VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

kontrola logu

https://forum.viry.cz:443/viewtopic.php?t=143656

Stránka 1 z 3

kontrola logu

Napsal: 23 bře 2015 19:42
od zdenek6041
Dobrý den, prosím o kontrolu logu. Pomalý chod pc, dlouhý start systému. Děkuji.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Zdeněk at 2015-03-23 19:33:05
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 379 GB (88%) free of 431 GB
Total RAM: 2009 MB (21% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:35:12, on 23.3.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17239)
Boot mode: Normal

Running processes:
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\windows\system32\taskhost.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Lenovo\Energy Management\utility.exe
C:\Program Files\Lenovo\Energy Management\Energy Management.exe
C:\Windows\FixCamera.exe
C:\Windows\System32\igfxtray.exe
C:\Program Files\Conexant\SAII\SmartAudio.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Alwil Software\Avast5\avastui.exe
C:\windows\system32\igfxsrvc.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\windows\system32\wbem\unsecapp.exe
C:\windows\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\totalcmd\TOTALCMD.EXE
C:\Users\Zdeněk\Downloads\RSIT.exe
C:\Users\Zdeněk\Downloads\Zdeněk.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\windows\system32\taskmgr.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [332BigDog] C:\Program Files\USB Camera2\VM332_STI.EXE
O4 - HKLM\..\Run: [EnergyUtility] C:\Program Files\Lenovo\Energy Management\utility.exe
O4 - HKLM\..\Run: [Energy Management] C:\Program Files\Lenovo\Energy Management\Energy Management.exe
O4 - HKLM\..\Run: [FixCamera] C:\windows\FixCamera.exe
O4 - HKLM\..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t
O4 - HKLM\..\Run: [IgfxTray] C:\windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_A42918919352F7586F1A353E6349BDF8] "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [WLStart] "C:\Program Files\Windows Live\Installer\wlstart.exe" /nosearch /nohomepage (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [WLStart] "C:\Program Files\Windows Live\Installer\wlstart.exe" /nosearch /nohomepage (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: IGRS - Lenovo Group Limited - C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe
O23 - Service: Lenovo ReadyComm AppSvc - Lenovo Group Limited - C:\Program Files\Lenovo\ReadyComm\AppSvc.exe
O23 - Service: Lenovo ReadyComm ConnSvc - Lenovo Group Limited - C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\windows\system32\SAsrv.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 7012 bytes

======Scheduled tasks folder======

C:\windows\tasks\Adobe Flash Player Updater.job - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\windows\tasks\{40ACDD22-3700-447B-8F5B-9C7E2B63EA04}.job - c:\program files\mozilla firefox\firefox.exe http://ui.skype.com/ui/0/6.18.0.106/cs/ ... Error=1601
C:\windows\tasks\Úklid 1 kliknutím.job - D:\Program Files\TuneUp Utilities 2009\OneClickStarter.exe /schedulestart

=========Mozilla firefox=========

ProfilePath - C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\0wdz8gn7.default-1424529599915

prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"

"wrc@avast.com"=C:\Program Files\Alwil Software\Avast5\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
nprjplug.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2014-12-20 586968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-04 186904]
"332BigDog"=C:\Program Files\USB Camera2\VM332_STI.EXE [2010-01-19 536576]
"EnergyUtility"=C:\Program Files\Lenovo\Energy Management\utility.exe [2009-09-29 4114288]
"Energy Management"=C:\Program Files\Lenovo\Energy Management\Energy Management.exe [2009-09-29 5064560]
"FixCamera"=C:\windows\FixCamera.exe [2007-02-12 20480]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SAIICpl.exe [2010-04-28 307768]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2000-01-01 141848]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2000-01-01 174104]
"Persistence"=C:\windows\system32\igfxpers.exe [2000-01-01 151064]
"AvastUI.exe"=C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2015-01-24 5227112]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2014-12-11 30873192]
"GoogleChromeAutoLaunch_A42918919352F7586F1A353E6349BDF8"=C:\Program Files\Google\Chrome\Application\chrome.exe [2015-03-14 809288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19 1022152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2014-12-11 30873192]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Real\RealPlayer\update\realsched.exe [2015-02-01 296520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2010-08-24 247144]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateP2GShortCut]
C:\Program Files\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2008-12-03 218408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VeriFaceManager]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WheelMouse]
C:\Program Files\Trust\GM-4600 Gamer Mouse\Amoumain.exe [2000-01-01 196608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\SYSTEM32\igfxdev.dll [2000-01-01 217088]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\ThinkPad\Bluetooth Software\BtwProximityCP.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"msacm.siren"=sirenacm.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.clmp3enc"=C:\PROGRA~1\Lenovo\Power2Go\CLMP3Enc.ACM
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-03-23 19:33:05 ----D---- C:\rsit
2015-03-22 14:49:42 ----D---- C:\Program Files\Mozilla Firefox
2015-03-05 18:52:56 ----SHD---- C:\Config.Msi

======List of files/folders modified in the last 1 month======

2015-03-23 19:33:11 ----D---- C:\windows\Temp
2015-03-23 19:24:44 ----D---- C:\Program Files
2015-03-23 19:24:43 ----D---- C:\Users\Zdeněk\AppData\Roaming\Skype
2015-03-23 19:24:43 ----D---- C:\Program Files\Mozilla Maintenance Service
2015-03-23 19:20:56 ----D---- C:\windows\system32\config
2015-03-23 19:20:25 ----A---- C:\AtmApInit.txt
2015-03-21 09:00:18 ----D---- C:\windows\Microsoft.NET
2015-03-06 13:58:09 ----D---- C:\windows\system32\catroot2
2015-03-06 13:57:24 ----D---- C:\Windows
2015-03-05 18:53:16 ----SHD---- C:\windows\Installer
2015-03-05 18:53:15 ----HD---- C:\ProgramData
2015-03-05 18:52:57 ----D---- C:\Program Files\Real
2015-03-05 18:52:48 ----D---- C:\Users\Zdeněk\AppData\Roaming\Real
2015-03-05 18:52:17 ----D---- C:\windows\system32\Tasks
2015-03-05 18:52:14 ----D---- C:\ProgramData\Real
2015-03-05 18:48:22 ----D---- C:\windows\debug
2015-02-28 09:38:59 ----A---- C:\windows\system32\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\windows\system32\drivers\aswRvrt.sys [2014-12-20 49944]
R0 aswVmm;avast! VM Monitor; C:\windows\system32\drivers\aswVmm.sys [2014-12-20 206248]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2009-06-04 330264]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 sptd;sptd; C:\windows\System32\Drivers\sptd.sys [2010-10-05 691696]
R1 Amfilter;Trust Mouse Filter Driver; C:\windows\system32\DRIVERS\Amfilter.sys [2000-01-01 8704]
R1 aswKbd;aswKbd; C:\windows\system32\drivers\aswKbd.sys [2013-08-30 21576]
R1 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr2.sys [2014-12-20 81768]
R1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys [2014-12-20 787800]
R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2014-12-20 423784]
R1 funfrm;funfrm; C:\windows\system32\drivers\funfrm.sys [2010-08-08 54800]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aswHwid;avast! HardwareID; C:\windows\system32\drivers\aswHwid.sys [2014-12-20 24184]
R2 aswMonFlt;aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [2014-12-20 70384]
R2 aswStm;aswStm; C:\windows\system32\drivers\aswStm.sys [2014-12-20 91496]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\windows\system32\DRIVERS\AcpiVpc.sys [2010-01-20 23136]
R3 Amps2prt;Trust GM-4600 Gamer Mouse Driver; C:\windows\system32\DRIVERS\Amps2prt.sys [2000-01-01 14336]
R3 Amusbprt;Trust HID-compliant Mouse Driver; C:\windows\system32\DRIVERS\Amusbprt.sys [2000-01-01 13824]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60x.sys [2009-05-31 260648]
R3 BCM43XX;Ovladač síťového adaptéru Broadcom 802.11; C:\windows\system32\DRIVERS\bcmwl6.sys [2009-07-07 2506232]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
R3 btwampfl;btwampfl Bluetooth filter driver; \??\C:\windows\system32\drivers\btwampfl.sys [2000-01-01 508184]
R3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2000-01-01 152400]
R3 btwavdt;Bluetooth AVDT; C:\windows\system32\DRIVERS\btwavdt.sys [2000-01-01 175144]
R3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2000-01-01 33832]
R3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2000-01-01 18728]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\CHDRT32.sys [2010-03-31 517688]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd32.sys [2000-01-01 5946880]
R3 MBAMProtector;MBAMProtector; \??\C:\windows\system32\drivers\mbam.sys [2013-04-04 22856]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 vm332avs;Lenovo Camera2; C:\windows\System32\Drivers\vm332avs.sys [2010-04-20 198000]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
R3 wdmirror;wdmirror; C:\windows\system32\DRIVERS\WDMirror.sys [2009-07-16 11792]
S2 Parvdm;Parvdm; C:\windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\windows\System32\Drivers\ssadadb.sys [2010-05-25 30312]
S3 ApfiltrService;Alps Pointing-device Filter Driver; C:\windows\system32\DRIVERS\Apfiltr.sys [2010-04-22 218744]
S3 Bridge0;Bridge0; C:\windows\system32\drivers\WDBridge.sys [2009-07-28 63240]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 FTDIBUS;USB Serial Converter Driver; C:\windows\system32\drivers\ftdibus.sys [2010-07-12 60104]
S3 FTSER2K;USB Serial Port Driver; C:\windows\system32\drivers\ftser2k.sys [2008-03-13 72000]
S3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\k57nd60x.sys [2009-07-13 229888]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUStor.sys []
S3 RtsUIR;Realtek IR Driver; C:\windows\system32\DRIVERS\Rts516xIR.sys []
S3 sisagp;Filtr SIS sběrnice AGP; C:\windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 SNP325;USB PC Camera (SNPSTD325); C:\windows\system32\DRIVERS\snp325.sys []
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\windows\system32\DRIVERS\ssadbus.sys [2010-05-25 96488]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\windows\system32\DRIVERS\ssadmdfl.sys [2010-05-25 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\windows\system32\DRIVERS\ssadmdm.sys [2010-05-25 121576]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\windows\system32\DRIVERS\ssadserd.sys [2010-05-25 98152]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\windows\System32\drivers\tsusbflt.sys [2013-10-02 49152]
S3 USBCCID;Realtek Smartcard Reader Driver; C:\windows\system32\DRIVERS\RtsUCcid.sys []
S3 viaagp;Filtr VIA sběrnice AGP; C:\windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;Ovladač procesoru VIA C7; C:\windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WimFltr;WimFltr; C:\windows\system32\DRIVERS\wimfltr.sys [2008-08-06 128104]
S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
S3 wsvd;wsvd; C:\windows\system32\DRIVERS\wsvd.sys [2009-07-21 81704]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2014-12-20 50344]
R2 btwdins;Bluetooth Service; C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe [2013-05-14 829656]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-04 354840]
R2 IGRS;IGRS; C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe [2009-07-14 38152]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
R2 ReadyComm.DirectRouter;ReadyComm.DirectRouter; C:\windows\System32\IgrsSvcs.exe [2009-07-14 20992]
R2 SAService;Conexant SmartAudio service; C:\windows\system32\SAsrv.exe [2010-03-25 445496]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-12-20 107912]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2014-12-11 315496]
S2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-11-24 87904]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-12-20 107912]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2014-07-25 108032]
S3 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc; C:\Program Files\Lenovo\ReadyComm\AppSvc.exe [2009-08-14 509192]
S3 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc; C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe [2009-09-22 579400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2015-03-22 148080]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PS_MDP;ReadyComm Presentation Space Helper Service; C:\windows\System32\IgrsSvcs.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2010-10-05 1343400]
S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-28 267440]
S4 aspnet_state;Stavová služba ASP.NET; C:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2010-08-24 92008]

-----------------EOF-----------------

Re: kontrola logu

Napsal: 24 bře 2015 00:38
od altrok
Zdravim :bye:



:arrow: V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).

:arrow: Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )
  • ukoncete vsechny programy
  • kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
  • kliknete na Scan, pote na Cleaning
  • po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner [Sx].txt), jehoz obsah mi zkopirujte do pristi odpovedi

Re: kontrola logu

Napsal: 24 bře 2015 16:23
od zdenek6041
Tu posílám log z AdwClaeneru

# AdwCleaner v4.113 - Logfile created 24/03/2015 at 16:17:02
# Updated 22/03/2015 by Xplode
# Database : 2015-03-23.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x86)
# Username : Zdeněk - ZDENĚK-PC
# Running from : C:\Users\Zdeněk\Desktop\adwcleaner_4.113.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****

File Deleted : C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bgjpfhpjcgdppjbgnpnjllokbmcdllig_0.localstorage
File Deleted : C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bgjpfhpjcgdppjbgnpnjllokbmcdllig_0.localstorage-journal
File Deleted : C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_blmojkbhnkkphngknkmgccmlenfaelkd_0.localstorage
File Deleted : C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_blmojkbhnkkphngknkmgccmlenfaelkd_0.localstorage-journal

***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17689


-\\ Mozilla Firefox v36.0.4 (x86 cs)


-\\ Google Chrome v41.0.2272.101

[C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.softonic.com/s/{searchTerms}
[C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
[C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.conduit.com/Results.aspx?gd=&ctid=CT3310393&octid=EB_ORIGINAL_CTID&ISID=MF98CB421-8610-473B-9FEE-5ABDC2FA1DB2&SearchSource=58&CUI=&UM=5&UP=SP890FCBDA-9944-453D-8E84-1930B7370E10&q={searchTerms}&SSPV=

*************************

AdwCleaner[R0].txt - [3656 bytes] - [13/01/2014 16:09:07]
AdwCleaner[R1].txt - [1778 bytes] - [20/08/2014 22:00:19]
AdwCleaner[R2].txt - [2268 bytes] - [24/03/2015 16:10:37]
AdwCleaner[S0].txt - [3742 bytes] - [13/01/2014 16:11:20]
AdwCleaner[S1].txt - [1855 bytes] - [20/08/2014 22:04:28]
AdwCleaner[S2].txt - [2209 bytes] - [24/03/2015 16:17:02]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [2268 bytes] ##########

Re: kontrola logu

Napsal: 24 bře 2015 16:36
od altrok
:arrow: Nainstalujte MBAM a udelejte vlastni sken vsech disku - http://forum.viry.cz/viewtopic.php?f=29&t=137928
  • Upozorneni: tento sken zabere od 30 minut po nekolik hodin

Re: kontrola logu

Napsal: 24 bře 2015 19:51
od zdenek6041
MBAM log

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 24.3.2015
Čas skenování: 17:28:46
Protokol: mbam log.txt
Správce: Ano

Verze: 2.01.4.1018
Databáze malwaru: v2015.03.24.06
Databáze rootkitů: v2015.02.25.01
Licence: Premium
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x86
Souborový systém: NTFS
Uživatel: ZdenÄ?k

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 458347
Uplynulý čas: 2 hod, 19 min, 5 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 2
PUP.Optional.PCSpeedUp.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\PC Speed Up Extension, , [e27419304248023429896b8254ada35d],
PUP.Optional.PCSpeedUp.A, HKU\S-1-5-21-3394328646-3757079861-1465878226-1003\SOFTWARE\APPDATALOW\SOFTWARE\PC Speed Up Extension, , [e86e1930e2a8979f5219309c3ac99f61],

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 1
PUP.Optional.PCSpeedUp.A, C:\Program Files\PC Speed Up Extension, , [6aec00495931181e0fcb2b74fa0937c9],

Soubory: 8
PUP.Optional.PCSpeedUp.A, C:\Program Files\PC Speed Up Extension\PC Speed Up Extension-bg.exe, , [12445eeb157514223e74fcf112efc040],
PUP.Optional.PCSpeedUp.A, C:\Program Files\PC Speed Up Extension\PC Speed Up Extension.exe, , [2a2cf554a2e88caabef43db0be4303fd],
PUP.Optional.PCSpeedUp.A, C:\Program Files\PC Speed Up Extension\PC Speed Up ExtensionGui.exe, , [bf9783c6e9a17abc842e27c68c75e11f],
PUP.Optional.PCSpeedUp.A, C:\Program Files\PC Speed Up Extension\Uninstall.exe, , [e27419304248023429896b8254ada35d],
PUP.Optional.PCSpeedUp.A, C:\Program Files\PC Speed Up Extension\ButtonUtil.dll, , [6aec00495931181e0fcb2b74fa0937c9],
PUP.Optional.PCSpeedUp.A, C:\Program Files\PC Speed Up Extension\PC Speed Up Extension.ico, , [6aec00495931181e0fcb2b74fa0937c9],
PUP.Optional.PCSpeedUp.A, C:\Program Files\PC Speed Up Extension\PC Speed Up Extension.ini, , [6aec00495931181e0fcb2b74fa0937c9],
PUP.Optional.PCSpeedUp.A, C:\Program Files\PC Speed Up Extension\PC Speed Up ExtensionInstaller.log, , [6aec00495931181e0fcb2b74fa0937c9],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

Re: kontrola logu

Napsal: 25 bře 2015 00:10
od altrok
:arrow: Dejte log FRST.txt, prilozte i Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101

Re: kontrola logu

Napsal: 25 bře 2015 16:20
od zdenek6041
FRST log

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015
Ran by Zdeněk (administrator) on ZDENĚK-PC on 25-03-2015 16:16:21
Running from C:\Users\Zdeněk\Desktop
Loaded Profiles: Zdeněk (Available profiles: Zdeněk)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Microsoft Corporation) C:\Windows\System32\IgrsSvcs.exe
(Conexant Systems, Inc.) C:\Windows\System32\SASrv.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Lenovo(beijing) Limited) C:\Program Files\Lenovo\Energy Management\utility.exe
(Lenovo (Beijing) Limited) C:\Program Files\Lenovo\Energy Management\Energy Management.exe
() C:\Windows\FixCamera.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Conexant Systems, Inc) C:\Program Files\CONEXANT\SAII\SmartAudio.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\avastui.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Ghisler Software GmbH) C:\Program Files\totalcmd\TOTALCMD.EXE
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(forum.viry.cz) C:\Users\Zdeněk\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\System32\CompatTel\QueryAppBlock.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [332BigDog] => C:\Program Files\USB Camera2\VM332_STI.EXE [536576 2010-01-19] (Vimicro)
HKLM\...\Run: [EnergyUtility] => C:\Program Files\Lenovo\Energy Management\utility.exe [4114288 2009-09-29] (Lenovo(beijing) Limited)
HKLM\...\Run: [Energy Management] => C:\Program Files\Lenovo\Energy Management\Energy Management.exe [5064560 2009-09-29] (Lenovo (Beijing) Limited)
HKLM\...\Run: [FixCamera] => C:\windows\FixCamera.exe [20480 2007-02-12] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2010-04-28] ()
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvastUI.exe [5227648 2015-03-23] (AVAST Software)
HKU\S-1-5-21-3394328646-3757079861-1465878226-1003\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [30873192 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-3394328646-3757079861-1465878226-1003\...\Run: [GoogleChromeAutoLaunch_A42918919352F7586F1A353E6349BDF8] => C:\Program Files\Google\Chrome\Application\chrome.exe [809288 2015-03-14] (Google Inc.)
HKU\S-1-5-18\...\RunOnce: [WLStart] => C:\Program Files\Windows Live\Installer\wlstart.exe [779600 2009-07-26] (Microsoft Corporation)
Lsa: [Notification Packages] scecli C:\Program Files\ThinkPad\Bluetooth Software\BtwProximityCP.dll
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Zdeněk\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Zdeněk\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Zdeněk\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Zdeněk\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-3394328646-3757079861-1465878226-1003\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2014-12-20] (AVAST Software)
BHO: Pomocník pro přihlášení ke službě Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-3394328646-3757079861-1465878226-1003 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\0wdz8gn7.default-1424529599915
FF Homepage: https://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-28] ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-09-12] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprjplug.dll [2012-07-17] (RealNetworks, Inc.)
FF Extension: Adblock Plus - C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\0wdz8gn7.default-1424529599915\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-02-22]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2015-03-22]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011-09-10]

