 01150232 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2016-01-16 23:43 - 2015-12-05 06:58 - 01115640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll
2016-01-16 23:43 - 2015-12-05 06:58 - 01037680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2016-01-16 23:43 - 2015-12-05 06:58 - 00914672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL
2016-01-16 23:43 - 2015-12-05 06:58 - 00850680 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll
2016-01-16 23:43 - 2015-12-05 06:58 - 00735496 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-01-16 23:43 - 2015-12-05 06:58 - 00700360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll
2016-01-16 23:43 - 2015-12-05 06:58 - 00629600 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2016-01-16 23:43 - 2015-12-05 06:58 - 00584656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-01-16 23:43 - 2015-12-05 06:58 - 00557856 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2016-01-16 23:43 - 2015-12-05 06:58 - 00498472 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2016-01-16 23:43 - 2015-12-05 06:58 - 00492736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL
2016-01-16 23:43 - 2015-12-05 06:58 - 00463776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
2016-01-16 23:43 - 2015-12-05 06:58 - 00399776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2016-01-16 23:43 - 2015-12-05 06:58 - 00299080 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2016-01-16 23:43 - 2015-12-05 06:58 - 00275312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL
2016-01-16 23:43 - 2015-12-05 06:58 - 00274280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL
2016-01-16 23:43 - 2015-12-05 06:58 - 00250520 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2016-01-16 23:43 - 2015-12-05 06:58 - 00248432 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2016-01-16 23:43 - 2015-12-05 06:58 - 00246856 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2016-01-16 23:43 - 2015-12-05 06:58 - 00244296 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-01-16 23:43 - 2015-12-05 06:58 - 00229272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL
2016-01-16 23:43 - 2015-12-05 06:58 - 00203016 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2016-01-16 23:43 - 2015-12-05 06:58 - 00184912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL
2016-01-16 23:43 - 2015-12-05 06:58 - 00183856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL
2016-01-16 23:43 - 2015-12-05 06:58 - 00116720 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2016-01-16 23:43 - 2015-12-05 06:58 - 00110544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2016-01-16 23:43 - 2015-12-05 06:58 - 00099136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL
2016-01-16 23:43 - 2015-12-05 06:58 - 00090904 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2016-01-16 23:43 - 2015-12-05 06:58 - 00090392 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2016-01-16 23:43 - 2015-12-05 06:58 - 00081032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll
2016-01-16 23:43 - 2015-12-05 06:58 - 00076936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll
2016-01-16 23:43 - 2015-12-03 20:42 - 00561952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-01-16 23:43 - 2015-12-03 20:42 - 00397224 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2016-01-16 23:43 - 2015-12-03 20:42 - 00137968 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-01-16 23:43 - 2015-12-03 20:42 - 00106960 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2016-01-16 23:43 - 2015-12-03 20:41 - 00177488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-01-16 23:43 - 2015-12-03 19:52 - 00340872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2016-01-16 23:43 - 2015-12-03 19:52 - 00120376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-01-16 23:43 - 2015-12-03 19:52 - 00091416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2016-01-16 23:43 - 2015-12-03 19:28 - 00401920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-01-16 23:43 - 2015-12-03 19:28 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-01-16 23:43 - 2015-12-03 19:07 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-01-16 23:43 - 2015-12-03 19:07 - 00289792 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2016-01-16 23:43 - 2015-12-03 19:05 - 00644608 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2016-01-16 23:43 - 2015-12-03 19:02 - 01664000 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2016-01-16 23:43 - 2015-12-03 19:00 - 00451072 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2016-01-16 23:43 - 2015-12-03 18:58 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2016-01-16 23:43 - 2015-12-03 18:51 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-01-16 23:43 - 2015-12-03 18:36 - 01697792 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-01-16 23:43 - 2015-12-03 18:30 - 00468480 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2016-01-16 23:43 - 2015-12-03 18:28 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2016-01-16 23:43 - 2015-12-03 18:28 - 00245760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2016-01-16 23:43 - 2015-12-03 18:27 - 00736256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL
2016-01-16 23:43 - 2015-12-03 18:24 - 01411584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL
2016-01-16 23:43 - 2015-12-03 18:23 - 00402432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL
2016-01-16 23:43 - 2015-12-03 18:16 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-01-16 23:43 - 2015-12-03 18:13 - 01441280 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-01-16 23:43 - 2015-12-03 18:07 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-01-16 23:43 - 2015-12-03 18:06 - 01501184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-01-16 23:43 - 2015-12-03 18:01 - 00743936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL
2016-01-16 23:43 - 2015-12-03 17:45 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-01-16 23:43 - 2015-12-03 17:40 - 01010688 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2016-01-16 23:43 - 2015-12-03 17:29 - 00887296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL
2016-01-16 23:43 - 2015-12-02 16:04 - 00670208 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2016-01-16 23:43 - 2015-12-02 16:01 - 00561664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2016-01-16 23:43 - 2015-11-17 22:07 - 01380864 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-01-16 23:43 - 2015-11-17 22:07 - 00792064 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-01-16 23:43 - 2015-11-17 22:07 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-01-16 23:43 - 2015-11-05 09:59 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2016-01-16 23:42 - 2015-12-30 20:32 - 07453016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-01-16 23:42 - 2015-12-30 20:32 - 01735000 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-01-16 23:42 - 2015-12-30 20:32 - 01499912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-01-16 23:42 - 2015-12-11 01:13 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-01-16 23:42 - 2015-12-11 01:13 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-01-16 23:42 - 2015-12-11 01:13 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-01-16 23:42 - 2015-11-22 07:59 - 01659568 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-01-16 23:42 - 2015-11-22 07:59 - 01519592 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-01-16 23:42 - 2015-11-22 07:59 - 01487008 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-01-16 23:42 - 2015-11-22 07:59 - 01355848 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2016-01-16 23:42 - 2015-11-21 19:32 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-01-16 23:42 - 2015-11-21 18:50 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-01-16 23:42 - 2015-11-21 17:59 - 01706496 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2016-01-16 23:42 - 2015-11-21 17:49 - 01344000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2016-01-16 23:42 - 2015-11-21 17:47 - 00522240 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2016-01-16 23:42 - 2015-11-21 17:40 - 00414208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2016-01-16 23:42 - 2015-11-09 