Kontrola logu - neustálé padání dwm.exe

[mrazik]

Ahoj, prosím o kontrolu logu, od dnešního večera neustále padá dwm.exe. Našel jsem v ve složce temp, i po vymazání stále padá a stále padá...
Díky za radu

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-12-2014
Ran by Jiří (administrator) on KOALAK on 26-12-2014 20:22:26
Running from C:\Users\Jiří\Desktop
Loaded Profile: Jiří (Available profiles: Jiří)
Platform: Windows 8.1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(CANON INC.) C:\Program Files\Canon\DIAS\CnxDIAS.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Condusiv Technologies) C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Instant Service\Sleep Memory Optimizer\FFSService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
(Dritek System Inc.) C:\Program Files (x86)\RadioController\RfBtnHelper.exe
(Dropbox, Inc.) C:\Users\Jiří\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE
() C:\Windows\Inf\msacwdrv\msacwdrv.exe
() C:\Windows\Inf\MSASGui.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Theft Shield\USecuAppClient.exe
(Ghisler Software GmbH) C:\totalcmd\TOTALCMD64.EXE
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(forum.viry.cz) C:\Users\Jiří\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2876816 2013-03-05] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13267016 2013-01-29] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1276488 2013-01-18] (Realtek Semiconductor)
HKLM-x32\...\Run: [LManager] => [X]
HKLM-x32\...\Run: [RadioController] => C:\Program Files (x86)\RadioController\RfBtnHelper.exe [111216 2013-10-17] (Dritek System Inc.)
HKLM-x32\...\Run: [Printsrv] => c:\Windows\SysWOW64\Printing_Admin_Scripts\en-US\pubpr.vbs [543 2013-05-01] ()
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [54072 2014-11-21] (Malwarebytes Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [131712 2013-01-25] ( (Qualcomm Atheros Commnucations))
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-4025786831-3650480476-1280956322-1001\...\Run: [] => [X]
HKU\S-1-5-21-4025786831-3650480476-1280956322-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22869088 2014-10-21] (Google)
HKU\S-1-5-21-4025786831-3650480476-1280956322-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-4025786831-3650480476-1280956322-1001\...\MountPoints2: {bac47188-b4d7-11e3-be84-3c77e67ca998} - "D:\CrossLink.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Network Server.lnk
ShortcutTarget: Network Server.lnk -> C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe (WIBU-SYSTEMS AG)
Startup: C:\Users\Jiří\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Jiří\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Jiří\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\Jiří\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Odeslat do OneNote.lnk
ShortcutTarget: Odeslat do OneNote.lnk -> C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-4025786831-3650480476-1280956322-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
HKU\S-1-5-21-4025786831-3650480476-1280956322-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
SearchScopes: HKU\S-1-5-21-4025786831-3650480476-1280956322-1001 -> DefaultScope {0DC38EA7-5052-41C5-BAEE-5DAEF8103EEC} URL =
SearchScopes: HKU\S-1-5-21-4025786831-3650480476-1280956322-1001 -> {0DC38EA7-5052-41C5-BAEE-5DAEF8103EEC} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\47j8w4na.default
FF DefaultSearchEngine: Seznam
FF Homepage: seznam.cz
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1214154.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @graphisoft.com/GDL Web Plug-in -> C:\Program Files (x86)\GRAPHISOFT\GDLWebControl\npGDLMozilla.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: @software602.cz/602XML Filler -> C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll (Software602 a.s.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\5\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4025786831-3650480476-1280956322-1001: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll (Sony Network Entertainment International LLC)
FF user.js: detected! => C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\47j8w4na.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\47j8w4na.default\searchplugins\mapycz.xml
FF SearchPlugin: C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\47j8w4na.default\searchplugins\smerovakcz.xml
FF Extension: 20-20 3D Viewer - IKEA - C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\47j8w4na.default\Extensions\2020Player_IKEA@2020Technologies.com [2014-01-03]
FF Extension: Xmarks - C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\47j8w4na.default\Extensions\foxmarks@kei.com [2014-11-23]
FF Extension: Toolbar Buttons - C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\47j8w4na.default\Extensions\{03B08592-E5B4-45ff-A0BE-C1D975458688} [2014-11-23]
FF Extension: AutoCopy 2 - C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\47j8w4na.default\Extensions\autocopy2@teo.pl.xpi [2013-12-23]
FF Extension: Classic Theme Restorer - C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\47j8w4na.default\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2014-05-04]
FF Extension: Personas Plus - C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\47j8w4na.default\Extensions\personas@christopher.beard.xpi [2013-12-23]
FF Extension: Send Link in context menu - C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\47j8w4na.default\Extensions\sendlinkincontextmenu@jasnapaka.com.xpi [2013-12-24]
FF Extension: Back to Top - C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\47j8w4na.default\Extensions\{3C9A65A6-9563-4485-BA4A-4BCD698BCFB4}.xpi [2013-12-24]
FF Extension: Adblock Plus - C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\47j8w4na.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-12-23]
FF Extension: Tab Mix Plus - C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\47j8w4na.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2013-12-23]
FF Extension: DownThemAll! - C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\47j8w4na.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2014-01-25]

Chrome:
=======

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [227456 2013-01-25] (Qualcomm Atheros Commnucations)
R2 Canon Driver Information Assist Service; C:\Program Files\Canon\DIAS\CnxDIAS.exe [4940760 2012-09-04] (CANON INC.)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe [2797312 2013-12-06] (Acer Incorporated)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [470056 2013-05-01] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [662088 2013-03-15] (Acer Incorporated)
R2 ExpressCache; C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe [107944 2013-01-08] (Condusiv Technologies)
R2 FFSOpzSvc; C:\Program Files\Acer\Acer Instant Service\Sleep Memory Optimizer\FFSService.exe [161384 2012-03-12] (Acer Incorporated)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [255040 2014-10-06] (WildTangent)
S3 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [193576 2012-07-19] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [96880 2013-10-17] (Dritek System INC.)
S3 USecuAppSvc; C:\Program Files\Acer\Acer Theft Shield\USecuAppSvc.exe [345744 2012-11-12] (Acer Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-01-25] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0403000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [26024 2013-01-08] (Condusiv Technologies)
R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [112552 2013-01-08] (Condusiv Technologies)
R3 irstrtdv; C:\Windows\System32\drivers\irstrtdv.sys [43800 2012-07-20] (Intel Corporation)
U0 lnyefqx; C:\Windows\System32\drivers\aspr.sys [79064 2014-12-26] (Malwarebytes Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-26] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2013-10-17] (Dritek System Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
R2 WIBUKEY; C:\Windows\System32\DRIVERS\WibuKey64.sys [97792 2011-09-22] (WIBU-SYSTEMS AG)
S1 MpKsl3af3ecad; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{3B2AF5A3-A4A7-42EC-ABBB-85F9AA6B4139}\MpKsl3af3ecad.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-26 20:22 - 2014-12-26 20:22 - 00019947 _____ () C:\Users\Jiří\Desktop\FRST.txt
2014-12-26 20:21 - 2014-12-26 20:22 - 00000000 ____D () C:\FRST
2014-12-26 20:20 - 2014-12-26 20:20 - 02122752 _____ (Farbar) C:\Users\Jiří\Desktop\FRST64.exe
2014-12-26 20:19 - 2014-12-26 20:19 - 00112640 _____ (forum.viry.cz) C:\Users\Jiří\Desktop\FRSTLauncher.exe
2014-12-26 20:01 - 2014-12-26 20:01 - 00079064 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\aspr.sys
2014-12-26 19:31 - 2014-12-26 19:35 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-12-26 19:31 - 2014-12-26 19:34 - 00001122 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-12-26 19:31 - 2014-12-26 19:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-26 19:30 - 2014-12-26 19:34 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-26 19:30 - 2014-12-26 19:30 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-12-26 19:30 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-12-26 19:30 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-12-26 19:30 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-12-26 19:16 - 2014-12-26 19:16 - 00000000 ___SH () C:\DkHyperbootSync
2014-12-19 12:44 - 2014-12-19 12:44 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-12-15 22:49 - 2014-10-30 23:37 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2014-12-15 22:49 - 2014-10-30 23:34 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2014-12-13 11:55 - 2014-12-16 00:25 - 00000000 ____D () C:\VrtulnĂ­k
2014-12-11 20:48 - 2014-12-11 20:49 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-12-11 20:48 - 2014-12-11 20:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-12-11 20:48 - 2014-12-11 20:48 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-12-11 10:48 - 2014-12-11 10:48 - 00001744 _____ () C:\Users\Public\Desktop\Aplikace PriMa v2.05.lnk
2014-12-11 09:26 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-12-11 09:26 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-12-11 09:26 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-12-11 09:26 - 2014-11-22 03:49 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2014-12-11 09:26 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-12-11 09:26 - 2014-11-22 03:35 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-12-11 09:26 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-12-11 09:26 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-12-11 09:26 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-12-11 09:26 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-12-11 09:26 - 2014-11-22 03:06 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2014-12-11 09:26 - 2014-11-22 03:06 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2014-12-11 09:26 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-12-11 09:26 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-12-11 09:26 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-12-11 09:26 - 2014-11-22 02:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2014-12-11 09:26 - 2014-11-22 02:55 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-12-11 09:26 - 2014-11-22 02:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2014-12-11 09:26 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-12-11 09:26 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-12-11 09:26 - 2014-11-22 02:49 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-12-11 09:26 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-12-11 09:26 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-12-11 09:26 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-12-11 09:26 - 2014-11-22 02:34 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2014-12-11 09:26 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-12-11 09:26 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-12-11 09:26 - 2014-11-22 02:29 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2014-12-11 09:26 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-12-11 09:26 - 2014-11-22 02:25 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2014-12-11 09:26 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-12-11 09:26 - 2014-11-22 02:23 - 00326656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-12-11 09:26 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-12-11 09:26 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-12-11 09:26 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-12-11 09:26 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-12-11 09:26 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-12-11 09:26 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-12-11 09:26 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-12-11 09:26 - 2014-11-07 05:16 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2014-12-11 09:26 - 2014-11-07 04:26 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2014-12-11 09:26 - 2014-10-13 03:43 - 00238912 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2014-12-11 09:26 - 2014-10-13 03:43 - 00153920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2014-12-11 09:26 - 2014-10-13 03:43 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2014-12-11 09:26 - 2014-10-13 03:43 - 00039744 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2014-12-10 21:32 - 2014-12-10 21:32 - 00000000 ____D () C:\WINDOWS\system32\NETGEAR
2014-12-09 13:19 - 2014-12-09 13:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-03 10:25 - 2014-12-03 10:25 - 00111016 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2014-12-03 10:25 - 2014-12-03 10:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-11-26 21:46 - 2014-11-26 21:46 - 00000663 _____ () C:\Users\Jiří\Desktop\JOS-WePOS.lnk
2014-11-26 21:46 - 2014-11-26 21:46 - 00000000 ____D () C:\Users\Jiří\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Česká Pojišťovna
2014-11-26 21:46 - 2014-11-26 21:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Česká Pojišťovna

