Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Kontrola logu

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
Prometheus4
Návštěvník
Návštěvník
Příspěvky: 6
Registrován: 26 led 2016 13:08

Kontrola logu

#1 Příspěvek od Prometheus4 »

Dobrý den,

Průběžně se mi instalují programy, které zobrazují nevyžádanou reklamu a nestačím je mazat. Mohl bych Vás tímto poprosit o kontrolu logu?

Dle zdejší nejčastější rady jsem použil AdwCleaner a po restartování a fixnutí všech položek se opět veškerá havěť nastahovala.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:25-01-2016
Ran by tomas.kratochvil (administrator) on 70M2VY1KRATTOM (26-01-2016 12:44:09)
Running from C:\Users\tomas.kratochvil\Desktop
Loaded Profiles: tomas.kratochvil (Available Profiles: install & tomas.kratochvil & Administrator)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Wave Systems Corp.) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(CobianSoft, Luis Cobian) C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe
() C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe
(ESET) C:\Program Files\ESET\RemoteAdministrator\Agent\ERAAgent.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
(Microsoft Corporation) C:\Windows\System32\inetsrv\inetinfo.exe
(Authentec Inc.) C:\Program Files\Common Files\SPBA\upeksvr.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\nalserv.exe
() C:\Windows\System32\NA_Service.exe
() C:\Windows\System32\ModbusDrvSys.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe
(Dell, Inc.) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\hapi64\pbadrvsvc.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Wave Systems Corp.) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Dell Inc.) C:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Antivirus\egui.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Dell Computer Corporation) C:\dell\DBRM\Reminder\DbrmTrayicon.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE
() C:\Windows\System32\ModbusDrv.exe
() C:\Program Files (x86)\RSSOwl\RSSOwl.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
() C:\Program Files (x86)\Intel\Rs.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\Bluetooth Headset Helper.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_20_0_0_286.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_20_0_0_286.exe
(Ghisler Software GmbH) C:\Program Files\Total Commander\TOTALCMD64.EXE
(ComAp) C:\Program Files (x86)\ComAp PC Suite\InteliMonitor\InteliMonitor.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\wbengine.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(STA) C:\Program Files (x86)\MTV20151125\MTview.exe
(STA) C:\Program Files (x86)\MTV20151125\bugreport.exe
() C:\Program Files (x86)\t_201601261224\201601261224\tslog.exe
() C:\Program Files (x86)\t_201601261224\201601261224\lgs.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
() C:\Program Files (x86)\t_201601261224\201601261224\lsas.exe
(Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\11.2.17063.223\QQPCRTP.exe
(Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\11.2.17063.223\QQPCTray.exe
(Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\11.2.17063.223\plugins\QMNetMon\QQPCNetFlow.exe
(Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\11.2.17063.223\QQPCRealTimeSpeedup.exe
(腾讯公司) C:\Users\tomas.kratochvil\AppData\Roaming\Tencent\AndroidServer\1.0.0.509\AndroidServer.exe
(Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\11.2.17063.223\QMAutoClean.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [708952 2013-07-08] (Alps Electric Co., Ltd.)
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [Copy Handler] => [X]
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-08-16] (IDT, Inc.)
HKLM\...\Run: [DBRMTray] => C:\Dell\DBRM\Reminder\DbrmTrayIcon.exe [227328 2011-03-08] (Dell Computer Corporation)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [453736 2013-02-19] (CANON INC.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Rs] => C:\Program Files (x86)\Intel\Rs.exe [188416 2015-12-05] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1085656 2015-12-13] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ QQPCTray] => C:\Program Files (x86)\Tencent\QQPCMgr\11.2.17063.223\QQPCTray.exe [355296 2016-01-26] (Tencent)
HKLM-x32\...\Run: [MTview] => C:\Program Files (x86)\MTV20151125\MTView.exe [1875464 2015-11-25] (STA)
HKLM\...\RunOnce: [DBRMTray] => C:\Dell\DBRM\Reminder\TrayApp.exe [7168 2010-02-05] (Microsoft)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
Winlogon\Notify\spba: C:\Program Files\Common Files\SPBA\homefus2.dll (Authentec Inc.)
HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22790776 2015-11-04] (Google)
HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [5583120 2015-02-27] (Disc Soft Ltd)
HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50385536 2015-12-17] (Skype Technologies S.A.)
HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\...\Run: [lsas] => C:\Program Files (x86)\t_201601261224\201601261224\lsas.exe [554496 2016-01-26] ()
HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\...\MountPoints2: {0ec9c726-d44a-11e4-a1ef-a4db302307b8} - G:\SETUP.EXE
HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\...\MountPoints2: {0ec9c749-d44a-11e4-a1ef-a4db302307b8} - G:\SETUP.EXE
HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\...\MountPoints2: {31d298d0-1f1f-11e5-ac72-a4db302307b8} - J:\DriverPackSolution.exe
HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\...\MountPoints2: {620fbe4f-d790-11e4-8844-a4db302307b8} - G:\SETUP.EXE
HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\...\MountPoints2: {8be5f2c7-15a8-11e5-8148-a4db302307b8} - G:\AutoRun.exe
HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\...\MountPoints2: {8be5f311-15a8-11e5-8148-a4db302307b8} - G:\AutoRun.exe
HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\...\MountPoints2: {a4170126-7cf8-11e3-85fc-a4db302307b8} - F:\NokiaPCIA_Autorun.exe
HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\...\MountPoints2: {c8adc4d8-cc69-11e4-8756-a4db302307b8} - G:\DriverPackSolution.exe
HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\...\MountPoints2: {c8adc552-cc69-11e4-8756-a4db302307b8} - G:\DriverPackSolution.exe
HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\...\MountPoints2: {c8adc6d5-cc69-11e4-8756-a4db302307b8} - G:\DriverPackSolution.exe
HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\...\MountPoints2: {d28b8d0c-a93d-11e4-a31d-a4db302307b8} - G:\DriverPackSolution.exe
HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\...\MountPoints2: {d28b9202-a93d-11e4-a31d-a4db302307b8} - G:\DriverPackSolution.exe
HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\...\MountPoints2: {dfa51f33-da2f-11e4-b5ec-a4db302307b8} - G:\SETUP.EXE
HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\...\MountPoints2: {ff840c52-4575-11e5-8254-a4db302307b8} - I:\SETUP.EXE
Lsa: [Authentication Packages] msv1_0 wvauth
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => C:\Program Files (x86)\Tencent\QQPCMgr\11.2.17063.223\QMGCShellExt64.dll [2016-01-26] (Tencent)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2013-02-08] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [EnabledUnlockedFDEIconOverlay] -> {30D3C2AF-9709-4D05-9CF4-13335F3C1E4A} => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll [2013-03-05] (Wave Systems Corp.)
ShellIconOverlayIdentifiers: [UninitializedFdeIconOverlay] -> {CF08DA3E-C97D-4891-A66B-E39B28DD270F} => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll [2013-03-05] (Wave Systems Corp.)
Startup: C:\Users\administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Smart Settings.lnk [2013-11-06]
ShortcutTarget: Smart Settings.lnk -> C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe (Dell Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2013-11-06]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Smart Settings.lnk [2013-11-06]
ShortcutTarget: Smart Settings.lnk -> C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe (Dell Inc.)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Smart Settings.lnk [2013-11-06]
ShortcutTarget: Smart Settings.lnk -> C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe (Dell Inc.)
Startup: C:\Users\install\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Smart Settings.lnk [2013-11-06]
ShortcutTarget: Smart Settings.lnk -> C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe (Dell Inc.)
Startup: C:\Users\tomas.kratochvil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Outlook 2013 – kopie.lnk [2014-01-07]
ShortcutTarget: Outlook 2013 – kopie.lnk -> C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE (Microsoft Corporation)
Startup: C:\Users\tomas.kratochvil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RSSOwl.lnk [2015-12-04]
ShortcutTarget: RSSOwl.lnk -> C:\Program Files (x86)\RSSOwl\RSSOwl.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 10 C:\Windows\SysWOW64\PrxerNsp.dll [84040 2015-03-28] ()
Winsock: Catalog5-x64 10 C:\Windows\system32\PrxerNsp.dll [96840 2015-03-28] ()
Tcpip\Parameters: [DhcpNameServer] 172.27.1.1 172.27.1.2
Tcpip\..\Interfaces\{2B30C851-6942-44A4-9D43-139612EFB020}: [DhcpNameServer] 172.30.6.129
Tcpip\..\Interfaces\{B895CAD4-79DD-4A6D-897E-CBFC274AA7F9}: [DhcpNameServer] 172.27.1.1 172.27.1.2
Tcpip\..\Interfaces\{E5A43645-1868-4E21-ADAF-BFDE088B74D1}: [NameServer] 192.168.60.80,194.228.41.65

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.hao123.com/?tn=98364621_hao_pg
HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.hao123.com/?tn=98364621_hao_pg
HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2703931844-3940718246-3090366172-2529 -> DefaultScope {3450C047-7FEB-446A-B991-6302F1BE523B} URL =
SearchScopes: HKU\S-1-5-21-2703931844-3940718246-3090366172-2529 -> {3450C047-7FEB-446A-B991-6302F1BE523B} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-12-17] (Microsoft Corporation)
BHO: 电脑管家网页防火墙 -> {7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B} -> C:\Program Files (x86)\Tencent\QQPCMgr\11.2.17063.223\TSWebMon64.dat [2016-01-26] (Tencent)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2016-01-22] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-01-22] (Microsoft Corporation)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Adobe Acrobat Create PDF Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2016-01-22] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-25] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated)
DPF: HKLM-x32 {944982D2-A08B-4558-BBED-33FDCEF90451} hxxp://neso1/Eso9Supp.net/LIB/CAB/Eso9Client1.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\tomas.kratochvil\AppData\Roaming\Mozilla\Firefox\Profiles\d7c20eb0.default-1444380498779
FF SelectedSearchEngine:
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll [2016-01-20] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-01-20] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-11-13] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-11-13] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-25] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-01-07] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @qq.com/QQPCMgr -> C:\Program Files (x86)\Tencent\QQPCMgr\11.2.17063.223\npQMExtensionsMozilla.dll [2016-01-26] (Tencent Technology (Shenzhen) Company Limited)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-12-17] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems)
FF Plugin HKU\S-1-5-21-2703931844-3940718246-3090366172-2529: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\tomas.kratochvil\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-2703931844-3940718246-3090366172-2529: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\tomas.kratochvil\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-28] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2703931844-3940718246-3090366172-2529: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=3 -> C:\Users\tomas.kratochvil\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\npEpicUpdate3.dll [No File]
FF Plugin HKU\S-1-5-21-2703931844-3940718246-3090366172-2529: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=9 -> C:\Users\tomas.kratochvil\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\npEpicUpdate3.dll [No File]
FF Extension: ReloadEvery - C:\Users\tomas.kratochvil\AppData\Roaming\Mozilla\Firefox\Profiles\d7c20eb0.default-1444380498779\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi [2015-10-13]
FF Extension: ChatZilla - C:\Users\tomas.kratochvil\AppData\Roaming\Mozilla\Firefox\Profiles\d7c20eb0.default-1444380498779\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2} [2015-10-13]
FF Extension: Update Scanner - C:\Users\tomas.kratochvil\AppData\Roaming\Mozilla\Firefox\Profiles\d7c20eb0.default-1444380498779\extensions\{c07d1a49-9894-49ff-a594-38960ede8fb9}.xpi [2015-10-13]
FF Extension: Blend In - C:\Users\tomas.kratochvil\AppData\Roaming\Mozilla\Firefox\Profiles\d7c20eb0.default-1444380498779\extensions\{0aa26703-f666-467e-bbcb-0201dc49725c}.xpi [2016-01-14]
FF Extension: Flash Video Downloader - YouTube HD Download [4K] - C:\Users\tomas.kratochvil\AppData\Roaming\Mozilla\Firefox\Profiles\d7c20eb0.default-1444380498779\extensions\artur.dubovoy@gmail.com [2016-01-19]
FF Extension: NeoBux AdAlert - C:\Users\tomas.kratochvil\AppData\Roaming\Mozilla\Firefox\Profiles\d7c20eb0.default-1444380498779\extensions\{eb80b076-a444-444c-a590-5aee5d977d80}.xpi [2016-01-19]
FF Extension: Český slovník pro kontrolu pravopisu - C:\Users\tomas.kratochvil\AppData\Roaming\Mozilla\Firefox\Profiles\d7c20eb0.default-1444380498779\Extensions\cs@dictionaries.addons.mozilla.org [2016-01-11]
FF Extension: British English Dictionary (Updated) - C:\Users\tomas.kratochvil\AppData\Roaming\Mozilla\Firefox\Profiles\d7c20eb0.default-1444380498779\Extensions\en-gb@flyingtophat.co.uk [2015-10-10] [not signed]
FF Extension: APK Downloader - C:\Users\tomas.kratochvil\AppData\Roaming\Mozilla\Firefox\Profiles\d7c20eb0.default-1444380498779\Extensions\jid1-6MGm94JnyY2VkA@jetpack.xpi [2016-01-05]
FF Extension: NeoBuxOx - C:\Users\tomas.kratochvil\AppData\Roaming\Mozilla\Firefox\Profiles\d7c20eb0.default-1444380498779\Extensions\jid1-pWGQEEt2toKZZQ@jetpack.xpi [2016-01-19]
FF Extension: Rapportive - C:\Users\tomas.kratochvil\AppData\Roaming\Mozilla\Firefox\Profiles\d7c20eb0.default-1444380498779\Extensions\rapportive@rapportive.com.xpi [2015-12-21]
FF Extension: TotalSpoof - C:\Users\tomas.kratochvil\AppData\Roaming\Mozilla\Firefox\Profiles\d7c20eb0.default-1444380498779\Extensions\totalspoof@fonk.wz.cz.xpi [2015-12-20]
FF Extension: Bamboo Feed Reader - C:\Users\tomas.kratochvil\AppData\Roaming\Mozilla\Firefox\Profiles\d7c20eb0.default-1444380498779\Extensions\{b2e69492-2358-071a-7056-24ad0c3defb1} [2016-01-22]
FF Extension: Adblock Plus - C:\Users\tomas.kratochvil\AppData\Roaming\Mozilla\Firefox\Profiles\d7c20eb0.default-1444380498779\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-01-20]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2015-08-18] [not signed]

Chrome:
=======
CHR Profile: C:\Users\tomas.kratochvil\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\tomas.kratochvil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-07]
CHR Extension: (Google Docs) - C:\Users\tomas.kratochvil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-07]
CHR Extension: (Google Drive) - C:\Users\tomas.kratochvil\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-30]
CHR Extension: (Gliffy Diagrams) - C:\Users\tomas.kratochvil\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmicilclplefnflapjmnngmkkkkpfad [2015-08-31]
CHR Extension: (YouTube) - C:\Users\tomas.kratochvil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-10]
CHR Extension: (Google Search) - C:\Users\tomas.kratochvil\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-30]
CHR Extension: (Adobe Acrobat) - C:\Users\tomas.kratochvil\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2015-11-10]
CHR Extension: (Google Sheets) - C:\Users\tomas.kratochvil\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-07]
CHR Extension: (Google Docs Offline) - C:\Users\tomas.kratochvil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-27]
CHR Extension: (feedly) - C:\Users\tomas.kratochvil\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipbfijinpcgfogaopmgehiegacbhmob [2015-10-09]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\tomas.kratochvil\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-08-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\tomas.kratochvil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-19]
CHR Extension: (电脑管家上网防护) - C:\Users\tomas.kratochvil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooebklgpfnbcnpokahmdidgbmlcdepkm [2016-01-26]
CHR Extension: (Gmail) - C:\Users\tomas.kratochvil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-07]
CHR HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2012-09-23]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 becldr3Service; C:\Program Files (x86)\BCL Technologies\easyConverter SDK 3\Common\becldr.exe [225280 2013-11-06] () [File not signed]
R2 cbVSCService11; C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe [67584 2013-03-07] (CobianSoft, Luis Cobian) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2787512 2015-12-22] (Microsoft Corporation)
R2 DFEPService; C:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe [2280504 2012-08-15] (Dell Inc.)
R2 DirMngr; C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [216576 2015-09-09] () [File not signed]
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272592 2015-02-27] (Disc Soft Ltd)
S3 EHttpSrv; C:\Program Files\ESET\ESET Endpoint Antivirus\ehttpsrv.exe [41160 2015-02-16] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe [1566424 2015-02-16] (ESET)
R2 EmbassyService; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe [231792 2013-03-11] ()
R2 EraAgentSvc; C:\Program Files\ESET\RemoteAdministrator\Agent\ERAAgent.exe [2685640 2015-02-17] (ESET)
S3 eshasrv; C:\Program Files\ESET\ESET Endpoint Antivirus\eshasrv.exe [183496 2015-02-16] (ESET)
R2 ftpsvc; C:\Windows\system32\inetsrv\ftpsvc.dll [350720 2012-06-01] (Microsoft Corporation)
R2 hasplms; C:\Windows\system32\hasplms.exe [4683144 2014-06-02] (SafeNet Inc.)
S4 hMailServer; C:\Program Files (x86)\hMailServer\Bin\hMailServer.exe [4512768 2015-07-09] (hMailServer) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319080 2015-04-29] (Intel Corporation)
R2 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [15872 2010-11-21] (Microsoft Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
S4 InvProtectSvc; C:\Program Files (x86)\Invincea\Enterprise\X64\InvProtectSvc64.exe [2947856 2013-07-30] (Invincea, Inc.)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-11-13] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-07-17] ()
R2 NalServ; C:\Windows\SysWOW64\nalserv.exe [147056 2014-11-07] (Nalpeiron Ltd.)
R2 NA_Service; C:\Windows\system32\NA_Service.exe [105472 2012-06-06] () [File not signed]
S4 O2FLASH; C:\Windows\system32\o2flash.exe [244328 2011-11-16] (O2Micro International)
S4 O2SDIOAssist; C:\Windows\SysWOW64\srvany.exe [8192 2003-04-18] () [File not signed]
S4 OpenVpnLauncher; C:\Program Files (x86)\eWON\eGrabIt\OpenVpnService.exe [86016 2013-08-23] (eWON s.a.) [File not signed]
S4 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [37176 2013-08-22] (The OpenVPN Project)
R2 PbaDrvSvc_x64; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\hapi64\pbadrvsvc.exe [21504 2013-01-21] (Dell, Inc.) [File not signed]
R2 QQPCRTP; C:\Program Files (x86)\Tencent\QQPCMgr\11.2.17063.223\QQPCRTP.exe [301728 2016-01-26] (Tencent)
S3 SboxSvc; C:\Program Files (x86)\Invincea\Enterprise\Sandbox\SboxSvc.exe [124616 2013-07-30] ()
S4 Sdl.ProductTelemetrics.v1; C:\Program Files (x86)\Common Files\SDL\Telemetrics\Sdl.Desktop.ProductTelemetrics.Host.Windows.exe [12288 2015-06-17] (SDL) [File not signed]
S2 tcsd_win32.exe; C:\Program Files (x86)\Security Innovation\SI TSS\bin\tcsd_win32.exe [1643520 2012-05-11] () [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6889232 2015-12-14] (TeamViewer GmbH)
S3 VsEtwService120; C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation)
R2 Wave Authentication Manager Service; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe [1773056 2013-02-26] (Wave Systems Corp.) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-11-06] (Microsoft Corporation)
S3 WMSVC; C:\Windows\system32\inetsrv\wmsvc.exe [10752 2009-07-14] (Microsoft Corporation)
S2 WvPCR; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Common\WvPCR.exe [254824 2013-03-08] (Wave Systems Corp.)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3377904 2013-07-17] (Intel® Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [135720 2013-11-06] (Broadcom Corporation.)
R3 dcdbas; C:\Windows\System32\DRIVERS\dcdbas64.sys [39016 2012-09-23] (Dell Inc.)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30352 2015-04-13] (Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [243464 2015-02-02] (ESET)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [177032 2015-02-02] (ESET)
S3 em52x; C:\Windows\System32\Drivers\em52x.sys [23792 2008-08-18] ()
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [159992 2015-02-02] (ESET)
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [331608 2014-06-02] (SafeNet Inc.)
R3 hhdspmc64; C:\Windows\System32\DRIVERS\hhdspmc64.sys [39472 2010-10-13] (HHD Software Ltd.)
S3 InvProtectDrv; C:\Program Files (x86)\Invincea\Enterprise\X64\InvProtectDrv64.sys [34824 2013-07-30] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-01-26] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
S3 Mbm3CBus; C:\Windows\System32\DRIVERS\Mbm3CBus.sys [419400 2013-09-09] (MCCI Corporation)
S3 Mbm3DevMt; C:\Windows\System32\DRIVERS\Mbm3DevMt.sys [453960 2012-10-02] (MCCI Corporation)
S3 Mbm3mdfl; C:\Windows\System32\DRIVERS\Mbm3mdfl.sys [21832 2012-10-02] (MCCI Corporation)
S3 Mbm3Mdm; C:\Windows\System32\DRIVERS\Mbm3Mdm.sys [506184 2012-10-02] (MCCI Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-11-13] (Intel Corporation)
R2 mgdrv; C:\Windows\system32\drivers\mgdrv.sys [56344 2011-03-22] (Moxa Inc. )
S3 MOSUMAC; C:\Windows\System32\DRIVERS\M7830A64.SYS [48128 2008-07-25] (--)
S3 mxuwdrv2; C:\Windows\System32\DRIVERS\mxuwdrv2.sys [83480 2009-04-27] (Moxa Inc.)
R3 NETwNs64; C:\Windows\System32\DRIVERS\NETwsw01.sys [11534096 2015-05-04] (Intel Corporation)
R2 npdrv; C:\Windows\system32\drivers\npdrv.sys [61176 2011-04-19] (Moxa Inc. )
R2 npdrvfilter; C:\Windows\system32\drivers\npdrvfilter.sys [42232 2011-02-15] (Moxa Inc. )
S3 NSNDIS5; C:\Windows\SysWOW64\NSNDIS5.SYS [17280 2004-03-24] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
R0 phmburnr; C:\Windows\System32\DRIVERS\phmburnr.sys [53328 2010-06-14] (Phantombility, Inc)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19032 2012-08-20] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12384 2012-08-20] ()
R1 QMUdisk; C:\Program Files (x86)\Tencent\QQPCMgr\11.2.17063.223\QMUdisk64.sys [162104 2016-01-12] (Tencent)
R2 QQSysMonX64; C:\Program Files (x86)\Tencent\QQPCMgr\11.2.17063.223\QQSysMonX64.sys [138040 2016-01-26] (电脑管家)
S3 SboxDrv; C:\Program Files (x86)\Invincea\Enterprise\Sandbox\SboxDrv.sys [202248 2013-07-30] ()
R1 softaal; C:\Program Files (x86)\Tencent\QQPCMgr\11.2.17063.223\softaal64.sys [35128 2016-01-26] (Tencent)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381608 2015-04-25] (Duplex Secure Ltd.)
R3 ST_ACCEL; C:\Windows\System32\DRIVERS\ST_ACCEL.sys [68208 2012-05-21] (STMicroelectronics)
R3 TAOAccelerator; C:\Windows\system32\Drivers\TAOAccelerator64.sys [88632 2016-01-26] (Tencent)
R1 TAOKernelDriver; C:\Windows\system32\Drivers\TAOKernel64.sys [131896 2016-01-26] (Tencent Technology(Shenzhen) Company Limited)
R3 TFsFlt; C:\Windows\System32\Drivers\TFsFltX64.sys [87864 2016-01-26] (电脑管家)
R1 TSDefenseBt; C:\Program Files (x86)\Tencent\QQPCMgr\11.2.17063.223\TSDefenseBT64.sys [28984 2016-01-26] (Tencent)
R3 TSSKX64; C:\Windows\System32\drivers\tsskx64.sys [38200 2016-01-26] (电脑管家)
R1 TSSysKit; C:\Program Files (x86)\Tencent\QQPCMgr\11.2.17063.223\TSSysKit64.sys [87352 2016-01-26] (电脑管家)
R3 usb3Hub; C:\Windows\System32\DRIVERS\usb3Hub.sys [47072 2012-10-10] (Windows (R) Win 7 DDK provider)
S3 USBCAN; C:\Windows\System32\DRIVERS\usbcan.sys [40216 2014-01-06] (SYS TEC electronic GmbH)
S3 USBCANL4; C:\Windows\System32\DRIVERS\usbcanl4.sys [76056 2014-01-06] (SYS TEC electronic GmbH)
R3 XHCIPort; C:\Windows\System32\DRIVERS\XHCIPort.sys [188896 2012-10-10] (Windows (R) Win 7 DDK provider)
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 PCDSRVC{3B54B31B-D06B6431-06020200}_0; \??\c:\program files\dell\supportassist\pcdsrvc_x64.pkms [X]
S3 SliceDisk5; \??\C:\Users\tomas.kratochvil\AppData\Local\Temp\HBCD\PartitionFindAndMount\slicedisk-x64.sys [X]
S2 tsnethlpx64; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\TsNetHlpX64.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]