01:41 - 01540728 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-01-16 23:42 - 2015-11-08 23:30 - 04176384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-01-16 23:42 - 2015-11-08 22:23 - 01994752 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-01-16 23:42 - 2015-11-08 22:13 - 01383936 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-01-16 23:42 - 2015-11-08 22:01 - 01753600 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2016-01-16 23:42 - 2015-11-08 21:52 - 01559552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2016-01-16 23:42 - 2015-11-08 21:48 - 01376256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-01-16 23:42 - 2015-11-08 21:42 - 01490944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2016-01-16 23:42 - 2015-10-28 16:49 - 02775552 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-01-16 23:42 - 2015-10-28 16:29 - 02462720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-01-16 23:41 - 2015-10-11 07:34 - 00468824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2016-01-16 23:41 - 2015-10-11 07:34 - 00462168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2016-01-16 23:41 - 2015-10-11 07:34 - 00443224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2016-01-16 23:41 - 2015-10-11 07:34 - 00092504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2016-01-16 23:41 - 2015-10-11 07:34 - 00027992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2016-01-16 23:41 - 2015-10-10 19:41 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2016-01-16 23:41 - 2015-10-10 19:41 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2016-01-16 23:41 - 2015-10-10 18:20 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2016-01-16 23:41 - 2015-10-05 19:28 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\wininit.exe
2016-01-16 23:41 - 2015-10-05 19:25 - 00572928 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2016-01-16 23:41 - 2015-10-03 20:41 - 01385280 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2016-01-16 23:41 - 2015-10-03 20:41 - 01124384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2016-01-16 23:40 - 2015-12-07 11:56 - 01380600 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-01-16 23:40 - 2015-12-04 16:00 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-01-16 23:40 - 2015-10-08 17:11 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\PCPKsp.dll
2016-01-16 23:40 - 2015-10-08 16:50 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PCPKsp.dll
2016-01-16 23:39 - 2015-12-08 20:08 - 00685432 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-01-16 23:39 - 2015-12-08 20:07 - 00507176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-01-16 22:33 - 2016-01-16 22:33 - 00003924 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-01-16 22:33 - 2016-01-16 22:20 - 00386096 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-01-16 22:28 - 2016-01-16 22:28 - 00000991 _____ C:\Users\Pavla\Desktop\Install Kaspersky Anti-Virus version 16.0.0.614.lnk
2016-01-16 22:28 - 2016-01-16 22:28 - 00000000 ____D C:\Users\Pavla\AppData\Roaming\AVAST Software
2016-01-16 22:21 - 2016-01-16 22:21 - 00001909 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-01-16 22:21 - 2016-01-16 22:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-01-16 22:20 - 2016-01-20 22:33 - 01065208 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2016-01-16 22:20 - 2016-01-20 22:33 - 00464256 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2016-01-16 22:20 - 2016-01-16 22:21 - 00451040 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1453325620171
2016-01-16 22:20 - 2016-01-16 22:21 - 00097648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-01-16 22:20 - 2016-01-16 22:20 - 01055560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1453325620171
2016-01-16 22:20 - 2016-01-16 22:20 - 00273784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2016-01-16 22:20 - 2016-01-16 22:20 - 00155304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-01-16 22:20 - 2016-01-16 22:20 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-01-16 22:20 - 2016-01-16 22:20 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-01-16 22:20 - 2016-01-16 22:20 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-01-16 22:20 - 2016-01-16 22:20 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-01-16 22:18 - 2016-01-16 22:18 - 05065856 _____ (AVAST Software) C:\Users\Pavla\Downloads\avast_free_antivirus_setup_online (2).exe
2016-01-16 22:18 - 2016-01-16 22:18 - 00000000 ____D C:\Program Files\AVAST Software
2016-01-16 19:47 - 2016-01-16 19:47 - 00001303 _____ C:\Users\Pavla\Desktop\Nainstalovat produkt Kaspersky Security Scan verze 15.0.0.737.lnk
2016-01-16 19:45 - 2016-01-16 19:45 - 01988928 _____ (Kaspersky Lab) C:\Users\Pavla\Downloads\kss15.0.0.737en_ru_de_fr_es_it_zh-hans_pl_tr_nl_cs_7694.exe
2016-01-16 19:43 - 2016-01-16 19:43 - 01917824 _____ (Kaspersky Lab) C:\Users\Pavla\Downloads\kav16.0.0.614acs_8659.exe
2016-01-16 18:46 - 2016-01-16 18:46 - 00000000 ____D C:\Windows\pss
2016-01-16 18:24 - 2016-01-16 19:47 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2016-01-16 18:22 - 2016-01-16 18:22 - 01897072 _____ (Kaspersky Lab) C:\Users\Pavla\Downloads\kav16-0-0-614en_8200.exe
2016-01-16 17:58 - 2016-01-16 17:58 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2016-01-12 20:10 - 2016-01-12 20:21 - 00000000 ____D C:\Staré PC
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-01-23 18:14 - 2013-08-22 14:36 - 00000000 ____D C:\Windows
2016-01-23 18:09 - 2014-02-23 20:43 - 00000000 ____D C:\Users\Pavla\AppData\Roaming\vlc
2016-01-21 17:51 - 2015-09-04 16:34 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2757677241-3423558724-1332677612-1001
2016-01-21 17:46 - 2015-09-07 19:32 - 00003838 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1441650727
2016-01-21 17:46 - 2015-09-07 19:32 - 00001074 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-01-21 17:46 - 2015-09-07 19:32 - 00000000 ____D C:\Program Files (x86)\Opera
2016-01-19 20:33 - 2015-10-04 20:46 - 00003914 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-01-19 20:33 - 2014-11-27 17:14 - 00003802 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-01-19 20:31 - 2014-11-09 11:24 - 00000000 ____D C:\Users\Pavla\Tracing
2016-01-19 20:30 - 2014-03-20 18:51 - 00000805 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-01-19 20:30 - 2014-03-20 18:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-01-19 19:31 - 2013-12-25 17:12 - 00000000 ___DO C:\Users\Pavla\SkyDrive
2016-01-19 19:26 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-19 19:25 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf
2016-01-19 19:25 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-01-19 19:24 - 2013-12-26 07:28 - 00000000 ____D C:\Users\Pavla\AppData\LocalLow\Temp
2016-01-18 23:18 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\rescache
2016-01-18 22:18 - 2014-02-03 21:39 - 01798656 ___SH C:\Users\Pavla\Downloads\Thumbs.db
2016-01-18 21:51 - 2015-04-24 18:20 - 00009378 _____ C:\Users\Pavla\Desktop\crystdisk.txt
2016-01-18 21:34 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-01-18 21:34 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppReadiness
2016-01-18 21:28 - 2015-04-07 21:19 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-01-18 19:00 - 2014-09-30 20:02 - 00000000 ____D C:\PhSp_CS2_UE_Ret
2016-01-18 18:58 - 2013-12-25 17:17 - 00000000 ____D C:\Users\Pavla\AppData\Local\Deployment
2016-01-18 18:49 - 2015-08-20 18:59 - 00000000 ____D C:\ProgramData\panda_url_filtering
2016-01-18 02:57 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\MediaViewer
2016-01-17 16:11 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp
2016-01-17 10:17 - 2013-09-19 18:02 - 01745984 _____ C:\Windows\system32\PerfStringBackup.INI
2016-01-17 10:17 - 2013-08-28 15:02 - 00739924 _____ C:\Windows\system32\perfh005.dat
2016-01-17 10:17 - 2013-08-28 15:02 - 00151610 _____ C:\Windows\system32\perfc005.dat
2016-01-17 10:11 - 2013-08-22 15:44 - 00620304 _____ C:\Windows\system32\FNTCACHE.DAT
2016-01-17 09:56 - 2015-04-05 16:04 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-01-17 09:56 - 2015-04-05 16:04 - 00000000 ___SD C:\Windows\system32\GWX
2016-01-17 09:56 - 2014-12-17 18:17 - 00000000 ____D C:\Windows\system32\appraiser
