Prosím o pomoc

Zpráva

nobody · #1 Příspěvek od **nobody** » 17 úno 2015 20:30

Dobrý den,

mám problém s noťasem, seká se mi, je strašně pomalý a když jsem na internetu, vyskakují mi různá blikající okýnka. Nevím co s tím mám dělat. Děkuji

Logfile of random's system information tool 1.10 (written by random/random)
Run by Ludmila at 2015-02-17 20:16:50
Microsoft Windows 8.1 Pro
System drive C: has 188 GB (62%) free of 305 GB
Total RAM: 4063 MB (49% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:16:52, on 17. 2. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17416)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe
C:\Users\Ludmila\AppData\Roaming\Search Protection\SP.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe
C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 8\RealTimeProtector.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Ludmila.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hpp ... 6LECLB67CX
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type ... earchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.omiga-plus.com/?type=hpp ... 6LECLB67CX
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://isearch.omiga-plus.com/web/?type ... earchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://isearch.omiga-plus.com/web/?type ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.omiga-plus.com/?type=hpp ... 6LECLB67CX
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: unniSales - {2fc13d76-b3f3-448f-9c62-291791e40bfc} - C:\Program Files (x86)\unniSales\3acDGrqBtxPH2B.dll
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Browser Extensions - {34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} - C:\Users\Ludmila\AppData\Roaming\BrowserExtensions\Coupons.dll
O2 - BHO: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\XTab\SupTab.dll
O2 - BHO: unoisales - {36f49069-9c4c-442f-972b-c20c8a82b16a} - C:\Program Files (x86)\unoisales\LShme7KbyJ26TI.dll
O2 - BHO: EXstiRaCoupon - {683259eb-ea41-4ae7-99eb-c6cb4ad718a0} - C:\Program Files (x86)\EXstiRaCoupon\ii95AC2WAAOCWz.dll
O2 - BHO: DownSoave - {6cbc9859-091e-49a3-9f61-377a37e5d3fe} - C:\Program Files (x86)\DownSoave\z7KbA44dJtDXY8.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: CoupExittensiion - {88c799ef-d052-48ea-886f-c1cf5db47e04} - C:\Program Files (x86)\CoupExittensiion\kWAGFRVoCEdaAV.dll
O2 - BHO: DigiCoUppono - {8c0ef73b-a419-4321-ae4c-05b31b2f095a} - C:\Program Files (x86)\DigiCoUppono\FFgnjDW1aFKQiH.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Advanced SystemCare Surfing Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPlugin_Protection.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: NeWSavErr - {ee39e7c8-3016-4236-8d7e-ec66f6fc2440} - C:\Program Files (x86)\NeWSavErr\5TwbDKCQsK92sq.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [ADSKAppManager] "C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe" -showminimized -checkautorun
O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
O4 - HKLM\..\Run: [IObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKCU\..\Run: [Search Protection] "C:\Users\Ludmila\AppData\Roaming\Search Protection\SP.EXE" /autostart
O4 - HKCU\..\Run: [Browser Extensions] "C:\Users\Ludmila\AppData\Roaming\BrowserExtensions\BEHelper.exe"
O4 - HKCU\..\Run: [Advanced SystemCare 8] "C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe" /Auto
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE"
O4 - Startup: Zoner Photo Studio 17 Pro Full with License Key.lnk = C:\ProgramData\{bb6ce422-9c71-9bbf-bb6c-ce4229c7908a}\Zoner Photo Studio 17 Pro Full with License Key.exe
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105
O9 - Extra button: Odeslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Autodesk Application Manager Service (AdAppMgrSvc) - Autodesk Inc. - C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Advanced SystemCare Service 8 (AdvancedSystemCareService8) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IHProtect Service - XTab system - C:\Program Files (x86)\XTab\ProtectService.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: WindowsMangerProtect Service (WindowsMangerProtect) - Fuyu LIMITED - C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12806 bytes

======Listing Processes======

wininit.exe

C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe -service
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe"
"C:\Windows\system32\rundll32.exe" "c:\Program Files (x86)\libraryproc\libraryproc.dll",serv
"C:\Windows\system32\rundll32.exe" "c:\Program Files (x86)\libraryproc\libraryproc.dll",serv
"C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe"
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
"C:\Windows\system32\rundll32.exe" "c:\Program Files (x86)\terminusdefender\terminusdefender.dll",serv
"C:\Windows\system32\rundll32.exe" "c:\Program Files (x86)\terminusdefender\terminusdefender.dll",serv
dashost.exe {a082ef9e-96cf-46d0-8bfd9902c1e5ab7c}
"C:\Program Files (x86)\XTab\ProtectService.exe"
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
"C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe"
C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\Windows\system32\SearchIndexer.exe /Embedding

C:\Windows\System32\WinLogon.exe -SpecialSession
-hiberboot
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
taskhostex.exe
"C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe" /Task
C:\Windows\Explorer.EXE
"C:\Users\Ludmila\AppData\Roaming\Search Protection\SP.exe" /autostart
"C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe" /Auto
"C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /systemstart /autostart
"C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe"
"C:\Program Files (x86)\IObit\Advanced SystemCare 8\RealTimeProtector.exe" /RunCurUs
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" -mode=scheduled
"C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFTips.exe" /starttips
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3652.0.145432041\1582893279" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,18,39 --gpu-vendor-id=0x1002 --gpu-device-id=0x95c2 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=8.97.10.6 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Bootstrap/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/Dev_NonMonotonicity_Experiment/PasswordGeneration/Enabled/QUIC/EnabledNewRTO/RememberCertificateErrorDecisions/Default/SPDY/Control/SRTPromptFieldTrial/On/SafeBrowsingIncidentReportingService/Enabled/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_15/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="3652.3.1687360796\7700191" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Bootstrap/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/Dev_NonMonotonicity_Experiment/PasswordGeneration/Enabled/QUIC/EnabledNewRTO/RememberCertificateErrorDecisions/Default/SPDY/Control/SRTPromptFieldTrial/On/SafeBrowsingIncidentReportingService/Enabled/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_15/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="3652.4.497998299\2068613100" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Bootstrap/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/Dev_NonMonotonicity_Experiment/PasswordGeneration/Enabled/QUIC/EnabledNewRTO/RememberCertificateErrorDecisions/Default/SPDY/Control/SRTPromptFieldTrial/On/SafeBrowsingIncidentReportingService/Enabled/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_15/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="3652.5.88253450\1013153905" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Bootstrap/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/Dev_NonMonotonicity_Experiment/PasswordGeneration/Enabled/QUIC/EnabledNewRTO/RememberCertificateErrorDecisions/Default/SPDY/Control/SRTPromptFieldTrial/On/SafeBrowsingIncidentReportingService/Enabled/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_15/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="3652.6.1974413910\596643292" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Bootstrap/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/Dev_NonMonotonicity_Experiment/PasswordGeneration/Enabled/QUIC/EnabledNewRTO/RememberCertificateErrorDecisions/Default/SPDY/Control/SRTPromptFieldTrial/On/SafeBrowsingIncidentReportingService/Enabled/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_15/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="3652.7.2079518127\1275371451" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Bootstrap/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/Dev_NonMonotonicity_Experiment/PasswordGeneration/Enabled/QUIC/EnabledNewRTO/RememberCertificateErrorDecisions/Default/SPDY/Control/SRTPromptFieldTrial/On/SafeBrowsingIncidentReportingService/Enabled/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_15/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="3652.8.439552920\1246939970" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Bootstrap/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/Dev_NonMonotonicity_Experiment/PasswordGeneration/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/QUIC/EnabledNewRTO/RememberCertificateErrorDecisions/Default/SPDY/Control/SRTPromptFieldTrial/On/SafeBrowsingIncidentReportingService/Enabled/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_15/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="3652.11.353880850\110870221" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="3652.12.1555101293\1892157486" --ppapi-flash-args=enable_hw_video_decode=1 --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe"

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Bootstrap/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/Dev_NonMonotonicity_Experiment/PasswordGeneration/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/QUIC/EnabledNewRTO/RememberCertificateErrorDecisions/Default/SHA1ToolbarUIJune2016/Warning/SPDY/Control/SRTPromptFieldTrial/On/SafeBrowsingIncidentReportingService/Enabled/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_15/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="3652.24.698124734\986836716" /prefetch:673131151
"C:\Program Files\Windows Defender\MpCmdRun.exe" SpyNetService -RestrictPrivileges -AccessKey 5ACFC7EF-07C5-D730-2A14-9C9E58950318 -Reinvoke
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe11_ Global\UsGthrCtrlFltPipeMssGthrPipe11 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 580 584 592 65536 588
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --test-type --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group1 dev:pp6 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Bootstrap/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/Dev_NonMonotonicity_Experiment/PasswordGeneration/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/QUIC/EnabledNewRTO/RememberCertificateErrorDecisions/Default/SHA1ToolbarUIJune2016/Warning/SPDY/Control/SRTPromptFieldTrial/On/SafeBrowsingIncidentReportingService/Enabled/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_15/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --extensions-on-chrome-urls --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="3652.25.1584005921\1091970015" /prefetch:673131151
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Ludmila\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\ASC8_SkipUac_Ludmila.job - C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe /SkipUac
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\Uninstaller_SkipUac_Administrator.job - C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe /UninstallExplorer
C:\Windows\tasks\Uninstaller_SkipUac_Ludmila.job - C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe /UninstallExplorer

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2015-02-06 2471744]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1c6c33e2-1352-4504-a07b-50f096a6295a}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2fc13d76-b3f3-448f-9c62-291791e40bfc}]
unniSales - C:\Program Files (x86)\unniSales\3acDGrqBtxPH2B.x64.dll [2015-01-28 699904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-01-21 218776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}]
Browser Extensions - C:\Users\Ludmila\AppData\Roaming\BrowserExtensions\Coupons64.dll [2014-12-08 729552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{36f49069-9c4c-442f-972b-c20c8a82b16a}]
unoisales - C:\Program Files (x86)\unoisales\LShme7KbyJ26TI.x64.dll [2015-01-28 699904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{683259eb-ea41-4ae7-99eb-c6cb4ad718a0}]
EXstiRaCoupon - C:\Program Files (x86)\EXstiRaCoupon\ii95AC2WAAOCWz.x64.dll [2015-02-05 708096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6cbc9859-091e-49a3-9f61-377a37e5d3fe}]
DownSoave - C:\Program Files (x86)\DownSoave\z7KbA44dJtDXY8.x64.dll [2015-02-06 708096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{88c799ef-d052-48ea-886f-c1cf5db47e04}]
CoupExittensiion - C:\Program Files (x86)\CoupExittensiion\kWAGFRVoCEdaAV.x64.dll [2015-02-05 708096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8c0ef73b-a419-4321-ae4c-05b31b2f095a}]
DigiCoUppono - C:\Program Files (x86)\DigiCoUppono\FFgnjDW1aFKQiH.x64.dll [2015-02-15 703488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14 2117216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL [2015-01-21 2334928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ee39e7c8-3016-4236-8d7e-ec66f6fc2440}]
NeWSavErr - C:\Program Files (x86)\NeWSavErr\5TwbDKCQsK92sq.x64.dll [2015-02-15 703488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f9199a96-0230-4c91-baf5-913a3b26973e}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2fc13d76-b3f3-448f-9c62-291791e40bfc}]
unniSales - C:\Program Files (x86)\unniSales\3acDGrqBtxPH2B.dll [2015-01-28 561664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2014-11-12 153248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}]
Browser Extensions - C:\Users\Ludmila\AppData\Roaming\BrowserExtensions\Coupons.dll [2014-12-08 608720]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
IETabPage Class - C:\Program Files (x86)\XTab\SupTab.dll [2014-12-29 513680]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{36f49069-9c4c-442f-972b-c20c8a82b16a}]
unoisales - C:\Program Files (x86)\unoisales\LShme7KbyJ26TI.dll [2015-01-28 561664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{683259eb-ea41-4ae7-99eb-c6cb4ad718a0}]
EXstiRaCoupon - C:\Program Files (x86)\EXstiRaCoupon\ii95AC2WAAOCWz.dll [2015-02-05 564736]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6cbc9859-091e-49a3-9f61-377a37e5d3fe}]
DownSoave - C:\Program Files (x86)\DownSoave\z7KbA44dJtDXY8.dll [2015-02-06 564736]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2015-01-05 462752]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{88c799ef-d052-48ea-886f-c1cf5db47e04}]
CoupExittensiion - C:\Program Files (x86)\CoupExittensiion\kWAGFRVoCEdaAV.dll [2015-02-05 564736]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8c0ef73b-a419-4321-ae4c-05b31b2f095a}]
DigiCoUppono - C:\Program Files (x86)\DigiCoUppono\FFgnjDW1aFKQiH.dll [2015-02-15 565248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14 1709152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]
Advanced SystemCare Surfing Protection - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPlugin_Protection.dll [2014-10-17 669984]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2015-01-21 1729744]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2015-01-05 171424]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ee39e7c8-3016-4236-8d7e-ec66f6fc2440}]
NeWSavErr - C:\Program Files (x86)\NeWSavErr\5TwbDKCQsK92sq.dll [2015-02-15 565248]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2010-03-25 2726728]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-09-19 557768]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Search Protection"=C:\Users\Ludmila\AppData\Roaming\Search Protection\SP.EXE [2015-01-16 1128760]
"Browser Extensions"=C:\Users\Ludmila\AppData\Roaming\BrowserExtensions\BEHelper.exe [2014-12-08 965584]
"Advanced SystemCare 8"=C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe [2015-01-20 2428704]
"Zoner Photo Studio Autoupdate"=C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE [2014-12-19 458456]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19 1022152]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-10-11 59280]
"ADSKAppManager"=C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [2014-12-05 493960]
"CanonSolutionMenuEx"=C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [2010-04-02 1185112]
"IObit Malware Fighter"=C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [2015-01-27 5768480]
"Adobe Creative Cloud"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2015-01-07 2694320]

