Prosím o kontrolu logu - přesměrovávají se mi stránky

Zpráva

Mataa · #1 Příspěvek od **Mataa** » 10 bře 2016 20:01

Zdravím, prosím o kontrolu logu - včera jsem pravděpodobně stáhla soubor s virem a od té doby mi blbne pc..Při zapínání mi naskočila černá obrazovka a teď se mi automaticky přesměrovávají stránky..díky moc za radu!

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
Ran by Martina (administrator) on IDEA-PC (10-03-2016 19:53:33)
Running from C:\Users\Martina\Desktop\Složky\Programy\na viry
Loaded Profiles: Martina (Available Profiles: Martina)
Platform: Windows 8 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 10 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe
(BitTorrent Inc.) C:\Users\Martina\AppData\Roaming\BitTorrent\BitTorrent.exe
() C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\esat.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(Vimicro) C:\Program Files (x86)\USB Camera\VM331STI.EXE
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
() C:\Program Files (x86)\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(BitTorrent Inc.) C:\Users\Martina\AppData\Roaming\BitTorrent\updates\7.9.5_41866\utorrentie.exe
(BitTorrent Inc.) C:\Users\Martina\AppData\Roaming\BitTorrent\updates\7.9.5_41866\utorrentie.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [887968 2012-06-15] (Conexant Systems, Inc.)
HKLM\...\Run: [BtPreLoad] => C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe [64640 2012-09-30] ()
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17079376 2013-02-08] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [191568 2013-02-08] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [508656 2012-07-26] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [548864 2012-05-02] (Vimicro)
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2012-07-27] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [167024 2012-07-27] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [217088 2012-04-19] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [Philips Device Listener] => C:\Program Files (x86)\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe [380416 2012-02-15] ()
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [25122080 2016-02-16] (Dropbox, Inc.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\Run: [HP Deskjet 3050A J611 series (NET)] => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\Run: [BitTorrent] => C:\Users\Martina\AppData\Roaming\BitTorrent\BitTorrent.exe [1930760 2016-03-05] (BitTorrent Inc.)
HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\MountPoints2: {1c3be7a9-71dc-11e2-be6b-806e6f6e6963} - "E:\autorun.exe"
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
Startup: C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\esat.exe [2016-03-09] ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [S-1-5-21-1443460809-2058308057-2046692019-1001] => Proxy is enabled.
ProxyServer: [S-1-5-21-1443460809-2058308057-2046692019-1001] => 127.0.0.1:8013
Tcpip\Parameters: [DhcpNameServer] 10.0.10.1 192.168.10.1
Tcpip\..\Interfaces\{D58DC935-FA05-437B-BA74-886A24E255C4}: [DhcpNameServer] 10.0.10.1 192.168.10.1
ManualProxies: 1127.0.0.1:8013

Internet Explorer:
==================
URLSearchHook: [S-1-5-21-1443460809-2058308057-2046692019-1001] ATTENTION => Default URLSearchHook is missing
SearchScopes: HKU\S-1-5-21-1443460809-2058308057-2046692019-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1443460809-2058308057-2046692019-1001 -> {24AB7B16-6C04-4E62-BADB-A3AF9C7BA5B2} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-1443460809-2058308057-2046692019-1001 -> {28DBDC09-CD74-4291-80D1-789ACD6F9883} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_13415
SearchScopes: HKU\S-1-5-21-1443460809-2058308057-2046692019-1001 -> {4E0C853B-1E34-451A-B946-3B8D7C8BCE5D} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-1443460809-2058308057-2046692019-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={searchTerms}&r ... {startPage}
SearchScopes: HKU\S-1-5-21-1443460809-2058308057-2046692019-1001 -> {6BC336E0-0860-4AFD-B849-E13CABFBD077} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_13415
SearchScopes: HKU\S-1-5-21-1443460809-2058308057-2046692019-1001 -> {764482F2-C192-4032-B5B2-7848E6928461} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_13415
SearchScopes: HKU\S-1-5-21-1443460809-2058308057-2046692019-1001 -> {8C35819E-0D88-4E0F-8946-73D1764A9500} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-1443460809-2058308057-2046692019-1001 -> {A82AFC07-BDDB-4D91-91BD-B3D6AB1E5B87} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_13415
SearchScopes: HKU\S-1-5-21-1443460809-2058308057-2046692019-1001 -> {CFDE9E19-18B2-4AC6-9F1E-14BD87C69D29} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-06-26] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-06-26] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\u60ghvfv.default
FF NewTab: about:newtab
FF Homepage: hxxps://www.pesweb.cz/cz/naplnte-misky
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_21_0_0_182.dll [2016-03-10] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll [2013-09-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_182.dll [2016-03-10] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 -> C:\windows\SysWOW64\npDeployJava1.dll [2013-06-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-06-26] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll [2013-09-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-10] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-10] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-06-07] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppluginrichmediaplayer.dll [2013-03-12] ()
FF Extension: Google Translator for Firefox - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\u60ghvfv.default\extensions\translator@zoli.bod.xpi [2016-01-01]
FF Extension: Adblock Plus - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\u60ghvfv.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-03-01]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2016-03-03] [not signed]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2016-03-03] [not signed]

Chrome:
=======
CHR Profile: C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-21]
CHR Extension: (Dokumenty Google) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-21]
CHR Extension: (Disk Google) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-21]
CHR Extension: (Rapport) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2016-02-10]
CHR Extension: (YouTube) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-21]
CHR Extension: (Vyhledávání Google) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-21]
CHR Extension: (Tabulky Google) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-25]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-21]
CHR Extension: (Gmail) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-21]
CHR HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [220288 2012-09-30] (Qualcomm Atheros Commnucations) [File not signed]
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-08-09] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-08-09] (Dropbox, Inc.)
S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [1738808 2015-09-29] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6951992 2015-09-29] (GOG.com)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2266160 2016-03-03] (IBM Corp.)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-09-30] (Atheros) [File not signed]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-09-30] (Qualcomm Atheros)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-01-24] (Disc Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3265256 2012-09-20] (Broadcom Corporation)
S3 GEARAspiWDM; C:\Windows\SysWOW64\Drivers\GEARAspiWDM.sys [15664 2011-07-15] (GEAR Software Inc.)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [192216 2015-12-15] (Malwarebytes)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R4 RapportCerberus_1507079; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1507079.sys [961880 2015-12-14] (IBM Corp.)
R1 RapportCerberus_1507082; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1507082.sys [972896 2016-03-10] (IBM Corp.)
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [514336 2016-03-03] (IBM Corp.)
R0 RapportHades64; C:\Windows\System32\Drivers\RapportHades64.sys [152320 2016-03-03] (IBM Corp.)
R0 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [407168 2016-03-03] (IBM Corp.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [507424 2016-03-03] (IBM Corp.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-27] (Synaptics Incorporated)
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [975104 2012-08-24] (Vimicro Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [36288 2013-07-02] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [247216 2013-07-01] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
S1 kagtrmkd; \??\C:\windows\system32\drivers\kagtrmkd.sys [X]
S1 rlqxuiia; \??\C:\windows\system32\drivers\rlqxuiia.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-09 20:15 - 2016-03-09 20:30 - 00000000 ____D C:\Users\Martina\Desktop\GTA San Andreas
2016-03-09 19:40 - 2016-03-09 19:40 - 01245250 _____ C:\Users\Martina\Downloads\GTA-San-Andreas-Crack.zip
2016-03-09 14:55 - 2016-03-09 18:49 - 00681213 _____ C:\Users\Martina\Desktop\obývák + kuchyně.odt
2016-03-09 13:43 - 2016-03-09 13:43 - 01979023 _____ C:\Users\Martina\Downloads\vizualizace%252520kuchy%2525C5%252588%252520%25252B%252520ob%2525C3%2525BDv%2525C3%2525A1k%252520-%252520popt%2525C3%2525A1vka.xlsx
2016-03-08 20:23 - 2016-03-08 20:23 - 00124132 _____ C:\Users\Martina\Downloads\Black-Mass(0000265447).srt
2016-03-08 05:05 - 2016-03-08 05:05 - 00000000 ____D C:\Users\Martina\AppData\LocalLow\BitTorrent
2016-03-06 19:23 - 2016-03-06 22:48 - 3645241445 _____ C:\Users\Martina\Downloads\GTA-San-Andreas-+-CZ-titulky-PC-bez-instalace!.rar
2016-03-06 18:39 - 2016-03-06 19:23 - 762483364 _____ C:\Users\Martina\Downloads\Ocista-Anarchie-2014-CZ-dabing-640x360.mp4
2016-03-06 11:00 - 2016-03-06 11:46 - 831584632 _____ C:\Users\Martina\Downloads\Vendeta-2011,-CZ.mkv
2016-03-05 21:52 - 2016-03-06 10:54 - 843569593 _____ C:\Users\Martina\Downloads\Mamon-S01E01-Oběť.mkv
2016-03-03 14:12 - 2016-03-09 21:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-03-01 15:50 - 2016-03-01 16:31 - 739466546 _____ C:\Users\Martina\Downloads\Ztracená-brána--3.-díl.avi
2016-03-01 14:50 - 2016-03-01 15:38 - 864999886 _____ C:\Users\Martina\Downloads\Ztracená-brána--2.díl.avi
2016-03-01 13:59 - 2016-03-01 14:49 - 865567474 _____ C:\Users\Martina\Downloads\Ztracená-brána--1.díl.avi
2016-03-01 13:52 - 2016-03-09 21:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-03-01 13:52 - 2016-03-01 13:52 - 00001174 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-03-01 13:52 - 2016-03-01 13:52 - 00001162 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-03-01 13:13 - 2016-03-01 13:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MozBackup
2016-02-19 19:37 - 2016-02-19 19:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-02-18 17:29 - 2016-02-18 20:18 - 938531862 _____ C:\Users\Martina\Downloads\The.Lobster.2015.720p.BRRip.x264.AAC-ETRG.mp4
2016-02-16 20:28 - 2016-02-16 21:14 - 831340866 _____ C:\Users\Martina\Downloads\Gomorrah-The-Series---Gomora---S01E02-CZ-IT-dabing-by-Pretorian---Ti-fidi-di-me..mkv
2016-02-14 17:15 - 2016-02-14 17:56 - 732304568 _____ C:\Users\Martina\Downloads\Letopisy-narnie-Lev,-čarodejnice-a-skříň.avi
2016-02-14 17:15 - 2016-02-14 17:15 - 00077698 _____ C:\Users\Martina\Downloads\The-Chronicles-of-Narnia-Voyage-of-the-Dawn-Treader(0000175248).srt
2016-02-14 15:35 - 2016-02-14 17:09 - 1682889632 _____ C:\Users\Martina\Downloads\The-Chronicles-of-Narnia---The-Voyage-of-the-Dawn-Treader-(Letopisy-Narnie---Plavba-Jitřního-poutníka)-[2010]-ENG.avi
2016-02-09 16:45 - 2016-02-09 17:28 - 777698319 _____ C:\Users\Martina\Downloads\Gomorrah-The-Series---Gomora---S01E01-CZ-IT-dabing-by-Pretorian---Il-clan-dei-Savastano.mkv