2016-01-17 09:56 - 2014-07-24 19:23 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-01-17 09:26 - 2013-09-19 18:04 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-01-17 01:37 - 2014-02-10 19:41 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-01-17 01:37 - 2014-01-28 20:02 - 00000000 ____D C:\ProgramData\Microsoft Help
2016-01-17 01:27 - 2013-08-22 14:25 - 00000199 _____ C:\Windows\win.ini
2016-01-17 01:26 - 2015-09-07 19:07 - 00003942 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-01-17 01:18 - 2015-04-08 16:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-01-17 01:13 - 2013-12-29 10:10 - 00000000 ____D C:\Windows\system32\MRT
2016-01-17 01:05 - 2013-12-29 10:10 - 143671360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-01-16 22:18 - 2014-01-26 11:06 - 00000000 ____D C:\ProgramData\AVAST Software
2016-01-16 19:42 - 2013-12-25 17:18 - 00000000 ____D C:\Users\Pavla\AppData\Local\Google
2016-01-16 17:58 - 2015-09-08 19:43 - 00000000 ____D C:\Program Files\Common Files\AV
2016-01-05 21:04 - 2015-03-14 07:46 - 00826872 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-01-05 21:04 - 2015-03-14 07:46 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
==================== Files in the root of some directories =======
2015-04-21 05:09 - 2015-05-19 16:21 - 0000020 _____ () C:\Users\Pavla\AppData\Roaming\appdataFr3.bin
2015-04-03 20:34 - 2015-04-03 20:34 - 0000000 _____ () C:\Users\Pavla\AppData\Roaming\BAC7.tmp
2015-04-05 20:56 - 2015-04-05 20:56 - 0009662 _____ () C:\Users\Pavla\AppData\Roaming\em_64x64.ico
2014-01-04 12:02 - 2014-01-04 12:02 - 0000268 ___RH () C:\Users\Pavla\AppData\Roaming\Rock Kit
2014-01-04 12:02 - 2014-01-04 12:02 - 0000268 ___RH () C:\Users\Pavla\AppData\Roaming\Rule Actions
2014-01-04 12:02 - 2014-01-04 12:02 - 0000268 ___RH () C:\Users\Pavla\AppData\Roaming\Sample Delay
2014-01-04 12:00 - 2014-01-04 12:00 - 0000268 ___RH () C:\Users\Pavla\AppData\Roaming\Solid Colors
2014-01-26 14:34 - 2014-11-10 06:39 - 0007168 _____ () C:\Users\Pavla\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-10-04 09:42 - 2014-10-04 09:42 - 0003593 _____ () C:\Users\Pavla\AppData\Local\recently-used.xbel
2014-01-04 12:00 - 2014-01-04 12:01 - 0000020 ____H () C:\ProgramData\PKP_DLeo.DAT
2014-01-04 12:02 - 2014-01-04 12:02 - 0000020 ____H () C:\ProgramData\PKP_DLes.DAT
2014-01-04 12:02 - 2015-06-04 17:10 - 0000020 ____H () C:\ProgramData\PKP_DLet.DAT
2014-01-04 12:02 - 2015-10-28 17:25 - 0000020 ____H () C:\ProgramData\PKP_DLev.DAT
2014-01-04 12:02 - 2014-01-04 12:02 - 0000268 ___RH () C:\ProgramData\Sampler Files
2014-01-04 12:02 - 2014-01-04 12:02 - 0000268 ___RH () C:\ProgramData\Sampler Instruments
2014-01-04 12:00 - 2014-01-04 12:00 - 0000268 ___RH () C:\ProgramData\Space Choir
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-01-17 00:56
==================== End of FRST.txt ============================
Re: zpomalené pc, nejde nic aktualizovat
Additional scan result of Farbar Recovery Scan Tool (x64) Version:18-01-2016
Ran by Pavla (2016-01-23 18:15:30)
Running from C:\Users\Pavla\Desktop
Windows 8.1 (X64) (2013-12-25 16:03:23)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2757677241-3423558724-1332677612-500 - Administrator - Disabled)
Guest (S-1-5-21-2757677241-3423558724-1332677612-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2757677241-3423558724-1332677612-1003 - Limited - Enabled)
Pavla (S-1-5-21-2757677241-3423558724-1332677612-1001 - Administrator - Enabled) => C:\Users\Pavla
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Out of date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Out of date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated)
Adobe Flash Player 20 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated)
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Advertising Center (x32 Version: 0.0.0.1 - Nero AG) Hidden
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 4.8.1245.73583 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 4.8.1245.73583 - Alcor Micro Corp.) Hidden
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
ArcSoft Panorama Maker 6 (HKLM-x32\...\{DABFD34E-BE68-4BC6-9254-5D7A7FF76B99}) (Version: 6.0.8.85 - ArcSoft)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Atheros)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.1.2245 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.13 - Piriform)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.20 - Piriform)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Dropbox (HKU\S-1-5-21-2757677241-3423558724-1332677612-1001\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
DTS Sound (HKLM-x32\...\{2DFA9084-CEB3-4A48-B9F7-9038FEF1B8F4}) (Version: 1.01.2700 - DTS, Inc.)
EasyCleaner (HKLM-x32\...\{F5346614-B7C4-4E94-826A-E2363155233D}) (Version: 2.0.6.380 - ToniArts)
Empress of the Deep - The Darkest Secret (x32 Version: 2.2.0.98 - WildTangent) Hidden
File Association Helper (HKLM\...\{572D0504-2C67-4016-801F-D70879A3026A}) (Version: 1.1.6.53763 - WinZip Computing International, LLC)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotolab Fotosvet (HKLM-x32\...\Fotolab Fotosvet) (Version: 5.1.7 - CEWE Stiftung u Co. KGaA)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.111 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
IDT Audio Driver (HKLM\...\{588A747E-CFF6-46B3-9207-CD754F9473AF}) (Version: 6.10.6491.0 - IDT)
Infinite HD™ App (HKU\S-1-5-21-2757677241-3423558724-1332677612-1001\...\Octoshape Streaming Services) (Version: - Octoshape ApS)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3282 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Island Tribe (x32 Version: 2.2.0.98 - WildTangent) Hidden
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java 7 Update 55 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417055FF}) (Version: 7.0.550 - Oracle)
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
KMSnano 24 (HKLM\...\KMSnano 24_is1) (Version: KMSnano 24 - )
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Microsoft Office 365 Home Premium - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 15.0.4551.1512 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2757677241-3423558724-1332677612-1001\...\OneDriveSetup.exe) (Version: 17.3.5930.0814 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Preview Redistributable (x64) - 12.0.20617 (HKLM-x32\...\{448652c1-f5f3-4230-98c6-68c10c88b1fb}) (Version: 12.0.20617.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Preview Redistributable (x86) - 12.0.20617 (HKLM-x32\...\{1f407217-9aec-4146-8504-e64ac959c534}) (Version: 12.0.20617.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 38.0.5 (x86 cs) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 cs)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0.5 - Mozilla)
MV2Player (remove only) (HKLM-x32\...\MV2Player) (Version: - )
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nero 9 Essentials (HKLM-x32\...\{fd6b1fd5-14bd-4103-b432-823a59d3ad38}) (Version: - Nero AG)
Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.1.0 - Nikon)
Nikon Movie Editor (HKLM-x32\...\{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}) (Version: 2.8.3 - Nikon)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Opera Stable 34.0.2036.50 (HKLM-x32\...\Opera 34.0.2036.50) (Version: 34.0.2036.50 - Opera Software)
Path of Exile (HKLM-x32\...\{90A4562F-D4A1-4B65-906D-41F236CF6902}) (Version: 2.1.1.50223 - Grinding Gear Games)
PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.2 - pdfforge)
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Picture Control Utility x64 (HKLM\...\{11953C65-BB4E-4CA4-B0F0-2600A4B20040}) (Version: 1.4.16 - Nikon)
Pinnacle VideoSpin (HKLM-x32\...\{FEB15887-0932-4D2D-BB85-6AC03FBF1AA8}) (Version: 2.0.0.669 - Pinnacle Systems)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.300 - Qualcomm Atheros)
Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
RollerCoaster Tycoon Deluxe (HKLM-x32\...\GOGPACKRTC_is1) (Version: 2.1.0.18 - GOG.com)
RonyaSoft Poster Designer (Poster Forge) 2.01 (HKLM-x32\...\RonyaSoft Poster Designer (Poster Forge)) (Version: 2.01 - RonyaSoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft)
Shape Collage (HKLM-x32\...\ShapeCollage) (Version: - Shape Collage Inc.)
