Jinak zde jsou logy---
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-11-2016
Ran by Eliška (administrator) on ELIŠKA-PC (22-11-2016 12:34:10)
Running from C:\Users\Eliška\Desktop
Loaded Profiles: Eliška (Available Profiles: Eliška)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ESET) C:\Program Files\ESET\ESET Smart Security Premium\ekrn.exe
(AuthenTec, Inc.) C:\Program Files (x86)\Fingerprint Sensor\AtService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
() C:\Windows\System32\WLTRYSVC.EXE
(Dell Inc.) C:\Windows\System32\BCMWLTRY.EXE
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(ESET) C:\Program Files\ESET\ESET Smart Security Premium\egui.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Dell Inc.) C:\Windows\System32\WLTRAY.EXE
(Samsung) C:\Program Files (x86)\SAMSUNG\Kies\Kies.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(ZTE) C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\mcserver.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
() C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\dbus-daemon.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
() C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\db_daemon.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\SAMSUNG\Kies\KiesTrayAgent.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.EXE
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Users\Eliška\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Eliška\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Eliška\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Eliška\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Eliška\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Eliška\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [342528 2009-06-19] (Alps Electric Co., Ltd.)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Windows\system32\WLTRAY.exe [4119552 2008-11-17] (Dell Inc.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [310064 2014-05-28] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [448856 2014-11-17] (DivX, LLC)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1282632 2013-04-02] (CANON INC.)
HKU\S-1-5-21-2426440832-341668823-1581636725-1000\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1563440 2014-05-28] (Samsung)
HKU\S-1-5-21-2426440832-341668823-1581636725-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8944344 2016-09-28] (Piriform Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\mcserver.lnk [2016-11-13]
ShortcutTarget: mcserver.lnk -> C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\mcserver.exe (ZTE)
Startup: C:\Users\Eliška\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk [2016-11-13]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 212.33.36.155 212.33.55.5
Tcpip\..\Interfaces\{52C58F0C-8388-455D-B348-F367F1635E90}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{76DE49D9-1C51-40BD-9DC7-DF7FC9753243}: [DhcpNameServer] 212.33.36.155 212.33.55.5
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2426440832-341668823-1581636725-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://
www.msn.com/?pc=MSSE
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://
www.msn.com/?pc=MSSE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://
www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://
www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2426440832-341668823-1581636725-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://
www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2426440832-341668823-1581636725-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE12&ocid=UE12DHP
SearchScopes: HKU\S-1-5-21-2426440832-341668823-1581636725-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://
www.bing.com/search?FORM=UP97DF&PC=UP97 ... -SearchBox
SearchScopes: HKU\S-1-5-21-2426440832-341668823-1581636725-1000 -> {984F4E3E-CF4D-48B9-B242-50E8083E1828} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_5
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-11-14] (Oracle Corporation)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-11-14] (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\Eliška\AppData\Roaming\Mozilla\Firefox\Profiles\3w1zlmmx.default [2016-11-21]
FF user.js: detected! => C:\Users\Eliška\AppData\Roaming\Mozilla\Firefox\Profiles\3w1zlmmx.default\user.js [2016-11-21]
FF SearchEngineOrder.3: Mozilla\Firefox\Profiles\3w1zlmmx.default -> Bing
FF Extension: (Skype Click to Call) - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-06-20] [not signed]
FF Extension: (Java Console) - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-06-20] [not signed]
FF Extension: (Java Console) - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-06-20] [not signed]
FF Extension: (Java Console) - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2014-06-20] [not signed]
FF Extension: (Skype Click to Call) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-06-20] [not signed]
FF HKLM\...\Thunderbird\Extensions: [
eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
FF HKLM-x32\...\Firefox\Extensions: [
ff-bmboc@bytemobile.com] - C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\addon
FF Extension: (Bytemobile Optimization Client) - C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\addon [2012-07-25] [not signed]
FF HKLM-x32\...\Thunderbird\Extensions: [
eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [No File]
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-11-21] (DivX, LLC)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-11-14] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-11-14] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2426440832-341668823-1581636725-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Eliška\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-2426440832-341668823-1581636725-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Eliška\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-24] (Google Inc.)