C:\Users\Ludmila\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Zoner Photo Studio 17 Pro Full with License Key.lnk - C:\ProgramData\{bb6ce422-9c71-9bbf-bb6c-ce4229c7908a}\Zoner Photo Studio 17 Pro Full with License Key.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StartMenuService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\str]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw64.dll
"VIDC.XVID"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-02-17 20:15:19 ----D---- C:\rsit
2015-02-17 20:15:19 ----D---- C:\Program Files\trend micro
2015-02-16 06:38:09 ----D---- C:\Program Files\Zoner
2015-02-15 13:47:24 ----D---- C:\Program Files (x86)\EExstRRaCuoupon
2015-02-15 13:45:14 ----D---- C:\Program Files (x86)\NeWSavErr
2015-02-15 13:44:54 ----D---- C:\Program Files (x86)\AllSaaver
2015-02-15 13:44:43 ----D---- C:\Program Files (x86)\One Number
2015-02-15 13:42:41 ----D---- C:\Program Files (x86)\DigiCoUppono
2015-02-15 13:42:26 ----D---- C:\Program Files (x86)\50CoUpons
2015-02-13 20:50:17 ----D---- C:\ProgramData\Extreme Blocker
2015-02-13 20:32:29 ----D---- C:\Program Files (x86)\TerminusDefender
2015-02-11 14:47:56 ----SHD---- C:\Config.Msi
2015-02-10 22:50:54 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-02-10 22:50:54 ----A---- C:\Windows\SYSWOW64\scesrv.dll
2015-02-10 22:50:54 ----A---- C:\Windows\system32\schannel.dll
2015-02-10 22:50:54 ----A---- C:\Windows\system32\scesrv.dll
2015-02-10 22:50:54 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-02-10 22:50:53 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2015-02-10 22:50:53 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-02-10 22:50:53 ----A---- C:\Windows\system32\WindowsCodecs.dll
2015-02-10 22:50:53 ----A---- C:\Windows\system32\ntdll.dll
2015-02-10 22:50:50 ----A---- C:\Windows\system32\drivers\cng.sys
2015-02-10 22:50:49 ----A---- C:\Windows\SYSWOW64\certcli.dll
2015-02-10 22:50:49 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-02-10 22:50:49 ----A---- C:\Windows\system32\certcli.dll
2015-02-10 22:50:46 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2015-02-10 22:50:46 ----A---- C:\Windows\system32\oleaut32.dll
2015-02-10 22:50:40 ----A---- C:\Windows\system32\mshtml.dll
2015-02-10 22:50:35 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-02-10 22:50:30 ----A---- C:\Windows\system32\ieframe.dll
2015-02-10 22:50:28 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-02-10 22:50:27 ----A---- C:\Windows\system32\jscript9.dll
2015-02-10 22:50:26 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-02-10 22:50:26 ----A---- C:\Windows\system32\iertutil.dll
2015-02-10 22:50:25 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-02-10 22:50:25 ----A---- C:\Windows\system32\jscript.dll
2015-02-10 22:50:24 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-02-10 22:50:24 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-02-10 22:50:24 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-02-10 22:50:24 ----A---- C:\Windows\system32\wininet.dll
2015-02-10 22:50:24 ----A---- C:\Windows\system32\vbscript.dll
2015-02-10 22:50:23 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-02-10 22:50:22 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-02-10 22:50:22 ----A---- C:\Windows\system32\msfeeds.dll
2015-02-10 22:50:21 ----A---- C:\Windows\system32\dxtmsft.dll
2015-02-10 22:50:20 ----D---- C:\Program Files (x86)\LibraryProc
2015-02-10 22:50:20 ----A---- C:\Windows\system32\iedkcs32.dll
2015-02-10 22:50:19 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-02-10 22:50:18 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-02-10 22:50:18 ----A---- C:\Windows\system32\ie4uinit.exe
2015-02-10 22:50:16 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-02-10 22:50:16 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-02-10 22:50:16 ----A---- C:\Windows\system32\webcheck.dll
2015-02-10 22:50:15 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2015-02-10 22:50:15 ----A---- C:\Windows\system32\urlmon.dll
2015-02-10 22:50:15 ----A---- C:\Windows\system32\actxprxy.dll
2015-02-10 22:50:14 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2015-02-10 22:50:14 ----A---- C:\Windows\system32\mshtmled.dll
2015-02-10 22:50:14 ----A---- C:\Windows\system32\inetcomm.dll
2015-02-10 22:50:12 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2015-02-10 22:50:12 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-02-10 22:50:12 ----A---- C:\Windows\system32\ieapfltr.dll
2015-02-10 22:49:30 ----A---- C:\Windows\system32\sppobjs.dll
2015-02-10 22:48:59 ----A---- C:\Windows\system32\generaltel.dll
2015-02-10 22:48:59 ----A---- C:\Windows\system32\appraiser.dll
2015-02-10 22:48:59 ----A---- C:\Windows\system32\aeinv.dll
2015-02-10 22:48:58 ----A---- C:\Windows\system32\invagent.dll
2015-02-10 22:48:58 ----A---- C:\Windows\system32\devinv.dll
2015-02-10 22:48:51 ----A---- C:\Windows\system32\aepdu.dll
2015-02-10 22:48:44 ----A---- C:\Windows\system32\win32k.sys
2015-02-06 21:13:38 ----D---- C:\Program Files\Realtek
2015-02-06 21:13:37 ----D---- C:\Windows\SYSWOW64\RTCOM
2015-02-06 21:11:55 ----A---- C:\Windows\system32\YamahaAE.dll
2015-02-06 21:11:55 ----A---- C:\Windows\system32\WavesGUILib64.dll
2015-02-06 21:11:54 ----A---- C:\Windows\system32\tossaeapo64.dll
2015-02-06 21:11:54 ----A---- C:\Windows\system32\toseaeapo64.dll
2015-02-06 21:11:54 ----A---- C:\Windows\system32\tosasfapo64.dll
2015-02-06 21:11:53 ----A---- C:\Windows\system32\tosade.dll
2015-02-06 21:11:53 ----A---- C:\Windows\system32\tepeqapo64.dll
2015-02-06 21:11:53 ----A---- C:\Windows\system32\tadefxapo264.dll
2015-02-06 21:11:53 ----A---- C:\Windows\system32\tadefxapo.dll
2015-02-06 21:11:53 ----A---- C:\Windows\system32\SRSWOW64.dll
2015-02-06 21:11:53 ----A---- C:\Windows\system32\SRSTSX64.dll
2015-02-06 21:11:53 ----A---- C:\Windows\system32\SRSTSH64.dll
2015-02-06 21:11:53 ----A---- C:\Windows\system32\SRSHP64.dll
2015-02-06 21:11:52 ----A---- C:\Windows\SYSWOW64\SRCOM.dll
2015-02-06 21:11:52 ----A---- C:\Windows\system32\SRRPTR64.dll
2015-02-06 21:11:52 ----A---- C:\Windows\system32\SRCOM64.dll
2015-02-06 21:11:52 ----A---- C:\Windows\system32\SRCOM.dll
2015-02-06 21:11:52 ----A---- C:\Windows\system32\SRAPO64.dll
2015-02-06 21:11:51 ----A---- C:\Windows\system32\sltech64.dll
2015-02-06 21:11:51 ----A---- C:\Windows\system32\slprp64.dll
2015-02-06 21:11:51 ----A---- C:\Windows\system32\slcnt64.dll
2015-02-06 21:11:50 ----A---- C:\Windows\system32\sl3apo64.dll
2015-02-06 21:11:50 ----A---- C:\Windows\system32\SFSS_APO.dll
2015-02-06 21:11:49 ----A---- C:\Windows\system32\SFNHK64.dll
2015-02-06 21:11:49 ----A---- C:\Windows\system32\SFCOM64.dll
2015-02-06 21:11:48 ----A---- C:\Windows\SYSWOW64\SFCOM.dll
2015-02-06 21:11:48 ----A---- C:\Windows\system32\SFAPO64.dll
2015-02-06 21:11:48 ----A---- C:\Windows\system32\drivers\rtvienna.dat
2015-02-06 21:11:47 ----A---- C:\Windows\system32\RtPgEx64.dll
2015-02-06 21:11:45 ----A---- C:\Windows\system32\RtlCPAPI64.dll
2015-02-06 21:11:43 ----A---- C:\Windows\system32\drivers\RTKVHD64.sys
2015-02-06 21:11:42 ----A---- C:\Windows\system32\RtkCoLDR64.dll
2015-02-06 21:11:42 ----A---- C:\Windows\system32\RtkCfg64.dll
2015-02-06 21:11:41 ----A---- C:\Windows\system32\RtkApi64.dll
2015-02-06 21:11:41 ----A---- C:\Windows\system32\RTEEP64A.dll
2015-02-06 21:11:41 ----A---- C:\Windows\system32\RTEEL64A.dll
2015-02-06 21:11:41 ----A---- C:\Windows\system32\RTEEG64A.dll
2015-02-06 21:11:41 ----A---- C:\Windows\system32\RTEED64A.dll
2015-02-06 21:11:41 ----A---- C:\Windows\system32\RtDataProc64.dll
2015-02-06 21:11:39 ----A---- C:\Windows\system32\RTCOM64.dll
2015-02-06 21:11:39 ----A---- C:\Windows\system32\RP3DHT64.dll
2015-02-06 21:11:39 ----A---- C:\Windows\system32\RP3DAA64.dll
2015-02-06 21:11:39 ----A---- C:\Windows\system32\drivers\RTAIODAT.DAT
2015-02-06 21:11:38 ----A---- C:\Windows\system32\RltkAPO64.dll
2015-02-06 21:11:38 ----A---- C:\Windows\system32\RCoRes64.dat
2015-02-06 21:11:37 ----A---- C:\Windows\system32\RCoInstII64.dll
2015-02-06 21:11:36 ----A---- C:\Windows\system32\R4EEP64A.dll
2015-02-06 21:11:36 ----A---- C:\Windows\system32\R4EEL64A.dll
2015-02-06 21:11:36 ----A---- C:\Windows\system32\R4EEG64A.dll
2015-02-06 21:11:35 ----A---- C:\Windows\system32\R4EED64A.dll
2015-02-06 21:11:35 ----A---- C:\Windows\system32\R4EEA64A.dll
2015-02-06 21:11:35 ----A---- C:\Windows\system32\NahimicAPONSControl.dll
2015-02-06 21:11:34 ----A---- C:\Windows\system32\NAHIMICAPOlfx.dll
2015-02-06 21:11:34 ----A---- C:\Windows\system32\MISS_APO.dll
2015-02-06 21:11:32 ----A---- C:\Windows\system32\MaxxVolumeSDAPO.dll
2015-02-06 21:11:30 ----A---- C:\Windows\system32\MaxxVoiceAPO3064.dll
2015-02-06 21:11:30 ----A---- C:\Windows\system32\MaxxVoiceAPO2064.dll
2015-02-06 21:11:30 ----A---- C:\Windows\system32\MaxxSpeechAPO64.dll
2015-02-06 21:11:29 ----A---- C:\Windows\system32\MaxxAudioRealtek64.dll
2015-02-06 21:11:28 ----A---- C:\Windows\system32\MaxxAudioEQ64.dll
2015-02-06 21:11:28 ----A---- C:\Windows\system32\MaxxAudioAPOShell64.dll
2015-02-06 21:11:28 ----A---- C:\Windows\system32\MaxxAudioAPO6064.dll
2015-02-06 21:11:28 ----A---- C:\Windows\system32\MaxxAudioAPO5064.dll
2015-02-06 21:11:28 ----A---- C:\Windows\system32\MaxxAudioAPO4064.dll
2015-02-06 21:11:27 ----A---- C:\Windows\system32\MaxxAudioAPO30.dll
2015-02-06 21:11:27 ----A---- C:\Windows\system32\MaxxAudioAPO20.dll
2015-02-06 21:11:27 ----A---- C:\Windows\system32\KAAPORT64.dll
2015-02-06 21:11:27 ----A---- C:\Windows\system32\ICEsoundAPO64.dll
2015-02-06 21:11:25 ----A---- C:\Windows\system32\FMAPO64.dll
2015-02-06 21:11:25 ----A---- C:\Windows\system32\DTSVoiceClarityDLL64.dll
2015-02-06 21:11:25 ----A---- C:\Windows\system32\DTSU2PREC64.dll
2015-02-06 21:11:25 ----A---- C:\Windows\system32\DTSU2PLFX64.dll
2015-02-06 21:11:24 ----A---- C:\Windows\system32\DTSU2PGFX64.dll
2015-02-06 21:11:24 ----A---- C:\Windows\system32\DTSSymmetryDLL64.dll
2015-02-06 21:11:24 ----A---- C:\Windows\system32\DTSS2SpeakerDLL64.dll
2015-02-06 21:11:24 ----A---- C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2015-02-06 21:11:24 ----A---- C:\Windows\system32\DTSNeoPCDLL64.dll
2015-02-06 21:11:23 ----A---- C:\Windows\system32\DTSLimiterDLL64.dll
2015-02-06 21:11:23 ----A---- C:\Windows\system32\DTSLFXAPO64.dll
2015-02-06 21:11:23 ----A---- C:\Windows\system32\DTSGFXAPONS64.dll
2015-02-06 21:11:23 ----A---- C:\Windows\system32\DTSGFXAPO64.dll
2015-02-06 21:11:23 ----A---- C:\Windows\system32\DTSGainCompensatorDLL64.dll
2015-02-06 21:11:23 ----A---- C:\Windows\system32\DTSBoostDLL64.dll
2015-02-06 21:11:23 ----A---- C:\Windows\system32\DTSBassEnhancementDLL64.dll
2015-02-06 21:11:23 ----A---- C:\Windows\system32\DDPP64A.dll
2015-02-06 21:11:23 ----A---- C:\Windows\system32\DDPO64A.dll
2015-02-06 21:11:23 ----A---- C:\Windows\system32\DDPD64A.dll
2015-02-06 21:11:23 ----A---- C:\Windows\system32\DDPA64.dll
2015-02-06 21:11:22 ----A---- C:\Windows\system32\CX64APO.dll
2015-02-06 21:11:22 ----A---- C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2015-02-06 21:11:22 ----A---- C:\Windows\system32\audioLibVc.dll
2015-02-06 21:11:21 ----A---- C:\Windows\system32\AERTAR64.dll
2015-02-06 21:11:21 ----A---- C:\Windows\system32\AERTAC64.dll
2015-02-06 21:11:21 ----A---- C:\Windows\system32\AcpiServiceVnA64.dll
2015-02-06 21:10:26 ----A---- C:\Windows\system32\SmartDefragBootTime.exe
2015-02-06 21:10:24 ----A---- C:\Windows\system32\IObitSmartDefragExtension.dll
2015-02-06 21:10:13 ----A---- C:\Windows\system32\IObitSmartDefragExtension.dll20150206211024.dll
2015-02-06 21:07:38 ----D---- C:\ProgramData\a98cacfa00005776
2015-02-06 21:01:25 ----D---- C:\Program Files\Synaptics
2015-02-06 21:01:14 ----A---- C:\Windows\system32\WdfCoInstaller01011.dll
2015-02-06 21:00:55 ----A---- C:\Windows\system32\drivers\Smb_driver_Intel.sys
2015-02-06 20:53:59 ----D---- C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0}
2015-02-06 18:07:59 ----D---- C:\Program Files (x86)\BeStSeaveFoarYou
2015-02-06 18:07:48 ----D---- C:\Program Files (x86)\DownSoave
2015-02-06 18:07:26 ----D---- C:\Program Files (x86)\Scroll Button
2015-02-06 17:20:08 ----D---- C:\Program Files (x86)\Remote Torrent Adder
2015-02-06 17:18:45 ----D---- C:\Program Files (x86)\DEAlExpResS
2015-02-06 17:17:20 ----D---- C:\ProgramData\nkbfdlbjlnhgchfeajggocjpkfnbghno
2015-02-05 20:01:19 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-02-05 19:01:36 ----D---- C:\Program Files (x86)\CoupExittensiion
2015-02-05 19:01:17 ----D---- C:\Program Files (x86)\EXstiRaCoupon
2015-02-04 23:20:44 ----D---- C:\Program Files (x86)\GReautSavE4U
2015-02-03 22:39:25 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2015-02-03 21:30:59 ----D---- C:\Program Files\Adobe
2015-02-03 21:23:44 ----D---- C:\Program Files\Common Files\Adobe
2015-02-03 19:01:19 ----D---- C:\output
2015-02-01 10:54:40 ----D---- C:\Users\Ludmila\AppData\Roaming\Skype
2015-02-01 10:54:00 ----RD---- C:\Program Files (x86)\Skype
2015-02-01 10:53:39 ----D---- C:\ProgramData\Skype
2015-02-01 04:38:11 ----D---- C:\Users\Ludmila\AppData\Roaming\IRender
2015-02-01 04:35:47 ----D---- C:\Users\Ludmila\AppData\Roaming\Render Plus Systems
2015-02-01 04:35:47 ----D---- C:\ProgramData\Render Plus Systems
2015-02-01 04:35:46 ----D---- C:\Users\Ludmila\AppData\Roaming\SunScape
2015-02-01 04:35:46 ----D---- C:\Users\Ludmila\AppData\Roaming\RPS
2015-02-01 04:31:15 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2015-02-01 04:30:13 ----D---- C:\Program Files (x86)\Render Plus Systems
2015-01-28 17:06:55 ----D---- C:\Users\Ludmila\AppData\Roaming\Zoner
2015-01-28 17:06:51 ----D---- C:\ProgramData\Zoner
2015-01-28 16:59:49 ----D---- C:\Program Files (x86)\unoisales
2015-01-28 16:59:33 ----D---- C:\ProgramData\jhlfkcpeaanbdfjnlpgknjcimdkjfpmh
2015-01-28 16:58:42 ----D---- C:\ProgramData\{bb6ce422-9c71-9bbf-bb6c-ce4229c7908a}
2015-01-28 16:56:59 ----D---- C:\Program Files (x86)\Voicify
2015-01-28 16:55:54 ----D---- C:\Program Files (x86)\unniSales
2015-01-28 16:55:26 ----D---- C:\ProgramData\12883306088122721519
2015-01-28 16:55:22 ----D---- C:\Program Files (x86)\unisaales
2015-01-28 16:54:37 ----D---- C:\ProgramData\bloofafkbjahbhdoikkecknijjmobeoj
2015-01-28 16:53:48 ----D---- C:\ProgramData\{ed35e8ae-d3a5-cde0-ed35-5e8aed3aa2bb}
2015-01-27 05:53:25 ----D---- C:\Users\Ludmila\AppData\Roaming\pdfforge
2015-01-27 05:53:21 ----A---- C:\Windows\system32\pdfcmon.dll
2015-01-27 05:53:19 ----D---- C:\Program Files\PDFCreator
2015-01-26 15:21:04 ----HD---- C:\ProgramData\CanonIJSolutionMenuEX
2015-01-26 15:20:59 ----HD---- C:\ProgramData\CanonIJEPPEX2
2015-01-26 15:20:59 ----HD---- C:\ProgramData\CanonEPP
2015-01-26 15:20:58 ----HD---- C:\ProgramData\CanonIJMyPrinter
2015-01-26 15:20:51 ----D---- C:\ProgramData\CanonIJPLM
2015-01-26 15:18:37 ----A---- C:\Windows\SYSWOW64\CNC280U.dll
2015-01-26 15:18:36 ----A---- C:\Windows\system32\CNC280I.dll
2015-01-26 15:18:36 ----A---- C:\Windows\system32\CNC280C.dll
2015-01-26 15:15:49 ----D---- C:\ProgramData\CanonIJMSetup
2015-01-26 15:14:24 ----D---- C:\Program Files\Common Files\CANON
2015-01-26 15:14:16 ----D---- C:\ProgramData\CanonIJWSpt
2015-01-26 15:12:15 ----D---- C:\Program Files\Canon
2015-01-26 15:11:16 ----HD---- C:\ProgramData\CanonBJ
2015-01-26 15:11:01 ----HD---- C:\Windows\system32\CanonIJ Uninstaller Information
2015-01-26 15:10:55 ----A---- C:\Windows\SYSWOW64\CNHMCA.dll
2015-01-26 15:10:55 ----A---- C:\Windows\SYSWOW64\CNC280L.dll
2015-01-26 15:10:55 ----A---- C:\Windows\system32\CNC280L.dll
2015-01-26 15:10:54 ----A---- C:\Windows\system32\CNHMCA6.dll
2015-01-26 15:10:34 ----A---- C:\Windows\system32\CNMLMAA.DLL
2015-01-26 15:10:28 ----A---- C:\Windows\system32\CNC280O.dll
2015-01-26 15:10:22 ----A---- C:\Windows\system32\CNMIUAA.DLL
2015-01-26 15:10:07 ----HD---- C:\Program Files\CanonBJ
2015-01-26 15:08:32 ----D---- C:\Program Files (x86)\Canon