Chrome:
=======
CHR HomePage: Profile 2 -> hxxp://www.seznam.cz/
CHR StartupUrls: Profile 2 -> "hxxp://www.seznam.cz/"
CHR Profile: C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Weather (extension)) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\beapnbfmjmjhhfpaoajfhjbbfnnlfpnc [2014-12-14]
CHR Extension: (Seznam Lištička - Email) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2014-08-20]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2014-08-20]
CHR Extension: (Avast Online Security) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-08-20]
CHR Extension: (Adblock Super) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\knebimhcckndhiglamoabbnifdkijidd [2014-08-20]
CHR Extension: (Google Wallet) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-13]
CHR Profile: C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Google Slides) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-15]
CHR Extension: (Google Docs) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-15]
CHR Extension: (Google Drive) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-15]
CHR Extension: (Weather (extension)) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beapnbfmjmjhhfpaoajfhjbbfnnlfpnc [2015-02-15]
CHR Extension: (Seznam Lištička - Email) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2015-02-15]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2015-02-15]
CHR Extension: (YouTube) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-15]
CHR Extension: (Google Search) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-15]
CHR Extension: (Google Sheets) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-15]
CHR Extension: (Avast Online Security) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-02-15]
CHR Extension: (Adblock Super) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\knebimhcckndhiglamoabbnifdkijidd [2015-02-15]
CHR Extension: (PC Speed Up Extension) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\mpfkfpmlciebaiepdediekoemmjaoong [2015-03-25]
CHR Extension: (Google Wallet) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-15]
CHR Extension: (Gmail) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-15]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx [2014-12-20]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - No Path Or update_url value
CHR HKLM\...\Chrome\Extension: [mpfkfpmlciebaiepdediekoemmjaoong] - C:\Users\Zdeněk\AppData\Local\PC Speed Up Extension\Chrome\PC Speed Up Extension.crx [2012-11-04]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [50344 2014-12-20] (AVAST Software)
S4 IGRS; C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe [38152 2009-07-14] (Lenovo Group Limited)
S4 Lenovo ReadyComm AppSvc; C:\Program Files\Lenovo\ReadyComm\AppSvc.exe [509192 2009-08-14] (Lenovo Group Limited)
S4 Lenovo ReadyComm ConnSvc; C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe [579400 2009-09-22] (Lenovo Group Limited)
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-03-17] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
S3 PS_MDP; C:\Program Files\Lenovo\ReadyComm\PS_MDP.dll [276296 2009-07-16] (Lenovo Group Limited)
R2 ReadyComm.DirectRouter; C:\Program Files\Lenovo\ReadyComm\common\router.dll [103688 2009-07-14] (Lenovo Group Limited)
R2 SAService; C:\windows\system32\SAsrv.exe [445496 2010-03-25] (Conexant Systems, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 ACPIVPC; C:\windows\System32\DRIVERS\AcpiVpc.sys [23136 2010-01-20] (Lenovo Corporation)
R1 Amfilter; C:\windows\System32\DRIVERS\Amfilter.sys [8704 2000-01-01] ((Standard mouse types)) [File not signed]
R3 Amps2prt; C:\windows\System32\DRIVERS\Amps2prt.sys [14336 2000-01-01] ((Standard mouse types)) [File not signed]
R3 Amusbprt; C:\windows\System32\DRIVERS\Amusbprt.sys [13824 2000-01-01] ((Standard mouse types)) [File not signed]
R2 aswHwid; C:\windows\system32\drivers\aswHwid.sys [24184 2014-12-20] ()
R1 aswKbd; C:\windows\system32\Drivers\aswKbd.sys [21576 2013-08-30] (AVAST Software)
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [70384 2014-12-20] (AVAST Software)
R1 aswRdr; C:\windows\system32\drivers\aswRdr2.sys [81768 2014-12-20] (AVAST Software)
R0 aswRvrt; C:\windows\system32\Drivers\aswRvrt.sys [49944 2014-12-20] ()
R1 aswSnx; C:\windows\system32\drivers\aswSnx.sys [787800 2014-12-20] (AVAST Software)
R1 aswSP; C:\windows\system32\drivers\aswSP.sys [423784 2014-12-20] (AVAST Software)
S2 aswStm; C:\windows\system32\drivers\aswStm.sys [91496 2014-12-20] (AVAST Software)
R0 aswVmm; C:\windows\system32\Drivers\aswVmm.sys [206248 2014-12-20] ()
S3 Bridge0; C:\windows\System32\drivers\WDBridge.sys [63240 2009-07-28] (Lenovo)
R3 btwampfl; C:\windows\system32\drivers\btwampfl.sys [508184 2000-01-01] (Broadcom Corporation.)
S3 FTDIBUS; C:\windows\System32\drivers\ftdibus.sys [60104 2010-07-12] (FTDI Ltd.)
R1 funfrm; C:\windows\system32\Drivers\funfrm.sys [54800 2010-08-08] ()
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [23256 2015-03-17] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [119512 2015-03-25] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [51928 2015-03-17] (Malwarebytes Corporation)
R0 sptd; C:\windows\System32\Drivers\sptd.sys [691696 2010-10-05] () [File not signed]
S3 SWDUMon; C:\windows\System32\DRIVERS\SWDUMon.sys [13464 2015-03-23] ()
R3 vm332avs; C:\windows\System32\Drivers\vm332avs.sys [198000 2010-04-20] (Vimicro Corporation)
R3 wdmirror; C:\windows\System32\DRIVERS\WDMirror.sys [11792 2009-07-16] (Windows (R) Codename Longhorn DDK provider)
S3 wsvd; C:\windows\System32\DRIVERS\wsvd.sys [81704 2009-07-21] (CyberLink)
U3 a8px080w; C:\windows\system32\Drivers\a8px080w.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero size file/folder)
S3 RSUSBSTOR; System32\Drivers\RtsUStor.sys [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 SNP325; system32\DRIVERS\snp325.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-25 16:16 - 2015-03-25 16:17 - 00017064 _____ () C:\Users\Zdeněk\Desktop\FRST.txt
2015-03-25 16:14 - 2015-03-25 16:14 - 00112640 _____ (forum.viry.cz) C:\Users\Zdeněk\Desktop\FRSTLauncher.exe
2015-03-25 16:13 - 2015-03-25 16:13 - 00000000 __SHD () C:\Users\Zdeněk\AppData\Local\EmieBrowserModeList
2015-03-25 15:58 - 2015-03-25 15:59 - 01135104 _____ (Farbar) C:\Users\Zdeněk\Desktop\FRST.exe
2015-03-24 21:58 - 2015-03-24 21:58 - 00000364 _____ () C:\windows\PFRO.log
2015-03-24 17:27 - 2015-03-25 16:07 - 00119512 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-24 17:26 - 2015-03-24 17:26 - 00001024 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-03-24 17:26 - 2015-03-24 17:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-03-24 17:26 - 2015-03-24 17:26 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-03-24 17:26 - 2015-03-17 06:15 - 00092888 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2015-03-24 17:26 - 2015-03-17 06:15 - 00051928 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2015-03-24 17:24 - 2015-03-24 17:25 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Zdeněk\Downloads\mbam-setup-2.1.4.1018.exe
2015-03-24 16:38 - 2014-07-09 02:29 - 00006144 _____ (Microsoft Corporation) C:\windows\system32\KBDYAK.DLL
2015-03-24 16:38 - 2014-07-09 02:29 - 00006144 _____ (Microsoft Corporation) C:\windows\system32\KBDTAT.DLL
2015-03-24 16:38 - 2014-07-09 02:29 - 00006144 _____ (Microsoft Corporation) C:\windows\system32\KBDRU1.DLL
2015-03-24 16:38 - 2014-07-09 02:29 - 00006144 _____ (Microsoft Corporation) C:\windows\system32\KBDBASH.DLL
2015-03-24 16:38 - 2014-07-09 02:29 - 00005632 _____ (Microsoft Corporation) C:\windows\system32\KBDRU.DLL
2015-03-24 16:08 - 2015-03-24 16:08 - 02168320 _____ () C:\Users\Zdeněk\Desktop\adwcleaner_4.113.exe
2015-03-23 21:40 - 2015-03-23 21:40 - 00000000 ____D () C:\Users\Zdeněk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zařízení Bluetooth
2015-03-23 21:08 - 2015-01-09 03:48 - 00635904 _____ (Microsoft Corporation) C:\windows\system32\perftrack.dll
2015-03-23 21:08 - 2015-01-09 03:48 - 00076800 _____ (Microsoft Corporation) C:\windows\system32\wdi.dll
2015-03-23 21:08 - 2015-01-09 03:48 - 00027136 _____ (Microsoft Corporation) C:\windows\system32\powertracker.dll
2015-03-23 20:46 - 2015-03-25 15:49 - 00000560 _____ () C:\windows\setupact.log
2015-03-23 20:46 - 2015-03-23 20:46 - 00000000 _____ () C:\windows\setuperr.log
2015-03-23 20:42 - 2015-03-23 20:42 - 00000000 ____D () C:\windows\system32\appraiser
2015-03-23 20:17 - 2015-01-09 00:44 - 00419936 _____ () C:\windows\system32\locale.nls
2015-03-23 20:01 - 2015-02-24 03:32 - 00342696 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-03-23 20:01 - 2015-02-21 01:27 - 00418304 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-03-23 20:01 - 2015-02-20 03:22 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-03-23 20:01 - 2015-02-20 03:22 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-03-23 20:01 - 2015-02-20 03:08 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-03-23 20:01 - 2015-02-20 03:08 - 00047616 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-03-23 20:01 - 2015-02-20 03:01 - 00047104 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-03-23 20:01 - 2015-02-20 03:00 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-03-23 20:01 - 2015-02-20 02:56 - 00620032 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-03-23 20:01 - 2015-02-20 02:56 - 00115712 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-03-23 20:01 - 2015-02-20 02:56 - 00102912 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-03-23 20:01 - 2015-02-20 02:50 - 00667648 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-03-23 20:01 - 2015-02-20 02:41 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-03-23 20:01 - 2015-02-20 02:37 - 00168960 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-03-23 20:01 - 2015-02-20 02:24 - 02052608 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-03-23 20:01 - 2015-02-20 02:24 - 00689152 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-03-23 20:01 - 2015-02-20 02:24 - 00684544 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-03-23 20:01 - 2015-02-20 02:01 - 01888256 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-03-23 20:01 - 2015-02-20 01:57 - 01311232 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-03-23 20:01 - 2015-02-20 01:55 - 00710144 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-03-23 20:01 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2015-03-23 20:00 - 2015-02-21 01:41 - 12827648 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-03-23 20:00 - 2015-02-21 01:27 - 00285696 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-03-23 20:00 - 2015-02-21 01:25 - 19720192 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-03-23 20:00 - 2015-02-21 00:32 - 00076288 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-03-23 20:00 - 2015-02-20 03:09 - 00503296 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-03-23 20:00 - 2015-02-20 03:06 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-03-23 20:00 - 2015-02-20 03:03 - 02278400 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-03-23 20:00 - 2015-02-20 02:58 - 00478208 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-03-23 20:00 - 2015-02-20 02:30 - 04300288 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-03-23 20:00 - 2015-02-20 02:23 - 01155072 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-03-23 20:00 - 2015-02-13 06:26 - 12875264 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2015-03-23 20:00 - 2015-02-04 03:54 - 00482304 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-03-23 20:00 - 2015-02-04 03:53 - 00767488 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-03-23 20:00 - 2015-02-04 03:53 - 00621056 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-03-23 20:00 - 2015-02-04 03:53 - 00325632 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-03-23 20:00 - 2015-02-04 03:53 - 00202752 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2015-03-23 20:00 - 2015-02-04 03:53 - 00159744 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2015-03-23 20:00 - 2015-02-04 03:49 - 00886784 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-03-23 20:00 - 2015-02-03 04:12 - 00171520 _____ (Microsoft Corporation) C:\windows\system32\ubpm.dll
2015-03-23 20:00 - 2015-01-28 00:36 - 01167520 _____ (Microsoft Corporation) C:\windows\system32\aitstatic.exe
2015-03-23 20:00 - 2015-01-17 03:30 - 00828928 _____ (Microsoft Corporation) C:\windows\system32\msctf.dll
2015-03-23 19:58 - 2015-02-03 04:16 - 03973048 _____ (Microsoft Corporation) C:\windows\system32\ntkrnlpa.exe
2015-03-23 19:58 - 2015-02-03 04:16 - 03917760 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-03-23 19:58 - 2015-02-03 04:16 - 00078784 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mountmgr.sys
2015-03-23 19:58 - 2015-02-03 04:12 - 11411968 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2015-03-23 19:58 - 2015-02-03 04:12 - 03209728 _____ (Microsoft Corporation) C:\windows\system32\mf.dll
2015-03-23 19:58 - 2015-02-03 04:12 - 01329664 _____ (Microsoft Corporation) C:\windows\system32\quartz.dll
2015-03-23 19:58 - 2015-02-03 04:12 - 01230848 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2015-03-23 19:58 - 2015-02-03 04:12 - 01174528 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2015-03-23 19:58 - 2015-02-03 04:12 - 01005056 _____ (Microsoft Corporation) C:\windows\system32\cryptui.dll
2015-03-23 19:58 - 2015-02-03 04:12 - 00988160 _____ (Microsoft Corporation) C:\windows\system32\drmv2clt.dll
2015-03-23 19:58 - 2015-02-03 04:12 - 00744960 _____ (Microsoft Corporation) C:\windows\system32\blackbox.dll
2015-03-23 19:58 - 2015-02-03 04:12 - 00617984 _____ (Microsoft Corporation) C:\windows\system32\wmdrmsdk.dll
2015-03-23 19:58 - 2015-02-03 04:12 - 00519680 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll
2015-03-23 19:58 - 2015-02-03 04:12 - 00504320 _____ (Microsoft Corporation) C:\windows\system32\msscp.dll
2015-03-23 19:58 - 2015-02-03 04:12 - 00489984 _____ (Microsoft Corporation) C:\windows\system32\evr.dll
2015-03-23 19:58 - 2015-02-03 04:12 - 00475136 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2015-03-23 19:58 - 2015-02-03 04:12 - 00442880 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll
2015-03-23 19:58 - 2015-02-03 04:12 - 00406016 _____ (Microsoft Corporation) C:\windows\system32\drmmgrtn.dll
2015-03-23 19:58 - 2015-02-03 04:12 - 00400896 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-03-23 19:58 - 2015-02-03 04:12 - 00374784 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
2015-03-23 19:58 - 2015-02-03 04:12 - 00354816 _____ (Microsoft Corporation) C:\windows\system32\mfplat.dll
2015-03-23 19:58 - 2015-02-03 04:12 - 00275968 _____ (Microsoft Corporation) C:\windows\system32\EncDump.dll
2015-03-23 19:58 - 2015-02-03 04:12 - 00265216 _____ (Microsoft Corporation) C:\windows\system32\msnetobj.dll
2015-03-23 19:58 - 2015-02-03 04:12 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
2015-03-23 19:58 - 2015-02-03 04:12 - 00179200 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2015-03-23 19:58 - 2015-02-03 04:12 - 00157184 _____ (Microsoft Corporation) C:\windows\system32\pcasvc.dll
2015-03-23 19:58 - 2015-02-03 04:12 - 00143872 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
2015-03-23 19:58 - 2015-02-03 04:12 - 00103936 _____ (Microsoft Corporation) C:\windows\system32\cryptnet.dll
2015-03-23 19:58 - 2015-02-03 04:12 - 00103424 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll
2015-03-23 19:58 - 2015-02-03 04:12 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\cryptsp.dll
2015-03-23 19:58 - 2015-02-03 04:12 - 00069632 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2015-03-23 19:58 - 2015-02-03 04:12 - 00050688 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2015-03-23 19:58 - 2015-02-03 04:12 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2015-03-23 19:58 - 2015-02-03 04:12 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-03-23 19:58 - 2015-02-03 04:12 - 00038912 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2015-03-23 19:58 - 2015-02-03 04:12 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\pcadm.dll
2015-03-23 19:58 - 2015-02-03 04:12 - 00027648 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2015-03-23 19:58 - 2015-02-03 04:12 - 00010752 _____ (Microsoft Corporation) C:\windows\system32\msmmsp.dll
2015-03-23 19:58 - 2015-02-03 04:12 - 00008192 _____ (Microsoft Corporation) C:\windows\system32\spwmp.dll
2015-03-23 19:58 - 2015-02-03 04:12 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\msdxm.ocx
2015-03-23 19:58 - 2015-02-03 04:12 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\dxmasf.dll
2015-03-23 19:58 - 2015-02-03 04:11 - 12625408 _____ (Microsoft Corporation) C:\windows\system32\wmploc.DLL
2015-03-23 19:58 - 2015-02-03 04:11 - 00262656 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-03-23 19:58 - 2015-02-03 04:11 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\audiodg.exe
2015-03-23 19:58 - 2015-02-03 04:11 - 00096768 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2015-03-23 19:58 - 2015-02-03 04:11 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\rrinstaller.exe
2015-03-23 19:58 - 2015-02-03 04:11 - 00023040 _____ (Microsoft Corporation) C:\windows\system32\mfpmp.exe
2015-03-23 19:58 - 2015-02-03 04:11 - 00016896 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2015-03-23 19:58 - 2015-02-03 04:11 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\pcawrk.exe
2015-03-23 19:58 - 2015-02-03 04:11 - 00008192 _____ (Microsoft Corporation) C:\windows\system32\pcalua.exe
2015-03-23 19:58 - 2015-02-03 04:10 - 00008704 _____ (Microsoft Corporation) C:\windows\system32\pcaevts.dll
2015-03-23 19:58 - 2015-02-03 04:09 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\mferror.dll
2015-03-23 19:58 - 2015-02-03 04:08 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2015-03-23 19:58 - 2015-02-03 04:00 - 00593920 _____ (Microsoft Corporation) C:\windows\system32\Drivers\PEAuth.sys
2015-03-23 19:58 - 2015-02-03 03:26 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2015-03-23 19:58 - 2015-01-31 00:56 - 00370488 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2015-03-23 19:58 - 2014-10-31 23:22 - 00521384 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2015-03-23 19:58 - 2014-06-28 01:21 - 00455752 _____ (Microsoft Corporation) C:\windows\system32\winresume.exe
2015-03-23 19:58 - 2014-06-28 01:21 - 00409272 _____ (Microsoft Corporation) C:\windows\system32\ci.dll
2015-03-23 19:57 - 2015-02-26 04:11 - 02381312 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-03-23 19:57 - 2015-01-31 04:33 - 02744320 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2015-03-23 19:56 - 2015-03-06 06:15 - 00137656 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-03-23 19:56 - 2015-03-06 06:15 - 00067512 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-03-23 19:56 - 2015-03-06 06:10 - 01061376 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-03-23 19:56 - 2015-03-06 06:10 - 00550912 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-03-23 19:56 - 2015-03-06 06:10 - 00259584 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-03-23 19:56 - 2015-03-06 06:10 - 00248832 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-03-23 19:56 - 2015-03-06 06:10 - 00221184 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-03-23 19:56 - 2015-03-06 06:10 - 00172032 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-03-23 19:56 - 2015-03-06 06:10 - 00100352 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-03-23 19:56 - 2015-03-06 06:10 - 00065536 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-03-23 19:56 - 2015-03-06 06:10 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-03-23 19:56 - 2015-03-06 06:10 - 00017408 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-03-23 19:56 - 2015-03-06 06:10 - 00015872 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-03-23 19:56 - 2015-03-06 06:09 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-03-23 19:56 - 2015-03-06 06:09 - 00022528 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-03-23 19:56 - 2015-03-06 06:07 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-03-23 19:56 - 2015-03-06 06:07 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-03-23 19:56 - 2015-03-06 06:06 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-03-23 19:56 - 2015-02-20 05:13 - 00070656 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2015-03-23 19:56 - 2015-02-20 05:13 - 00034304 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2015-03-23 19:56 - 2015-02-20 05:13 - 00026624 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2015-03-23 19:56 - 2015-02-20 05:13 - 00010240 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2015-03-23 19:56 - 2015-02-20 04:09 - 00299008 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2015-03-23 19:56 - 2015-01-31 04:33 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\RdpGroupPolicyExtension.dll
2015-03-23 19:56 - 2015-01-31 01:48 - 00221184 _____ (Microsoft Corporation) C:\windows\system32\rdpudd.dll
2015-03-23 19:51 - 2015-02-04 03:54 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\WMPhoto.dll
2015-03-23 19:37 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\windows\system32\scesrv.dll
2015-03-23 19:33 - 2015-03-23 19:35 - 00000000 ____D () C:\rsit
2015-03-23 19:32 - 2015-03-23 19:32 - 01107968 _____ () C:\Users\Zdeněk\Downloads\RSIT.exe
2015-03-22 14:49 - 2015-03-22 14:50 - 00000000 ____D () C:\Program Files\Mozilla Firefox