FF Plugin HKU\S-1-5-21-2426440832-341668823-1581636725-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Eliška\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-24] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2012-09-19] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2012-09-19] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2012-09-19] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2012-09-19] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2012-09-19] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll [2012-09-19] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll [2012-09-19] (Apple Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://
www.msn.com/en-us/?pc=__PARAM__&ocid=__PARAM__DHP
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Eliška\AppData\Local\Google\Chrome\User Data\Default [2016-11-22]
CHR Extension: (YouTube) - C:\Users\Eliška\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Vyhledávání Google) - C:\Users\Eliška\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-29]
CHR Extension: (Kalendář Google) - C:\Users\Eliška\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2015-10-16]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Eliška\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-07]
CHR Extension: (Gmail) - C:\Users\Eliška\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR Extension: (Chrome Media Router) - C:\Users\Eliška\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-31]
CHR Profile: C:\Users\Eliška\AppData\Local\Google\Chrome\User Data\Profile 1 [2016-11-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Eliška\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-16]
CHR HKU\S-1-5-21-2426440832-341668823-1581636725-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: Google Chrome - C:\Users\Eliška\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ATService; C:\Program Files (x86)\Fingerprint Sensor\AtService.exe [1807608 2009-08-16] (AuthenTec, Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security Premium\ekrn.exe [2815520 2016-10-11] (ESET)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2016-05-27] (Freemake) [File not signed]
R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2016-05-27] (Ellora Assets Corp.) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 wltrysvc; C:\Windows\System32\bcmwltry.exe [3051520 2008-11-17] (Dell Inc.) [File not signed]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R0 BMLoad; C:\Windows\System32\drivers\BMLoad.sys [16512 2009-12-15] (Bytemobile, Inc.) [File not signed]
R0 BMLoad; C:\Windows\SysWOW64\drivers\BMLoad.sys [16512 2009-12-15] (Bytemobile, Inc.) [File not signed]
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [129152 2016-04-24] (Samsung Electronics Co., Ltd.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [232072 2016-10-13] (ESET)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [212096 2016-10-13] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [177792 2016-10-13] (ESET)
R2 ekbdflt; C:\Windows\System32\DRIVERS\ekbdflt.sys [48768 2016-10-13] (ESET)
R1 epfw; C:\Windows\System32\DRIVERS\epfw.sys [76416 2016-10-13] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [59528 2016-10-13] (ESET)
R1 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [91784 2016-10-13] (ESET)
S3 HTCAND64; C:\Windows\System32\Drivers\ANDROIDUSB.sys [33736 2009-11-02] (HTC, Corporation) [File not signed]
R3 ITECIRfilter; C:\Windows\System32\DRIVERS\ITECIRfilter.sys [36560 2016-03-10] (ITE Tech. Inc. )
S3 MarvinBus; C:\Windows\System32\DRIVERS\MarvinBus64.sys [261120 2005-09-23] (Pinnacle Systems GmbH) [File not signed]
S3 s1018bus; C:\Windows\System32\DRIVERS\s1018bus.sys [113704 2009-03-25] (MCCI Corporation)
S3 s1018mdfl; C:\Windows\System32\DRIVERS\s1018mdfl.sys [19496 2009-03-25] (MCCI Corporation)
S3 s1018mdm; C:\Windows\System32\DRIVERS\s1018mdm.sys [153128 2009-03-25] (MCCI Corporation)
S3 s1018mgmt; C:\Windows\System32\DRIVERS\s1018mgmt.sys [133160 2009-03-25] (MCCI Corporation)
S3 s1018nd5; C:\Windows\System32\DRIVERS\s1018nd5.sys [34856 2009-03-25] (MCCI Corporation)
S3 s1018obex; C:\Windows\System32\DRIVERS\s1018obex.sys [128552 2009-03-25] (MCCI Corporation)
S3 s1018unic; C:\Windows\System32\DRIVERS\s1018unic.sys [146472 2009-03-25] (MCCI Corporation)
R3 seehcri; C:\Windows\System32\DRIVERS\seehcri.sys [34032 2008-01-09] (Sony Ericsson Mobile Communications)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [221824 2016-04-24] (Samsung Electronics Co., Ltd.)
R1 tcpipBM; C:\Windows\system32\drivers\tcpipBM.sys [39552 2009-12-15] (Bytemobile, Inc.) [File not signed]
R1 tcpipBM; C:\Windows\SysWOW64\drivers\tcpipBM.sys [39552 2009-12-15] (Bytemobile, Inc.) [File not signed]
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
S3 zte_cdc_acm; C:\Windows\System32\DRIVERS\zte_cdc_acm.sys [79872 2011-11-02] (ZTE)