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.5.1333.g822e0de8 - Spotify AB)
StepMania (remove only) (HKLM-x32\...\StepMania) (Version: - )
StepMania 4 alpha 4 (remove only) (HKLM-x32\...\StepMania 4) (Version: - )
StepMania v5.0 beta 3 (remove only) (HKLM-x32\...\StepMania 5) (Version: - StepMania Team)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.10.51 - Synaptics Incorporated)
TOSHIBA Addendum (HKLM-x32\...\{CE0374A6-B204-4336-8293-63FBB1DADBF4}) (Version: 1.00 - TOSHIBA)
TOSHIBA Desktop Assist (HKLM\...\{95CCACF0-010D-45F0-82BF-858643D8BC02}) (Version: 1.02.01.6407 - Toshiba Corporation)
TOSHIBA Display Utility (HKLM\...\{84FA4D2D-4273-4C66-BD3D-ADD3FE48DFA2}) (Version: 1.1.5.0 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.2.0.6404 - Toshiba Corporation)
TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.1.0001.6403 - Toshiba Corporation)
TOSHIBA Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.10 - TOSHIBA)
TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{78931270-BC9E-441A-A52B-73ECD4ACFAB5}) (Version: 3.00.344 - Toshiba Corporation)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.9.09.6400 - Toshiba Corporation)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.1.02.55065006 - Toshiba Corporation)
TOSHIBA Service Station (HKLM\...\{FBFCEEA5-96EA-4C8E-9262-43CBBEBAE413}) (Version: 2.6.8 - Toshiba Corporation)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0030 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.1.2.32001 - Toshiba Corporation)
Toshiba TEMPRO (HKLM-x32\...\{F76F5214-83A8-4030-80C9-1EF57391D72A}) (Version: 4.5.0 - Toshiba Europe GmbH)
TOSHIBA VIDEO PLAYER (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 5.3.27.102 - Toshiba Corporation)
Update for Skype for Business 2015 (KB3039776) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0405-0000-0000000FF1CE}_Office15.PROPLUSR_{AED52533-C34E-47F3-B905-68662D338FA0}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3114502) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{B4DBD8FE-927A-4BAF-9158-D71D2EE4C00F}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3114502) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0405-0000-0000000FF1CE}_Office15.PROPLUSR_{B4DBD8FE-927A-4BAF-9158-D71D2EE4C00F}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3114502) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{B4DBD8FE-927A-4BAF-9158-D71D2EE4C00F}) (Version: - Microsoft)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
ViewNX 2 (HKLM\...\{635BE602-BB9C-4C59-8CC5-93F9366E8A21}) (Version: 2.8.3 - Nikon)
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WildTangent Games App (Toshiba Games) (x32 Version: 4.0.9.7 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
WinRAR 5.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WinZip 18.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DF}) (Version: 18.0.10661 - WinZip Computing, S.L. )
Wondershare PDF Editor(Build 3.6.0) (HKLM-x32\...\{75BAE677-F65A-45A4-9931-363FE0CF5E58}_is1) (Version: 3.6.0.9 - Wondershare Software Co.,Ltd.)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2757677241-3423558724-1332677612-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Pavla\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2757677241-3423558724-1332677612-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Pavla\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2757677241-3423558724-1332677612-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Pavla\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2757677241-3423558724-1332677612-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Pavla\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2757677241-3423558724-1332677612-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Pavla\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {03B86559-CFE3-4CFF-BD81-626D2B998890} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-01-16] (Microsoft Corporation)
Task: {04247C40-9704-4AC5-9C23-BB9AAFA0419D} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-01-20] (AVAST Software)
Task: {1CCD7CDF-A0BE-46CB-8A99-59202FA5DEB6} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {1D3B0BA9-28AE-4D9B-A840-9B2AC6961E1C} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [2013-07-19] (Toshiba Europe GmbH)
Task: {58D7E1D0-DEFE-45B4-9024-FC890410D0EA} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_286_pepper.exe [2016-01-19] (Adobe Systems Incorporated)
Task: {5EE7D71E-3299-4D75-8454-06D949F35094} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2013-07-31] (TOSHIBA Corporation)
Task: {626FA9F4-0D7C-4ACE-9D3C-F39F51AF1549} - System32\Tasks\GoogleUpdateTaskMachineCore1d1508d9a4a428c => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-07] (Google Inc.)
Task: {75D5E061-2080-4ACE-90C7-E842E4B99451} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {77D5E11E-7D87-499A-A771-D449B37C9F8E} - System32\Tasks\Opera scheduled Autoupdate 1441650727 => C:\Program Files (x86)\Opera\launcher.exe [2016-01-18] (Opera Software)
Task: {78ED34BF-F63A-4FAE-A97A-3CF6ECC3DB2E} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {AC328EAF-C1D7-4260-9986-FC93BE66C888} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {B3C618EB-E36F-4F17-BFB8-8400960AC180} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-01-16] (AVAST Software)
Task: {BA48FCCD-F364-42BF-B684-E7B4DCC4D3D1} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {C1312C56-17DC-427B-8BDF-1782C4AA7E74} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-10-31] (Microsoft Corporation)
Task: {C21E7B6F-3EA5-4BE8-9B6F-13DCB7ACF2F5} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-01-17] (Microsoft Corporation)
Task: {C7E35841-A588-4C65-8098-DE1E88130F95} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-07] (Google Inc.)
Task: {CB647DD8-CF34-4A99-85A1-657649D68B32} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {D40BD2BF-AB93-40A7-B82B-7DEE009626DB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-19] (Adobe Systems Incorporated)
Task: {DF773D78-6FFD-4E74-80DF-7536C5EDF852} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-12-08] (Piriform Ltd)
Task: {EB1CE69E-C59F-4D76-A4FB-026D9FEA735C} - System32\Tasks\avastBCLRestart_chrome.exe => Chrome.exe
Task: {F771D8CA-7DA7-4DB2-99AD-45EF798B0526} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-07] (Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_286_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2013-03-27 21:53 - 2013-03-27 21:53 - 00163168 _____ () C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe
2013-09-10 21:54 - 2013-09-10 21:54 - 00019792 _____ () C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
2013-12-26 07:16 - 2013-08-23 14:45 - 00377512 _____ () C:\Program Files\Microsoft Office 15\ClientX64\c2rui.dll
2013-09-19 18:33 - 2013-08-12 18:52 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-07-19 03:38 - 2012-07-19 03:38 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll
2015-12-08 20:25 - 2015-12-08 20:25 - 00047616 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2015-07-03 14:29 - 2015-07-03 14:29 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\ErrorReporting.dll
2016-01-16 22:20 - 2016-01-16 22:20 - 00103888 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2016-01-16 22:20 - 2016-01-16 22:20 - 00125512 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-01-18 18:33 - 2016-01-18 18:33 - 02818048 _____ () C:\Program Files\AVAST Software\Avast\defs\16011800\algo.dll
2016-01-16 22:20 - 2016-01-16 22:20 - 00469008 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-01-21 12:14 - 2016-01-21 12:14 - 02818048 _____ () C:\Program Files\AVAST Software\Avast\defs\16012100\algo.dll
2016-01-23 18:11 - 2016-01-23 18:11 - 02818048 _____ () C:\Program Files\AVAST Software\Avast\defs\16012300\algo.dll
2014-02-23 18:20 - 2013-07-24 09:24 - 00137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2016-01-16 22:20 - 2016-01-16 22:20 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-11-14 19:15 - 2013-09-04 01:52 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-01-16 18:44 - 2016-01-12 17:35 - 01590088 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.111\libglesv2.dll
2016-01-16 18:44 - 2016-01-12 17:35 - 00087880 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.111\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
There are 7866 more sites.
IE restricted site: HKU\S-1-5-21-2757677241-3423558724-1332677612-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2757677241-3423558724-1332677612-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2757677241-3423558724-1332677612-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2757677241-3423558724-1332677612-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2757677241-3423558724-1332677612-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2757677241-3423558724-1332677612-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2757677241-3423558724-1332677612-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2757677241-3423558724-1332677612-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2757677241-3423558724-1332677612-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2757677241-3423558724-1332677612-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2757677241-3423558724-1332677612-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2757677241-3423558724-1332677612-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2757677241-3423558724-1332677612-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2757677241-3423558724-1332677612-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2757677241-3423558724-1332677612-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2757677241-3423558724-1332677612-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2757677241-3423558724-1332677612-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2757677241-3423558724-1332677612-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2757677241-3423558724-1332677612-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2757677241-3423558724-1332677612-1001\...\123simsen.com -> www.123simsen.com
There are 7866 more sites.