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-25 16:16 - 2014-01-13 19:06 - 00000000 ____D () C:\FRST
2015-03-25 16:14 - 2012-11-04 17:07 - 00000000 ____D () C:\Program Files\PC Speed Up Extension
2015-03-25 16:03 - 2010-08-08 17:32 - 01314785 _____ () C:\windows\WindowsUpdate.log
2015-03-25 16:00 - 2010-10-05 11:36 - 00000480 _____ () C:\windows\Tasks\Úklid 1 kliknutím.job
2015-03-25 15:58 - 2009-07-14 05:34 - 00018736 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-25 15:58 - 2009-07-14 05:34 - 00018736 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-25 15:56 - 2014-12-20 10:43 - 00000940 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-25 15:54 - 2010-10-09 08:06 - 00000000 ____D () C:\Users\Zdeněk\AppData\Roaming\Skype
2015-03-25 15:50 - 2014-12-20 10:43 - 00000936 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-25 15:50 - 2010-10-05 21:49 - 00000089 _____ () C:\AtmApInit.txt
2015-03-25 15:49 - 2009-07-14 05:53 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-03-24 21:58 - 2009-07-14 05:33 - 00409752 _____ () C:\windows\system32\FNTCACHE.DAT
2015-03-24 21:39 - 2012-06-08 14:19 - 00000914 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-03-24 17:26 - 2014-01-11 15:07 - 00000000 ____D () C:\Users\Zdeněk\AppData\Roaming\Malwarebytes
2015-03-24 17:26 - 2014-01-11 15:07 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-24 17:26 - 2014-01-11 15:06 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2015-03-24 17:09 - 2009-07-14 03:37 - 00000000 ____D () C:\windows\Microsoft.NET
2015-03-24 16:17 - 2014-01-13 16:09 - 00000000 ____D () C:\AdwCleaner
2015-03-23 21:31 - 2013-02-28 15:20 - 00013464 _____ () C:\windows\system32\Drivers\SWDUMon.sys
2015-03-23 21:28 - 2009-07-14 05:46 - 00001515 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-03-23 21:26 - 2009-07-14 03:37 - 00000000 ____D () C:\windows\tracing
2015-03-23 21:16 - 2010-06-07 03:00 - 01567816 _____ () C:\windows\system32\PerfStringBackup.INI
2015-03-23 20:45 - 2014-12-20 10:43 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-03-23 20:42 - 2014-08-11 15:12 - 00000000 ___SD () C:\windows\system32\CompatTel
2015-03-23 20:42 - 2009-07-14 03:37 - 00000000 ____D () C:\windows\AppCompat
2015-03-23 20:34 - 2013-12-02 15:57 - 00000000 ____D () C:\windows\system32\MRT
2015-03-23 19:35 - 2014-01-13 15:39 - 00007013 _____ () C:\Users\Zdeněk\Downloads\hijackthis.log
2015-03-17 06:15 - 2014-03-17 15:32 - 00023256 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2015-03-05 18:52 - 2010-11-14 11:05 - 00000000 ____D () C:\Program Files\Real
2015-03-05 18:52 - 2010-11-14 11:04 - 00000000 ____D () C:\Users\Zdeněk\AppData\Roaming\Real
2015-03-05 18:52 - 2010-11-14 11:04 - 00000000 ____D () C:\ProgramData\Real
2015-02-28 09:39 - 2010-10-05 10:27 - 00000000 ____D () C:\Users\Zdeněk\AppData\Local\Adobe
2015-02-28 09:38 - 2012-06-08 14:19 - 00701616 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe
2015-02-28 09:38 - 2011-10-26 15:34 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl
2015-02-28 09:36 - 2014-12-20 10:43 - 00001081 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-02-26 21:20 - 2010-10-09 08:17 - 119837696 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-02-24 04:23 - 2010-10-05 22:14 - 00246920 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe

==================== Files in the root of some directories =======

2013-10-18 16:28 - 2013-10-18 16:28 - 50053120 _____ () C:\Program Files\GUTC755.tmp
2010-12-31 11:03 - 2010-12-31 11:03 - 0000316 _____ () C:\Users\Zdeněk\AppData\Roaming\lenovo_config.dat
2014-01-14 15:05 - 2014-01-14 15:05 - 0003584 _____ () C:\Users\Zdeněk\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-02-28 16:56 - 2013-02-28 16:56 - 0007607 _____ () C:\Users\Zdeněk\AppData\Local\Resmon.ResmonCfg
2013-12-22 12:37 - 2013-12-22 17:31 - 0001112 _____ () C:\Users\Zdeněk\AppData\Local\SRDownloader.nast
2010-10-09 08:15 - 2010-10-09 08:15 - 0000032 _____ () C:\ProgramData\ezsid.dat
2014-08-20 22:10 - 2014-08-20 22:10 - 0000088 _____ () C:\ProgramData\profile.xml

Files to move or delete:
====================
C:\ProgramData\ezsid.dat
C:\Windows\Tasks\{40ACDD22-3700-447B-8F5B-9C7E2B63EA04}.job


Some content of TEMP:
====================
C:\Users\Zdeněk\AppData\Local\Temp\Quarantine.exe
C:\Users\Zdeněk\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\{40ACDD22-3700-447B-8F5B-9C7E2B63EA04}.job => c:\program files\mozilla firefox\firefox.exebhttp:/ui.skype.com/ui/0/6.18.0.106/cs/go/
Task: C:\windows\Tasks\Úklid 1 kliknutím.job => D:\Program Files\TuneUp Utilities 2009\OneClickStarter.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Zden�k\Desktop" je 40 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher
"C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleChromeAutoLaunch_A42918919352F7586F1A353E6349BDF8
"C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype
"C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe
"C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe
"C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateP2GShortCut
"C:\Program Files\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VeriFaceManager
C:\Program Files\Trust\GM-4600 Gamer Mouse\Amoumain.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WheelMouse
Re�im ECHO je vypnut.


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================


Addition log

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015
Ran by Zdeněk (administrator) on ZDENĚK-PC on 25-03-2015 16:16:21
Running from C:\Users\Zdeněk\Desktop
Loaded Profiles: Zdeněk (Available profiles: Zdeněk)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Microsoft Corporation) C:\Windows\System32\IgrsSvcs.exe
(Conexant Systems, Inc.) C:\Windows\System32\SASrv.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Lenovo(beijing) Limited) C:\Program Files\Lenovo\Energy Management\utility.exe
(Lenovo (Beijing) Limited) C:\Program Files\Lenovo\Energy Management\Energy Management.exe
() C:\Windows\FixCamera.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Conexant Systems, Inc) C:\Program Files\CONEXANT\SAII\SmartAudio.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\avastui.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Ghisler Software GmbH) C:\Program Files\totalcmd\TOTALCMD.EXE
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(forum.viry.cz) C:\Users\Zdeněk\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\System32\CompatTel\QueryAppBlock.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [332BigDog] => C:\Program Files\USB Camera2\VM332_STI.EXE [536576 2010-01-19] (Vimicro)
HKLM\...\Run: [EnergyUtility] => C:\Program Files\Lenovo\Energy Management\utility.exe [4114288 2009-09-29] (Lenovo(beijing) Limited)
HKLM\...\Run: [Energy Management] => C:\Program Files\Lenovo\Energy Management\Energy Management.exe [5064560 2009-09-29] (Lenovo (Beijing) Limited)
HKLM\...\Run: [FixCamera] => C:\windows\FixCamera.exe [20480 2007-02-12] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2010-04-28] ()
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvastUI.exe [5227648 2015-03-23] (AVAST Software)
HKU\S-1-5-21-3394328646-3757079861-1465878226-1003\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [30873192 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-3394328646-3757079861-1465878226-1003\...\Run: [GoogleChromeAutoLaunch_A42918919352F7586F1A353E6349BDF8] => C:\Program Files\Google\Chrome\Application\chrome.exe [809288 2015-03-14] (Google Inc.)
HKU\S-1-5-18\...\RunOnce: [WLStart] => C:\Program Files\Windows Live\Installer\wlstart.exe [779600 2009-07-26] (Microsoft Corporation)
Lsa: [Notification Packages] scecli C:\Program Files\ThinkPad\Bluetooth Software\BtwProximityCP.dll
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Zdeněk\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Zdeněk\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Zdeněk\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Zdeněk\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-3394328646-3757079861-1465878226-1003\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2014-12-20] (AVAST Software)
BHO: Pomocník pro přihlášení ke službě Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-3394328646-3757079861-1465878226-1003 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\0wdz8gn7.default-1424529599915
FF Homepage: https://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-28] ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-09-12] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprjplug.dll [2012-07-17] (RealNetworks, Inc.)
FF Extension: Adblock Plus - C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\0wdz8gn7.default-1424529599915\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-02-22]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2015-03-22]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011-09-10]

Chrome:
=======
CHR HomePage: Profile 2 -> hxxp://www.seznam.cz/
CHR StartupUrls: Profile 2 -> "hxxp://www.seznam.cz/"
CHR Profile: C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Weather (extension)) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\beapnbfmjmjhhfpaoajfhjbbfnnlfpnc [2014-12-14]
CHR Extension: (Seznam Lištička - Email) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2014-08-20]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2014-08-20]
CHR Extension: (Avast Online Security) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-08-20]
CHR Extension: (Adblock Super) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\knebimhcckndhiglamoabbnifdkijidd [2014-08-20]
CHR Extension: (Google Wallet) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-13]
CHR Profile: C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Google Slides) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-15]
CHR Extension: (Google Docs) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-15]
CHR Extension: (Google Drive) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-15]
CHR Extension: (Weather (extension)) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beapnbfmjmjhhfpaoajfhjbbfnnlfpnc [2015-02-15]
CHR Extension: (Seznam Lištička - Email) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2015-02-15]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2015-02-15]
CHR Extension: (YouTube) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-15]
CHR Extension: (Google Search) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-15]
CHR Extension: (Google Sheets) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-15]
CHR Extension: (Avast Online Security) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-02-15]
CHR Extension: (Adblock Super) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\knebimhcckndhiglamoabbnifdkijidd [2015-02-15]
CHR Extension: (PC Speed Up Extension) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\mpfkfpmlciebaiepdediekoemmjaoong [2015-03-25]
CHR Extension: (Google Wallet) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-15]
CHR Extension: (Gmail) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-15]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx [2014-12-20]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - No Path Or update_url value
CHR HKLM\...\Chrome\Extension: [mpfkfpmlciebaiepdediekoemmjaoong] - C:\Users\Zdeněk\AppData\Local\PC Speed Up Extension\Chrome\PC Speed Up Extension.crx [2012-11-04]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [50344 2014-12-20] (AVAST Software)
S4 IGRS; C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe [38152 2009-07-14] (Lenovo Group Limited)
S4 Lenovo ReadyComm AppSvc; C:\Program Files\Lenovo\ReadyComm\AppSvc.exe [509192 2009-08-14] (Lenovo Group Limited)
S4 Lenovo ReadyComm ConnSvc; C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe [579400 2009-09-22] (Lenovo Group Limited)
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-03-17] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
S3 PS_MDP; C:\Program Files\Lenovo\ReadyComm\PS_MDP.dll [276296 2009-07-16] (Lenovo Group Limited)
R2 ReadyComm.DirectRouter; C:\Program Files\Lenovo\ReadyComm\common\router.dll [103688 2009-07-14] (Lenovo Group Limited)
R2 SAService; C:\windows\system32\SAsrv.exe [445496 2010-03-25] (Conexant Systems, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 ACPIVPC; C:\windows\System32\DRIVERS\AcpiVpc.sys [23136 2010-01-20] (Lenovo Corporation)
R1 Amfilter; C:\windows\System32\DRIVERS\Amfilter.sys [8704 2000-01-01] ((Standard mouse types)) [File not signed]
R3 Amps2prt; C:\windows\System32\DRIVERS\Amps2prt.sys [14336 2000-01-01] ((Standard mouse types)) [File not signed]
R3 Amusbprt; C:\windows\System32\DRIVERS\Amusbprt.sys [13824 2000-01-01] ((Standard mouse types)) [File not signed]
R2 aswHwid; C:\windows\system32\drivers\aswHwid.sys [24184 2014-12-20] ()
R1 aswKbd; C:\windows\system32\Drivers\aswKbd.sys [21576 2013-08-30] (AVAST Software)
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [70384 2014-12-20] (AVAST Software)
R1 aswRdr; C:\windows\system32\drivers\aswRdr2.sys [81768 2014-12-20] (AVAST Software)
R0 aswRvrt; C:\windows\system32\Drivers\aswRvrt.sys [49944 2014-12-20] ()
R1 aswSnx; C:\windows\system32\drivers\aswSnx.sys [787800 2014-12-20] (AVAST Software)
R1 aswSP; C:\windows\system32\drivers\aswSP.sys [423784 2014-12-20] (AVAST Software)
S2 aswStm; C:\windows\system32\drivers\aswStm.sys [91496 2014-12-20] (AVAST Software)
R0 aswVmm; C:\windows\system32\Drivers\aswVmm.sys [206248 2014-12-20] ()
S3 Bridge0; C:\windows\System32\drivers\WDBridge.sys [63240 2009-07-28] (Lenovo)
R3 btwampfl; C:\windows\system32\drivers\btwampfl.sys [508184 2000-01-01] (Broadcom Corporation.)
S3 FTDIBUS; C:\windows\System32\drivers\ftdibus.sys [60104 2010-07-12] (FTDI Ltd.)
R1 funfrm; C:\windows\system32\Drivers\funfrm.sys [54800 2010-08-08] ()
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [23256 2015-03-17] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [119512 2015-03-25] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [51928 2015-03-17] (Malwarebytes Corporation)
R0 sptd; C:\windows\System32\Drivers\sptd.sys [691696 2010-10-05] () [File not signed]
S3 SWDUMon; C:\windows\System32\DRIVERS\SWDUMon.sys [13464 2015-03-23] ()
R3 vm332avs; C:\windows\System32\Drivers\vm332avs.sys [198000 2010-04-20] (Vimicro Corporation)
R3 wdmirror; C:\windows\System32\DRIVERS\WDMirror.sys [11792 2009-07-16] (Windows (R) Codename Longhorn DDK provider)
S3 wsvd; C:\windows\System32\DRIVERS\wsvd.sys [81704 2009-07-21] (CyberLink)
U3 a8px080w; C:\windows\system32\Drivers\a8px080w.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero size file/folder)
S3 RSUSBSTOR; System32\Drivers\RtsUStor.sys [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 SNP325; system32\DRIVERS\snp325.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-25 16:16 - 2015-03-25 16:17 - 00017064 _____ () C:\Users\Zdeněk\Desktop\FRST.txt
2015-03-25 16:14 - 2015-03-25 16:14 - 00112640 _____ (forum.viry.cz) C:\Users\Zdeněk\Desktop\FRSTLauncher.exe
2015-03-25 16:13 - 2015-03-25 16:13 - 00000000 __SHD () C:\Users\Zdeněk\AppData\Local\EmieBrowserModeList
2015-03-25 15:58 - 2015-03-25 15:59 - 01135104 _____ (Farbar) C:\Users\Zdeněk\Desktop\FRST.exe
2015-03-24 21:58 - 2015-03-24 21:58 - 00000364 _____ () C:\windows\PFRO.log
2015-03-24 17:27 - 2015-03-25 16:07 - 00119512 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-24 17:26 - 2015-03-24 17:26 - 00001024 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-03-24 17:26 - 2015-03-24 17:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-03-24 17:26 - 2015-03-24 17:26 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-03-24 17:26 - 2015-03-17 06:15 - 00092888 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2015-03-24 17:26 - 2015-03-17 06:15 - 00051928 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2015-03-24 17:24 - 2015-03-24 17:25 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Zdeněk\Downloads\mbam-setup-2.1.4.1018.exe
2015-03-24 16:38 - 2014-07-09 02:29 - 00006144 _____ (Microsoft Corporation) C:\windows\system32\KBDYAK.DLL
2015-03-24 16:38 - 2014-07-09 02:29 - 00006144 _____ (Microsoft Corporation) C:\windows\system32\KBDTAT.DLL
2015-03-24 16:38 - 2014-07-09 02:29 - 00006144 _____ (Microsoft Corporation) C:\windows\system32\KBDRU1.DLL
2015-03-24 16:38 - 2014-07-09 02:29 - 00006144 _____ (Microsoft Corporation) C:\windows\system32\KBDBASH.DLL
2015-03-24 16:38 - 2014-07-09 02:29 - 00005632 _____ (Microsoft Corporation) C:\windows\system32\KBDRU.DLL
2015-03-24 16:08 - 2015-03-24 16:08 - 02168320 _____ () C:\Users\Zdeněk\Desktop\adwcleaner_4.113.exe
2015-03-23 21:40 - 2015-03-23 21:40 - 00000000 ____D () C:\Users\Zdeněk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zařízení Bluetooth
2015-03-23 21:08 - 2015-01-09 03:48 - 00635904 _____ (Microsoft Corporation) C:\windows\system32\perftrack.dll
2015-03-23 21:08 - 2015-01-09 03:48 - 00076800 _____ (Microsoft Corporation) C:\windows\system32\wdi.dll
2015-03-23 21:08 - 2015-01-09 03:48 - 00027136 _____ (Microsoft Corporation) C:\windows\system32\powertracker.dll
2015-03-23 20:46 - 2015-03-25 15:49 - 00000560 _____ () C:\windows\setupact.log
2015-03-23 20:46 - 2015-03-23 20:46 - 00000000 _____ () C:\windows\setuperr.log
2015-03-23 20:42 - 2015-03-23 20:42 - 00000000 ____D () C:\windows\system32\appraiser
2015-03-23 20:17 - 2015-01-09 00:44 - 00419936 _____ () C:\windows\system32\locale.nls
2015-03-23 20:01 - 2015-02-24 03:32 - 00342696 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-03-23 20:01 - 2015-02-21 01:27 - 00418304 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-03-23 20:01 - 2015-02-20 03:22 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-03-23 20:01 - 2015-02-20 03:22 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-03-23 20:01 - 2015-02-20 03:08 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-03-23 20:01 - 2015-02-20 03:08 - 00047616 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-03-23 20:01 - 2015-02-20 03:01 - 00047104 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-03-23 20:01 - 2015-02-20 03:00 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-03-23 20:01 - 2015-02-20 02:56 - 00620032 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-03-23 20:01 - 2015-02-20 02:56 - 00115712 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-03-23 20:01 - 2015-02-20 02:56 - 00102912 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-03-23 20:01 - 2015-02-20 02:50 - 00667648 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-03-23 20:01 - 2015-02-20 02:41 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-03-23 20:01 - 2015-02-20 02:37 - 00168960 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-03-23 20:01 - 2015-02-20 02:24 - 02052608 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-03-23 20:01 - 2015-02-20 02:24 - 00689152 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-03-23 20:01 - 2015-02-20 02:24 - 00684544 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-03-23 20:01 - 2015-02-20 02:01 - 01888256 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-03-23 20:01 - 2015-02-20 01:57 - 01311232 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-03-23 20:01 - 2015-02-20 01:55 - 00710144 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-03-23 20:01 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2015-03-23 20:00 - 2015-02-21 01:41 - 12827648 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-03-23 20:00 - 2015-02-21 01:27 - 00285696 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-03-23 20:00 - 2015-02-21 01:25 - 19720192 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-03-23 20:00 - 2015-02-21 00:32 - 00076288 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-03-23 20:00 - 2015-02-20 03:09 - 00503296 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-03-23 20:00 - 2015-02-20 03:06 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-03-23 20:00 - 2015-02-20 03:03 - 02278400 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-03-23 20:00 - 2015-02-20 02:58 - 00478208 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-03-23 20:00 - 2015-02-20 02:30 - 04300288 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-03-23 20:00 - 2015-02-20 02:23 - 01155072 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-03-23 20:00 - 2015-02-13 06:26 - 12875264 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2015-03-23 20:00 - 2015-02-04 03:54 - 00482304 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-03-23 20:00 - 2015-02-04 03:53 - 00767488 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-03-23 20:00 - 2015-02-04 03:53 - 00621056 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-03-23 20:00 - 2015-02-04 03:53 - 00325632 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-03-23 20:00 - 2015-02-04 03:53 - 00202752 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2015-03-23 20:00 - 2015-02-04 03:53 - 00159744 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2015-03-23 20:00 - 2015-02-04 03:49 - 00886784 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-03-23 20:00 - 2015-02-03 04:12 - 00171520 _____ (Microsoft Corporation) C:\windows\system32\ubpm.dll
2015-03-23 20:00 - 2015-01-28 00:36 - 01167520 _____ (Microsoft Corporation) C:\windows\system32\aitstatic.exe
2015-03-23 20:00 - 2015-01-17 03:30 - 00828928 _____ (Microsoft Corporation) C:\windows\system32\msctf.dll
2015-03-23 19:58 - 2015-02-03 04:16 - 03973048 _____ (Microsoft Corporation) C:\windows\system32\ntkrnlpa.exe
2015-03-23 19:58 - 2015-02-03 04:16 - 03917760 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-03-23 19:58 - 2015-02-03 04:16 - 00078784 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mountmgr.sys
2015-03-23 19:58 - 2015-02-03 04:12 - 11411968 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2015-03-23 19:58 - 2015-02-03 04:12 - 03209728 _____ (Microsoft Corporation) C:\windows\system32\mf.dll
2015-03-23 19:58 - 2015-02-03 04:12 - 01329664 _____ (Microsoft Corporation) C:\windows\system32\quartz.dll
2015-03-23 19:58 - 2015-02-03 04:12 - 01230848 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2015-03-23 19:58 - 2015-02-03 04:12 - 01174528 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2015-03-23 19:58 - 2015-02-03 04:12 - 01005056 _____ (Microsoft Corporation) C:\windows\system32\cryptui.dll
2015-03-23 19:58 - 2015-02-03 04:12 - 00988160 _____ (Microsoft Corporation) C:\windows\system32\drmv2clt.dll
2015-03-23 19:58 - 2015-02-03 04:12 - 00744960 _____ (Microsoft Corporation) C:\windows\system32\blackbox.dll
2015-03-23 19:58 - 2015-02-03 04:12 - 00617984 _____ (Microsoft Corporation) C:\windows\system32\wmdrmsdk.dll
2015-03-23 19:58 - 2015-02-03 04:12 - 00519680 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll
2015-03-23 19:58 - 2015-02-03 04:12 - 00504320 _____ (Microsoft Corporation) C:\windows\system32\msscp.dll
2015-03-23 19:58 - 2015-02-03 04:12 - 00489984 _____ (Microsoft Corporation) C:\windows\system32\evr.dll
2015-03-23 19:58 - 2015-02-03 04:12 - 00475136 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2015-03-23 19:58 - 2015-02-03 04:12 - 00442880 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll
2015-03-23 19:58 - 2015-02-03 04:12 - 00406016 _____ (Microsoft Corporation) C:\windows\system32\drmmgrtn.dll
2015-03-23 19:58 - 2015-02-03 04:12 - 00400896 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-03-23 19:58 - 2015-02-03 04:12 - 00374784 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
2015-03-23 19:58 - 2015-02-03 04:12 - 00354816 _____ (Microsoft Corporation) C:\windows\system32\mfplat.dll
2015-03-23 19:58 - 2015-02-03 04:12 - 00275968 _____ (Microsoft Corporation) C:\windows\system32\EncDump.dll
2015-03-23 19:58 - 2015-02-03 04:12 - 00265216 _____ (Microsoft Corporation) C:\windows\system32\msnetobj.dll
2015-03-23 19:58 - 2015-02-03 04:12 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
2015-03-23 19:58 - 2015-02-03 04:12 - 00179200 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2015-03-23 19:58 - 2015-02-03 04:12 - 00157184 _____ (Microsoft Corporation) C:\windows\system32\pcasvc.dll
2015-03-23 19:58 - 2015-02-03 04:12 - 00143872 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
2015-03-23 19:58 - 2015-02-03 04:12 - 00103936 _____ (Microsoft Corporation) C:\windows\system32\cryptnet.dll
2015-03-23 19:58 - 2015-02-03 04:12 - 00103424 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll
2015-03-23 19:58 - 2015-02-03 04:12 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\cryptsp.dll
2015-03-23 19:58 - 2015-02-03 04:12 - 00069632 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2015-03-23 19:58 - 2015-02-03 04:12 - 00050688 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2015-03-23 19:58 - 2015-02-03 04:12 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2015-03-23 19:58 - 2015-02-03 04:12 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-03-23 19:58 - 2015-02-03 04:12 - 00038912 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2015-03-23 19:58 - 2015-02-03 04:12 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\pcadm.dll
2015-03-23 19:58 - 2015-02-03 04:12 - 00027648 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2015-03-23 19:58 - 2015-02-03 04:12 - 00010752 _____ (Microsoft Corporation) C:\windows\system32\msmmsp.dll
2015-03-23 19:58 - 2015-02-03 04:12 - 00008192 _____ (Microsoft Corporation) C:\windows\system32\spwmp.dll
2015-03-23 19:58 - 2015-02-03 04:12 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\msdxm.ocx
2015-03-23 19:58 - 2015-02-03 04:12 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\dxmasf.dll
2015-03-23 19:58 - 2015-02-03 04:11 - 12625408 _____ (Microsoft Corporation) C:\windows\system32\wmploc.DLL
2015-03-23 19:58 - 2015-02-03 04:11 - 00262656 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-03-23 19:58 - 2015-02-03 04:11 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\audiodg.exe
2015-03-23 19:58 - 2015-02-03 04:11 - 00096768 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2015-03-23 19:58 - 2015-02-03 04:11 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\rrinstaller.exe
2015-03-23 19:58 - 2015-02-03 04:11 - 00023040 _____ (Microsoft Corporation) C:\windows\system32\mfpmp.exe
2015-03-23 19:58 - 2015-02-03 04:11 - 00016896 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2015-03-23 19:58 - 2015-02-03 04:11 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\pcawrk.exe
2015-03-23 19:58 - 2015-02-03 04:11 - 00008192 _____ (Microsoft Corporation) C:\windows\system32\pcalua.exe
2015-03-23 19:58 - 2015-02-03 04:10 - 00008704 _____ (Microsoft Corporation) C:\windows\system32\pcaevts.dll
2015-03-23 19:58 - 2015-02-03 04:09 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\mferror.dll
2015-03-23 19:58 - 2015-02-03 04:08 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2015-03-23 19:58 - 2015-02-03 04:00 - 00593920 _____ (Microsoft Corporation) C:\windows\system32\Drivers\PEAuth.sys
2015-03-23 19:58 - 2015-02-03 03:26 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2015-03-23 19:58 - 2015-01-31 00:56 - 00370488 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2015-03-23 19:58 - 2014-10-31 23:22 - 00521384 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2015-03-23 19:58 - 2014-06-28 01:21 - 00455752 _____ (Microsoft Corporation) C:\windows\system32\winresume.exe
2015-03-23 19:58 - 2014-06-28 01:21 - 00409272 _____ (Microsoft Corporation) C:\windows\system32\ci.dll
2015-03-23 19:57 - 2015-02-26 04:11 - 02381312 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-03-23 19:57 - 2015-01-31 04:33 - 02744320 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2015-03-23 19:56 - 2015-03-06 06:15 - 00137656 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-03-23 19:56 - 2015-03-06 06:15 - 00067512 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-03-23 19:56 - 2015-03-06 06:10 - 01061376 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-03-23 19:56 - 2015-03-06 06:10 - 00550912 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-03-23 19:56 - 2015-03-06 06:10 - 00259584 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-03-23 19:56 - 2015-03-06 06:10 - 00248832 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-03-23 19:56 - 2015-03-06 06:10 - 00221184 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-03-23 19:56 - 2015-03-06 06:10 - 00172032 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-03-23 19:56 - 2015-03-06 06:10 - 00100352 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-03-23 19:56 - 2015-03-06 06:10 - 00065536 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-03-23 19:56 - 2015-03-06 06:10 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-03-23 19:56 - 2015-03-06 06:10 - 00017408 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-03-23 19:56 - 2015-03-06 06:10 - 00015872 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-03-23 19:56 - 2015-03-06 06:09 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-03-23 19:56 - 2015-03-06 06:09 - 00022528 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-03-23 19:56 - 2015-03-06 06:07 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-03-23 19:56 - 2015-03-06 06:07 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-03-23 19:56 - 2015-03-06 06:06 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-03-23 19:56 - 2015-02-20 05:13 - 00070656 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2015-03-23 19:56 - 2015-02-20 05:13 - 00034304 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2015-03-23 19:56 - 2015-02-20 05:13 - 00026624 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2015-03-23 19:56 - 2015-02-20 05:13 - 00010240 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2015-03-23 19:56 - 2015-02-20 04:09 - 00299008 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2015-03-23 19:56 - 2015-01-31 04:33 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\RdpGroupPolicyExtension.dll
2015-03-23 19:56 - 2015-01-31 01:48 - 00221184 _____ (Microsoft Corporation) C:\windows\system32\rdpudd.dll
2015-03-23 19:51 - 2015-02-04 03:54 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\WMPhoto.dll
2015-03-23 19:37 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\windows\system32\scesrv.dll
2015-03-23 19:33 - 2015-03-23 19:35 - 00000000 ____D () C:\rsit
2015-03-23 19:32 - 2015-03-23 19:32 - 01107968 _____ () C:\Users\Zdeněk\Downloads\RSIT.exe
2015-03-22 14:49 - 2015-03-22 14:50 - 00000000 ____D () C:\Program Files\Mozilla Firefox