S3 zte_cpo; C:\Windows\System32\DRIVERS\zte_cpo.sys [14336 2011-11-02] (ZTE)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-11-22 03:39 - 2016-11-22 03:39 - 00067559 _____ C:\Users\Eliška\Desktop\sfcdetails.txt
2016-11-21 22:17 - 2016-11-21 22:17 - 00000000 ____D C:\Users\EliÜka
2016-11-21 22:16 - 2016-11-21 22:35 - 00000000 ___SD C:\32788R22FWJFW
2016-11-21 01:23 - 2016-11-21 01:23 - 00021928 _____ C:\ComboFix.txt
2016-11-19 23:59 - 2016-11-19 23:59 - 00000000 ____D C:\Users\Eliška\Desktop\Pračka
2016-11-19 19:16 - 2016-11-19 21:04 - 00000000 ____D C:\Users\Eliška\Desktop\Prac smlouvy
2016-11-19 18:50 - 2016-11-20 00:48 - 00000000 ____D C:\Users\Eliška\Desktop\Recepty
2016-11-18 20:20 - 2016-11-21 01:24 - 00000000 ____D C:\Qoobox
2016-11-18 20:20 - 2016-11-18 20:47 - 00000000 ____D C:\Windows\erdnt
2016-11-18 20:20 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2016-11-18 20:20 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2016-11-18 20:20 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2016-11-18 20:20 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2016-11-18 20:20 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2016-11-18 20:20 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2016-11-18 20:20 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2016-11-18 20:20 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2016-11-18 20:18 - 2016-11-18 20:19 - 05659276 ____R (Swearware) C:\Uninstall.exe
2016-11-18 20:10 - 2016-11-18 20:15 - 00006960 _____ C:\Users\Eliška\Desktop\Rkill.txt
2016-11-18 20:09 - 2016-11-18 20:10 - 02030536 _____ (Bleeping Computer, LLC) C:\Users\Eliška\Desktop\rkill.exe
2016-11-18 19:22 - 2016-11-18 19:22 - 00033689 _____ C:\Users\Eliška\Desktop\Addition.txt
2016-11-18 19:20 - 2016-11-22 12:35 - 00019554 _____ C:\Users\Eliška\Desktop\FRST.txt
2016-11-18 19:20 - 2016-11-22 12:34 - 00000000 ____D C:\FRST
2016-11-18 19:15 - 2016-11-18 19:15 - 02412032 _____ (Farbar) C:\Users\Eliška\Desktop\FRST64.exe
2016-11-17 20:20 - 2016-11-17 20:21 - 00000521 _____ C:\DelFix.txt
2016-11-15 00:16 - 2016-11-15 00:16 - 00002083 _____ C:\Users\Public\Desktop\ESET Ochrana bankovnictví a online plateb.lnk
2016-11-15 00:16 - 2016-11-15 00:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2016-11-15 00:16 - 2016-11-15 00:16 - 00000000 ____D C:\ProgramData\ESET
2016-11-15 00:16 - 2016-11-15 00:16 - 00000000 ____D C:\Program Files\ESET
2016-11-14 01:45 - 2016-11-14 01:45 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-11-13 20:15 - 2016-11-13 20:15 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-11-13 19:21 - 2016-11-13 19:23 - 46755096 _____ (Microsoft Corporation) C:\Users\Eliška\Downloads\mpas-feX64.exe
2016-11-13 12:42 - 2016-11-13 14:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\My Program
2016-11-13 12:42 - 2016-11-13 14:03 - 00000000 ____D C:\Program Files (x86)\My Program
2016-10-28 14:44 - 2016-10-28 14:44 - 00000000 ___HT C:\Windows\wusa.lock
2016-10-28 14:44 - 2016-10-28 14:44 - 00000000 ____D C:\912d2e4e024f32452e1d
2016-10-28 14:43 - 2016-10-28 14:44 - 00159144 _____ (Microsoft Corporation) C:\Users\Eliška\Downloads\WindowsActivationUpdate.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-11-22 11:58 - 2013-06-11 16:35 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2016-11-22 11:58 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-11-22 11:58 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\tracing
2016-11-22 03:44 - 2009-07-14 05:45 - 00022784 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-11-22 03:44 - 2009-07-14 05:45 - 00022784 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-11-21 22:25 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2016-11-21 01:39 - 2015-11-29 15:25 - 00000000 ____D C:\Users\Eliška\Desktop\Odpady 2015
2016-11-21 01:13 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2016-11-20 01:00 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-11-20 00:48 - 2012-01-24 16:00 - 00000000 ____D C:\Users\Eliška
2016-11-19 23:41 - 2015-01-18 16:42 - 00000000 ____D C:\Users\Eliška\Documents\Životopisy
2016-11-19 19:57 - 2014-09-13 14:49 - 00000000 ____D C:\Users\Eliška\Documents\HONZA
2016-11-19 18:25 - 2014-07-02 19:36 - 00000000 ____D C:\Program Files (x86)\JDownloader
2016-11-18 20:35 - 2009-07-14 06:08 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-11-18 20:33 - 2009-07-14 03:34 - 21233664 _____ C:\Windows\system32\config\SYSTEM.bak
2016-11-18 20:33 - 2009-07-14 03:34 - 101187584 _____ C:\Windows\system32\config\SOFTWARE.bak
2016-11-18 20:33 - 2009-07-14 03:34 - 00524288 _____ C:\Windows\system32\config\DEFAULT.bak
2016-11-18 20:33 - 2009-07-14 03:34 - 00262144 _____ C:\Windows\system32\config\SECURITY.bak
2016-11-18 20:33 - 2009-07-14 03:34 - 00262144 _____ C:\Windows\system32\config\SAM.bak
2016-11-17 23:15 - 2012-04-15 14:00 - 00000000 ____D C:\Users\Eliška\Desktop\zástupci
2016-11-17 17:42 - 2012-01-24 20:04 - 00000000 ____D C:\Users\Eliška\AppData\Local\ESET