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-10 19:52 - 2013-11-26 20:58 - 00000000 ____D C:\Users\Martina\AppData\Roaming\BitTorrent
2016-03-10 19:51 - 2015-03-30 13:16 - 00000000 ____D C:\FRST
2016-03-10 19:37 - 2015-12-30 19:43 - 00000972 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-10 19:37 - 2015-11-11 07:36 - 00000914 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2016-03-10 19:37 - 2015-08-09 15:24 - 00000000 ___RD C:\Users\Martina\Dropbox
2016-03-10 19:37 - 2015-08-09 10:53 - 00000000 ____D C:\Users\Martina\AppData\Local\Dropbox
2016-03-10 19:37 - 2013-06-18 11:03 - 00003802 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2016-03-10 19:35 - 2013-02-08 12:38 - 05407916 _____ C:\windows\system32\perfh005.dat
2016-03-10 19:35 - 2013-02-08 12:38 - 01654998 _____ C:\windows\system32\perfc005.dat
2016-03-10 19:35 - 2012-07-26 08:28 - 00005430 _____ C:\windows\system32\PerfStringBackup.INI
2016-03-09 21:05 - 2015-04-02 16:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ochrana koncového bodu Trusteer
2016-03-09 21:04 - 2012-07-26 08:22 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-03-09 21:04 - 2012-07-26 06:26 - 00262144 ___SH C:\windows\system32\config\BBI
2016-03-09 20:59 - 2015-12-30 19:43 - 00000976 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-09 13:09 - 2012-07-26 09:12 - 00000000 ___HD C:\Program Files\WindowsApps
2016-03-09 13:06 - 2013-06-19 21:29 - 00000000 ____D C:\Users\Martina\AppData\Local\CrashDumps
2016-03-07 19:45 - 2013-06-18 21:00 - 01219072 ___SH C:\Users\Martina\Downloads\Thumbs.db
2016-03-06 20:59 - 2012-07-26 09:12 - 00000000 ____D C:\windows\AUInstallAgent
2016-03-05 22:30 - 2013-06-22 18:10 - 00001437 _____ C:\Users\Martina\Desktop\filmy.txt
2016-03-03 17:02 - 2015-01-03 16:28 - 00000000 ____D C:\Users\Martina\AppData\Local\Battle.net
2016-03-03 17:02 - 2015-01-03 16:27 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-03-03 17:01 - 2015-01-03 16:28 - 00000000 ____D C:\Users\Martina\AppData\Roaming\Battle.net
2016-03-03 17:01 - 2015-01-03 16:18 - 00000000 ____D C:\ProgramData\Battle.net
2016-03-03 13:12 - 2013-06-22 18:03 - 00013650 _____ C:\Users\Martina\Desktop\Nový textový dokument.txt
2016-03-03 11:19 - 2015-04-02 16:32 - 00407168 _____ (IBM Corp.) C:\windows\system32\Drivers\RapportKE64.sys
2016-03-03 11:19 - 2015-04-02 16:32 - 00152320 _____ (IBM Corp.) C:\windows\system32\Drivers\RapportHades64.sys
2016-03-02 19:42 - 2013-06-19 08:07 - 17316352 ___SH C:\Users\Martina\Desktop\Thumbs.db
2016-03-01 13:13 - 2015-10-27 15:19 - 00000000 ____D C:\Program Files (x86)\MozBackup
2016-02-20 09:01 - 2015-12-30 19:45 - 00002223 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-20 09:01 - 2015-12-30 19:45 - 00002194 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-02-19 19:37 - 2015-08-09 10:53 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-02-17 16:29 - 2013-07-23 22:16 - 00000000 ____D C:\Users\Martina\Desktop\Filmy
2016-02-10 08:54 - 2015-12-30 19:43 - 00003948 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-02-10 08:54 - 2015-12-30 19:43 - 00003712 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore

==================== Files in the root of some directories =======

2013-10-03 22:20 - 2013-10-03 22:20 - 0003584 _____ () C:\Users\Martina\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-06-18 11:15 - 2013-06-18 11:15 - 0000057 _____ () C:\ProgramData\Ament.ini
2015-12-14 20:31 - 2015-12-14 20:31 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\Martina\AppData\Local\Temp\tmp4675.tmp.exe

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-03-08 08:34

==================== End of FRST.txt ============================

#2 Příspěvek od **Rudy** » 10 bře 2016 20:11

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

Mataa · #3 Příspěvek od **Mataa** » 10 bře 2016 20:59

# AdwCleaner v5.101 - Logfile created 10/03/2016 at 20:52:53
# Updated 07/03/2016 by Xplode
# Database : 2016-03-08.1 [Server]
# Operating system : Windows 8 (x64)
# Username : Martina - IDEA-PC
# Running from : C:\Users\Martina\Downloads\adwcleaner_5.101.exe
# Option : Clean
# Support : http://toolslib.net/forum

***** [ Services ] *****

***** [ Folders ] *****

***** [ Files ] *****

***** [ DLLs ] *****

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

***** [ Registry ] *****

[-] Key Deleted : HKCU\Software\0dfae8ceb37375efcae4cbebada0b8a8
[-] Key Deleted : HKCU\Software\70e657aea8ec12ad148e692631521515
[-] Key Deleted : HKCU\Software\Conduit

***** [ Web browsers ] *****

*************************

:: "Tracing" keys removed
:: Winsock settings cleared

*************************

C:\Program Files (x86)\AdwCleaner\AdwCleaner[C1].txt - [859 bytes] - [10/03/2016 20:52:53]
C:\Program Files (x86)\AdwCleaner\AdwCleaner[S1].txt - [942 bytes] - [10/03/2016 20:20:10]

########## EOF - C:\Program Files (x86)\AdwCleaner\AdwCleaner[C1].txt - [1043 bytes] ##########

#4 Příspěvek od **Rudy** » 10 bře 2016 21:57

Dejte nový log FRST.