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-26 20:20 - 2014-03-28 10:47 - 00000000 ____D () C:\PC
2014-12-26 20:08 - 2014-07-11 08:54 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4025786831-3650480476-1280956322-1001
2014-12-26 20:01 - 2014-09-01 07:40 - 00000000 ____D () C:\ProgramData\Systweak
2014-12-26 20:01 - 2013-12-24 20:22 - 00000000 ____D () C:\Users\Jiří\AppData\Roaming\systweak
2014-12-26 20:01 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\InputMethod
2014-12-26 20:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-12-26 19:06 - 2014-08-13 06:45 - 00004944 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for KOALAK-Jiří Koalak
2014-12-26 19:05 - 2013-12-24 11:31 - 00000000 ____D () C:\Users\Jiří\AppData\Local\GHISLER
2014-12-26 18:51 - 2013-11-14 13:40 - 01745984 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-12-26 18:51 - 2013-11-14 13:24 - 00739924 _____ () C:\WINDOWS\system32\perfh005.dat
2014-12-26 18:51 - 2013-11-14 13:24 - 00151610 _____ () C:\WINDOWS\system32\perfc005.dat
2014-12-26 18:46 - 2014-03-02 13:09 - 00015553 _____ () C:\Users\Jiří\rgmnr
2014-12-26 18:45 - 2014-09-29 13:00 - 00000000 ___RD () C:\GD
2014-12-26 18:45 - 2014-01-08 21:41 - 00000000 __RDO () C:\Users\Jiří\SkyDrive
2014-12-26 18:45 - 2013-12-25 23:24 - 00000000 ____D () C:\Users\Jiří\AppData\Roaming\Dropbox
2014-12-26 18:44 - 2013-12-23 21:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-26 18:44 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-12-26 18:44 - 2013-08-22 14:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-12-26 18:04 - 2013-12-24 11:38 - 00000000 ____D () C:\Programy
2014-12-25 17:15 - 2014-01-09 09:23 - 00000000 ____D () C:\Users\Jiří\AppData\Local\Deployment
2014-12-25 11:35 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-12-24 15:55 - 2013-12-25 19:45 - 00000000 ____D () C:\FOTKY
2014-12-22 23:26 - 2014-08-04 15:17 - 00000000 ____D () C:\MUZIKA
2014-12-21 23:11 - 2013-12-28 13:37 - 00012800 _____ () C:\Users\Jiří\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-12-21 17:45 - 2013-12-23 21:01 - 00000000 ____D () C:\Users\Jiří\AppData\Local\Packages
2014-12-20 23:41 - 2013-12-24 11:31 - 00000000 ____D () C:\StaĹľeniny
2014-12-20 22:37 - 2014-01-02 11:21 - 00000000 ____D () C:\Program Files\CCleaner
2014-12-20 22:35 - 2013-12-26 23:54 - 00000000 ____D () C:\Users\Jiří\AppData\Local\Thunderbird
2014-12-18 07:51 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-12-15 23:29 - 2014-01-05 18:10 - 00000000 ____D () C:\Drop Ondřej
2014-12-15 22:16 - 2014-01-14 14:55 - 00000072 _____ () C:\Users\Public\LMDebug.log
2014-12-15 00:48 - 2013-12-25 19:32 - 00000000 ____D () C:\Users\Jiří\Graphisoft
2014-12-13 11:50 - 2014-01-08 11:06 - 00000000 ____D () C:\Users\Jiří\Documents\Poznámkové bloky aplikace OneNote
2014-12-13 11:39 - 2014-01-25 15:48 - 00000000 ____D () C:\Moje dokumenty
2014-12-13 11:33 - 2014-01-31 19:33 - 00001090 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-12-13 11:31 - 2013-12-25 23:25 - 00000000 ____D () C:\Users\Jiří\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-12-11 21:21 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-12-11 20:45 - 2014-09-01 11:42 - 00000000 ____D () C:\Users\Jiří\AppData\Local\Adobe
2014-12-11 20:18 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2014-12-11 20:18 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2014-12-11 20:18 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-12-11 09:56 - 2013-12-24 19:19 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-12-11 09:46 - 2013-12-24 19:19 - 112710672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-12-11 09:25 - 2013-12-24 14:28 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-09 22:13 - 2014-01-07 12:59 - 00000000 ____D () C:\ProgramData\firebird
2014-12-09 20:30 - 2014-01-17 11:39 - 00000819 _____ () C:\Users\Jiří\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CPP - IQ2.lnk
2014-12-09 20:30 - 2014-01-17 11:39 - 00000789 _____ () C:\Users\Jiří\Desktop\CPP - IQ2.lnk
2014-12-09 13:27 - 2014-11-11 09:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox.bak
2014-12-08 11:21 - 2013-12-25 23:52 - 00002046 _____ () C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2014-12-08 11:21 - 2013-12-25 23:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2014-12-08 11:21 - 2013-03-12 06:45 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-12-08 10:08 - 2013-12-25 18:03 - 00000000 ____D () C:\Knihy
2014-12-03 10:24 - 2014-02-19 15:06 - 00000000 ____D () C:\Program Files\Java
2014-12-02 10:06 - 2014-01-08 14:44 - 00000000 ____D () C:\temp_user_data
2014-12-02 10:06 - 2014-01-08 14:42 - 00000000 ____D () C:\Users\Jiří\ING_eKalkulacka_FINCENTRUM_CZ
2014-12-01 12:39 - 2014-01-13 22:43 - 00000000 ____D () C:\Users\Jiří\Documents\CSOBPSmlouvy
2014-12-01 12:21 - 2014-01-08 15:02 - 00000000 ____D () C:\Users\Jiří\AppData\Local\ČSOB_Pojišťovna,_a.s
2014-11-26 22:10 - 2014-05-15 07:48 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-11-26 22:10 - 2014-05-15 07:48 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-26 21:44 - 2014-11-19 22:16 - 00000000 ____D () C:\WEPOS
2014-11-26 20:53 - 2014-01-08 15:01 - 00000000 ____D () C:\Program Files (x86)\Simulace_PCS
2014-11-26 14:50 - 2014-01-08 21:01 - 00000000 ____D () C:\Users\Jiří

Some content of TEMP:
====================
C:\Users\Jiří\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpj0w7oy.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-26 20:08




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: (Acer) (Fixed) (Total:446.51 GB) (Free:265.2 GB) NTFS
Drive d: (KINGSTON) (Removable) (Total:14.63 GB) (Free:13.45 GB) FAT32

Available physical RAM: 1289.54 MB
Total physical RAM: 3911.27 MB
Percentage of memory in use: 67%

==================== MBR and Partition Table ==================

Disk: 0 (Size: 465.8 GB) (Disk ID: 029CB2E3)
Disk: 1 (Size: 22.4 GB) (Disk ID: 33FF6ECD)
Disk: 2 (MBR Code: Windows XP) (Size: 14.6 GB) (Disk ID: C3072E18)
Partition 1: (Not Active) - (Size=14.6 GB) - (Type=0C)