2016-11-14 23:53 - 2012-01-24 16:15 - 00002378 _____ C:\Users\Eliška\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-11-14 23:41 - 2013-12-16 13:45 - 00000000 ____D C:\ProgramData\Oracle
2016-11-14 23:39 - 2014-07-30 15:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-11-14 23:39 - 2012-02-21 13:42 - 00000000 ____D C:\Program Files (x86)\Java
2016-11-14 23:37 - 2014-07-30 15:19 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-11-14 01:54 - 2012-07-23 09:50 - 00000000 ____D C:\Users\Eliška\AppData\Local\CrashDumps
2016-11-14 01:54 - 2012-05-03 21:40 - 00000000 ____D C:\Windows\Minidump
2016-11-14 01:54 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\ModemLogs
2016-11-14 01:46 - 2012-05-06 15:43 - 00000000 ____D C:\Program Files\CCleaner
2016-11-14 01:45 - 2012-05-06 15:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-11-13 20:57 - 2009-07-14 16:18 - 00672424 _____ C:\Windows\system32\perfh005.dat
2016-11-13 20:57 - 2009-07-14 16:18 - 00142988 _____ C:\Windows\system32\perfc005.dat
2016-11-13 20:57 - 2009-07-14 06:13 - 01593374 _____ C:\Windows\system32\PerfStringBackup.INI
2016-11-13 20:47 - 2012-01-24 15:52 - 00000000 ____D C:\Windows\Panther
2016-11-13 20:45 - 2016-04-15 18:22 - 00001060 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-11-13 20:45 - 2016-03-19 23:33 - 00002507 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Movie Maker 2.6.lnk
2016-11-13 20:45 - 2016-02-10 17:58 - 00001326 _____ C:\Users\Public\Desktop\Freemake Video Downloader.lnk
2016-11-13 20:45 - 2016-01-08 00:17 - 00001305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2016-11-13 20:45 - 2016-01-08 00:16 - 00001374 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2016-11-13 20:45 - 2015-04-16 12:41 - 00002015 _____ C:\Users\Public\Desktop\Canon Quick Menu.lnk
2016-11-13 20:45 - 2014-10-06 19:55 - 00000938 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2016-11-13 20:45 - 2014-06-18 10:42 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2016-11-13 20:45 - 2012-01-27 16:25 - 00001119 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5 (64 Bit).lnk
2016-11-13 20:45 - 2012-01-27 16:23 - 00001207 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5.lnk
2016-11-13 20:45 - 2012-01-27 16:20 - 00001262 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS5.lnk
2016-11-13 20:45 - 2012-01-27 16:20 - 00001169 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS5.lnk
2016-11-13 20:45 - 2012-01-27 16:18 - 00001519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS5.lnk
2016-11-13 20:45 - 2012-01-27 16:18 - 00001353 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS5.lnk
2016-11-13 20:45 - 2012-01-24 16:09 - 00001150 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-11-13 20:45 - 2012-01-24 15:56 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2016-11-13 20:45 - 2012-01-24 15:56 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2016-11-13 20:45 - 2009-07-14 05:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-11-13 20:45 - 2009-07-14 05:57 - 00001352 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk
2016-11-13 20:45 - 2009-07-14 05:57 - 00001330 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
2016-11-13 20:45 - 2009-07-14 05:57 - 00001246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
2016-11-13 20:45 - 2009-07-14 05:54 - 00001210 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
2016-11-13 20:44 - 2016-10-01 15:02 - 00000000 ____D C:\Users\Eliška\Desktop\Pečení
2016-11-13 20:44 - 2013-09-13 16:20 - 00000908 _____ C:\Users\Eliška\Desktop\Downloads.lnk
2016-11-13 20:44 - 2013-08-09 15:38 - 00002246 _____ C:\Users\Eliška\Desktop\Internet Manager.lnk
2016-11-13 20:44 - 2012-08-03 12:09 - 00014408 _____ C:\Users\Eliška\Desktop\Stažené soubory.lnk
2016-11-13 20:44 - 2012-01-24 16:02 - 00001393 _____ C:\Users\Eliška\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-11-13 20:44 - 2009-07-14 06:01 - 00001282 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
2016-11-13 20:44 - 2009-07-14 05:49 - 00001266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
2016-11-13 13:38 - 2014-12-06 22:05 - 00000000 ____D C:\Users\Eliška\Desktop\Bety dort a fotky
2016-11-13 12:38 - 2013-08-25 22:21 - 00001912 _____ C:\Windows\epplauncher.mif
2016-11-13 12:37 - 2013-08-20 11:58 - 00000000 ____D C:\Windows\system32\MRT
2016-11-13 12:21 - 2012-01-24 20:50 - 144199024 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-10-31 23:24 - 2012-02-01 23:19 - 00000000 ____D C:\Users\Eliška\AppData\Roaming\Skype
2016-10-28 21:53 - 2012-01-24 16:12 - 00000000 ____D C:\Users\Eliška\AppData\Local\Google
2016-10-28 01:47 - 2012-02-04 21:12 - 00000000 ___RD C:\Program Files (x86)\Skype
==================== Files in the root of some directories =======
2012-02-03 15:13 - 2011-10-21 21:57 - 21073936 _____ () C:\Program Files\vlc-1.1.11-win32.exe
2014-07-30 21:36 - 2016-05-21 08:36 - 0000250 _____ () C:\Users\Eliška\AppData\Roaming\WB.CFG