======List of files/folders modified in the last 1 month======

2015-02-17 20:16:08 ----D---- C:\Windows\Prefetch
2015-02-17 20:15:19 ----RD---- C:\Program Files
2015-02-17 20:00:00 ----D---- C:\Windows\system32\sru
2015-02-17 19:51:09 ----D---- C:\Windows\system32\config
2015-02-17 19:47:37 ----D---- C:\Windows\Temp
2015-02-17 19:47:37 ----D---- C:\Windows\AppReadiness
2015-02-17 19:40:41 ----RD---- C:\Windows\System32
2015-02-17 19:40:41 ----D---- C:\Windows\Inf
2015-02-17 19:40:41 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-02-17 10:30:29 ----D---- C:\Windows\CbsTemp
2015-02-17 10:30:27 ----D---- C:\Windows\system32\catroot2
2015-02-17 10:30:21 ----D---- C:\Windows\WinSxS
2015-02-16 14:18:11 ----D---- C:\Windows\Microsoft.NET
2015-02-16 14:04:44 ----D---- C:\Windows\rescache
2015-02-16 14:02:47 ----D---- C:\Windows\debug
2015-02-16 13:51:53 ----D---- C:\Windows
2015-02-16 11:07:25 ----D---- C:\Windows\system32\Tasks
2015-02-16 11:07:24 ----D---- C:\Windows\Tasks
2015-02-16 11:07:08 ----D---- C:\Users\Ludmila\AppData\Roaming\ProductData
2015-02-16 10:55:27 ----D---- C:\Windows\SysWOW64
2015-02-16 10:55:26 ----D---- C:\Windows\system32\drivers
2015-02-15 22:48:50 ----RD---- C:\Windows\assembly
2015-02-15 15:52:01 ----SHD---- C:\System Volume Information
2015-02-15 14:18:14 ----D---- C:\Windows\SoftwareDistribution
2015-02-15 13:47:24 ----RD---- C:\Program Files (x86)
2015-02-15 13:31:51 ----HD---- C:\ProgramData
2015-02-15 13:27:10 ----D---- C:\Program Files (x86)\IObit
2015-02-15 13:26:30 ----SHD---- C:\Windows\Installer
2015-02-15 13:20:24 ----D---- C:\ProgramData\Microsoft Help
2015-02-13 21:15:25 ----D---- C:\Users\Ludmila\AppData\Roaming\IObit
2015-02-11 14:34:16 ----D---- C:\Windows\system32\MRT
2015-02-11 14:24:25 ----A---- C:\Windows\system32\MRT.exe
2015-02-11 14:21:42 ----A---- C:\Windows\win.ini
2015-02-11 14:16:02 ----SD---- C:\Windows\system32\CompatTel
2015-02-11 14:16:01 ----D---- C:\Windows\system32\appraiser
2015-02-11 13:19:26 ----HD---- C:\Program Files\WindowsApps
2015-02-11 04:46:32 ----D---- C:\Windows\system32\wdi
2015-02-10 22:13:04 ----D---- C:\ProgramData\ProductData
2015-02-07 01:03:23 ----D---- C:\Windows\system32\NDF
2015-02-06 21:53:26 ----D---- C:\Windows\system32\catroot
2015-02-06 21:13:28 ----D---- C:\Windows\system32\DriverStore
2015-02-06 20:53:47 ----D---- C:\Program Files (x86)\Common Files
2015-02-06 20:50:46 ----D---- C:\ProgramData\IObit
2015-02-03 23:35:02 ----D---- C:\Users\Ludmila\AppData\Roaming\Adobe
2015-02-03 22:09:42 ----D---- C:\Program Files (x86)\Adobe
2015-02-03 21:23:44 ----D---- C:\Program Files\Common Files
2015-02-03 21:22:47 ----D---- C:\ProgramData\Adobe
2015-02-03 20:32:44 ----D---- C:\ProgramData\Package Cache
2015-02-01 04:18:45 ----D---- C:\Users\Ludmila\AppData\Roaming\Abvent_Artlantis5
2015-02-01 03:56:28 ----D---- C:\Program Files\Artlantis Studio 5
2015-01-27 05:41:56 ----D---- C:\Windows\system32\FxsTmp
2015-01-26 15:16:50 ----RSD---- C:\Windows\Media
2015-01-26 15:16:47 ----D---- C:\Windows\twain_32
2015-01-22 00:36:15 ----RD---- C:\Windows\ToastData
2015-01-22 00:36:09 ----D---- C:\Windows\SYSWOW64\setup
2015-01-22 00:36:09 ----D---- C:\Windows\system32\setup
2015-01-22 00:36:09 ----D---- C:\Windows\system32\en-US
2015-01-22 00:36:09 ----D---- C:\Windows\system32\cs-CZ
2015-01-22 00:36:08 ----D---- C:\Windows\apppatch
2015-01-22 00:36:02 ----RD---- C:\Windows\ImmersiveControlPanel
2015-01-22 00:36:01 ----D---- C:\Windows\system32\wbem