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2016-01-19 19:24 - 00000035 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2757677241-3423558724-1332677612-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Pavla\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\dscn2525.jpg
DNS Servers: 217.170.96.24 - 217.170.96.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2757677241-3423558724-1332677612-1001\...\StartupApproved\Run: => "msnmsgr"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{4DB0514A-BCD3-4301-AAEA-107C2D63B399}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{9E2B8E66-DA75-47D5-8F43-CD949972E95B}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{525BB892-8E10-49CA-8CEC-F59CAF8394BC}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{28C68800-6C90-4C16-BF60-E7513E6E13D9}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{508B9B03-1E37-4302-83E9-59F099C55D66}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{701CBB07-40C8-40E1-8B2D-A896D4AB91BB}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{94B40D01-F1B9-40A5-ABF8-925A6C2B67FA}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{9D70DC01-24EA-43C3-8244-1FBCE3C23F90}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{37AA5A39-77A2-488A-B2E5-40C26268A14A}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{046E9879-9DF0-49BE-AA3B-A6A11ADBF43E}] => (Allow) C:\Program Files\KMSnano\qemu-system-i386.exe
FirewallRules: [{14864A44-520E-4750-BF2B-E7CD0EEA1356}] => (Allow) C:\Program Files\KMSnano\qemu-system-i386.exe
FirewallRules: [TCP Query User{E4FB2B5F-004F-4C06-B0E9-4494E05F39FB}C:\program files (x86)\stepmania 4\program\stepmania.exe] => (Block) C:\program files (x86)\stepmania 4\program\stepmania.exe
FirewallRules: [UDP Query User{1020EA9E-1844-40D4-8CCE-7A3D3C6540AD}C:\program files (x86)\stepmania 4\program\stepmania.exe] => (Block) C:\program files (x86)\stepmania 4\program\stepmania.exe
FirewallRules: [{FAF864A6-D078-4867-BD3B-C84A5C2F4517}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{1B1E9D33-ED5B-4AFD-A667-C86B3122DA60}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{C97BAE22-BD67-4AED-A3A7-99E48E0219A5}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{BD54B5A2-0B69-4A85-AEC2-EA7CEE456220}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{19E9D4F0-7E04-40B4-816B-060A433EA61E}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{E8622146-BCBE-4ABE-BC4F-194C2470ACBD}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{3F56A7FE-0CB9-465F-9E22-F22A3A25B8F9}] => (Allow) C:\Users\Pavla\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{3570807E-0699-405A-AC8A-12E2899FF8D7}] => (Allow) C:\Users\Pavla\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{93E94B24-0A27-4C6D-9B4E-433B35102E46}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{B1D42ECB-2766-47C6-BD88-91EF3AACFD49}] => (Allow) LPort=2869
FirewallRules: [{B222E807-AE56-4851-8C5A-AC1F40D38A83}] => (Allow) LPort=1900
FirewallRules: [{C336A08E-975A-4F54-9A73-0E6BE9A9DD9F}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{50F2A713-DF35-43A1-A351-44D7D7C2B4AB}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{C071577F-67D9-485C-A191-CDBE2C772EDE}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{B250B3FD-AFDA-4F09-B632-71530FD00E8E}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{C6452778-4F4C-46CD-A152-763AE5FD6C45}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{C091E8A4-2781-4DED-9F50-A3FD33FF3811}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{EACEFA12-AB58-465C-82CF-CC33AB664A0D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [TCP Query User{67DA7855-3485-4584-ADE8-F0BC95F28192}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{C47D1B82-36EF-462A-98C4-4A1840E00757}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{75A72660-E05F-4393-BF55-ACC54EF23294}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1508D907-E7EE-4622-988E-AD6B74716E98}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{EAD61066-70D0-4DD9-8B34-02A4AD984331}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\RM.exe
FirewallRules: [{17EB9731-BFE2-4C62-8BB7-6E3EF2BEB2C0}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\RM.exe
FirewallRules: [{A13C3E12-3990-4E29-890E-EBCE1EC7C63E}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\umi.exe
FirewallRules: [{05B2832E-8903-473A-BDDC-27C45DBCE3F9}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\umi.exe
FirewallRules: [{1500E8E9-C5C8-4137-BFE1-17647D9441D7}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\VideoSpin.exe
FirewallRules: [{E13F86CB-1627-4826-8CB7-866862A234D3}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\VideoSpin.exe
FirewallRules: [{21D11906-3568-4E5F-B995-45BC62E2485C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
08-01-2016 17:20:15 PROPLUSR
12-01-2016 20:07:28 PROPLUSR
16-01-2016 18:29:04 avast! antivirus system restore point
19-01-2016 19:21:24 Restore Point Created by FRST
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (01/19/2016 07:21:24 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.
Operace:
Shromažďování dat modulu pro zápis
Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {fc9f9f38-754c-403c-9a0e-431d96e5f416}
Error: (01/18/2016 10:53:29 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
Description: There was an error with the Windows Location Provider database
Error: (01/18/2016 10:09:38 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1 se nezdařilo. Chyba v souboru manifestu nebo zásad C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2 na řádku C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (01/18/2016 09:39:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Explorer.EXE verze 6.3.9600.17667 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID procesu: adc
Čas spuštění: 01d152183e06ba43
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Windows\Explorer.EXE
ID hlášení: 6e67cd9b-be23-11e5-8324-a4db30edd225
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (01/18/2016 09:31:12 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1 se nezdařilo. Chyba v souboru manifestu nebo zásad C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2 na řádku C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (01/18/2016 07:05:30 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program NOTEPAD.EXE verze 6.3.9600.17930 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID procesu: f30
Čas spuštění: 01d1521a624375e9
Čas ukončení: 15
Cesta k aplikaci: C:\Windows\system32\NOTEPAD.EXE
ID hlášení: 0ba78f90-be0e-11e5-8324-a4db30edd225
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (01/17/2016 08:51:01 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program LiveComm.exe verze 17.5.9600.20911 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID procesu: 14bc
Čas spuštění: 01d1515f9eb221c7
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe
ID hlášení: 98316eab-bd53-11e5-8322-a4db30edd225
Úplný název chybujícího balíčku: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: ppleae38af2e007f4358a809ac99a64a67c1
Error: (01/17/2016 07:05:49 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program backgroundTaskHost.exe verze 6.3.9600.17415 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID procesu: da0
Čas spuštění: 01d15150f3c0a66b
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Windows\system32\backgroundTaskHost.exe
ID hlášení: e83beac8-bd44-11e5-8322-a4db30edd225
Úplný název chybujícího balíčku: Skyscanner.Skyscanner_1.4.2.0_neutral__623c9he0pwcym
ID aplikace související s chybujícím balíčkem: App
Error: (01/17/2016 05:50:58 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program LiveComm.exe verze 17.5.9600.20911 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID procesu: cac
Čas spuštění: 01d151467ac715a4
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe
ID hlášení: 6e1060c6-bd3a-11e5-8322-a4db30edd225
Úplný název chybujícího balíčku: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: ppleae38af2e007f4358a809ac99a64a67c1
Error: (01/17/2016 05:43:04 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program LiveComm.exe verze 17.5.9600.20911 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID procesu: 14b8
Čas spuštění: 01d15144a03022ba
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe
ID hlášení: 52a0e98b-bd39-11e5-8322-a4db30edd225
Úplný název chybujícího balíčku: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: ppleae38af2e007f4358a809ac99a64a67c1
System errors:
=============
Error: (01/19/2016 07:28:09 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Služba Microsoft Office přestala během spouštění reagovat.