========================== Drivers MD5 =======================

C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\drivers\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys 9A4A1EEE802BF2F878EE8EAB407B21B7
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aksdf.sys 3190C577746303CA4C65114441192FE2
C:\Windows\system32\drivers\aksfridge.sys 9816FB249F0D9C2DC982C6AF8213B019
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdk8.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\drivers\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\System32\DRIVERS\Apfiltr.sys 8F67421782B5D818247AA559718D664B
C:\Windows\system32\drivers\appid.sys 27DABFB4A6B0140C34DBEC713469592B
C:\Windows\system32\drivers\arc.sys ==> MD5 is legit
C:\Windows\system32\drivers\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\system32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ATSwpWDF.sys FB30E32B4E6E5D9E2DE4231DDF4FBB11
C:\Windows\system32\drivers\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\BazisVirtualCDBus.sys 326E77EA6E9BF27C7CD2837D65DB96C7
C:\Windows\System32\drivers\bcbtums.sys BC88D56376CCFAF08BE25E33A7046D1F
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\BthEnum.sys CF98190A94F62E405C8CB255018B2315
C:\Windows\System32\DRIVERS\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bthpan.sys 02DD601B708DD0667E1331FA8518E9FF
C:\Windows\System32\Drivers\BTHport.sys 738D0E9272F59EB7A1449C3EC118E6C4
C:\Windows\System32\Drivers\BTHUSB.sys F188B7394D81010767B6DF3178519A37
C:\Windows\system32\drivers\btwampfl.sys 30E157AB82EE7406F526ED80896D2431
C:\Windows\System32\drivers\btwaudio.sys 824E7A93F491414B6BF496D29CB14331
C:\Windows\System32\DRIVERS\btwavdt.sys 9C7A3858D87F3A2574C1D326CA6C1461
C:\Windows\System32\DRIVERS\btwl2cap.sys B1ACFD00CDD13B48D86F46BFEC153BF9
C:\Windows\System32\DRIVERS\btwrchid.sys BB892C59D453E127797F8C5B203678DC
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\drivers\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys 404B7DF9CA4D1CB675045AF220FF3285
C:\Windows\System32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys EC0511BB85BAA42A9734011685A6732C
C:\Windows\System32\DRIVERS\compbatt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\csc.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CtClsFlt.sys 58CB536DA016641C9D24D183197F6DBF
C:\Windows\System32\DRIVERS\dcdbas64.sys E1617EC33B0B88FEC429BF6EB7B9FA52
C:\Windows\System32\Drivers\dfsc.sys CF1F6326AC44C42F4615D4BD53188AC5
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\drivers\disk.sys ==> MD5 is legit
C:\Windows\system32\drivers\dmvsc.sys 5DB085A8A6600BE6401F2B24EECB5415
C:\Windows\system32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\dtlitescsibus.sys 080598EFE474B7A28D7260C3AC389E36
C:\Windows\System32\drivers\dxgkrnl.sys 87CE5C8965E101CCCED1F4675557E868
C:\Windows\System32\DRIVERS\e1c62x64.sys BA01A130D2B850CA87483CE6AC1A2BBA
C:\Windows\System32\DRIVERS\eamonm.sys 984A5E2FFE7A4ED6A2C059C33BD6852E
C:\Windows\system32\drivers\evbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ehdrv.sys 9A7ACD56DFF94353F035FAE68E790EFB
C:\Windows\system32\drivers\elxstor.sys ==> MD5 is legit
C:\Windows\System32\Drivers\em52x.sys 5A520036C74D8C68717E3D5AF11AD54B
C:\Windows\System32\DRIVERS\epfwwfpr.sys 07A4BA0F50E6FAD149C7732E3B10A0D3
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\drivers\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\drivers\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\fssfltr.sys B16B626996C74B564005BA855C5DEE90
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\drivers\ftdibus.sys 13799CB7521A39724FFDEA2E5D9C8305
C:\Windows\System32\drivers\ftser2k.sys F1544BBC7E08BB5B9E9E97996C3FA04B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\drivers\gagp30kx.sys ==> MD5 is legit
C:\Windows\system32\drivers\hardlock.sys 3921C845A24C62CA1F44EEF4826263E9
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\HDAudBus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hhdspmc64.sys DF100F69C70F3319C3F6178D21A910FE
C:\Windows\system32\drivers\HidBatt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidbth.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ANDROIDUSB.sys F47CEC45FB85791D4AB237563AD0FA8F
C:\Windows\System32\drivers\HTTP.sys F61634BEC53F73702A10DE69F6DCAF57
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\i8042prt.sys ==> MD5 is legit
C:\Windows\System32\drivers\iaStor.sys CCFA835960E35F30D28A868E0B3B8722
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\System32\DRIVERS\igdkmd64.sys 92C3A37EE41FF6022EC53972F63927B7
C:\Windows\system32\drivers\iirsp.sys ==> MD5 is legit
C:\Windows\System32\drivers\intelaud.sys 314285071F7117263BD246E35C17FD82
C:\Windows\System32\DRIVERS\IntcDAud.sys 8AEEE0F4D210B61F917CFEA9653973C4
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Program Files (x86)\Invincea\Enterprise\X64\InvProtectDrv64.sys C4E9E2CB3B18739BBCF4C45FA106456B
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys 96BB922A0981BC7432C8CF52B5410FE6
C:\Windows\System32\DRIVERS\iusb3hcs.sys 75779002A6084C1A011E195E421A9C75
C:\Windows\System32\DRIVERS\iusb3hub.sys F390B641FE6115F536B8B78AA71B8814
C:\Windows\System32\DRIVERS\iusb3xhc.sys 653B86AA174FF7661D00EE1E524B234F
C:\Windows\System32\DRIVERS\iwdbus.sys 4487AD9C070D3973FE28AB4406555FC6
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys BCC83F22805F560C8A487F2F296A78FE
C:\Windows\System32\Drivers\ksecpkg.sys 33D52A96BEEE8AFCE9E07EEC9FE0C9DB
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\System32\drivers\massfilter.sys 035C83CD72E06C47000793D32B1A642D
C:\Windows\system32\drivers\mbam.sys CFBC6C6D8A492697CABD1D353EE64933
C:\Windows\system32\drivers\MBAMSwissArmy.sys 78488AF2AB2111D67B3C4044707A519B
C:\Windows\system32\drivers\mwac.sys D61070CFAD43038DC56AEAD9BFE9CE2A
C:\Windows\System32\DRIVERS\Mbm3CBus.sys 62732AF9512B911C330ACBBDBCC2F284
C:\Windows\System32\DRIVERS\Mbm3DevMt.sys 9644C6B313A08B36E3577193FE844197
C:\Windows\System32\DRIVERS\Mbm3mdfl.sys FAFA77810CB6C4E196C7CD28855292BB
C:\Windows\System32\DRIVERS\Mbm3Mdm.sys A1A8597F1EB14A27DDA510371498C0AB
C:\Windows\system32\drivers\megasas.sys ==> MD5 is legit
C:\Windows\system32\drivers\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\TeeDriverx64.sys E0EF6C1399A9B1AAA0B28590411BED04
C:\Windows\system32\drivers\mgdrv.sys 3EE27008CCE3838063F8932389162BD1
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\M7830A64.SYS B0B7B0C7318299C697AC0FE47B1863E9
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys 67050452C0118BAF2883928E6FCCFE47
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys AE3334958D8F631FF14A0AEB3D7EFB3A
C:\Windows\System32\DRIVERS\mrxsmb.sys 73ADDCC406B86E7DA4416691E8E74BDA
C:\Windows\System32\DRIVERS\mrxsmb10.sys 7C81098FBAF2EAF5B54B939F832B0F61
C:\Windows\System32\DRIVERS\mrxsmb20.sys ACB763673BCCE6C7B3B8F858C9FE4F1F
C:\Windows\system32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\drivers\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys AA0C2BA3782E92BD85E2264BE418E67C
C:\Windows\System32\DRIVERS\mxuwdrv2.sys 49BCB8E4E93C7C12D5551DAE583CF1AB
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys F7309F42555F8AAB7144A51A1F2585B0
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\NETwsw01.sys 6C6EBA531144A54AE4E5F3AFB08582FF
C:\Windows\system32\drivers\nfrd960.sys ==> MD5 is legit
C:\Windows\system32\drivers\npdrv.sys D19D449A7555F93FA5FE0DF2C2A4D46E
C:\Windows\system32\drivers\npdrvfilter.sys 73A2FC9810371C3368C362368747ADFD
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\SysWOW64\NSNDIS5.SYS 53F7546E8DAEFB3A0813F5E19C4613C9
C:\Windows\System32\Drivers\Ntfs.sys 1A29A59A4C5BA6F8C85062A613B7E2B2
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\O2MDFw7x64.sys 6172DB160FC566CF24307941C0E94D8E
C:\Windows\system32\drivers\O2MDRw7x64.sys 8ED738ABA394BBF6D7802698BE453112
C:\Windows\System32\DRIVERS\o2sdjw7x64.sys 072CF54D82D857001910C4FC70120D0F
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\DRIVERS\pccsmcfdx64.sys 3FDE033DFB0D07F8B7D5C9A3044AA121
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\drivers\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ED6E75158D28D33A2E2A020AC5B2B59D
C:\Windows\System32\DRIVERS\phmburnr.sys 1BE6705451B2CF0AAB261A4C9C2128C3
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\drivers\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\pwdrvio.sys 7E55A015421A81DD103B25215F7F62EB
C:\Windows\system32\pwdspio.sys 3FB3F02F6B79AA0AC05DCDACCEE8EE33
C:\Windows\system32\drivers\ql2300.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql40xx.sys ==> MD5 is legit
C:\Program Files (x86)\Tencent\QQPCMgr\11.2.17063.223\QMUdisk64.sys 70E3F8B13D391C57918E20DE4D976F5C
C:\Program Files (x86)\Tencent\QQPCMgr\11.2.17063.223\QQSysMonX64.sys B7C917526A0874A8EA8949CA7FB4409A
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys 71B6F78D6444CCE6F77BC42917A4E8F7
C:\Windows\System32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpdr.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpvideominiport.sys 313F68E1A3E6345A4F47A36B07062F34
C:\Windows\System32\Drivers\RDPWD.sys FE571E088C2D83619D2D48D4E961BF41
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rfcomm.sys 3DD798846E2C28102B922C56E71B7932
C:\Windows\System32\Drivers\RootMdm.sys 388D3DD1A6457280F3BADBA9F3ACD6B1
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\system32\drivers\vms3cap.sys ==> MD5 is legit
C:\Program Files (x86)\Invincea\Enterprise\Sandbox\SboxDrv.sys 9EBC8558F87AB6645DD12A0EE99E1353
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\sdbus.sys 111E0EBC0AD79CB0FA014B907B231CF0
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ser2pl64.sys 8167B3DF18CF957BB87F328F131D5570
C:\Windows\System32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\drivers\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\drivers\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Program Files (x86)\Tencent\QQPCMgr\11.2.17063.223\softaal64.sys 48669F60AC6EDFF26EF215624DCE5186
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\Drivers\sptd.sys FEB80A9EC320569CC82D4DB9F4AC78BC
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\System32\DRIVERS\stdcfltn.sys E4EA2412FB1B8AEE33667A9CC6D456A4
C:\Windows\system32\drivers\stexstor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\stwrt64.sys 71CB3BB20F08BB724769DAAAFD5AB26E
C:\Windows\System32\drivers\vmstorfl.sys ==> MD5 is legit
C:\Windows\system32\drivers\storvsc.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ST_ACCEL.sys 8BA37304516F9B637FB140DD58B5D88C
C:\Windows\System32\DRIVERS\swenum.sys ==> MD5 is legit
C:\Windows\system32\Drivers\TAOAccelerator64.sys 6D2A348D91A334ABAC3FE68E9C3C193B
C:\Windows\system32\Drivers\TAOKernel64.sys 7315779D43B51C0F6B455AB5B7DCCE6A
C:\Windows\System32\DRIVERS\tap0901.sys BCD6A90D6FD757CE9C29DDC850F7F231
C:\Windows\System32\drivers\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\DRIVERS\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys AA77EB517D2F07A947294F260E3ACA83
C:\Windows\System32\DRIVERS\termdd.sys ==> MD5 is legit
C:\Windows\System32\Drivers\TFsFltX64.sys 501998188D4154EE736188BAF1C20CE8
C:\Windows\System32\drivers\truecrypt.sys 370A6907DDF79532A39319492B1FA38A
C:\Program Files (x86)\Tencent\QQPCMgr\11.2.17063.223\TSDefenseBT64.sys 9D7C94C16A83F8F4574EECD590969266
C:\Windows\System32\DRIVERS\tssecsrv.sys 19BEDA57F3E0A06B8D5EB6D619BD5624
C:\Windows\System32\drivers\tsskx64.sys FBE4E67F738A38398576F3FEABEB846B
C:\Program Files (x86)\Tencent\QQPCMgr\11.2.17063.223\TSSysKit64.sys F5C5BF3FCC06BAA3F4CCE0667707A1BA
C:\Windows\System32\drivers\tsusbflt.sys E9981ECE8D894CEF7038FD1D040EB426
C:\Windows\system32\drivers\TsUsbGD.sys AD64450A4ABE076F5CB34CC08EEACB07
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\drivers\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\umpass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usb3Hub.sys 8047D8AFA070A4C3B9FCBDBF77A84C45
C:\Windows\System32\DRIVERS\usbcan.sys 056FB19085A2F2F4A61E7A9C3F8560E5
C:\Windows\System32\DRIVERS\usbcanl4.sys 27D7EE056C13D16E47FA483442C36BB7
C:\Windows\System32\DRIVERS\usbccgp.sys 91D3C92A44FC682DD791147604E79152
C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31
C:\Windows\system32\drivers\usbehci.sys F7FFDF2A1D19A76A87759126B244C816
C:\Windows\System32\DRIVERS\usbhub.sys 245FE7FC634D6A993E682E0A9EBA4ABB
C:\Windows\system32\drivers\usbohci.sys C1A8966E0D09BFB501045105B30D86F2
C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbser.sys B57B4F0BEC4270A281B9F8537EB2FA04
C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\system32\drivers\usbuhci.sys 2E682DCE4319A90E02A327F8A427544A
C:\Windows\System32\Drivers\usbvideo.sys 1F775DA4CF1A3A1834207E975A72E9D7
C:\Windows\System32\DRIVERS\VBoxNetAdp.sys 8CD776EB77695524CCE594AAC3A71569
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\system32\drivers\vmbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\VMBusHID.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys DF8126BD41180351A093A3AD2FC8903B
C:\Windows\System32\DRIVERS\vpchbus.sys B4A73CA4EF9A02B9738CEA9AD5FE5917
C:\Windows\System32\DRIVERS\vpcnfltr.sys E675FB2B48C54F09895482E2253B289C
C:\Windows\System32\DRIVERS\vpcusb.sys 5FB42082B0D19A0268705F1DD343DF20
C:\Windows\System32\DRIVERS\vpcuxd.sys 63F4E10873BEB4124028C6D1A66B0968
C:\Windows\System32\drivers\vpcvmm.sys 207B6539799CC1C112661A9B620DD233
C:\Windows\system32\drivers\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifimp.sys ==> MD5 is legit
C:\Windows\system32\drivers\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\drivers\wd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wdcsam64.sys D0335A55E5C3F812548E18300C2ACB62
C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUSB.SYS FE88B288356E7B47B74B13372ADD906D
C:\Windows\System32\DRIVERS\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659
C:\Windows\System32\DRIVERS\XHCIPort.sys 24E57041608ED6A9D7FDAD0D9EC214E2
C:\Windows\System32\DRIVERS\ZTEusbmdm6k.sys F14C9B3A8DF6E21F83AC63FA1ADC6D51
C:\Windows\System32\DRIVERS\ZTEusbnet.sys 47B3280C31D9561A5FB51070D9F0528D
C:\Windows\System32\DRIVERS\ZTEusbnmea.sys F14C9B3A8DF6E21F83AC63FA1ADC6D51
C:\Windows\System32\DRIVERS\ZTEusbser6k.sys F14C9B3A8DF6E21F83AC63FA1ADC6D51

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-26 12:44 - 2016-01-26 12:46 - 00061153 _____ C:\Users\tomas.kratochvil\Desktop\FRST.txt
2016-01-26 12:43 - 2016-01-26 12:44 - 00000000 ____D C:\FRST
2016-01-26 12:41 - 2016-01-26 12:41 - 02370560 _____ (Farbar) C:\Users\tomas.kratochvil\Desktop\FRST64.exe
2016-01-26 12:30 - 2016-01-26 12:30 - 00136151 _____ C:\Users\tomas.kratochvil\Desktop\Prostějov.ANT
2016-01-26 12:30 - 2016-01-14 10:47 - 00128280 _____ (电脑管家) C:\Windows\SysWOW64\Drivers\TsFltMgr.sys
2016-01-26 12:29 - 2016-01-26 12:26 - 00131896 _____ (Tencent Technology(Shenzhen) Company Limited) C:\Windows\system32\Drivers\TAOKernel64.sys
2016-01-26 12:29 - 2016-01-26 12:26 - 00088632 _____ (Tencent) C:\Windows\system32\Drivers\TAOAccelerator64.sys
2016-01-26 12:28 - 2016-01-26 12:28 - 00000000 ____D C:\ProgramData\TXQMPC
2016-01-26 12:28 - 2016-01-26 12:28 - 00000000 ____D C:\Program Files\Common Files\Tencent
2016-01-26 12:27 - 2016-01-26 12:32 - 00002250 _____ C:\Users\Public\Desktop\软件管理.lnk
2016-01-26 12:27 - 2016-01-26 12:27 - 00002243 _____ C:\Users\Public\Desktop\电脑管家.lnk
2016-01-26 12:27 - 2016-01-26 12:27 - 00000000 ____D C:\Users\tomas.kratochvil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件
2016-01-26 12:27 - 2016-01-26 12:27 - 00000000 _____ C:\Users\tomas.kratochvil\Desktop\$电脑管家-清理垃圾$.qmgc
2016-01-26 12:27 - 2016-01-26 12:26 - 00087864 _____ (电脑管家) C:\Windows\system32\Drivers\TFsFltX64.sys
2016-01-26 12:27 - 2016-01-26 12:26 - 00038200 _____ (电脑管家) C:\Windows\system32\Drivers\TSSKX64.sys
2016-01-26 12:25 - 2016-01-26 12:33 - 00000000 ____D C:\Users\tomas.kratochvil\AppData\Roaming\Tencent
2016-01-26 12:25 - 2016-01-26 12:33 - 00000000 ____D C:\ProgramData\Tencent
2016-01-26 12:25 - 2016-01-26 12:25 - 00000000 ____D C:\Program Files (x86)\Tencent
2016-01-26 12:24 - 2016-01-26 12:24 - 00000000 ____D C:\Program Files (x86)\t_201601261224
2016-01-26 12:23 - 2016-01-26 12:24 - 00000000 ____D C:\Program Files (x86)\MTV20151125
2016-01-26 12:23 - 2016-01-26 12:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ĂŔÍĽäŻŔŔ
2016-01-26 12:09 - 2016-01-26 12:09 - 00095972 _____ C:\Users\tomas.kratochvil\Desktop\simulator.ant
2016-01-26 09:35 - 2016-01-26 12:39 - 00000000 ____D C:\AdwCleaner
2016-01-26 09:26 - 2016-01-26 09:26 - 00000000 ____D C:\Users\tomas.kratochvil\Downloads\backups
2016-01-26 09:20 - 2016-01-26 11:28 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-01-26 09:20 - 2016-01-26 09:20 - 22908888 _____ (Malwarebytes ) C:\Users\tomas.kratochvil\Downloads\mbam-setup-2.2.0.1024.exe
2016-01-26 09:20 - 2016-01-26 09:20 - 00001108 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-01-26 09:20 - 2016-01-26 09:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-01-26 09:20 - 2016-01-26 09:20 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-01-26 09:20 - 2016-01-26 09:20 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-01-26 09:20 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-01-26 09:20 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-01-26 09:20 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-01-26 08:04 - 2016-01-26 11:22 - 00000022 _____ C:\Windows\S.dirmngr
2016-01-23 13:51 - 2016-01-23 13:51 - 00388608 _____ (Trend Micro Inc.) C:\Users\tomas.kratochvil\Downloads\HijackThis.exe
2016-01-22 09:04 - 2016-01-22 09:04 - 00000973 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-01-22 09:04 - 2016-01-22 09:04 - 00000961 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk
2016-01-22 07:39 - 2016-01-22 07:39 - 00015969 _____ C:\Users\tomas.kratochvil\Desktop\1601221.ais
2016-01-22 07:34 - 2016-01-22 07:36 - 00015826 _____ C:\Users\tomas.kratochvil\Desktop\Křovice AFR.ais
2016-01-21 18:52 - 2014-01-13 17:36 - 00224569 _____ C:\Users\tomas.kratochvil\Desktop\14010710.ant
2016-01-21 10:10 - 2016-01-21 10:11 - 00107356 _____ C:\Users\tomas.kratochvil\Documents\Modbus Hannover.TXT
2016-01-20 05:09 - 2016-01-20 05:37 - 04499648 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2016-01-18 10:55 - 2016-01-25 07:17 - 00341242 _____ C:\Users\tomas.kratochvil\Desktop\legnice.ant
2016-01-17 17:32 - 2016-01-17 17:32 - 54718976 _____ C:\Users\tomas.kratochvil\Downloads\Democracy.exe
2016-01-17 11:10 - 2016-01-22 17:21 - 00002000 _____ C:\Users\Public\Desktop\Half-Life - Blue Shift.lnk
2016-01-17 11:10 - 2016-01-17 11:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Half-Life (Xash3D)
2016-01-17 11:08 - 2016-01-22 17:15 - 00000000 ____D C:\Program Files (x86)\Half-Life-Xash3D
2016-01-15 09:47 - 2016-01-15 09:47 - 00000219 _____ C:\Users\tomas.kratochvil\Desktop\Vrchlabí frekvenčáky.txt
2016-01-15 09:47 - 2016-01-15 09:47 - 00000112 _____ C:\Users\tomas.kratochvil\Desktop\Belgie emaily.txt
2016-01-13 12:18 - 2016-01-13 12:18 - 00001268 _____ C:\Users\Public\Desktop\Xirrus Wi-Fi Inspector.lnk
2016-01-13 12:18 - 2016-01-13 12:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xirrus
2016-01-12 07:57 - 2016-01-12 07:57 - 00001042 _____ C:\Users\tomas.kratochvil\Desktop\eGrabIt.lnk
2016-01-11 08:53 - 2016-01-11 08:53 - 00002731 _____ C:\Users\Public\Desktop\Skype.lnk
2016-01-11 08:53 - 2016-01-11 08:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-01-07 10:15 - 2016-01-07 10:16 - 00000000 ____D C:\Users\tomas.kratochvil\AppData\Roaming\Smtp Client
2016-01-07 10:14 - 2016-01-07 10:14 - 00043467 _____ C:\Users\tomas.kratochvil\Downloads\Smtp-Client-bin-1.2.zip
2016-01-07 09:49 - 2016-01-07 09:49 - 00351232 _____ (hxxp://www.hellonnet.tk) C:\Users\tomas.kratochvil\Downloads\sendMailer.exe
2016-01-07 08:01 - 2016-01-10 19:46 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-01-06 06:57 - 2016-01-06 06:57 - 00002986 _____ C:\Windows\System32\Tasks\{D75CE568-8736-4F4B-A9A0-61626BCE853D}
2016-01-06 06:57 - 2016-01-06 06:57 - 00002986 _____ C:\Windows\System32\Tasks\{B8FA5D03-F3A6-41D2-9EB0-E2978E6FDAA1}
2016-01-06 06:57 - 2016-01-06 06:57 - 00000130 _____ C:\Windows\system32\config.conf
2016-01-05 11:10 - 2016-01-05 11:10 - 47400128 _____ (Microsoft Corporation) C:\Users\tomas.kratochvil\Downloads\NetFx64.exe
2016-01-05 11:07 - 2015-06-24 01:59 - 00166912 _____ (HazteK Software) C:\Users\tomas.kratochvil\Desktop\SMTPMailSender.exe
2016-01-05 11:06 - 2016-01-05 11:06 - 00062513 _____ C:\Users\tomas.kratochvil\Downloads\SMTPMailSender.zip
2016-01-04 10:40 - 2016-01-04 10:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\hMailServer
2016-01-04 10:40 - 2015-07-09 16:45 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atl70.dll
2016-01-04 10:04 - 2016-01-04 10:04 - 00328671 _____ C:\Users\tomas.kratochvil\Downloads\postkard.exe
2016-01-04 09:53 - 2016-01-04 09:53 - 00000000 ____D C:\Program Files (x86)\IIS Express
2016-01-04 09:52 - 2016-01-04 09:52 - 03722752 _____ C:\Users\tomas.kratochvil\Downloads\iisexpress_1_11_x86_en-US.msi
2016-01-04 09:44 - 2016-01-04 09:44 - 00000000 ____D C:\Windows\system32\0405
2016-01-01 18:00 - 2016-01-01 18:01 - 44218904 _____ C:\Users\tomas.kratochvil\Downloads\torbrowser-install-5.0.6_en-US.exe
2015-12-27 13:35 - 2015-12-27 13:35 - 00005120 _____ C:\Users\tomas.kratochvil\AppData\Roaming\GiftBag.db
2015-12-27 13:26 - 2015-12-27 13:52 - 00000000 ____D C:\Program Files (x86)\Seznam.cz
2015-12-27 13:25 - 2015-12-27 13:52 - 00000000 ____D C:\Users\tomas.kratochvil\AppData\Roaming\Seznam.cz