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 Wof;Windows Overlay File System Filter Driver; C:\Windows\system32\drivers\Wof.sys [2014-03-13 157016]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2015-01-05 26528]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-06-19 11926016]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-06-19 360448]
R3 FileMonitor;FileMonitor; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2014-11-10 23048]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2015-02-06 4263128]
R3 NETwNs64;@netwns64.inf,___ %NIC_Service_DispName_WIN7_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETwNs64.sys [2013-06-18 8604672]
R3 RegFilter;RegFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [2014-11-10 34848]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2015-02-06 31472]
R3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2013-06-18 292864]
R3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2013-06-18 1485312]
R3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2013-06-18 740864]
R3 UrlFilter;UrlFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [2014-11-10 23016]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2015-01-17 212736]
S3 dg_ssudbus;@oem4.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 ssudmdm;@oem5.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2015-01-17 44544]
S3 WinDivert1.1;WinDivert1.1; \??\C:\Program Files\KMSpico\WinDivert.sys [2015-01-05 35376]
S3 WinUsb;@wpdmtp.inf,%WinUsb.SvcDesc%;WinUsb; C:\Windows\System32\drivers\WinUsb.sys [2013-08-22 78848]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdAppMgrSvc;Autodesk Application Manager Service; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [2014-12-05 599944]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-03 81088]
R2 AdvancedSystemCareService8;Advanced SystemCare Service 8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [2014-11-04 815392]
R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2014-02-07 31192]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520]
R2 da3f04c5;TerminusDefender; C:\Windows\syswow64\rundll32.exe [2015-01-17 51200]
R2 IHProtect Service;IHProtect Service; C:\Program Files (x86)\XTab\ProtectService.exe [2014-12-29 158864]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2010-04-05 116104]
R2 IMFservice;IMF Service; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2015-01-27 344864]
R2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2015-01-16 2724128]
R2 WindowsMangerProtect;WindowsMangerProtect Service; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [2015-01-07 473088]
S2 163ac2d4;LibraryProc; C:\Windows\syswow64\rundll32.exe [2015-01-17 51200]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-05 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2015-01-17 38792]
S3 FlexNet Licensing Service 64;FlexNet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe [2015-01-17 1357104]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-05 116648]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 178760]

-----------------EOF-----------------

#2 Příspěvek od **Márty84** » 18 úno 2015 04:33

Zdravim

Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.

nobody · #3 Příspěvek od **nobody** » 19 úno 2015 00:33

log zde

# AdwCleaner v4.111 - Logfile created 19/02/2015 at 00:20:30
# Updated 18/02/2015 by Xplode
# Database : 2015-02-18.3 [Server]
# Operating system : Windows 8.1 Pro (x64)
# Username : Ludmila - LIDUSKA
# Running from : C:\Users\Ludmila\Desktop\adwcleaner_4.111.exe
# Option : Cleaning

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\12883306088122721519
Folder Deleted : C:\ProgramData\a98cacfa00005776
Folder Deleted : C:\Program Files (x86)\AllSaaver
Folder Deleted : C:\Program Files (x86)\BeStSeaveFoarYou
Folder Deleted : C:\Program Files (x86)\CoupExittensiion
Folder Deleted : C:\Program Files (x86)\DigiCoUppono
Folder Deleted : C:\Program Files (x86)\DownSoave
Folder Deleted : C:\Program Files (x86)\EExstRRaCuoupon
Folder Deleted : C:\Program Files (x86)\EXstiRaCoupon
Folder Deleted : C:\Program Files (x86)\GReautSavE4U
Folder Deleted : C:\Program Files (x86)\NeWSavErr
Folder Deleted : C:\Program Files (x86)\unisaales
Folder Deleted : C:\Program Files (x86)\unniSales
Folder Deleted : C:\Program Files (x86)\unoisales
Folder Deleted : C:\Users\Ludmila\AppData\Roaming\pdfforge
Folder Deleted : C:\ProgramData\bloofafkbjahbhdoikkecknijjmobeoj
Folder Deleted : C:\ProgramData\jhlfkcpeaanbdfjnlpgknjcimdkjfpmh
Folder Deleted : C:\ProgramData\nkbfdlbjlnhgchfeajggocjpkfnbghno
Folder Deleted : C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Default\Extensions\bebdjoepplolgekpnofcbilfkdmmaodj
Folder Deleted : C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjancfncafpcahfcleopbgfcihndhfbk
File Deleted : C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage

***** [ Scheduled tasks ] *****

Task Deleted : LaunchSignup

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\P2fc13d76_b3f3_448f_9c62_291791e40bfc_.P2fc13d76_b3f3_448f_9c62_291791e40bfc_
Key Deleted : HKLM\SOFTWARE\Classes\P2fc13d76_b3f3_448f_9c62_291791e40bfc_.P2fc13d76_b3f3_448f_9c62_291791e40bfc_.9
Key Deleted : HKLM\SOFTWARE\Classes\P36f49069_9c4c_442f_972b_c20c8a82b16a_.P36f49069_9c4c_442f_972b_c20c8a82b16a_
Key Deleted : HKLM\SOFTWARE\Classes\P36f49069_9c4c_442f_972b_c20c8a82b16a_.P36f49069_9c4c_442f_972b_c20c8a82b16a_.9
Key Deleted : HKLM\SOFTWARE\Classes\P683259eb_ea41_4ae7_99eb_c6cb4ad718a0_.P683259eb_ea41_4ae7_99eb_c6cb4ad718a0_
Key Deleted : HKLM\SOFTWARE\Classes\P683259eb_ea41_4ae7_99eb_c6cb4ad718a0_.P683259eb_ea41_4ae7_99eb_c6cb4ad718a0_.9
Key Deleted : HKLM\SOFTWARE\Classes\P6cbc9859_091e_49a3_9f61_377a37e5d3fe_.P6cbc9859_091e_49a3_9f61_377a37e5d3fe_
Key Deleted : HKLM\SOFTWARE\Classes\P6cbc9859_091e_49a3_9f61_377a37e5d3fe_.P6cbc9859_091e_49a3_9f61_377a37e5d3fe_.9
Key Deleted : HKLM\SOFTWARE\Classes\P88c799ef_d052_48ea_886f_c1cf5db47e04_.P88c799ef_d052_48ea_886f_c1cf5db47e04_
Key Deleted : HKLM\SOFTWARE\Classes\P88c799ef_d052_48ea_886f_c1cf5db47e04_.P88c799ef_d052_48ea_886f_c1cf5db47e04_.9
Key Deleted : HKLM\SOFTWARE\Classes\P8c0ef73b_a419_4321_ae4c_05b31b2f095a_.P8c0ef73b_a419_4321_ae4c_05b31b2f095a_
Key Deleted : HKLM\SOFTWARE\Classes\P8c0ef73b_a419_4321_ae4c_05b31b2f095a_.P8c0ef73b_a419_4321_ae4c_05b31b2f095a_.9
Key Deleted : HKLM\SOFTWARE\Classes\Pee39e7c8_3016_4236_8d7e_ec66f6fc2440_.Pee39e7c8_3016_4236_8d7e_ec66f6fc2440_
Key Deleted : HKLM\SOFTWARE\Classes\Pee39e7c8_3016_4236_8d7e_ec66f6fc2440_.Pee39e7c8_3016_4236_8d7e_ec66f6fc2440_.9
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2fc13d76-b3f3-448f-9c62-291791e40bfc}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{36f49069-9c4c-442f-972b-c20c8a82b16a}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{683259eb-ea41-4ae7-99eb-c6cb4ad718a0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6cbc9859-091e-49a3-9f61-377a37e5d3fe}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{88c799ef-d052-48ea-886f-c1cf5db47e04}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8c0ef73b-a419-4321-ae4c-05b31b2f095a}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ee39e7c8-3016-4236-8d7e-ec66f6fc2440}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{079E2F0F-FCA0-4163-BC82-5355B879E86E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{230332DF-D235-47EE-BC42-60860EF144CD}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C7405EEB-2E16-40FE-9E27-1F48CAAB15E1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2fc13d76-b3f3-448f-9c62-291791e40bfc}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{36f49069-9c4c-442f-972b-c20c8a82b16a}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2fc13d76-b3f3-448f-9c62-291791e40bfc}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{36f49069-9c4c-442f-972b-c20c8a82b16a}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2fc13d76-b3f3-448f-9c62-291791e40bfc}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{36f49069-9c4c-442f-972b-c20c8a82b16a}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{683259eb-ea41-4ae7-99eb-c6cb4ad718a0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6cbc9859-091e-49a3-9f61-377a37e5d3fe}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{88c799ef-d052-48ea-886f-c1cf5db47e04}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8c0ef73b-a419-4321-ae4c-05b31b2f095a}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{ee39e7c8-3016-4236-8d7e-ec66f6fc2440}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{2fc13d76-b3f3-448f-9c62-291791e40bfc}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{36f49069-9c4c-442f-972b-c20c8a82b16a}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{683259eb-ea41-4ae7-99eb-c6cb4ad718a0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{6cbc9859-091e-49a3-9f61-377a37e5d3fe}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{88c799ef-d052-48ea-886f-c1cf5db47e04}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{8c0ef73b-a419-4321-ae4c-05b31b2f095a}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{ee39e7c8-3016-4236-8d7e-ec66f6fc2440}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Deleted : HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Deleted : HKLM\SOFTWARE\SupDp
Key Deleted : HKLM\SOFTWARE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Key Deleted : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4CEE92A3-9F0C-51AB-ADC0-34EC24AD7B7E}

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17416

-\\ Google Chrome v40.0.2214.93

[C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://websearch.thesearchpage.info/?l=1&q={searchTerms}&pid=21929&r=2015/01/28&hid=16100609583070319868&lg=EN&cc=CZ&unqvl=74
[C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://isearch.omiga-plus.com/web/?type=dspp&ts=1420665298&from=cor&uid=HitachiXHTS543232L9SA00_081101FB2406LECLB67CX&q={searchTerms}
[C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://isearch.omiga-plus.com/web/?type=dspp&ts=1420665298&from=cor&uid=HitachiXHTS543232L9SA00_081101FB2406LECLB67CX&q={searchTerms}

*************************

AdwCleaner[R0].txt - [8148 bytes] - [19/02/2015 00:13:55]
AdwCleaner[R1].txt - [8207 bytes] - [19/02/2015 00:20:15]
AdwCleaner[S0].txt - [8151 bytes] - [19/02/2015 00:20:30]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8210 bytes] ##########

#4 Příspěvek od **Márty84** » 19 úno 2015 02:32

Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

nobody · #5 Příspěvek od **nobody** » 19 úno 2015 08:20

Opět zasílám

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 19. 2. 2015
Čas skenování: 5:05:47
Protokol: log.txt
Správce: Ano

Verze: 2.00.4.1028
Databáze malwaru: v2015.02.19.03
Databáze rootkitů: v2015.02.03.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Sebeobrany: Vypnuto

OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: Ludmila

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 602098
Uplynulý čas: 3 hod, 9 min, 30 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Žádné zákerné zjištěny položek)

Moduly: 0
(Žádné zákerné zjištěny položek)

Klíče registru: 1
PUP.Optional.Qone8, HKU\S-1-5-21-335527353-3223338498-3885412778-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, , [8ac5fe2261297bbbb02f916dd1338d73],

Hodnoty registru: 0
(Žádné zákerné zjištěny položek)

Data registru: 0
(Žádné zákerné zjištěny položek)

Složky: 0
(Žádné zákerné zjištěny položek)

Soubory: 1
PUP.Optional.Amonetize, C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000000, , [193648d84a40ab8bce98a86cba4839c7],

Fyzické sektory: 0
(Žádné zákerné zjištěny položek)

(end)

#6 Příspěvek od **Márty84** » 19 úno 2015 09:57

Nalezy hodte do karanteny, pak MBAM odinstalujte.

Postupujte podle navodu kolegy

vyosek píše: Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
Ulozte nejlepe na plochu

Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu

Probehne vytvoreni zalohy a nasledne prohledavani

Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Postupujte podle navodu kolegy

vyosek píše: Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize
Kód: Vybrat vše
autoclean;
autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;
Nasledne kliknete na Run Script

PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

nobody · #7 Příspěvek od **nobody** » 20 úno 2015 08:32

JRT log:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.2 (02.02.2015:1)
OS: Windows 8.1 Pro x64
Ran by Ludmila on p 20. 02. 2015 at 7:07:40,29
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}

~~~ Files

Successfully deleted: [File] C:\Windows\prefetch\DRIVER BOOSTER.TMP-6EB92316.pf
Successfully deleted: [File] C:\Windows\prefetch\DRIVERBOOSTER.EXE-51D78DCC.pf

~~~ Folders

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on p 20. 02. 2015 at 7:10:35,42
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Zoek log:

Zoek.exe v5.0.0.0 Updated 19-February-2015
Tool run by Ludmila on p 20. 02. 2015 at 7:20:50,59.
Microsoft Windows 8.1 Pro 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Ludmila\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

20. 2. 2015 7:21:44 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Empty Folders Check ======================

C:\PROGRA~3\CanonEPP deleted successfully
C:\PROGRA~3\CanonIJEPPEX2 deleted successfully
C:\PROGRA~3\Render Plus Systems deleted successfully
C:\PROGRA~3\Reprise deleted successfully
C:\PROGRA~3\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} deleted successfully
C:\PROGRA~3\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} deleted successfully
C:\Users\Ludmila\AppData\Local\GHISLER deleted successfully
C:\Users\Ludmila\AppData\Local\PDFCreator deleted successfully
C:\Users\Ludmila\AppData\Local\RPS 3D PDF deleted successfully
C:\Users\Ludmila\AppData\Local\VirtualStore deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-335527353-3223338498-3885412778-1001\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} deleted successfully
HKEY_USERS\S-1-5-21-335527353-3223338498-3885412778-1001\Software\Microsoft\Internet Explorer\SearchScopes\{7828B4F2-AC4A-49A8-BDB1-8ABE913DF3EB} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== Deleting Files \ Folders ======================