Error: (01/19/2016 07:26:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Panda Product Service neuspěla při spuštění v důsledku následující chyby:
%%2
Error: (01/19/2016 07:26:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Panda Protection Service neuspěla při spuštění v důsledku následující chyby:
%%2
Error: (01/19/2016 07:26:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba PSINReg neuspěla při spuštění v důsledku následující chyby:
%%2
Error: (01/19/2016 07:26:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba PSINProc neuspěla při spuštění v důsledku následující chyby:
%%2
Error: (01/19/2016 07:26:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba PSINFile neuspěla při spuštění v důsledku následující chyby:
%%2
Error: (01/19/2016 07:26:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba PSINProt neuspěla při spuštění v důsledku následující chyby:
%%2
Error: (01/19/2016 07:26:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba PSINAflt neuspěla při spuštění v důsledku následující chyby:
%%2
Error: (01/19/2016 07:23:22 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Správce služeb se pokusil o opravnou akci (Restartovat službu) po nečekaném ukončení služby Instalační služba modulů systému Windows, ale tato akce selhala kvůli následující chybě:
%%1056
Error: (01/19/2016 07:22:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba McAfee Firewall Core Service neuspěla při spuštění v důsledku následující chyby:
%%3
CodeIntegrity:
===================================
Date: 2014-10-19 22:25:44.263
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-10-19 22:25:44.118
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-10-19 22:25:43.982
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-10-19 22:25:43.838
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-10-19 22:25:43.660
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-10-19 22:25:43.525
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-10-19 22:25:43.393
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-10-19 22:25:43.260
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-10-19 22:25:43.115
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-10-19 22:25:42.984
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) CPU 2020M @ 2.40GHz
Percentage of memory in use: 48%
Total physical RAM: 3971.27 MB
Available physical RAM: 2061.43 MB
Total Virtual: 5443.27 MB
Available Virtual: 3394.14 MB
==================== Drives ================================
Drive c: (TI31216600A) (Fixed) (Total:454.95 GB) (Free:5.11 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt ============================
Ran by Pavla (2016-01-23 18:15:30)
Running from C:\Users\Pavla\Desktop
Windows 8.1 (X64) (2013-12-25 16:03:23)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2757677241-3423558724-1332677612-500 - Administrator - Disabled)
Guest (S-1-5-21-2757677241-3423558724-1332677612-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2757677241-3423558724-1332677612-1003 - Limited - Enabled)
Pavla (S-1-5-21-2757677241-3423558724-1332677612-1001 - Administrator - Enabled) => C:\Users\Pavla
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Out of date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Out of date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated)
Adobe Flash Player 20 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated)
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Advertising Center (x32 Version: 0.0.0.1 - Nero AG) Hidden
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 4.8.1245.73583 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 4.8.1245.73583 - Alcor Micro Corp.) Hidden
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
ArcSoft Panorama Maker 6 (HKLM-x32\...\{DABFD34E-BE68-4BC6-9254-5D7A7FF76B99}) (Version: 6.0.8.85 - ArcSoft)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Atheros)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.1.2245 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.13 - Piriform)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.20 - Piriform)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Dropbox (HKU\S-1-5-21-2757677241-3423558724-1332677612-1001\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
DTS Sound (HKLM-x32\...\{2DFA9084-CEB3-4A48-B9F7-9038FEF1B8F4}) (Version: 1.01.2700 - DTS, Inc.)
EasyCleaner (HKLM-x32\...\{F5346614-B7C4-4E94-826A-E2363155233D}) (Version: 2.0.6.380 - ToniArts)
Empress of the Deep - The Darkest Secret (x32 Version: 2.2.0.98 - WildTangent) Hidden
File Association Helper (HKLM\...\{572D0504-2C67-4016-801F-D70879A3026A}) (Version: 1.1.6.53763 - WinZip Computing International, LLC)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotolab Fotosvet (HKLM-x32\...\Fotolab Fotosvet) (Version: 5.1.7 - CEWE Stiftung u Co. KGaA)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.111 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
IDT Audio Driver (HKLM\...\{588A747E-CFF6-46B3-9207-CD754F9473AF}) (Version: 6.10.6491.0 - IDT)
Infinite HD™ App (HKU\S-1-5-21-2757677241-3423558724-1332677612-1001\...\Octoshape Streaming Services) (Version: - Octoshape ApS)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3282 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Island Tribe (x32 Version: 2.2.0.98 - WildTangent) Hidden
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java 7 Update 55 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417055FF}) (Version: 7.0.550 - Oracle)
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
KMSnano 24 (HKLM\...\KMSnano 24_is1) (Version: KMSnano 24 - )
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Microsoft Office 365 Home Premium - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 15.0.4551.1512 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2757677241-3423558724-1332677612-1001\...\OneDriveSetup.exe) (Version: 17.3.5930.0814 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Preview Redistributable (x64) - 12.0.20617 (HKLM-x32\...\{448652c1-f5f3-4230-98c6-68c10c88b1fb}) (Version: 12.0.20617.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Preview Redistributable (x86) - 12.0.20617 (HKLM-x32\...\{1f407217-9aec-4146-8504-e64ac959c534}) (Version: 12.0.20617.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 38.0.5 (x86 cs) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 cs)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0.5 - Mozilla)
MV2Player (remove only) (HKLM-x32\...\MV2Player) (Version: - )
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nero 9 Essentials (HKLM-x32\...\{fd6b1fd5-14bd-4103-b432-823a59d3ad38}) (Version: - Nero AG)
Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.1.0 - Nikon)
Nikon Movie Editor (HKLM-x32\...\{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}) (Version: 2.8.3 - Nikon)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Opera Stable 34.0.2036.50 (HKLM-x32\...\Opera 34.0.2036.50) (Version: 34.0.2036.50 - Opera Software)
Path of Exile (HKLM-x32\...\{90A4562F-D4A1-4B65-906D-41F236CF6902}) (Version: 2.1.1.50223 - Grinding Gear Games)
PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.2 - pdfforge)
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Picture Control Utility x64 (HKLM\...\{11953C65-BB4E-4CA4-B0F0-2600A4B20040}) (Version: 1.4.16 - Nikon)
Pinnacle VideoSpin (HKLM-x32\...\{FEB15887-0932-4D2D-BB85-6AC03FBF1AA8}) (Version: 2.0.0.669 - Pinnacle Systems)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.300 - Qualcomm Atheros)
Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
RollerCoaster Tycoon Deluxe (HKLM-x32\...\GOGPACKRTC_is1) (Version: 2.1.0.18 - GOG.com)
RonyaSoft Poster Designer (Poster Forge) 2.01 (HKLM-x32\...\RonyaSoft Poster Designer (Poster Forge)) (Version: 2.01 - RonyaSoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft)
Shape Collage (HKLM-x32\...\ShapeCollage) (Version: - Shape Collage Inc.)
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.5.1333.g822e0de8 - Spotify AB)
StepMania (remove only) (HKLM-x32\...\StepMania) (Version: - )
StepMania 4 alpha 4 (remove only) (HKLM-x32\...\StepMania 4) (Version: - )
StepMania v5.0 beta 3 (remove only) (HKLM-x32\...\StepMania 5) (Version: - StepMania Team)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.10.51 - Synaptics Incorporated)
TOSHIBA Addendum (HKLM-x32\...\{CE0374A6-B204-4336-8293-63FBB1DADBF4}) (Version: 1.00 - TOSHIBA)
TOSHIBA Desktop Assist (HKLM\...\{95CCACF0-010D-45F0-82BF-858643D8BC02}) (Version: 1.02.01.6407 - Toshiba Corporation)
TOSHIBA Display Utility (HKLM\...\{84FA4D2D-4273-4C66-BD3D-ADD3FE48DFA2}) (Version: 1.1.5.0 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.2.0.6404 - Toshiba Corporation)
TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.1.0001.6403 - Toshiba Corporation)
TOSHIBA Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.10 - TOSHIBA)
TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{78931270-BC9E-441A-A52B-73ECD4ACFAB5}) (Version: 3.00.344 - Toshiba Corporation)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.9.09.6400 - Toshiba Corporation)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.1.02.55065006 - Toshiba Corporation)
TOSHIBA Service Station (HKLM\...\{FBFCEEA5-96EA-4C8E-9262-43CBBEBAE413}) (Version: 2.6.8 - Toshiba Corporation)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0030 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.1.2.32001 - Toshiba Corporation)
Toshiba TEMPRO (HKLM-x32\...\{F76F5214-83A8-4030-80C9-1EF57391D72A}) (Version: 4.5.0 - Toshiba Europe GmbH)
TOSHIBA VIDEO PLAYER (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 5.3.27.102 - Toshiba Corporation)
Update for Skype for Business 2015 (KB3039776) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0405-0000-0000000FF1CE}_Office15.PROPLUSR_{AED52533-C34E-47F3-B905-68662D338FA0}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3114502) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{B4DBD8FE-927A-4BAF-9158-D71D2EE4C00F}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3114502) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0405-0000-0000000FF1CE}_Office15.PROPLUSR_{B4DBD8FE-927A-4BAF-9158-D71D2EE4C00F}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3114502) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{B4DBD8FE-927A-4BAF-9158-D71D2EE4C00F}) (Version: - Microsoft)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
ViewNX 2 (HKLM\...\{635BE602-BB9C-4C59-8CC5-93F9366E8A21}) (Version: 2.8.3 - Nikon)
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WildTangent Games App (Toshiba Games) (x32 Version: 4.0.9.7 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
WinRAR 5.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WinZip 18.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DF}) (Version: 18.0.10661 - WinZip Computing, S.L. )
Wondershare PDF Editor(Build 3.6.0) (HKLM-x32\...\{75BAE677-F65A-45A4-9931-363FE0CF5E58}_is1) (Version: 3.6.0.9 - Wondershare Software Co.,Ltd.)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2757677241-3423558724-1332677612-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Pavla\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2757677241-3423558724-1332677612-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Pavla\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2757677241-3423558724-1332677612-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Pavla\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2757677241-3423558724-1332677612-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Pavla\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2757677241-3423558724-1332677612-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Pavla\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {03B86559-CFE3-4CFF-BD81-626D2B998890} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-01-16] (Microsoft Corporation)
Task: {04247C40-9704-4AC5-9C23-BB9AAFA0419D} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-01-20] (AVAST Software)
Task: {1CCD7CDF-A0BE-46CB-8A99-59202FA5DEB6} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {1D3B0BA9-28AE-4D9B-A840-9B2AC6961E1C} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [2013-07-19] (Toshiba Europe GmbH)
Task: {58D7E1D0-DEFE-45B4-9024-FC890410D0EA} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_286_pepper.exe [2016-01-19] (Adobe Systems Incorporated)
Task: {5EE7D71E-3299-4D75-8454-06D949F35094} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2013-07-31] (TOSHIBA Corporation)
Task: {626FA9F4-0D7C-4ACE-9D3C-F39F51AF1549} - System32\Tasks\GoogleUpdateTaskMachineCore1d1508d9a4a428c => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-07] (Google Inc.)