==================== Scheduled Tasks (whitelisted) ==================


==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\ProgramData\Temp:66BB1E73
AlternateDataStreams: C:\Users\Jiří\SkyDrive:ms-properties

==================== Security Center ==================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Jiýˇ\Desktop" je 2 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

[Rudy]

Zdravím!
Spusťte nejprve tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

[mrazik]

Tak tady je

# AdwCleaner v4.106 - Report created 26/12/2014 at 20:55:56
# Updated 21/12/2014 by Xplode
# Database : 2014-12-21.4 [Live]
# Operating System : Windows 8.1 (64 bits)
# Username : Jiří - KOALAK
# Running from : C:\Users\Jiří\Desktop\adwcleaner_4.106.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Systweak
Folder Deleted : C:\Program Files (x86)\Yawtix
Folder Deleted : C:\Users\Jiří\AppData\Roaming\Systweak
File Deleted : C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\47j8w4na.default\invalidprefs.js
File Deleted : C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\47j8w4na.default\user.js

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\Classes\pokki
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKCU\Software\Pokki
Key Deleted : HKCU\Software\systweak
Key Deleted : HKLM\SOFTWARE\systweak
Key Deleted : HKLM\SOFTWARE\YourFileDownloader

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Mozilla Firefox v34.0.5 (x86 cs)

[47j8w4na.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.admin", false);
[47j8w4na.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.aflt", "babsst");
[47j8w4na.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.appId", "{37EB75F2-7392-4DBE-B5AD-147EC6D7BF5F}");
[47j8w4na.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.autoRvrt", "false");
[47j8w4na.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.dfltLng", "en");
[47j8w4na.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.excTlbr", false);
[47j8w4na.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.ffxUnstlRst", true);
[47j8w4na.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.id", "5031df450000000000001e77e67ca997");
[47j8w4na.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.instlDay", "16162");
[47j8w4na.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.instlRef", "sst");
[47j8w4na.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.newTab", false);
[47j8w4na.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.prdct", "buenosearch");
[47j8w4na.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.prtnrId", "buenosearch");
[47j8w4na.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.rvrt", "false");
[47j8w4na.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.smplGrp", "none");
[47j8w4na.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.tb_url", "ht&mntrId=50311E77E67CA997&affID=128235&tsp=5205");
[47j8w4na.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.tlbrId", "base");
[47j8w4na.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.vrsn", "1.8.28.7");
[47j8w4na.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.vrsnTs", "1.8.28.712:35:44");
[47j8w4na.default\prefs.js] - Line Deleted : user_pref("extensions.buenosearch.vrsni", "1.8.28.7");

*************************

AdwCleaner[R0].txt - [4234 octets] - [26/12/2014 20:52:45]
AdwCleaner[S0].txt - [4322 octets] - [26/12/2014 20:55:56]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4382 octets] ##########

[mrazik]

Díky za sqělou spolupráci! Zdá se, že je vyřešeno.

[Rudy]

Ještě bych se rád podíval na nový log FRST, jestli nebude třeba něco dočistit.

[mrazik]

Nový log:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-12-2014
Ran by Jiří (administrator) on KOALAK on 26-12-2014 20:22:26
Running from C:\Users\Jiří\Desktop
Loaded Profile: Jiří (Available profiles: Jiří)
Platform: Windows 8.1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(CANON INC.) C:\Program Files\Canon\DIAS\CnxDIAS.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Condusiv Technologies) C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Instant Service\Sleep Memory Optimizer\FFSService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
(Dritek System Inc.) C:\Program Files (x86)\RadioController\RfBtnHelper.exe
(Dropbox, Inc.) C:\Users\Jiří\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE
() C:\Windows\Inf\msacwdrv\msacwdrv.exe
() C:\Windows\Inf\MSASGui.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Theft Shield\USecuAppClient.exe
(Ghisler Software GmbH) C:\totalcmd\TOTALCMD64.EXE
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(forum.viry.cz) C:\Users\Jiří\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2876816 2013-03-05] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13267016 2013-01-29] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1276488 2013-01-18] (Realtek Semiconductor)
HKLM-x32\...\Run: [LManager] => [X]
HKLM-x32\...\Run: [RadioController] => C:\Program Files (x86)\RadioController\RfBtnHelper.exe [111216 2013-10-17] (Dritek System Inc.)
HKLM-x32\...\Run: [Printsrv] => c:\Windows\SysWOW64\Printing_Admin_Scripts\en-US\pubpr.vbs [543 2013-05-01] ()
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [54072 2014-11-21] (Malwarebytes Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [131712 2013-01-25] ( (Qualcomm Atheros Commnucations))
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-4025786831-3650480476-1280956322-1001\...\Run: [] => [X]
HKU\S-1-5-21-4025786831-3650480476-1280956322-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22869088 2014-10-21] (Google)
HKU\S-1-5-21-4025786831-3650480476-1280956322-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-4025786831-3650480476-1280956322-1001\...\MountPoints2: {bac47188-b4d7-11e3-be84-3c77e67ca998} - "D:\CrossLink.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Network Server.lnk
ShortcutTarget: Network Server.lnk -> C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe (WIBU-SYSTEMS AG)
Startup: C:\Users\Jiří\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Jiří\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Jiří\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\Jiří\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Odeslat do OneNote.lnk
ShortcutTarget: Odeslat do OneNote.lnk -> C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-4025786831-3650480476-1280956322-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
HKU\S-1-5-21-4025786831-3650480476-1280956322-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
SearchScopes: HKU\S-1-5-21-4025786831-3650480476-1280956322-1001 -> DefaultScope {0DC38EA7-5052-41C5-BAEE-5DAEF8103EEC} URL =
SearchScopes: HKU\S-1-5-21-4025786831-3650480476-1280956322-1001 -> {0DC38EA7-5052-41C5-BAEE-5DAEF8103EEC} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\47j8w4na.default
FF DefaultSearchEngine: Seznam
FF Homepage: seznam.cz
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1214154.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @graphisoft.com/GDL Web Plug-in -> C:\Program Files (x86)\GRAPHISOFT\GDLWebControl\npGDLMozilla.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: @software602.cz/602XML Filler -> C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll (Software602 a.s.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\5\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4025786831-3650480476-1280956322-1001: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll (Sony Network Entertainment International LLC)
FF user.js: detected! => C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\47j8w4na.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\47j8w4na.default\searchplugins\mapycz.xml
FF SearchPlugin: C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\47j8w4na.default\searchplugins\smerovakcz.xml
FF Extension: 20-20 3D Viewer - IKEA - C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\47j8w4na.default\Extensions\2020Player_IKEA@2020Technologies.com [2014-01-03]
FF Extension: Xmarks - C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\47j8w4na.default\Extensions\foxmarks@kei.com [2014-11-23]
FF Extension: Toolbar Buttons - C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\47j8w4na.default\Extensions\{03B08592-E5B4-45ff-A0BE-C1D975458688} [2014-11-23]
FF Extension: AutoCopy 2 - C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\47j8w4na.default\Extensions\autocopy2@teo.pl.xpi [2013-12-23]
FF Extension: Classic Theme Restorer - C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\47j8w4na.default\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2014-05-04]
FF Extension: Personas Plus - C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\47j8w4na.default\Extensions\personas@christopher.beard.xpi [2013-12-23]
FF Extension: Send Link in context menu - C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\47j8w4na.default\Extensions\sendlinkincontextmenu@jasnapaka.com.xpi [2013-12-24]
FF Extension: Back to Top - C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\47j8w4na.default\Extensions\{3C9A65A6-9563-4485-BA4A-4BCD698BCFB4}.xpi [2013-12-24]
FF Extension: Adblock Plus - C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\47j8w4na.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-12-23]
FF Extension: Tab Mix Plus - C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\47j8w4na.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2013-12-23]
FF Extension: DownThemAll! - C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\47j8w4na.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2014-01-25]