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-26 12:45 - 2015-12-16 14:12 - 00344576 _____ C:\Users\tomas.kratochvil\Desktop\dochazka_2016.xls
2016-01-26 12:45 - 2015-11-23 06:26 - 00005010 _____ C:\Windows\System32\Tasks\WSCEAA
2016-01-26 12:44 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2016-01-26 12:38 - 2014-03-10 09:19 - 00000000 ____D C:\Users\tomas.kratochvil\AppData\Roaming\Skype
2016-01-26 12:37 - 2013-11-06 04:30 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-01-26 12:23 - 2014-01-23 07:55 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-26 11:32 - 2009-07-14 05:45 - 00035040 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-01-26 11:32 - 2009-07-14 05:45 - 00035040 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-01-26 11:24 - 2014-01-23 07:59 - 00000000 ___RD C:\Users\tomas.kratochvil\Disk Google
2016-01-26 11:24 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\inetsrv
2016-01-26 11:23 - 2015-11-06 07:51 - 00000000 ____D C:\Program Files (x86)\RSSOwl
2016-01-26 11:23 - 2015-02-11 07:02 - 00000000 __SHD C:\Users\tomas.kratochvil\IntelGraphicsProfiles
2016-01-26 11:23 - 2014-01-23 07:55 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-26 11:23 - 2014-01-08 16:33 - 00141138 _____ C:\Windows\system32\NetAccessLog.txt
2016-01-26 11:23 - 2014-01-07 07:46 - 00000344 _____ C:\Windows\system32\config\netlogon.ftl
2016-01-26 11:22 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-26 10:15 - 2014-01-16 10:21 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-01-26 09:36 - 2013-11-06 04:47 - 00015894 __RSH C:\ProgramData\ntuser.pol
2016-01-26 08:18 - 2014-01-07 08:04 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2016-01-26 08:07 - 2015-11-06 07:51 - 00000000 ____D C:\Users\tomas.kratochvil\.rssowl2
2016-01-25 22:03 - 2014-03-24 21:58 - 00000950 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2703931844-3940718246-3090366172-2529Core.job
2016-01-23 13:40 - 2015-10-01 07:27 - 00000000 ____D C:\Users\tomas.kratochvil\AppData\Local\Deployment
2016-01-22 17:20 - 2014-01-21 12:12 - 00000000 ____D C:\Users\tomas.kratochvil\AppData\Local\CrashDumps
2016-01-22 12:57 - 2013-11-06 05:00 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-01-22 12:53 - 2014-01-07 08:26 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-01-22 12:51 - 2014-01-07 07:54 - 00129200 _____ C:\Users\tomas.kratochvil\AppData\Local\GDIPFONTCACHEV1.DAT
2016-01-22 12:50 - 2013-12-16 08:28 - 00000000 ____D C:\Users\install
2016-01-22 12:50 - 2009-07-14 05:45 - 00542504 _____ C:\Windows\system32\FNTCACHE.DAT
2016-01-22 10:09 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2016-01-21 06:34 - 2010-11-21 10:27 - 00735518 _____ C:\Windows\system32\perfh005.dat
2016-01-21 06:34 - 2010-11-21 10:27 - 00173650 _____ C:\Windows\system32\perfc005.dat
2016-01-21 06:34 - 2009-07-14 06:13 - 01766780 _____ C:\Windows\system32\PerfStringBackup.INI
2016-01-21 06:34 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-01-20 05:37 - 2013-11-06 04:30 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-01-20 05:37 - 2013-11-06 04:30 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-01-20 05:37 - 2013-11-06 04:30 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-01-19 13:14 - 2014-03-28 09:18 - 00000000 ___RD C:\Users\tomas.kratochvil\Virtual Machines
2016-01-19 07:46 - 2015-01-05 12:29 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-01-19 07:31 - 2014-01-08 07:10 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-19 07:26 - 2015-11-07 15:09 - 00000000 ____D C:\Users\tomas.kratochvil\AppData\Roaming\tor
2016-01-18 09:13 - 2014-08-04 09:26 - 00067072 _____ C:\Users\tomas.kratochvil\Desktop\Konfigurace_Bosch_2_8_1.XLS
2016-01-15 09:17 - 2014-02-19 08:51 - 00000000 ____D C:\Users\tomas.kratochvil\AppData\Roaming\PrimoPDF
2016-01-15 07:12 - 2015-07-07 07:38 - 00002185 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-01-14 13:40 - 2014-01-14 14:25 - 00000000 ____D C:\Users\tomas.kratochvil\Desktop\Měření a testování
2016-01-13 09:53 - 2014-01-14 14:28 - 00000000 ____D C:\Users\tomas.kratochvil\Desktop\Vrchlabí
2016-01-13 04:26 - 2015-12-07 13:06 - 00000000 ____D C:\Users\tomas.kratochvil\Documents\Studio 2015
2016-01-12 10:31 - 2014-04-25 06:30 - 00013030 _____ C:\PDOXUSRS.NET
2016-01-12 06:40 - 2015-11-12 06:42 - 00000000 ____D C:\Temp
2016-01-12 06:35 - 2015-02-10 14:57 - 00000000 ____D C:\Windows\System32\Tasks\Dell
2016-01-11 08:53 - 2014-03-10 09:19 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-01-11 08:53 - 2014-03-10 09:19 - 00000000 ____D C:\ProgramData\Skype
2016-01-11 08:52 - 2014-03-10 09:19 - 00000000 ____D C:\Users\tomas.kratochvil\AppData\Local\Skype
2016-01-06 13:32 - 2014-01-07 13:48 - 00000000 ____D C:\Program Files\Total Commander
2016-01-06 12:23 - 2014-01-07 13:48 - 00000000 ____D C:\Users\tomas.kratochvil\AppData\Roaming\GHISLER
2016-01-06 06:57 - 2014-03-04 12:37 - 00000000 ____D C:\Users\tomas.kratochvil\AppData\Local\ElevatedDiagnostics
2016-01-04 14:02 - 2014-01-14 14:25 - 00000000 ____D C:\Users\tomas.kratochvil\Desktop\Kancl
2016-01-04 10:44 - 2015-12-14 07:06 - 00000000 ____D C:\Program Files (x86)\hMailServer
2016-01-04 10:34 - 2015-12-14 07:05 - 04083679 _____ ( ) C:\Users\tomas.kratochvil\Downloads\hMailServer-5.6.4-B2283.exe
2016-01-04 09:45 - 2011-02-15 08:08 - 01664216 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-01-04 09:44 - 2014-07-18 13:42 - 00000000 ____D C:\inetpub
2016-01-04 09:44 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\inetsrv
2016-01-01 18:36 - 2015-10-25 07:27 - 00001261 _____ C:\Users\tomas.kratochvil\Desktop\Start Tor Browser.lnk
2016-01-01 18:07 - 2015-05-29 09:53 - 00001269 _____ C:\Users\tomas.kratochvil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2016-01-01 18:01 - 2015-11-07 15:08 - 00000000 ____D C:\Program Files (x86)\TOR
2016-01-01 17:46 - 2015-10-25 07:27 - 00000000 ____D C:\Program Files (x86)\Tor Browser
2015-12-27 13:51 - 2013-11-06 04:39 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-12-27 13:51 - 2013-11-05 21:25 - 00000000 ____D C:\Program Files (x86)\Intel

==================== Files in the root of some directories =======

2015-12-27 13:35 - 2015-12-27 13:35 - 0005120 _____ () C:\Users\tomas.kratochvil\AppData\Roaming\GiftBag.db
2015-05-01 18:12 - 2015-05-04 07:29 - 0000600 _____ () C:\Users\tomas.kratochvil\AppData\Local\PUTTY.RND
2015-10-25 16:51 - 2015-10-25 16:51 - 0001843 _____ () C:\Users\tomas.kratochvil\AppData\Local\recently-used.xbel
2015-08-04 12:53 - 2015-08-04 12:53 - 0010368 _____ () C:\ProgramData\regid.1996-09.com.picotech_{b5d8d9e5-a3f4-4ed9-9a3c-5bed623b362c}.swidtag

Some files in TEMP:
====================
C:\Users\tomas.kratochvil\AppData\Local\Temp\0ervgp2f.dll
C:\Users\tomas.kratochvil\AppData\Local\Temp\HY_Setup_duba04.exe
C:\Users\tomas.kratochvil\AppData\Local\Temp\mslog.dll
C:\Users\tomas.kratochvil\AppData\Local\Temp\Opera_NI_stable.exe
C:\Users\tomas.kratochvil\AppData\Local\Temp\pdzx0ouh.dll
C:\Users\tomas.kratochvil\AppData\Local\Temp\SkypeSetup.exe
C:\Users\tomas.kratochvil\AppData\Local\Temp\temp~.DLL
C:\Users\tomas.kratochvil\AppData\Local\Temp\temp~.EXE
C:\Users\tomas.kratochvil\AppData\Local\Temp\Tinyxml2.dll
C:\Users\tomas.kratochvil\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

==================== BCD ================================

Spr vce spouçtŘnˇ syst‚mu Windows
--------------------
identifik tor {bootmgr}
device partition=\Device\HarddiskVolume2
description Windows Boot Manager
locale cs-CZ
inherit {globalsettings}
default {current}
resumeobject {f3aac017-469f-11e3-a790-f01faf50b517}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30

Zav dŘcˇ program pro spouçtŘnˇ syst‚mu Windows
-------------------
identifik tor {current}
device partition=C:
path \Windows\system32\winload.exe
description Windows 7
locale cs-CZ
inherit {bootloadersettings}
recoverysequence {f3aac019-469f-11e3-a790-f01faf50b517}
recoveryenabled Yes
osdevice partition=C:
systemroot \Windows
resumeobject {f3aac017-469f-11e3-a790-f01faf50b517}
nx OptOut

Zav dŘcˇ program pro spouçtŘnˇ syst‚mu Windows
-------------------
identifik tor {f3aac019-469f-11e3-a790-f01faf50b517}
device ramdisk=[\Device\HarddiskVolume2]\Recovery\WindowsRE\Winre.wim,{f3aac01a-469f-11e3-a790-f01faf50b517}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[\Device\HarddiskVolume2]\Recovery\WindowsRE\Winre.wim,{f3aac01a-469f-11e3-a790-f01faf50b517}
systemroot \windows
nx OptIn
winpe Yes

Obnovenˇ z hibernace
---------------------
identifik tor {f3aac017-469f-11e3-a790-f01faf50b517}
device partition=C:
path \Windows\system32\winresume.exe
description Windows Resume Application
locale cs-CZ
inherit {resumeloadersettings}
filedevice partition=C:
filepath \hiberfil.sys
debugoptionenabled No

Testov nˇ pamŘti syst‚mu Windows
---------------------
identifik tor {memdiag}
device partition=\Device\HarddiskVolume2
path \boot\memtest.exe
description Windows Memory Diagnostic
locale cs-CZ
inherit {globalsettings}
badmemoryaccess Yes

Nastavenˇ slu§by EMS
------------
identifik tor {emssettings}
bootems Yes

Nastavenˇ ladicˇho programu
-----------------
identifik tor {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200

Chyby pamŘti RAM
-----------
identifik tor {badmemory}

Glob lnˇ nastavenˇ
---------------
identifik tor {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}

Nastavenˇ spouçtŘcˇho zavadŘźe
--------------------
identifik tor {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}

Nastavenˇ hypervisoru
-------------------
identifik tor {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200

Nastavenˇ zavadŘźe obnovenˇ
----------------------
identifik tor {resumeloadersettings}
inherit {globalsettings}

Parametry zaýˇzenˇ
--------------
identifik tor {f3aac01a-469f-11e3-a790-f01faf50b517}
description Ramdisk Options
ramdisksdidevice partition=\Device\HarddiskVolume2
ramdisksdipath \Recovery\WindowsRE\boot.sdi



LastRegBack: 2016-01-20 10:30

==================== End of FRST.txt ============================




==================== AdwCleaner ============================
# AdwCleaner v5.031 - Logfile created 26/01/2016 at 12:27:51
# Updated 25/01/2016 by Xplode
# Database : 2016-01-25.3 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x64)
# Username : tomas.kratochvil - 70M2VY1KRATTOM
# Running from : C:\Users\tomas.kratochvil\Desktop\adwcleaner_5.031.exe
# Option : Scan
# Support : http://toolslib.net/forum

***** [ Services ] *****

Service Found : QQPCRTP
Service Found : TAOAccelerator
Service Found : TSDefenseBt
Service Found : TSSysKit
Service Found : QMUdisk
Service Found : QQSysMonX64
Service Found : TFsFlt
Service Found : TAOKernelDriver
Service Found : TSSKX64
Service Found : softaal

***** [ Folders ] *****

Folder Found : C:\Program Files (x86)\tencent
Folder Found : C:\Program Files (x86)\MTV20151125
Folder Found : C:\Program Files (x86)\Common Files\tencent
Folder Found : C:\Program Files\Common Files\tencent
Folder Found : C:\ProgramData\tencent
Folder Found : C:\ProgramData\TXQMPC
Folder Found : C:\Users\tomas.kratochvil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooebklgpfnbcnpokahmdidgbmlcdepkm
Folder Found : C:\Users\tomas.kratochvil\AppData\Roaming\tencent
Folder Found : C:\Users\tomas.kratochvil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件
Folder Found : C:\Users\TOMAS~1.KRA\AppData\Local\Temp\tencent
Folder Found : C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\tencent

***** [ Files ] *****

File Found : C:\Users\Public\Desktop\电脑管家.lnk
File Found : C:\Users\tomas.kratochvil\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\电脑管家.lnk
File Found : C:\Users\tomas.kratochvil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件\电脑管家\电脑管家.lnk
File Found : C:\Windows\SysNative\drivers\TAOAccelerator64.sys
File Found : C:\Windows\SysNative\drivers\TSSKX64.sys
File Found : C:\Windows\SysNative\drivers\TAOKernel64.sys
File Found : C:\Windows\SysNative\drivers\TFsFltX64.sys
File Found : C:\Windows\SysWOW64\drivers\TsFltMgr.sys

***** [ DLL ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

Key Found : HKLM\SOFTWARE\Classes\AppID\DownloadProxy.EXE
Key Found : HKLM\SOFTWARE\MozillaPlugins\@qq.com/QQPCMgr
Key Found : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP
Key Found : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP
Key Found : HKLM\SOFTWARE\Classes\AppID\{51BEE30D-EEC8-4BA3-930B-298B8E759EB1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{70DE12EA-79F4-46BC-9812-86DB50A2FD64}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{63332668-8CE1-445D-A5EE-25929176714E}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved [{63332668-8CE1-445D-A5EE-25929176714E}]
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{B7667919-3765-4815-A66D-98A09BE662D6}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{CBDECEF7-7A29-4CBF-A009-2673D82C7BF9}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B}
Key Found : HKCU\Software\STA
Key Found : HKU\S-1-5-21-2312388656-572512778-52566670-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\STA
Data Found : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.hao123.com/?tn=98364621_hao_pg
Data Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.hao123.com/?tn=98364621_hao_pg
Key Found : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\hao123.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\mp.weixin.qq.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\qq.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\v.qq.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.hao123.com
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [lsas]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [MTView]

***** [ Web browsers ] *****


########## EOF - C:\AdwCleaner\AdwCleaner[S6].txt - [4354 bytes] ##########
Přílohy
Addition.zip
Addition
(24.81 KiB) Staženo 83 x
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119673
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Kontrola logu

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Prometheus4
Návštěvník
Návštěvník
Příspěvky: 6
Registrován: 26 led 2016 13:08

Re: Kontrola logu

#3 Příspěvek od Prometheus4 »

Zde je log.

# AdwCleaner v5.031 - Logfile created 26/01/2016 at 21:52:11
# Updated 25/01/2016 by Xplode
# Database : 2016-01-25.3 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x64)
# Username : tomas.kratochvil - 70M2VY1KRATTOM
# Running from : C:\Users\tomas.kratochvil\Desktop\adwcleaner_5.031.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

[!] Service Not Deleted : TSDefenseBt
[!] Service Not Deleted : TSSysKit
[!] Service Not Deleted : QMUdisk
[!] Service Not Deleted : TS888x64
[!] Service Not Deleted : QQSysMonX64
[!] Service Not Deleted : TFsFlt
[!] Service Not Deleted : TAOKernelDriver
[!] Service Not Deleted : TSSKX64
[!] Service Not Deleted : softaal

***** [ Folders ] *****

[-] Folder Deleted : C:\Program Files (x86)\tencent
[#] Folder Deleted : C:\Program Files\Common Files\tencent
[#] Folder Deleted : C:\ProgramData\tencent
[!] Folder Not Deleted : C:\ProgramData\TXQMPC
[-] Folder Deleted : C:\Users\tomas.kratochvil\AppData\Roaming\tencent

***** [ Files ] *****

[-] File Deleted : C:\Windows\SysNative\drivers\TFsFltX64.sys

***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

***** [ Web browsers ] *****


*************************

:: "Tracing" keys removed
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1543 bytes] ##########
Nahoru
Prometheus4
Návštěvník
Návštěvník
Příspěvky: 6
Registrován: 26 led 2016 13:08

Re: Kontrola logu

#4 Příspěvek od Prometheus4 »