Task: {75D5E061-2080-4ACE-90C7-E842E4B99451} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {77D5E11E-7D87-499A-A771-D449B37C9F8E} - System32\Tasks\Opera scheduled Autoupdate 1441650727 => C:\Program Files (x86)\Opera\launcher.exe [2016-01-18] (Opera Software)
Task: {78ED34BF-F63A-4FAE-A97A-3CF6ECC3DB2E} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {AC328EAF-C1D7-4260-9986-FC93BE66C888} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {B3C618EB-E36F-4F17-BFB8-8400960AC180} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-01-16] (AVAST Software)
Task: {BA48FCCD-F364-42BF-B684-E7B4DCC4D3D1} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {C1312C56-17DC-427B-8BDF-1782C4AA7E74} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-10-31] (Microsoft Corporation)
Task: {C21E7B6F-3EA5-4BE8-9B6F-13DCB7ACF2F5} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-01-17] (Microsoft Corporation)
Task: {C7E35841-A588-4C65-8098-DE1E88130F95} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-07] (Google Inc.)
Task: {CB647DD8-CF34-4A99-85A1-657649D68B32} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {D40BD2BF-AB93-40A7-B82B-7DEE009626DB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-19] (Adobe Systems Incorporated)
Task: {DF773D78-6FFD-4E74-80DF-7536C5EDF852} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-12-08] (Piriform Ltd)
Task: {EB1CE69E-C59F-4D76-A4FB-026D9FEA735C} - System32\Tasks\avastBCLRestart_chrome.exe => Chrome.exe
Task: {F771D8CA-7DA7-4DB2-99AD-45EF798B0526} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-07] (Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_286_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2013-03-27 21:53 - 2013-03-27 21:53 - 00163168 _____ () C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe
2013-09-10 21:54 - 2013-09-10 21:54 - 00019792 _____ () C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
2013-12-26 07:16 - 2013-08-23 14:45 - 00377512 _____ () C:\Program Files\Microsoft Office 15\ClientX64\c2rui.dll
2013-09-19 18:33 - 2013-08-12 18:52 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-07-19 03:38 - 2012-07-19 03:38 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll
2015-12-08 20:25 - 2015-12-08 20:25 - 00047616 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2015-07-03 14:29 - 2015-07-03 14:29 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\ErrorReporting.dll
2016-01-16 22:20 - 2016-01-16 22:20 - 00103888 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2016-01-16 22:20 - 2016-01-16 22:20 - 00125512 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-01-18 18:33 - 2016-01-18 18:33 - 02818048 _____ () C:\Program Files\AVAST Software\Avast\defs\16011800\algo.dll
2016-01-16 22:20 - 2016-01-16 22:20 - 00469008 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-01-21 12:14 - 2016-01-21 12:14 - 02818048 _____ () C:\Program Files\AVAST Software\Avast\defs\16012100\algo.dll
2016-01-23 18:11 - 2016-01-23 18:11 - 02818048 _____ () C:\Program Files\AVAST Software\Avast\defs\16012300\algo.dll
2014-02-23 18:20 - 2013-07-24 09:24 - 00137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2016-01-16 22:20 - 2016-01-16 22:20 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-11-14 19:15 - 2013-09-04 01:52 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-01-16 18:44 - 2016-01-12 17:35 - 01590088 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.111\libglesv2.dll
2016-01-16 18:44 - 2016-01-12 17:35 - 00087880 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.111\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
There are 7866 more sites.
IE restricted site: HKU\S-1-5-21-2757677241-3423558724-1332677612-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2757677241-3423558724-1332677612-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2757677241-3423558724-1332677612-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2757677241-3423558724-1332677612-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2757677241-3423558724-1332677612-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2757677241-3423558724-1332677612-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2757677241-3423558724-1332677612-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2757677241-3423558724-1332677612-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2757677241-3423558724-1332677612-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2757677241-3423558724-1332677612-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2757677241-3423558724-1332677612-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2757677241-3423558724-1332677612-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2757677241-3423558724-1332677612-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2757677241-3423558724-1332677612-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2757677241-3423558724-1332677612-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2757677241-3423558724-1332677612-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2757677241-3423558724-1332677612-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2757677241-3423558724-1332677612-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2757677241-3423558724-1332677612-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2757677241-3423558724-1332677612-1001\...\123simsen.com -> www.123simsen.com
There are 7866 more sites.