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-25 16:16 - 2014-01-13 19:06 - 00000000 ____D () C:\FRST
2015-03-25 16:14 - 2012-11-04 17:07 - 00000000 ____D () C:\Program Files\PC Speed Up Extension
2015-03-25 16:03 - 2010-08-08 17:32 - 01314785 _____ () C:\windows\WindowsUpdate.log
2015-03-25 16:00 - 2010-10-05 11:36 - 00000480 _____ () C:\windows\Tasks\Úklid 1 kliknutím.job
2015-03-25 15:58 - 2009-07-14 05:34 - 00018736 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-25 15:58 - 2009-07-14 05:34 - 00018736 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-25 15:56 - 2014-12-20 10:43 - 00000940 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-25 15:54 - 2010-10-09 08:06 - 00000000 ____D () C:\Users\Zdeněk\AppData\Roaming\Skype
2015-03-25 15:50 - 2014-12-20 10:43 - 00000936 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-25 15:50 - 2010-10-05 21:49 - 00000089 _____ () C:\AtmApInit.txt
2015-03-25 15:49 - 2009-07-14 05:53 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-03-24 21:58 - 2009-07-14 05:33 - 00409752 _____ () C:\windows\system32\FNTCACHE.DAT
2015-03-24 21:39 - 2012-06-08 14:19 - 00000914 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-03-24 17:26 - 2014-01-11 15:07 - 00000000 ____D () C:\Users\Zdeněk\AppData\Roaming\Malwarebytes
2015-03-24 17:26 - 2014-01-11 15:07 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-24 17:26 - 2014-01-11 15:06 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2015-03-24 17:09 - 2009-07-14 03:37 - 00000000 ____D () C:\windows\Microsoft.NET
2015-03-24 16:17 - 2014-01-13 16:09 - 00000000 ____D () C:\AdwCleaner
2015-03-23 21:31 - 2013-02-28 15:20 - 00013464 _____ () C:\windows\system32\Drivers\SWDUMon.sys
2015-03-23 21:28 - 2009-07-14 05:46 - 00001515 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-03-23 21:26 - 2009-07-14 03:37 - 00000000 ____D () C:\windows\tracing
2015-03-23 21:16 - 2010-06-07 03:00 - 01567816 _____ () C:\windows\system32\PerfStringBackup.INI
2015-03-23 20:45 - 2014-12-20 10:43 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-03-23 20:42 - 2014-08-11 15:12 - 00000000 ___SD () C:\windows\system32\CompatTel
2015-03-23 20:42 - 2009-07-14 03:37 - 00000000 ____D () C:\windows\AppCompat
2015-03-23 20:34 - 2013-12-02 15:57 - 00000000 ____D () C:\windows\system32\MRT
2015-03-23 19:35 - 2014-01-13 15:39 - 00007013 _____ () C:\Users\Zdeněk\Downloads\hijackthis.log
2015-03-17 06:15 - 2014-03-17 15:32 - 00023256 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2015-03-05 18:52 - 2010-11-14 11:05 - 00000000 ____D () C:\Program Files\Real
2015-03-05 18:52 - 2010-11-14 11:04 - 00000000 ____D () C:\Users\Zdeněk\AppData\Roaming\Real
2015-03-05 18:52 - 2010-11-14 11:04 - 00000000 ____D () C:\ProgramData\Real
2015-02-28 09:39 - 2010-10-05 10:27 - 00000000 ____D () C:\Users\Zdeněk\AppData\Local\Adobe
2015-02-28 09:38 - 2012-06-08 14:19 - 00701616 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe
2015-02-28 09:38 - 2011-10-26 15:34 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl
2015-02-28 09:36 - 2014-12-20 10:43 - 00001081 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-02-26 21:20 - 2010-10-09 08:17 - 119837696 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-02-24 04:23 - 2010-10-05 22:14 - 00246920 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe

==================== Files in the root of some directories =======

2013-10-18 16:28 - 2013-10-18 16:28 - 50053120 _____ () C:\Program Files\GUTC755.tmp
2010-12-31 11:03 - 2010-12-31 11:03 - 0000316 _____ () C:\Users\Zdeněk\AppData\Roaming\lenovo_config.dat
2014-01-14 15:05 - 2014-01-14 15:05 - 0003584 _____ () C:\Users\Zdeněk\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-02-28 16:56 - 2013-02-28 16:56 - 0007607 _____ () C:\Users\Zdeněk\AppData\Local\Resmon.ResmonCfg
2013-12-22 12:37 - 2013-12-22 17:31 - 0001112 _____ () C:\Users\Zdeněk\AppData\Local\SRDownloader.nast
2010-10-09 08:15 - 2010-10-09 08:15 - 0000032 _____ () C:\ProgramData\ezsid.dat
2014-08-20 22:10 - 2014-08-20 22:10 - 0000088 _____ () C:\ProgramData\profile.xml

Files to move or delete:
====================
C:\ProgramData\ezsid.dat
C:\Windows\Tasks\{40ACDD22-3700-447B-8F5B-9C7E2B63EA04}.job


Some content of TEMP:
====================
C:\Users\Zdeněk\AppData\Local\Temp\Quarantine.exe
C:\Users\Zdeněk\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\{40ACDD22-3700-447B-8F5B-9C7E2B63EA04}.job => c:\program files\mozilla firefox\firefox.exebhttp:/ui.skype.com/ui/0/6.18.0.106/cs/go/
Task: C:\windows\Tasks\Úklid 1 kliknutím.job => D:\Program Files\TuneUp Utilities 2009\OneClickStarter.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Zden�k\Desktop" je 40 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher
"C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleChromeAutoLaunch_A42918919352F7586F1A353E6349BDF8
"C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype
"C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe
"C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe
"C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateP2GShortCut
"C:\Program Files\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VeriFaceManager
C:\Program Files\Trust\GM-4600 Gamer Mouse\Amoumain.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WheelMouse
Re�im ECHO je vypnut.


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Re: kontrola logu

Napsal: 25 bře 2015 17:47
od altrok
Vlozil jste 2x log FRST.txt, takze poprosim jeste o Addition.txt :)

Re: kontrola logu

Napsal: 25 bře 2015 17:49
od rudy630
Omlouvám se

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by Ruda at 2015-03-25 16:22:27
Running from C:\PerfLogs\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: COMODO Antivirus (Enabled - Up to date) {F0BC89B2-8937-0933-021B-B17D981F2A71}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Comodo Defense+ (Enabled - Up to date) {4BDD6856-AF0D-06BD-38AB-8A0FE39860CC}
FW: COMODO Firewall (Enabled) {C8870897-C358-086B-2944-184866CC6D0A}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