C:\PROGRA~3\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} not found
C:\PROGRA~3\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} not found
C:\Users\Ludmila\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoner Photo Studio 17 Pro Full with License Key.lnk not found
C:\Users\Ludmila\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoner Photo Studio 17 Pro Full with License Key.lnk not found
C:\PROGRA~2\Voicify deleted
C:\PROGRA~3\{bb6ce422-9c71-9bbf-bb6c-ce4229c7908a} deleted
C:\PROGRA~3\{ed35e8ae-d3a5-cde0-ed35-5e8aed3aa2bb} deleted
C:\Users\Ludmila\AppData\Roaming\appdataFr3.bin deleted
C:\Users\Ludmila\AppData\Roaming\ProductData deleted
C:\PROGRA~3\ProductData deleted
C:\PROGRA~3\Package Cache deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
"C:\Windows\Installer\391f7.msi" deleted

==== Chromium Look ======================

Google Chrome Version: 40.0.2214.93 (Possible outdated, latest Stable version: 40.0.2214.115)

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[14. 07. 2014 18:22]

One Number - Ludmila\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfkohgkpafhkpdcnfadadcibfboapggi
Scroll Button - Ludmila\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbkobdcckhcgleanepepnfaficicaogg
Facebook Social Plugin - Ludmila\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdmclgnbhdiklglmmdcaelggigiiigpm
Voicify - Ludmila\AppData\Local\Google\Chrome\User Data\Default\Extensions\klonjmnnpocmmjknkimicfkanmmkiebl
Skype Click to Call - Ludmila\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Remote Torrent Adder - Ludmila\AppData\Local\Google\Chrome\User Data\Default\Extensions\oabphaconndgibllomdcjbfdghcmenci
Docs - Ludmila\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake
RuanDomPPriocee - Ludmila\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bebdjoepplolgekpnofcbilfkdmmaodj
One Number - Ludmila\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cfkohgkpafhkpdcnfadadcibfboapggi
Scroll Button - Ludmila\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fbkobdcckhcgleanepepnfaficicaogg
EExstRRaCuoupon - Ludmila\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gjancfncafpcahfcleopbgfcihndhfbk
Facebook Social Plugin - Ludmila\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\hdmclgnbhdiklglmmdcaelggigiiigpm
Remote Torrent Adder - Ludmila\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\oabphaconndgibllomdcjbfdghcmenci
Docs - Ludmila\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake

==== Chromium Fix ======================

C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\http_serialkeyfinder.com_0.localstorage deleted successfully
C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_adobeid-na1.services.adobe.com_0.localstorage deleted successfully
C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfkohgkpafhkpdcnfadadcibfboapggi deleted successfully
C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cfkohgkpafhkpdcnfadadcibfboapggi deleted successfully
C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\chrome-extension_cfkohgkpafhkpdcnfadadcibfboapggi_0.localstorage deleted successfully
C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Profile 2\Local Extension Settings\cfkohgkpafhkpdcnfadadcibfboapggi deleted successfully
C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbkobdcckhcgleanepepnfaficicaogg deleted successfully
C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fbkobdcckhcgleanepepnfaficicaogg deleted successfully
C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\chrome-extension_fbkobdcckhcgleanepepnfaficicaogg_0.localstorage deleted successfully
C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Profile 2\Local Extension Settings\fbkobdcckhcgleanepepnfaficicaogg deleted successfully
C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdmclgnbhdiklglmmdcaelggigiiigpm deleted successfully
C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\hdmclgnbhdiklglmmdcaelggigiiigpm deleted successfully
C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\chrome-extension_hdmclgnbhdiklglmmdcaelggigiiigpm_0.localstorage deleted successfully
C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Profile 2\Local Extension Settings\hdmclgnbhdiklglmmdcaelggigiiigpm deleted successfully
C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Default\Extensions\klonjmnnpocmmjknkimicfkanmmkiebl deleted successfully
C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_klonjmnnpocmmjknkimicfkanmmkiebl_0.localstorage deleted successfully
C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Default\Extensions\oabphaconndgibllomdcjbfdghcmenci deleted successfully
C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\oabphaconndgibllomdcjbfdghcmenci deleted successfully
C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\chrome-extension_oabphaconndgibllomdcjbfdghcmenci_0.localstorage deleted successfully
C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Profile 2\Local Extension Settings\oabphaconndgibllomdcjbfdghcmenci deleted successfully
C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bebdjoepplolgekpnofcbilfkdmmaodj deleted successfully
C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gjancfncafpcahfcleopbgfcihndhfbk deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{33BB0A4E-99AF-4226-BDF6-49120163DE86}"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE11SR"
{33BB0A4E-99AF-4226-BDF6-49120163DE86} omiga-plus Url="http://isearch.omiga-plus.com/web/?type ... earchTerms}"

==== Reset Google Chrome ======================

C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Profile 2\Preferences was reset successfully
C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Profile 3\Preferences was reset successfully
C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Profile 4\Preferences was reset successfully
C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data was reset successfully
C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Profile 2\Web Data was reset successfully
C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Profile 3\Web Data was reset successfully
C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Profile 4\Web Data was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\39E70905D4A53BB469BC04ECE63DC1D4 deleted successfully
HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{50907E93-5A4D-4BB3-96CB-40CE6ED31C4D} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\39E70905D4A53BB469BC04ECE63DC1D4 deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Ludmila\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Ludmila\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Ludmila\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Ludmila\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Profile 1\Cache emptied successfully
C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Profile 2\Cache emptied successfully
C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Profile 3\Cache emptied successfully
C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Profile 4\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=125 folders=61 102156168 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Ludmila\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Ludmila\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted

==== EOF on p 20. 02. 2015 at 8:29:37,62 ======================

#8 Příspěvek od **Márty84** » 20 úno 2015 10:08

Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach

nobody · #9 Příspěvek od **nobody** » 20 úno 2015 10:40

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-02-2015 01
Ran by Ludmila (administrator) on LIDUSKA on 20-02-2015 10:35:15
Running from C:\Users\Ludmila\Desktop
Loaded Profiles: Ludmila (Available profiles: Ludmila)
Platform: Windows 8.1 Pro (X64) OS Language: Angličtina (Spojené státy)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
() C:\Program Files (x86)\IObit\Advanced SystemCare 8\RealTimeProtector.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Ludmila\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\PING.EXE