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2016-01-19 19:24 - 00000035 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2757677241-3423558724-1332677612-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Pavla\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\dscn2525.jpg
DNS Servers: 217.170.96.24 - 217.170.96.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2757677241-3423558724-1332677612-1001\...\StartupApproved\Run: => "msnmsgr"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{4DB0514A-BCD3-4301-AAEA-107C2D63B399}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{9E2B8E66-DA75-47D5-8F43-CD949972E95B}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{525BB892-8E10-49CA-8CEC-F59CAF8394BC}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{28C68800-6C90-4C16-BF60-E7513E6E13D9}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{508B9B03-1E37-4302-83E9-59F099C55D66}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{701CBB07-40C8-40E1-8B2D-A896D4AB91BB}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{94B40D01-F1B9-40A5-ABF8-925A6C2B67FA}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{9D70DC01-24EA-43C3-8244-1FBCE3C23F90}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{37AA5A39-77A2-488A-B2E5-40C26268A14A}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{046E9879-9DF0-49BE-AA3B-A6A11ADBF43E}] => (Allow) C:\Program Files\KMSnano\qemu-system-i386.exe
FirewallRules: [{14864A44-520E-4750-BF2B-E7CD0EEA1356}] => (Allow) C:\Program Files\KMSnano\qemu-system-i386.exe
FirewallRules: [TCP Query User{E4FB2B5F-004F-4C06-B0E9-4494E05F39FB}C:\program files (x86)\stepmania 4\program\stepmania.exe] => (Block) C:\program files (x86)\stepmania 4\program\stepmania.exe
FirewallRules: [UDP Query User{1020EA9E-1844-40D4-8CCE-7A3D3C6540AD}C:\program files (x86)\stepmania 4\program\stepmania.exe] => (Block) C:\program files (x86)\stepmania 4\program\stepmania.exe
FirewallRules: [{FAF864A6-D078-4867-BD3B-C84A5C2F4517}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{1B1E9D33-ED5B-4AFD-A667-C86B3122DA60}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{C97BAE22-BD67-4AED-A3A7-99E48E0219A5}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{BD54B5A2-0B69-4A85-AEC2-EA7CEE456220}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{19E9D4F0-7E04-40B4-816B-060A433EA61E}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{E8622146-BCBE-4ABE-BC4F-194C2470ACBD}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{3F56A7FE-0CB9-465F-9E22-F22A3A25B8F9}] => (Allow) C:\Users\Pavla\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{3570807E-0699-405A-AC8A-12E2899FF8D7}] => (Allow) C:\Users\Pavla\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{93E94B24-0A27-4C6D-9B4E-433B35102E46}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{B1D42ECB-2766-47C6-BD88-91EF3AACFD49}] => (Allow) LPort=2869
FirewallRules: [{B222E807-AE56-4851-8C5A-AC1F40D38A83}] => (Allow) LPort=1900
FirewallRules: [{C336A08E-975A-4F54-9A73-0E6BE9A9DD9F}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{50F2A713-DF35-43A1-A351-44D7D7C2B4AB}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{C071577F-67D9-485C-A191-CDBE2C772EDE}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{B250B3FD-AFDA-4F09-B632-71530FD00E8E}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{C6452778-4F4C-46CD-A152-763AE5FD6C45}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{C091E8A4-2781-4DED-9F50-A3FD33FF3811}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{EACEFA12-AB58-465C-82CF-CC33AB664A0D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [TCP Query User{67DA7855-3485-4584-ADE8-F0BC95F28192}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{C47D1B82-36EF-462A-98C4-4A1840E00757}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{75A72660-E05F-4393-BF55-ACC54EF23294}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1508D907-E7EE-4622-988E-AD6B74716E98}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{EAD61066-70D0-4DD9-8B34-02A4AD984331}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\RM.exe
FirewallRules: [{17EB9731-BFE2-4C62-8BB7-6E3EF2BEB2C0}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\RM.exe
FirewallRules: [{A13C3E12-3990-4E29-890E-EBCE1EC7C63E}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\umi.exe
FirewallRules: [{05B2832E-8903-473A-BDDC-27C45DBCE3F9}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\umi.exe
FirewallRules: [{1500E8E9-C5C8-4137-BFE1-17647D9441D7}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\VideoSpin.exe
FirewallRules: [{E13F86CB-1627-4826-8CB7-866862A234D3}] => (Allow) C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\VideoSpin.exe
FirewallRules: [{21D11906-3568-4E5F-B995-45BC62E2485C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
08-01-2016 17:20:15 PROPLUSR
12-01-2016 20:07:28 PROPLUSR
16-01-2016 18:29:04 avast! antivirus system restore point
19-01-2016 19:21:24 Restore Point Created by FRST
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (01/19/2016 07:21:24 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.
Operace:
Shromažďování dat modulu pro zápis
Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {fc9f9f38-754c-403c-9a0e-431d96e5f416}
Error: (01/18/2016 10:53:29 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
Description: There was an error with the Windows Location Provider database
Error: (01/18/2016 10:09:38 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1 se nezdařilo. Chyba v souboru manifestu nebo zásad C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2 na řádku C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (01/18/2016 09:39:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Explorer.EXE verze 6.3.9600.17667 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID procesu: adc
Čas spuštění: 01d152183e06ba43
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Windows\Explorer.EXE
ID hlášení: 6e67cd9b-be23-11e5-8324-a4db30edd225
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (01/18/2016 09:31:12 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1 se nezdařilo. Chyba v souboru manifestu nebo zásad C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2 na řádku C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (01/18/2016 07:05:30 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program NOTEPAD.EXE verze 6.3.9600.17930 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID procesu: f30
Čas spuštění: 01d1521a624375e9
Čas ukončení: 15
Cesta k aplikaci: C:\Windows\system32\NOTEPAD.EXE
ID hlášení: 0ba78f90-be0e-11e5-8324-a4db30edd225
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (01/17/2016 08:51:01 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program LiveComm.exe verze 17.5.9600.20911 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID procesu: 14bc
Čas spuštění: 01d1515f9eb221c7
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe
ID hlášení: 98316eab-bd53-11e5-8322-a4db30edd225
Úplný název chybujícího balíčku: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: ppleae38af2e007f4358a809ac99a64a67c1
Error: (01/17/2016 07:05:49 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program backgroundTaskHost.exe verze 6.3.9600.17415 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID procesu: da0
Čas spuštění: 01d15150f3c0a66b
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Windows\system32\backgroundTaskHost.exe
ID hlášení: e83beac8-bd44-11e5-8322-a4db30edd225
Úplný název chybujícího balíčku: Skyscanner.Skyscanner_1.4.2.0_neutral__623c9he0pwcym
ID aplikace související s chybujícím balíčkem: App
Error: (01/17/2016 05:50:58 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program LiveComm.exe verze 17.5.9600.20911 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID procesu: cac
Čas spuštění: 01d151467ac715a4
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe
ID hlášení: 6e1060c6-bd3a-11e5-8322-a4db30edd225
Úplný název chybujícího balíčku: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: ppleae38af2e007f4358a809ac99a64a67c1
Error: (01/17/2016 05:43:04 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program LiveComm.exe verze 17.5.9600.20911 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID procesu: 14b8
Čas spuštění: 01d15144a03022ba
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe
ID hlášení: 52a0e98b-bd39-11e5-8322-a4db30edd225
Úplný název chybujícího balíčku: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: ppleae38af2e007f4358a809ac99a64a67c1
System errors:
=============
Error: (01/19/2016 07:28:09 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Služba Microsoft Office přestala během spouštění reagovat.
Error: (01/19/2016 07:26:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Panda Product Service neuspěla při spuštění v důsledku následující chyby:
%%2
Error: (01/19/2016 07:26:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Panda Protection Service neuspěla při spuštění v důsledku následující chyby:
%%2
Error: (01/19/2016 07:26:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba PSINReg neuspěla při spuštění v důsledku následující chyby:
%%2
Error: (01/19/2016 07:26:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba PSINProc neuspěla při spuštění v důsledku následující chyby:
%%2
Error: (01/19/2016 07:26:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba PSINFile neuspěla při spuštění v důsledku následující chyby:
%%2
Error: (01/19/2016 07:26:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba PSINProt neuspěla při spuštění v důsledku následující chyby:
%%2
Error: (01/19/2016 07:26:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba PSINAflt neuspěla při spuštění v důsledku následující chyby:
%%2
Error: (01/19/2016 07:23:22 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Správce služeb se pokusil o opravnou akci (Restartovat službu) po nečekaném ukončení služby Instalační služba modulů systému Windows, ale tato akce selhala kvůli následující chybě:
%%1056
Error: (01/19/2016 07:22:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba McAfee Firewall Core Service neuspěla při spuštění v důsledku následující chyby:
%%3
CodeIntegrity:
===================================
Date: 2014-10-19 22:25:44.263
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-10-19 22:25:44.118
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-10-19 22:25:43.982
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-10-19 22:25:43.838
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-10-19 22:25:43.660
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-10-19 22:25:43.525
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-10-19 22:25:43.393
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-10-19 22:25:43.260
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-10-19 22:25:43.115
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-10-19 22:25:42.984
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) CPU 2020M @ 2.40GHz
Percentage of memory in use: 48%
Total physical RAM: 3971.27 MB
Available physical RAM: 2061.43 MB
Total Virtual: 5443.27 MB
Available Virtual: 3394.14 MB
==================== Drives ================================
Drive c: (TI31216600A) (Fixed) (Total:454.95 GB) (Free:5.11 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt ============================
Přispějete na provoz fóra?