„Windows Live Essentials“ (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
„Windows Live Mail“ (x32 Version: 16.4.3528.0331 - „Microsoft Corporation“) Hidden
„Windows Live Messenger“ (x32 Version: 16.4.3528.0331 - „Microsoft Corporation“) Hidden
µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1 - )
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.00.631.5823 - ABBYY)
ABBYY FineReader 9.0 Sprint (x32 Version: 9.00.631.5823 - ABBYY) Hidden
Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{CB320215-F4BD-40FD-A209-62B131DA1B82}) (Version: 99.9 - Eyeo GmbH)
Adblock Plus for IE (HKLM-x32\...\{1ce01891-839b-4ad1-b629-2e608ba0c6ba}) (Version: 1.0 - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 16.0.0.245 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Akamai NetSession Interface (HKU\S-1-5-21-841361005-909514878-2309378359-1002\...\Akamai) (Version: - Akamai Technologies, Inc)
Aktualizace NVIDIA 16.18.9 (Version: 16.18.9 - NVIDIA Corporation) Hidden
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 1.4.42.69356 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.4.42.69356 - Alcor Micro Corp.) Hidden
Any Video Converter Ultimate 5.7.8 (HKLM-x32\...\Any Video Converter Ultimate_is1) (Version: - Any-Video-Converter.com)
ArcSoft MediaImpression 2 (HKLM-x32\...\{FB46F473-333E-4A06-A777-31C54188593E}) (Version: 2.0.14.672 - ArcSoft)
Ashampoo GetBack Photo v.1.0.1 (HKLM-x32\...\{C92AB6F1-2490-D7C3-A45D-23F3C33ECFA5}_is1) (Version: 1.0.1 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Commander 11 (HKLM-x32\...\{C92AB6F1-0F9C-8526-5DF1-0A2FD0FB33D9}_is1) (Version: 11.1.9 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Optimizer FREE (HKLM-x32\...\Ashampoo Photo Optimizer FREE_is1) (Version: 1.2.0 - ashampoo GmbH & Co. KG)
Ashampoo ZIP Free v.1.0.1 (HKLM-x32\...\{0A11EA01-06AA-A977-2548-2F3C0E8BE50B}_is1) (Version: 1.0.1 - Ashampoo GmbH & Co. KG)
ASUS AI Recovery (HKLM-x32\...\{D39F0676-163E-4595-A917-E28F99BBD4D2}) (Version: 1.0.24 - ASUS)
ASUS FaceLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0014 - ASUS)
ASUS Instant Connect (HKLM-x32\...\{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}) (Version: 1.2.2 - ASUS)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.1 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.7 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.2.1 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0041 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.0.9 - ASUS)
ASUS Virtual Touch (HKLM-x32\...\{938CFBD4-0652-49E5-BB8B-153948865941}) (Version: 1.0.11 - ASUS)
ASUS WebStorage (HKLM-x32\...\ASUS WebStorage) (Version: 3.0.144.298 - ASUS Cloud Corporation)
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.309 - ASUSTEK)
Atheros Bluetooth Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.4.0.140 - Atheros)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.12 - Atheros Communications Inc.)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0020 - ASUS)
aTube Catcher (HKLM-x32\...\aTube Catcher) (Version: 3.8.5187 - DsNET Corp)
aTube Catcher verze 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Bass Audio Decoder (remove only) (HKLM-x32\...\Bass Audio Decoder) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.03 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5306 - CDBurnerXP)
cechoslovak (HKU\S-1-5-21-841361005-909514878-2309378359-1002\...\cechoslovak) (Version: - )
Comodo Dragon (HKLM-x32\...\Comodo Dragon) (Version: 36.1.1.21 - Comodo)
COMODO Internet Security Premium (HKLM\...\{18F14F4B-D8A9-4309-817E-3BC0B7664E53}) (Version: 8.0.0.4344 - COMODO Security Solutions Inc.)
CyberLink Media Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2926 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.19 - Piriform)
DirectVobSub (remove only) (HKLM-x32\...\DirectVobSub) (Version: - )
Document Capture Pro (HKLM-x32\...\{B4A3C072-87AF-4937-880D-3D7997111C0D}) (Version: 1.01.0000 - Seiko Epson Corporation)
Dream Day First Home (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}) (Version: - Oberon Media)
Dream Vacation Solitaire (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111249233}) (Version: - Oberon Media)
Epson Connect Guide (HKLM-x32\...\Epson Connect Guide) (Version: - )
Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.3.0 - SEIKO EPSON CORPORATION)
Epson Copy Utility 3.5 (HKLM-x32\...\{AA72FB28-73B4-49E5-B6B4-E78F44BBD0AD}) (Version: 3.5.0.0 - )
Epson Easy Photo Print 2 (HKLM-x32\...\{674E262F-72EA-41C1-AF16-9727311A4553}) (Version: 2.4.1.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{148C8BF9-E1B4-445D-AC67-2CABAE63949A}) (Version: 3.01.0009 - Seiko Epson Corporation)
Epson E-Web Print (HKLM-x32\...\{E904F572-D7DB-43C1-929F-043F267FC77D}) (Version: 1.22.0000 - SEIKO EPSON CORPORATION)
EPSON L355 Series Printer Uninstall (HKLM\...\EPSON L355 Series) (Version: - SEIKO EPSON Corporation)
Epson Příručka pro síť L355 Series (HKLM-x32\...\L355 Series Netg) (Version: - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
Epson Uživatelská příručka EPSON Perfection V370 Photo (HKLM-x32\...\EPSON Perfection V370 Photo Useg) (Version: - )
Epson Uživatelská příručka L355 Series (HKLM-x32\...\L355 Series Useg) (Version: - )
ETDWare PS/2-X64 10.5.9.0 (HKLM\...\Elantech) (Version: 10.5.9.0 - ELAN Microelectronic Corp.)
Evidence LSoft 4.2.0.0 (HKLM-x32\...\{6B7574A7-ADE5-40CD-B4DE-3A72C483DB92}_is1) (Version: - Martin Lutonský)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
FastStone Image Viewer 5.3 (HKLM-x32\...\FastStone Image Viewer) (Version: 5.3 - FastStone Soft)
FFMPEG Core Files (remove only) (HKLM-x32\...\FFMPEG Core Files) (Version: - )
FormatFactory 3.6.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.6.0.0 - Format Factory)
Freemake Video Converter verze 4.1.5 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.5 - Ellora Assets Corporation)
Gabest MPEG Splitter (remove only) (HKLM-x32\...\Gabest MPEG Splitter) (Version: - )
Galapago (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}) (Version: - Oberon Media)
Game Park Console (HKLM-x32\...\Game Park Console) (Version: 1.2.4.431 - Oberon Media Inc.)
GeekBuddy (HKLM\...\{E98902C5-09AF-487A-AFAE-D4C386F506C0}) (Version: 4.18.121 - Comodo Security Solutions Inc)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Go Go Gourmet Chef of the Year (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115290153}) (Version: - Oberon Media)
Google Earth (HKLM-x32\...\{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}) (Version: 7.1.1.1888 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.101 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Google+ Auto Backup (HKU\S-1-5-21-841361005-909514878-2309378359-1002\...\Google+ Auto Backup) (Version: 1.0.26.151 - Google, Inc.)
Gpg4win (2.2.3) (HKLM-x32\...\GPG4Win) (Version: 2.2.3 - The Gpg4win Project)
Cheat Engine 6.3 (HKLM-x32\...\Cheat Engine 6.3_is1) (Version: - Cheat Engine)
IE Download Helper (HKLM\...\{92A49BB2-0039-470F-82F8-A599BF5C4410}) (Version: 3.2 - IE Download Helper)
InstantOn for NB (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 2.3.3 - ASUS)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.35342 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.10.255 - Intel Corporation)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
LastPass (pouze odinstalace) (HKLM-x32\...\LastPass) (Version: - LastPass)
LAV Filters 0.63.0 (HKLM-x32\...\lavfilters_is1) (Version: 0.63.0 - Hendrik Leppkes)
LibreOffice 4.4.1.2 (HKLM-x32\...\{4A754DA6-6E12-40AF-BAF0-B7D60C6BE005}) (Version: 4.4.1.2 - The Document Foundation)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.319 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.319 - LogMeIn, Inc.) Hidden
Mahjong Secrets (HKLM-x32\...\510008402) (Version: - Oberon Media)
MediaPortal (HKLM-x32\...\MediaPortal) (Version: 1.9.0 - Team MediaPortal)
Microsoft .NET Framework 4.5.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-841361005-909514878-2309378359-1002\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft OneNote 2013 - cs-cz (HKLM\...\OneNoteFreeRetail - cs-cz) (Version: 15.0.4701.1002 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 x64 CSY (HKLM\...\{0A8A841B-29C4-4947-BF59-241216B4D904}) (Version: 4.0.8482.1 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{B636C9B9-A3F2-4DCE-ADCC-72E095018385}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual Basic PowerPacks 10.0 (HKLM-x32\...\{2D9F8079-7D50-3EFD-B3BD-ED642E4EE756}) (Version: 10.0.20911 - Microsoft)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Web Platform Installer 4.6 (HKLM\...\{16C7D2AD-20CA-491E-80BC-8607A9AACED9}) (Version: 4.0.40719.0 - Microsoft Corporation)
Mozilla Firefox 36.0.4 (x86 cs) (HKLM-x32\...\Mozilla Firefox 36.0.4 (x86 cs)) (Version: 36.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.4.0 - Mozilla)
Mozilla Thunderbird 31.5.0 (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 31.5.0 (x86 cs)) (Version: 31.5.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyHeritage Family Tree Builder (HKLM-x32\...\Family Tree Builder) (Version: 7.0.0.7128 - MyHeritage.com)
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.88 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4701.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4701.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4701.1002 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenSource AVI Splitter (remove only) (HKLM-x32\...\OpenSource AVI Splitter) (Version: - )
OpenSource DTS/AC3/DD+ Source Filter (remove only) (HKLM-x32\...\OpenSource DTS/AC3/DD+ Source Filter) (Version: - )
OpenSource Flash Video Splitter (remove only) (HKLM-x32\...\OpenSource Flash Video Splitter) (Version: - )
Ovládací panel NVIDIA 337.88 (Version: 337.88 - NVIDIA Corporation) Hidden
paint.net (HKLM\...\{19BD2C33-16A8-4ED1-B9EA-D9E35B21EC42}) (Version: 4.0.5 - dotPDN LLC)
PDF Architect 2 OCR Module (x32 Version: 2.0.17.17583 - pdfforge GmbH) Hidden
PDF24 Creator 6.9.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.312.1 - Tracker Software Products Ltd)
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PicPick (HKLM-x32\...\PicPick) (Version: 3.4.0 - NTeWORKS)
Plants vs Zombies (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117080787}) (Version: - Oberon Media)
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Plus500 (HKLM-x32\...\Plus500) (Version: - )
Poczta usługi Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
ProgDVB (HKLM-x32\...\ProgDVB) (Version: 7.x - Prog)
Q-Dir (HKLM\...\Q-Dir) (Version: - )
Q-Dir (HKLM-x32\...\Q-Dir) (Version: - )
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 3.0 - Qualcomm Atheros)
Recepty doma (HKLM-x32\...\Recepty doma_is1) (Version: - Martin Roubec)
Recuva (HKLM\...\Recuva) (Version: 1.48 - Piriform)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Sada Compatibility Pack pro systém Office 2007 (HKLM-x32\...\{90120000-0020-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
SceneSwitch (HKLM-x32\...\{5172E572-C175-4F80-A6D5-5CB45826AD61}) (Version: 1.0.12 - ASUS)
Seznam Instalátor (HKLM-x32\...\ssinstall) (Version: - Seznam.cz)
Seznam Software (HKU\S-1-5-21-841361005-909514878-2309378359-1002\...\SeznamInstall) (Version: - Seznam.cz)
SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
Simple Adblock (HKLM-x32\...\{B4920103-09F6-4AD2-B150-CFC4474D2DDC}) (Version: 1.1.5 - Simple Adblock)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype Web Plugin (HKLM-x32\...\{B51DD93B-3CB5-4D9D-BFF2-FD19DBBBFD9A}) (Version: 2.9.13008.18866 - Skype Technologies S.A.)
Skype™ 7.2 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.2.103 - Skype Technologies S.A.)
Speccy (HKLM\...\Speccy) (Version: 1.28 - Piriform)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Explorer 6.4.0 (HKLM-x32\...\{40F485F7-6478-4896-B0D5-F94BE677EB78}_is1) (Version: - Mister Group)
TapinRadio 1.60.1 (HKLM-x32\...\TapinRadio_is1) (Version: - Raimersoft)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.39052 - TeamViewer)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
Tisk Obalek 3.2.2.7 (HKLM-x32\...\Tisk Obalek_is1) (Version: 3.2.2.7 - Mgr. Radovan Kraus)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.0 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.1 - ASUS)
Wireless Console 3 (HKLM-x32\...\{19EA33FB-B34E-40EA-8B8A-61743AEB795A}) (Version: 3.0.27 - ASUS)
World of Goo (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-116672750}) (Version: - Oberon Media)
XnView 2.31 (HKLM-x32\...\XnView_is1) (Version: 2.31 - Gougelet Pierre-e)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-841361005-909514878-2309378359-1002_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Ruda\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-841361005-909514878-2309378359-1002_Classes\CLSID\{A75BE48D-BF58-4A8B-B96C-F9A09DFB9844}\InprocServer32 -> %LOCALAPPDATA%\Pokki\ocdeskband_0.dll No File
CustomCLSID: HKU\S-1-5-21-841361005-909514878-2309378359-1002_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Ruda\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-841361005-909514878-2309378359-1002_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Ruda\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-841361005-909514878-2309378359-1002_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Ruda\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-841361005-909514878-2309378359-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Ruda\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points =========================

16-03-2015 20:29:34 Windows Update
16-03-2015 20:34:35 Windows Update
16-03-2015 23:44:35 Windows Update
17-03-2015 10:12:54 paint.net 4.0.5
17-03-2015 10:51:24 Windows Update
17-03-2015 11:45:27 Installed Software Updater
18-03-2015 22:38:43 Revo Uninstaller's restore point - Tisk Obalek 3.2.2.7
19-03-2015 22:10:14 Windows Update
25-03-2015 01:23:18 Anvi CSB 3.5
25-03-2015 09:55:11 Revo Uninstaller's restore point - Cloud System Booster
25-03-2015 10:38:44 zoek.exe restore point