Chrome:
=======

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [227456 2013-01-25] (Qualcomm Atheros Commnucations)
R2 Canon Driver Information Assist Service; C:\Program Files\Canon\DIAS\CnxDIAS.exe [4940760 2012-09-04] (CANON INC.)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe [2797312 2013-12-06] (Acer Incorporated)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [470056 2013-05-01] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [662088 2013-03-15] (Acer Incorporated)
R2 ExpressCache; C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe [107944 2013-01-08] (Condusiv Technologies)
R2 FFSOpzSvc; C:\Program Files\Acer\Acer Instant Service\Sleep Memory Optimizer\FFSService.exe [161384 2012-03-12] (Acer Incorporated)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [255040 2014-10-06] (WildTangent)
S3 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [193576 2012-07-19] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [96880 2013-10-17] (Dritek System INC.)
S3 USecuAppSvc; C:\Program Files\Acer\Acer Theft Shield\USecuAppSvc.exe [345744 2012-11-12] (Acer Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-01-25] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0403000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [26024 2013-01-08] (Condusiv Technologies)
R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [112552 2013-01-08] (Condusiv Technologies)
R3 irstrtdv; C:\Windows\System32\drivers\irstrtdv.sys [43800 2012-07-20] (Intel Corporation)
U0 lnyefqx; C:\Windows\System32\drivers\aspr.sys [79064 2014-12-26] (Malwarebytes Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-26] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2013-10-17] (Dritek System Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
R2 WIBUKEY; C:\Windows\System32\DRIVERS\WibuKey64.sys [97792 2011-09-22] (WIBU-SYSTEMS AG)
S1 MpKsl3af3ecad; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{3B2AF5A3-A4A7-42EC-ABBB-85F9AA6B4139}\MpKsl3af3ecad.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-26 20:22 - 2014-12-26 20:22 - 00019947 _____ () C:\Users\Jiří\Desktop\FRST.txt
2014-12-26 20:21 - 2014-12-26 20:22 - 00000000 ____D () C:\FRST
2014-12-26 20:20 - 2014-12-26 20:20 - 02122752 _____ (Farbar) C:\Users\Jiří\Desktop\FRST64.exe
2014-12-26 20:19 - 2014-12-26 20:19 - 00112640 _____ (forum.viry.cz) C:\Users\Jiří\Desktop\FRSTLauncher.exe
2014-12-26 20:01 - 2014-12-26 20:01 - 00079064 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\aspr.sys
2014-12-26 19:31 - 2014-12-26 19:35 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-12-26 19:31 - 2014-12-26 19:34 - 00001122 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-12-26 19:31 - 2014-12-26 19:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-26 19:30 - 2014-12-26 19:34 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-26 19:30 - 2014-12-26 19:30 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-12-26 19:30 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-12-26 19:30 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-12-26 19:30 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-12-26 19:16 - 2014-12-26 19:16 - 00000000 ___SH () C:\DkHyperbootSync
2014-12-19 12:44 - 2014-12-19 12:44 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-12-15 22:49 - 2014-10-30 23:37 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2014-12-15 22:49 - 2014-10-30 23:34 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2014-12-13 11:55 - 2014-12-16 00:25 - 00000000 ____D () C:\Vrtulník
2014-12-11 20:48 - 2014-12-11 20:49 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-12-11 20:48 - 2014-12-11 20:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-12-11 20:48 - 2014-12-11 20:48 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-12-11 10:48 - 2014-12-11 10:48 - 00001744 _____ () C:\Users\Public\Desktop\Aplikace PriMa v2.05.lnk
2014-12-11 09:26 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-12-11 09:26 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-12-11 09:26 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-12-11 09:26 - 2014-11-22 03:49 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2014-12-11 09:26 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-12-11 09:26 - 2014-11-22 03:35 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-12-11 09:26 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-12-11 09:26 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-12-11 09:26 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-12-11 09:26 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-12-11 09:26 - 2014-11-22 03:06 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2014-12-11 09:26 - 2014-11-22 03:06 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2014-12-11 09:26 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-12-11 09:26 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-12-11 09:26 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-12-11 09:26 - 2014-11-22 02:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2014-12-11 09:26 - 2014-11-22 02:55 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-12-11 09:26 - 2014-11-22 02:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2014-12-11 09:26 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-12-11 09:26 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-12-11 09:26 - 2014-11-22 02:49 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-12-11 09:26 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-12-11 09:26 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-12-11 09:26 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-12-11 09:26 - 2014-11-22 02:34 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2014-12-11 09:26 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-12-11 09:26 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-12-11 09:26 - 2014-11-22 02:29 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2014-12-11 09:26 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-12-11 09:26 - 2014-11-22 02:25 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2014-12-11 09:26 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-12-11 09:26 - 2014-11-22 02:23 - 00326656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-12-11 09:26 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-12-11 09:26 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-12-11 09:26 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-12-11 09:26 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-12-11 09:26 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-12-11 09:26 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-12-11 09:26 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-12-11 09:26 - 2014-11-07 05:16 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2014-12-11 09:26 - 2014-11-07 04:26 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2014-12-11 09:26 - 2014-10-13 03:43 - 00238912 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2014-12-11 09:26 - 2014-10-13 03:43 - 00153920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2014-12-11 09:26 - 2014-10-13 03:43 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2014-12-11 09:26 - 2014-10-13 03:43 - 00039744 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2014-12-10 21:32 - 2014-12-10 21:32 - 00000000 ____D () C:\WINDOWS\system32\NETGEAR
2014-12-09 13:19 - 2014-12-09 13:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-03 10:25 - 2014-12-03 10:25 - 00111016 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2014-12-03 10:25 - 2014-12-03 10:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-11-26 21:46 - 2014-11-26 21:46 - 00000663 _____ () C:\Users\Jiří\Desktop\JOS-WePOS.lnk
2014-11-26 21:46 - 2014-11-26 21:46 - 00000000 ____D () C:\Users\Jiří\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Česká Pojišťovna
2014-11-26 21:46 - 2014-11-26 21:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Česká Pojišťovna

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-26 20:20 - 2014-03-28 10:47 - 00000000 ____D () C:\PC
2014-12-26 20:08 - 2014-07-11 08:54 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4025786831-3650480476-1280956322-1001
2014-12-26 20:01 - 2014-09-01 07:40 - 00000000 ____D () C:\ProgramData\Systweak
2014-12-26 20:01 - 2013-12-24 20:22 - 00000000 ____D () C:\Users\Jiří\AppData\Roaming\systweak
2014-12-26 20:01 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\InputMethod
2014-12-26 20:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-12-26 19:06 - 2014-08-13 06:45 - 00004944 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for KOALAK-Jiří Koalak
2014-12-26 19:05 - 2013-12-24 11:31 - 00000000 ____D () C:\Users\Jiří\AppData\Local\GHISLER
2014-12-26 18:51 - 2013-11-14 13:40 - 01745984 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-12-26 18:51 - 2013-11-14 13:24 - 00739924 _____ () C:\WINDOWS\system32\perfh005.dat
2014-12-26 18:51 - 2013-11-14 13:24 - 00151610 _____ () C:\WINDOWS\system32\perfc005.dat
2014-12-26 18:46 - 2014-03-02 13:09 - 00015553 _____ () C:\Users\Jiří\rgmnr
2014-12-26 18:45 - 2014-09-29 13:00 - 00000000 ___RD () C:\GD
2014-12-26 18:45 - 2014-01-08 21:41 - 00000000 __RDO () C:\Users\Jiří\SkyDrive
2014-12-26 18:45 - 2013-12-25 23:24 - 00000000 ____D () C:\Users\Jiří\AppData\Roaming\Dropbox
2014-12-26 18:44 - 2013-12-23 21:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-26 18:44 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-12-26 18:44 - 2013-08-22 14:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-12-26 18:04 - 2013-12-24 11:38 - 00000000 ____D () C:\Programy
2014-12-25 17:15 - 2014-01-09 09:23 - 00000000 ____D () C:\Users\Jiří\AppData\Local\Deployment
2014-12-25 11:35 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-12-24 15:55 - 2013-12-25 19:45 - 00000000 ____D () C:\FOTKY
2014-12-22 23:26 - 2014-08-04 15:17 - 00000000 ____D () C:\MUZIKA
2014-12-21 23:11 - 2013-12-28 13:37 - 00012800 _____ () C:\Users\Jiří\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-12-21 17:45 - 2013-12-23 21:01 - 00000000 ____D () C:\Users\Jiří\AppData\Local\Packages
2014-12-20 23:41 - 2013-12-24 11:31 - 00000000 ____D () C:\Staženiny
2014-12-20 22:37 - 2014-01-02 11:21 - 00000000 ____D () C:\Program Files\CCleaner
2014-12-20 22:35 - 2013-12-26 23:54 - 00000000 ____D () C:\Users\Jiří\AppData\Local\Thunderbird
2014-12-18 07:51 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-12-15 23:29 - 2014-01-05 18:10 - 00000000 ____D () C:\Drop Ondřej
2014-12-15 22:16 - 2014-01-14 14:55 - 00000072 _____ () C:\Users\Public\LMDebug.log
2014-12-15 00:48 - 2013-12-25 19:32 - 00000000 ____D () C:\Users\Jiří\Graphisoft
2014-12-13 11:50 - 2014-01-08 11:06 - 00000000 ____D () C:\Users\Jiří\Documents\Poznámkové bloky aplikace OneNote
2014-12-13 11:39 - 2014-01-25 15:48 - 00000000 ____D () C:\Moje dokumenty
2014-12-13 11:33 - 2014-01-31 19:33 - 00001090 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-12-13 11:31 - 2013-12-25 23:25 - 00000000 ____D () C:\Users\Jiří\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-12-11 21:21 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-12-11 20:45 - 2014-09-01 11:42 - 00000000 ____D () C:\Users\Jiří\AppData\Local\Adobe
2014-12-11 20:18 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2014-12-11 20:18 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2014-12-11 20:18 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-12-11 09:56 - 2013-12-24 19:19 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-12-11 09:46 - 2013-12-24 19:19 - 112710672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-12-11 09:25 - 2013-12-24 14:28 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-09 22:13 - 2014-01-07 12:59 - 00000000 ____D () C:\ProgramData\firebird
2014-12-09 20:30 - 2014-01-17 11:39 - 00000819 _____ () C:\Users\Jiří\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CPP - IQ2.lnk
2014-12-09 20:30 - 2014-01-17 11:39 - 00000789 _____ () C:\Users\Jiří\Desktop\CPP - IQ2.lnk
2014-12-09 13:27 - 2014-11-11 09:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox.bak
2014-12-08 11:21 - 2013-12-25 23:52 - 00002046 _____ () C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2014-12-08 11:21 - 2013-12-25 23:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2014-12-08 11:21 - 2013-03-12 06:45 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-12-08 10:08 - 2013-12-25 18:03 - 00000000 ____D () C:\Knihy
2014-12-03 10:24 - 2014-02-19 15:06 - 00000000 ____D () C:\Program Files\Java
2014-12-02 10:06 - 2014-01-08 14:44 - 00000000 ____D () C:\temp_user_data
2014-12-02 10:06 - 2014-01-08 14:42 - 00000000 ____D () C:\Users\Jiří\ING_eKalkulacka_FINCENTRUM_CZ
2014-12-01 12:39 - 2014-01-13 22:43 - 00000000 ____D () C:\Users\Jiří\Documents\CSOBPSmlouvy
2014-12-01 12:21 - 2014-01-08 15:02 - 00000000 ____D () C:\Users\Jiří\AppData\Local\ČSOB_Pojišťovna,_a.s
2014-11-26 22:10 - 2014-05-15 07:48 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-11-26 22:10 - 2014-05-15 07:48 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-26 21:44 - 2014-11-19 22:16 - 00000000 ____D () C:\WEPOS
2014-11-26 20:53 - 2014-01-08 15:01 - 00000000 ____D () C:\Program Files (x86)\Simulace_PCS
2014-11-26 14:50 - 2014-01-08 21:01 - 00000000 ____D () C:\Users\Jiří