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2726728 2010-03-25] (CANON INC.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-09-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.)
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [493960 2014-12-05] (Autodesk Inc.)
HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1185112 2010-04-02] (CANON INC.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320 2015-01-07] (Adobe Systems Incorporated)
HKU\S-1-5-21-335527353-3223338498-3885412778-1001\...\Run: [Advanced SystemCare 8] => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe [2428704 2015-01-20] (IObit)
HKU\S-1-5-21-335527353-3223338498-3885412778-1001\...\Policies\Explorer: []
Startup: C:\Users\Ludmila\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Zoner Photo Studio 17 Pro Full with License Key.lnk
ShortcutTarget: Zoner Photo Studio 17 Pro Full with License Key.lnk -> C:\ProgramData\{bb6ce422-9c71-9bbf-bb6c-ce4229c7908a}\Zoner Photo Studio 17 Pro Full with License Key.exe (No File)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll (Autodesk, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-335527353-3223338498-3885412778-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type ... earchTerms}
SearchScopes: HKU\S-1-5-21-335527353-3223338498-3885412778-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-335527353-3223338498-3885412778-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type ... earchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-05]
CHR Extension: (Google Docs) - C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-05]
CHR Extension: (Google Drive) - C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-05]
CHR Extension: (YouTube) - C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-05]
CHR Extension: (Google Search) - C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-05]
CHR Extension: (Google Sheets) - C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-05]
CHR Extension: (Skype Click to Call) - C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-02-01]
CHR Extension: (Google Wallet) - C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-05]
CHR Extension: (Gmail) - C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-05]
CHR Profile: C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-04]
CHR Extension: (Docs) - C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04]
CHR Extension: (Google Drive) - C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-04]
CHR Extension: (YouTube) - C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-04]
CHR Extension: (Google Search) - C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-04]
CHR Extension: (Google Sheets) - C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-04]
CHR Extension: (Gmail) - C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-04]
CHR Profile: C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Google Slides) - C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-04]
CHR Extension: (Google Docs) - C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04]
CHR Extension: (Google Drive) - C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-04]
CHR Extension: (YouTube) - C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-04]
CHR Extension: (Google Search) - C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-04]
CHR Extension: (Google Sheets) - C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-04]
CHR Extension: (Gmail) - C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-04]
CHR Profile: C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Profile 3
CHR Extension: (Google Slides) - C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-17]
CHR Extension: (Docs) - C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-17]
CHR Extension: (Google Drive) - C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-17]
CHR Extension: (YouTube) - C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-17]
CHR Extension: (Google Search) - C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-17]
CHR Extension: (Google Sheets) - C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-17]
CHR Extension: (Gmail) - C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-17]
CHR Profile: C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Profile 4
CHR Extension: (Google Slides) - C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-17]
CHR Extension: (Google Docs) - C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-17]
CHR Extension: (Google Drive) - C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-17]
CHR Extension: (YouTube) - C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-17]
CHR Extension: (Google Search) - C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-17]
CHR Extension: (Google Sheets) - C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-17]
CHR Extension: (Gmail) - C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-17]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [599944 2014-12-05] (Autodesk Inc.)
R2 AdvancedSystemCareService8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [815392 2014-11-04] (IObit)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [31192 2014-02-07] (Autodesk, Inc.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2015-01-17] (Microsoft Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2010-04-05] ()
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2724128 2015-01-16] (IObit)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-01-05] (REALiX(tm))
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31472 2015-02-06] (Synaptics Incorporated)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S3 WinDivert1.1; C:\Program Files\KMSpico\WinDivert.sys [35376 2015-01-05] (Basil Projects)
R3 yukonw8; C:\Windows\system32\DRIVERS\yk63x64.sys [295216 2013-06-18] (Marvell)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-20 10:35 - 2015-02-20 10:35 - 00017455 _____ () C:\Users\Ludmila\Desktop\FRST.txt
2015-02-20 10:34 - 2015-02-20 10:35 - 00000000 ____D () C:\FRST
2015-02-20 10:34 - 2015-02-20 10:34 - 00029696 _____ () C:\Users\Ludmila\AppData\Local\MSGBOX.EXE
2015-02-20 10:34 - 2015-02-20 10:34 - 00015327 _____ () C:\Users\Ludmila\Desktop\LM.bat
2015-02-20 10:33 - 2015-02-20 10:33 - 00112640 _____ (forum.viry.cz) C:\Users\Ludmila\Downloads\Nepotvrzeno 346137.crdownload
2015-02-20 10:32 - 2015-02-20 10:33 - 00112640 _____ (forum.viry.cz) C:\Users\Ludmila\Desktop\FRSTLauncher.exe
2015-02-20 10:31 - 2015-02-20 10:31 - 02086912 _____ (Farbar) C:\Users\Ludmila\Desktop\FRST64.exe
2015-02-20 08:30 - 2015-02-20 08:30 - 00000020 _____ () C:\Users\Ludmila\AppData\Roaming\appdataFr3.bin
2015-02-20 08:30 - 2015-02-20 08:30 - 00000000 ____D () C:\Users\Ludmila\AppData\Roaming\ProductData
2015-02-20 07:44 - 2015-02-20 07:44 - 00000976 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-20 07:44 - 2015-02-20 07:44 - 00000972 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-20 07:34 - 2015-02-20 07:34 - 00000000 ____D () C:\ProgramData\ProductData
2015-02-20 07:34 - 2015-02-20 07:20 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-02-20 07:21 - 2015-02-20 08:29 - 00013723 _____ () C:\zoek-results.log
2015-02-20 07:20 - 2015-02-20 08:22 - 00000000 ____D () C:\zoek_backup
2015-02-20 07:19 - 2015-02-20 07:19 - 01304576 _____ () C:\Users\Ludmila\Desktop\zoek.exe
2015-02-20 07:10 - 2015-02-20 07:10 - 00000940 _____ () C:\Users\Ludmila\Desktop\JRT.txt
2015-02-20 07:06 - 2015-02-20 07:06 - 01388274 _____ (Thisisu) C:\Users\Ludmila\Desktop\JRT.exe
2015-02-19 11:29 - 2015-02-19 11:30 - 00000298 _____ () C:\Windows\Tasks\Uninstaller_SkipUac_Ludmila.job
2015-02-19 11:29 - 2015-02-19 11:29 - 00002402 _____ () C:\Windows\System32\Tasks\Uninstaller_SkipUac_Ludmila
2015-02-19 10:29 - 2015-02-20 08:22 - 00004230 _____ () C:\Windows\PFRO.log
2015-02-19 10:28 - 2015-02-19 10:28 - 00000000 ____H () C:\asc_rdflag
2015-02-19 09:35 - 2015-02-19 09:35 - 00000000 ____D () C:\Users\Ludmila\Desktop\Sportovni_stavby
2015-02-19 07:07 - 2015-02-19 07:13 - 00000000 ____D () C:\Users\Ludmila\Desktop\Klimkovice
2015-02-19 07:06 - 2015-02-20 08:22 - 00001938 _____ () C:\Windows\setupact.log
2015-02-19 07:06 - 2015-02-19 07:06 - 00000000 _____ () C:\Windows\setuperr.log
2015-02-18 07:53 - 2015-02-18 07:53 - 00000000 ____D () C:\Users\Ludmila\Desktop\flash
2015-02-18 00:30 - 2015-02-18 00:31 - 00000000 ____D () C:\Users\Ludmila\Desktop\Klimkovice - Klárka
2015-02-17 21:43 - 2015-02-19 10:27 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-02-17 21:43 - 2015-02-17 21:43 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-17 21:09 - 2015-02-17 21:41 - 00000000 ____D () C:\ProgramData\HitmanPro
2015-02-17 21:05 - 2015-02-17 21:08 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Ludmila\Downloads\mbam-setup-2.0.4.1028.exe
2015-02-17 21:05 - 2015-02-17 21:08 - 10995632 _____ (SurfRight B.V.) C:\Users\Ludmila\Downloads\HitmanPro_x64.exe
2015-02-17 20:15 - 2015-02-17 20:16 - 00000000 ____D () C:\Program Files\trend micro
2015-02-17 20:15 - 2015-02-17 20:15 - 01222144 _____ () C:\Users\Ludmila\Downloads\RSITx64 (1).exe
2015-02-17 20:15 - 2015-02-17 20:15 - 00000000 ____D () C:\rsit
2015-02-17 20:14 - 2015-02-17 20:15 - 01222144 _____ () C:\Users\Ludmila\Downloads\RSITx64.exe
2015-02-17 19:41 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-17 19:41 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-17 19:38 - 2015-02-10 11:29 - 19159300 ____N () C:\Users\Ludmila\Desktop\prednasky-perina.rar
2015-02-16 07:10 - 2015-02-16 07:10 - 00000110 ____H () C:\Users\Ludmila\Desktop\0ceeb14a44_59560834_o2.jpg.uid-zps
2015-02-16 07:00 - 2015-02-16 07:36 - 00000000 ____D () C:\Users\Ludmila\Desktop\vizošky
2015-02-16 06:31 - 2015-02-16 06:33 - 80818424 _____ (ZONER software ) C:\Users\Ludmila\Downloads\zps17_cz (1).exe
2015-02-15 20:40 - 2015-02-15 20:40 - 00000141 _____ () C:\Users\Ludmila\Downloads\plot.log
2015-02-15 20:32 - 2015-02-15 23:09 - 00000000 ____D () C:\Users\Ludmila\Desktop\Elaborát
2015-02-15 13:44 - 2015-02-17 22:12 - 00000000 ____D () C:\Program Files (x86)\One Number
2015-02-15 13:14 - 2015-02-15 13:14 - 07715094 _____ () C:\Users\Ludmila\Downloads\klimkovice (1).zip
2015-02-13 22:46 - 2015-02-13 22:46 - 07473470 _____ () C:\Users\Ludmila\Downloads\program-1.zip
2015-02-11 18:02 - 2015-02-11 18:02 - 07715094 _____ () C:\Users\Ludmila\Downloads\klimkovice.zip
2015-02-10 22:50 - 2015-01-15 23:43 - 00563504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-10 22:50 - 2015-01-15 23:43 - 00177984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-10 22:50 - 2015-01-14 05:22 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-02-10 22:50 - 2015-01-14 04:53 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-02-10 22:50 - 2015-01-13 23:11 - 01762840 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-10 22:50 - 2015-01-13 23:04 - 01489072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-10 22:50 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-10 22:50 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-10 22:50 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-10 22:50 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-10 22:50 - 2015-01-12 03:34 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-02-10 22:50 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-10 22:50 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-10 22:50 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-10 22:50 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-10 22:50 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-10 22:50 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-10 22:50 - 2015-01-12 02:58 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-02-10 22:50 - 2015-01-12 02:55 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-02-10 22:50 - 2015-01-12 02:51 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-02-10 22:50 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-10 22:50 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-10 22:50 - 2015-01-12 02:48 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-10 22:50 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-10 22:50 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-10 22:50 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-10 22:50 - 2015-01-12 02:34 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-02-10 22:50 - 2015-01-12 02:30 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-02-10 22:50 - 2015-01-12 02:27 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-02-10 22:50 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-10 22:50 - 2015-01-12 02:25 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-02-10 22:50 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-10 22:50 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-10 22:50 - 2015-01-12 02:23 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-10 22:50 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-10 22:50 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-10 22:50 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-10 22:50 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-10 22:50 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-10 22:50 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-10 22:50 - 2015-01-10 10:10 - 07472960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-10 22:50 - 2015-01-10 10:10 - 01733440 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-02-10 22:50 - 2015-01-10 09:28 - 01498360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-02-10 22:50 - 2015-01-10 08:00 - 00430080 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-10 22:50 - 2015-01-10 07:38 - 00359424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-10 22:50 - 2014-12-19 09:57 - 00788680 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-10 22:50 - 2014-12-19 09:25 - 00602776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-10 22:50 - 2014-12-09 04:45 - 00393728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-10 22:50 - 2014-12-09 02:56 - 00538624 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-10 22:50 - 2014-12-09 00:12 - 00391526 _____ () C:\Windows\system32\ApnDatabase.xml
2015-02-10 22:49 - 2015-01-19 19:42 - 01487976 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2015-02-10 22:48 - 2015-02-04 00:38 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-10 22:48 - 2015-02-04 00:08 - 00761856 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-10 22:48 - 2015-02-04 00:08 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-10 22:48 - 2015-02-03 00:11 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-10 22:48 - 2015-02-03 00:11 - 00894464 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-10 22:48 - 2015-02-03 00:11 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-10 22:48 - 2015-01-10 09:22 - 04175872 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-07 22:39 - 2015-02-08 00:02 - 1342021747 _____ () C:\Users\Ludmila\Downloads\Mikulášská-party-6.12.2014.rar
2015-02-06 21:14 - 2015-02-06 21:14 - 00000000 ____H () C:\ProgramData\DP45977C.lfl
2015-02-06 21:13 - 2015-02-06 21:13 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2015-02-06 21:13 - 2015-02-06 21:13 - 00000000 ____D () C:\Program Files\Realtek
2015-02-06 21:11 - 2015-02-06 21:11 - 71040000 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2015-02-06 21:11 - 2015-02-06 21:11 - 14048512 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 12967680 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO3064.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 06218072 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 05804772 _____ () C:\Windows\system32\Drivers\rtvienna.dat
2015-02-06 21:11 - 2015-02-06 21:11 - 05234952 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 04263128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2015-02-06 21:11 - 2015-02-06 21:11 - 03186544 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 02860760 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 02827120 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 02770976 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 02162992 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 02101848 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 02041432 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 01959128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2015-02-06 21:11 - 2015-02-06 21:11 - 01939800 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 01550528 _____ (Conexant Systems Inc.) C:\Windows\system32\CX64APO.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 01499984 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 01443340 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2015-02-06 21:11 - 2015-02-06 21:11 - 01411096 _____ (Synopsys, Inc.) C:\Windows\system32\SRRPTR64.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 01353472 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO6064.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 01313904 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO64.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 01287384 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 01136728 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 01048824 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 00995120 _____ (Nahimic Inc) C:\Windows\system32\NahimicAPONSControl.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 00979280 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 00959704 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 00947760 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 00922880 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 00906800 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 00889592 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 00871856 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 00856992 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 00724728 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 00663296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 00662784 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 00629464 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 00582056 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 00560328 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 00501184 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 00487360 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 00451096 _____ (Synopsys, Inc.) C:\Windows\system32\SRAPO64.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 00415680 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 00366104 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM64.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 00326680 _____ (Synopsys, Inc.) C:\Windows\SysWOW64\SRCOM.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 00326680 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 00315736 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 00303776 _____ (ICEpower a/s) C:\Windows\system32\ICEsoundAPO64.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 00261464 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 00246008 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 00162224 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 00109848 _____ () C:\Windows\system32\AcpiServiceVnA64.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 00096568 _____ () C:\Windows\system32\audioLibVc.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2015-02-06 21:11 - 2015-02-06 21:11 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2015-02-06 21:10 - 2014-06-04 15:17 - 00128288 _____ (IObit) C:\Windows\system32\IObitSmartDefragExtension.dll20150206211024.dll
2015-02-06 21:10 - 2014-06-04 15:17 - 00128288 _____ (IObit) C:\Windows\system32\IObitSmartDefragExtension.dll
2015-02-06 21:10 - 2014-06-04 15:17 - 00034080 _____ (IObit) C:\Windows\system32\SmartDefragBootTime.exe
2015-02-06 21:01 - 2015-02-06 21:01 - 01795952 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2015-02-06 21:01 - 2015-02-06 21:01 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2015-02-06 21:01 - 2015-02-06 21:01 - 00000000 ____D () C:\Program Files\Synaptics
2015-02-06 21:00 - 2015-02-06 21:00 - 00031472 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys
2015-02-06 20:54 - 2015-02-06 20:54 - 00003186 _____ () C:\Windows\System32\Tasks\ASC8_PerformanceMonitor
2015-02-06 20:54 - 2015-02-06 20:54 - 00001254 _____ () C:\Users\Public\Desktop\IObit Uninstaller.lnk
2015-02-06 20:53 - 2015-02-19 12:18 - 00000262 _____ () C:\Windows\Tasks\ASC8_SkipUac_Ludmila.job
2015-02-06 20:53 - 2015-02-19 01:06 - 00002209 _____ () C:\Users\Public\Desktop\Advanced SystemCare 8.lnk
2015-02-06 20:53 - 2015-02-06 20:53 - 00002366 _____ () C:\Windows\System32\Tasks\ASC8_SkipUac_Ludmila
2015-02-06 20:53 - 2015-02-06 20:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 8
2015-02-06 20:50 - 2015-02-12 07:40 - 00002858 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (Ludmila)
2015-02-06 18:07 - 2015-02-06 18:07 - 00000000 ____D () C:\Program Files (x86)\Scroll Button
2015-02-06 17:20 - 2015-02-06 17:20 - 00000000 ____D () C:\Program Files (x86)\Remote Torrent Adder
2015-02-05 20:01 - 2015-02-05 20:01 - 00714720 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-05 20:01 - 2015-02-05 20:01 - 00106976 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-03 23:19 - 2015-02-03 23:19 - 00003504 _____ () C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-Liduska-Ludmila
2015-02-03 22:39 - 2015-02-03 22:39 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2015-02-03 21:31 - 2015-02-03 21:31 - 00001070 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2014.lnk
2015-02-03 21:30 - 2015-02-03 22:06 - 00000000 ____D () C:\Program Files\Adobe
2015-02-03 21:23 - 2015-02-03 22:11 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2015-02-03 20:39 - 2015-02-03 20:39 - 00000000 ___RD () C:\Users\Ludmila\Creative Cloud Files
2015-02-03 20:33 - 2015-02-03 20:33 - 00001347 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2015-02-03 20:33 - 2015-02-03 20:33 - 00001335 _____ () C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2015-02-03 20:17 - 2015-02-03 20:17 - 01930704 _____ (Adobe Systems Incorporated) C:\Users\Ludmila\Downloads\adobe-photoshop-cs6.exe
2015-02-03 19:55 - 2015-02-03 20:01 - 64684032 _____ () C:\Users\Ludmila\Downloads\Photoshop_12_LS1.7z
2015-02-03 19:01 - 2015-02-03 19:05 - 00000000 ____D () C:\output
2015-02-03 18:59 - 2015-02-03 19:00 - 01301384 _____ (http://www.JPGPDF.net ) C:\Users\Ludmila\Downloads\jpgtopdf.exe
2015-02-03 09:35 - 2015-02-03 09:35 - 00000110 ____H () C:\Users\Ludmila\Desktop\Řezy-Model.jpg.uid-zps
2015-02-03 09:35 - 2015-02-03 09:35 - 00000110 ____H () C:\Users\Ludmila\Desktop\Půdorys přízemí + 1.NP – kopie-Model.jpg.uid-zps
2015-02-03 09:34 - 2015-02-03 09:34 - 00000110 ____H () C:\Users\Ludmila\Desktop\2.jpg.uid-zps
2015-02-03 08:01 - 2015-02-03 08:01 - 00000000 ____D () C:\Users\Ludmila\AppData\IObit
2015-02-03 02:11 - 2015-02-03 02:11 - 00000110 ____H () C:\Users\Ludmila\Desktop\DSC_0035.jpg.uid-zps
2015-02-03 01:57 - 2015-02-03 01:57 - 00000110 ____H () C:\Users\Ludmila\Desktop\1.jpg.uid-zps
2015-02-03 01:51 - 2015-02-03 01:51 - 00000110 ____H () C:\Users\Ludmila\Desktop\Beze jména.jpg.uid-zps
2015-02-03 01:20 - 2015-02-03 01:20 - 00000110 ____H () C:\Users\Ludmila\Desktop\Poster.jpg.uid-zps
2015-02-01 22:00 - 2015-02-01 22:00 - 00197552 _____ () C:\Users\Ludmila\Downloads\bain-de-soleil-double-+-parasol-BALI.skp
2015-02-01 21:36 - 2015-02-01 21:36 - 00000000 __SHD () C:\Users\Ludmila\AppData\Local\EmieUserList
2015-02-01 21:36 - 2015-02-01 21:36 - 00000000 __SHD () C:\Users\Ludmila\AppData\Local\EmieSiteList
2015-02-01 21:36 - 2015-02-01 21:36 - 00000000 __SHD () C:\Users\Ludmila\AppData\Local\EmieBrowserModeList
2015-02-01 10:54 - 2015-02-01 11:58 - 00000000 ____D () C:\Users\Ludmila\AppData\Roaming\Skype
2015-02-01 10:54 - 2015-02-01 10:55 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-02-01 10:54 - 2015-02-01 10:54 - 00002777 _____ () C:\Users\Public\Desktop\Skype.lnk
2015-02-01 10:54 - 2015-02-01 10:54 - 00000000 ____D () C:\Users\Ludmila\AppData\Local\Skype
2015-02-01 10:54 - 2015-02-01 10:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-02-01 10:53 - 2015-02-01 10:54 - 00000000 ____D () C:\ProgramData\Skype
2015-02-01 10:50 - 2015-02-01 10:52 - 44840544 _____ (Skype Technologies S.A.) C:\Users\Ludmila\Downloads\skype-setup.exe
2015-02-01 04:38 - 2015-02-12 08:58 - 00000000 ____D () C:\Users\Ludmila\AppData\Roaming\IRender
2015-02-01 04:37 - 2015-02-02 00:42 - 00000000 ____D () C:\Users\Ludmila\Documents\IRender
2015-02-01 04:37 - 2015-02-01 04:37 - 00000000 ____D () C:\Users\Ludmila\Documents\RPS
2015-02-01 04:35 - 2015-02-02 09:28 - 00000000 ____D () C:\Users\Ludmila\AppData\Roaming\Render Plus Systems
2015-02-01 04:35 - 2015-02-02 04:33 - 00000000 ____D () C:\Users\Ludmila\AppData\Roaming\RPS
2015-02-01 04:35 - 2015-02-01 04:35 - 00000000 ____D () C:\Users\Ludmila\AppData\Roaming\SunScape
2015-02-01 04:31 - 2015-02-01 04:31 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-02-01 04:30 - 2015-02-01 04:30 - 00000000 ____D () C:\Program Files (x86)\Render Plus Systems
2015-02-01 03:55 - 2015-02-01 03:56 - 00309005 _____ () C:\Users\Ludmila\Downloads\CZproArtlantisStudio_5.1.2.5-Win32i64bit.exe
2015-01-31 07:32 - 2015-01-31 07:39 - 271992312 _____ (Graphisoft SE) C:\Users\Ludmila\Downloads\AC17-6004-HOTFIX7-WIN64 (1).exe
2015-01-31 01:13 - 2015-01-30 23:07 - 13525863 _____ () C:\Users\Ludmila\Downloads\návrh-1-1.skb
2015-01-31 01:07 - 2015-01-31 01:14 - 131687297 _____ () C:\Users\Ludmila\Downloads\IRender_6_OA28.zip
2015-01-30 19:38 - 2015-02-19 11:24 - 00000000 ____D () C:\Users\Ludmila\AppData\Local\CrashDumps
2015-01-28 17:06 - 2015-02-02 13:56 - 00000000 ____D () C:\Users\Ludmila\AppData\Local\Zoner
2015-01-28 17:06 - 2015-01-28 17:06 - 00000000 ____D () C:\Users\Ludmila\AppData\Roaming\Zoner
2015-01-28 17:06 - 2015-01-28 17:06 - 00000000 ____D () C:\ProgramData\Zoner
2015-01-28 17:03 - 2015-01-28 17:05 - 80818424 _____ (ZONER software ) C:\Users\Ludmila\Downloads\zps17_cz.exe
2015-01-28 16:53 - 2015-01-28 16:53 - 01160568 _____ () C:\Users\Ludmila\Downloads\Zoner Photo Studio 17 Pro Full with License Key.exe
2015-01-28 16:53 - 2015-01-28 16:53 - 00001081 _____ () C:\Users\Ludmila\Downloads\Zoner Photo Studio 17 Professional license key [FILETIE.COM].rar
2015-01-27 05:53 - 2015-01-27 05:53 - 00114872 _____ (pdfforge GmbH) C:\Windows\system32\pdfcmon.dll
2015-01-27 05:53 - 2015-01-27 05:53 - 00000852 _____ () C:\Users\Public\Desktop\PDFCreator.lnk
2015-01-27 05:53 - 2015-01-27 05:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2015-01-27 05:53 - 2015-01-27 05:53 - 00000000 ____D () C:\Program Files\PDFCreator
2015-01-27 05:49 - 2015-01-27 05:50 - 27276128 _____ (pdfforge ) C:\Users\Ludmila\Downloads\PDFCreator-2_0_0-setup.exe
2015-01-27 05:44 - 2015-02-12 11:01 - 00000870 _____ () C:\Users\Ludmila\Documents\plot.log
2015-01-26 15:21 - 2015-01-26 15:21 - 00000000 ___HD () C:\ProgramData\CanonIJSolutionMenuEX
2015-01-26 15:20 - 2015-02-15 20:41 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2015-01-26 15:20 - 2015-01-26 15:20 - 00000000 ___HD () C:\ProgramData\CanonIJMyPrinter
2015-01-26 15:18 - 2012-07-04 11:55 - 01354240 _____ (CANON INC.) C:\Windows\system32\CNC280C.dll
2015-01-26 15:18 - 2012-07-04 11:55 - 00112128 _____ (CANON INC.) C:\Windows\system32\CNC280I.dll
2015-01-26 15:18 - 2012-07-04 11:29 - 00106496 _____ (CANON INC.) C:\Windows\SysWOW64\CNC280U.dll
2015-01-26 15:15 - 2015-01-26 15:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registrace uživatele zařízení Canon MP280 series
2015-01-26 15:15 - 2015-01-26 15:15 - 00000000 ____D () C:\ProgramData\CanonIJMSetup
2015-01-26 15:14 - 2015-01-26 15:14 - 00002099 _____ () C:\Users\Public\Desktop\Canon Solution Menu EX.lnk
2015-01-26 15:14 - 2015-01-26 15:14 - 00000000 ____D () C:\ProgramData\CanonIJWSpt
2015-01-26 15:14 - 2015-01-26 15:14 - 00000000 ____D () C:\Program Files\Common Files\CANON
2015-01-26 15:12 - 2015-01-26 15:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2015-01-26 15:12 - 2015-01-26 15:12 - 00002378 _____ () C:\Users\Public\Desktop\Canon MP280 series Příručka online.lnk
2015-01-26 15:12 - 2015-01-26 15:12 - 00000000 ____D () C:\Program Files\Canon
2015-01-26 15:11 - 2015-01-26 15:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP280 series Manual
2015-01-26 15:11 - 2015-01-26 15:11 - 00000000 ___HD () C:\Windows\system32\CanonIJ Uninstaller Information
2015-01-26 15:11 - 2015-01-26 15:11 - 00000000 ___HD () C:\ProgramData\CanonBJ
2015-01-26 15:11 - 2015-01-26 15:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP280 series
2015-01-26 15:10 - 2015-01-26 15:10 - 00000000 ___HD () C:\Program Files\CanonBJ
2015-01-26 15:10 - 2010-08-25 05:00 - 00361472 _____ (CANON INC.) C:\Windows\system32\CNMLMAA.DLL
2015-01-26 15:10 - 2010-03-18 19:26 - 00348672 _____ (CANON INC.) C:\Windows\system32\CNC280L.dll
2015-01-26 15:10 - 2010-03-18 19:25 - 00307200 _____ (CANON INC.) C:\Windows\SysWOW64\CNC280L.dll
2015-01-26 15:10 - 2010-03-11 08:57 - 00248320 _____ (CANON INC.) C:\Windows\system32\CNMIUAA.DLL
2015-01-26 15:10 - 2010-01-13 14:04 - 00103424 _____ (Canon Inc.) C:\Windows\system32\CNC280O.dll
2015-01-26 15:10 - 2009-11-13 14:38 - 00012800 _____ () C:\Windows\SysWOW64\CNC1746D.TBL
2015-01-26 15:10 - 2009-11-13 14:38 - 00012800 _____ () C:\Windows\system32\CNC1746D.TBL
2015-01-26 15:10 - 2008-08-25 18:02 - 00017920 _____ (CANON INC.) C:\Windows\system32\CNHMCA6.dll
2015-01-26 15:10 - 2008-08-25 18:02 - 00015872 _____ (CANON INC.) C:\Windows\SysWOW64\CNHMCA.dll
2015-01-26 15:08 - 2015-01-26 15:15 - 00000000 ____D () C:\Program Files (x86)\Canon