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2015-03-25 11:39 - 00000841 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost
::1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {00B4C1D0-87B9-446F-9BD5-3FC8C2467514} - System32\Tasks\{18940542-76C0-4F13-9BE4-8A66F0476E6A} => c:\program files (x86)\maxthon\bin\maxthon.exe
Task: {030C4D65-5770-4883-AAE9-A6EEF09B80CA} - \GoogleUpdateTaskUserS-1-5-21-841361005-909514878-2309378359-1002UA No Task File <==== ATTENTION
Task: {063B2351-F936-4ADC-B53F-DD1E5582889F} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-02-04] (COMODO)
Task: {0C6B6EBC-9031-44FA-B832-2A50AC01A441} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-02-04] (COMODO)
Task: {0EA9B830-5DC4-4E1B-A3F2-5A1794F8501C} - System32\Tasks\{9166EEE1-665A-47B7-9AA3-F28205031DCF} => pcalua.exe -a "C:\Program Files (x86)\Asus\Game Park\Galapago\Uninstall.exe" -c "C:\Program Files (x86)\Asus\Game Park\Galapago\install.log"
Task: {11FA246D-C1FB-4763-82E6-F9EB4F15CCF0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-02-27] (Piriform Ltd)
Task: {11FB9A9F-DE45-4625-A68C-FFC2E0940A67} - System32\Tasks\{3C9D2E01-D7E9-4342-BDC9-2776D4B876E9} => pcalua.exe -a C:\Users\Ruda\Downloads\Windows-Live-Mail-_16.4.3505.0912.exe -d C:\Users\Ruda\Downloads
Task: {16B650C0-89C9-454D-97D5-6C2102834D84} - System32\Tasks\{6B5CC6B3-B792-45FF-9E34-6A890BAA3CBF} => pcalua.exe -a C:\Users\Ruda\Downloads\Android.Manager.WiFi.v2010.10.01.exe -d C:\Users\Ruda\Downloads
Task: {16EC238F-8D7D-4C90-A41B-F10D5F8B95E3} - System32\Tasks\{BFFDA647-C68E-454A-B685-C181E1C9EEF0} => Chrome.exe http://ui.skype.com/ui/0/6.7.0.102/cs/g ... Error=1603
Task: {1AB0F5BC-6361-4DFA-82E6-E03EF58F9B29} - System32\Tasks\{17B8EBB4-ACC4-40FC-9E86-5E55A576447D} => pcalua.exe -a c:\vallen\jpegger\jpegger.exe -c -ui -q
Task: {1B030A60-CD3C-46E5-9D8D-09ECFB600B57} - System32\Tasks\C__Users_Ruda_Downloads_tvonline.exe => C:\Users\Ruda\Downloads\tvonline.exe
Task: {21F63DC7-40DC-4AFB-9776-A61419648025} - System32\Tasks\{D6893A38-300B-4034-AEEE-3EA1D9C1E11C} => c:\program files (x86)\maxthon\bin\maxthon.exe
Task: {247BD6D5-3C21-4DD9-9179-6AC13EC5E037} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2015-02-04] (COMODO)
Task: {2547CE60-04D2-4E81-A72C-7D14A59FAE45} - System32\Tasks\{83EAA0A7-58FB-4FB5-8FF1-0142CB60BC2D} => Chrome.exe http://ui.skype.com/ui/0/6.7.0.102/cs/g ... Error=1603
Task: {29B6765C-3E5D-4669-B996-06AC5DF531B4} - System32\Tasks\{A1CF3082-39CC-4078-AEC3-25C007D9ED63} => Chrome.exe http://ui.skype.com/ui/0/6.3.0.105/cs/g ... Error=1603
Task: {2F8B20C9-A499-4C3C-A308-C6734868B719} - System32\Tasks\{71BFF601-8F49-4643-AC08-7CD109E89297} => pcalua.exe -a C:\PerfLogs\Desktop\wlsetup-web.exe -d C:\PerfLogs\Desktop
Task: {37087F67-6F6B-497C-8243-910F7194E560} - System32\Tasks\{BF848EB0-7806-4688-96BF-34413190A1F6} => c:\program files (x86)\maxthon\bin\maxthon.exe
Task: {37C1B75B-A500-45B3-B1AE-90E1EFD6C201} - System32\Tasks\{6BBE8BB2-5C12-4A6E-92BE-36A91ADE43FD} => pcalua.exe -a "C:\Program Files (x86)\Asus\Game Park\Bubbletown\Uninstall.exe" -c "C:\Program Files (x86)\Asus\Game Park\Bubbletown\install.log"
Task: {380EF2F5-1933-45D0-84A2-E73992A28DD5} - \GoogleUpdateTaskUserS-1-5-21-841361005-909514878-2309378359-1002Core No Task File <==== ATTENTION
Task: {3BA38A96-8C57-4DFA-B37F-13BEE26FE5BC} - System32\Tasks\{5F50205B-81B7-4BE5-A556-CAF25610E21D} => pcalua.exe -a C:\Users\Ruda\Documents\FreeRapid-0.9u3\FreeRapid-0.9u3\frd.exe -d C:\Users\Ruda\Documents\FreeRapid-0.9u3\FreeRapid-0.9u3
Task: {3D98428B-0114-49A0-B54A-04EA96571626} - System32\Tasks\{A6F96F0C-EB4C-4E2F-AAFA-EDD1BC516833} => pcalua.exe -a C:\Users\Ruda\Downloads\StudioLine_PB4_Setup2015.exe -d C:\Users\Ruda\Downloads
Task: {3DB4F540-0DA0-4B85-B5BC-69EB92075629} - System32\Tasks\{1A9D60BE-8A7F-4668-8FC6-3784F8E88970} => pcalua.exe -a "C:\Program Files (x86)\Team MediaPortal\MediaPortal TV Server\SetupTv.exe" -d "C:\Program Files (x86)\Team MediaPortal\MediaPortal TV Server"
Task: {3FAFCF43-3B51-4FC9-AEEF-12C98082BEFE} - System32\Tasks\{8B1919D7-7714-4D33-96FD-34DF36DC72E6} => C:\Users\Ruda\Downloads\Luminance-HDR-Win32-SETUP-v2.3.1-2.exe
Task: {4218984F-6740-45DF-9257-BEC2967174D6} - System32\Tasks\{2F0CBDFA-5117-4D5A-B7D9-EF2A2ADD726D} => pcalua.exe -a C:\Users\Ruda\Downloads\Install-winMd5Sum.exe -d C:\Users\Ruda\Downloads
Task: {46334A36-2A94-45FE-91AD-21E678AE8106} - System32\Tasks\{A002E75E-1495-4BA8-9A86-F4D44AD135DA} => pcalua.exe -a "C:\Program Files (x86)\Asus\Game Park\Plants vs Zombies\Uninstall.exe" -c "C:\Program Files (x86)\Asus\Game Park\Plants vs Zombies\install.log"
Task: {4A1E6D7E-D213-44F7-80C9-08B4ABDA0F84} - System32\Tasks\{6FBB8A7D-5EE5-43AA-94E5-BE60D121BDD9} => C:\Program Files (x86)\WinThruster\WinThruster.exe
Task: {4D42D988-220F-4BC7-B7DC-B8E44055D893} - System32\Tasks\{2181C5A6-223E-4525-BB57-559A0BC59D43} => pcalua.exe -a E:\obsah\Programy\Ostatní\OpenOffice\OOo_3.2.0rc3_20100118_Win32Intel_install_cs.exe -d E:\obsah\Programy\Ostatní\OpenOffice
Task: {4FD437B7-9854-48BB-B791-B77A1FA57D9A} - System32\Tasks\_UPDATES => C:\Program Files (x86)\WinThruster\WinThruster.exe
Task: {532591BF-F6F0-430E-9EAA-061231AAF910} - System32\Tasks\{927A8016-7C84-4099-B4A9-7974F86116C3} => pcalua.exe -a C:\Users\Ruda\Downloads\wlsetup-all.exe -d C:\Users\Ruda\Downloads
Task: {5702B3D4-BC81-45E2-9ABA-68BC3D512AEA} - System32\Tasks\{7F5B67FF-7FC5-433A-B43F-7C97030550DC} => C:\Users\Ruda\Downloads\Luminance-HDR-Win32-SETUP-v2.3.1-2.exe
Task: {596F0B48-FC9F-43E7-B75F-37DBD67176A3} - System32\Tasks\{3CA36EE5-E256-4568-B0D0-D654007BFB6E} => pcalua.exe -a E:\software\oem\oemsetup.exe -d E:\software\oem
Task: {5A08588B-9980-4FAE-A675-B8BE597CE218} - System32\Tasks\{7064E0ED-D387-4527-B3FB-D3E603B18F21} => pcalua.exe -a C:\Users\Ruda\Downloads\FreeRapid-0.9u3\frd.exe -d C:\Users\Ruda\Downloads\FreeRapid-0.9u3
Task: {5BC1BF0D-5504-4D12-9F8D-12A226E1FF9A} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {5DBF41C4-05C3-44C4-8A5A-9F8C01F8D2B4} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2012-09-27] ()
Task: {5FAE1F37-D79B-48A7-A5D4-B4D2FC852F0F} - System32\Tasks\{638DA9E3-5093-48A0-A3A5-F81670454AC0} => pcalua.exe -a C:\PerfLogs\Desktop\wlsetup-all.exe -d C:\PerfLogs\Desktop
Task: {60C99AB4-F669-44B2-8138-1C54E3C0CC62} - System32\Tasks\{F2016396-B017-48F7-A855-8A17138D566C} => pcalua.exe -a "C:\Program Files (x86)\Asus\Game Park\Turbo Fiesta\Uninstall.exe" -c "C:\Program Files (x86)\Asus\Game Park\Turbo Fiesta\install.log"
Task: {6C4C1E35-9884-43C2-B491-674768318C0D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-03-20] (Microsoft Corporation)
Task: {70CF69D2-989B-4CDF-AD9E-7F59AFD5BBE2} - System32\Tasks\{6735FC5D-B0D4-41FB-983F-D6A0632CB305} => C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe
Task: {712B8D58-53FD-47AA-A47E-B77BEB389D27} - System32\Tasks\{47747F88-D939-441C-BA01-5980F3ACC2C1} => pcalua.exe -a C:\Users\Ruda\Downloads\AdobeAIRInstaller(1).exe -d C:\Users\Ruda\Downloads
Task: {73598455-55F6-457F-A91D-18E3C7C42BAC} - System32\Tasks\{B4C4EABB-5B0D-4EF7-8449-BFA20337AEEC} => pcalua.exe -a "C:\Program Files (x86)\Asus\Game Park\Dream Day First Home\Uninstall.exe" -c "C:\Program Files (x86)\Asus\Game Park\Dream Day First Home\install.log"
Task: {73D09C75-C9E8-4D7E-9A05-54315B7E0A74} - System32\Tasks\{17A30D0C-9F9A-42D2-ADD6-E6C2A6087AAA} => pcalua.exe -a C:\Users\Ruda\Downloads\FreeRapid-0.9u3\FreeRapid-0.9u3\frd.exe -d C:\Users\Ruda\Downloads\FreeRapid-0.9u3\FreeRapid-0.9u3\
Task: {73F4FA2A-59E5-4814-A2A9-1130AFCBD7A4} - System32\Tasks\{F4502145-42AF-418D-82E5-00CC641E2BB3} => pcalua.exe -a "C:\Users\Ruda\Downloads\wlsetup-web .exe" -d C:\Users\Ruda\Downloads
Task: {74960CA7-B50D-4A3D-838C-C6E30438E0F2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.)
Task: {74BAB3AC-7C7A-4C02-9F63-AD3A5E095058} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.)
Task: {75977CC3-1E01-4AD2-A0BC-DE752D94BE37} - System32\Tasks\{86B6FF6A-565B-4AE2-A512-561E454D84F8} => C:\Program Files (x86)\ASUS\FaceLogon\logonmgr.exe [2012-02-21] (ASUSTek Computer Inc.)
Task: {782AF7B1-93C4-46BB-9331-671A3DEA7473} - System32\Tasks\ASUS Quick Gesture (x64) => C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x64\QuickGesture64.exe [2012-04-11] (ASUSTeK Computer Inc.)
Task: {796FB41F-561A-4CDB-A13E-DA8677AD52B3} - System32\Tasks\{3B64BBF6-C46E-482D-934F-2F09EA63E528} => Chrome.exe http://ui.skype.com/ui/0/6.7.0.102/cs/g ... Error=1603
Task: {7AB9DA8D-80DE-46E8-B6EE-740D1548BEA2} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-06-20] (ASUSTeK Computer Inc.)
Task: {7EFAFBEE-4A0E-4258-8F22-B56A074FC1EE} - System32\Tasks\{CE160BED-AA6C-4B07-B819-15E1D2ED4F96} => pcalua.exe -a "C:\Program Files (x86)\OpenAL\oalinst.exe"
Task: {7F061C75-D6FC-4936-98CD-A81BADAAA50E} - System32\Tasks\{E70DE9C2-B021-460F-B37F-A045C1BD318B} => pcalua.exe -a C:\Users\Ruda\Downloads\Install-winMd5Sum.exe -d C:\Users\Ruda\Downloads
Task: {81169D4E-22EB-4B20-B641-AFCE30989E53} - System32\Tasks\{E9107696-4A75-4598-8970-BB83E8189B72} => pcalua.exe -a "c:\program files (x86)\kingsoft\kingsoft antivirus\uni0nst.exe"
Task: {8507C6E0-AB15-4A94-8661-252E988BBE53} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-02-04] (COMODO)
Task: {855C2966-0F57-492E-9289-49D291F7077F} - System32\Tasks\{EA700A6E-4619-4175-87F5-4DD8516627A9} => pcalua.exe -a E:\EasySetupAssistant\TL-WDR3600\EasySetupAssistant.exe -d E:\EasySetupAssistant\TL-WDR3600
Task: {85EC1DB6-DF1D-4F4F-84A8-8BF3C48D845E} - System32\Tasks\{DF50BD1D-B297-4274-95D1-9537FECDF4FD} => C:\Users\Ruda\Downloads\flock-2.6.0.en-US.win32.exe
Task: {87F70169-16E2-4A1D-BBBE-F5A3BE9BC361} - System32\Tasks\{3C018CAC-80C2-4550-ADE7-06563FDA0C82} => pcalua.exe -a C:\Users\Ruda\Downloads\wlsetup-web(1).exe -d C:\Users\Ruda\Downloads
Task: {8A6064C4-E61B-4442-A531-779DA76F62A6} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe [2012-02-17] (ASUSTek Computer Inc.)
Task: {8B8F3C55-A04A-4C63-93FA-25E3BA0E2AE0} - System32\Tasks\UnHackMe Task Scheduler => C:\Program Files (x86)\UnHackMe\hackmon.exe
Task: {8E1EF39C-C9C4-4604-B02C-5777F2E1D975} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: {8F6A888A-91DF-44B3-A669-E86ED83FE6AA} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe
Task: {90FAEF35-3C1F-472B-99EE-577638B37680} - System32\Tasks\{009319D0-F3BB-4BA5-A79C-64A982F5295A} => pcalua.exe -a C:\Users\Ruda\Downloads\FreeRapid-0.9\frd.exe -d C:\Users\Ruda\Downloads\FreeRapid-0.9
Task: {95BA0704-4383-4360-8A79-C648AC6657CC} - System32\Tasks\{767F9478-3C3D-4EAA-AB9E-61FD8DC323EC} => C:\Users\Ruda\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [2014-04-17] (Microsoft Corporation)
Task: {9B604BA7-4990-4066-ADEE-F3E1E3AB2077} - System32\Tasks\{EF25F101-B955-42F5-9878-F24186A0A763} => c:\program files (x86)\maxthon\bin\maxthon.exe
Task: {9C253EF1-E933-4C60-9C9C-2020699D01F1} - System32\Tasks\{4428E1A8-8A3F-43FB-A889-1A0C6ED40E8E} => C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe
Task: {9DD4C10B-EAE3-45B3-B84F-FC885D539853} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-02-04] (COMODO)
Task: {9FAC172D-4CA5-4419-B661-B5C427F70794} - System32\Tasks\{F3796B24-9A0C-4930-A356-6EB166310D6C} => pcalua.exe -a "C:\Program Files (x86)\FlashGet Network\FlashGet 3\uninst.exe"
Task: {A0E4045A-A82E-40C0-8251-CCF2EF9C4DB5} - System32\Tasks\{4CAE5787-73F8-42AA-820D-13DFD7C1BC04} => pcalua.exe -a C:\Users\Ruda\Downloads\RegCleaner.exe -d C:\Users\Ruda\Downloads
Task: {A531A161-339D-4362-A29F-B71B712BCA8E} - System32\Tasks\{E28F3532-125E-4BE3-BC6B-C39100C0C74C} => pcalua.exe -a "C:\Program Files (x86)\Asus\Game Park\Farm Frenzy 3 - Madagascar\Uninstall.exe" -c "C:\Program Files (x86)\Asus\Game Park\Farm Frenzy 3 - Madagascar\install.log"
Task: {A70A22AF-33B2-4F03-86DD-015C88918DF9} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-03-20] (Microsoft Corporation)
Task: {A70A2388-E6AE-4C8A-BAC7-72241A828F77} - System32\Tasks\{91E9A25E-61BF-4194-9114-A965A07543E7} => pcalua.exe -a C:\Users\Ruda\Downloads\ytd-1.25.exe -d C:\Users\Ruda\Downloads
Task: {A7B080BD-8455-423E-BD5F-8964591CFCA3} - System32\Tasks\{37307FD2-BAB0-4627-B352-FDAEC564DE7C} => pcalua.exe -a C:\Users\Ruda\Downloads\FreeRapid-0.9u3\FreeRapid-0.9u3\frd.exe -d C:\Users\Ruda\Downloads\FreeRapid-0.9u3\FreeRapid-0.9u3
Task: {ACC1D449-0B5C-4147-9276-7881F1A0CEDF} - System32\Tasks\{F230008E-22AA-45DB-BC33-0AD646C51DAA} => Chrome.exe http://ui.skype.com/ui/0/6.3.0.105/cs/g ... Error=1603
Task: {AE595AEE-C073-4DDA-968A-65FD87657463} - System32\Tasks\ASUS Quick Gesture => C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe [2012-04-11] (ASUSTeK Computer Inc.)
Task: {B037B310-9877-4270-A541-A2A4D10B4928} - System32\Tasks\{12F3F5D9-2FE5-4D60-A69F-D350813ABF07} => c:\program files (x86)\maxthon\bin\maxthon.exe
Task: {B6D3F62D-EA60-47E6-94B5-0951D8F8A948} - System32\Tasks\{DAB592B0-49D5-4393-87F5-F69B1E2418A6} => pcalua.exe -a C:\Users\Ruda\Downloads\InstallPlus500(1).exe -d C:\Users\Ruda\Downloads
Task: {B9377CF7-D996-4021-B03C-C2B772A125D0} - System32\Tasks\{DC882E5B-1A06-4E48-B21B-3D82B17243FD} => c:\program files (x86)\maxthon\bin\maxthon.exe
Task: {BCFAAA81-E865-4CC4-B387-1D54FCB965F5} - System32\Tasks\{3FDD096B-4477-4116-9577-8D01A2A457C0} => pcalua.exe -a C:\Users\Ruda\Downloads\IrfanView-4.32-cestina.exe -d C:\Users\Ruda\Downloads
Task: {C31E0E22-2242-4B96-8DD5-6399CBED420F} - System32\Tasks\{C841434A-58F6-4B51-A900-FDB75DD8C7C6} => pcalua.exe -a C:\Users\Ruda\FreeRapid-0.9u4\frd.exe -d C:\Users\Ruda\FreeRapid-0.9u4
Task: {C71C5F8F-8CBE-41D5-A71A-DD9A34B238C1} - System32\Tasks\{75D8443C-5E6E-4EEC-9CA2-1CD4A83155EF} => pcalua.exe -a "C:\Program Files (x86)\Asus\Game Park\Deadtime Stories\Uninstall.exe" -c "C:\Program Files (x86)\Asus\Game Park\Deadtime Stories\install.log"
Task: {C787445F-7F00-4E87-854D-E25060E58B1F} - System32\Tasks\{EDE012CB-828B-43A7-B05D-799D50643F98} => pcalua.exe -a C:\Users\Ruda\Downloads\Q-Dir_Installer\Q-Dir_Installer.exe -d C:\Users\Ruda\Downloads\Q-Dir_Installer
Task: {C795DFDD-E73F-4421-AF65-2DAA23DCD7D5} - System32\Tasks\_DEFAULT => C:\Program Files (x86)\WinThruster\WinThruster.exe
Task: {C8C1F110-C824-438D-A675-90B8ED30FDCF} - System32\Tasks\{69E4AD2B-0444-4F0F-938E-E25216565717} => pcalua.exe -a C:\Users\Ruda\Downloads\irfanviewcestina.exe -d C:\Users\Ruda\Downloads
Task: {C9B0E551-C092-4A34-A052-48938833C4AE} - System32\Tasks\{A6A6EE80-91BB-4C25-B7AE-007E7827504E} => pcalua.exe -a C:\Users\Ruda\Downloads\PuranDefragFree73cz.exe -d C:\Users\Ruda\Downloads
Task: {CC12428E-D56B-4AD1-B482-958669ACE552} - System32\Tasks\{497236D4-2B86-47EE-B2DC-494DE0F459E0} => Chrome.exe http://ui.skype.com/ui/0/6.7.0.102/cs/g ... Error=1603
Task: {CFFF0114-748E-4136-952C-9885E6DFD2BB} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation)
Task: {D03F2332-EE2B-4B19-9FCE-81837046DBA9} - System32\Tasks\{B537248A-7A51-4F21-9537-1F4656D35C43} => pcalua.exe -a "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" -d "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller"
Task: {DC3B6C01-BB96-4CC8-A94A-12D5DADC8CB2} - System32\Tasks\{F1C323FF-2AE3-4EE4-B2A7-664C45CF8786} => pcalua.exe -a C:\Users\Ruda\Downloads\FreeRapid-0.9u3\FreeRapid-0.9u3\frd.exe -d C:\Users\Ruda\Downloads\FreeRapid-0.9u3\FreeRapid-0.9u3
Task: {DCFE36AD-5A4B-4737-8371-E3AECD3D28F2} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2012-06-25] (ASUSTek Computer Inc.)
Task: {E1CC17F3-46BC-4C83-9AB4-2D5301740B16} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-841361005-909514878-2309378359-1002 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe
Task: {E39B3F81-57A4-4C48-A27C-B7BB6641F6D9} - System32\Tasks\{6093F58B-05B8-4885-AC3E-5CBADB3B9EE8} => pcalua.exe -a "C:\Program Files (x86)\Q-Dir\Q-Dir.exe" -c -uninstall
Task: {E3A4C2E2-F09C-4FB8-AB3B-A5C57EA40DB8} - System32\Tasks\{F54D05B9-8665-451C-B33E-50DBCEE2C466} => pcalua.exe -a C:\Users\Ruda\Downloads\FreeRapid-0.9u4\frd.exe -d C:\Users\Ruda\Downloads\FreeRapid-0.9u4
Task: {E86C242E-58BE-4D9E-9CD7-377E682ABDA1} - System32\Tasks\{46D68E75-36A5-415B-870B-2044C36BB17D} => Chrome.exe http://ui.skype.com/ui/0/6.3.0.105/cs/g ... Error=1603
Task: {EAC240FD-628B-421C-B9D9-F9A6699C5447} - System32\Tasks\{8934D43F-07E3-4AC9-8B51-EE69159070D9} => pcalua.exe -a C:\Users\Ruda\Downloads\InstallPlus500.exe -d C:\PerfLogs\Desktop
Task: {EE121801-62E4-413E-90B1-35D247602CDC} - System32\Tasks\{565C191B-0775-4FC9-9A45-B4693D41137F} => pcalua.exe -a "C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe" -d "C:\Program Files (x86)\Maxthon\Bin"
Task: {F1F971D1-C6AC-4C78-BDA2-617D7F2B1D2B} - System32\Tasks\{9153B0BA-90A9-4180-9C9C-7732DF80A851} => pcalua.exe -a C:\Users\Ruda\Downloads\wlsetup-web.exe -d C:\Users\Ruda\Downloads
Task: {F22C2E35-F41F-4796-A405-B7B0FC0004FF} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-02-29] (ASUSTek Computer Inc.)
Task: {F68F5127-7E5C-43A9-B13E-6B79E1600FF9} - System32\Tasks\Wise Disk Cleaner Schedule Task => C:\Program Files (x86)\Wise\Wise Disk Cleaner\WiseDiskCleaner.exe
Task: {F8762AE5-8D0F-4553-964B-38F1CB6524F3} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: {F9CEAC5E-8BD9-4E8D-A9DD-72585A11D274} - System32\Tasks\{D0A82C02-D5B6-40F3-A6FE-5C6222ECAC6A} => Chrome.exe http://ui.skype.com/ui/0/6.3.0.105/cs/g ... Error=1603
Task: {F9F7AE3C-F149-49A5-B175-AA2EAC6D5570} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {FBB56E48-46C1-4174-A6F9-1E58A55FC723} - System32\Tasks\{974A3388-1B51-49AC-ADC4-7C199260FE17} => pcalua.exe -a C:\Users\Ruda\Downloads\iview436_setup.exe
Task: {FC4C46C5-AAE6-4316-9892-FD88BE98D484} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-20] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2014-01-08 20:21 - 2014-05-20 02:25 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-03-25 01:22 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-11-25 20:25 - 2015-02-11 17:25 - 00216576 _____ () C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
2013-04-15 17:39 - 2013-04-15 17:39 - 00073424 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav
2014-11-25 20:11 - 2014-11-25 20:11 - 00221184 _____ () C:\Program Files (x86)\GNU\GnuPG\libksba-8.dll
2014-11-25 20:05 - 2014-11-25 20:05 - 00038400 _____ () C:\Program Files (x86)\GNU\GnuPG\libgpg-error-0.dll
2014-11-25 19:57 - 2014-11-25 19:57 - 00050176 _____ () C:\Program Files (x86)\GNU\GnuPG\libw32pth-0.dll
2014-11-25 20:10 - 2014-11-25 20:10 - 00070144 _____ () C:\Program Files (x86)\GNU\GnuPG\libassuan-0.dll
2014-11-25 20:13 - 2014-11-25 20:13 - 00742912 _____ () C:\Program Files (x86)\GNU\GnuPG\libgcrypt-20.dll
2014-10-10 13:39 - 2015-03-23 17:17 - 00012120 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2012-02-21 23:49 - 2012-02-21 23:49 - 00009216 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2012-01-31 18:25 - 2012-01-31 18:25 - 01163264 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\acAuth.dll
2015-01-07 19:59 - 2015-01-07 19:59 - 01498112 _____ () C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\DAQExp.dll
2015-01-07 19:59 - 2015-01-07 19:59 - 00137728 _____ () C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\CBSCreateVC.dll
2014-11-15 10:42 - 2014-11-15 10:42 - 00316576 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2015-03-22 17:02 - 2015-03-22 17:02 - 01020928 _____ () C:\Users\Ruda\AppData\Roaming\Mozilla\Firefox\Profiles\0hfd64x0.default-1423008048081\extensions\support@lastpass.com\platform\WINNT_x86-msvc\components\lpxpcom.dll
2014-11-17 11:01 - 2000-01-01 01:00 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-02-25 18:46 - 2015-03-10 17:13 - 03348080 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2015-02-25 18:46 - 2015-03-10 17:13 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2015-02-25 18:46 - 2015-03-10 17:13 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Windows\zoek-delete.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\adtschema.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aeinv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aepdu.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aepic.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aitstatic.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\apisetschema.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appidapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appidcertstorecheck.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appidpolicyconverter.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appidsvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appraiser.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atmfd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atmlib.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\audiodg.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\AudioEng.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\AUDIOKSE.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\AudioSes.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\audiosrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\auditpol.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\blackbox.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\credssp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\crypt32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cryptnet.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cryptsp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cryptsvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cryptui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\csrsrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dciman32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\devinv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\drmmgrtn.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\drmv2clt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dxmasf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dxtmsft.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dxtrans.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\EncDump.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\enppmon.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\enppui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\enpres.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ensppmon.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ensppui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\enspres.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\escsvc64.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\esdevapp.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\evr.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\E_GCINST.DLL:$CmdTcID
AlternateDataStreams: C:\Windows\system32\E_YD4BI4E.DLL:$CmdTcID
AlternateDataStreams: C:\Windows\system32\E_YLMI4E.DLL:$CmdTcID
AlternateDataStreams: C:\Windows\system32\fontsub.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\generaltel.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ie4uinit.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieapfltr.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\iedkcs32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieetwcollector.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieetwcollectorres.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieetwproxystub.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieframe.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\iernonce.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\iertutil.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\iesetup.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieUnatt.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\inetcpl.cpl:$CmdTcID
AlternateDataStreams: C:\Windows\system32\invagent.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\JavaScriptCollectionAgent.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\jscript9.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\jscript9diag.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\jsproxy.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\kerberos.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lpk.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lsasrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lsass.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mferror.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mfplat.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mfpmp.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mfps.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\MpSigStub.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\MRT.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msaudite.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msctf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msdxm.ocx:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msfeeds.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mshtml.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\MshtmlDac.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mshtmled.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mshtmlmedia.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msmmsp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msnetobj.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msobjs.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msrating.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msscp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\MsSpellCheckingFacility.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msv1_0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ncrypt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nlasvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ntoskrnl.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvapi64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvcompiler.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvcuda.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvcuvenc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvcuvid.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvd3dumx.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvdispco6434725.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvdispgenco6434725.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\NvFBC64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\NvIFR64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvinitx.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvoglshim64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvoglv64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvopencl.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvumdshimx.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvvsvc.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvwgf2umx.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\oleaut32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pcadm.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pcaevts.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pcalua.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pcasvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pcawrk.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\perftrack.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\powertracker.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\profsvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\qdvd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\quartz.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rdpcorets.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\RdpGroupPolicyExtension.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rdpudd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rrinstaller.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rstrui.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\scesrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\schannel.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\secur32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\setbcdlocale.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\shell32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\smss.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\spwmp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\srclient.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\srcore.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\sspicli.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\sspisrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\TSpkg.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\TSWbPrxy.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ubpm.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\urlmon.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\vbscript.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wdi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wdigest.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\win32k.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WindowsCodecs.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wininet.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\winload.efi:$CmdTcID
AlternateDataStreams: C:\Windows\system32\winload.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\winresume.efi:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wintrust.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wmdrmsdk.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wmp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WMPhoto.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wmploc.DLL:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WSDScDrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\adtschema.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\apisetschema.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\appidapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\atmfd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\atmlib.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\AudioEng.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\AUDIOKSE.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\AudioSes.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\auditpol.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\blackbox.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\credssp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\crypt32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\cryptnet.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\cryptsp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\cryptsvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\cryptui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_42.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\dciman32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\drmmgrtn.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\drmv2clt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\dxmasf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\dxtmsft.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\dxtrans.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\evr.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\FlashPlayerApp.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\fontsub.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\GPhotos.scr:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ieapfltr.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\iedkcs32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ieetwproxystub.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ieframe.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\iernonce.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\iertutil.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\iesetup.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ieui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ieUnatt.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\inetcpl.cpl:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\jscript9.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\jscript9diag.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\jsproxy.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\kerberos.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\lpk.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mediarcpt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mferror.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mfplat.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mfpmp.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mfps.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msaudite.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msctf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msdxm.ocx:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msfeeds.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mshtml.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\MshtmlDac.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mshtmled.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mshtmlmedia.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msnetobj.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msobjs.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msrating.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msscp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msv1_0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msvcr71.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ncrypt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ncsi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nlaapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ntkrnlpa.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ntoskrnl.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nvapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nvcompiler.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nvcuda.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nvcuvenc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nvcuvid.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nvd3dum.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\NvFBC.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\NvIFR.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nvinit.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nvoglshim32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nvoglv32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nvopencl.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nvumdshim.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nvwgf2um.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\oleaut32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\qdvd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\quartz.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\rrinstaller.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\scesrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\schannel.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\secur32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\shell32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\spwmp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\srclient.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\sspicli.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\TSpkg.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ubpm.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\urlmon.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\vbscript.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wdi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wdigest.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\WindowsCodecs.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wininet.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wintrust.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wmdrmsdk.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wmp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\WMPhoto.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wmploc.DLL:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\anvsnddrv.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\appid.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\cng.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\EsgScanner.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\ksecdd.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\ksecpkg.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mountmgr.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mrxdav.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\nvlddmkm.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\nvpciflt.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\PEAuth.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\usbscan.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\VClone.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\WSDPrint.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\WSDScan.sys:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\Drivers\afc.sys:$CmdTcID
AlternateDataStreams: C:\ProgramData\Temp:F169C698
AlternateDataStreams: C:\Users\Ruda\Downloads\7-zip.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ruda\Downloads\adwcleaner_4.113.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ruda\Downloads\adwcleaner_4.113.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ruda\Downloads\ashampoo_getback_photo_18891.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ruda\Downloads\ashampoo_getback_photo_18891.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ruda\Downloads\ashampoo_zip_free.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ruda\Downloads\ashampoo_zip_free.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ruda\Downloads\avc-ultimate.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ruda\Downloads\avc-ultimate.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ruda\Downloads\cc-setup.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ruda\Downloads\cc-setup.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ruda\Downloads\cdbxp_setup_4.5.4.5306.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ruda\Downloads\cdbxp_setup_4.5.4.5306.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ruda\Downloads\dfsetup219.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ruda\Downloads\dfsetup219.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ruda\Downloads\EPSON manual_cs.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Ruda\Downloads\EpsonConnect130.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ruda\Downloads\EpsonConnect130.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ruda\Downloads\FirefoxSetup36.0cz.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ruda\Downloads\FirefoxSetup36.0cz.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ruda\Downloads\FSViewerSetup53(1).exe:$CmdTcID
AlternateDataStreams: C:\Users\Ruda\Downloads\FSViewerSetup53(1).exe:$CmdZnID
AlternateDataStreams: C:\Users\Ruda\Downloads\GoogleEarthWin.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ruda\Downloads\GoogleEarthWin.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ruda\Downloads\GPU-Z.0.8.1.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ruda\Downloads\GPU-Z.0.8.1.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ruda\Downloads\install_flash_player(1).exe:$CmdTcID
AlternateDataStreams: C:\Users\Ruda\Downloads\install_flash_player(1).exe:$CmdZnID
AlternateDataStreams: C:\Users\Ruda\Downloads\install_flash_player_ax.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ruda\Downloads\install_flash_player_ax.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ruda\Downloads\InstalRecepty .exe:$CmdTcID
AlternateDataStreams: C:\Users\Ruda\Downloads\InstalRecepty .exe:$CmdZnID
AlternateDataStreams: C:\Users\Ruda\Downloads\jre-8u31-windows-x64.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ruda\Downloads\jre-8u31-windows-x64.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ruda\Downloads\kontakty.csv:$CmdTcID
AlternateDataStreams: C:\Users\Ruda\Downloads\kontakty.csv:$CmdZnID
AlternateDataStreams: C:\Users\Ruda\Downloads\lastpass_x64.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ruda\Downloads\lastpass_x64.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ruda\Downloads\LibreOffice_4.4.1_Win_x86.msi:$CmdTcID
AlternateDataStreams: C:\Users\Ruda\Downloads\LibreOffice_4.4.1_Win_x86.msi:$CmdZnID
AlternateDataStreams: C:\Users\Ruda\Downloads\Mapa stredoceskych farnosti.pdf:$CmdTcID
AlternateDataStreams: C:\Users\Ruda\Downloads\Mapa stredoceskych farnosti.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Ruda\Downloads\matriky_prislusnost_obce.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Ruda\Downloads\obce_2014.pdf:$CmdTcID
AlternateDataStreams: C:\Users\Ruda\Downloads\obce_2014.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Ruda\Downloads\paint.net.4.0.5.install.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ruda\Downloads\Procmon.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ruda\Downloads\ProgDVB_7.07.1.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ruda\Downloads\ProgDVB_7.07.1.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ruda\Downloads\Q-Dir_Installer.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ruda\Downloads\setup_pdf_converter_pro.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ruda\Downloads\setup_pdf_converter_pro.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ruda\Downloads\skype-setup.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ruda\Downloads\skype-setup.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ruda\Downloads\spsetup128.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ruda\Downloads\spsetup128.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ruda\Downloads\SystemExplorerSetup_640.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ruda\Downloads\SystemExplorerSetup_640.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ruda\Downloads\TeamViewer_Setup.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ruda\Downloads\TeamViewer_Setup.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ruda\Downloads\ThunderbirdSetup31.4.0 .exe:$CmdTcID
AlternateDataStreams: C:\Users\Ruda\Downloads\ThunderbirdSetup31.4.0 .exe:$CmdZnID
AlternateDataStreams: C:\Users\Ruda\Downloads\TiskObalek_CZ_3227.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ruda\Downloads\TiskObalek_CZ_3227.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ruda\Downloads\vlc-2.2.0-win32.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ruda\Downloads\vlc-2.2.0-win32.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ruda\Downloads\vlozeni_certifikatu KB_cz.pdf:$CmdTcID
AlternateDataStreams: C:\Users\Ruda\Downloads\vlozeni_certifikatu KB_cz.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Ruda\Downloads\wlsetup-all.exe:$CmdTcID
AlternateDataStreams: C:\Users\Ruda\Downloads\wlsetup-all.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ruda\Downloads\XnView-win.exe:$CmdZnID
AlternateDataStreams: C:\Users\Ruda\AppData\Roaming\inst.exe:$CmdTcID