Zde je ještě log z FRST po restartu.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:25-01-2016
Ran by tomas.kratochvil (administrator) on 70M2VY1KRATTOM (26-01-2016 22:07:47)
Running from C:\Users\tomas.kratochvil\Desktop
Loaded Profiles: tomas.kratochvil (Available Profiles: install & tomas.kratochvil)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Wave Systems Corp.) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(CobianSoft, Luis Cobian) C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe
() C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe
(ESET) C:\Program Files\ESET\RemoteAdministrator\Agent\ERAAgent.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
(Microsoft Corporation) C:\Windows\System32\inetsrv\inetinfo.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\nalserv.exe
() C:\Windows\System32\NA_Service.exe
() C:\Windows\System32\ModbusDrvSys.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe
(Dell, Inc.) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\hapi64\pbadrvsvc.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Wave Systems Corp.) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Dell Inc.) C:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Authentec Inc.) C:\Program Files\Common Files\SPBA\upeksvr.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Antivirus\egui.exe
() C:\Windows\System32\ModbusDrv.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(Dell Computer Corporation) C:\dell\DBRM\Reminder\DbrmTrayicon.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
() C:\Program Files (x86)\RSSOwl\RSSOwl.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\Bluetooth Headset Helper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Facebook Inc.) C:\Users\tomas.kratochvil\AppData\Local\Facebook\Update\FacebookUpdate.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Ghisler Software GmbH) C:\Program Files\Total Commander\TOTALCMD64.EXE
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [708952 2013-07-08] (Alps Electric Co., Ltd.)
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [Copy Handler] => [X]
HKLM\...\Run: [DBRMTray] => C:\Dell\DBRM\Reminder\DbrmTrayIcon.exe [227328 2011-03-08] (Dell Computer Corporation)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [453736 2013-02-19] (CANON INC.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1085656 2015-12-13] (Adobe Systems Incorporated)
HKLM\...\RunOnce: [DBRMTray] => C:\Dell\DBRM\Reminder\TrayApp.exe [7168 2010-02-05] (Microsoft)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
Winlogon\Notify\spba: C:\Program Files\Common Files\SPBA\homefus2.dll (Authentec Inc.)
HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22790776 2015-11-04] (Google)
HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [5583120 2015-02-27] (Disc Soft Ltd)
HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50385536 2015-12-17] (Skype Technologies S.A.)
HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\...\MountPoints2: {0ec9c726-d44a-11e4-a1ef-a4db302307b8} - G:\SETUP.EXE
HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\...\MountPoints2: {0ec9c749-d44a-11e4-a1ef-a4db302307b8} - G:\SETUP.EXE
HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\...\MountPoints2: {31d298d0-1f1f-11e5-ac72-a4db302307b8} - J:\DriverPackSolution.exe
HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\...\MountPoints2: {620fbe4f-d790-11e4-8844-a4db302307b8} - G:\SETUP.EXE
HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\...\MountPoints2: {8be5f2c7-15a8-11e5-8148-a4db302307b8} - G:\AutoRun.exe
HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\...\MountPoints2: {8be5f311-15a8-11e5-8148-a4db302307b8} - G:\AutoRun.exe
HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\...\MountPoints2: {a4170126-7cf8-11e3-85fc-a4db302307b8} - F:\NokiaPCIA_Autorun.exe
HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\...\MountPoints2: {c8adc4d8-cc69-11e4-8756-a4db302307b8} - G:\DriverPackSolution.exe
HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\...\MountPoints2: {c8adc552-cc69-11e4-8756-a4db302307b8} - G:\DriverPackSolution.exe
HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\...\MountPoints2: {c8adc6d5-cc69-11e4-8756-a4db302307b8} - G:\DriverPackSolution.exe
HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\...\MountPoints2: {d28b8d0c-a93d-11e4-a31d-a4db302307b8} - G:\DriverPackSolution.exe
HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\...\MountPoints2: {d28b9202-a93d-11e4-a31d-a4db302307b8} - G:\DriverPackSolution.exe
HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\...\MountPoints2: {dfa51f33-da2f-11e4-b5ec-a4db302307b8} - G:\SETUP.EXE
HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\...\MountPoints2: {ff840c52-4575-11e5-8254-a4db302307b8} - I:\SETUP.EXE
Lsa: [Authentication Packages] msv1_0 wvauth
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2013-02-08] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [EnabledUnlockedFDEIconOverlay] -> {30D3C2AF-9709-4D05-9CF4-13335F3C1E4A} => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll [2013-03-05] (Wave Systems Corp.)
ShellIconOverlayIdentifiers: [UninitializedFdeIconOverlay] -> {CF08DA3E-C97D-4891-A66B-E39B28DD270F} => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll [2013-03-05] (Wave Systems Corp.)
Startup: C:\Users\administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Smart Settings.lnk [2013-11-06]
ShortcutTarget: Smart Settings.lnk -> C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe (Dell Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2013-11-06]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Smart Settings.lnk [2013-11-06]
ShortcutTarget: Smart Settings.lnk -> C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe (Dell Inc.)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Smart Settings.lnk [2013-11-06]
ShortcutTarget: Smart Settings.lnk -> C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe (Dell Inc.)
Startup: C:\Users\install\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Smart Settings.lnk [2013-11-06]
ShortcutTarget: Smart Settings.lnk -> C:\Program Files\Dell\Feature Enhancement Pack\SmartSettings.exe (Dell Inc.)
Startup: C:\Users\tomas.kratochvil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Outlook 2013 – kopie.lnk [2014-01-07]
ShortcutTarget: Outlook 2013 – kopie.lnk -> C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE (Microsoft Corporation)
Startup: C:\Users\tomas.kratochvil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RSSOwl.lnk [2015-12-04]
ShortcutTarget: RSSOwl.lnk -> C:\Program Files (x86)\RSSOwl\RSSOwl.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 10 C:\Windows\SysWOW64\PrxerNsp.dll [84040 2015-03-28] ()
Winsock: Catalog5-x64 10 C:\Windows\system32\PrxerNsp.dll [96840 2015-03-28] ()
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2B30C851-6942-44A4-9D43-139612EFB020}: [DhcpNameServer] 172.30.6.129
Tcpip\..\Interfaces\{B895CAD4-79DD-4A6D-897E-CBFC274AA7F9}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{E5A43645-1868-4E21-ADAF-BFDE088B74D1}: [NameServer] 192.168.60.80,194.228.41.65

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2703931844-3940718246-3090366172-2529 -> DefaultScope {3450C047-7FEB-446A-B991-6302F1BE523B} URL =
SearchScopes: HKU\S-1-5-21-2703931844-3940718246-3090366172-2529 -> {3450C047-7FEB-446A-B991-6302F1BE523B} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-12-17] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2016-01-22] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-01-22] (Microsoft Corporation)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Adobe Acrobat Create PDF Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2016-01-22] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-25] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23] (Adobe Systems Incorporated)
DPF: HKLM-x32 {944982D2-A08B-4558-BBED-33FDCEF90451} hxxp://neso1/Eso9Supp.net/LIB/CAB/Eso9Client1.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\tomas.kratochvil\AppData\Roaming\Mozilla\Firefox\Profiles\d7c20eb0.default-1444380498779
FF SelectedSearchEngine:
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll [2016-01-20] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-01-20] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-11-13] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-11-13] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-25] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-01-07] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @qq.com/npAndroidAssistant -> C:\Program Files (x86)\Common Files\Tencent\QQPhoneManager\2.0.201.3192\npQQPhoneManagerExt.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-12-17] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems)
FF Plugin HKU\S-1-5-21-2703931844-3940718246-3090366172-2529: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\tomas.kratochvil\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-2703931844-3940718246-3090366172-2529: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\tomas.kratochvil\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-28] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2703931844-3940718246-3090366172-2529: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=3 -> C:\Users\tomas.kratochvil\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\npEpicUpdate3.dll [No File]
FF Plugin HKU\S-1-5-21-2703931844-3940718246-3090366172-2529: @updates.epicbrowser.com/Epic Privacy Browser Installer;version=9 -> C:\Users\tomas.kratochvil\AppData\Local\Epic Privacy Browser\Installer\1.3.27.13\npEpicUpdate3.dll [No File]
FF Extension: ReloadEvery - C:\Users\tomas.kratochvil\AppData\Roaming\Mozilla\Firefox\Profiles\d7c20eb0.default-1444380498779\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi [2015-10-13]
FF Extension: ChatZilla - C:\Users\tomas.kratochvil\AppData\Roaming\Mozilla\Firefox\Profiles\d7c20eb0.default-1444380498779\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2} [2015-10-13]
FF Extension: Update Scanner - C:\Users\tomas.kratochvil\AppData\Roaming\Mozilla\Firefox\Profiles\d7c20eb0.default-1444380498779\extensions\{c07d1a49-9894-49ff-a594-38960ede8fb9}.xpi [2015-10-13]
FF Extension: Blend In - C:\Users\tomas.kratochvil\AppData\Roaming\Mozilla\Firefox\Profiles\d7c20eb0.default-1444380498779\extensions\{0aa26703-f666-467e-bbcb-0201dc49725c}.xpi [2016-01-14]
FF Extension: Flash Video Downloader - YouTube HD Download [4K] - C:\Users\tomas.kratochvil\AppData\Roaming\Mozilla\Firefox\Profiles\d7c20eb0.default-1444380498779\extensions\artur.dubovoy@gmail.com [2016-01-19]
FF Extension: NeoBux AdAlert - C:\Users\tomas.kratochvil\AppData\Roaming\Mozilla\Firefox\Profiles\d7c20eb0.default-1444380498779\extensions\{eb80b076-a444-444c-a590-5aee5d977d80}.xpi [2016-01-19]
FF Extension: Český slovník pro kontrolu pravopisu - C:\Users\tomas.kratochvil\AppData\Roaming\Mozilla\Firefox\Profiles\d7c20eb0.default-1444380498779\Extensions\cs@dictionaries.addons.mozilla.org [2016-01-11]
FF Extension: British English Dictionary (Updated) - C:\Users\tomas.kratochvil\AppData\Roaming\Mozilla\Firefox\Profiles\d7c20eb0.default-1444380498779\Extensions\en-gb@flyingtophat.co.uk [2015-10-10] [not signed]
FF Extension: APK Downloader - C:\Users\tomas.kratochvil\AppData\Roaming\Mozilla\Firefox\Profiles\d7c20eb0.default-1444380498779\Extensions\jid1-6MGm94JnyY2VkA@jetpack.xpi [2016-01-05]
FF Extension: NeoBuxOx - C:\Users\tomas.kratochvil\AppData\Roaming\Mozilla\Firefox\Profiles\d7c20eb0.default-1444380498779\Extensions\jid1-pWGQEEt2toKZZQ@jetpack.xpi [2016-01-19]
FF Extension: Rapportive - C:\Users\tomas.kratochvil\AppData\Roaming\Mozilla\Firefox\Profiles\d7c20eb0.default-1444380498779\Extensions\rapportive@rapportive.com.xpi [2015-12-21]
FF Extension: TotalSpoof - C:\Users\tomas.kratochvil\AppData\Roaming\Mozilla\Firefox\Profiles\d7c20eb0.default-1444380498779\Extensions\totalspoof@fonk.wz.cz.xpi [2015-12-20]
FF Extension: Bamboo Feed Reader - C:\Users\tomas.kratochvil\AppData\Roaming\Mozilla\Firefox\Profiles\d7c20eb0.default-1444380498779\Extensions\{b2e69492-2358-071a-7056-24ad0c3defb1} [2016-01-22]
FF Extension: Adblock Plus - C:\Users\tomas.kratochvil\AppData\Roaming\Mozilla\Firefox\Profiles\d7c20eb0.default-1444380498779\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-01-20]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2015-08-18] [not signed]

Chrome:
=======
CHR Profile: C:\Users\tomas.kratochvil\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\tomas.kratochvil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-07]
CHR Extension: (Google Docs) - C:\Users\tomas.kratochvil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-07]
CHR Extension: (Google Drive) - C:\Users\tomas.kratochvil\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-30]
CHR Extension: (Gliffy Diagrams) - C:\Users\tomas.kratochvil\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmicilclplefnflapjmnngmkkkkpfad [2015-08-31]
CHR Extension: (YouTube) - C:\Users\tomas.kratochvil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-10]
CHR Extension: (Google Search) - C:\Users\tomas.kratochvil\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-30]
CHR Extension: (Adobe Acrobat) - C:\Users\tomas.kratochvil\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2015-11-10]
CHR Extension: (Google Sheets) - C:\Users\tomas.kratochvil\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-07]
CHR Extension: (Google Docs Offline) - C:\Users\tomas.kratochvil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-27]
CHR Extension: (feedly) - C:\Users\tomas.kratochvil\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipbfijinpcgfogaopmgehiegacbhmob [2015-10-09]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\tomas.kratochvil\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-08-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\tomas.kratochvil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-19]
CHR Extension: (Gmail) - C:\Users\tomas.kratochvil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-07]
CHR HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2012-09-23]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 becldr3Service; C:\Program Files (x86)\BCL Technologies\easyConverter SDK 3\Common\becldr.exe [225280 2013-11-06] () [File not signed]
R2 cbVSCService11; C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe [67584 2013-03-07] (CobianSoft, Luis Cobian) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2787512 2015-12-22] (Microsoft Corporation)
R2 DFEPService; C:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe [2280504 2012-08-15] (Dell Inc.)
R2 DirMngr; C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [216576 2015-09-09] () [File not signed]
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272592 2015-02-27] (Disc Soft Ltd)
S3 EHttpSrv; C:\Program Files\ESET\ESET Endpoint Antivirus\ehttpsrv.exe [41160 2015-02-16] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe [1566424 2015-02-16] (ESET)
R2 EmbassyService; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe [231792 2013-03-11] ()
R2 EraAgentSvc; C:\Program Files\ESET\RemoteAdministrator\Agent\ERAAgent.exe [2685640 2015-02-17] (ESET)
S3 eshasrv; C:\Program Files\ESET\ESET Endpoint Antivirus\eshasrv.exe [183496 2015-02-16] (ESET)
R2 ftpsvc; C:\Windows\system32\inetsrv\ftpsvc.dll [350720 2012-06-01] (Microsoft Corporation)
R2 hasplms; C:\Windows\system32\hasplms.exe [4683144 2014-06-02] (SafeNet Inc.)
S4 hMailServer; C:\Program Files (x86)\hMailServer\Bin\hMailServer.exe [4512768 2015-07-09] (hMailServer) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319080 2015-04-29] (Intel Corporation)
R2 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [15872 2010-11-21] (Microsoft Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
S4 InvProtectSvc; C:\Program Files (x86)\Invincea\Enterprise\X64\InvProtectSvc64.exe [2947856 2013-07-30] (Invincea, Inc.)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-11-13] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-07-17] ()
R2 NalServ; C:\Windows\SysWOW64\nalserv.exe [147056 2014-11-07] (Nalpeiron Ltd.)
R2 NA_Service; C:\Windows\system32\NA_Service.exe [105472 2012-06-06] () [File not signed]
S4 O2FLASH; C:\Windows\system32\o2flash.exe [244328 2011-11-16] (O2Micro International)
S4 O2SDIOAssist; C:\Windows\SysWOW64\srvany.exe [8192 2003-04-18] () [File not signed]
S4 OpenVpnLauncher; C:\Program Files (x86)\eWON\eGrabIt\OpenVpnService.exe [86016 2013-08-23] (eWON s.a.) [File not signed]
S4 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [37176 2013-08-22] (The OpenVPN Project)
R2 PbaDrvSvc_x64; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\hapi64\pbadrvsvc.exe [21504 2013-01-21] (Dell, Inc.) [File not signed]
S3 SboxSvc; C:\Program Files (x86)\Invincea\Enterprise\Sandbox\SboxSvc.exe [124616 2013-07-30] ()
S4 Sdl.ProductTelemetrics.v1; C:\Program Files (x86)\Common Files\SDL\Telemetrics\Sdl.Desktop.ProductTelemetrics.Host.Windows.exe [12288 2015-06-17] (SDL) [File not signed]
S2 tcsd_win32.exe; C:\Program Files (x86)\Security Innovation\SI TSS\bin\tcsd_win32.exe [1643520 2012-05-11] () [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6889232 2015-12-14] (TeamViewer GmbH)
S3 VsEtwService120; C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation)
R2 Wave Authentication Manager Service; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe [1773056 2013-02-26] (Wave Systems Corp.) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-11-06] (Microsoft Corporation)
S3 WMSVC; C:\Windows\system32\inetsrv\wmsvc.exe [10752 2009-07-14] (Microsoft Corporation)
S2 WvPCR; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Common\WvPCR.exe [254824 2013-03-08] (Wave Systems Corp.)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3377904 2013-07-17] (Intel® Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [135720 2013-11-06] (Broadcom Corporation.)
R3 dcdbas; C:\Windows\System32\DRIVERS\dcdbas64.sys [39016 2012-09-23] (Dell Inc.)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30352 2015-04-13] (Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [243464 2015-02-02] (ESET)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [177032 2015-02-02] (ESET)
S3 em52x; C:\Windows\System32\Drivers\em52x.sys [23792 2008-08-18] ()
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [159992 2015-02-02] (ESET)
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [331608 2014-06-02] (SafeNet Inc.)
R3 hhdspmc64; C:\Windows\System32\DRIVERS\hhdspmc64.sys [39472 2010-10-13] (HHD Software Ltd.)
S3 InvProtectDrv; C:\Program Files (x86)\Invincea\Enterprise\X64\InvProtectDrv64.sys [34824 2013-07-30] ()
R1 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [109272 2015-10-05] (Malwarebytes)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-01-26] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
S3 Mbm3CBus; C:\Windows\System32\DRIVERS\Mbm3CBus.sys [419400 2013-09-09] (MCCI Corporation)
S3 Mbm3DevMt; C:\Windows\System32\DRIVERS\Mbm3DevMt.sys [453960 2012-10-02] (MCCI Corporation)
S3 Mbm3mdfl; C:\Windows\System32\DRIVERS\Mbm3mdfl.sys [21832 2012-10-02] (MCCI Corporation)
S3 Mbm3Mdm; C:\Windows\System32\DRIVERS\Mbm3Mdm.sys [506184 2012-10-02] (MCCI Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-11-13] (Intel Corporation)
R2 mgdrv; C:\Windows\system32\drivers\mgdrv.sys [56344 2011-03-22] (Moxa Inc. )
S3 MOSUMAC; C:\Windows\System32\DRIVERS\M7830A64.SYS [48128 2008-07-25] (--)
S3 mxuwdrv2; C:\Windows\System32\DRIVERS\mxuwdrv2.sys [83480 2009-04-27] (Moxa Inc.)
R3 NETwNs64; C:\Windows\System32\DRIVERS\NETwsw01.sys [11534096 2015-05-04] (Intel Corporation)
R2 npdrv; C:\Windows\system32\drivers\npdrv.sys [61176 2011-04-19] (Moxa Inc. )
R2 npdrvfilter; C:\Windows\system32\drivers\npdrvfilter.sys [42232 2011-02-15] (Moxa Inc. )
S3 NSNDIS5; C:\Windows\SysWOW64\NSNDIS5.SYS [17280 2004-03-24] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
R0 phmburnr; C:\Windows\System32\DRIVERS\phmburnr.sys [53328 2010-06-14] (Phantombility, Inc)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19032 2012-08-20] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12384 2012-08-20] ()
S3 SboxDrv; C:\Program Files (x86)\Invincea\Enterprise\Sandbox\SboxDrv.sys [202248 2013-07-30] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381608 2015-04-25] (Duplex Secure Ltd.)
R3 ST_ACCEL; C:\Windows\System32\DRIVERS\ST_ACCEL.sys [68208 2012-05-21] (STMicroelectronics)
R3 usb3Hub; C:\Windows\System32\DRIVERS\usb3Hub.sys [47072 2012-10-10] (Windows (R) Win 7 DDK provider)
S3 USBCAN; C:\Windows\System32\DRIVERS\usbcan.sys [40216 2014-01-06] (SYS TEC electronic GmbH)
S3 USBCANL4; C:\Windows\System32\DRIVERS\usbcanl4.sys [76056 2014-01-06] (SYS TEC electronic GmbH)
R3 XHCIPort; C:\Windows\System32\DRIVERS\XHCIPort.sys [188896 2012-10-10] (Windows (R) Win 7 DDK provider)
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 PCDSRVC{3B54B31B-D06B6431-06020200}_0; \??\c:\program files\dell\supportassist\pcdsrvc_x64.pkms [X]
S3 SliceDisk5; \??\C:\Users\tomas.kratochvil\AppData\Local\Temp\HBCD\PartitionFindAndMount\slicedisk-x64.sys [X]
S2 tsnethlpx64; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17201.218\TsNetHlpX64.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-26 22:07 - 2016-01-26 22:08 - 00035291 _____ C:\Users\tomas.kratochvil\Desktop\FRST.txt
2016-01-26 21:56 - 2016-01-26 21:56 - 00000000 ____D C:\Users\TEMP\AppData\Roaming\Intel
2016-01-26 21:56 - 2016-01-26 21:56 - 00000000 ____D C:\Users\TEMP
2016-01-26 21:53 - 2016-01-26 21:53 - 00000000 ____D C:\ProgramData\LHService
2016-01-26 21:29 - 2016-01-26 21:31 - 00000000 ____D C:\ProgramData\LockHunter
2016-01-26 21:28 - 2016-01-26 21:28 - 03029032 _____ (Crystal Rich Ltd ) C:\Users\tomas.kratochvil\Downloads\lockhuntersetup_3-1-1.exe
2016-01-26 21:28 - 2016-01-26 21:28 - 00000000 ____D C:\Users\tomas.kratochvil\AppData\Roaming\LockHunter
2016-01-26 21:28 - 2016-01-26 21:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LockHunter
2016-01-26 21:28 - 2016-01-26 21:28 - 00000000 ____D C:\Program Files\LockHunter
2016-01-26 21:20 - 2016-01-26 21:20 - 00040327 _____ C:\Users\tomas.kratochvil\Desktop\20150024.pdf
2016-01-26 20:51 - 2016-01-26 21:53 - 00000022 _____ C:\Windows\S.dirmngr
2016-01-26 20:29 - 2016-01-26 20:29 - 01507840 _____ C:\Users\tomas.kratochvil\Desktop\adwcleaner_5.031.exe
2016-01-26 20:12 - 2016-01-26 22:05 - 00005014 _____ C:\Windows\System32\Tasks\WSCEAA
2016-01-26 14:27 - 2016-01-26 14:27 - 48831832 _____ C:\Users\tomas.kratochvil\Desktop\BDPUARLauncher.exe
2016-01-26 13:52 - 2016-01-26 13:52 - 1366498263 _____ C:\Windows\MEMORY.DMP
2016-01-26 13:52 - 2016-01-26 13:52 - 00288256 _____ C:\Windows\Minidump\012616-38298-01.dmp
2016-01-26 13:46 - 2016-01-26 13:50 - 00000000 ___SD C:\ComboFix
2016-01-26 13:46 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2016-01-26 13:46 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2016-01-26 13:46 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2016-01-26 13:46 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2016-01-26 13:46 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2016-01-26 13:46 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2016-01-26 13:46 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2016-01-26 13:46 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2016-01-26 13:45 - 2016-01-26 13:46 - 00000000 ___SD C:\32788R22FWJFW
2016-01-26 13:43 - 2016-01-26 13:46 - 00000000 ____D C:\Qoobox
2016-01-26 13:42 - 2016-01-26 13:42 - 05652316 ____R (Swearware) C:\Users\tomas.kratochvil\Desktop\ComboFix.exe
2016-01-26 13:42 - 2016-01-26 13:42 - 00000000 ____D C:\Windows\erdnt
2016-01-26 12:43 - 2016-01-26 22:07 - 00000000 ____D C:\FRST
2016-01-26 12:41 - 2016-01-26 12:41 - 02370560 _____ (Farbar) C:\Users\tomas.kratochvil\Desktop\FRST64.exe
2016-01-26 12:30 - 2016-01-26 12:30 - 00136151 _____ C:\Users\tomas.kratochvil\Desktop\Prostějov.ANT
2016-01-26 12:23 - 2016-01-26 12:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ĂŔÍĽäŻŔŔ
2016-01-26 12:09 - 2016-01-26 12:09 - 00095972 _____ C:\Users\tomas.kratochvil\Desktop\simulator.ant
2016-01-26 09:35 - 2016-01-26 22:03 - 00000000 ____D C:\AdwCleaner
2016-01-26 09:26 - 2016-01-26 09:26 - 00000000 ____D C:\Users\tomas.kratochvil\Downloads\backups
2016-01-26 09:20 - 2016-01-26 21:57 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-01-26 09:20 - 2016-01-26 09:20 - 22908888 _____ (Malwarebytes ) C:\Users\tomas.kratochvil\Downloads\mbam-setup-2.2.0.1024.exe
2016-01-26 09:20 - 2016-01-26 09:20 - 00001108 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-01-26 09:20 - 2016-01-26 09:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-01-26 09:20 - 2016-01-26 09:20 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-01-26 09:20 - 2016-01-26 09:20 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-01-26 09:20 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-01-26 09:20 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-01-26 09:20 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-01-23 13:51 - 2016-01-23 13:51 - 00388608 _____ (Trend Micro Inc.) C:\Users\tomas.kratochvil\Downloads\HijackThis.exe
2016-01-22 09:04 - 2016-01-22 09:04 - 00000973 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-01-22 09:04 - 2016-01-22 09:04 - 00000961 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk
2016-01-22 07:39 - 2016-01-22 07:39 - 00015969 _____ C:\Users\tomas.kratochvil\Desktop\1601221.ais
2016-01-22 07:34 - 2016-01-22 07:36 - 00015826 _____ C:\Users\tomas.kratochvil\Desktop\Křovice AFR.ais
2016-01-21 18:52 - 2014-01-13 17:36 - 00224569 _____ C:\Users\tomas.kratochvil\Desktop\14010710.ant
2016-01-21 10:10 - 2016-01-21 10:11 - 00107356 _____ C:\Users\tomas.kratochvil\Documents\Modbus Hannover.TXT
2016-01-20 05:09 - 2016-01-20 05:37 - 04499648 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2016-01-18 10:55 - 2016-01-25 07:17 - 00341242 _____ C:\Users\tomas.kratochvil\Desktop\legnice.ant
2016-01-17 17:32 - 2016-01-17 17:32 - 54718976 _____ C:\Users\tomas.kratochvil\Downloads\Democracy.exe
2016-01-17 11:10 - 2016-01-22 17:21 - 00002000 _____ C:\Users\Public\Desktop\Half-Life - Blue Shift.lnk
2016-01-17 11:10 - 2016-01-17 11:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Half-Life (Xash3D)
2016-01-17 11:08 - 2016-01-22 17:15 - 00000000 ____D C:\Program Files (x86)\Half-Life-Xash3D
2016-01-15 09:47 - 2016-01-15 09:47 - 00000219 _____ C:\Users\tomas.kratochvil\Desktop\Vrchlabí frekvenčáky.txt
2016-01-15 09:47 - 2016-01-15 09:47 - 00000112 _____ C:\Users\tomas.kratochvil\Desktop\Belgie emaily.txt
2016-01-13 12:18 - 2016-01-13 12:18 - 00001268 _____ C:\Users\Public\Desktop\Xirrus Wi-Fi Inspector.lnk
2016-01-13 12:18 - 2016-01-13 12:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xirrus
2016-01-12 07:57 - 2016-01-12 07:57 - 00001042 _____ C:\Users\tomas.kratochvil\Desktop\eGrabIt.lnk
2016-01-11 08:53 - 2016-01-11 08:53 - 00002731 _____ C:\Users\Public\Desktop\Skype.lnk
2016-01-11 08:53 - 2016-01-11 08:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-01-07 10:15 - 2016-01-07 10:16 - 00000000 ____D C:\Users\tomas.kratochvil\AppData\Roaming\Smtp Client
2016-01-07 10:14 - 2016-01-07 10:14 - 00043467 _____ C:\Users\tomas.kratochvil\Downloads\Smtp-Client-bin-1.2.zip
2016-01-07 09:49 - 2016-01-07 09:49 - 00351232 _____ (hxxp://www.hellonnet.tk) C:\Users\tomas.kratochvil\Downloads\sendMailer.exe
2016-01-07 08:01 - 2016-01-10 19:46 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-01-06 06:57 - 2016-01-06 06:57 - 00002986 _____ C:\Windows\System32\Tasks\{D75CE568-8736-4F4B-A9A0-61626BCE853D}
2016-01-06 06:57 - 2016-01-06 06:57 - 00002986 _____ C:\Windows\System32\Tasks\{B8FA5D03-F3A6-41D2-9EB0-E2978E6FDAA1}
2016-01-06 06:57 - 2016-01-06 06:57 - 00000130 _____ C:\Windows\system32\config.conf
2016-01-05 11:10 - 2016-01-05 11:10 - 47400128 _____ (Microsoft Corporation) C:\Users\tomas.kratochvil\Downloads\NetFx64.exe
2016-01-05 11:07 - 2015-06-24 01:59 - 00166912 _____ (HazteK Software) C:\Users\tomas.kratochvil\Desktop\SMTPMailSender.exe
2016-01-05 11:06 - 2016-01-05 11:06 - 00062513 _____ C:\Users\tomas.kratochvil\Downloads\SMTPMailSender.zip
2016-01-04 10:40 - 2016-01-04 10:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\hMailServer
2016-01-04 10:40 - 2015-07-09 16:45 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atl70.dll
2016-01-04 10:04 - 2016-01-04 10:04 - 00328671 _____ C:\Users\tomas.kratochvil\Downloads\postkard.exe
2016-01-04 09:53 - 2016-01-04 09:53 - 00000000 ____D C:\Program Files (x86)\IIS Express
2016-01-04 09:52 - 2016-01-04 09:52 - 03722752 _____ C:\Users\tomas.kratochvil\Downloads\iisexpress_1_11_x86_en-US.msi
2016-01-04 09:44 - 2016-01-04 09:44 - 00000000 ____D C:\Windows\system32\0405
2016-01-01 18:00 - 2016-01-01 18:01 - 44218904 _____ C:\Users\tomas.kratochvil\Downloads\torbrowser-install-5.0.6_en-US.exe
2015-12-27 13:35 - 2015-12-27 13:35 - 00005120 _____ C:\Users\tomas.kratochvil\AppData\Roaming\GiftBag.db
2015-12-27 13:26 - 2015-12-27 13:52 - 00000000 ____D C:\Program Files (x86)\Seznam.cz
2015-12-27 13:25 - 2015-12-27 13:52 - 00000000 ____D C:\Users\tomas.kratochvil\AppData\Roaming\Seznam.cz

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-26 22:03 - 2014-03-24 21:58 - 00000950 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2703931844-3940718246-3090366172-2529Core.job
2016-01-26 22:02 - 2009-07-14 05:45 - 00035040 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-01-26 22:02 - 2009-07-14 05:45 - 00035040 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-01-26 21:59 - 2014-03-10 09:19 - 00000000 ____D C:\Users\tomas.kratochvil\AppData\Roaming\Skype
2016-01-26 21:58 - 2015-11-06 07:51 - 00000000 ____D C:\Program Files (x86)\RSSOwl
2016-01-26 21:58 - 2014-01-23 07:59 - 00000000 ___RD C:\Users\tomas.kratochvil\Disk Google
2016-01-26 21:57 - 2015-02-11 07:02 - 00000000 __SHD C:\Users\tomas.kratochvil\IntelGraphicsProfiles
2016-01-26 21:57 - 2014-01-23 07:55 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-26 21:57 - 2014-01-08 16:33 - 00144580 _____ C:\Windows\system32\NetAccessLog.txt
2016-01-26 21:55 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\inetsrv
2016-01-26 21:54 - 2009-07-14 05:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-01-26 21:53 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-26 21:53 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2016-01-26 21:37 - 2013-11-06 04:30 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-01-26 21:34 - 2014-01-21 12:12 - 00000000 ____D C:\Users\tomas.kratochvil\AppData\Local\CrashDumps
2016-01-26 21:23 - 2014-01-23 07:55 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-26 20:44 - 2015-04-21 08:32 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-01-26 20:44 - 2015-04-21 08:32 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-01-26 20:31 - 2015-04-21 08:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-01-26 20:28 - 2013-12-16 08:41 - 00000000 ____D C:\Windows\system32\MRT
2016-01-26 15:02 - 2013-12-16 08:41 - 143671360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-01-26 13:53 - 2014-01-07 07:46 - 00000344 _____ C:\Windows\system32\config\netlogon.ftl
2016-01-26 13:52 - 2014-12-10 08:39 - 00000000 ____D C:\Windows\Minidump
2016-01-26 12:45 - 2015-12-16 14:12 - 00344576 _____ C:\Users\tomas.kratochvil\Desktop\dochazka_2016.xls
2016-01-26 10:15 - 2014-01-16 10:21 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-01-26 09:36 - 2013-11-06 04:47 - 00015894 __RSH C:\ProgramData\ntuser.pol
2016-01-26 08:18 - 2014-01-07 08:04 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2016-01-26 08:07 - 2015-11-06 07:51 - 00000000 ____D C:\Users\tomas.kratochvil\.rssowl2
2016-01-23 13:40 - 2015-10-01 07:27 - 00000000 ____D C:\Users\tomas.kratochvil\AppData\Local\Deployment
2016-01-22 12:57 - 2013-11-06 05:00 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-01-22 12:53 - 2014-01-07 08:26 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-01-22 12:51 - 2014-01-07 07:54 - 00129200 _____ C:\Users\tomas.kratochvil\AppData\Local\GDIPFONTCACHEV1.DAT
2016-01-22 12:50 - 2013-12-16 08:28 - 00000000 ____D C:\Users\install
2016-01-22 12:50 - 2009-07-14 05:45 - 00542504 _____ C:\Windows\system32\FNTCACHE.DAT
2016-01-22 10:09 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2016-01-21 06:34 - 2010-11-21 10:27 - 00735518 _____ C:\Windows\system32\perfh005.dat
2016-01-21 06:34 - 2010-11-21 10:27 - 00173650 _____ C:\Windows\system32\perfc005.dat
2016-01-21 06:34 - 2009-07-14 06:13 - 01766780 _____ C:\Windows\system32\PerfStringBackup.INI
2016-01-21 06:34 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-01-20 05:37 - 2013-11-06 04:30 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-01-20 05:37 - 2013-11-06 04:30 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-01-20 05:37 - 2013-11-06 04:30 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-01-19 13:14 - 2014-03-28 09:18 - 00000000 ___RD C:\Users\tomas.kratochvil\Virtual Machines
2016-01-19 07:46 - 2015-01-05 12:29 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-01-19 07:31 - 2014-01-08 07:10 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-19 07:26 - 2015-11-07 15:09 - 00000000 ____D C:\Users\tomas.kratochvil\AppData\Roaming\tor
2016-01-18 09:13 - 2014-08-04 09:26 - 00067072 _____ C:\Users\tomas.kratochvil\Desktop\Konfigurace_Bosch_2_8_1.XLS
2016-01-15 09:17 - 2014-02-19 08:51 - 00000000 ____D C:\Users\tomas.kratochvil\AppData\Roaming\PrimoPDF
2016-01-15 07:12 - 2015-07-07 07:38 - 00002185 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-01-14 13:40 - 2014-01-14 14:25 - 00000000 ____D C:\Users\tomas.kratochvil\Desktop\Měření a testování
2016-01-13 09:53 - 2014-01-14 14:28 - 00000000 ____D C:\Users\tomas.kratochvil\Desktop\Vrchlabí
2016-01-13 04:26 - 2015-12-07 13:06 - 00000000 ____D C:\Users\tomas.kratochvil\Documents\Studio 2015
2016-01-12 10:31 - 2014-04-25 06:30 - 00013030 _____ C:\PDOXUSRS.NET
2016-01-12 06:40 - 2015-11-12 06:42 - 00000000 ____D C:\Temp
2016-01-12 06:35 - 2015-02-10 14:57 - 00000000 ____D C:\Windows\System32\Tasks\Dell
2016-01-11 08:53 - 2014-03-10 09:19 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-01-11 08:53 - 2014-03-10 09:19 - 00000000 ____D C:\ProgramData\Skype
2016-01-11 08:52 - 2014-03-10 09:19 - 00000000 ____D C:\Users\tomas.kratochvil\AppData\Local\Skype
2016-01-06 13:32 - 2014-01-07 13:48 - 00000000 ____D C:\Program Files\Total Commander
2016-01-06 12:23 - 2014-01-07 13:48 - 00000000 ____D C:\Users\tomas.kratochvil\AppData\Roaming\GHISLER
2016-01-06 06:57 - 2014-03-04 12:37 - 00000000 ____D C:\Users\tomas.kratochvil\AppData\Local\ElevatedDiagnostics
2016-01-04 14:02 - 2014-01-14 14:25 - 00000000 ____D C:\Users\tomas.kratochvil\Desktop\Kancl
2016-01-04 10:44 - 2015-12-14 07:06 - 00000000 ____D C:\Program Files (x86)\hMailServer
2016-01-04 10:34 - 2015-12-14 07:05 - 04083679 _____ ( ) C:\Users\tomas.kratochvil\Downloads\hMailServer-5.6.4-B2283.exe
2016-01-04 09:45 - 2011-02-15 08:08 - 01664216 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-01-04 09:44 - 2014-07-18 13:42 - 00000000 ____D C:\inetpub
2016-01-04 09:44 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\inetsrv
2016-01-01 18:36 - 2015-10-25 07:27 - 00001261 _____ C:\Users\tomas.kratochvil\Desktop\Start Tor Browser.lnk
2016-01-01 18:07 - 2015-05-29 09:53 - 00001269 _____ C:\Users\tomas.kratochvil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2016-01-01 18:01 - 2015-11-07 15:08 - 00000000 ____D C:\Program Files (x86)\TOR
2016-01-01 17:46 - 2015-10-25 07:27 - 00000000 ____D C:\Program Files (x86)\Tor Browser
2015-12-27 13:51 - 2013-11-06 04:39 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-12-27 13:51 - 2013-11-05 21:25 - 00000000 ____D C:\Program Files (x86)\Intel

==================== Files in the root of some directories =======

2015-12-27 13:35 - 2015-12-27 13:35 - 0005120 _____ () C:\Users\tomas.kratochvil\AppData\Roaming\GiftBag.db
2015-05-01 18:12 - 2015-05-04 07:29 - 0000600 _____ () C:\Users\tomas.kratochvil\AppData\Local\PUTTY.RND
2015-10-25 16:51 - 2015-10-25 16:51 - 0001843 _____ () C:\Users\tomas.kratochvil\AppData\Local\recently-used.xbel
2015-08-04 12:53 - 2015-08-04 12:53 - 0010368 _____ () C:\ProgramData\regid.1996-09.com.picotech_{b5d8d9e5-a3f4-4ed9-9a3c-5bed623b362c}.swidtag

Some files in TEMP:
====================
C:\Users\tomas.kratochvil\AppData\Local\Temp\0ervgp2f.dll
C:\Users\tomas.kratochvil\AppData\Local\Temp\HY_Setup_duba04.exe
C:\Users\tomas.kratochvil\AppData\Local\Temp\MTViewbuildmtview_295.exe
C:\Users\tomas.kratochvil\AppData\Local\Temp\Opera_NI_stable.exe
C:\Users\tomas.kratochvil\AppData\Local\Temp\pdzx0ouh.dll
C:\Users\tomas.kratochvil\AppData\Local\Temp\SkypeSetup.exe
C:\Users\tomas.kratochvil\AppData\Local\Temp\temp~.DLL
C:\Users\tomas.kratochvil\AppData\Local\Temp\temp~.EXE
C:\Users\tomas.kratochvil\AppData\Local\Temp\Tinyxml2.dll
C:\Users\tomas.kratochvil\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-01-20 10:30

==================== End of FRST.txt ============================
Nahoru
Prometheus4
Návštěvník
Návštěvník
Příspěvky: 6
Registrován: 26 led 2016 13:08

Re: Kontrola logu

#5 Příspěvek od Prometheus4 »

Additional scan result of Farbar Recovery Scan Tool (x64) Version:25-01-2016
Ran by tomas.kratochvil (2016-01-26 22:09:11)
Running from C:\Users\tomas.kratochvil\Desktop
Windows 7 Professional Service Pack 1 (X64) (2013-12-16 07:28:20)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2312388656-572512778-52566670-500 - Administrator - Disabled)
Guest (S-1-5-21-2312388656-572512778-52566670-501 - Limited - Disabled)
install (S-1-5-21-2312388656-572512778-52566670-1000 - Administrator - Enabled) => C:\Users\install

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Endpoint Antivirus 6.1.2222.1 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Endpoint Antivirus 6.1.2222.1 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
ABBYY PDF Transformer+ (HKLM\...\{FA400000-0001-6400-0000-074957833700}) (Version: 4.1.241 - ABBYY Production LLC)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.00 - Adobe Systems)
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.286 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.14) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.14 - Adobe Systems Incorporated)
Advanced IP Scanner 2.4 (HKLM-x32\...\{221C4218-4414-4275-AF04-748DF4BF48D3}) (Version: 2.4.2526 - Famatech)
Advanced Port Scanner v1.3 (HKLM-x32\...\Advanced Port Scanner v1.3) (Version: - )
Advertising Center (x32 Version: 0.0.0.1 - Nero AG) Hidden
Aktualizace ovladače pro aplikaci Centrum zařízení Windows Mobile (HKLM\...\{92DBCA36-9B41-4DD1-941A-AED149DD37F0}) (Version: 6.1.6965.0 - Microsoft Corporation)
AltistartDtmLibrary (HKLM-x32\...\{D0C4F0C6-4F1A-43FD-8C74-33C3404B338C}) (Version: 7.0.1 - Schneider Electric)
AltivarDtmLibrary (HKLM-x32\...\{04C9C4CE-2F34-4B44-8EDE-964607803A8E}) (Version: 8.0.3 - Schneider Electric)
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{b6b417a3-1f40-4618-aadd-49628bda7836}) (Version: 16.1.1 - Intel Corporation)
Astroburn Lite (HKLM-x32\...\Astroburn Lite) (Version: 1.8.0.0183 - Disc Soft Ltd)
ATS22 (x32 Version: 1.7.1.0 - Schneider Electric) Hidden
ATS48 (x32 Version: 1.7.1.0 - Schneider Electric) Hidden
ATV12 (x32 Version: 1.7.1.0 - Schneider Electric) Hidden
ATV212 (x32 Version: 1.0.1.1 - Schneider Electric) Hidden
ATV31 (x32 Version: 1.8.0.0 - Schneider Electric) Hidden
ATV32 (x32 Version: 1.7.1.0 - Schneider Electric) Hidden
ATV61 (x32 Version: 1.8.1.0 - Schneider Electric) Hidden
ATV71 (x32 Version: 1.7.1.0 - Schneider Electric) Hidden
ATVLift (x32 Version: 1.7.1.0 - Schneider Electric) Hidden
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
AuthenTec WinBio FingerPrint Software 64-bit (Version: 3.4.2.1016 - AuthenTec, Inc.) Hidden
Autodesk DWG TrueView 2014 (HKLM\...\DWG TrueView 2014) (Version: 19.1.18.0 - Autodesk)
Balíček ovladače systému Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
BCL easyConverter SDK 3 (Word Version) (HKLM-x32\...\{A932ABFB-1AC4-4FBF-9954-B710CABE3482}) (Version: 3.0.68 - BCL Technologies)
Behaviors SDK (Windows Phone) for Visual Studio 2013 (x32 Version: 12.0.50716.0 - Microsoft Corporation) Hidden
Behaviors SDK (Windows) for Visual Studio 2013 (x32 Version: 12.0.50429.0 - Microsoft Corporation) Hidden
Borland Database Engine Setup (HKLM-x32\...\Borland Database Engine Setup) (Version: - )
Bridge It Plus version 1.32 (HKLM-x32\...\{808A3DB8-960C-4A67-AFD2-3828778397A8}_is1) (Version: 1.32 - )
Build Tools - amd64 (Version: 12.0.31101 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (Version: 12.0.31101 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.3.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon MG6400 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG6400_series) (Version: 1.02 - Canon Inc.)
CANopenCommunicationDTMLibrary (HKLM-x32\...\{7E0A6063-EF06-477D-8FE1-773C39815AB8}) (Version: 1.1 - Schneider Electric)
CCleaner (HKLM\...\CCleaner) (Version: 4.12 - Piriform)
Centrum zařízení Windows Mobile (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Cobian Backup 11 Gravity (HKLM-x32\...\CobBackup11) (Version: - )
ComAp PC Suite (HKLM-x32\...\{347EEEAE-0F1E-4823-BE31-E3F0C6B8960C}_is1) (Version: 3.1.3.1 - ComAp a.s.)
ComAp Virtual COM 1.3 (HKLM-x32\...\{BE3CCE7E-2341-44A8-871B-CED54B92C42F}_is1) (Version: 1.3 - ComAp a.s.)
Compositor SW67044 version 1.802 (HKLM-x32\...\{A6839A42-38DF-452D-8847-929EF4017D63}_is1) (Version: 1.802 - ADFweb.com)
Custom (Version: 01.00.00.002 - Wave Systems Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 5.0.1.0406 - Disc Soft Ltd)
Defcon v1.43 en-AU rtl (HKLM-x32\...\Defcon_is1) (Version: - Introversion Software Ltd)
Dell Backup and Recovery Manager (HKLM\...\{50B4B603-A4C6-4739-AE96-6C76A0F8A388}) (Version: 1.3.1 - Dell Inc.)
Dell Command | Update (HKLM-x32\...\{EC542D5D-B608-4145-A8F7-749C02BE6D94}) (Version: 2.1.1 - Dell Inc.)
Dell Custom Help (Version: 16.01.1000.0235 - Intel Corporation) Hidden
Dell Data Protection | Access (HKLM\...\{ABBA2EA4-740E-4052-902B-9CA70B081E3F}) (Version: 2.3.00003.072 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{693A23FB-F28B-4F7A-A720-4C1263F97F43}) (Version: 3.1.1002.0 - Dell Products, LP)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Feature Enhancement Pack (HKLM\...\{992D1CE7-A20F-4AB0-9D9D-AFC3418844DA}) (Version: 2.2.1 - Dell)
Dell Protected Workspace (HKLM-x32\...\{E2CAA395-66B3-4772-85E3-6134DBAB244E}) (Version: 2.3.15835 - Invincea, Inc.)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.1.6664.10 - Dell)
Dell System Detect (HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\...\73f463568823ebbe) (Version: 6.6.0.2 - Dell)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.1200.101.134 - ALPS ELECTRIC CO., LTD.)
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 1.40.54 - Creative Technology Ltd)
DellAccess (Version: 01.03.00.078 - Wave Systems Corp.) Hidden
Dia (pouze odstranit) (HKLM-x32\...\Dia) (Version: - )
DriverManager x64 (Version: 004.013.00000 - Schneider Electric) Hidden
DWG TrueView 2014 (Version: 19.1.18.0 - Autodesk) Hidden
eGrabIt 3.1 (HKLM-x32\...\eGrabIt 3.1) (Version: - )
EMBASSY Client Core (Version: 01.03.00.123 - Wave Systems Corp.) Hidden
Entity Framework 6.1.1 Tools for Visual Studio 2013 (HKLM-x32\...\{85253F13-EE42-4850-A3A5-79B90E92D7AC}) (Version: 12.0.30610.0 - Microsoft Corporation)
ERAS Connector (Version: 02.09.05.0335 - Wave Systems Corp) Hidden
ESET Endpoint Antivirus (HKLM\...\{0165402B-C509-49BA-ACC1-2EDB9BB3C493}) (Version: 6.1.2222.1 - ESET, spol. s r.o.)
ESET Remote Administrator Agent (HKLM\...\{A0E7525A-7F3D-407B-80DD-E992D2745203}) (Version: 6.1.365.0 - ESET, spol. s r.o.)
ESO9 .NET klient 5.0.4 (HKLM-x32\...\{61DB1E57-AB32-42E8-AB35-D1679C3AA8BA}) (Version: 5.0.4 - ESO9 international a.s.)
ESO9 .NET klient 5.1.11 (HKLM-x32\...\{698556A3-0DD7-404F-BFF5-555D82EDF273}) (Version: 5.1.11 - ESO9 international a.s.)
ETC M520RM 2.01 (HKLM-x32\...\M520RM_is1) (Version: 2.01 - ETC)
ETC Scope 2.02 (HKLM-x32\...\scope_is1) (Version: 2.02 - ETC)
Extended Asian Language font pack for Adobe Reader XI (HKLM-x32\...\{AC76BA86-7AD7-2530-0000-A00000000004}) (Version: 11.0.0 - Adobe Systems Incorporated)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
FileZilla Client 3.10.3 (HKLM-x32\...\FileZilla Client) (Version: 3.10.3 - Tim Kosse)
FirmwareImport 1.7.0 (HKLM-x32\...\{C0AA5A44-3001-485A-844A-E7D7C59D565A}_is1) (Version: 1.7.0 - ComAp a.s.)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
FTDI 2.12.00 (HKLM-x32\...\{4EAB293D-4540-439C-9390-C22ED9860831}_is1) (Version: 2.12.00 - ComAp a.s.)
Gemalto (Version: 01.64.01.0010 - Wave Systems Corp) Hidden
GemPcCCID (Version: 2.0.1 - Gemalto) Hidden
GenConfig 3.0.2 (HKLM-x32\...\{13B5659C-FC4A-41FF-98E1-FC5060376A34}_is1) (Version: 3.0.2 - ComAp a.s.)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
gm_setup 1.8 (HKLM-x32\...\{5DB72151-CD69-4328-A9F6-36A333222F7A}_is1) (Version: 1.8 - ComAp a.s.)
GoAnywhere OpenPGP Studio (HKLM-x32\...\0484-4574-4165-4413) (Version: 1.0.1 - Linoma Software)
Google Drive (HKLM-x32\...\{1C3D2F92-D25E-4D98-B810-3F3B0857BF26}) (Version: 1.26.0707.2863 - Google, Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Earth Pro (HKLM-x32\...\{44FC61F0-2F8A-11E3-8CAE-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.111 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Gpg4win (2.2.6) (HKLM-x32\...\GPG4Win) (Version: 2.2.6 - The Gpg4win Project)
GTK2-Runtime (HKLM-x32\...\GTK2-Runtime) (Version: 2.22.0-2010-10-21-ash - Alexander Shaduri)
Half-Life (Xash3D 0.95 Build 2271 engine) with datadisk Half-Life: Opposing Force & datadisk Half-Life: Blue Shift (HKLM-x32\...\Half-Life (Xash3D 0.95 Build 2271 engine) with datadisk Half-Life: Opposing Force & datadisk Half-Life: Blue Shift) (Version: - )
Hasp Dongle Drivers 6.63 (HKLM-x32\...\{0DBB15D4-1472-4068-A434-F2DC34938895}_is1) (Version: 6.63 - ComAp a.s.)
hMailServer 5.6.4-B2283 (HKLM-x32\...\hMailServer_is1) (Version: - )
IBConfig 1.8 (HKLM-x32\...\{1044D344-FFFB-43EE-93D8-3CAA0A301BCF}_is1) (Version: 1.8 - ComAp a.s.)
IBNTConfig 1.5.0 (HKLM-x32\...\{1E9D9507-D40B-4536-85BD-8A89FEDCC41B}_is1) (Version: 1.5.0 - ComAp a.s.)
ICBEdit 1.4.0 (HKLM-x32\...\{A8FCD4C9-AD8F-4184-BC17-D6AF634B4243}_is1) (Version: 1.4.0 - ComAp a.s.)
ICCup Launcher (HKLM-x32\...\ICCup Launcher_is1) (Version: 1.6 - ICCup)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6491.0 - IDT)
IGS-LOG 3.4.3 (HKLM-x32\...\{6AB57F0B-90BE-44DC-BEE6-A0F64CEAA94B}_is1) (Version: 3.4.3 - ComAp a.s.)
IIS 7.5 Express (HKLM-x32\...\{3A30B5F5-F12C-490F-8CD4-D200C75DF7E8}) (Version: 7.5.1190 - Microsoft Corporation)
ImageManager 1.1 (HKLM-x32\...\{913FE563-6E1F-4FCE-9ADA-298B3A925CD2}_is1) (Version: 1.1 - ComAp a.s.)
Infix PDF Editor verze 6.2.1.0 (HKLM-x32\...\83FFB914-6FA7-4F1F-807E-E0FFBA2E49E1_is1) (Version: 6.2.1.0 - Iceni Technology)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Network Connections 16.8.45.02 (HKLM\...\PROSetDX) (Version: 16.8.45.02 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4176 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.2.0.1006 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.8.251 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{6097158B-0184-4140-BEC3-7885794D2571}) (Version: 3.5.40.0 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - )
InteliCOMServer 1.4 (HKLM-x32\...\{17625444-C3E0-4D2C-9F6F-6DBA8AA1F786}_is1) (Version: 1.4 - ComAp a.s.)
InteliDDE 4.7.0 (HKLM-x32\...\{AF5D9A4B-7B9A-4A78-B58F-2B887DACBE08}_is1) (Version: 4.7.0 - ComAp a.s.)
InteliMonitor 3.1.3.1 (HKLM-x32\...\{961E5DCA-DBDC-41BE-9E95-6550A1323D28}_is1) (Version: 3.1.3.1 - ComAp a.s.)
IVProg 1.5 (HKLM-x32\...\{FBC52B08-2444-45CD-B9D0-0DB4553CE827}_is1) (Version: 1.5 - ComAp a.s.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Java(TM) 7 Update 3 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217003F0}) (Version: 7.0.30 - Oracle)
JeSim 1.2 (HKLM-x32\...\JeSim2006_is1) (Version: - Jiří Punčochář)
Junk Mail filter update (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
L&H TTS3000 British English (HKLM-x32\...\LHTTSENG) (Version: - )
Lexium32A (x32 Version: 1.08.0101 - Schneider Electric) Hidden
Lexium32C (x32 Version: 1.08.0101 - Schneider Electric) Hidden
Lexium32i (x32 Version: 1.08.0101 - Schneider Electric) Hidden
Lexium32M (x32 Version: 1.08.0101 - Schneider Electric) Hidden
LexiumDTMLibrary (HKLM-x32\...\{BD68E742-E6EF-4AFC-AC8B-EF3BEA02B04C}) (Version: 1.08.0101 - Schneider Electric)
LiteEdit 4.6.9 (HKLM-x32\...\{2544554B-ACAA-44B9-BEBE-A90A6C2FC806}_is1) (Version: 4.6.9 - ComAp a.s.)
LocalESPC (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden
LockHunter 3.1, 32/64 bit (HKLM\...\LockHunter_is1) (Version: - Crystal Rich Ltd)
Malwarebytes Anti-Malware verze 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Manager (HKLM-x32\...\Manager) (Version: - )
MGate Manager 1.5 (HKLM\...\MGate Manager_is1) (Version: - )
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Application Virtualization Desktop Client (HKLM-x32\...\{8D00DBC4-DEB4-4910-9D7C-30A5C6898195}) (Version: 4.6.3.24870 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Office 2007 Primary Interop Assemblies (HKLM-x32\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office 2013 pro podnikatele - cs-cz (HKLM\...\HomeBusinessRetail - cs-cz) (Version: 15.0.4787.1002 - Microsoft Corporation)
Microsoft Office Access database engine 2007 (English) (HKLM-x32\...\{90120000-00D1-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{58FED865-4F13-408D-A5BF-996019C4B936}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB (HKLM\...\{AB8DE9BA-19E1-446A-BCFA-6B3DA9751E21}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 ENU (HKLM-x32\...\{BCC899FE-2DAA-460C-A5FB-60291E73D9C3}) (Version: 3.5.5386.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (12.0.41012.0) (HKLM-x32\...\{AC8E0CF4-42A1-4151-B684-97CF6FD726CF}) (Version: 12.0.41012.0 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM-x32\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{05FF8209-C4F1-4C77-BC28-791653156D20}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{8C06D6DB-A391-4686-B050-99CC522A7843}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{4AEB505C-95E1-4964-9B64-8D27F3186D30}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Express 2013 for Windows Desktop - ENU with Update 4 (HKLM-x32\...\{b8a9dbc1-1fd4-4103-a83b-a2896f193ea0}) (Version: 12.0.31101.0 - Microsoft Corporation)
Microsoft WSE 2.0 SP3 Runtime (HKLM-x32\...\{F3CA9611-CD42-4562-ADAB-A554CF8E17F1}) (Version: 2.0.5050.0 - Microsoft Corp.)
Millennium 8 - překladové slovníky (HKLM-x32\...\Millenium8_is1) (Version: 8.0.0.0 - Commercial Service)
Modbus Driver X64 (HKLM\...\{708DB6DF-6949-46FA-AADD-752937B0FC72}) (Version: 003.013.00000 - Schneider Electric)
ModbusMaster (HKLM-x32\...\{2E94BD07-AA97-424E-B4E6-F59743286614}) (Version: 1.2.2 - Farrellton Solar)
Monitor (HKLM-x32\...\Monitor) (Version: - )
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MOXA UPort 1110/1130/1150 Windows Driver Ver1.6 (HKLM\...\MOXA UPort 1110/1130/1150 Windows Driver_is1) (Version: 1.6 - Moxa Inc.)
Mozilla Firefox 42.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 en-US)) (Version: 42.0 - Mozilla)
Mozilla Firefox 43.0.4 (x86 cs) (HKLM-x32\...\Mozilla Firefox 43.0.4 (x86 cs)) (Version: 43.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.4.5848 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MultiBit 0.5.18 (HKLM-x32\...\MultiBit 0.5.18) (Version: 0.5.18 - )
Nero 9 Essentials (HKLM-x32\...\{86bb59d6-b1d9-490b-b14b-320a5854d783}) (Version: - Nero AG)
Network Stumbler 0.4.0 (remove only) (HKLM-x32\...\Network Stumbler) (Version: - )
Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.5 - Notepad++ Team)
NPort Administration Suite Ver1.17 (HKLM\...\NPort Administration Suite_is1) (Version: - Moxa Inc.)
O2Micro Flash Memory Card Windows Driver (HKLM-x32\...\InstallShield_{D535FC73-1F63-4347-896A-C97A45F11E9C}) (Version: 3.0.07.44 - O2Micro International LTD.)
O2Micro Flash Memory Card Windows Driver (x32 Version: 3.0.07.44 - O2Micro International LTD.) Hidden
O2Micro OZ776 SCR Driver (Version: 2.1.4.223GS - O2Micro) Hidden
O2Micro OZ776 SCR Driver (x32 Version: 2.1.4.223GS - O2Micro) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4787.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4787.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4787.1002 - Microsoft Corporation) Hidden
OmegaT version 3.1.9 (HKLM-x32\...\OmegaT 3.1.9_is1) (Version: - OmegaT)
Open XML SDK 2.0 for Microsoft Office (HKLM-x32\...\{171D8D76-3F05-455A-A8AF-C561C2679905}) (Version: 2.0.5022 - Microsoft Corporation)
Open XML SDK 2.5 for Microsoft Office (HKLM-x32\...\{3EA16E23-14D2-466A-8268-D7CD40DC46B6}) (Version: 2.5.5631 - Microsoft Corporation)
OpenOffice.org 3.3 (HKLM-x32\...\{D5B94160-4A07-4956-9C73-8C5EEFEF180F}) (Version: 3.3.9567 - OpenOffice.org)
OpenSSL 1.0.1f Light (32-bit) (HKLM-x32\...\OpenSSL Light (32-bit)_is1) (Version: - OpenSSL Win32 Installer Team)
OpenTTD 1.5.2 (HKLM-x32\...\OpenTTD) (Version: 1.5.2 - OpenTTD)
OpenVPN 2.1.1 (HKLM-x32\...\OpenVPN) (Version: 2.1.1 - )
OpenVPN 2.3.2-I003 (HKLM\...\OpenVPN) (Version: 2.3.2-I003 - )
Osciloskop Micsig (HKLM-x32\...\{E5127FC7-DC96-46D6-89FD-B08CEA0D562E}) (Version: 1.0 - Publisher)
PBA Driver-x64 (Version: 1.0.1.8 - Dell Inc.) Hidden
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PDF Split And Merge Basic (HKLM-x32\...\{9A40D2F8-9458-458B-95E3-B57797C574E1}) (Version: 2.2.4 - Andrea Vacondio)
PhotoFiltre 7 (HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\...\PhotoFiltre 7) (Version: - )
PicoScope 6 Automotive (HKLM-x32\...\{881e8bce-0332-48f3-bbbc-e2b2ff15584b}) (Version: 6.10.18 - Pico Technology)
Pidgin (HKLM-x32\...\Pidgin) (Version: 2.10.9 - )
PLCMonitor 1.2.3 (HKLM-x32\...\{0AA4275C-DA0C-4E9B-96C5-399FDED251E6}_is1) (Version: 1.2.3 - ComAp a.s.)
Plus Internet 2.5 (HKLM-x32\...\Plus Internet_is1) (Version: 2.5 - Polkomtel S.A.)
PowreShellIntegration.Notifications (x32 Version: 2.5.21003.1603 - Microsoft Corporation) Hidden
Preboot Manager (Version: 03.05.00.043 - Wave Systems Corp.) Hidden
Prerequisites for SSDT (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
Prerequisites for SSDT (HKLM-x32\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation)
PrimoPDF -- brought to you by Nitro PDF Software (HKLM-x32\...\PrimoPDF) (Version: 5 - Nitro PDF Software)
Private Information Manager (Version: 07.03.00.032 - Wave Systems Corp.) Hidden
Prostředí Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.3.7600.16422 - Microsoft Corporation)
Proxifier version 3.28 (HKLM-x32\...\Proxifier_is1) (Version: 3.28 - Initex)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 4.5.7.2450 - Jan Fiala)
PX.34 34.0 (HKLM-x32\...\{3D8ED083-7E9E-44E4-A07E-CB76609E18EA}_is1) (Version: 34.0 - ComAp spol., s r. o.)
Python Tools Redirection Template (x32 Version: 1.1 - Microsoft Corporation) Hidden
Registrace uživatele zařízení Canon MG6400 series (HKLM-x32\...\Registrace uživatele zařízení Canon MG6400 series) (Version: - ‭Canon Inc.)
RemoteCommGuide 1.0 (HKLM-x32\...\{A2605996-D298-401C-BBCA-BA27160617FD}_is1) (Version: 1.0 - ComAp a.s.)
Resource Hacker Version 4.2.4 (HKLM-x32\...\ResourceHacker_is1) (Version: - )
RSSOwl (HKLM-x32\...\RSSOwl) (Version: - )
SDL Nalpeiron Service Installer (x32 Version: 1.2.0 - SDL) Hidden
SDL Passolo 2015 - Bundle (HKLM-x32\...\{a69aae4c-9642-4bf6-ad07-378c0d6c64cd}) (Version: 15.1.294.0 - SDL)
SDL Passolo 2015 (HKLM-x32\...\{217D8751-CF1F-4A85-BE3D-20F995F2B808}) (Version: 15.1.294.0 - SDL)
SDL Passolo Essential 2011 SP6 (HKLM-x32\...\{627163CD-8116-4982-9AC1-8C6DE4A499A0}) (Version: 11.6.0.0 - SDL)
SDL Trados 2011 SP2 - Remove suite of products (HKLM-x32\...\TranslationStudio2011) (Version: 2.2.3001 - SDL)
SDL Trados 2014 - Remove suite of products (HKLM-x32\...\TranslationStudio2014) (Version: 3.0.3636 - SDL)
SDL Trados 2015 - Remove suite of products (HKLM-x32\...\TranslationStudio2015) (Version: 4.0.4809 - SDL)
SDL Trados Legacy Compatibility Module (HKLM-x32\...\{7F8F4AF6-0CE2-46E9-BA14-C55F19968926}) (Version: 2.1.128 - SDL)
SDL Trados Studio 2011 SP2 (HKLM-x32\...\{7205B6D1-2975-4DDC-85D4-30AECFBFC138}) (Version: 2.2.3001 - SDL)
SDL Trados Studio 2014 (HKLM-x32\...\{44167752-7D08-4A49-8800-B2AE31A91A2D}) (Version: 3.0.3636 - SDL)
SDL Trados Studio 2015 (HKLM-x32\...\{27FA26BF-7D3F-458F-A4FF-3F972177B1DC}) (Version: 4.0.4809 - SDL)
SDL WorldServer Components (HKLM-x32\...\{CF32FB2A-0B13-4D6F-AB9F-9687D855C069}) (Version: 1.0.4809 - SDL)
SerialMon (HKLM-x32\...\SerialMon) (Version: 1.5 - Joakim Ögren)
Schneider Electric Modbus Communication DTM Library (HKLM-x32\...\{A8BD4CF6-24AE-4FCF-A1DB-74645763D820}) (Version: 2.1.2 - Schneider Electric)
SI TSS (Version: 2.1.41 - Security Innovation) Hidden
Skype™ 7.17 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.17.105 - Skype Technologies S.A.)
SMSoftSetupPack 1.1.0 (HKLM-x32\...\SMSoftSetupPack 1.1.0_is1) (Version: - )
SoMove Lite (HKLM-x32\...\{9B4C75F8-A79F-4BD7-81AD-7159FA328127}) (Version: 1.8.5.0 - Schneider Electric)
SPBA (WBF) 5.9 (Version: 5.9.7.7232 - Authentec Inc.) Hidden
ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.10.0036 - ST Microelectronics)
Starcraft (HKLM-x32\...\Starcraft) (Version: - )
StarCraft X-tra Editor (HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\...\StarCraft X-tra Editor) (Version: - )
Starsector by Fractal Softworks LLC (HKLM-x32\...\Starsector) (Version: - )
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.53254 - TeamViewer)
TeSysDTMLibrary (HKLM-x32\...\{064A10F6-EE1C-4D78-9D5D-828AB3DCA34B}) (Version: 2.7.4.0 - Schneider Electric)
TeSysT (x32 Version: 2.7.4.0 - Schneider Electric) Hidden
TeSysU (x32 Version: 2.7.4.0 - Schneider Electric) Hidden
The Dude (HKLM-x32\...\Dude) (Version: - )
TommySoftware® CAD/DRAW 4 Level 2 English (HKLM-x32\...\TommySoftware® CAD/DRAW 4 Level 2 English) (Version: - )
toolkit32for64bit (x32 Version: 7.70.13.0001 - Wave Systems Corp) Hidden
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
Trusted Drive Manager (Version: 5.0.2.24 - Wave Systems Corp.) Hidden
TypeC3501 TWAIN Driver Ver.4 (HKLM-x32\...\{E9EA01AF-9225-4AA3-B5C8-17C7847466C9}) (Version: 4.36.01 - )
TypeScript Power Tool (x32 Version: 1.0.5.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2013 (x32 Version: 1.0.5.0 - Microsoft Corporation) Hidden
Unity Web Player (HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\...\UnityWebPlayer) (Version: 5.2.0f3 - Unity Technologies ApS)
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
USB-CANmodul Utility Disk V5.1 (HKLM\...\USB-CANmodul Utility Disk_is1) (Version: 5.1 - SYS TEC electronic GmbH)
USB-Ethernet Adapter Device (HKLM\...\USB-Ethernet Adapter Device) (Version: - )
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2013 Update 4 (KB2829760) (HKLM-x32\...\{53d408db-eb91-43fb-9d8f-167681c19763}) (Version: 12.0.31101 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.0 - VideoLAN)
VS Update core components (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
Wave Crypto Runtime 2.0.9.0 x64 (Version: 02.00.09.0000 - Wave Systems Corp) Hidden
Wave Crypto Runtime 2.0.9.0 x86 (x32 Version: 02.00.09.0000 - Wave Systems Corp) Hidden
Wave Infrastructure Installer (Version: 07.70.13.0001 - Wave Systems Corp) Hidden
Wave Support Software Installer (Version: 05.15.00.024 - Wave Systems Corp) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.2410 - Broadcom Corporation)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
WinEdit (HKLM-x32\...\{A8D49807-4AF9-4BA2-9AE4-4DA75A8574D6}) (Version: 6.64.003 - ComAp spol. s r.o)
WinHTTrack Website Copier 3.47-27 (HKLM-x32\...\WinHTTrack Website Copier_is1) (Version: 3.47.27 - HTTrack)
WinScope 2.0.3 (HKLM-x32\...\{2E0E7CBF-85EE-4648-9DA3-10F9B42D9FC3}_is1) (Version: 2.0.3 - ComAp a.s.)
WinTerm 4.2 (HKLM-x32\...\{8906CBEA-BD7E-41A0-AB62-08F5D14E29E1}_is1) (Version: 4.2 - ComAp spol., s r. o.)
WinTerm package (HKLM-x32\...\{96A9A9C8-25C6-4DC5-A0A5-770BFEE3D843}_is1) (Version: 4.2 - ComAp spol., s r. o.)
WinTerm-Databases 4.2 (HKLM-x32\...\{12A4B361-460D-4159-AE7B-4EF9448149B2}_is1) (Version: 4.2 - ComAp spol., s r. o.)
Woodward (HKLM-x32\...\Woodward) (Version: - )
Woodward F-Series Service Tool 4.01 (HKLM-x32\...\{3A15D231-F542-4354-A536-07DC0E2DD1BB}) (Version: 4.30.1001 - Woodward Governor Company)
Woodward L-Series Service Tool 2.6.0.4 (HKLM-x32\...\L-Series Service Tool 2.6.0.4) (Version: - )
Woodward ToolKit (HKLM-x32\...\{08D1B428-F8D1-4EC0-ABF4-0F90A3B8B9EE}) (Version: 3.6.204 - Woodward)
Xirrus Wi-Fi Inspector (HKLM-x32\...\{BBB21AB1-2C45-435D-A05A-B563072E7B9B}) (Version: 1.2.1.4 - Xirrus)
XXConsole: Super Console Generator ver 0.96 (HKLM-x32\...\XXConsole) (Version: 0.96 - Pixelab, Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2703931844-3940718246-3090366172-2529_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Program Files\Autodesk\DWG TrueView 2014\en-US\dwgviewrficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2703931844-3940718246-3090366172-2529_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Program Files\Autodesk\DWG TrueView 2014\dwgviewr.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2703931844-3940718246-3090366172-2529_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0FF79D86-5E11-4CEE-B864-48C9B9452ACB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {1A76C040-E303-4725-B011-79902DDE015D} - System32\Tasks\{9B565B9D-325B-42ED-B141-263A1965CB52} => C:\Program Files (x86)\Take 2\Outlive\Editor.exe
Task: {20B8EAA6-9B90-4DEF-8E43-9674BA12BC65} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2703931844-3940718246-3090366172-2529Core => C:\Users\tomas.kratochvil\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-03-24] (Facebook Inc.)
Task: {26B261B2-FE97-46D1-A391-B7FCACC63351} - System32\Tasks\{4DB80728-1BE9-4230-A959-58178C99CD84} => C:\Program Files (x86)\Take 2\Outlive\Editor.exe
Task: {2D7FA685-E280-4716-AE91-A0A442B2E029} - System32\Tasks\{677C91D7-35DD-484F-9760-D14F064A9406} => D:\TEMP\Install\Setupmds.exe [2009-07-09] ()
Task: {5A40E926-9E86-4B89-9CFD-B12311724371} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {5F2DF385-A21E-439B-A9E1-721DAAD07533} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-20] (Adobe Systems Incorporated)
Task: {63D8F962-DE82-4B75-82C3-7FC0C23DEF91} - System32\Tasks\WSCEAA => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\RemoteManagement\WSCEAA.exe [2012-11-28] (Wave Systems Corp.)
Task: {74124DA3-2FA6-4F28-B665-50FF85A3F736} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {7F76E442-DCC6-48EC-8703-2AE31BE1DBD1} - System32\Tasks\{C2624C29-E33E-4061-B733-4F2A739D066B} => D:\TEMP\Install\Setupmds.exe [2009-07-09] ()
Task: {9013BA5D-03B4-4BCA-BE4F-C2CE10FF23B1} - System32\Tasks\{B8FA5D03-F3A6-41D2-9EB0-E2978E6FDAA1} => C:\Users\tomas.kratochvil\Desktop\SMTPMailSender.exe [2015-06-24] (HazteK Software)
Task: {A74A5A3B-3C18-45D1-9AB6-E7078BCFFB24} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-03-18] (Piriform Ltd)
Task: {B9A94216-2D53-4E26-B9F7-25E1032E7B3C} - System32\Tasks\{1BB3B048-9A1D-4A3A-A049-0CBDD0B7F5FA} => C:\Users\tomas.kratochvil\Downloads\Comm_Driver_X2NYF_WN_7.2.4.1_A00.EXE [2015-02-01] (Dell Inc.)
Task: {C064C851-0104-488C-B4F5-B26F099C3B19} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2015-05-25] (PC-Doctor, Inc.)
Task: {C3F960CA-AE4A-40FE-BFFF-9AAE0A78DCD3} - System32\Tasks\{DFB17C1A-0145-461C-A6BB-7231E180109D} => C:\TEMP\Ovladače\setup.exe
Task: {C58DF1D9-E57A-439C-9987-E4E0BFC7F421} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-12-22] (Microsoft Corporation)
Task: {D4BA560E-2436-4358-A7B2-E2FB8C4FFB4B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-12-22] (Microsoft Corporation)
Task: {D90F7046-5753-4116-A974-557964950D7F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {DC48A0C9-BF45-4300-8E51-97E2363854EF} - System32\Tasks\{01618133-21AA-407F-90CA-D547BFA0A023} => C:\TEMP\Ovladače\setup.exe
Task: {DD9F510C-95F4-499A-90C8-BAC5BC372FF4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => start sppsvc
Task: {E22D2D33-1B8B-4E4A-82AE-DAC7971837AB} - System32\Tasks\{62B32440-3468-4EDB-8D69-C3F1B874FA4E} => C:\TEMP\Ovladače\setup.exe
Task: {E37F3037-1798-4CB5-93E2-1DEDD0AA4300} - System32\Tasks\Uživatelské úlohy\Zálohování uživatelských dat v Cobianu => C:\Program Files (x86)\Cobian Backup 11\Cobian.exe [2013-03-07] (Luis Cobian, CobianSoft)
Task: {E617282B-493C-4A5D-8000-8B61BC5497C0} - System32\Tasks\Microsoft\Windows\SyncCenter\S-1-5-21-2703931844-3940718246-3090366172-2529\{750FDF10-2A26-11D1-A3EA-080036587F03}\Programy Plán => C:\Windows\system32\mobsync.exe [2010-11-21] (Microsoft Corporation)
Task: {EE9C3ED2-408F-4217-B3CC-20D8F3233ABE} - System32\Tasks\{D75CE568-8736-4F4B-A9A0-61626BCE853D} => C:\Users\tomas.kratochvil\Desktop\SMTPMailSender.exe [2015-06-24] (HazteK Software)
Task: {F315272D-7C6C-4186-946D-C8EB811C2443} - System32\Tasks\Dell\Command Update => C:\Program Files (x86)\Dell\CommandUpdate\DellCommandUpdate.exe [2015-11-05] (Dell Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2703931844-3940718246-3090366172-2529Core.job => C:\Users\tomas.kratochvil\AppData\Local\Facebook\Update\FacebookUpdate.exe/c /nocrashservertomas.kra
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-11-07 12:19 - 2015-03-28 15:55 - 00096840 _____ () C:\Windows\system32\PrxerNsp.dll
2014-02-19 08:51 - 2011-02-28 23:37 - 00095008 _____ () C:\Windows\System32\Primomonnt.dll
2014-03-28 06:56 - 2015-10-13 04:34 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-09-09 11:52 - 2015-09-09 11:52 - 00216576 _____ () C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
2013-03-11 17:05 - 2013-03-11 17:05 - 00231792 _____ () C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe
2013-03-11 17:04 - 2013-03-11 17:04 - 00039280 _____ () C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\DeviceStatus.dll
2012-05-11 16:47 - 2012-05-11 16:47 - 00003072 _____ () C:\Program Files (x86)\Security Innovation\SI TSS\bin\TspPopup_ENU.dll
2012-06-06 13:53 - 2012-06-06 13:53 - 00105472 _____ () C:\Windows\system32\NA_Service.exe
2012-06-06 13:53 - 2012-06-06 13:53 - 00103424 _____ () C:\Windows\system32\NA_Util.dll
2012-06-06 10:36 - 2012-06-06 10:36 - 00045056 _____ () C:\Windows\system32\MODBUSDRVSys.exe
2012-01-20 14:40 - 2012-01-20 14:40 - 00899072 _____ () C:\Windows\system32\MODBUSDRV.exe
2015-03-29 11:25 - 2015-03-29 11:25 - 00043480 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2013-12-30 13:15 - 2013-12-30 13:15 - 00057344 _____ () C:\Program Files (x86)\RSSOwl\RSSOwl.exe
2015-09-09 11:40 - 2015-09-09 11:40 - 00221696 _____ () C:\Program Files (x86)\GNU\GnuPG\libksba-8.dll
2015-09-09 11:34 - 2015-09-09 11:34 - 00087040 _____ () C:\Program Files (x86)\GNU\GnuPG\libgpg-error-0.dll
2015-09-09 11:28 - 2015-09-09 11:28 - 00050176 _____ () C:\Program Files (x86)\GNU\GnuPG\libw32pth-0.dll
2015-09-09 11:39 - 2015-09-09 11:39 - 00072192 _____ () C:\Program Files (x86)\GNU\GnuPG\libassuan-0.dll
2015-09-09 11:42 - 2015-09-09 11:42 - 00744448 _____ () C:\Program Files (x86)\GNU\GnuPG\libgcrypt-20.dll
2014-10-21 06:54 - 2014-10-21 06:54 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\2dace9622c68c6ce58d55a6950eeaa95\IsdiInterop.ni.dll
2013-11-06 04:41 - 2012-05-30 20:55 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2015-02-10 22:06 - 2013-11-13 20:23 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-12-05 10:21 - 2015-12-05 10:21 - 00933056 ____R () C:\Program Files (x86)\Skype\Phone\ssScreenVVS2.dll
2016-01-26 21:57 - 2016-01-26 21:57 - 00098816 _____ () C:\Users\TOMAS~1.KRA\AppData\Local\Temp\_MEI71522\win32api.pyd
2016-01-26 21:57 - 2016-01-26 21:57 - 00110080 _____ () C:\Users\TOMAS~1.KRA\AppData\Local\Temp\_MEI71522\pywintypes27.dll
2016-01-26 21:57 - 2016-01-26 21:57 - 00364544 _____ () C:\Users\TOMAS~1.KRA\AppData\Local\Temp\_MEI71522\pythoncom27.dll
2016-01-26 21:57 - 2016-01-26 21:57 - 00046080 _____ () C:\Users\TOMAS~1.KRA\AppData\Local\Temp\_MEI71522\_socket.pyd
2016-01-26 21:57 - 2016-01-26 21:57 - 01208320 _____ () C:\Users\TOMAS~1.KRA\AppData\Local\Temp\_MEI71522\_ssl.pyd
2016-01-26 21:57 - 2016-01-26 21:57 - 00320512 _____ () C:\Users\TOMAS~1.KRA\AppData\Local\Temp\_MEI71522\win32com.shell.shell.pyd
2016-01-26 21:57 - 2016-01-26 21:57 - 00776704 _____ () C:\Users\TOMAS~1.KRA\AppData\Local\Temp\_MEI71522\_hashlib.pyd
2016-01-26 21:57 - 2016-01-26 21:57 - 01176576 _____ () C:\Users\TOMAS~1.KRA\AppData\Local\Temp\_MEI71522\wx._core_.pyd
2016-01-26 21:57 - 2016-01-26 21:57 - 00806400 _____ () C:\Users\TOMAS~1.KRA\AppData\Local\Temp\_MEI71522\wx._gdi_.pyd
2016-01-26 21:57 - 2016-01-26 21:57 - 00816128 _____ () C:\Users\TOMAS~1.KRA\AppData\Local\Temp\_MEI71522\wx._windows_.pyd
2016-01-26 21:57 - 2016-01-26 21:57 - 01067008 _____ () C:\Users\TOMAS~1.KRA\AppData\Local\Temp\_MEI71522\wx._controls_.pyd
2016-01-26 21:57 - 2016-01-26 21:57 - 00733184 _____ () C:\Users\TOMAS~1.KRA\AppData\Local\Temp\_MEI71522\wx._misc_.pyd
2016-01-26 21:57 - 2016-01-26 21:57 - 00682496 _____ () C:\Users\TOMAS~1.KRA\AppData\Local\Temp\_MEI71522\pysqlite2._sqlite.pyd
2016-01-26 21:57 - 2016-01-26 21:57 - 00088064 _____ () C:\Users\TOMAS~1.KRA\AppData\Local\Temp\_MEI71522\_ctypes.pyd
2016-01-26 21:57 - 2016-01-26 21:57 - 00119808 _____ () C:\Users\TOMAS~1.KRA\AppData\Local\Temp\_MEI71522\win32file.pyd
2016-01-26 21:57 - 2016-01-26 21:57 - 00108544 _____ () C:\Users\TOMAS~1.KRA\AppData\Local\Temp\_MEI71522\win32security.pyd
2016-01-26 21:57 - 2016-01-26 21:57 - 00007168 _____ () C:\Users\TOMAS~1.KRA\AppData\Local\Temp\_MEI71522\hashobjs_ext.pyd
2016-01-26 21:57 - 2016-01-26 21:57 - 00017920 _____ () C:\Users\TOMAS~1.KRA\AppData\Local\Temp\_MEI71522\thumbnails_ext.pyd
2016-01-26 21:57 - 2016-01-26 21:57 - 00079360 _____ () C:\Users\TOMAS~1.KRA\AppData\Local\Temp\_MEI71522\usb_ext.pyd
2016-01-26 21:57 - 2016-01-26 21:57 - 00167936 _____ () C:\Users\TOMAS~1.KRA\AppData\Local\Temp\_MEI71522\win32gui.pyd
2016-01-26 21:57 - 2016-01-26 21:57 - 00018432 _____ () C:\Users\TOMAS~1.KRA\AppData\Local\Temp\_MEI71522\win32event.pyd
2016-01-26 21:57 - 2016-01-26 21:57 - 00128512 _____ () C:\Users\TOMAS~1.KRA\AppData\Local\Temp\_MEI71522\_elementtree.pyd
2016-01-26 21:57 - 2016-01-26 21:57 - 00127488 _____ () C:\Users\TOMAS~1.KRA\AppData\Local\Temp\_MEI71522\pyexpat.pyd
2016-01-26 21:57 - 2016-01-26 21:57 - 00013824 _____ () C:\Users\TOMAS~1.KRA\AppData\Local\Temp\_MEI71522\common.time34.pyd
2016-01-26 21:57 - 2016-01-26 21:57 - 00036864 _____ () C:\Users\TOMAS~1.KRA\AppData\Local\Temp\_MEI71522\_psutil_windows.pyd
2016-01-26 21:57 - 2016-01-26 21:57 - 00038912 _____ () C:\Users\TOMAS~1.KRA\AppData\Local\Temp\_MEI71522\win32inet.pyd
2016-01-26 21:57 - 2016-01-26 21:57 - 00525640 _____ () C:\Users\TOMAS~1.KRA\AppData\Local\Temp\_MEI71522\windows._lib_cacheinvalidation.pyd
2016-01-26 21:57 - 2016-01-26 21:57 - 00011264 _____ () C:\Users\TOMAS~1.KRA\AppData\Local\Temp\_MEI71522\win32crypt.pyd
2016-01-26 21:57 - 2016-01-26 21:57 - 00077312 _____ () C:\Users\TOMAS~1.KRA\AppData\Local\Temp\_MEI71522\wx._html2.pyd
2016-01-26 21:57 - 2016-01-26 21:57 - 00027136 _____ () C:\Users\TOMAS~1.KRA\AppData\Local\Temp\_MEI71522\_multiprocessing.pyd
2016-01-26 21:57 - 2016-01-26 21:57 - 00020480 _____ () C:\Users\TOMAS~1.KRA\AppData\Local\Temp\_MEI71522\_yappi.pyd
2016-01-26 21:57 - 2016-01-26 21:57 - 00035840 _____ () C:\Users\TOMAS~1.KRA\AppData\Local\Temp\_MEI71522\win32process.pyd
2016-01-26 21:57 - 2016-01-26 21:57 - 00686080 _____ () C:\Users\TOMAS~1.KRA\AppData\Local\Temp\_MEI71522\unicodedata.pyd
2016-01-26 21:57 - 2016-01-26 21:57 - 00123392 _____ () C:\Users\TOMAS~1.KRA\AppData\Local\Temp\_MEI71522\wx._wizard.pyd
2016-01-26 21:57 - 2016-01-26 21:57 - 00024064 _____ () C:\Users\TOMAS~1.KRA\AppData\Local\Temp\_MEI71522\win32pipe.pyd
2016-01-26 21:57 - 2016-01-26 21:57 - 00010240 _____ () C:\Users\TOMAS~1.KRA\AppData\Local\Temp\_MEI71522\select.pyd
2016-01-26 21:57 - 2016-01-26 21:57 - 00025600 _____ () C:\Users\TOMAS~1.KRA\AppData\Local\Temp\_MEI71522\win32pdh.pyd
2016-01-26 21:57 - 2016-01-26 21:57 - 00017408 _____ () C:\Users\TOMAS~1.KRA\AppData\Local\Temp\_MEI71522\win32profile.pyd
2016-01-26 21:57 - 2016-01-26 21:57 - 00022528 _____ () C:\Users\TOMAS~1.KRA\AppData\Local\Temp\_MEI71522\win32ts.pyd
2016-01-26 21:57 - 2016-01-26 21:57 - 00078848 _____ () C:\Users\TOMAS~1.KRA\AppData\Local\Temp\_MEI71522\wx._animate.pyd
2014-01-07 13:44 - 2014-11-18 08:12 - 00316576 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2013-12-30 13:15 - 2013-12-30 13:15 - 00081920 _____ () C:\Program Files (x86)\RSSOwl\plugins\org.eclipse.equinox.launcher.win32.win32.x86_1.0.101.R34x_v20080731\eclipse_1115.dll
2015-11-06 07:51 - 2015-11-06 07:51 - 00044544 _____ () C:\Users\tomas.kratochvil\.rssowl2\config221\org.eclipse.osgi\bundles\11\1\.cp\jWinHttp.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:3204
AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:3256
AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:3357