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-20 10:28 - 2015-01-05 18:01 - 01196860 _____ () C:\Windows\WindowsUpdate.log
2015-02-20 10:28 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-02-20 09:00 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sru
2015-02-20 08:27 - 2015-01-05 18:21 - 00739908 _____ () C:\Windows\system32\perfh005.dat
2015-02-20 08:27 - 2015-01-05 18:21 - 00151614 _____ () C:\Windows\system32\perfc005.dat
2015-02-20 08:27 - 2013-09-30 05:14 - 01745984 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-20 08:23 - 2013-08-22 15:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-20 07:44 - 2015-01-05 18:32 - 00003948 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-20 07:44 - 2015-01-05 18:31 - 00003712 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-20 07:15 - 2015-01-05 18:13 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-335527353-3223338498-3885412778-1001
2015-02-20 07:07 - 2015-01-05 18:26 - 00003974 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{9990A92E-014D-4912-BF6C-C288294E9200}
2015-02-20 07:04 - 2015-01-05 19:14 - 00000000 ____D () C:\Users\Ludmila\AppData\Local\Adobe
2015-02-19 12:14 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\NDF
2015-02-19 11:26 - 2015-01-05 18:36 - 00000000 ____D () C:\Program Files (x86)\IObit
2015-02-19 11:26 - 2015-01-05 18:35 - 00000000 ____D () C:\Users\Ludmila\AppData\Roaming\IObit
2015-02-19 10:29 - 2015-01-05 21:47 - 92897280 _____ () C:\Windows\system32\config\SOFTWARE.iodefrag.bak
2015-02-19 10:29 - 2015-01-05 21:47 - 00270336 _____ () C:\Windows\system32\config\DEFAULT.iodefrag.bak
2015-02-19 10:29 - 2015-01-05 21:47 - 00069632 _____ () C:\Windows\system32\config\SAM.iodefrag.bak
2015-02-19 10:29 - 2015-01-05 21:47 - 00024576 _____ () C:\Windows\system32\config\SECURITY.iodefrag.bak
2015-02-19 10:28 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-02-19 10:23 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\WinStore
2015-02-19 00:21 - 2013-08-22 16:36 - 00000000 ___RD () C:\Windows\DesktopTileResources
2015-02-18 21:30 - 2015-01-17 13:10 - 00000000 ____D () C:\Users\Ludmila\AppData\Local\Autodesk
2015-02-18 21:01 - 2015-01-05 18:03 - 00000000 ____D () C:\Users\Ludmila\AppData\Local\Packages
2015-02-17 22:14 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Web
2015-02-17 20:42 - 2013-08-22 16:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-02-17 20:41 - 2015-01-05 20:10 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-02-17 20:38 - 2015-01-05 20:07 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-16 14:04 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\rescache
2015-02-16 11:04 - 2015-01-05 18:03 - 00000000 ____D () C:\Users\Ludmila
2015-02-11 14:34 - 2015-01-08 00:17 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-11 14:24 - 2015-01-08 00:17 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-11 14:21 - 2013-08-22 14:25 - 00000167 _____ () C:\Windows\win.ini
2015-02-11 14:16 - 2015-01-14 03:09 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-11 14:16 - 2015-01-14 03:09 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-11 00:38 - 2013-08-22 15:44 - 00555912 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-06 20:50 - 2015-01-05 18:36 - 00000000 ____D () C:\ProgramData\IObit
2015-02-06 17:24 - 2015-01-05 18:37 - 00000298 _____ () C:\Windows\Tasks\Uninstaller_SkipUac_Administrator.job
2015-02-03 23:35 - 2015-01-05 18:03 - 00000000 ____D () C:\Users\Ludmila\AppData\Roaming\Adobe
2015-02-03 22:09 - 2015-01-05 18:31 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-02-03 21:22 - 2015-01-05 18:28 - 00000000 ____D () C:\ProgramData\Adobe
2015-02-01 04:18 - 2015-01-05 22:00 - 00000000 ____D () C:\Users\Ludmila\AppData\Roaming\Abvent_Artlantis5
2015-02-01 03:56 - 2015-01-05 23:05 - 00000000 ____D () C:\Program Files\Artlantis Studio 5
2015-01-31 03:40 - 2015-01-15 19:45 - 00000000 ____D () C:\Users\Ludmila\Graphisoft
2015-01-31 01:45 - 2015-01-15 19:46 - 00000000 ____D () C:\Users\Ludmila\Documents\BIMx
2015-01-27 05:44 - 2015-01-05 18:32 - 00002203 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-27 05:41 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\FxsTmp
2015-01-26 15:16 - 2013-08-22 16:36 - 00000000 __RSD () C:\Windows\Media
2015-01-22 00:36 - 2013-08-22 16:36 - 00000000 ___RD () C:\Windows\ToastData
2015-01-22 00:36 - 2013-08-22 16:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2015-01-22 00:36 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\setup
2015-01-22 00:36 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\setup

==================== Files in the root of some directories =======

2015-02-20 08:30 - 2015-02-20 08:30 - 0000020 _____ () C:\Users\Ludmila\AppData\Roaming\appdataFr3.bin
2015-02-20 10:34 - 2015-02-20 10:34 - 0029696 _____ () C:\Users\Ludmila\AppData\Local\MSGBOX.EXE
2015-02-06 21:14 - 2015-02-06 21:14 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-01-17 13:08 - 2015-01-17 13:08 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-02-15 19:13

==================== End Of Log ============================

#10 Příspěvek od **Márty84** » 20 úno 2015 11:57

Odinstalujte Advanced SystemCare a vse od IObit. Dokaze to nadelat vic skody nez uzitku.