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-841361005-909514878-2309378359-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Ruda\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1 - 8.8.8.8

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: GeekBuddyRSP => 2
MSCONFIG\Services: NAUpdate => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: TeamViewer => 2
MSCONFIG\Services: VideoAcceleratorService => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Skype.lnk => C:\Windows\pss\Skype.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Ruda^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Odeslat do OneNote.lnk => C:\Windows\pss\Odeslat do OneNote.lnk.Startup
MSCONFIG\startupreg: ASUSWebStorage => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.144.298\AsusWSPanel.exe /S
MSCONFIG\startupreg: Family Tree Builder Update => C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe
MSCONFIG\startupreg: Google+ Auto Backup => "C:\Users\Ruda\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe" /autostart
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: PDFPrint => C:\Program Files (x86)\PDF24\pdf24.exe
MSCONFIG\startupreg: tvncontrol => "C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" -controlservice -slave

==================== Accounts: =============================

63ruda99 (S-1-5-21-841361005-909514878-2309378359-1014 - Administrator - Enabled)
Administrator (S-1-5-21-841361005-909514878-2309378359-500 - Administrator - Disabled)
Guest (S-1-5-21-841361005-909514878-2309378359-501 - Limited - Enabled) => C:\Users\Guest
Ruda (S-1-5-21-841361005-909514878-2309378359-1002 - Administrator - Enabled) => C:\Users\Ruda

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/25/2015 11:39:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: plugin-container.exe, verze: 36.0.4.5557, časové razítko: 0x550d0883
Název chybujícího modulu: mozalloc.dll, verze: 36.0.4.5557, časové razítko: 0x550cfa82
Kód výjimky: 0x80000003
Posun chyby: 0x00001e02
ID chybujícího procesu: 0x1050
Čas spuštění chybující aplikace: 0xplugin-container.exe0
Cesta k chybující aplikaci: plugin-container.exe1
Cesta k chybujícímu modulu: plugin-container.exe2
ID zprávy: plugin-container.exe3

Error: (03/25/2015 11:11:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: plugin-container.exe, verze: 36.0.4.5557, časové razítko: 0x550d0883
Název chybujícího modulu: mozalloc.dll, verze: 36.0.4.5557, časové razítko: 0x550cfa82
Kód výjimky: 0x80000003
Posun chyby: 0x00001e02
ID chybujícího procesu: 0x1a68
Čas spuštění chybující aplikace: 0xplugin-container.exe0
Cesta k chybující aplikaci: plugin-container.exe1
Cesta k chybujícímu modulu: plugin-container.exe2
ID zprávy: plugin-container.exe3

Error: (03/25/2015 10:41:42 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: plugin-container.exe, verze: 36.0.4.5557, časové razítko: 0x550d0883
Název chybujícího modulu: mozalloc.dll, verze: 36.0.4.5557, časové razítko: 0x550cfa82
Kód výjimky: 0x80000003
Posun chyby: 0x00001e02
ID chybujícího procesu: 0x1480
Čas spuštění chybující aplikace: 0xplugin-container.exe0
Cesta k chybující aplikaci: plugin-container.exe1
Cesta k chybujícímu modulu: plugin-container.exe2
ID zprávy: plugin-container.exe3

Error: (03/25/2015 02:35:45 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005

Error: (03/25/2015 01:56:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Explorer.EXE, verze: 6.1.7601.17567, časové razítko: 0x4d672ee4
Název chybujícího modulu: EXPLORERFRAME.dll, verze: 6.1.7601.17514, časové razítko: 0x4ce7c6a8
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000411ce
ID chybujícího procesu: 0x%9
Čas spuštění chybující aplikace: 0xExplorer.EXE0
Cesta k chybující aplikaci: Explorer.EXE1
Cesta k chybujícímu modulu: Explorer.EXE2
ID zprávy: Explorer.EXE3

Error: (03/25/2015 01:40:06 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005

Error: (03/25/2015 00:42:27 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: plugin-container.exe, verze: 36.0.4.5557, časové razítko: 0x550d0883
Název chybujícího modulu: mozalloc.dll, verze: 36.0.4.5557, časové razítko: 0x550cfa82
Kód výjimky: 0x80000003
Posun chyby: 0x00001e02
ID chybujícího procesu: 0x219c
Čas spuštění chybující aplikace: 0xplugin-container.exe0
Cesta k chybující aplikaci: plugin-container.exe1
Cesta k chybujícímu modulu: plugin-container.exe2
ID zprávy: plugin-container.exe3

Error: (03/25/2015 00:42:27 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: plugin-container.exe, verze: 36.0.4.5557, časové razítko: 0x550d0883
Název chybujícího modulu: mozalloc.dll, verze: 36.0.4.5557, časové razítko: 0x550cfa82
Kód výjimky: 0x80000003
Posun chyby: 0x00001e02
ID chybujícího procesu: 0x2650
Čas spuštění chybující aplikace: 0xplugin-container.exe0
Cesta k chybující aplikaci: plugin-container.exe1
Cesta k chybujícímu modulu: plugin-container.exe2
ID zprávy: plugin-container.exe3

Error: (03/24/2015 09:52:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: plugin-container.exe, verze: 36.0.4.5557, časové razítko: 0x550d0883
Název chybujícího modulu: mozalloc.dll, verze: 36.0.4.5557, časové razítko: 0x550cfa82
Kód výjimky: 0x80000003
Posun chyby: 0x00001e02
ID chybujícího procesu: 0x2df0
Čas spuštění chybující aplikace: 0xplugin-container.exe0
Cesta k chybující aplikaci: plugin-container.exe1
Cesta k chybujícímu modulu: plugin-container.exe2
ID zprávy: plugin-container.exe3

Error: (03/24/2015 09:52:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: plugin-container.exe, verze: 36.0.4.5557, časové razítko: 0x550d0883
Název chybujícího modulu: mozalloc.dll, verze: 36.0.4.5557, časové razítko: 0x550cfa82
Kód výjimky: 0x80000003
Posun chyby: 0x00001e02
ID chybujícího procesu: 0x1d68
Čas spuštění chybující aplikace: 0xplugin-container.exe0
Cesta k chybující aplikaci: plugin-container.exe1
Cesta k chybujícímu modulu: plugin-container.exe2
ID zprávy: plugin-container.exe3


System errors:
=============
Error: (03/25/2015 03:39:11 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníSpuštění{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (pomocí LRPC)

Error: (03/25/2015 03:38:59 PM) (Source: ipnathlp) (EventID: 30013) (User: )
Description: 25.144.235.58192.168.137.0255.255.255.0

Error: (03/25/2015 03:38:59 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description:

Error: (03/25/2015 03:38:08 PM) (Source: SNMP) (EventID: 1500) (User: )
Description: Služba SNMP zjistila při přístupu ke klíči registru SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration chybu.

Error: (03/25/2015 03:38:04 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Adaptér naslouchání Net.Tcp závisí na službě Služba sdílení portů Net.Tcp, která neuspěla při spuštění v důsledku následující chyby:
%%1058

Error: (03/25/2015 03:21:14 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0

Error: (03/25/2015 02:14:51 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (03/25/2015 02:14:48 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (03/25/2015 02:14:46 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (03/25/2015 02:14:45 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.


Microsoft Office Sessions:
=========================
Error: (03/25/2015 11:39:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe36.0.4.5557550d0883mozalloc.dll36.0.4.5557550cfa828000000300001e02105001d066e63200cd26C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll2f0c8628-d2db-11e4-ace4-94dbc999140f

Error: (03/25/2015 11:11:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe36.0.4.5557550d0883mozalloc.dll36.0.4.5557550cfa828000000300001e021a6801d066e242b759e3C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll55e0566c-d2d7-11e4-9aee-94dbc999140f

Error: (03/25/2015 10:41:42 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe36.0.4.5557550d0883mozalloc.dll36.0.4.5557550cfa828000000300001e02148001d066de3258c475C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll24325295-d2d3-11e4-8ce5-94dbc999140f

Error: (03/25/2015 02:35:45 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005

Error: (03/25/2015 01:56:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175674d672ee4EXPLORERFRAME.dll6.1.7601.175144ce7c6a8c000000500000000000411ce

Error: (03/25/2015 01:40:06 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005

Error: (03/25/2015 00:42:27 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe36.0.4.5557550d0883mozalloc.dll36.0.4.5557550cfa828000000300001e02219c01d0667493d1459cC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll6d4716e4-d27f-11e4-aec7-94dbc999140f

Error: (03/25/2015 00:42:27 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe36.0.4.5557550d0883mozalloc.dll36.0.4.5557550cfa828000000300001e02265001d0668bdfd92992C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll6d459044-d27f-11e4-aec7-94dbc999140f

Error: (03/24/2015 09:52:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe36.0.4.5557550d0883mozalloc.dll36.0.4.5557550cfa828000000300001e022df001d066740e0edb79C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dllbdb1a8bf-d267-11e4-aec7-94dbc999140f

Error: (03/24/2015 09:52:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe36.0.4.5557550d0883mozalloc.dll36.0.4.5557550cfa828000000300001e021d6801d06674194e36e2C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dllb6adb27b-d267-11e4-aec7-94dbc999140f


CodeIntegrity Errors:
===================================
Date: 2014-11-16 23:51:45.335
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\IT9135BDA.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-11-16 23:51:45.242
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\IT9135BDA.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-11-16 23:46:25.555
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\IT9135BDA.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-11-16 23:46:25.384
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\IT9135BDA.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-10-22 15:48:44.609
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\IT9135BDA.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-10-22 15:48:44.546
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\IT9135BDA.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-10-22 15:43:39.254
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\IT9135BDA.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-10-22 15:43:39.185
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\IT9135BDA.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-09-15 20:13:30.760
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\IT9135BDA.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-09-15 20:13:30.610
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\IT9135BDA.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel(R) Pentium(R) CPU B970 @ 2.30GHz
Percentage of memory in use: 61%
Total physical RAM: 3979.91 MB
Available physical RAM: 1522.1 MB
Total Pagefile: 9946.1 MB
Available Pagefile: 6969.69 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:186.3 GB) (Free:62.09 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (DATA) (Fixed) (Total:254.14 GB) (Free:37.06 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 30EC77D9)

Partition: GPT Partition Type.