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\...\dell.com -> dell.com
IE restricted site: HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\...\skype.com -> hxxps://apps.skype.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: becldr3Service => 3
MSCONFIG\Services: hMailServer => 2
MSCONFIG\Services: InvProtectSvc => 3
MSCONFIG\Services: Nero BackItUp Scheduler 4.0 => 2
MSCONFIG\Services: O2FLASH => 2
MSCONFIG\Services: O2SDIOAssist => 2
MSCONFIG\Services: OpenVpnLauncher => 2
MSCONFIG\Services: OpenVPNService => 3
MSCONFIG\Services: Sdl.ProductTelemetrics.v1 => 2
MSCONFIG\Services: ServiceLayer => 3
MSCONFIG\startupfolder: C:^Users^tomas.kratochvil^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Smart Settings.lnk => C:\Windows\pss\Smart Settings.lnk.Startup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: DBRMTray => C:\Dell\DBRM\Reminder\DbrmTrayIcon.exe
MSCONFIG\startupreg: Dell Webcam Central => "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
MSCONFIG\startupreg: DFEPApplication => C:\Program Files\Dell\Feature Enhancement Pack\DFEPApplication.exe
MSCONFIG\startupreg: Epic Privacy Browser Installer => "C:\Users\tomas.kratochvil\AppData\Local\Epic Privacy Browser\Installer\EpicUpdate.exe" /c
MSCONFIG\startupreg: Facebook Update => "C:\Users\tomas.kratochvil\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
MSCONFIG\startupreg: IMSS => "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
MSCONFIG\startupreg: IntelPROSet => "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PROSet/Wireless
MSCONFIG\startupreg: LiveTranslationAlerter => C:\Program Files (x86)\LiveTranslation\LiveTranslation Job Alerter\LiveTransAlerter.exe
MSCONFIG\startupreg: lsas => C:\Program Files (x86)\t_201601221352\201601221352\lsas.exe -mini
MSCONFIG\startupreg: MTview => C:\Program Files (x86)\MTV20151125\MTView.exe -mini
MSCONFIG\startupreg: NetDrive2 => "C:\PROGRA~1\NETDRI~1\NetDrive2.exe" -tray
MSCONFIG\startupreg: Plus Internet => C:\Program Files (x86)\Plus Internet\PlusInternetChecker.exe
MSCONFIG\startupreg: Rs => "C:\Program Files (x86)\Intel\Rs.exe" http://down.baidu2016.com/qq/test.txt /start
MSCONFIG\startupreg: RSS ctecka => "C:\Program Files (x86)\RSS Čtečka\RSS čtečka.exe" /autostart
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SysTrayApp => C:\Program Files\IDT\WDM\sttray64.exe
MSCONFIG\startupreg: TdmNotify => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe
MSCONFIG\startupreg: Translated.TAV => C:\Program Files (x86)\TAV\TAV.exe
MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{A48B4B7A-5896-4955-A04D-DC2E99430D70}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{EAAFB451-5FB3-4A29-A7C0-4D6D323E18CF}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{B9E2D81D-8C15-4A00-B472-329DB3ED4CC9}] => (Allow) LPort=2869
FirewallRules: [{5478C402-15EA-4110-B7BC-D3828E49F254}] => (Allow) LPort=1900
FirewallRules: [{FC6F7FCE-9AE5-4317-8B7C-29B0579BE768}] => (Allow) C:\Users\tomas.kratochvil\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{1C69CACF-1B7B-4C07-B4FD-8A2560FFC47F}] => (Allow) C:\Windows\system32\hasplms.exe
FirewallRules: [{941CEDC7-CF94-4B92-B5A4-948E2D8F3EF6}] => (Allow) C:\Users\tomas.kratochvil\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [{CEE073A3-2025-4F6B-B265-1AEC302713F4}] => (Allow) C:\Users\tomas.kratochvil\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [TCP Query User{100F12F0-F338-41F2-AA1F-928F17241E0C}C:\program files (x86)\comap pc suite\tools\ibntconfig\ibntconfig.exe] => (Allow) C:\program files (x86)\comap pc suite\tools\ibntconfig\ibntconfig.exe
FirewallRules: [UDP Query User{2D505CA5-6E85-4852-B410-C88DF45C156C}C:\program files (x86)\comap pc suite\tools\ibntconfig\ibntconfig.exe] => (Allow) C:\program files (x86)\comap pc suite\tools\ibntconfig\ibntconfig.exe
FirewallRules: [{B8C06643-3D73-4D9D-9968-0FC6A319BEE3}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{3A8CDA85-CC8C-41B6-BACA-65DE5F63A354}C:\program files (x86)\defcon\defcon.exe] => (Block) C:\program files (x86)\defcon\defcon.exe
FirewallRules: [UDP Query User{93CD3431-98C0-4D22-AE68-9A23096A500E}C:\program files (x86)\defcon\defcon.exe] => (Block) C:\program files (x86)\defcon\defcon.exe
FirewallRules: [{FDA197C1-D8CD-46EC-B34E-8059B3C5CF92}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [VirtualPC-In-UDP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-UDP-2] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-TCP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [TCP Query User{364AF8AE-651F-48AD-BFFC-5E04989E2276}C:\program files\total commander\totalcmd64.exe] => (Allow) C:\program files\total commander\totalcmd64.exe
FirewallRules: [UDP Query User{C943A204-82F1-4043-8EE9-02567CA214EF}C:\program files\total commander\totalcmd64.exe] => (Allow) C:\program files\total commander\totalcmd64.exe
FirewallRules: [{2036D44F-BDD0-4C10-91B1-261C33DA2E05}] => (Allow) C:\Windows\system32\hasplms.exe
FirewallRules: [{D8B25D8F-7C7D-4B98-9D63-352B0AF32FEE}] => (Allow) C:\Users\tomas.kratochvil\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [TCP Query User{B57EB6E2-D8CA-42D8-912D-F1735932D35D}C:\program files (x86)\winhttrack\winhttrack.exe] => (Allow) C:\program files (x86)\winhttrack\winhttrack.exe
FirewallRules: [UDP Query User{1120C50A-EF91-4C94-887B-BC747A1981E2}C:\program files (x86)\winhttrack\winhttrack.exe] => (Allow) C:\program files (x86)\winhttrack\winhttrack.exe
FirewallRules: [TCP Query User{B66CC727-7E97-48CC-8720-9950137F7165}C:\program files (x86)\unima-ks\manager\manager.exe] => (Allow) C:\program files (x86)\unima-ks\manager\manager.exe
FirewallRules: [UDP Query User{4BE9C70B-ED0A-4F90-8A5C-47CF36232643}C:\program files (x86)\unima-ks\manager\manager.exe] => (Allow) C:\program files (x86)\unima-ks\manager\manager.exe
FirewallRules: [TCP Query User{93A4EA45-706D-4E81-8B1B-9A9A7AE55AB3}C:\program files (x86)\pspad editor\pspad.exe] => (Allow) C:\program files (x86)\pspad editor\pspad.exe
FirewallRules: [UDP Query User{5440D6AD-017B-4E86-B28A-9C606E84DAC5}C:\program files (x86)\pspad editor\pspad.exe] => (Allow) C:\program files (x86)\pspad editor\pspad.exe
FirewallRules: [TCP Query User{B3494C90-88FE-4ABD-9318-2CA0A820DBF0}C:\program files (x86)\dude\dude.exe] => (Allow) C:\program files (x86)\dude\dude.exe
FirewallRules: [UDP Query User{CF2778F7-652B-4ECB-AF85-C2ADD15920F8}C:\program files (x86)\dude\dude.exe] => (Allow) C:\program files (x86)\dude\dude.exe
FirewallRules: [TCP Query User{E5304502-4B21-41FB-8EC0-AF532AD583FE}C:\program files (x86)\adfweb\compositor_sw67044\tcp_67044_update.exe] => (Allow) C:\program files (x86)\adfweb\compositor_sw67044\tcp_67044_update.exe
FirewallRules: [UDP Query User{B336B4EA-1B2D-460A-8703-4DB7621CF9B6}C:\program files (x86)\adfweb\compositor_sw67044\tcp_67044_update.exe] => (Allow) C:\program files (x86)\adfweb\compositor_sw67044\tcp_67044_update.exe
FirewallRules: [{A6F2D82A-F1C4-47F5-8585-22D6F09A46C0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{921B889E-3AFA-4A26-B897-777663CABD04}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{77E3B66F-9A06-42F9-9FD4-C94D4A81788A}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\WDExpress.exe
FirewallRules: [TCP Query User{3178DE40-68B3-4C32-9D42-D095CA44CC36}C:\program files\moxa\mgate manager\mgatemanager64.exe] => (Block) C:\program files\moxa\mgate manager\mgatemanager64.exe
FirewallRules: [UDP Query User{56413CDD-5F8C-46E6-BA16-63E6D72BC060}C:\program files\moxa\mgate manager\mgatemanager64.exe] => (Block) C:\program files\moxa\mgate manager\mgatemanager64.exe
FirewallRules: [TCP Query User{EB28A9A2-E0F1-4946-A81C-A5B93314C527}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{144AA54F-5422-4CDE-B8A2-EA36AABB98A7}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{46AC4DEA-82C9-4758-BE16-E3D3B3B4FCCC}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{1B47B3AF-F2C7-41E9-B4DD-EF2E64AD9BBD}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{62E6DF33-3CE0-46DF-BCDF-96B1200769EA}C:\program files (x86)\teamviewer\teamviewer.exe] => (Allow) C:\program files (x86)\teamviewer\teamviewer.exe
FirewallRules: [UDP Query User{D7FD6175-5FAC-435F-8F49-CE89E37C2260}C:\program files (x86)\teamviewer\teamviewer.exe] => (Allow) C:\program files (x86)\teamviewer\teamviewer.exe
FirewallRules: [TCP Query User{CBF0A336-FB4D-47B2-8070-3ECFA32B8A05}C:\program files (x86)\starcraft\starcraft.exe] => (Allow) C:\program files (x86)\starcraft\starcraft.exe
FirewallRules: [UDP Query User{A4DD0BF7-BAEE-4C95-A328-D77BB547BF6A}C:\program files (x86)\starcraft\starcraft.exe] => (Allow) C:\program files (x86)\starcraft\starcraft.exe
FirewallRules: [TCP Query User{FBA59947-C284-4B80-9BAD-04813321C7DD}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{DC5D60EB-4427-49DC-8433-F82CEEBBECDA}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [{FE05C470-5E29-494C-AF7C-6DA5255D7444}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [TCP Query User{D32B6CE6-904A-4B62-AACB-F9AFBCC957B7}C:\program files (x86)\xirrus\xirrus wi-fi inspector\wifioperations.exe] => (Allow) C:\program files (x86)\xirrus\xirrus wi-fi inspector\wifioperations.exe
FirewallRules: [UDP Query User{2CD48156-9F33-4D08-9A71-856D649E20CB}C:\program files (x86)\xirrus\xirrus wi-fi inspector\wifioperations.exe] => (Allow) C:\program files (x86)\xirrus\xirrus wi-fi inspector\wifioperations.exe
FirewallRules: [{9EE86723-2701-4A1C-9021-D2B9CE6344AB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{D1120092-CF4E-47FF-AD82-18C603D88C6E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{0CF3C477-655B-48D7-AE9D-D1A9DE1F3B78}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{FA646C56-1B14-41EA-AAE3-30064931CF43}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{EA4EF328-45B6-4577-8751-D8C3E06A129B}C:\program files (x86)\openttd\openttd.exe] => (Allow) C:\program files (x86)\openttd\openttd.exe
FirewallRules: [UDP Query User{9D0A8432-6021-44C5-9D21-3374EAE88324}C:\program files (x86)\openttd\openttd.exe] => (Allow) C:\program files (x86)\openttd\openttd.exe
FirewallRules: [{48D34E46-B768-4A64-A171-DC945DD1C886}] => (Block) C:\program files (x86)\openttd\openttd.exe
FirewallRules: [{F451C738-23FE-4C57-8F5C-AAA7A4126738}] => (Block) C:\program files (x86)\openttd\openttd.exe
FirewallRules: [{AED1FB94-16A3-4077-9C4D-3D9CA2754B5A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{188A20DF-6F1D-435E-84E5-7F7891AF7569}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{94C8D928-7D13-4459-8A90-AF6B5D9C81B4}] => (Allow) C:\Program Files (x86)\JonDoFoxPortable\App\firefox\firefox.exe
FirewallRules: [{A0B51421-2DA4-4DA0-A992-7E745D37C5D3}] => (Allow) C:\Program Files (x86)\JonDoFoxPortable\App\firefox\firefox.exe
FirewallRules: [TCP Query User{C0F23A93-439E-48A4-BF7D-DC86CD4F6105}C:\program files (x86)\jesim\cw5run.exe] => (Allow) C:\program files (x86)\jesim\cw5run.exe
FirewallRules: [UDP Query User{AFCEA761-BB14-47D8-B3FA-A7AAD2F78703}C:\program files (x86)\jesim\cw5run.exe] => (Allow) C:\program files (x86)\jesim\cw5run.exe
FirewallRules: [{25E955B8-2410-4AF6-B409-421B1CEE740A}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe
FirewallRules: [{39BE672A-C6EF-4415-96E6-7427FF4F5DC2}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\bugreport_xf.exe
FirewallRules: [{8ABAA8A9-0936-47B5-8B38-03D0DFFB9B4B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{965BD73B-309C-4768-9EF4-720961916D3E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{8E6147E4-3DEE-48DC-81BA-2FAC2F8A6326}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{FC703578-E078-4E6C-B2E6-0B9166528265}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{6A56F8EB-410B-496C-ACF6-612B8A5D084F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{E57AAAA0-52B3-426D-882A-F3D62F798E16}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe
FirewallRules: [{6D23145E-2639-4852-93E6-72094AAF8683}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\bugreport_xf.exe
FirewallRules: [{6A213534-A54D-4619-BF49-3EF53E4AF37C}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\bugreport_xf.exe
FirewallRules: [{ECAE1FB6-682D-49E9-96C0-4361FE302017}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe
FirewallRules: [{BCD5EEA0-FF71-4930-982D-E6D012D7D4BC}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe
FirewallRules: [{50B7B9A2-D043-4D48-ACA6-B22E568C6C84}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\bugreport_xf.exe
FirewallRules: [{DF3CAA18-B3D1-4428-89BD-ECA8DACF5839}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe
FirewallRules: [{4818F812-4367-4A63-9AE3-B0F6CD9F3CB8}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\bugreport_xf.exe