Some content of TEMP:
====================
C:\Users\Jiří\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpj0w7oy.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-26 20:08




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: (Acer) (Fixed) (Total:446.51 GB) (Free:265.2 GB) NTFS
Drive d: (KINGSTON) (Removable) (Total:14.63 GB) (Free:13.45 GB) FAT32

Available physical RAM: 1289.54 MB
Total physical RAM: 3911.27 MB
Percentage of memory in use: 67%

==================== MBR and Partition Table ==================

Disk: 0 (Size: 465.8 GB) (Disk ID: 029CB2E3)
Disk: 1 (Size: 22.4 GB) (Disk ID: 33FF6ECD)
Disk: 2 (MBR Code: Windows XP) (Size: 14.6 GB) (Disk ID: C3072E18)
Partition 1: (Not Active) - (Size=14.6 GB) - (Type=0C)

==================== Scheduled Tasks (whitelisted) ==================


==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\ProgramData\Temp:66BB1E73
AlternateDataStreams: C:\Users\Jiří\SkyDrive:ms-properties

==================== Security Center ==================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Ji��\Desktop" je 2 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-12-2014
Ran by Jiří (administrator) on KOALAK on 26-12-2014 22:15:28
Running from C:\Users\Jiří\Desktop
Loaded Profile: Jiří (Available profiles: Jiří)
Platform: Windows 8.1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Software602 a.s.) C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(CANON INC.) C:\Program Files\Canon\DIAS\CnxDIAS.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Condusiv Technologies) C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Instant Service\Sleep Memory Optimizer\FFSService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
(Dritek System Inc.) C:\Program Files (x86)\RadioController\RfBtnHelper.exe
(Dropbox, Inc.) C:\Users\Jiří\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Theft Shield\USecuAppClient.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(forum.viry.cz) C:\Users\Jiří\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2876816 2013-03-05] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13267016 2013-01-29] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1276488 2013-01-18] (Realtek Semiconductor)
HKLM-x32\...\Run: [LManager] => [X]
HKLM-x32\...\Run: [RadioController] => C:\Program Files (x86)\RadioController\RfBtnHelper.exe [111216 2013-10-17] (Dritek System Inc.)
HKLM-x32\...\Run: [Printsrv] => c:\Windows\SysWOW64\Printing_Admin_Scripts\en-US\pubpr.vbs [543 2013-05-01] ()
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [131712 2013-01-25] ( (Qualcomm Atheros Commnucations))
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-4025786831-3650480476-1280956322-1001\...\Run: [] => [X]
HKU\S-1-5-21-4025786831-3650480476-1280956322-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22869088 2014-10-21] (Google)
HKU\S-1-5-21-4025786831-3650480476-1280956322-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-4025786831-3650480476-1280956322-1001\...\MountPoints2: {bac47188-b4d7-11e3-be84-3c77e67ca998} - "D:\CrossLink.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Network Server.lnk
ShortcutTarget: Network Server.lnk -> C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe (WIBU-SYSTEMS AG)
Startup: C:\Users\Jiří\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Jiří\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Jiří\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\Jiří\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Odeslat do OneNote.lnk
ShortcutTarget: Odeslat do OneNote.lnk -> C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-4025786831-3650480476-1280956322-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
HKU\S-1-5-21-4025786831-3650480476-1280956322-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4025786831-3650480476-1280956322-1001 -> {0DC38EA7-5052-41C5-BAEE-5DAEF8103EEC} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\47j8w4na.default
FF DefaultSearchEngine: Seznam
FF Homepage: seznam.cz
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1214154.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @graphisoft.com/GDL Web Plug-in -> C:\Program Files (x86)\GRAPHISOFT\GDLWebControl\npGDLMozilla.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: @software602.cz/602XML Filler -> C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll (Software602 a.s.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\5\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4025786831-3650480476-1280956322-1001: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll (Sony Network Entertainment International LLC)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\47j8w4na.default\searchplugins\mapycz.xml
FF SearchPlugin: C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\47j8w4na.default\searchplugins\smerovakcz.xml
FF Extension: 20-20 3D Viewer - IKEA - C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\47j8w4na.default\Extensions\2020Player_IKEA@2020Technologies.com [2014-01-03]
FF Extension: Xmarks - C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\47j8w4na.default\Extensions\foxmarks@kei.com [2014-11-23]
FF Extension: Toolbar Buttons - C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\47j8w4na.default\Extensions\{03B08592-E5B4-45ff-A0BE-C1D975458688} [2014-11-23]
FF Extension: AutoCopy 2 - C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\47j8w4na.default\Extensions\autocopy2@teo.pl.xpi [2013-12-23]
FF Extension: Classic Theme Restorer - C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\47j8w4na.default\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2014-05-04]
FF Extension: Personas Plus - C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\47j8w4na.default\Extensions\personas@christopher.beard.xpi [2013-12-23]
FF Extension: Send Link in context menu - C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\47j8w4na.default\Extensions\sendlinkincontextmenu@jasnapaka.com.xpi [2013-12-24]
FF Extension: Back to Top - C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\47j8w4na.default\Extensions\{3C9A65A6-9563-4485-BA4A-4BCD698BCFB4}.xpi [2013-12-24]
FF Extension: Adblock Plus - C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\47j8w4na.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-12-23]
FF Extension: Tab Mix Plus - C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\47j8w4na.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2013-12-23]
FF Extension: DownThemAll! - C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\47j8w4na.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2014-01-25]