2016-07-02 21:45 - 2016-07-02 21:45 - 0003584 _____ () C:\Users\Eliška\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-03-04 16:50 - 2015-03-04 16:50 - 0000849 _____ () C:\Users\Eliška\AppData\Local\recently-used.xbel
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-10-24 23:32
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-11-2016
Ran by Eliška (22-11-2016 12:35:44)
Running from C:\Users\Eliška\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-01-24 15:00:07)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2426440832-341668823-1581636725-500 - Administrator - Disabled)
Elis (S-1-5-21-2426440832-341668823-1581636725-1003 - Limited - Enabled)
Eliška (S-1-5-21-2426440832-341668823-1581636725-1000 - Administrator - Enabled) => C:\Users\Eliška
Guest (S-1-5-21-2426440832-341668823-1581636725-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2426440832-341668823-1581636725-1002 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ESET Smart Security Premium 10.0.369.1 (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Smart Security Premium 10.0.369.1 (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Personální firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.18) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.18 - Adobe Systems Incorporated)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
AuthenTec Fingerprint Software (HKLM-x32\...\{6B99AF03-2668-4572-BD3D-8C7A5D103065}) (Version: 8.5.3.0 - "AuthenTec,Inc.")
AVS Screen Capture version 2.0.1 (HKLM-x32\...\AVS Screen Capture_is1) (Version: - Online Media Technologies Ltd.)
AVS Update Manager 1.0 (HKLM-x32\...\AVS Update Manager_is1) (Version: - Online Media Technologies Ltd.)
AVS Video Editor 6 (HKLM-x32\...\AVS Video Editor_is1) (Version: - Online Media Technologies Ltd.)
AVS Video Recorder 2.5 (HKLM-x32\...\AVS Video Recorder_is1) (Version: - Online Media Technologies Ltd.)
AVS4YOU Software Navigator 1.4 (HKLM-x32\...\AVS4YOU Software Navigator_is1) (Version: - Online Media Technologies Ltd.)
Balíček ovladače systému Windows - AuthenTec Inc. (ATSwpWDF) Biometric (07/02/2009 8.5.0.251) (HKLM\...\815EB4ED418166EC2BBE3A39EAC38C74AE911A8C) (Version: 07/02/2009 8.5.0.251 - AuthenTec Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon MG3500 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3500_series) (Version: 1.00 - Canon Inc.)
Canon MG3500 series On-screen Manual (HKLM-x32\...\Canon MG3500 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 2.0.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 2.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.2.0 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.23 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{415B2719-AD3A-4944-B404-C472DB6085B3}) (Version: 2.1.6 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{83770D14-21B9-44B3-8689-F7B523F94560}) (Version: 1.0.12 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}) (Version: 1.0.13 - Cisco Systems, Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.102.101.224 - ALPS ELECTRIC CO., LTD.)
Dell Wireless WLAN Card Utility (HKLM\...\Broadcom 802.11 Application) (Version: 5.10.38.30 - Dell Inc.)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.7.0.64 - DivX, LLC)
ESET Smart Security Premium (HKLM\...\{9FD38E7D-4EEC-4057-9D3A-2C48C91D0C12}) (Version: 10.0.369.1 - ESET, spol. s r.o.)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Foxit PDF Editor (HKLM-x32\...\Foxit PDF Editor) (Version: - )
Foxit PDF Editor 2.0 Build 1011 + Patch version for Windows (HKLM-x32\...\{BA30BA25-3C41-FFFD-B067-1515F4EAC738}_is1) (Version: for Windows - )
Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.8.0 - Ellora Assets Corporation)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Chrome (HKU\S-1-5-21-2426440832-341668823-1581636725-1000\...\Google Chrome) (Version: 54.0.2840.99 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Internet Manager (HKLM\...\{27D28586-BEF1-4E06-8787-3B1FC3A41489}) (Version: 1.0.0.3 - ZTE CORPORATION)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Microsoft .NET Framework 4.6.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 30.0 (x86 cs) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 cs)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
My Program version 1.5 (HKLM-x32\...\{11C0B447-2D00-4891-B686-367E63EDAC63}_is1) (Version: 1.5 - My Company, Inc.)
Nero Burning ROM 2014 (HKLM-x32\...\{B0E4ACBC-4CFA-4B6D-9B7B-E13C171BCC23}) (Version: 15.0.05300 - Nero AG)
Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 15.1.0030 - Nero AG)
Nokia Connectivity Cable Driver (HKLM\...\{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}) (Version: 7.1.32.69 - )
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Prerequisite installer (x32 Version: 15.0.0005 - Nero AG) Hidden
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Registrace uživatele zařízení Canon MG3500 series (HKLM-x32\...\Registrace uživatele zařízení Canon MG3500 series) (Version: - Canon Inc.)