==================== Restore Points =========================

26-01-2016 12:00:58 Windows Zálohování
26-01-2016 14:44:52 Windows Update

==================== Faulty Device Manager Devices =============

Name: TsNetHlpX64.sys
Description: TsNetHlpX64.sys
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: tsnethlpx64
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/26/2016 09:53:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/26/2016 09:53:33 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1511) (User: TEDOM)
Description: Systém Windows nemůže nalézt místní profil. Budete přihlášeni pomocí dočasného profilu. Změny profilu budou při vašem odhlášení ztraceny.

Error: (01/26/2016 09:53:33 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1515) (User: TEDOM)
Description: Systém Windows zálohoval profil tohoto uživatele. Systém se automaticky pokusí použít zazálohovaný profil při příštím přihlášení uživatele.

Error: (01/26/2016 09:53:33 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1502) (User: TEDOM)
Description: Systém Windows nemůže načíst místně uložený profil. Možné příčiny této chyby zahrnují nedostatečná zabezpečovací práva nebo poškozený místní profil.

PODROBNOSTI – Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.

Error: (01/26/2016 09:53:33 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: Systém Windows nemohl načíst registr. Tento problém je často způsoben nedostatkem paměti nebo nedostatečnými zabezpečovacími právy.

PODROBNOSTI – Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
pro: C:\Users\tomas.kratochvil\ntuser.dat

Error: (01/26/2016 09:34:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Explorer.EXE, verze: 6.1.7601.17567, časové razítko: 0x4d672ee4
Název chybujícího modulu: QMGCShellExt64.dll_unloaded, verze: 0.0.0.0, časové razítko: 0x5666c9de
Kód výjimky: 0xc0000005
Posun chyby: 0x00000001800049ac
ID chybujícího procesu: 0x778
Čas spuštění chybující aplikace: 0xExplorer.EXE0
Cesta k chybující aplikaci: Explorer.EXE1
Cesta k chybujícímu modulu: Explorer.EXE2
ID zprávy: Explorer.EXE3

Error: (01/26/2016 08:52:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/26/2016 08:46:21 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/26/2016 01:57:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/26/2016 01:55:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: MODBUSDRV.exe, verze: 3.0.8.5, časové razítko: 0x4f192b9c
Název chybujícího modulu: MODBUSDRV.exe, verze: 3.0.8.5, časové razítko: 0x4f192b9c
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000007d82
ID chybujícího procesu: 0x15a0
Čas spuštění chybující aplikace: 0xMODBUSDRV.exe0
Cesta k chybující aplikaci: MODBUSDRV.exe1
Cesta k chybujícímu modulu: MODBUSDRV.exe2
ID zprávy: MODBUSDRV.exe3


System errors:
=============
Error: (01/26/2016 09:56:55 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: TEDOM)
Description: Zpracování zásad skupiny selhalo v důsledku toho, že se nebylo v síti možné připojit k řadiči domény. Může se jednat o přechodný stav. Po připojení počítače k řadiči domény a úspěšném zpracování zásad skupiny bude odeslána zpráva o úspěšné provedení těchto akcí. Pokud se tato zpráva nezobrazí během několika hodin, obraťte se na správce.

Error: (01/26/2016 09:56:34 PM) (Source: TermService) (EventID: 1067) (User: )
Description: Terminálový server nemohl pro používání k ověření serveru zaregistrovat hlavní název služby TERMSRV. Došlo k následující chybě: Zadaná doména neexistuje nebo není k dispozici.
.

Error: (01/26/2016 09:53:48 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: TEDOM)
Description: Zpracování zásad skupiny selhalo v důsledku toho, že se nebylo v síti možné připojit k řadiči domény. Může se jednat o přechodný stav. Po připojení počítače k řadiči domény a úspěšném zpracování zásad skupiny bude odeslána zpráva o úspěšné provedení těchto akcí. Pokud se tato zpráva nezobrazí během několika hodin, obraťte se na správce.

Error: (01/26/2016 09:53:13 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1055) (User: NT AUTHORITY)
Description: Zpracování zásad skupiny selhalo. Systém Windows nerozpoznal název počítače. Může to být způsobeno jedním nebo více z následujících důvodů:
a) Selhal překlad IP adres v aktuálním řadiči domény.
b) Čekací doba replikace služby Active Directory (účet vytvořený na jiném řadiči domény nebyl replikován na aktuální řadič domény).

Error: (01/26/2016 09:53:11 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba WvPCR závisí na službě Služba TPM Base Services, která neuspěla při spuštění v důsledku následující chyby:
%%0

Error: (01/26/2016 09:53:11 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba SI TSS v1.2.1.41 TCS závisí na službě Služba TPM Base Services, která neuspěla při spuštění v důsledku následující chyby:
%%0

Error: (01/26/2016 09:53:12 PM) (Source: NETLOGON) (EventID: 5719) (User: )
Description: Tento počítač nemohl nastavit zabezpečenou relaci s řadičem
domény v doméně TEDOM z následujícího důvodu:
%%1311

To může vést k potížím při ověřování. Přesvědčte se, zda je tento
počítač připojen k síti. Pokud potíže trvají,
obraťte se na správce domény.



DALŠÍ INFORMACE

Pokud je tento počítač řadičem domény pro určenou doménu,
nastaví zabezpečenou relaci s emulátorem primárního řadiče domény v určené
doméně. V opačném případě tento počítač nastaví zabezpečenou relaci s libovolným řadičem domény
v určené doméně.

Error: (01/26/2016 09:52:23 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\Windows\System32\IWMSSvc.dll

Error: (01/26/2016 09:52:23 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\Windows\System32\IWMSSvc.dll

Error: (01/26/2016 09:52:23 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\Windows\System32\IWMSSvc.dll


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-3340M CPU @ 2.70GHz
Percentage of memory in use: 57%
Total physical RAM: 8097.57 MB
Available physical RAM: 3427.77 MB
Total Virtual: 16193.35 MB
Available Virtual: 11679.09 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:281.61 GB) (Free:30.09 GB) NTFS
Drive d: (DATA) (Fixed) (Total:172.35 GB) (Free:60.58 GB) NTFS
Drive s: (Offline) (Network) (Total:281.61 GB) (Free:30.09 GB) CSC-CACHE
Drive t: (Offline) (Network) (Total:281.61 GB) (Free:30.09 GB) CSC-CACHE
Drive u: (Offline) (Network) (Total:281.61 GB) (Free:30.09 GB) CSC-CACHE
Drive w: (Offline) (Network) (Total:281.61 GB) (Free:30.09 GB) CSC-CACHE

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: 1D625778)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=11.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=281.6 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=172.4 GB) - (Type=OF Extended)

==================== End of Addition.txt ============================
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119673
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Kontrola logu

#6 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start
Task: {74124DA3-2FA6-4F28-B665-50FF85A3F736} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {20B8EAA6-9B90-4DEF-8E43-9674BA12BC65} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2703931844-3940718246-3090366172-2529Core => C:\Users\tomas.kratochvil\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-03-24] (Facebook Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:3204
AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:3256
AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:3357
(Facebook Inc.) C:\Users\tomas.kratochvil\AppData\Local\Facebook\Update\FacebookUpdate.exe
HKLM\...\Run: [Copy Handler] => [X]
HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\...\MountPoints2: {0ec9c726-d44a-11e4-a1ef-a4db302307b8} - G:\SETUP.EXE
HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\...\MountPoints2: {0ec9c749-d44a-11e4-a1ef-a4db302307b8} - G:\SETUP.EXE
HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\...\MountPoints2: {31d298d0-1f1f-11e5-ac72-a4db302307b8} - J:\DriverPackSolution.exe
HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\...\MountPoints2: {620fbe4f-d790-11e4-8844-a4db302307b8} - G:\SETUP.EXE
HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\...\MountPoints2: {8be5f2c7-15a8-11e5-8148-a4db302307b8} - G:\AutoRun.exe
HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\...\MountPoints2: {8be5f311-15a8-11e5-8148-a4db302307b8} - G:\AutoRun.exe
HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\...\MountPoints2: {a4170126-7cf8-11e3-85fc-a4db302307b8} - F:\NokiaPCIA_Autorun.exe
HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\...\MountPoints2: {c8adc4d8-cc69-11e4-8756-a4db302307b8} - G:\DriverPackSolution.exe
HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\...\MountPoints2: {c8adc552-cc69-11e4-8756-a4db302307b8} - G:\DriverPackSolution.exe
HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\...\MountPoints2: {c8adc6d5-cc69-11e4-8756-a4db302307b8} - G:\DriverPackSolution.exe
HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\...\MountPoints2: {d28b8d0c-a93d-11e4-a31d-a4db302307b8} - G:\DriverPackSolution.exe
HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\...\MountPoints2: {d28b9202-a93d-11e4-a31d-a4db302307b8} - G:\DriverPackSolution.exe
HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\...\MountPoints2: {dfa51f33-da2f-11e4-b5ec-a4db302307b8} - G:\SETUP.EXE
HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\...\MountPoints2: {ff840c52-4575-11e5-8254-a4db302307b8} - I:\SETUP.EXE
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2703931844-3940718246-3090366172-2529 -> DefaultScope {3450C047-7FEB-446A-B991-6302F1BE523B} URL =
SearchScopes: HKU\S-1-5-21-2703931844-3940718246-3090366172-2529 -> {3450C047-7FEB-446A-B991-6302F1BE523B} URL =
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
C:\Users\tomas.kratochvil\AppData\Local\Temp
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Proč jste dnes ve 13:43 spustil ComboFix? Nic podobného jsem vám neradil.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Prometheus4
Návštěvník
Návštěvník
Příspěvky: 6
Registrován: 26 led 2016 13:08

Re: Kontrola logu

#7 Příspěvek od Prometheus4 »

Zde je log po fixnutí.

Fix result of Farbar Recovery Scan Tool (x64) Version:25-01-2016
Ran by tomas.kratochvil (2016-01-26 22:49:31) Run:1
Running from C:\Users\tomas.kratochvil\Desktop
Loaded Profiles: tomas.kratochvil (Available Profiles: install & tomas.kratochvil)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
Task: {74124DA3-2FA6-4F28-B665-50FF85A3F736} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {20B8EAA6-9B90-4DEF-8E43-9674BA12BC65} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2703931844-3940718246-3090366172-2529Core => C:\Users\tomas.kratochvil\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-03-24] (Facebook Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:3204
AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:3256
AlternateDataStreams: C:\Windows\SysWOW64\MSIHANDLE:3357
(Facebook Inc.) C:\Users\tomas.kratochvil\AppData\Local\Facebook\Update\FacebookUpdate.exe
HKLM\...\Run: [Copy Handler] => [X]
HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\...\MountPoints2: {0ec9c726-d44a-11e4-a1ef-a4db302307b8} - G:\SETUP.EXE
HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\...\MountPoints2: {0ec9c749-d44a-11e4-a1ef-a4db302307b8} - G:\SETUP.EXE
HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\...\MountPoints2: {31d298d0-1f1f-11e5-ac72-a4db302307b8} - J:\DriverPackSolution.exe
HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\...\MountPoints2: {620fbe4f-d790-11e4-8844-a4db302307b8} - G:\SETUP.EXE
HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\...\MountPoints2: {8be5f2c7-15a8-11e5-8148-a4db302307b8} - G:\AutoRun.exe
HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\...\MountPoints2: {8be5f311-15a8-11e5-8148-a4db302307b8} - G:\AutoRun.exe
HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\...\MountPoints2: {a4170126-7cf8-11e3-85fc-a4db302307b8} - F:\NokiaPCIA_Autorun.exe
HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\...\MountPoints2: {c8adc4d8-cc69-11e4-8756-a4db302307b8} - G:\DriverPackSolution.exe
HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\...\MountPoints2: {c8adc552-cc69-11e4-8756-a4db302307b8} - G:\DriverPackSolution.exe
HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\...\MountPoints2: {c8adc6d5-cc69-11e4-8756-a4db302307b8} - G:\DriverPackSolution.exe
HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\...\MountPoints2: {d28b8d0c-a93d-11e4-a31d-a4db302307b8} - G:\DriverPackSolution.exe
HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\...\MountPoints2: {d28b9202-a93d-11e4-a31d-a4db302307b8} - G:\DriverPackSolution.exe
HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\...\MountPoints2: {dfa51f33-da2f-11e4-b5ec-a4db302307b8} - G:\SETUP.EXE
HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\...\MountPoints2: {ff840c52-4575-11e5-8254-a4db302307b8} - I:\SETUP.EXE
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2703931844-3940718246-3090366172-2529 -> DefaultScope {3450C047-7FEB-446A-B991-6302F1BE523B} URL =
SearchScopes: HKU\S-1-5-21-2703931844-3940718246-3090366172-2529 -> {3450C047-7FEB-446A-B991-6302F1BE523B} URL =
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
C:\Users\tomas.kratochvil\AppData\Local\Temp
End
*****************

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{74124DA3-2FA6-4F28-B665-50FF85A3F736}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{74124DA3-2FA6-4F28-B665-50FF85A3F736}" => key removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{20B8EAA6-9B90-4DEF-8E43-9674BA12BC65}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{20B8EAA6-9B90-4DEF-8E43-9674BA12BC65}" => key removed successfully
C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2703931844-3940718246-3090366172-2529Core => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FacebookUpdateTaskUserS-1-5-21-2703931844-3940718246-3090366172-2529Core" => key removed successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\Windows\SysWOW64\MSIHANDLE => ":3204" ADS removed successfully.
C:\Windows\SysWOW64\MSIHANDLE => ":3256" ADS removed successfully.
C:\Windows\SysWOW64\MSIHANDLE => ":3357" ADS removed successfully.
[7372] C:\Users\tomas.kratochvil\AppData\Local\Facebook\Update\FacebookUpdate.exe => process closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Copy Handler => value removed successfully
"HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0ec9c726-d44a-11e4-a1ef-a4db302307b8}" => key removed successfully
HKCR\CLSID\{0ec9c726-d44a-11e4-a1ef-a4db302307b8} => key not found.
"HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0ec9c749-d44a-11e4-a1ef-a4db302307b8}" => key removed successfully
HKCR\CLSID\{0ec9c749-d44a-11e4-a1ef-a4db302307b8} => key not found.
"HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{31d298d0-1f1f-11e5-ac72-a4db302307b8}" => key removed successfully
HKCR\CLSID\{31d298d0-1f1f-11e5-ac72-a4db302307b8} => key not found.
"HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{620fbe4f-d790-11e4-8844-a4db302307b8}" => key removed successfully
HKCR\CLSID\{620fbe4f-d790-11e4-8844-a4db302307b8} => key not found.
"HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8be5f2c7-15a8-11e5-8148-a4db302307b8}" => key removed successfully
HKCR\CLSID\{8be5f2c7-15a8-11e5-8148-a4db302307b8} => key not found.
"HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8be5f311-15a8-11e5-8148-a4db302307b8}" => key removed successfully
HKCR\CLSID\{8be5f311-15a8-11e5-8148-a4db302307b8} => key not found.
"HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a4170126-7cf8-11e3-85fc-a4db302307b8}" => key removed successfully
HKCR\CLSID\{a4170126-7cf8-11e3-85fc-a4db302307b8} => key not found.
"HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c8adc4d8-cc69-11e4-8756-a4db302307b8}" => key removed successfully
HKCR\CLSID\{c8adc4d8-cc69-11e4-8756-a4db302307b8} => key not found.
"HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c8adc552-cc69-11e4-8756-a4db302307b8}" => key removed successfully
HKCR\CLSID\{c8adc552-cc69-11e4-8756-a4db302307b8} => key not found.
"HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c8adc6d5-cc69-11e4-8756-a4db302307b8}" => key removed successfully
HKCR\CLSID\{c8adc6d5-cc69-11e4-8756-a4db302307b8} => key not found.
"HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d28b8d0c-a93d-11e4-a31d-a4db302307b8}" => key removed successfully
HKCR\CLSID\{d28b8d0c-a93d-11e4-a31d-a4db302307b8} => key not found.
"HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d28b9202-a93d-11e4-a31d-a4db302307b8}" => key removed successfully
HKCR\CLSID\{d28b9202-a93d-11e4-a31d-a4db302307b8} => key not found.
"HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dfa51f33-da2f-11e4-b5ec-a4db302307b8}" => key removed successfully
HKCR\CLSID\{dfa51f33-da2f-11e4-b5ec-a4db302307b8} => key not found.
"HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ff840c52-4575-11e5-8254-a4db302307b8}" => key removed successfully
HKCR\CLSID\{ff840c52-4575-11e5-8254-a4db302307b8} => key not found.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully
HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-2703931844-3940718246-3090366172-2529\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{3450C047-7FEB-446A-B991-6302F1BE523B}" => key removed successfully
HKCR\CLSID\{3450C047-7FEB-446A-B991-6302F1BE523B} => key not found.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully

"C:\Users\tomas.kratochvil\AppData\Local\Temp" folder move:

Could not move "C:\Users\tomas.kratochvil\AppData\Local\Temp" => Scheduled to move on reboot.


Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2016-01-26 22:52:51)

C:\Users\tomas.kratochvil\AppData\Local\Temp => moved successfully

==== End of Fixlog 22:52:52 ====
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119673
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Kontrola logu

#8 Příspěvek od Rudy »

Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Prometheus4
Návštěvník
Návštěvník
Příspěvky: 6
Registrován: 26 led 2016 13:08

Re: Kontrola logu

#9 Příspěvek od Prometheus4 »

Paráda! Všechny mallwary jsou pryč :) Děkuji mnohokrát za pomoc.
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119673
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Kontrola logu

#10 Příspěvek od Rudy »

Rádo se stalo! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Zamčeno

Zpět na „Řešení problémů, logy“