Chrome:
=======

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [227456 2013-01-25] (Qualcomm Atheros Commnucations)
R2 Canon Driver Information Assist Service; C:\Program Files\Canon\DIAS\CnxDIAS.exe [4940760 2012-09-04] (CANON INC.)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe [2797312 2013-12-06] (Acer Incorporated)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [470056 2013-05-01] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [662088 2013-03-15] (Acer Incorporated)
R2 ExpressCache; C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe [107944 2013-01-08] (Condusiv Technologies)
R2 FFSOpzSvc; C:\Program Files\Acer\Acer Instant Service\Sleep Memory Optimizer\FFSService.exe [161384 2012-03-12] (Acer Incorporated)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [255040 2014-10-06] (WildTangent)
S3 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [193576 2012-07-19] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [96880 2013-10-17] (Dritek System INC.)
S3 USecuAppSvc; C:\Program Files\Acer\Acer Theft Shield\USecuAppSvc.exe [345744 2012-11-12] (Acer Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-01-25] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0403000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [26024 2013-01-08] (Condusiv Technologies)
R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [112552 2013-01-08] (Condusiv Technologies)
R3 irstrtdv; C:\Windows\System32\drivers\irstrtdv.sys [43800 2012-07-20] (Intel Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-26] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2013-10-17] (Dritek System Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
R2 WIBUKEY; C:\Windows\System32\DRIVERS\WibuKey64.sys [97792 2011-09-22] (WIBU-SYSTEMS AG)
S1 MpKsl3af3ecad; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{3B2AF5A3-A4A7-42EC-ABBB-85F9AA6B4139}\MpKsl3af3ecad.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-26 22:15 - 2014-12-26 22:15 - 00019561 _____ () C:\Users\Jiří\Desktop\FRST.txt
2014-12-26 21:45 - 2014-12-26 21:45 - 00000000 _____ () C:\WINDOWS\WindowsUpdate.log
2014-12-26 21:28 - 2014-12-26 21:28 - 00000000 ___SH () C:\DkHyperbootSync
2014-12-26 20:56 - 2014-12-26 20:57 - 00484192 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-12-26 20:56 - 2014-12-26 20:56 - 00012056 _____ () C:\WINDOWS\PFRO.log
2014-12-26 20:52 - 2014-12-26 20:55 - 00000000 ____D () C:\AdwCleaner
2014-12-26 20:52 - 2014-12-26 20:52 - 02173952 _____ () C:\Users\Jiří\Desktop\adwcleaner_4.106.exe
2014-12-26 20:24 - 2014-12-26 20:24 - 00037884 _____ () C:\Users\Jiří\Desktop\FRST3.txt
2014-12-26 20:21 - 2014-12-26 22:15 - 00000000 ____D () C:\FRST
2014-12-26 20:20 - 2014-12-26 20:20 - 02122752 _____ (Farbar) C:\Users\Jiří\Desktop\FRST64.exe
2014-12-26 20:19 - 2014-12-26 20:19 - 00112640 _____ (forum.viry.cz) C:\Users\Jiří\Desktop\FRSTLauncher.exe
2014-12-26 19:31 - 2014-12-26 20:57 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-12-26 19:31 - 2014-12-26 19:34 - 00001122 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-12-26 19:31 - 2014-12-26 19:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-26 19:30 - 2014-12-26 19:34 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-26 19:30 - 2014-12-26 19:30 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-12-26 19:30 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-12-26 19:30 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-12-26 19:30 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-12-19 12:44 - 2014-12-19 12:44 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-12-15 22:49 - 2014-10-30 23:37 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2014-12-15 22:49 - 2014-10-30 23:34 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2014-12-13 11:55 - 2014-12-16 00:25 - 00000000 ____D () C:\Vrtulník
2014-12-11 20:48 - 2014-12-11 20:49 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-12-11 20:48 - 2014-12-11 20:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-12-11 20:48 - 2014-12-11 20:48 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-12-11 10:48 - 2014-12-11 10:48 - 00001744 _____ () C:\Users\Public\Desktop\Aplikace PriMa v2.05.lnk
2014-12-11 09:26 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-12-11 09:26 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-12-11 09:26 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-12-11 09:26 - 2014-11-22 03:49 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2014-12-11 09:26 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-12-11 09:26 - 2014-11-22 03:35 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-12-11 09:26 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-12-11 09:26 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-12-11 09:26 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-12-11 09:26 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-12-11 09:26 - 2014-11-22 03:06 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2014-12-11 09:26 - 2014-11-22 03:06 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2014-12-11 09:26 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-12-11 09:26 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-12-11 09:26 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-12-11 09:26 - 2014-11-22 02:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2014-12-11 09:26 - 2014-11-22 02:55 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-12-11 09:26 - 2014-11-22 02:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2014-12-11 09:26 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-12-11 09:26 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-12-11 09:26 - 2014-11-22 02:49 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-12-11 09:26 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-12-11 09:26 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-12-11 09:26 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-12-11 09:26 - 2014-11-22 02:34 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2014-12-11 09:26 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-12-11 09:26 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-12-11 09:26 - 2014-11-22 02:29 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2014-12-11 09:26 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-12-11 09:26 - 2014-11-22 02:25 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2014-12-11 09:26 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-12-11 09:26 - 2014-11-22 02:23 - 00326656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-12-11 09:26 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-12-11 09:26 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-12-11 09:26 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-12-11 09:26 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-12-11 09:26 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-12-11 09:26 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-12-11 09:26 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-12-11 09:26 - 2014-11-07 05:16 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2014-12-11 09:26 - 2014-11-07 04:26 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2014-12-11 09:26 - 2014-10-13 03:43 - 00238912 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2014-12-11 09:26 - 2014-10-13 03:43 - 00153920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2014-12-11 09:26 - 2014-10-13 03:43 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2014-12-11 09:26 - 2014-10-13 03:43 - 00039744 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2014-12-10 21:32 - 2014-12-10 21:32 - 00000000 ____D () C:\WINDOWS\system32\NETGEAR
2014-12-09 13:19 - 2014-12-09 13:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-03 10:25 - 2014-12-03 10:25 - 00111016 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2014-12-03 10:25 - 2014-12-03 10:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-11-26 21:46 - 2014-11-26 21:46 - 00000663 _____ () C:\Users\Jiří\Desktop\JOS-WePOS.lnk
2014-11-26 21:46 - 2014-11-26 21:46 - 00000000 ____D () C:\Users\Jiří\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Česká Pojišťovna
2014-11-26 21:46 - 2014-11-26 21:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Česká Pojišťovna

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-26 22:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-12-26 21:19 - 2014-08-13 06:45 - 00004944 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for KOALAK-Jiří Koalak
2014-12-26 21:02 - 2013-11-14 13:40 - 01745984 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-12-26 21:02 - 2013-11-14 13:24 - 00739924 _____ () C:\WINDOWS\system32\perfh005.dat
2014-12-26 21:02 - 2013-11-14 13:24 - 00151610 _____ () C:\WINDOWS\system32\perfc005.dat
2014-12-26 20:58 - 2014-09-29 13:00 - 00000000 ___RD () C:\GD
2014-12-26 20:58 - 2013-12-25 23:24 - 00000000 ____D () C:\Users\Jiří\AppData\Roaming\Dropbox
2014-12-26 20:57 - 2014-01-08 21:41 - 00000000 __RDO () C:\Users\Jiří\SkyDrive
2014-12-26 20:57 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-12-26 20:56 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\InputMethod
2014-12-26 20:56 - 2013-08-22 14:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-12-26 20:20 - 2014-03-28 10:47 - 00000000 ____D () C:\PC
2014-12-26 20:08 - 2014-07-11 08:54 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4025786831-3650480476-1280956322-1001
2014-12-26 19:05 - 2013-12-24 11:31 - 00000000 ____D () C:\Users\Jiří\AppData\Local\GHISLER
2014-12-26 18:46 - 2014-03-02 13:09 - 00015553 _____ () C:\Users\Jiří\rgmnr
2014-12-26 18:44 - 2013-12-23 21:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-26 18:04 - 2013-12-24 11:38 - 00000000 ____D () C:\Programy
2014-12-25 17:15 - 2014-01-09 09:23 - 00000000 ____D () C:\Users\Jiří\AppData\Local\Deployment
2014-12-25 11:35 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-12-24 15:55 - 2013-12-25 19:45 - 00000000 ____D () C:\FOTKY
2014-12-22 23:26 - 2014-08-04 15:17 - 00000000 ____D () C:\MUZIKA
2014-12-21 23:11 - 2013-12-28 13:37 - 00012800 _____ () C:\Users\Jiří\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-12-21 17:45 - 2013-12-23 21:01 - 00000000 ____D () C:\Users\Jiří\AppData\Local\Packages
2014-12-20 23:41 - 2013-12-24 11:31 - 00000000 ____D () C:\Staženiny
2014-12-20 22:37 - 2014-01-02 11:21 - 00000000 ____D () C:\Program Files\CCleaner
2014-12-20 22:35 - 2013-12-26 23:54 - 00000000 ____D () C:\Users\Jiří\AppData\Local\Thunderbird
2014-12-18 07:51 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-12-15 23:29 - 2014-01-05 18:10 - 00000000 ____D () C:\Drop Ondřej
2014-12-15 22:16 - 2014-01-14 14:55 - 00000072 _____ () C:\Users\Public\LMDebug.log
2014-12-15 00:48 - 2013-12-25 19:32 - 00000000 ____D () C:\Users\Jiří\Graphisoft
2014-12-13 11:50 - 2014-01-08 11:06 - 00000000 ____D () C:\Users\Jiří\Documents\Poznámkové bloky aplikace OneNote
2014-12-13 11:39 - 2014-01-25 15:48 - 00000000 ____D () C:\Moje dokumenty
2014-12-13 11:33 - 2014-01-31 19:33 - 00001090 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-12-13 11:31 - 2013-12-25 23:25 - 00000000 ____D () C:\Users\Jiří\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-12-11 21:21 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-12-11 20:45 - 2014-09-01 11:42 - 00000000 ____D () C:\Users\Jiří\AppData\Local\Adobe
2014-12-11 20:18 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2014-12-11 20:18 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2014-12-11 20:18 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-12-11 09:56 - 2013-12-24 19:19 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-12-11 09:46 - 2013-12-24 19:19 - 112710672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-12-11 09:25 - 2013-12-24 14:28 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-09 22:13 - 2014-01-07 12:59 - 00000000 ____D () C:\ProgramData\firebird
2014-12-09 20:30 - 2014-01-17 11:39 - 00000819 _____ () C:\Users\Jiří\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CPP - IQ2.lnk
2014-12-09 20:30 - 2014-01-17 11:39 - 00000789 _____ () C:\Users\Jiří\Desktop\CPP - IQ2.lnk
2014-12-09 13:27 - 2014-11-11 09:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox.bak
2014-12-08 11:21 - 2013-12-25 23:52 - 00002046 _____ () C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2014-12-08 11:21 - 2013-12-25 23:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2014-12-08 11:21 - 2013-03-12 06:45 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-12-08 10:08 - 2013-12-25 18:03 - 00000000 ____D () C:\Knihy
2014-12-03 10:24 - 2014-02-19 15:06 - 00000000 ____D () C:\Program Files\Java
2014-12-02 10:06 - 2014-01-08 14:44 - 00000000 ____D () C:\temp_user_data
2014-12-02 10:06 - 2014-01-08 14:42 - 00000000 ____D () C:\Users\Jiří\ING_eKalkulacka_FINCENTRUM_CZ
2014-12-01 12:39 - 2014-01-13 22:43 - 00000000 ____D () C:\Users\Jiří\Documents\CSOBPSmlouvy
2014-12-01 12:21 - 2014-01-08 15:02 - 00000000 ____D () C:\Users\Jiří\AppData\Local\ČSOB_Pojišťovna,_a.s
2014-11-26 22:10 - 2014-05-15 07:48 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-11-26 22:10 - 2014-05-15 07:48 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-26 21:44 - 2014-11-19 22:16 - 00000000 ____D () C:\WEPOS
2014-11-26 20:53 - 2014-01-08 15:01 - 00000000 ____D () C:\Program Files (x86)\Simulace_PCS
2014-11-26 14:50 - 2014-01-08 21:01 - 00000000 ____D () C:\Users\Jiří