RICOH Media Driver ver.2.07.01.00 (HKLM-x32\...\{2B818257-E6C7-4841-8C29-C5C9A982BCE5}) (Version: 2.07.01.00 - RICOH)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.2.14014_6 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.2.14014_6 - Samsung Electronics Co., Ltd.) Hidden
Samsung Story Album Viewer (HKLM-x32\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.43.0 - SAMSUNG Electronics Co., Ltd.)
save2pc 5.44 (HKLM-x32\...\save2pc_is1) (Version: - FDRLab, Inc.)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.9.0.127 - PandoraTV)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 4.10 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.10.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2426440832-341668823-1581636725-1000_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Eliška\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2426440832-341668823-1581636725-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Eliška\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll (Google Inc.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {076A80B0-8DC0-4244-BE78-1C9186EE4654} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-09-22] (Oracle Corporation)
Task: {4461739E-AB82-43F3-974A-6D232DFC2C9C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2426440832-341668823-1581636725-1000Core1d1fe3fe3755df4 => C:\Users\Eliška\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {4AD3A0A2-7876-4CB1-9A0D-48BD6AD4087A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-19] (Adobe Systems Incorporated)
Task: {56ADCC3F-5D3D-48F0-8DE3-D34C4C9D5559} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2426440832-341668823-1581636725-1000UA => C:\Users\Eliška\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-06-29] (Facebook Inc.)
Task: {7570F405-69D1-48D1-B3FE-4857EFEB9B1C} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
Task: {865D5A61-188C-47F6-9640-ECFD0FB81175} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2013-10-16] (Nero AG)
Task: {949D3DC8-9FEE-4B4C-8AF2-AA1F487F93F4} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2426440832-341668823-1581636725-1000Core => C:\Users\Eliška\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {A33F57FD-FC30-4274-A695-2E7963A56365} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2426440832-341668823-1581636725-1000Core => C:\Users\Eliška\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-06-29] (Facebook Inc.)
Task: {A7F72BA3-C4E8-47B3-8042-B507D4D5F1AE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-09-28] (Piriform Ltd)
Task: {ADA5A295-A151-44E8-B18A-EC1E90586FBE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {B2859F79-E28B-472C-A6CF-199CF67FAC30} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2426440832-341668823-1581636725-1000UA => C:\Users\Eliška\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {C12C4841-312E-47A3-9B13-BC4076B1CB8E} - System32\Tasks\{B523F393-A29A-469A-85C2-320DBBFAB1A4} => Chrome.exe hxxp://ui.skype.com/ui/0/6.16.0.105/cs/abandoninstall?page=tsMain
Task: {C855205F-3F08-46DF-9BB6-1DB110C9D81F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2426440832-341668823-1581636725-1000UA1d1fe3fe3e4ea46 => C:\Users\Eliška\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {CD3DF530-E3EA-4D99-9E78-F5EA6575C4B4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-01] (Adobe Systems Incorporated)
Task: {E2CD6A62-A116-4230-88F7-DAD8A93AD26B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {EF70D17C-2E6C-4A23-AB38-8CD02E591545} - System32\Tasks\Google Updater and Installer => C:\Users\Eliška\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {EFE554F8-5220-462E-8F18-30E9B03E59E3} - System32\Tasks\Adobe online update program => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-01] (Adobe Systems Incorporated)
Task: {F2BF26DB-5BB5-4127-854F-348E3CCDFAB7} - System32\Tasks\{38177F14-8DEA-48AB-ACAA-D6717578CE04} => Chrome.exe hxxp://ui.skype.com/ui/0/6.20.0.104/cs/abandoninstall?page=tsMain
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2015-11-10 09:58 - 2008-11-17 07:29 - 00032768 _____ () C:\Windows\System32\WLTRYSVC.EXE
2015-11-10 09:58 - 2008-11-17 07:29 - 00057856 _____ () C:\Windows\System32\bcmwlrmt.dll
2012-01-27 15:43 - 2012-01-09 19:44 - 00193536 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2013-08-09 15:37 - 2012-05-23 09:38 - 00221552 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\dbus-daemon.exe
2013-08-09 15:37 - 2012-05-23 09:38 - 00037232 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\db_daemon.exe
2016-01-06 17:41 - 2016-01-06 17:41 - 00062168 _____ () C:\Program Files\CCleaner\branding.dll
2016-09-28 17:25 - 2016-09-28 17:25 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2013-08-09 15:37 - 2011-05-06 04:03 - 00594944 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\dbus-1.dll
2013-08-09 15:37 - 2012-05-23 09:34 - 00099840 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\itapi.dll
2013-08-09 15:37 - 2012-05-23 09:34 - 00027648 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\log.dll
2013-08-09 15:37 - 2010-10-14 10:37 - 00971776 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\libxml2.dll