Napiste mi velikost adresare plochy (C:\Users\Ludmila\Plocha)

Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-09-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320 2015-01-07] (Adobe Systems Incorporated)
HKU\S-1-5-21-335527353-3223338498-3885412778-1001\...\Run: [Advanced SystemCare 8] => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe [2428704 2015-01-20] (IObit)
HKU\S-1-5-21-335527353-3223338498-3885412778-1001\...\Policies\Explorer: []
Startup: C:\Users\Ludmila\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Zoner Photo Studio 17 Pro Full with License Key.lnk
ShortcutTarget: Zoner Photo Studio 17 Pro Full with License Key.lnk -> C:\ProgramData\{bb6ce422-9c71-9bbf-bb6c-ce4229c7908a}\Zoner Photo Studio 17 Pro Full with License Key.exe (No File)

SearchScopes: HKU\S-1-5-21-335527353-3223338498-3885412778-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type ... CLB67CX&q={searchTerms}
SearchScopes: HKU\S-1-5-21-335527353-3223338498-3885412778-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type ... CLB67CX&q={searchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)

CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Extension: (Skype Click to Call) - C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-02-01]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

R2 AdvancedSystemCareService8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [815392 2014-11-04] (IObit)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2724128 2015-01-16] (IObit)
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-03 81088]
R2 da3f04c5;TerminusDefender; C:\Windows\syswow64\rundll32.exe [2015-01-17 51200]
S2 163ac2d4;LibraryProc; C:\Windows\syswow64\rundll32.exe [2015-01-17 51200]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-05 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-05 116648]

2015-02-20 07:34 - 2015-02-20 07:20 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-02-20 07:21 - 2015-02-20 08:29 - 00013723 _____ () C:\zoek-results.log
2015-02-20 07:20 - 2015-02-20 08:22 - 00000000 ____D () C:\zoek_backup
2015-02-20 07:19 - 2015-02-20 07:19 - 01304576 _____ () C:\Users\Ludmila\Desktop\zoek.exe
2015-02-20 07:10 - 2015-02-20 07:10 - 00000940 _____ () C:\Users\Ludmila\Desktop\JRT.txt
2015-02-20 07:06 - 2015-02-20 07:06 - 01388274 _____ (Thisisu) C:\Users\Ludmila\Desktop\JRT.exe
2015-02-17 21:43 - 2015-02-19 10:27 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-02-17 21:43 - 2015-02-17 21:43 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-17 21:05 - 2015-02-17 21:08 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Ludmila\Downloads\mbam-setup-2.0.4.1028.exe
2015-02-17 20:15 - 2015-02-17 20:15 - 01222144 _____ () C:\Users\Ludmila\Downloads\RSITx64 (1).exe
2015-02-17 20:15 - 2015-02-17 20:15 - 00000000 ____D () C:\rsit
2015-02-17 20:14 - 2015-02-17 20:15 - 01222144 _____ () C:\Users\Ludmila\Downloads\RSITx64.exe

Task: {4BF5543F-D39B-424E-A73B-E94F87D51F3B} - System32\Tasks\ASC8_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe [2015-01-23] (IObit)
Task: {646B2760-1787-46A2-8FB8-4D329560A185} - \AutoPico Daily Restart No Task File <==== ATTENTION
Task: {70AF91C4-D53C-48EC-9D71-ADA5AF014D58} - \AutoKMS No Task File <==== ATTENTION
Task: C:\Windows\Tasks\ASC8_SkipUac_Ludmila.job => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Uninstaller_SkipUac_Administrator.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: C:\Windows\Tasks\Uninstaller_SkipUac_Ludmila.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe

Hosts:
EmptyTemp:
Reboot:
End

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.

nobody · #11 Příspěvek od **nobody** » 21 úno 2015 00:25

velikost adresare plochy: 5,78 GB

Fixlog:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 18-02-2015 01
Ran by Ludmila at 2015-02-21 00:18:38 Run:1
Running from C:\Users\Ludmila\Desktop
Loaded Profiles: Ludmila (Available profiles: Ludmila)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-09-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320 2015-01-07] (Adobe Systems Incorporated)
HKU\S-1-5-21-335527353-3223338498-3885412778-1001\...\Run: [Advanced SystemCare 8] => C:\Program Files (x86)\IOBIT\Advanced SystemCare 8\ASCTray.exe [2428704 2015-01-20] (IObit)
HKU\S-1-5-21-335527353-3223338498-3885412778-1001\...\Policies\Explorer: []
Startup: C:\Users\Ludmila\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Zoner Photo Studio 17 Pro Full with License Key.lnk
ShortcutTarget: Zoner Photo Studio 17 Pro Full with License Key.lnk -> C:\ProgramData\{bb6ce422-9c71-9bbf-bb6c-ce4229c7908a}\Zoner Photo Studio 17 Pro Full with License Key.exe (No File)

SearchScopes: HKU\S-1-5-21-335527353-3223338498-3885412778-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type ... CLB67CX&q={searchTerms}
SearchScopes: HKU\S-1-5-21-335527353-3223338498-3885412778-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://isearch.omiga-plus.com/web/?type ... CLB67CX&q={searchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)

CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Extension: (Skype Click to Call) - C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-02-01]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

R2 AdvancedSystemCareService8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [815392 2014-11-04] (IObit)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2724128 2015-01-16] (IObit)
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-03 81088]
R2 da3f04c5;TerminusDefender; C:\Windows\syswow64\rundll32.exe [2015-01-17 51200]
S2 163ac2d4;LibraryProc; C:\Windows\syswow64\rundll32.exe [2015-01-17 51200]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-05 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-05 116648]

2015-02-20 07:34 - 2015-02-20 07:20 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-02-20 07:21 - 2015-02-20 08:29 - 00013723 _____ () C:\zoek-results.log
2015-02-20 07:20 - 2015-02-20 08:22 - 00000000 ____D () C:\zoek_backup
2015-02-20 07:19 - 2015-02-20 07:19 - 01304576 _____ () C:\Users\Ludmila\Desktop\zoek.exe
2015-02-20 07:10 - 2015-02-20 07:10 - 00000940 _____ () C:\Users\Ludmila\Desktop\JRT.txt
2015-02-20 07:06 - 2015-02-20 07:06 - 01388274 _____ (Thisisu) C:\Users\Ludmila\Desktop\JRT.exe
2015-02-17 21:43 - 2015-02-19 10:27 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-02-17 21:43 - 2015-02-17 21:43 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-17 21:05 - 2015-02-17 21:08 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Ludmila\Downloads\mbam-setup-2.0.4.1028.exe
2015-02-17 20:15 - 2015-02-17 20:15 - 01222144 _____ () C:\Users\Ludmila\Downloads\RSITx64 (1).exe
2015-02-17 20:15 - 2015-02-17 20:15 - 00000000 ____D () C:\rsit
2015-02-17 20:14 - 2015-02-17 20:15 - 01222144 _____ () C:\Users\Ludmila\Downloads\RSITx64.exe

Task: {4BF5543F-D39B-424E-A73B-E94F87D51F3B} - System32\Tasks\ASC8_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe [2015-01-23] (IObit)
Task: {646B2760-1787-46A2-8FB8-4D329560A185} - \AutoPico Daily Restart No Task File <==== ATTENTION
Task: {70AF91C4-D53C-48EC-9D71-ADA5AF014D58} - \AutoKMS No Task File <==== ATTENTION
Task: C:\Windows\Tasks\ASC8_SkipUac_Ludmila.job => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Uninstaller_SkipUac_Administrator.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: C:\Windows\Tasks\Uninstaller_SkipUac_Ludmila.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe Creative Cloud => value deleted successfully.
HKU\S-1-5-21-335527353-3223338498-3885412778-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Advanced SystemCare 8 => Value not found.
HKU\S-1-5-21-335527353-3223338498-3885412778-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\ => value deleted successfully.
C:\Users\Ludmila\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Zoner Photo Studio 17 Pro Full with License Key.lnk => Moved successfully.
C:\ProgramData\{bb6ce422-9c71-9bbf-bb6c-ce4229c7908a}\Zoner Photo Studio 17 Pro Full with License Key.exe not found.
HKU\S-1-5-21-335527353-3223338498-3885412778-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\S-1-5-21-335527353-3223338498-3885412778-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}" => Key deleted successfully.
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814} => Key not found.
HKCR\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814} => Key not found.
"HKCR\Wow6432Node\PROTOCOLS\Handler\skypec2c" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => Key deleted successfully.
CHR dev: Chrome dev build detected! <======= ATTENTION => Error: No automatic fix found for this entry.
C:\Users\Ludmila\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl => Moved successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl" => Key deleted successfully.
C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx => Moved successfully.
AdvancedSystemCareService8 => Service not found.
c2cautoupdatesvc => Service deleted successfully.
c2cpnrsvc => Service deleted successfully.
LiveUpdateSvc => Service deleted successfully.
AdobeARMservice => Service deleted successfully.
da3f04c5 => Service not found.
163ac2d4 => Service not found.
gupdate => Service deleted successfully.
SkypeUpdate => Service deleted successfully.
gupdatem => Service deleted successfully.
C:\Windows\zoek-delete.exe => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\Ludmila\Desktop\zoek.exe => Moved successfully.
C:\Users\Ludmila\Desktop\JRT.txt => Moved successfully.
C:\Users\Ludmila\Desktop\JRT.exe => Moved successfully.
C:\Program Files (x86)\Malwarebytes Anti-Malware => Moved successfully.
C:\ProgramData\Malwarebytes => Moved successfully.
C:\Users\Ludmila\Downloads\mbam-setup-2.0.4.1028.exe => Moved successfully.
C:\Users\Ludmila\Downloads\RSITx64 (1).exe => Moved successfully.
C:\rsit => Moved successfully.
C:\Users\Ludmila\Downloads\RSITx64.exe => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4BF5543F-D39B-424E-A73B-E94F87D51F3B} => Key not found.
C:\Windows\System32\Tasks\ASC8_PerformanceMonitor not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASC8_PerformanceMonitor => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{646B2760-1787-46A2-8FB8-4D329560A185}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{646B2760-1787-46A2-8FB8-4D329560A185}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoPico Daily Restart" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{70AF91C4-D53C-48EC-9D71-ADA5AF014D58}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{70AF91C4-D53C-48EC-9D71-ADA5AF014D58}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS" => Key deleted successfully.
C:\Windows\Tasks\ASC8_SkipUac_Ludmila.job not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\Uninstaller_SkipUac_Administrator.job => Moved successfully.
C:\Windows\Tasks\Uninstaller_SkipUac_Ludmila.job not found.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 91.9 MB temporary data.

The system needed a reboot.

==== End of Fixlog 00:19:28 ====

#12 Příspěvek od **Márty84** » 21 úno 2015 07:45

nobody píše:velikost adresare plochy: 5,78 GB

Velikost plochy by nemela preshovat 200 - 300 MB! Brzdi to chod pc. Cili ji trosku uklidte a na plochu dejte jen zastupce. Jen pozor na obcasnou chybu, ze uzivatele maji na plose slozku, v ni dalsi a v ni dalsi a do te to schovaji. To je sice hezke, ale plochu to nezmensi, jen je to v jinem supliku

Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

vyosek píše: DelFix https://toolslib.net/downloads/finish/2/
Stahnete a spustte

Ponechte zatrzitkou pouze u volby Remote disinfection tools

Kliknete na Run

Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)

Defragmentujte disk(y) (SSD Disky ne!)
Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.

Pak napiste, jak je na tom pc.

nobody · #13 Příspěvek od **nobody** » 23 úno 2015 07:07

Zdravím

zatím to vypadá, že se notebook zrychlil a s internetem už také nemám problémy, ale zatím jsem nepotřebovala pracovat v žádných programech, tak uvidíme jak to pak půjde. Každopádně moc děkuji za pomoc

#14 Příspěvek od **Márty84** » 23 úno 2015 07:30

To jsem rad, ze se to zlepsilo

Nemate zac!

Necham tema chvili otevrene, at muzete pc radne otestovat. Pak se ozvete a napiste, jak to vypada. Bud to pak uzavrem, nebo se koukneme jeste hloubeji

Tak zatim

nobody · #15 Příspěvek od **nobody** » 26 úno 2015 08:06

Zdravím,

tak jsem myslela, že už to bude ok, ale když potřebuji dělat v AutoCadu, Photoshopu tak neudělám skoro nic, pořád se to děsně seká. Jsem zoufalá, tyto programy potřebuji teď téměř denně a práce se mi tím neskutečně brzdí. A ještě jsem se chtěla zeptat, když otevřu photoshop, píše mi to že mám malou kapacitu VRAM a mám udělat aktualizaci grafické karty, co to znamená? Mám se poohlížet po novějším a výkonnějším notebooku?

Děkuji

VIRY.CZ

Prosím o pomoc

Prosím o pomoc

Re: Prosím o pomoc

Re: Prosím o pomoc

Re: Prosím o pomoc

Re: Prosím o pomoc

Re: Prosím o pomoc

Re: Prosím o pomoc

Re: Prosím o pomoc

Re: Prosím o pomoc

Re: Prosím o pomoc

Re: Prosím o pomoc

Re: Prosím o pomoc

Re: Prosím o pomoc

Re: Prosím o pomoc

Re: Prosím o pomoc