Some content of TEMP:
====================
C:\Users\Jiří\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp76kpw1.dll
C:\Users\Jiří\AppData\Local\Temp\Quarantine.exe
C:\Users\Jiří\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-26 21:37




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: (Acer) (Fixed) (Total:446.51 GB) (Free:264.88 GB) NTFS

Available physical RAM: 1663.59 MB
Total physical RAM: 3911.27 MB
Percentage of memory in use: 57%

==================== MBR and Partition Table ==================

Disk: 0 (Size: 465.8 GB) (Disk ID: 029CB2E3)
Disk: 1 (Size: 22.4 GB) (Disk ID: 33FF6ECD)

==================== Scheduled Tasks (whitelisted) ==================


==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\ProgramData\Temp:66BB1E73
AlternateDataStreams: C:\Users\Jiří\SkyDrive:ms-properties

==================== Security Center ==================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Ji��\Desktop" je 4 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM-x32\...\Run: [LManager] => [X]
HKU\S-1-5-21-4025786831-3650480476-1280956322-1001\...\Run: [] => [X]
HKU\S-1-5-21-4025786831-3650480476-1280956322-1001\...\MountPoints2: {bac47188-b4d7-11e3-be84-3c77e67ca998} - "D:\CrossLink.exe"
C:\Users\Jiří\AppData\Local\Temp
AlternateDataStreams: C:\ProgramData\Temp:66BB1E73
AlternateDataStreams: C:\Users\Jiří\SkyDrive:ms-properties
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[mrazik]

Tu je:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 26-12-2014
Ran by Jiří at 2014-12-26 22:35:15 Run:1
Running from C:\Users\Jiří\Desktop
Loaded Profile: Jiří (Available profiles: Jiří)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
HKLM-x32\...\Run: [LManager] => [X]
HKU\S-1-5-21-4025786831-3650480476-1280956322-1001\...\Run: [] => [X]
HKU\S-1-5-21-4025786831-3650480476-1280956322-1001\...\MountPoints2: {bac47188-b4d7-11e3-be84-3c77e67ca998} - "D:\CrossLink.exe"
C:\Users\Jiří\AppData\Local\Temp
AlternateDataStreams: C:\ProgramData\Temp:66BB1E73
AlternateDataStreams: C:\Users\Jiří\SkyDrive:ms-properties
End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\LManager => value deleted successfully.
HKU\S-1-5-21-4025786831-3650480476-1280956322-1001\Software\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
"HKU\S-1-5-21-4025786831-3650480476-1280956322-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bac47188-b4d7-11e3-be84-3c77e67ca998}" => Key deleted successfully.
HKCR\CLSID\{bac47188-b4d7-11e3-be84-3c77e67ca998} => Key not found.

"C:\Users\Jiří\AppData\Local\Temp" directory move:

C:\Users\Jiří\AppData\Local\Temp\adwcleaner.db => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\AdwCleaner.jpg => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\Cleaning.ico => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp76kpw1.dll => Moved successfully.
Could not move "C:\Users\Jiří\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp76kpw1.lck" => Scheduled to move on reboot.
C:\Users\Jiří\AppData\Local\Temp\EULA.txt => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\mdi064.dll.old => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\MMDUtl.ini => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\Report.ico => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\Scan.ico => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\sqlite3.dll => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\Uninstall.ico => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\~95EA.tmp => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\~C1B0.tmp => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\~C40A.bat => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\~C40A.tmp => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\bz2.pyd => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\gdi32.dll => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\hashobjs_ext.pyd => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\kernel32.dll => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\main.exe.manifest => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\mfc90.dll => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\mfc90u.dll => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\mfcm90.dll => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\mfcm90u.dll => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\msvcp100.dll => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\msvcr100.dll => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\psapi.dll => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\pyexpat.pyd => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\pysqlite2._sqlite.pyd => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\python27.dll => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\pythoncom27.dll => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\PyWinTypes27.dll => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\select.pyd => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\shell32.dll => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\unicodedata.pyd => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\win32api.pyd => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\win32com.shell.shell.pyd => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\win32crypt.pyd => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\win32event.pyd => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\win32evtlog.pyd => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\win32file.pyd => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\win32gui.pyd => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\win32inet.pyd => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\win32pdh.pyd => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\win32pipe.pyd => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\win32process.pyd => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\win32profile.pyd => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\win32security.pyd => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\win32trace.pyd => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\win32ts.pyd => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\win32ui.pyd => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\win32wnet.pyd => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\windows._lib_cacheinvalidation.pyd => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\wx._animate.pyd => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\wx._controls_.pyd => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\wx._core_.pyd => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\wx._gdi_.pyd => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\wx._html2.pyd => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\wx._misc_.pyd => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\wx._windows_.pyd => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\wx._wizard.pyd => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\wxbase294u_net_vc90.dll => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\wxbase294u_vc90.dll => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\wxmsw294u_adv_vc90.dll => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\wxmsw294u_core_vc90.dll => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\wxmsw294u_html_vc90.dll => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\wxmsw294u_webview_vc90.dll => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\_ctypes.pyd => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\_elementtree.pyd => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\_hashlib.pyd => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\_multiprocessing.pyd => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\_socket.pyd => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\_ssl.pyd => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\_win32sysloader.pyd => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\support\gen_py\__init__.py => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\mime\drive.mime.types => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\js\XMLHttpRequest.js => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\docs.ico => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\drive-gdoc16.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\drive-gdoc256.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\drive-gdoc32.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\drive-gdoc48.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\drive-gdraw16.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\drive-gdraw256.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\drive-gdraw32.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\drive-gdraw48.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\drive-gform16.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\drive-gform256.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\drive-gform32.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\drive-gform48.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\drive-glink16.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\drive-glink256.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\drive-glink32.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\drive-glink48.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\drive-gsheet16.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\drive-gsheet256.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\drive-gsheet32.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\drive-gsheet48.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\drive-gslides16.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\drive-gslides256.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\drive-gslides32.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\drive-gslides48.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\drive-photos-logo.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\drive-sync16.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\drive-sync16.xpm => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\drive-sync256.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\drive-sync32.xpm => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\drive-sync64.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\exclaim.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\file.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\folder-mac.icns => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\folder-winseven.ico => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\folder-winxp.ico => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\folder.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\gdoc.icns => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\gdoc.ico => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\gdraw.icns => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\gdraw.ico => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\gform.icns => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\gform.ico => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\glink.icns => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\glink.ico => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\gnote.icns => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\gnote.ico => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\gscript.icns => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\gscript.ico => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\gsheet.icns => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\gsheet.ico => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\gslides.icns => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\gslides.ico => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\gtable.icns => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\gtable.ico => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\image_resources.py => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\image_resources.pyo => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\mac-animate1-inverse.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\mac-animate1-inverse_2x.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\mac-animate1.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\mac-animate1_2x.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\mac-animate2-inverse.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\mac-animate2-inverse_2x.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\mac-animate2.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\mac-animate2_2x.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\mac-animate3-inverse.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\mac-animate3-inverse_2x.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\mac-animate3.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\mac-animate3_2x.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\mac-animate4-inverse.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\mac-animate4-inverse_2x.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\mac-animate4.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\mac-animate4_2x.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\mac-animate5-inverse.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\mac-animate5-inverse_2x.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\mac-animate5.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\mac-animate5_2x.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\mac-animate6-inverse.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\mac-animate6-inverse_2x.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\mac-animate6.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\mac-animate6_2x.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\mac-animate7-inverse.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\mac-animate7-inverse_2x.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\mac-animate7.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\mac-animate7_2x.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\mac-animate8-inverse.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\mac-animate8-inverse_2x.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\mac-animate8.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\mac-animate8_2x.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\mac-error-inverse.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\mac-error-inverse_2x.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\mac-error.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\mac-error_2x.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\mac-inactive-inverse.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\mac-inactive-inverse_2x.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\mac-inactive.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\mac-inactive_2x.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\mac-normal-inverse.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\mac-normal-inverse_2x.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\mac-normal.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\mac-normal_2x.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\mac-pause-inverse_2x.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\mac-paused-inverse.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\mac-paused-inverse_2x.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\mac-paused.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\mac-paused_2x.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\menu_backups.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\menu_backups_2x.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\menu_check.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\menu_check_2x.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\menu_create.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\menu_create_2x.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\menu_docs_16.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\menu_down-arrow.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\menu_down-arrow_2x.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\menu_drive-logo.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\menu_drive-logo_2x.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\menu_error.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\menu_error_2x.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\menu_file_32.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\menu_folder.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\menu_folder_2x.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\menu_folder_32.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\menu_google-logo-gray.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\menu_google-logo-gray_2x.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\menu_link.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\menu_link_2x.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\menu_settings.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\menu_settings_2x.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\menu_share.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\menu_share_2x.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\menu_sheets_16.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\menu_slides_16.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\menu_sm_warning_red.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\menu_sm_warning_red_2x.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\menu_sm_warning_yellow.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\menu_sm_warning_yellow_2x.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\menu_sync-paused.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\menu_sync.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\menu_sync_2x.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\menu_sync_anim.gif => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\menu_sync_anim_2x.gif => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\menu_sync_anim_grey.gif => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\menu_up-arrow.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\menu_up-arrow_2x.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\menu_warning.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\menu_warning_2x.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\menu_warning_color.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\menu_warning_color_2x.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\menu_web.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\menu_web_2x.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\setup_drive_folder_lin.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\setup_drive_folder_mac.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\setup_drive_folder_win.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\setup_mobile_bottom.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\setup_mobile_right.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\setup_right_click_mac.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\setup_right_click_win.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\setup_taskbar_lin.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\setup_taskbar_mac.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\setup_taskbar_win.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\setup_welcome.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\sharedfolder-mac.icns => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\sharedfolder-winseven.ico => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\sharedfolder-winxp.ico => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\shareguyicon.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\sheets.ico => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\slides.ico => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\sync.icns => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\sync.ico => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\sync.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\sync_128.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\sync_menu_done.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\sync_menu_done_2x.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\sync_menu_error.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\sync_menu_error_2x.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\sync_menu_syncing.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\sync_menu_syncing_2x.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\toprighticon.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\warning-hdpi_2x.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\warning_128.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\warning_256.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\warning_64.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\win-animate1.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\win-animate2.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\win-animate3.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\win-animate4.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\win-animate5.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\win-animate6.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\win-animate7.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\win-animate8.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\win-normal.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\win7-error.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\win7-inactive.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\win7-paused.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\winxp-error.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\winxp-inactive.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\winxp-paused.png => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\__init__.py => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\__init__.pyo => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\overlays\Blacklisted.ico => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\overlays\Shared.ico => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\overlays\Synced.ico => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\images\overlays\Syncing.ico => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\i18n\locale\zh_TW\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\i18n\locale\zh_HK\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\i18n\locale\zh_CN\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\i18n\locale\zh-Hant\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\i18n\locale\zh-Hans\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\i18n\locale\zh\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\i18n\locale\vi\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\i18n\locale\uk\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\i18n\locale\tr\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\i18n\locale\th\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\i18n\locale\te\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\i18n\locale\ta\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\i18n\locale\sv\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\i18n\locale\sr\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\i18n\locale\sl\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\i18n\locale\sk\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\i18n\locale\ru\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\i18n\locale\ro\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\i18n\locale\pt_PT\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\i18n\locale\pt_BR\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\i18n\locale\pt\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\i18n\locale\pl\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\i18n\locale\no\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\i18n\locale\nl\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\i18n\locale\mr\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\i18n\locale\ml\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\i18n\locale\lv\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\i18n\locale\lt\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\i18n\locale\ko\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\i18n\locale\kn\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\i18n\locale\ja\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\i18n\locale\it\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\i18n\locale\id\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\i18n\locale\hu\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\i18n\locale\hr\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\i18n\locale\hi\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\i18n\locale\he\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\i18n\locale\gu\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\i18n\locale\fr\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\i18n\locale\fil\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\i18n\locale\fi\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\i18n\locale\es\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\i18n\locale\en_US\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\i18n\locale\en_GB\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\i18n\locale\en\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\i18n\locale\el\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\i18n\locale\de\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\i18n\locale\da\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\i18n\locale\cs\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\i18n\locale\ca\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\i18n\locale\bn\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\i18n\locale\bg\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\i18n\locale\ar\LC_MESSAGES\syncclient.mo => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\fonts\OpenSans-Light.ttf => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\fonts\Roboto-Bold.ttf => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\fonts\Roboto-Regular.ttf => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\fonts\Roboto-Thin.ttf => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\chrome_ext\apdfllckaahabafndbhieahigkjlhalf_live.crx => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\chrome_ext\com.google.drive.nativeproxy.json.template => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI53282\resources\chrome_ext\nknebiagdodnminbdpflhpkgfpeijdbf_live.crx => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI51042\hashobjs_ext.pyd => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI51042\pyexpat.pyd => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI51042\pysqlite2._sqlite.pyd => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI51042\python27.dll => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI51042\pythoncom27.dll => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI51042\PyWinTypes27.dll => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI51042\select.pyd => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI51042\unicodedata.pyd => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI51042\win32api.pyd => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI51042\win32com.shell.shell.pyd => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI51042\win32crypt.pyd => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI51042\win32event.pyd => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI51042\win32file.pyd => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI51042\win32gui.pyd => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI51042\win32inet.pyd => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI51042\win32pdh.pyd => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI51042\win32pipe.pyd => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI51042\win32process.pyd => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI51042\win32profile.pyd => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI51042\win32security.pyd => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI51042\win32ts.pyd => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI51042\windows._lib_cacheinvalidation.pyd => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI51042\wx._animate.pyd => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI51042\wx._controls_.pyd => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI51042\wx._core_.pyd => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI51042\wx._gdi_.pyd => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI51042\wx._html2.pyd => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI51042\wx._misc_.pyd => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI51042\wx._windows_.pyd => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI51042\wx._wizard.pyd => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI51042\wxbase294u_net_vc90.dll => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI51042\wxbase294u_vc90.dll => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI51042\wxmsw294u_adv_vc90.dll => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI51042\wxmsw294u_core_vc90.dll => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI51042\wxmsw294u_html_vc90.dll => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI51042\wxmsw294u_webview_vc90.dll => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI51042\_ctypes.pyd => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI51042\_elementtree.pyd => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI51042\_hashlib.pyd => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI51042\_multiprocessing.pyd => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI51042\_socket.pyd => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI51042\_ssl.pyd => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI51042\resources\fonts\OpenSans-Light.ttf => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI51042\resources\fonts\Roboto-Bold.ttf => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI51042\resources\fonts\Roboto-Regular.ttf => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\_MEI51042\resources\fonts\Roboto-Thin.ttf => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\msupdate71\dwm.exe => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\msupdate71\libcurl-4.dl1 => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\msupdate71\libiconv-2.dl1 => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\msupdate71\libidn-11.dl1 => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\msupdate71\libintl-8.dl1 => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\msupdate71\libwinpthread-1.dl1 => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\msupdate71\msvcrt.dll => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\msupdate71\proxy.conf => Moved successfully.
C:\Users\Jiří\AppData\Local\Temp\msupdate71\zlib1.dl1 => Moved successfully.
Could not move "C:\Users\Jiří\AppData\Local\Temp" directory. => Scheduled to move on reboot.

C:\ProgramData\Temp => ":66BB1E73" ADS removed successfully.
"C:\Users\Jiří\SkyDrive" => ":ms-properties" ADS not found.

=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-12-26 22:37:16)<=

C:\Users\Jiří\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp76kpw1.lck => Is moved successfully.
C:\Users\Jiří\AppData\Local\Temp => Moved successfully.

==== End of Fixlog 22:37:16 ====

[Rudy]

Smazáno. Nyní by to již mělo být vše.