Mataa90 · #5 Příspěvek od **Mataa90** » 11 bře 2016 13:31

Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
Ran by Martina (2016-03-11 13:25:39)
Running from C:\Users\Martina\Desktop
Windows 8 (X64) (2013-06-18 09:32:05)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-1443460809-2058308057-2046692019-500 - Administrator - Disabled)
Guest (S-1-5-21-1443460809-2058308057-2046692019-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1443460809-2058308057-2046692019-1003 - Limited - Enabled)
Martina (S-1-5-21-1443460809-2058308057-2046692019-1001 - Administrator - Enabled) => C:\Users\Martina

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-PDF Maker Version 1.0.3 (HKLM-x32\...\7-PDF Maker_is1) (Version: 7-PDF Maker - Version 1.0.3 - 7-PDF, Germany - Thorsten Hodes)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.2.0.2070 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.182 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
Advanced PDF to IMAGE converter 1.9.9.34 (HKLM-x32\...\Advanced PDF to IMAGE converter_is1) (Version: 1.9.9.34 - IntraPDF)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.7 - Atheros Communications Inc.)
ATLAS.ti (HKLM-x32\...\{251659B0-5D87-41EC-B00B-D414E3713375}) (Version: 7.1.07.0 - ATLAS.ti Scientific Software Development GmbH)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.1.2253 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BitTorrent (HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\BitTorrent) (Version: 7.9.5.41866 - BitTorrent Inc.)
BitTorrent Sync (HKLM-x32\...\BitTorrent Sync) (Version: 1.2.75 - )
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.65.1074 - AB Team, d.o.o.)
CCleaner (HKLM-x32\...\CCleaner) (Version: 2.36 - Piriform)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.44.50 - Conexant)
CZ-Doc2Txt Demo 4.0 (HKLM-x32\...\CZ-Doc2Txt Demo_is1) (Version: - )
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.8000.16 - Dolby Laboratories Inc)
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.14.7 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.35 - Dropbox, Inc.) Hidden
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 8.0.2.5 - Lenovo)
Energy Management (x32 Version: 8.0.2.5 - Lenovo) Hidden
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.2.56.5181 - Gretech Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
HP Deskjet 3050A J611 series Nápověda (HKLM-x32\...\{97DDCAB8-B770-4089-A10F-67568069D78A}) (Version: 140.0.2.2 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33057) (Version: 3.6.1.33057.10 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2828 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.4.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.36 - Irfan Skiljan)
Java 7 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
Jpeg Resampler Vs 6+ (HKLM-x32\...\JpegResampler2010_is1) (Version: - Jpeg Resampler)
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.9.1.135 - PandoraTV)
Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}) (Version: 13.12.824.1 - Vimicro)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.0710 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.0.0.0710 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4310.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.4310.52 - CyberLink Corp.) Hidden
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3127 - CyberLink Corp.)
Lenovo YouCam (x32 Version: 4.1.3127 - CyberLink Corp.) Hidden
Malwarebytes Anti-Malware verze 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Malwarebytes Anti-Malware verze 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft Office 2010 pro podnikatele (HKLM\...\Office14.SingleImage) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}) (Version: - Microsoft)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 44.0.2 (x86 cs) (HKLM-x32\...\Mozilla Firefox 44.0.2 (x86 cs)) (Version: 44.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0.2.5884 - Mozilla)
NVIDIA PhysX (HKLM-x32\...\{F9835182-794B-4F24-902A-E2CA9D43380F}) (Version: 9.10.0512 - NVIDIA Corporation)
Ochrana koncového bodu Trusteer (HKLM-x32\...\Rapport_msi) (Version: 3.5.1507.113 - Trusteer)
Origin (HKLM-x32\...\Origin) (Version: 9.4.1.116 - Electronic Arts, Inc.)
Philips Songbird (HKLM-x32\...\Philips Songbird) (Version: 5.6.2119 (2119) - Koninklijke Philips Electronics N.V.)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.9109 - CyberLink Corp.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.210 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Rapport (x32 Version: 3.5.1507.113 - Trusteer) Hidden
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
RollerCoaster Tycoon 2 (HKLM-x32\...\{72DF62BD-FF36-424E-AA5F-D89BAFF2C249}) (Version: - )
RollerCoaster Tycoon 2: Time Twister (HKLM-x32\...\{BA1E1AFD-D1F2-4C52-88C3-186FC5E61604}) (Version: 1.00.000 - )
RollerCoaster Tycoon 2: Wacky Worlds (HKLM-x32\...\{B1AD83A0-DC92-41E3-B111-E9472349768C}) (Version: - )
Seznam Software (HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\SeznamInstall) (Version: - Seznam.cz)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SketchUp 2015 (HKLM\...\{319CD380-1AAB-4CAD-BE1D-59189A780FA6}) (Version: 15.2.685 - Trimble Navigation Limited)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.10.13089 - Skype Technologies S.A.)
Skype™ 6.5 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.5.158 - Skype Technologies S.A.)
SoulseekQt (HKLM-x32\...\SoulseekQt) (Version: - )
Studie vylepšování produktu HP Deskjet 3050A J611 series (HKLM\...\{6AD6E658-928E-4CDE-A6D6-34A098B8D0A3}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.61.90905 - SugarSync, Inc.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.10.13 - Synaptics Incorporated)
The Elder Scrolls V Skyrim - Legendary Edition (HKLM-x32\...\{EAABE756-8A47-440F-AAC7-2F6BFF589169}) (Version: 6.0 - Black Box)
The Sims" 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.63.5 - Electronic Arts)
The Sims" 3 70s, 80s, & 90s Stuff (HKLM-x32\...\{E1868CAE-E3B9-4099-8C18-AA8944D336FD}) (Version: 17.0.77 - Electronic Arts)
The Sims" 3 Ambitions (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.0.87 - Electronic Arts)
The Sims" 3 Diesel Stuff (HKLM-x32\...\{1C9B6173-6DC9-4EEE-9EFC-6BA115CFBE43}) (Version: 14.0.48 - Electronic Arts)
The Sims" 3 Fast Lane Stuff (HKLM-x32\...\{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}) (Version: 5.0.44 - Electronic Arts)
The Sims" 3 Generations (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)
The Sims" 3 High-End Loft Stuff (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.0.38 - Electronic Arts)
The Sims" 3 Into the Future (HKLM-x32\...\{A0BBD6C7-B546-4048-B33A-F21F5C9F5B09}) (Version: 21.0.150 - Electronic Arts)
The Sims" 3 Island Paradise (HKLM-x32\...\{DB21639E-FE55-432C-BCA2-0C5249E3F79E}) (Version: 19.0.101 - Electronic Arts)
The Sims" 3 Katy Perry's Sweet Treats (HKLM-x32\...\{9B2506E3-9A3F-45B5-96BF-509CAD584650}) (Version: 13.0.62 - Electronic Arts)
The Sims" 3 Late Night (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.0.81 - Electronic Arts)
The Sims" 3 Master Suite Stuff (HKLM-x32\...\{08A25478-C5DD-4EA7-B168-3D687CA987FF}) (Version: 11.0.84 - Electronic Arts)
The Sims" 3 Movie Stuff (HKLM-x32\...\{D0087539-3C57-44E0-BEE7-D779D546CBE1}) (Version: 20.0.53 - Electronic Arts)
The Sims" 3 Outdoor Living Stuff (HKLM-x32\...\{117B6BF6-82C3-420C-B284-9247C8568E53}) (Version: 7.0.55 - Electronic Arts)
The Sims" 3 Pets (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
The Sims" 3 Seasons (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
The Sims" 3 Showtime (HKLM-x32\...\{3BBFD444-5FAB-49F6-98B1-A1954E831399}) (Version: 12.0.273 - Electronic Arts)
The Sims" 3 Supernatural (HKLM-x32\...\{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}) (Version: 15.0.135 - Electronic Arts)
The Sims" 3 Town Life Stuff (HKLM-x32\...\{7B11296A-F894-449C-8DF6-6AAAA7D4D118}) (Version: 9.0.73 - Electronic Arts)
The Sims" 3 University Life (HKLM-x32\...\{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}) (Version: 18.0.126 - Electronic Arts)
The Sims" 3 World Adventures (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.0.86 - Electronic Arts)
The Sims™ 3 + Expansions Uninstaller (HKLM-x32\...\The Sims™ 3 + Expansions Uninstaller) (Version: 1.0.0.11 - Electronic Arts)
The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.0.0.0 - GOG.com)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 8.01 - Ghisler Software GmbH)
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.9 - Lenovo)
UserGuide (x32 Version: 1.0.0.9 - Lenovo) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.0.7 (HKLM-x32\...\VLC media player) (Version: 2.0.7 - VideoLAN)
Windows Driver Package - Lenovo (ACPIVPC) System (06/15/2012 8.1.0.1) (HKLM\...\71BC3FD63F450BA0A957AAECBDB4A000C4F2BE42) (Version: 06/15/2012 8.1.0.1 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (06/19/2012 10.13.29.733) (HKLM\...\8A223E56FB1ED4F697B54E5BF96F1EB63B512684) (Version: 06/19/2012 10.13.29.733 - Lenovo)
WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Základní software zařízení HP Deskjet 3050A J611 series (HKLM\...\{E520AF6F-F5E5-4307-B970-84E3B9B6A2B0}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {284E8BF2-9459-4D38-8C29-7279FD0DDEFE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {2C682BF3-9208-4A48-8C9A-BB68F4A3204B} - System32\Tasks\Norton Security Scan for Martina => C:\PROGRA~2\NORTON~2\Engine\401~1.16\Nss.exe
Task: {3AFD98FD-3236-46E5-A0CE-AC9C7E9D2155} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-30] (Google Inc.)
Task: {458AFB3D-2AA5-4293-A3F4-9DFD673090B2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-30] (Google Inc.)
Task: {473DF277-F08F-4789-A6DE-15A880BCDBDA} - System32\Tasks\Synaptics TouchPad Enhancements => Program Files\Synaptics\SynTP\SynTPEnh.exe
Task: {599F3923-CD25-4D55-9518-E6406A329D54} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-08-09] (Dropbox, Inc.)
Task: {691EBD32-1C8B-4E43-9304-92517C24F0C2} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {695839A0-555E-4624-BAB3-AE2F9733E7AB} - System32\Tasks\{C48480B4-8E3A-413B-ACAA-BB531D8DA11C} => pcalua.exe -a "C:\Program Files (x86)\GoforFiles\uninstall.exe"
Task: {6F56C1A0-97C3-48FD-A25F-207FF7248E1B} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-03-11] (AVAST Software)
Task: {828DB246-B519-4939-8F61-0731CA422D04} - System32\Tasks\HPCustParticipation HP Deskjet 3050A J611 series => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {89D6492A-8CA9-41B3-8279-9343A3D08EE9} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1443460809-2058308057-2046692019-1001UA => C:\Users\Martina\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {9E3010F9-2BB2-400C-B395-53132F435A12} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2012-07-27] (CyberLink)
Task: {A90CBC37-0075-44DE-8BAB-B10A7DDFC0B5} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-10] (Adobe Systems Incorporated)
Task: {BD57C267-5423-4869-B9FA-6F641E24DE05} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-08-09] (Dropbox, Inc.)
Task: {CB250DAC-2D90-4209-A237-386A46740724} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-03-11] (AVAST Software)
Task: {D4D59810-FA98-4264-937B-1DE4E2EB61F9} - \GoogleUpdateTaskUserS-1-5-21-1443460809-2058308057-2046692019-1001Core1ceb8a123e7bf34 -> No File <==== ATTENTION
Task: {FB781AAE-7F12-4420-ACEC-55316653381B} - \GoogleUpdateTaskUserS-1-5-21-1443460809-2058308057-2046692019-1001UA1cec44decc40ac7 -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Intеrnеt Ехplоrеr.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.bat (No File)
Shortcut: C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Gооglе Сhrоmе.lnk -> C:\Users\Martina\AppData\Local\Google\Chrome\Application\chrome.bat (No File)
Shortcut: C:\Users\Martina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Gооglе Сhrоmе.lnk -> C:\Users\Martina\AppData\Local\Google\Chrome\Application\chrome.bat (No File)
Shortcut: C:\Users\Martina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Lаunсh Intеrnеt Ехplоrеr Вrоwsеr.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.bat (No File)
Shortcut: C:\Users\Martina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Gооglе Сhrоmе.lnk -> C:\Users\Martina\AppData\Local\Google\Chrome\Application\chrome.bat (No File)
Shortcut: C:\Users\Martina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Intеrnеt Ехplоrеr.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.bat (No File)
Shortcut: C:\Users\Martina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Моzillа Firеfох.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.bat ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Моzillа Firеfох.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.bat ()

==================== Loaded Modules (Whitelisted) ==============

2013-07-15 11:02 - 2010-09-06 17:21 - 00538435 _____ () C:\Program Files (x86)\JpegResampler2010\JRcm64.dll
2012-08-14 09:56 - 2012-08-03 17:34 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2016-03-09 20:29 - 2016-03-09 20:29 - 00093696 _____ () C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\esat.exe
2012-02-15 04:02 - 2012-02-15 04:02 - 00380416 _____ () C:\Program Files (x86)\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe
2012-09-30 04:02 - 2012-09-30 04:02 - 00384128 _____ () C:\Program Files (x86)\Bluetooth Suite\ContactsApi.dll
2012-09-30 03:56 - 2012-09-30 03:56 - 00021504 _____ () C:\Program Files (x86)\Bluetooth Suite\L10n\cs-CZ\BtTray.cs-CZ.dll
2012-09-30 03:59 - 2012-09-30 03:59 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2012-09-30 04:01 - 2012-09-30 04:01 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2012-07-26 08:55 - 2012-07-26 08:53 - 00170864 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
2013-02-08 11:50 - 2012-06-25 19:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2015-07-21 16:02 - 2015-07-21 16:02 - 00557056 _____ () C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll
2015-12-13 08:35 - 2016-01-12 19:44 - 00034768 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2016-02-19 19:36 - 2016-01-12 19:45 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2015-12-13 08:34 - 2016-01-12 19:44 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2015-12-13 08:35 - 2016-01-12 19:44 - 00093640 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2015-12-13 08:35 - 2016-01-12 19:44 - 00018376 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2015-12-13 08:35 - 2016-02-16 19:39 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2015-12-13 08:35 - 2016-01-12 19:46 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2015-12-13 08:34 - 2016-01-12 19:44 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2015-12-13 08:35 - 2016-02-16 19:39 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2015-12-13 08:35 - 2016-01-12 19:44 - 00692688 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2016-02-19 19:36 - 2016-02-16 19:38 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2015-12-13 08:35 - 2016-01-12 19:45 - 00112592 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2016-02-19 19:36 - 2016-02-16 19:38 - 01682760 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2016-02-19 19:36 - 2016-02-16 19:38 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2015-12-13 08:35 - 2016-02-16 19:39 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_python_x66cf7a7cx17a72769.pyd
2015-12-13 08:35 - 2016-02-16 19:39 - 00021840 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2016-02-19 19:36 - 2016-02-16 19:39 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2016-02-19 19:36 - 2016-01-12 19:46 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2015-12-13 08:35 - 2016-01-12 19:46 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2015-12-13 08:35 - 2016-01-12 19:47 - 00114640 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2015-12-13 08:35 - 2016-01-12 19:46 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2016-02-19 19:37 - 2016-02-16 19:39 - 00021832 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
2015-12-13 08:35 - 2016-01-12 19:46 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2015-12-13 08:35 - 2016-01-12 19:46 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2015-12-13 08:35 - 2016-01-12 19:47 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2015-12-13 08:35 - 2016-01-12 19:47 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2015-12-13 08:35 - 2016-01-12 19:47 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2015-12-13 08:35 - 2016-01-12 19:47 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2016-02-19 19:36 - 2016-02-16 19:39 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2015-12-13 08:35 - 2016-01-12 19:46 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2015-12-13 08:35 - 2016-01-12 19:47 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2016-02-19 19:36 - 2016-02-16 19:38 - 00117056 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2016-02-19 19:36 - 2016-02-16 19:39 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2016-02-19 19:36 - 2016-01-12 19:47 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2015-12-13 08:35 - 2016-02-16 19:39 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2015-12-13 08:35 - 2016-01-12 19:44 - 00134608 _____ () C:\Program Files (x86)\Dropbox\Client\_elementtree.pyd
2016-02-19 19:36 - 2016-01-12 19:44 - 00134088 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2016-02-19 19:36 - 2016-01-12 19:45 - 00240584 _____ () C:\Program Files (x86)\Dropbox\Client\jpegtran.pyd
2016-02-19 19:36 - 2016-02-16 19:39 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2016-02-19 19:37 - 2016-02-16 19:39 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-02-19 19:37 - 2016-02-16 19:39 - 00021824 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32._winffi_kernel32.pyd
2016-02-19 19:37 - 2016-02-16 19:39 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror._winffi_winerror.pyd
2016-02-19 19:37 - 2016-02-16 19:39 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet._winffi_wininet.pyd
2016-02-19 19:36 - 2016-02-16 19:38 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2015-12-13 08:35 - 2016-01-12 19:47 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2016-02-19 19:37 - 2016-02-16 19:39 - 00022352 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2016-02-19 19:36 - 2016-02-16 19:39 - 00084792 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2015-12-13 08:34 - 2016-02-16 19:39 - 01826096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2015-12-13 08:35 - 2016-01-12 19:45 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2015-12-13 08:34 - 2016-02-16 19:39 - 03928880 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2015-12-13 08:34 - 2016-02-16 19:39 - 01971504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2015-12-13 08:34 - 2016-02-16 19:39 - 00531248 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2015-12-13 08:34 - 2016-02-16 19:39 - 00132912 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2015-12-13 08:34 - 2016-02-16 19:39 - 00223544 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2015-12-13 08:34 - 2016-02-16 19:39 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2016-02-19 19:36 - 2016-02-16 19:39 - 00158008 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2016-02-19 19:36 - 2016-02-16 19:39 - 00042808 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2016-02-19 19:36 - 2016-01-12 19:49 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2016-02-19 19:36 - 2016-01-12 19:49 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2015-12-13 08:34 - 2016-02-16 19:39 - 00546096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2015-12-13 08:34 - 2016-02-16 19:39 - 00357680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2015-10-17 17:59 - 2016-01-12 19:52 - 00697304 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-02-20 09:01 - 2016-02-18 05:14 - 01630360 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\libglesv2.dll
2016-02-20 09:01 - 2016-02-18 05:14 - 00085656 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\libegl.dll
2016-03-11 12:46 - 2016-03-11 12:46 - 00113496 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2016-03-11 12:46 - 2016-03-11 12:46 - 00133768 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-03-11 12:47 - 2016-03-11 12:47 - 02838016 _____ () C:\Program Files\AVAST Software\Avast\defs\16030800\algo.dll
2016-03-11 12:46 - 2016-03-11 12:46 - 00480760 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-03-11 12:46 - 2016-03-11 12:46 - 00307808 _____ () C:\Program Files\AVAST Software\Avast\browser_pass.dll
2016-03-11 12:54 - 2016-03-11 12:54 - 02839552 _____ () C:\Program Files\AVAST Software\Avast\defs\16031100\algo.dll
2016-03-11 12:46 - 2016-03-11 12:46 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-26 06:26 - 2015-12-18 15:06 - 00000841 ____A C:\windows\system32\Drivers\etc\hosts

127.0.0.1 localhost
::1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 10.0.10.1 - 192.168.10.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{DF289F14-CAC0-4213-9305-8FF21D411D09}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{91B74A67-CAD8-4339-92CF-DCFD59D0038F}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{FF30B5BE-0161-4C0F-A6BE-FF22B31892A7}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\DeviceSetup.exe
FirewallRules: [{F41EC1EE-C1AE-4924-80A9-E0137E2C22C9}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{42B909B0-6C8A-4447-850D-56473D094D15}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{EFCC1EC3-5E07-4ADD-BBE4-AAAD83A4BB9A}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\PanProcess.exe
FirewallRules: [{83C69336-9C6D-4E1E-9519-EB7AF7FCD75D}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\PanProcess.exe
FirewallRules: [{65067041-E73C-4C8A-96F1-DEF13A155777}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
FirewallRules: [{245DE49B-2480-47F1-AEC4-C09E76A707D9}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
FirewallRules: [TCP Query User{44B6ABFA-05AA-40D5-9E6C-0EFC2CA0286A}C:\program files (x86)\the witcher 2 (cz)\bin\witcher2.exe] => (Allow) C:\program files (x86)\the witcher 2 (cz)\bin\witcher2.exe
FirewallRules: [UDP Query User{A8115946-4BB7-4860-A2DF-27F9415B346A}C:\program files (x86)\the witcher 2 (cz)\bin\witcher2.exe] => (Allow) C:\program files (x86)\the witcher 2 (cz)\bin\witcher2.exe
FirewallRules: [TCP Query User{E654D09A-5AE7-4133-84B1-033014A75397}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{35D37321-C173-47B8-BC19-2222BD3F190B}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{B7572BF2-5CD1-4859-9518-6F6F9F5E4A96}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\PanProcess.exe
FirewallRules: [{F34631B8-C04A-48E0-A1BB-3DAE845EE4A8}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\PanProcess.exe
FirewallRules: [{05975455-6DFC-4B35-9D25-AA42FD1E2362}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
FirewallRules: [{05CB1771-1E06-49B5-B289-B711CDEB6E79}] => (Allow) C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
FirewallRules: [{9808533E-1663-4A9A-B4D8-BDEAACA5F738}] => (Allow) C:\Users\Martina\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{734FAB46-8A70-4A1A-AC97-7A56376E9C7B}] => (Allow) C:\Users\Martina\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{562600B4-92D4-4CEF-94E3-1459030F0793}] => (Allow) C:\Program Files (x86)\BitTorrent Sync\BTSync.exe
FirewallRules: [{4A6E15AF-840B-4A8E-BEF1-88795E8AF772}] => (Allow) C:\Program Files (x86)\BitTorrent Sync\BTSync.exe
FirewallRules: [TCP Query User{5D7DC74F-5D97-4F82-8E46-9315998EFE6D}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [UDP Query User{349F3F8E-284A-466F-9889-BA8301928005}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [TCP Query User{D11A40ED-0D77-4C53-A59A-685437C57370}C:\program files (x86)\electronic arts\eadm\core.exe] => (Block) C:\program files (x86)\electronic arts\eadm\core.exe
FirewallRules: [UDP Query User{9B977310-62CF-44A1-96FB-4C1998C49D5D}C:\program files (x86)\electronic arts\eadm\core.exe] => (Block) C:\program files (x86)\electronic arts\eadm\core.exe
FirewallRules: [TCP Query User{FD18A27C-2D9F-47C3-9E16-E84C429FC4EA}C:\program files (x86)\soulseekqt\soulseekqt.exe] => (Allow) C:\program files (x86)\soulseekqt\soulseekqt.exe
FirewallRules: [UDP Query User{EB2C6D05-1245-425E-A253-262BDD2E4FBF}C:\program files (x86)\soulseekqt\soulseekqt.exe] => (Allow) C:\program files (x86)\soulseekqt\soulseekqt.exe
FirewallRules: [{A865E873-BE16-48A7-99C8-EE755DC466C9}] => (Allow) C:\Users\Martina\Downloads\Atlas_Ti_7_Serial_Number_downloader.exe
FirewallRules: [{AC3D7A10-F8EB-4341-8B55-F09C0B0C59D7}] => (Allow) C:\Users\Martina\Downloads\Atlas_Ti_7_Serial_Number_downloader.exe
FirewallRules: [{0C806F1D-656F-4928-AF4F-3CF79E9D26A5}] => (Allow) C:\Program Files (x86)\GoforFiles\goforfilesdl.exe
FirewallRules: [{E9B0C110-4CB0-4467-A3A6-81C886D098B9}] => (Allow) C:\Program Files (x86)\GoforFiles\goforfilesdl.exe
FirewallRules: [{32DF8F41-99BA-4432-9B8E-5403EDA793DB}] => (Allow) C:\Program Files (x86)\GoforFiles\GoforFiles.exe
FirewallRules: [{7AD80CA2-73F9-429E-BB25-6DAD545B7B64}] => (Allow) C:\Program Files (x86)\GoforFiles\GoforFiles.exe
FirewallRules: [{4DB4C5CF-F4CE-47DE-8563-C3929AB80F64}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{6EDBF4B4-87FA-40C2-B4C3-C25AF01F4423}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{70F237BC-0E0C-4916-B45B-DF48A4EC024E}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{D8FEA99B-78FF-490D-9E16-B5C1E5D4287A}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{D7FB46E7-1710-43C3-ACDC-3C5D53243D65}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{4E52FBC8-5119-49E5-A39B-592A5FFC5621}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{0B4AFBD8-BDE0-4E04-AAAD-52748960FEA9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{4628679D-B308-4511-BB5A-DB5B3C495347}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{7D766AED-65E9-43EC-95D6-FBD6AAACCBD2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4905F335-8B63-493D-B6F2-FD1B15B8355E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9F4F784A-0707-45A6-8573-25E04A39771A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{250EEF7F-D167-4214-9636-D14505B72C20}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{1C968339-491D-4D8D-8A4F-0CAAF9C97138}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{40C5B306-2E70-47D6-9F17-415EA6744F6B}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{1EE35BD1-D986-41BA-9CEF-DDC59DC28EE7}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{F54C43E9-A50C-47C0-BC7D-925279E711C6}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{BB053BF1-307E-48A7-88F3-C0E6BAB173F0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{B8E3C732-7E79-4DA0-92B2-5F5EED3208A1}C:\users\martina\appdata\roaming\microsoft\windows\start menu\programs\startup\esat.exe] => (Allow) C:\users\martina\appdata\roaming\microsoft\windows\start menu\programs\startup\esat.exe
FirewallRules: [UDP Query User{EE36A195-4091-4016-9855-C60BFC256432}C:\users\martina\appdata\roaming\microsoft\windows\start menu\programs\startup\esat.exe] => (Allow) C:\users\martina\appdata\roaming\microsoft\windows\start menu\programs\startup\esat.exe

==================== Restore Points =========================

01-03-2016 13:40:33 Installed Rapport
09-03-2016 14:06:38 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Adaptér tunelového režimu Microsoft Teredo
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

==================== Event log errors: =========================

Application errors:
==================
Error: (03/11/2016 12:39:36 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (03/11/2016 12:39:36 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (03/11/2016 12:39:36 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (03/11/2016 12:36:36 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: IDEA-PC)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail se nepovedlo aktivovat, protože došlo k chybě: -2147467263. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (03/11/2016 12:36:36 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: IDEA-PC)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail se nepovedlo aktivovat, protože došlo k chybě: -2147467263. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (03/11/2016 12:36:36 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: IDEA-PC)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail se nepovedlo aktivovat, protože došlo k chybě: -2147467263. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (03/10/2016 07:35:35 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (03/10/2016 07:35:35 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (03/10/2016 07:35:35 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (03/09/2016 06:44:40 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

System errors:
=============
Error: (03/10/2016 09:06:16 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby avgsvc bylo dosaženo časového limitu (30000 ms).

Error: (03/10/2016 08:54:12 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \SystemRoot\SysWow64\Drivers\GEARAspiWDM.sys

Error: (03/10/2016 08:54:12 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \SystemRoot\SysWow64\Drivers\GEARAspiWDM.sys

Error: (03/10/2016 08:54:12 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \SystemRoot\SysWow64\Drivers\GEARAspiWDM.sys

Error: (03/10/2016 08:52:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Stínová kopie svazku byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/10/2016 08:52:53 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Instalační služba systému Windows byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.

Error: (03/10/2016 08:52:53 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba AVG Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (03/10/2016 08:52:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (03/10/2016 08:52:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Management and Security Application User Notification Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/10/2016 08:52:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

CodeIntegrity:
===================================
Date: 2014-07-02 16:25:19.270
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SABProcEnum.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-07-02 16:25:16.216
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\SABKUTIL.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-07-02 16:25:16.123
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\SuperAdBlocker.com\Super Ad Blocker\sabdifsv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: Intel(R) Celeron(R) CPU 1000M @ 1.80GHz
Percentage of memory in use: 36%
Total physical RAM: 3961.77 MB
Available physical RAM: 2514.71 MB
Total Virtual: 7924.22 MB
Available Virtual: 5970.23 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:418.43 GB) (Free:9.24 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:0.09 GB) NTFS
Drive e: (RCTycoon 2) (CDROM) (Total:0.72 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 487094B7)

Partition: GPT.

==================== End of Addition.txt ============================

#6 Příspěvek od **Rudy** » 11 bře 2016 17:51

Nějaká chybička se asi vloudila. Jak ve fóru, tak v příloze jsou stejné logy (Addition). Prosím o log FRST.

Mataa90 · #7 Příspěvek od **Mataa90** » 11 bře 2016 19:26

aha, pardon

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
Ran by Martina (administrator) on IDEA-PC (11-03-2016 19:13:25)
Running from C:\Users\Martina\Desktop
Loaded Profiles: Martina (Available Profiles: Martina)
Platform: Windows 8 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 10 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe
(BitTorrent Inc.) C:\Users\Martina\AppData\Roaming\BitTorrent\BitTorrent.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(Vimicro) C:\Program Files (x86)\USB Camera\VM331STI.EXE
(BitTorrent Inc.) C:\Users\Martina\AppData\Roaming\BitTorrent\updates\7.9.5_41866\utorrentie.exe
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(BitTorrent Inc.) C:\Users\Martina\AppData\Roaming\BitTorrent\updates\7.9.5_41866\utorrentie.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
() C:\Program Files (x86)\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicatorCom.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [887968 2012-06-15] (Conexant Systems, Inc.)
HKLM\...\Run: [BtPreLoad] => C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe [64640 2012-09-30] ()
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17079376 2013-02-08] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [191568 2013-02-08] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [508656 2012-07-26] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [548864 2012-05-02] (Vimicro)
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2012-07-27] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [167024 2012-07-27] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [217088 2012-04-19] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [Philips Device Listener] => C:\Program Files (x86)\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe [380416 2012-02-15] ()
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [25122080 2016-02-16] (Dropbox, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7137664 2016-03-11] (AVAST Software)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\Run: [HP Deskjet 3050A J611 series (NET)] => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\Run: [BitTorrent] => C:\Users\Martina\AppData\Roaming\BitTorrent\BitTorrent.exe [1930760 2016-03-05] (BitTorrent Inc.)
HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\MountPoints2: {1c3be7a9-71dc-11e2-be6b-806e6f6e6963} - "E:\autorun.exe"
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-03-11] (AVAST Software)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-1443460809-2058308057-2046692019-1001] => 127.0.0.1:8013
Tcpip\Parameters: [DhcpNameServer] 10.0.10.1 192.168.10.1
Tcpip\..\Interfaces\{D58DC935-FA05-437B-BA74-886A24E255C4}: [DhcpNameServer] 10.0.10.1 192.168.10.1
ManualProxies: 1127.0.0.1:8013

Internet Explorer:
==================
URLSearchHook: [S-1-5-21-1443460809-2058308057-2046692019-1001] ATTENTION => Default URLSearchHook is missing
SearchScopes: HKU\S-1-5-21-1443460809-2058308057-2046692019-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1443460809-2058308057-2046692019-1001 -> {24AB7B16-6C04-4E62-BADB-A3AF9C7BA5B2} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-1443460809-2058308057-2046692019-1001 -> {28DBDC09-CD74-4291-80D1-789ACD6F9883} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_13415
SearchScopes: HKU\S-1-5-21-1443460809-2058308057-2046692019-1001 -> {4E0C853B-1E34-451A-B946-3B8D7C8BCE5D} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-1443460809-2058308057-2046692019-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={searchTerms}&r ... {startPage}
SearchScopes: HKU\S-1-5-21-1443460809-2058308057-2046692019-1001 -> {6BC336E0-0860-4AFD-B849-E13CABFBD077} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_13415
SearchScopes: HKU\S-1-5-21-1443460809-2058308057-2046692019-1001 -> {764482F2-C192-4032-B5B2-7848E6928461} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_13415
SearchScopes: HKU\S-1-5-21-1443460809-2058308057-2046692019-1001 -> {8C35819E-0D88-4E0F-8946-73D1764A9500} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-1443460809-2058308057-2046692019-1001 -> {A82AFC07-BDDB-4D91-91BD-B3D6AB1E5B87} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_13415
SearchScopes: HKU\S-1-5-21-1443460809-2058308057-2046692019-1001 -> {CFDE9E19-18B2-4AC6-9F1E-14BD87C69D29} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-03-11] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-06-26] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-03-11] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-06-26] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\u60ghvfv.default
FF NewTab: about:newtab
FF Homepage: hxxps://www.pesweb.cz/cz/naplnte-misky
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_21_0_0_182.dll [2016-03-10] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll [2013-09-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_182.dll [2016-03-10] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 -> C:\windows\SysWOW64\npDeployJava1.dll [2013-06-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-06-26] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll [2013-09-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-10] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-10] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-06-07] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppluginrichmediaplayer.dll [2013-03-12] ()
FF Extension: Google Translator for Firefox - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\u60ghvfv.default\extensions\translator@zoli.bod.xpi [2016-01-01]
FF Extension: Adblock Plus - C:\Users\Martina\AppData\Roaming\Mozilla\Firefox\Profiles\u60ghvfv.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-03-01]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2016-03-03] [not signed]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2016-03-03] [not signed]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-03-11]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF

Chrome:
=======
CHR Profile: C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-21]
CHR Extension: (Dokumenty Google) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-21]
CHR Extension: (Disk Google) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-21]
CHR Extension: (Rapport) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2016-02-10]
CHR Extension: (YouTube) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-21]
CHR Extension: (Vyhledávání Google) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-21]
CHR Extension: (Tabulky Google) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-25]
CHR Extension: (Avast Online Security) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-03-11]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-21]
CHR Extension: (Gmail) - C:\Users\Martina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-21]
CHR HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-03-11]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [220288 2012-09-30] (Qualcomm Atheros Commnucations) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [237096 2016-03-11] (AVAST Software)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-08-09] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-08-09] (Dropbox, Inc.)
S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [1738808 2015-09-29] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6951992 2015-09-29] (GOG.com)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2266160 2016-03-03] (IBM Corp.)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-09-30] (Atheros) [File not signed]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-03-11] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-03-11] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-03-11] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-03-11] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-03-11] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [463744 2016-03-11] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [165344 2016-03-11] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287016 2016-03-11] (AVAST Software)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-09-30] (Qualcomm Atheros)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-01-24] (Disc Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3265256 2012-09-20] (Broadcom Corporation)
S3 GEARAspiWDM; C:\Windows\SysWOW64\Drivers\GEARAspiWDM.sys [15664 2011-07-15] (GEAR Software Inc.)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [192216 2015-12-15] (Malwarebytes)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R1 RapportCerberus_1507082; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1507082.sys [972896 2016-03-10] (IBM Corp.)
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [514336 2016-03-03] (IBM Corp.)
R0 RapportHades64; C:\Windows\System32\Drivers\RapportHades64.sys [152320 2016-03-03] (IBM Corp.)
R0 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [407168 2016-03-03] (IBM Corp.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [507424 2016-03-03] (IBM Corp.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-27] (Synaptics Incorporated)
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [975104 2012-08-24] (Vimicro Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [36288 2013-07-02] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [247216 2013-07-01] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
S1 kagtrmkd; \??\C:\windows\system32\drivers\kagtrmkd.sys [X]
S1 rlqxuiia; \??\C:\windows\system32\drivers\rlqxuiia.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-11 13:23 - 2016-03-11 19:14 - 00024729 _____ C:\Users\Martina\Desktop\FRST.txt
2016-03-11 12:53 - 2016-03-11 12:46 - 00398152 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2016-03-11 12:48 - 2016-03-11 12:48 - 00001933 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-03-11 12:48 - 2016-03-11 12:48 - 00000000 ____D C:\windows\System32\Tasks\AVAST Software
2016-03-11 12:48 - 2016-03-11 12:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-03-11 12:48 - 2016-03-11 12:48 - 00000000 ____D C:\Program Files\Common Files\AV
2016-03-11 12:47 - 2016-03-11 12:48 - 01070904 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2016-03-11 12:47 - 2016-03-11 12:48 - 00463744 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2016-03-11 12:47 - 2016-03-11 12:48 - 00287016 _____ (AVAST Software) C:\windows\system32\Drivers\aswVmm.sys
2016-03-11 12:47 - 2016-03-11 12:48 - 00107792 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2016-03-11 12:47 - 2016-03-11 12:46 - 00165344 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2016-03-11 12:47 - 2016-03-11 12:46 - 00103064 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2016-03-11 12:47 - 2016-03-11 12:46 - 00074544 _____ (AVAST Software) C:\windows\system32\Drivers\aswRvrt.sys
2016-03-11 12:47 - 2016-03-11 12:46 - 00037656 _____ (AVAST Software) C:\windows\system32\Drivers\aswHwid.sys
2016-03-11 12:46 - 2016-03-11 12:46 - 00052184 _____ (AVAST Software) C:\windows\avastSS.scr
2016-03-11 12:44 - 2016-03-11 12:44 - 00000000 ____D C:\Program Files\AVAST Software
2016-03-11 12:42 - 2016-03-11 12:42 - 05207096 _____ (AVAST Software) C:\Users\Martina\Downloads\avast_free_antivirus_setup_online.exe
2016-03-10 20:19 - 2016-03-11 12:41 - 00000000 ____D C:\ProgramData\MFAData
2016-03-10 20:19 - 2016-03-10 20:52 - 00000000 ____D C:\Program Files (x86)\AdwCleaner
2016-03-10 20:19 - 2016-03-10 20:19 - 01524224 _____ C:\Users\Martina\Downloads\adwcleaner_5.101.exe
2016-03-10 20:19 - 2016-03-10 20:19 - 00000000 ____D C:\Users\Martina\AppData\Local\MFAData
2016-03-10 20:12 - 2016-03-11 13:11 - 00000000 ____D C:\Users\Martina\AppData\Local\AvgSetupLog
2016-03-10 20:12 - 2016-03-10 20:12 - 00000000 ____D C:\Users\Martina\AppData\Local\Avg
2016-03-10 20:11 - 2016-03-10 20:11 - 02946424 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Martina\Downloads\AVG_Protection_Free_1064.exe
2016-03-09 14:55 - 2016-03-09 18:49 - 00681213 _____ C:\Users\Martina\Desktop\obývák + kuchyně.odt
2016-03-09 13:43 - 2016-03-09 13:43 - 01979023 _____ C:\Users\Martina\Downloads\vizualizace%252520kuchy%2525C5%252588%252520%25252B%252520ob%2525C3%2525BDv%2525C3%2525A1k%252520-%252520popt%2525C3%2525A1vka.xlsx
2016-03-08 20:23 - 2016-03-08 20:23 - 00124132 _____ C:\Users\Martina\Downloads\Black-Mass(0000265447).srt
2016-03-08 05:05 - 2016-03-11 18:47 - 00000000 ____D C:\Users\Martina\AppData\LocalLow\BitTorrent
2016-03-06 18:39 - 2016-03-06 19:23 - 762483364 _____ C:\Users\Martina\Downloads\Ocista-Anarchie-2014-CZ-dabing-640x360.mp4
2016-03-06 11:00 - 2016-03-06 11:46 - 831584632 _____ C:\Users\Martina\Downloads\Vendeta-2011,-CZ.mkv
2016-03-05 21:52 - 2016-03-06 10:54 - 843569593 _____ C:\Users\Martina\Downloads\Mamon-S01E01-Oběť.mkv
2016-03-03 14:12 - 2016-03-09 21:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-03-01 15:50 - 2016-03-01 16:31 - 739466546 _____ C:\Users\Martina\Downloads\Ztracená-brána--3.-díl.avi
2016-03-01 14:50 - 2016-03-01 15:38 - 864999886 _____ C:\Users\Martina\Downloads\Ztracená-brána--2.díl.avi
2016-03-01 13:59 - 2016-03-01 14:49 - 865567474 _____ C:\Users\Martina\Downloads\Ztracená-brána--1.díl.avi
2016-03-01 13:52 - 2016-03-09 21:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-03-01 13:52 - 2016-03-01 13:52 - 00001174 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-03-01 13:52 - 2016-03-01 13:52 - 00001162 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-03-01 13:13 - 2016-03-01 13:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MozBackup
2016-02-19 19:37 - 2016-02-19 19:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-02-18 17:29 - 2016-02-18 20:18 - 938531862 _____ C:\Users\Martina\Downloads\The.Lobster.2015.720p.BRRip.x264.AAC-ETRG.mp4
2016-02-16 20:28 - 2016-02-16 21:14 - 831340866 _____ C:\Users\Martina\Downloads\Gomorrah-The-Series---Gomora---S01E02-CZ-IT-dabing-by-Pretorian---Ti-fidi-di-me..mkv
2016-02-14 17:15 - 2016-02-14 17:56 - 732304568 _____ C:\Users\Martina\Downloads\Letopisy-narnie-Lev,-čarodejnice-a-skříň.avi
2016-02-14 17:15 - 2016-02-14 17:15 - 00077698 _____ C:\Users\Martina\Downloads\The-Chronicles-of-Narnia-Voyage-of-the-Dawn-Treader(0000175248).srt
2016-02-14 15:35 - 2016-02-14 17:09 - 1682889632 _____ C:\Users\Martina\Downloads\The-Chronicles-of-Narnia---The-Voyage-of-the-Dawn-Treader-(Letopisy-Narnie---Plavba-Jitřního-poutníka)-[2010]-ENG.avi

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-11 19:13 - 2015-03-30 13:16 - 00000000 ____D C:\FRST
2016-03-11 19:13 - 2013-11-26 20:58 - 00000000 ____D C:\Users\Martina\AppData\Roaming\BitTorrent
2016-03-11 18:59 - 2015-12-30 19:43 - 00000976 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-11 18:47 - 2015-12-30 19:43 - 00000972 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-11 18:36 - 2015-11-11 07:36 - 00000914 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2016-03-11 17:30 - 2012-07-26 08:22 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-03-11 14:51 - 2012-07-26 06:26 - 00262144 ___SH C:\windows\system32\config\BBI
2016-03-11 14:49 - 2015-08-09 15:24 - 00000000 ___RD C:\Users\Martina\Dropbox
2016-03-11 13:33 - 2013-02-08 12:38 - 05435220 _____ C:\windows\system32\perfh005.dat
2016-03-11 13:33 - 2013-02-08 12:38 - 01663798 _____ C:\windows\system32\perfc005.dat
2016-03-11 13:33 - 2012-07-26 08:28 - 00005430 _____ C:\windows\system32\PerfStringBackup.INI
2016-03-11 13:23 - 2014-03-20 20:00 - 00000000 ____D C:\ProgramData\AVG
2016-03-11 12:55 - 2013-11-13 14:34 - 00003924 _____ C:\windows\System32\Tasks\avast! Emergency Update
2016-03-11 12:42 - 2013-10-29 17:12 - 00000000 ____D C:\ProgramData\AVAST Software
2016-03-11 12:37 - 2015-08-09 10:53 - 00000000 ____D C:\Users\Martina\AppData\Local\Dropbox
2016-03-10 20:13 - 2013-09-19 11:37 - 00000000 ____D C:\Users\Martina\AppData\Local\ElevatedDiagnostics
2016-03-10 19:51 - 2015-10-16 17:03 - 02374144 _____ (Farbar) C:\Users\Martina\Desktop\FRST64.exe
2016-03-10 19:37 - 2013-06-18 11:03 - 00003802 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2016-03-09 21:05 - 2015-04-02 16:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ochrana koncového bodu Trusteer
2016-03-09 13:10 - 2012-07-26 09:12 - 00000000 ____D C:\windows\AUInstallAgent
2016-03-09 13:09 - 2012-07-26 09:12 - 00000000 ___HD C:\Program Files\WindowsApps
2016-03-09 13:06 - 2013-06-19 21:29 - 00000000 ____D C:\Users\Martina\AppData\Local\CrashDumps
2016-03-07 19:45 - 2013-06-18 21:00 - 01219072 ___SH C:\Users\Martina\Downloads\Thumbs.db
2016-03-05 22:30 - 2013-06-22 18:10 - 00001437 _____ C:\Users\Martina\Desktop\filmy.txt
2016-03-03 17:02 - 2015-01-03 16:28 - 00000000 ____D C:\Users\Martina\AppData\Local\Battle.net
2016-03-03 17:02 - 2015-01-03 16:27 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-03-03 17:01 - 2015-01-03 16:28 - 00000000 ____D C:\Users\Martina\AppData\Roaming\Battle.net
2016-03-03 17:01 - 2015-01-03 16:18 - 00000000 ____D C:\ProgramData\Battle.net
2016-03-03 13:12 - 2013-06-22 18:03 - 00013650 _____ C:\Users\Martina\Desktop\Nový textový dokument.txt
2016-03-03 11:19 - 2015-04-02 16:32 - 00407168 _____ (IBM Corp.) C:\windows\system32\Drivers\RapportKE64.sys
2016-03-03 11:19 - 2015-04-02 16:32 - 00152320 _____ (IBM Corp.) C:\windows\system32\Drivers\RapportHades64.sys
2016-03-02 19:42 - 2013-06-19 08:07 - 17316352 ___SH C:\Users\Martina\Desktop\Thumbs.db
2016-03-01 13:13 - 2015-10-27 15:19 - 00000000 ____D C:\Program Files (x86)\MozBackup
2016-02-20 09:01 - 2015-12-30 19:45 - 00002223 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-20 09:01 - 2015-12-30 19:45 - 00002194 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-02-19 19:37 - 2015-08-09 10:53 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-02-17 16:29 - 2013-07-23 22:16 - 00000000 ____D C:\Users\Martina\Desktop\Filmy
2016-02-10 08:54 - 2015-12-30 19:43 - 00003948 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-02-10 08:54 - 2015-12-30 19:43 - 00003712 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore

==================== Files in the root of some directories =======

2013-10-03 22:20 - 2013-10-03 22:20 - 0003584 _____ () C:\Users\Martina\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-06-18 11:15 - 2013-06-18 11:15 - 0000057 _____ () C:\ProgramData\Ament.ini
2015-12-14 20:31 - 2015-12-14 20:31 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\Martina\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-03-10 20:23

==================== End of FRST.txt ============================

#8 Příspěvek od **Rudy** » 11 bře 2016 20:08

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\MountPoints2: {1c3be7a9-71dc-11e2-be6b-806e6f6e6963} - "E:\autorun.exe"
URLSearchHook: [S-1-5-21-1443460809-2058308057-2046692019-1001] ATTENTION => Default URLSearchHook is missing
S1 kagtrmkd; \??\C:\windows\system32\drivers\kagtrmkd.sys [X]
S1 rlqxuiia; \??\C:\windows\system32\drivers\rlqxuiia.sys [X]
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Martina\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\ProgramData\DP45977C.lfl
C:\Users\Martina\AppData\Local\Temp
Task: {D4D59810-FA98-4264-937B-1DE4E2EB61F9} - \GoogleUpdateTaskUserS-1-5-21-1443460809-2058308057-2046692019-1001Core1ceb8a123e7bf34 -> No File <==== ATTENTION
Task: {FB781AAE-7F12-4420-ACEC-55316653381B} - \GoogleUpdateTaskUserS-1-5-21-1443460809-2058308057-2046692019-1001UA1cec44decc40ac7 -> No File <==== ATTENTION
Shortcut: C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Gооglе Сhrоmе.lnk -> C:\Users\Martina\AppData\Local\Google\Chrome\Application\chrome.bat (No File)
Shortcut: C:\Users\Martina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Gооglе Сhrоmе.lnk -> C:\Users\Martina\AppData\Local\Google\Chrome\Application\chrome.bat (No File)
Shortcut: C:\Users\Martina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Lаunсh Intеrnеt Ехplоrеr Вrоwsеr.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.bat (No File)
Shortcut: C:\Users\Martina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Gооglе Сhrоmе.lnk -> C:\Users\Martina\AppData\Local\Google\Chrome\Application\chrome.bat (No File)
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Mataa90 · #9 Příspěvek od **Mataa90** » 11 bře 2016 20:30

Fix result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
Ran by Martina (2016-03-11 20:24:17) Run:6
Running from C:\Users\Martina\Desktop
Loaded Profiles: Martina (Available Profiles: Martina)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\...\MountPoints2: {1c3be7a9-71dc-11e2-be6b-806e6f6e6963} - "E:\autorun.exe"
URLSearchHook: [S-1-5-21-1443460809-2058308057-2046692019-1001] ATTENTION => Default URLSearchHook is missing
S1 kagtrmkd; \??\C:\windows\system32\drivers\kagtrmkd.sys [X]
S1 rlqxuiia; \??\C:\windows\system32\drivers\rlqxuiia.sys [X]
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Martina\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\ProgramData\DP45977C.lfl
C:\Users\Martina\AppData\Local\Temp
Task: {D4D59810-FA98-4264-937B-1DE4E2EB61F9} - \GoogleUpdateTaskUserS-1-5-21-1443460809-2058308057-2046692019-1001Core1ceb8a123e7bf34 -> No File <==== ATTENTION
Task: {FB781AAE-7F12-4420-ACEC-55316653381B} - \GoogleUpdateTaskUserS-1-5-21-1443460809-2058308057-2046692019-1001UA1cec44decc40ac7 -> No File <==== ATTENTION
Shortcut: C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\G??gl? ?hr?m?.lnk -> C:\Users\Martina\AppData\Local\Google\Chrome\Application\chrome.bat (No File)
Shortcut: C:\Users\Martina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\G??gl? ?hr?m?.lnk -> C:\Users\Martina\AppData\Local\Google\Chrome\Application\chrome.bat (No File)
Shortcut: C:\Users\Martina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\L?un?h Int?rn?t ??pl?r?r ?r?ws?r.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.bat (No File)
Shortcut: C:\Users\Martina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\G??gl? ?hr?m?.lnk -> C:\Users\Martina\AppData\Local\Google\Chrome\Application\chrome.bat (No File)
End
*****************

"HKU\S-1-5-21-1443460809-2058308057-2046692019-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1c3be7a9-71dc-11e2-be6b-806e6f6e6963}" => key removed successfully
HKCR\CLSID\{1c3be7a9-71dc-11e2-be6b-806e6f6e6963} => key not found.
Could not restore Default URLSearchHook.
kagtrmkd => service not found.
rlqxuiia => service not found.
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
C:\Users\Martina\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
Could not move "C:\ProgramData\DP45977C.lfl" => Scheduled to move on reboot.
C:\Users\Martina\AppData\Local\Temp => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D4D59810-FA98-4264-937B-1DE4E2EB61F9}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D4D59810-FA98-4264-937B-1DE4E2EB61F9}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-1443460809-2058308057-2046692019-1001Core1ceb8a123e7bf34" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FB781AAE-7F12-4420-ACEC-55316653381B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FB781AAE-7F12-4420-ACEC-55316653381B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-1443460809-2058308057-2046692019-1001UA1cec44decc40ac7" => key removed successfully
Shortcut: C:\Users\Martina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\G??gl? ?hr?m?.lnk -> C:\Users\Martina\AppData\Local\Google\Chrome\Application\chrome.bat (No File) => Error: No automatic fix found for this entry.
Shortcut: C:\Users\Martina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\G??gl? ?hr?m?.lnk -> C:\Users\Martina\AppData\Local\Google\Chrome\Application\chrome.bat (No File) => Error: No automatic fix found for this entry.
Shortcut: C:\Users\Martina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\L?un?h Int?rn?t ??pl?r?r ?r?ws?r.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.bat (No File) => Error: No automatic fix found for this entry.
Shortcut: C:\Users\Martina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\G??gl? ?hr?m?.lnk -> C:\Users\Martina\AppData\Local\Google\Chrome\Application\chrome.bat (No File) => Error: No automatic fix found for this entry.

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2016-03-11 20:28:05)

C:\ProgramData\DP45977C.lfl => Is moved successfully

==== End of Fixlog 20:28:05 ====

#10 Příspěvek od **Rudy** » 11 bře 2016 21:03

Smazáno. Nastala nějaká změna?

Mataa90 · #11 Příspěvek od **Mataa90** » 14 bře 2016 13:01

Vypadá to, že už je všechno v pořádku. Děkuji mockrát!

Mataa90 · #12 Příspěvek od **Mataa90** » 14 bře 2016 16:34

nevím, jestli to spolu souvisí, ale dneska mi celý den padá mozilla..

#13 Příspěvek od **Rudy** » 14 bře 2016 19:12

Souviset by to nemělo. Padá jako aplikace, nebo připojení?

Mimochodem: mataa a mataa90 (na stejných IP) jste také vy, nebo někdo jiný?

Mataa90 · #14 Příspěvek od **Mataa90** » 14 bře 2016 20:37

jako aplikace..spadne mi to a vyskočí tabulka hlášení o pádu..

jo teď jsem si všimla, že jsem se nechtěně přihlásila jako mataa, ale teď používám mataa90.

#15 Příspěvek od **Rudy** » 14 bře 2016 20:47

Smazáno. Nastala nějaká změna?

VIRY.CZ

Prosím o kontrolu logu - přesměrovávají se mi stránky

Prosím o kontrolu logu - přesměrovávají se mi stránky

Re: Prosím o kontrolu logu - přesměrovávají se mi stránky

Re: Prosím o kontrolu logu - přesměrovávají se mi stránky

Re: Prosím o kontrolu logu - přesměrovávají se mi stránky

Re: Prosím o kontrolu logu - přesměrovávají se mi stránky

Re: Prosím o kontrolu logu - přesměrovávají se mi stránky

Re: Prosím o kontrolu logu - přesměrovávají se mi stránky

Re: Prosím o kontrolu logu - přesměrovávají se mi stránky

Re: Prosím o kontrolu logu - přesměrovávají se mi stránky

Re: Prosím o kontrolu logu - přesměrovávají se mi stránky

Re: Prosím o kontrolu logu - přesměrovávají se mi stránky

Re: Prosím o kontrolu logu - přesměrovávají se mi stránky

Re: Prosím o kontrolu logu - přesměrovávají se mi stránky

Re: Prosím o kontrolu logu - přesměrovávají se mi stránky

Re: Prosím o kontrolu logu - přesměrovávají se mi stránky