2013-08-09 15:37 - 2010-10-14 10:37 - 00080688 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\zlib1.dll
2013-08-09 15:37 - 2012-05-23 09:34 - 00058880 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\coder.dll
2013-08-09 15:37 - 2012-05-23 09:34 - 00043520 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\audio.dll
2013-08-09 15:37 - 2012-05-23 09:34 - 00036352 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\libConfig.dll
2013-08-09 15:37 - 2012-05-23 09:34 - 00021504 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\libctlsvr.dll
2013-08-09 15:37 - 2011-12-26 08:41 - 00090624 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\CaptureCrash.dll
2013-08-09 15:37 - 2007-09-09 16:07 - 00151552 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\libexpat.dll
2013-08-09 15:37 - 2011-05-06 04:02 - 00341504 _____ () C:\Program Files (x86)\T-Mobile\InternetManager_Z\Bin\sqlite3.dll
2016-11-14 23:53 - 2016-11-08 21:29 - 01819240 _____ () C:\Users\Eliška\AppData\Local\Google\Chrome\Application\54.0.2840.99\libglesv2.dll
2016-11-14 23:53 - 2016-11-08 21:29 - 00093288 _____ () C:\Users\Eliška\AppData\Local\Google\Chrome\Application\54.0.2840.99\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2016-11-21 01:13 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2426440832-341668823-1581636725-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 212.33.36.155 - 212.33.55.5
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\startupreg: Google Update => "C:\Users\Eliška\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: Sony Ericsson PC Companion => "C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /systray /nologon
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{45256570-A8CD-4216-A759-FB9363CDD6E1}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{72AC8E75-B99E-44F2-ABFA-AD9366160C3C}C:\users\eliška\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\eliška\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{4BB66A68-47B9-46A9-90C5-7BDA5A2907E8}C:\users\eliška\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\eliška\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [TCP Query User{511CBFD0-C27E-4D6A-A995-E6CDA0478C28}E:\skype\phone\skype.exe] => (Block) E:\skype\phone\skype.exe
FirewallRules: [UDP Query User{ADB0BC86-9020-4BB7-9C2B-F73488BA0149}E:\skype\phone\skype.exe] => (Block) E:\skype\phone\skype.exe
FirewallRules: [{A88F2FDE-B95C-4A42-9FD6-7DEF034D37D4}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{E8EBC84A-A62F-4E51-8CE5-38D7EF651879}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [TCP Query User{8B1A6AA0-7F71-42D2-9AFF-4F2300D61433}C:\users\eliška\desktop\zástupci\skype\phone\skype.exe] => (Block) C:\users\eliška\desktop\zástupci\skype\phone\skype.exe
FirewallRules: [UDP Query User{665AF446-3CC1-4409-972E-D1B07242AFBC}C:\users\eliška\desktop\zástupci\skype\phone\skype.exe] => (Block) C:\users\eliška\desktop\zástupci\skype\phone\skype.exe
FirewallRules: [TCP Query User{FF4C2287-5314-4F78-9DF9-EE1A5D3962ED}C:\program files\foxit software\pdf editor\pdfedit.exe] => (Allow) C:\program files\foxit software\pdf editor\pdfedit.exe
FirewallRules: [UDP Query User{43520E64-DC70-4ABD-8615-5820EABFD3F8}C:\program files\foxit software\pdf editor\pdfedit.exe] => (Allow) C:\program files\foxit software\pdf editor\pdfedit.exe
FirewallRules: [TCP Query User{7E2EF2A1-C078-42D6-BAEE-6EF2BB1B64CF}C:\program files\foxit software\pdf editor\pdfedit.exe] => (Allow) C:\program files\foxit software\pdf editor\pdfedit.exe
FirewallRules: [UDP Query User{12C62AE4-7157-4980-8D16-558AB29F6D57}C:\program files\foxit software\pdf editor\pdfedit.exe] => (Allow) C:\program files\foxit software\pdf editor\pdfedit.exe
FirewallRules: [{1651DBAA-47AE-44B4-9002-15C3F684CB2E}] => (Allow) C:\Users\Eliška\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{1893C48A-F7C5-481D-A362-FB8EE5F48111}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{2879891B-F842-4353-91D5-AD56632F5ED2}] => (Allow) LPort=2869
FirewallRules: [{9A5C4298-AB99-4F32-8880-40B1FE6B6178}] => (Allow) LPort=1900
FirewallRules: [{8CF901A8-3691-421B-8824-F000F9EA045D}] => (Allow) C:\Users\Eliška\AppData\Local\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{8055DCCC-E528-4952-BF7A-C64F59EFE3C5}C:\users\eliška\desktop\zástupci\skype\phone\skype.exe] => (Block) C:\users\eliška\desktop\zástupci\skype\phone\skype.exe
FirewallRules: [UDP Query User{46E9FEF9-9E62-492F-B67E-64412EE8EB79}C:\users\eliška\desktop\zástupci\skype\phone\skype.exe] => (Block) C:\users\eliška\desktop\zástupci\skype\phone\skype.exe
==================== Restore Points =========================
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Adaptér tunelového režimu Microsoft Teredo
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (11/22/2016 12:09:18 PM) (Source: ESENT) (EventID: 489) (User: )
Description: taskhost (2656) Pokus o otevření souboru C:\Users\Eliška\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat jen pro čtení se nezdařil. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).
Error: (11/21/2016 10:37:05 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Aktivace licence systému Windows se nezdařila. Chyba 0x00000000.
Error: (11/21/2016 10:37:05 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
0x800401F9
Error: (11/21/2016 10:10:10 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Aktivace licence systému Windows se nezdařila. Chyba 0x00000000.
Error: (11/21/2016 10:10:10 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
0x800401F9
Error: (11/21/2016 01:21:01 AM) (Source: ESENT) (EventID: 455) (User: )
Description: CCleaner64 (3492) testing: Při otevírání souboru protokolu C:\Users\Eliška\AppData\Local\Microsoft\Windows\WebCache\V01.log došlo k chybě -1032 (0xfffffbf8).
Error: (11/21/2016 01:21:01 AM) (Source: ESENT) (EventID: 489) (User: )
Description: CCleaner64 (3492) testing: Pokus o otevření souboru C:\Users\Eliška\AppData\Local\Microsoft\Windows\WebCache\V01.log jen pro čtení se nezdařil. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).
Error: (11/21/2016 01:20:51 AM) (Source: ESENT) (EventID: 455) (User: )
Description: CCleaner64 (3492) testing: Při otevírání souboru protokolu C:\Users\Eliška\AppData\Local\Microsoft\Windows\WebCache\V01.log došlo k chybě -1032 (0xfffffbf8).
Error: (11/21/2016 01:20:51 AM) (Source: ESENT) (EventID: 489) (User: )
Description: CCleaner64 (3492) testing: Pokus o otevření souboru C:\Users\Eliška\AppData\Local\Microsoft\Windows\WebCache\V01.log jen pro čtení se nezdařil. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).
Error: (11/21/2016 01:13:09 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Aktivace licence systému Windows se nezdařila. Chyba 0x00000000.
System errors:
=============
Error: (11/22/2016 12:26:53 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Hlavní prohledávač přijal oznámení serveru od počítače BARY-PC,
který se považuje za hlavní prohledávač domény pro přenos NetBT_Tcpip_{76DE49D9-1C51-40BD-9DC7-DF7FC9753243}.
Hlavní prohledávač bude ukončen nebo bude vyvolána volba.
Error: (11/22/2016 12:06:54 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Hlavní prohledávač přijal oznámení serveru od počítače BARY-PC,
který se považuje za hlavní prohledávač domény pro přenos NetBT_Tcpip_{76DE49D9-1C51-40BD-9DC7-DF7FC9753243}.
Hlavní prohledávač bude ukončen nebo bude vyvolána volba.
Error: (11/22/2016 12:03:52 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Windows Search přestala během spouštění reagovat.
Error: (11/22/2016 12:02:52 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Hlavní prohledávač přijal oznámení serveru od počítače BARY-PC,
který se považuje za hlavní prohledávač domény pro přenos NetBT_Tcpip_{76DE49D9-1C51-40BD-9DC7-DF7FC9753243}.
Hlavní prohledávač bude ukončen nebo bude vyvolána volba.
Error: (11/22/2016 12:00:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Google Update (gupdate) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (11/22/2016 12:00:57 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Google Update (gupdate) bylo dosaženo časového limitu (30000 ms).
Error: (11/22/2016 12:00:52 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Hlavní prohledávač přijal oznámení serveru od počítače BARY-PC,
který se považuje za hlavní prohledávač domény pro přenos NetBT_Tcpip_{76DE49D9-1C51-40BD-9DC7-DF7FC9753243}.
Hlavní prohledávač bude ukončen nebo bude vyvolána volba.
Error: (11/22/2016 11:57:54 AM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active
Error: (11/22/2016 11:57:54 AM) (Source: atikmdag) (EventID: 19468) (User: )
Description: CPLIB :: General - Invalid Parameter
Error: (11/21/2016 10:39:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Google Update (gupdate) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
CodeIntegrity:
===================================
Date: 2016-11-22 03:44:04.475
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-11-22 03:12:52.892
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-11-22 02:58:24.866
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-11-21 22:36:43.710
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-11-21 22:09:13.841
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-11-21 01:38:22.259
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-11-21 01:12:52.605
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-11-21 01:11:18.562
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-11-21 00:59:41.553
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-11-21 00:59:41.381
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Duo CPU P8400 @ 2.26GHz
Percentage of memory in use: 59%
Total physical RAM: 4090.89 MB
Available physical RAM: 1640.95 MB
Total Virtual: 8179.96 MB
Available Virtual: 5885.84 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:297.99 GB) (Free:139.12 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 10000000)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=298 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Pokuste se chybovou hlasku o padu exploreru vyfotit/vyscreenovat, at se mame ceho chytit.