==================== End Of Log ============================

Re: kontrola logu

Napsal: 25 bře 2015 17:59
od altrok
Zdravim rudy630 :bye:

spletl jste si topic - tento zalozil nekdo jiny :)
pokracujte v tom, ktery jste zalozil Vy :)

Re: kontrola logu

Napsal: 25 bře 2015 18:02
od zdenek6041
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 11-03-2015
Ran by Zdeněk at 2015-03-25 16:18:28
Running from C:\Users\Zdeněk\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

2007 Microsoft Office system (HKLM\...\PROHYBRIDR) (Version: 12.0.4518.1014 - Microsoft Corporation)
Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: - )
Asistent pro přihlášení ke službě Windows Live (HKLM\...\{3E62B27C-342F-4B44-9331-CA4BC59A586F}) (Version: 5.000.818.5 - Microsoft Corporation)
Avast Free Antivirus (HKLM\...\avast) (Version: 10.0.2208 - AVAST Software)
Broadcom 802.11 Wireless Driver (HKLM\...\{8991E763-21F5-4DEA-A938-5D9D77DCB488}) (Version: 1.0.0.0 - )
Broadcom Gigabit Integrated Controller (HKLM\...\{49F3D04B-B849-4C89-AB31-2366A004EA28}) (Version: 12.24.02 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 3.01 - Piriform)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.119.0.60 - Conexant)
Dropbox (HKU\S-1-5-21-3394328646-3757079861-1465878226-1003\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
EasyCapture (HKLM\...\EasyCapture4.0) (Version: V4.0.09.1015 - Lenovo)
Energy Management (HKLM\...\{AE1E24C2-E720-42D5-B8E1-48F71A97B4DB}) (Version: 4.3.1.5 - Lenovo)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Chrome (HKLM\...\Google Chrome) (Version: 41.0.2272.101 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
HijackThis 2.0.2 (HKLM\...\HijackThis) (Version: 2.0.2 - TrendMicro)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1994 - Intel Corporation)
Intel(R) TV Wizard (HKLM\...\TVWiz) (Version: - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
Junk Mail filter update (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
KC Softwares VideoInspector (HKLM\...\KC Softwares VideoInspector_is1) (Version: - KC Softwares)
Lenovo EasyCamera (HKLM\...\{4BB1DCED-84D3-47F9-B718-5947E904593E}) (Version: 6.96.2018.19 - Lenovo EasyCamera)
Lenovo OneKey Recovery (HKLM\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.0723 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 7.0.0723 - CyberLink Corp.) Hidden
Lenovo ReadyComm 5 (HKLM\...\{17542DBF-E17C-4562-BC4D-FA3EF3076C45}) (Version: 5.1.1.20 - Lenovo)
Lenovo ReadyComm 5.0 Service (HKLM\...\{76C66170-C538-4E77-B54D-48E136B5B533}) (Version: 5.0.0.1 - Lenovo Group Limited)
Malwarebytes Anti-Malware verze 2.1.4.1018 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{BD68F46D-8A82-4664-8E68-F87C55BDEFD4}) (Version: 9.00.4035.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.4035.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{56B4002F-671C-49F4-984C-C760FE3806B5}) (Version: 9.00.4035.00 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Mozilla Firefox 36.0.4 (x86 cs) (HKLM\...\Mozilla Firefox 36.0.4 (x86 cs)) (Version: 36.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 36.0 - Mozilla)
Nástroj pro odesílání služby Windows Live (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
PC Speed Up Extension (HKLM\...\PC Speed Up Extension) (Version: 1.24.151.151 - Speedchecker)
PolarEditOctagon 1018 v 0.6.2.3 (HKLM\...\{7AA2C7DA-ECDD-46CC-9716-313B0EA050EB}_is1) (Version: - Polarstern)
Power2Go (HKLM\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.4809d4 - CyberLink Corp.)
Realtek USB 2.0 Card Reader (HKLM\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30101 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.450.0 - SAMSUNG Electronics Co., Ltd.)
Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SlimDrivers (HKLM\...\{A5457401-D56A-43F2-9524-78E54A7FC07A}) (Version: 2.2.32705 - SlimWare Utilities, Inc.)
Součásti připojení sady Microsoft Office Small Business (HKLM\...\{A939D341-5A04-4E0A-BB55-3E65B386432D}) (Version: 2.0.7024.0 - Microsoft Corporation)
ThinkPad Bluetooth with Enhanced Data Rate Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.4500 - Broadcom Corporation)
TomTom HOME 2.7.6.2056 (HKLM\...\TomTom HOME) (Version: 2.7.6.2056 - TomTom)
TomTom HOME Visual Studio Merge Modules (HKLM\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 7.55 - Ghisler Software GmbH)
Trust GM-4600 Gamer Mouse (HKLM\...\WheelMouse) (Version: - )
Update for Office 2007 (KB934528) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{2B939677-2FFD-48F6-9075-7BF48CB87C80}) (Version: - Microsoft)
Update for Office System 2007 Setup (KB929722) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{D8E9BEBD-655F-467D-8176-CA9959C140A3}) (Version: - Microsoft)
Vag-com Max 2000 (HKLM\...\VagCom) (Version: - )
Windows Driver Package - Broadcom Bluetooth (06/15/2009 6.2.0.9000) (HKLM\...\B7541EC5F72AA713F557569278EB6273725F5607) (Version: 06/15/2009 6.2.0.9000 - Broadcom)
Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405) (HKLM\...\A6A8668C0A13640CA28FE2A7D9654BE4AE478B13) (Version: 07/30/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\BF20603967CFDCB2BBF91950E8A56DFBC5C833FE) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{068B46A0-8858-4CEB-80BC-A4AE787A05FC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR (HKLM\...\WinRAR archiver) (Version: - )
Wise Registry Cleaner 5.9.4 (HKLM\...\Wise Registry Cleaner_is1) (Version: 5.9.4 - ZhiQing Soft, Inc.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3394328646-3757079861-1465878226-1003_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Zdeněk\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3394328646-3757079861-1465878226-1003_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Zdeněk\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3394328646-3757079861-1465878226-1003_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Zdeněk\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3394328646-3757079861-1465878226-1003_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Zdeněk\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3394328646-3757079861-1465878226-1003_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Zdeněk\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)

==================== Restore Points =========================

01-02-2015 21:05:15 Windows Update
17-02-2015 17:25:03 Windows Update
23-03-2015 20:01:56 Windows Update
23-03-2015 21:08:39 Windows Update
23-03-2015 21:32:13 SlimDrivers Installing Drivers
24-03-2015 16:40:12 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0D02A5BC-23D8-4218-91A6-29C680997BEC} - System32\Tasks\{B831BD46-89C2-4B04-8F6A-70B8C404CCE0} => Iexplore.exe http://ui.skype.com/ui/0/5.3.0.111/en/a ... baroffered
Task: {1130593A-D808-44A1-8ECC-417EC6CF0AD2} - System32\Tasks\{CF2DF267-5E8E-407E-801F-CD58C408E228} => Firefox.exe http://ui.skype.com/ui/0/6.18.0.106/cs/ ... Error=1603
Task: {20C88444-B630-42FF-9206-53F96444C664} - System32\Tasks\{75E65C49-F76C-4D6E-911A-D81BCD82D1C5} => Firefox.exe http://ui.skype.com/ui/0/6.18.0.106/cs/ ... Error=1603
Task: {27B66D7E-4888-4E77-BCF1-3A63BD84CCB5} - System32\Tasks\Úklid 1 kliknutím => D:\Program Files\TuneUp Utilities 2009\OneClickStarter.exe
Task: {2C8E0D39-82D1-4940-BE99-2A6BE5184456} - System32\Tasks\{1A0F1986-97AC-4644-A118-0A306E85512F} => Firefox.exe http://ui.skype.com/ui/0/6.16.59.105/cs ... Error=1603
Task: {30CA4CF1-D955-45BF-BD7A-3DF76EF2DDD4} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3394328646-3757079861-1465878226-1003 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {399A7343-3665-41B2-A06E-66751996DEF1} - System32\Tasks\{55CF4070-0B68-4F70-8EC5-33D5C673002E} => Firefox.exe http://ui.skype.com/ui/0/6.18.0.106/cs/ ... Error=1603
Task: {43CDCE66-9100-4C98-B47F-714504A7F8EF} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3394328646-3757079861-1465878226-1003 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {51926171-DA02-46EE-A5E8-EEF935E20659} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-12-20] (Google Inc.)
Task: {56670722-4345-40A4-922E-0B79EB54CB00} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {5FD432E7-661F-4E9F-92D9-B306A38569E7} - System32\Tasks\{386D41CF-A55C-4351-9C3C-F9D452A9BD0B} => Iexplore.exe http://ui.skype.com/ui/0/4.2.0.187/cs/a ... baroffered
Task: {6553551B-BA18-42A0-A0A3-47F12935D16C} - System32\Tasks\Real Networks Scheduler => C:\Program Files\Real\RealPlayer\update\realsched.exe [2015-02-01] (RealNetworks, Inc.)
Task: {75FA6948-6DDF-45D4-AEC7-7F983EB85578} - System32\Tasks\{1B226949-2083-46DE-90A4-A26909956997} => Firefox.exe http://ui.skype.com/ui/0/6.14.0.104/cs/ ... Error=1603
Task: {7F869F70-7174-4AED-A116-00018DC4EC57} - System32\Tasks\avast! Emergency Update => C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe [2014-12-20] (AVAST Software)
Task: {812669B3-CC6E-4066-8A04-120708585641} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3394328646-3757079861-1465878226-1003 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe
Task: {8ACD3EDA-12D9-4B7F-A763-550DA8D52E8D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-12-20] (Google Inc.)
Task: {9CE2A073-00B2-48C5-8581-5EB53DD9CBCA} - System32\Tasks\{1B139DAD-8E5E-4BED-A59E-0586D7D92118} => Iexplore.exe http://ui.skype.com/ui/0/5.3.0.120/en/a ... velpresent
Task: {AB27F838-4803-4377-8B6E-FDD56C7D4C7F} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3394328646-3757079861-1465878226-1003 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {AC6CFC30-C573-4F12-A722-F035DA756AF1} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3394328646-3757079861-1465878226-1003 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe
Task: {BFB7ABFA-9FB3-492E-9548-732CFC808976} - System32\Tasks\avastBCLRestartS-1-5-21-3394328646-3757079861-1465878226-1003 => Chrome.exe
Task: {CBD65F29-1781-4B44-A892-F13FBAB17BA3} - System32\Tasks\Adobe Flash Player Updater => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-28] (Adobe Systems Incorporated)
Task: {E40A4F2F-DA04-4320-9FAA-BA4B0D6E24EC} - System32\Tasks\{14A30FC2-D1F6-4F0B-891F-F62CDDE0EAA8} => Firefox.exe http://ui.skype.com/ui/0/6.16.59.105/cs ... Error=1603
Task: {ECF0D5B6-1AD6-41D2-A43F-524D58688716} - System32\Tasks\{23839C3D-EF3B-4C09-A1F4-6C08F96BA3CA} => Firefox.exe http://ui.skype.com/ui/0/6.18.0.106/cs/ ... Error=1603
Task: {EE158374-1707-407B-BD20-1728F87C54F5} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3394328646-3757079861-1465878226-1003 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {F0476AFC-1ADF-4F0E-BF6F-A987215BC581} - System32\Tasks\{9C38B60D-2E6E-4014-ADB2-56B7D37696B0} => pcalua.exe -a "C:\Program Files\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" -d "C:\Program Files\VS Revo Group\Revo Uninstaller"
Task: {F52A71B9-4A53-4841-9A04-F0257B060AFB} - System32\Tasks\{F9AE3FDD-9BC5-4B41-9978-E7522BAAE770} => Firefox.exe http://ui.skype.com/ui/0/6.14.0.104/cs/ ... Error=1603

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\{40ACDD22-3700-447B-8F5B-9C7E2B63EA04}.job => c:\program files\mozilla firefox\firefox.exebhttp:/ui.skype.com/ui/0/6.18.0.106/cs/go/
Task: C:\windows\Tasks\Úklid 1 kliknutím.job => D:\Program Files\TuneUp Utilities 2009\OneClickStarter.exe

==================== Loaded Modules (whitelisted) ==============

Re: kontrola logu

Napsal: 25 bře 2015 18:09
od altrok
:arrow: Vypnete trvale Windows Defender - http://windows.microsoft.com/cs-cz/wind ... =windows-7


  • Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
  • ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
  • znovu spustte FRST a kliknete na Fix
  • po restartu bude na plose ulozen fixlog, jehoz obsah mi vlozte do pristi odpovedi

    Kód: Vybrat vše

    Start
CloseProcesses:
DeleteKey: HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\PC Speed Up Extension
DeleteKey: HKU\S-1-5-21-3394328646-3757079861-1465878226-1003\SOFTWARE\APPDATALOW\SOFTWARE\PC Speed Up Extension
C:\Program Files\PC Speed Up Extension

HKU\S-1-5-21-3394328646-3757079861-1465878226-1003\...\Run: [GoogleChromeAutoLaunch_A42918919352F7586F1A353E6349BDF8] => C:\Program Files\Google\Chrome\Application\chrome.exe [809288 2015-03-14] (Google Inc.)

HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
FF Plugin: @microsoft.com/GENUINE -> disabled No File
CHR Extension: (PC Speed Up Extension) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\mpfkfpmlciebaiepdediekoemmjaoong [2015-03-25]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - No Path Or update_url value
CHR HKLM\...\Chrome\Extension: [mpfkfpmlciebaiepdediekoemmjaoong] - C:\Users\Zdeněk\AppData\Local\PC Speed Up Extension\Chrome\PC Speed Up Extension.crx [2012-11-04]

2015-03-25 16:14 - 2015-03-25 16:14 - 00112640 _____ (forum.viry.cz) C:\Users\Zdeněk\Desktop\FRSTLauncher.exe
2015-03-24 21:58 - 2015-03-24 21:58 - 00000364 _____ () C:\windows\PFRO.log
2015-03-24 16:08 - 2015-03-24 16:08 - 02168320 _____ () C:\Users\Zdeněk\Desktop\adwcleaner_4.113.exe
2015-03-24 17:24 - 2015-03-24 17:25 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Zdeněk\Downloads\mbam-setup-2.1.4.1018.exe
2015-03-23 19:33 - 2015-03-23 19:35 - 00000000 ____D () C:\rsit
2015-03-23 19:32 - 2015-03-23 19:32 - 01107968 _____ () C:\Users\Zdeněk\Downloads\RSIT.exe
2015-03-25 16:14 - 2012-11-04 17:07 - 00000000 ____D () C:\Program Files\PC Speed Up Extension
2015-03-24 16:17 - 2014-01-13 16:09 - 00000000 ____D () C:\AdwCleaner
2013-10-18 16:28 - 2013-10-18 16:28 - 50053120 _____ () C:\Program Files\GUTC755.tmp
C:\ProgramData\ezsid.dat

DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleChromeAutoLaunch_A42918919352F7586F1A353E6349BDF8
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe

Task: {27B66D7E-4888-4E77-BCF1-3A63BD84CCB5} - System32\Tasks\Úklid 1 kliknutím => D:\Program Files\TuneUp Utilities 2009\OneClickStarter.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\{40ACDD22-3700-447B-8F5B-9C7E2B63EA04}.job => c:\program files\mozilla firefox\firefox.exebhttp:/ui.skype.com/ui/0/6.18.0.106/cs/go/
Task: C:\windows\Tasks\Úklid 1 kliknutím.job => D:\Program Files\TuneUp Utilities 2009\OneClickStarter.exe
Hosts:
EmptyTemp:
End

Re: kontrola logu

Napsal: 25 bře 2015 18:24
od zdenek6041
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 11-03-2015
Ran by Zdeněk at 2015-03-25 18:17:43 Run:2
Running from C:\Users\Zdeněk\Desktop
Loaded Profiles: Zdeněk (Available profiles: Zdeněk)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
DeleteKey: HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\PC Speed Up Extension
DeleteKey: HKU\S-1-5-21-3394328646-3757079861-1465878226-1003\SOFTWARE\APPDATALOW\SOFTWARE\PC Speed Up Extension
C:\Program Files\PC Speed Up Extension

HKU\S-1-5-21-3394328646-3757079861-1465878226-1003\...\Run: [GoogleChromeAutoLaunch_A42918919352F7586F1A353E6349BDF8] => C:\Program Files\Google\Chrome\Application\chrome.exe [809288 2015-03-14] (Google Inc.)

HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Plugin: @microsoft.com/GENUINE -> disabled No File
CHR Extension: (PC Speed Up Extension) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\mpfkfpmlciebaiepdediekoemmjaoong [2015-03-25]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - No Path Or update_url value
CHR HKLM\...\Chrome\Extension: [mpfkfpmlciebaiepdediekoemmjaoong] - C:\Users\Zdeněk\AppData\Local\PC Speed Up Extension\Chrome\PC Speed Up Extension.crx [2012-11-04]

2015-03-25 16:14 - 2015-03-25 16:14 - 00112640 _____ (forum.viry.cz) C:\Users\Zdeněk\Desktop\FRSTLauncher.exe
2015-03-24 21:58 - 2015-03-24 21:58 - 00000364 _____ () C:\windows\PFRO.log
2015-03-24 16:08 - 2015-03-24 16:08 - 02168320 _____ () C:\Users\Zdeněk\Desktop\adwcleaner_4.113.exe
2015-03-24 17:24 - 2015-03-24 17:25 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Zdeněk\Downloads\mbam-setup-2.1.4.1018.exe
2015-03-23 19:33 - 2015-03-23 19:35 - 00000000 ____D () C:\rsit
2015-03-23 19:32 - 2015-03-23 19:32 - 01107968 _____ () C:\Users\Zdeněk\Downloads\RSIT.exe
2015-03-25 16:14 - 2012-11-04 17:07 - 00000000 ____D () C:\Program Files\PC Speed Up Extension
2015-03-24 16:17 - 2014-01-13 16:09 - 00000000 ____D () C:\AdwCleaner
2013-10-18 16:28 - 2013-10-18 16:28 - 50053120 _____ () C:\Program Files\GUTC755.tmp
C:\ProgramData\ezsid.dat

DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleChromeAutoLaunch_A42918919352F7586F1A353E6349BDF8
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe

Task: {27B66D7E-4888-4E77-BCF1-3A63BD84CCB5} - System32\Tasks\Úklid 1 kliknutím => D:\Program Files\TuneUp Utilities 2009\OneClickStarter.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\{40ACDD22-3700-447B-8F5B-9C7E2B63EA04}.job => c:\program files\mozilla firefox\firefox.exebhttp:/ui.skype.com/ui/0/6.18.0.106/cs/go/
Task: C:\windows\Tasks\Úklid 1 kliknutím.job => D:\Program Files\TuneUp Utilities 2009\OneClickStarter.exe
Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\PC Speed Up Extension => Key Deleted successfully.
HKU\S-1-5-21-3394328646-3757079861-1465878226-1003\SOFTWARE\APPDATALOW\SOFTWARE\PC Speed Up Extension => Failed to delete key at first attempt (Error: C0000121), see next line.
HKU\S-1-5-21-3394328646-3757079861-1465878226-1003\SOFTWARE\APPDATALOW\SOFTWARE\PC Speed Up Extension => Key Deleted Successfully.
C:\Program Files\PC Speed Up Extension => Moved successfully.
HKU\S-1-5-21-3394328646-3757079861-1465878226-1003\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_A42918919352F7586F1A353E6349BDF8 => value deleted successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Local Page => Value was restored successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\mpfkfpmlciebaiepdediekoemmjaoong => Moved successfully.
"HKLM\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl" => Key deleted successfully.
"HKLM\SOFTWARE\Google\Chrome\Extensions\mpfkfpmlciebaiepdediekoemmjaoong" => Key deleted successfully.
C:\Users\Zdeněk\AppData\Local\PC Speed Up Extension\Chrome\PC Speed Up Extension.crx => Moved successfully.
C:\Users\Zdeněk\Desktop\FRSTLauncher.exe => Moved successfully.
C:\windows\PFRO.log => Moved successfully.
C:\Users\Zdeněk\Desktop\adwcleaner_4.113.exe => Moved successfully.
C:\Users\Zdeněk\Downloads\mbam-setup-2.1.4.1018.exe => Moved successfully.
C:\rsit => Moved successfully.
C:\Users\Zdeněk\Downloads\RSIT.exe => Moved successfully.
"C:\Program Files\PC Speed Up Extension" => File/Directory not found.
C:\AdwCleaner => Moved successfully.
C:\Program Files\GUTC755.tmp => Moved successfully.
C:\ProgramData\ezsid.dat => Moved successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM => Key Deleted successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher => Key Deleted successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite => Key Deleted successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleChromeAutoLaunch_A42918919352F7586F1A353E6349BDF8 => Key Deleted successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe => Key Deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{27B66D7E-4888-4E77-BCF1-3A63BD84CCB5}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{27B66D7E-4888-4E77-BCF1-3A63BD84CCB5}" => Key deleted successfully.
C:\Windows\System32\Tasks\Úklid 1 kliknutím => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Úklid 1 kliknutím" => Key deleted successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\windows\Tasks\{40ACDD22-3700-447B-8F5B-9C7E2B63EA04}.job => Moved successfully.
C:\windows\Tasks\Úklid 1 kliknutím.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 473.8 MB temporary data.


The system needed a reboot.

==== End of Fixlog 18:18:41 ====

Re: kontrola logu

Napsal: 25 bře 2015 18:29
od altrok
Vyborne, log je ted cisty. Jak se chova pocitac? Zacneme uklizet nebo budeme patrat dal?

Re: kontrola logu

Napsal: 25 bře 2015 18:56
od zdenek6041
pc se chová zatím dobře, nešlo by ještě zrychlit start systému? Prohlížeč Firefox se mi zdá, že nabíchá pomalu. Když naběhne tak jede ok.
Všechny časy jsou v UTC+01:00
Stránka 1 z 3

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz